Tougher SAM risk management standards might make people feel better but they won’t make children safer

Child USA has just issued this excellent, detailed comparison of child sexual abuse and misconduct (SAM) policy documents across 32 US Catholic Archdioceses. 

Their survey found the policies to be inconsistent between each other and incomplete compared to abuse prevention best practices.  To address the inconsistencies and incompleteness, the report recommends more, and more detailed, mandatory SAM risk management standards and policies.

There are four problems with the recommendations.

  1. Risk management policies between Archdioceses should be inconsistent. The Archdiocese of Anchorage and the Archdiocese of Los Angeles do not have the same risks and cannot manage risk the same way. 
  2. Archdiocesan risk management policies are incomplete, but they are far more incomplete than is described in the report.  The incompleteness identified in the report is that some Archdiocesan safe environment programs are more complete than others.  The missing incompleteness is enterprise-wide risk management (ERM).  To clarify, safe environment policies are a traditional ‘prevent and mitigate’ approach to negative events.  They were the basis on which the Church first formally responded to the abuse crisis in 2002.  But the report also talks about the need for the Church to “restore its damaged mission”.  Prevent and mitigate strategies deal with negative events but have almost no ability to influence the outcome of positive objectives.  For that, organizations also need ERM, which is currently missing in all but a few Archdioceses.
  3. “Best practices” sounds comforting but is nearly meaningless at present.  SAM risk management practices are not currently measured, so most practices currently touted as “best” are subjective and, if Moneyball is any guide, are just as likely to be flawed as best.  ERM is the main exception.   The performance of organizations using ERM is consistently ‘better’ by a number of important metrics compared to those using traditional prevent and mitigate strategies.
  4. More mandatory standards will continue to inhibit the tailoring of risk management programs that is necessary to address the true extent of the incompleteness of current Archdiocesan risk management programs and turn around the fortunes of the Catholic Church in the US. To be successful, ERM programs must be tailored to an organization’s environment, stakeholders, objectives, and a number of other attributes.  Mandatory standards take no account of an organization’s attributes, so more mandatory standards will prevent the Church from turning the abuse crisis around.

Rather than more mandatory standards, a set of solutions is required to address a set of SAM risk management problems, which problems extend far beyond the Catholic Church.  The set of solutions needed to deliver effective SAM risk management to any organization looking after minors and vulnerable adults will include:

  1. The facility for an organization to design their SAM risk management system according to their objectives, risks, and capabilities because one size system doesn’t fit all, even among Catholic Archdioceses.
  2. Reliable information and analysis to objectively identify best practices.
  3. Incentives for organizations to manage SAM risk consistently well.  SAM is rare, so organizations are currently only punished for managing SAM risk poorly if they are ‘unlucky’ enough to face a SAM event.
  4. An ability to quickly understand and adapt SAM risk management to change.  COVID is changing SAM and SAM risk dramatically on top of years of already significant change, yet SAM risk management hasn’t changed materially in 20 years.

We will shortly be launching BOKRIM, a platform delivering this set of solutions.  If you would like to know more about BOKRIM when we launch, please sign up below to be notified of the launch.

Leave a Reply