Part I: A Failure of Governance and Systems

To borrow a famous malapropism, it must feel like deja vu all over again.

Deloitte Touche Tohmatsu forensics expert Tim Phillipps knows all too well just what devastation the twin ills of useless management information and a lack of strong governance can bring down on a corporation's head. He saw it when he led the investigation into the collapse of Bond Corporation, which culminated in the arrest, conviction and jailing of disgraced businessman Alan Bond for defrauding the shareholders of Bell Resources of $1.2 billion in the early 1990s. And he has just seen it again a decade or so on after overseeing most of the financial investigations - for ASIC, for APRA and then for the Royal Commission - into the HIH insurance collapse, one of the largest corporate collapses Australia has ever seen.

It seems some people never can learn from history after all.

For while the information systems available to Bond Corporation 10 years ago are hardly comparable to those potentially available today, and while governance - such a hot topic in 2003 - barely made it onto the radar screen at the height of Bond's dominance of the Australian business scene, Phillipps says there are depressing similarities between the two. The reasons behind the collapse of Bond Corporation have faithful echoes in the collapse of HIH. And Phillipps fears there are plenty of other companies equally incapable of learning from history that could end up in the same situation.

The implications for CIOs are profound. Catalyst Consulting director Chris Dellit, who provides independent advice to organisations on governance issues, argues that for CIOs, the HIH collapse illustrates the correlation between the inadequacy of management systems and inadequate governance. "While there is substantial evidence of inappropriate and self-serving conduct on the part of HIH's governors, it is really the lack of a structured approach to HIH's strategy, performance and measurement that made it possible to rack up enormous losses, particularly in its overseas operations," Dellit says.

A Flawed Model

There's no doubt HIH failed in large part because of an inherent flaw in its business model - it consistently under-provided for its claims - but in his damning April 2003 Royal Commission report, Commissioner Justice Neville Owen also found breakdowns of governance and oversight structures at every level of HIH and failings in information management systems that left decision makers largely in the dark.

HIH's board, management, auditors and regulator were incompetent and lacked diligence, Owen found. Answering to a domineering, all-powerful CEO, Ray Williams, the board presided over a string of ill-advised acquisitions and expansions - to a total cost of more than $3 billion - without ever analysing the group's strategy or assessing its risks. Worst, the aggressive acquisition strategy and the creation of more than 200 subsidiaries not only caused HIH to grow exponentially over the course of a decade in insurance markets that were already overcrowded and competitive, it left the company with no useful way of determining its exact financial position at any one point in time.

"Amidst other problems, HIH was plagued by a variety of deficiencies in its information systems," Justice Owen found. "As a result, it was deprived of timely and reliable information as a basis for management decisions. Questions concerning the reliability of information provided to management and the group's ability to keep track of the financial impact of its operations arose time and again throughout the commission's inquiries."

The problems were exacerbated by a complex corporate structure. Worse, the board so seldom questioned or rejected a recommendation from management that it became unhealthily dependent on the advice of senior management to the detriment of its own independence. Senior management of HIH appeared to have no "clearly defined statement of duties or limits on authority". Middle managers had taken steps that resulted in the falsification of the corporation's accounts or returns lodged with statutory authorities and were disinclined to accept responsibility for undesirable practices.

For Phillipps, who describes HIH's information systems as a "dismal failure", and says the issue for Justice Owen was whether there was much governance at all, the findings are wearyingly familiar. At Bond Corporation too, all-powerful directors intimidated middle managers unwilling to either take them on, or even take ownership of their own decisions. And what computer systems there were left all too much to be desired.

"I can tell you that it was a similar situation there where there were some very, very good people at the second tier level, but frankly with the dominance of [senior executives] Tony Oates, Alan Bond and Peter Mitchell and so on, it was very, very difficult for them to play a role. And the information systems weren't there. That was the late 80s and we just didn't have good information systems," Phillipps says.

"If you go back to the HIH example, one of the difficulties was that they had something in the order of about 19 different systems contributing critical financial and management information. They were all different systems, coming from a variety of different cultures and platforms, and there was never any effort to try and integrate them in a technological sense. So the information would be taken off and they would try and merge it together at various levels throughout the organisation. At each tier of management it would be merged again and again and again until when it got to the top line of management it was largely incomprehensible. [And] when you look at some of the comments Justice Owen has made in his summary I think it's pretty clear that the governance issue was [also] a very significant factor in all of this."