Nigel Churton, vice-chairman of Control Risks, talks to Mark Rowe at the consultancy’s offices beside the River Thames.
It has become one of the year’s regular features – like IFSEC, only the ankles do not hurt – to visit Nigel Churton in late summer, for us to sit around the rectangular table in his office, for him to sit on the chair nearest his desk, so that he is looking over the Thames – Control Risks are on the south bank, between Southwark Cathedral and HMS Belfast – and I am sat on his right. And Nigel discusses the year’s trends, and risks, and something of what the consultancy is doing. 7-7 has come, and passed, and plc boards are taking security more seriously. I noticed this year that Nigel was saying, as in previous years, that times were interesting. This is not to suggest that he is repeating himself; rather, that he does not lose his enthusiasm for the work, and for all the things going on. Indeed, a person with an interest in the world is something of a requirement for a job at the consultancy, for the work can be intellectually stimulating, and demanding. He gave an example of a team working for a client on a threat in Asia, coming through email. "The forensics guys have actually tracked the emails right back to a competitor company, and we are now advising on a crisis management basis how our clients are now approaching that competitor company." As Nigel said, the intellectual content of that work has been satisfying, because the client had no idea that competitors – or at least some of the competitor’s staff – would do such a thing. That a client would not have the expertise to do such an investigation in-house means that consultancies such as Control Risks, which started 30 years ago, can stay in business. It started offering crisis management, and still does. The unexpected keeps cropping up, such as business travellers in trouble, as featured in the September issue of Professional Security. The intellectual satisfaction comes from dealing with what Nigel calls ‘the high end of the market’. So part of the consultancy’s work – indeed, to help it stay in business, offering services to clients – is to watch what is happening in the world, trying to anticipate the next threats, so that clients can try and prepare. And it is one thing to see a trend coming, thanks to researchers around the world, but another thing to get the year right. And to do that requires people; recruitment of the best people: "And they ain’t cheap," Nigel says, just as the top lawyers or accountants or IT people may cost a client £400 or £4000 a day. He raised doubts as to whether there are enough top calibre people out there, in the UK. Certainly the consultancy has begun a graduate training scheme, whereas historically the government trained Control Risks’ staff – Nigel’s background for instance being the British Army. Others may come from the intelligence services, or the police. Graduates may have degrees in political sciences, or history or geography, and get taught in risk. Or they may come from the IT world; besides there is a need for engineers, for systems work. "It’s a cross-section." <br><br>So what do you need to work for Control Risks? A broad view of the world, an interest in affairs, rather than the right degree. Put another way, something for the consultancy to build on, to add security and risk management knowledge. As Nigel puts it, it’s easier to recruit people with brains and train them, than try and give people brains. Trainees take the risk MSc university courses offered at Leicester, or Loughborough, or Strathclyde in Glasgow. Such training takes time; years. And corporate life goes on meanwhile. <br><br>Which brings us back to what interesting things Nigel sees. Such as a move by the big plcs to bring corporate security in-house, to appoint EMEA (Europe-Middle East-Africa), Asia Pacific and Latin America regional security managers. And no longer the ‘corporate cop’, but managers in charge of assurance, and compliance: "People want to know that what they are doing is being done properly." Such security managers may come from a business background, who have learned about security. In an uneasy financial climate, companies may put more emphasis on due diligence, whether before a merger, or other transaction, or taking people on. A theme of Nigel during this talk is assurance – if in a globalised economy you, a plc, have out-sourced a call centre to India or manufacturing to China, you want assurance that your intellectual property is protected, that products do not have to be recalled. This does not call for the corporate cop worrying about locks and uniformed guards – though someone has to handle them. These issues – business continuity being another – are about protecting the whole business. <br><br>In the UK, Nigel recalls that when the Security Industry Authority came in there was a dream that it would enhance the standing of the security officer, give officers a higher role, as part of the police family, and clients would pay more. Nigel wonders if the reality is like that at all, while the SIA regulation has taken the criminals out of the system. By contrast, he points to the great success of Project Griffin, begun in London and rolled out to other cities. And corporate security managers cannot keep their eyes off the ball, whether it’s single issue protesters to do with Heathrow and climate change, or animal rights. And as for crime and the fear of crime, the impact on corporate security is that staff have to feel safe and confident that their home is secure. Whether you like it or not, such feelings do affect staff performance, just as if there is a bomb threat at a high-rise building, sickness rates for companies on the top floor will go up, because of workers worrying whether they would get out of the building. Everyone wants a degree of reassurance, Nigel says; that things are under control, that standards are consistent across the business, whether for physical or information security. And to repeat a risk consultancy, if it is to earn its corn for clients, has to offer an element of prediction, whether it’s Russia or some other country becoming more or less risky for a plc to operate in, or whether there’s an economic downturn coming that might lead to more corporate fraud – not necessarily because managers steal more in a recession, but if they try malpractice to make the books balance. Or, a plc may seek to recover assets rather than simply sack a suspected fraudster. And yet bear in mind that in a downturn plcs may look to cut consultancy services. Life indeed does not stop looking interesting.
