top of page

Risk Management in Debt Collection

I was discussing risk management with a client the other day when they highlighted that risk management was new to their team, this made me think.

Under OFT regulation there was absolutely no requirement for collection agencies to manage their risks, so the idea of risk management is new for the collection industry. Consequently, most of the industry’s staff, and management, have no grounding in the subject. This evidences itself when we audit debt collection or purchase organisations, where we often find a neglected, sorry-looking or outright abandoned risk register. We give top marks to the few organisations who consistently endeavour with their process, although few and far between.

The FCA, of course, have placed a direct obligation on us to manage our risk in accordance with their rules. This has changed the game, clients no longer accept neglected risk management processes and nor should we. So, what steps do we take to brighten up our management of risk?

Broadly speaking we should take a two-step approach:

  1. Education

  2. Revisit your risk management policy and process

Where do we start?


As always with compliance, we are managing the buy-in of people within the business. This is always the most important step to achieving our compliance goals. Without everyone, especially managers, working together to manage risk, it is a battle lost. The idea of allowing a single department to manage risk without contribution from other departments is a non-starter. Risk is wide-spread, multi-faceted and unique to each department; all personnel must be in a position to identify and raise risks. It is worth considering how we develop buy-in.

Let’s look at the reasons why people resist change. Here are some responses I have heard throughout my career, these ought to be familiar:

  1. I don’t have time

  2. I don’t see the commercial benefit

  3. I don’t understand what you want me to do

Ultimately, the above “reasons” come down to the following real reasons for resisting change:

  1. Loss of control – remedied by allowing those affected choice within the risk management framework, or even better, allowing them to be part of creating the risk management process.

  2. Everything seems difficult – We are creatures of habit, changing the way we work naturally creates difficulty for us and our team. Routines become automatic, but change jolts us into consciousness, sometimes in uncomfortable ways. Too many differences can be distracting or confusing. Education is the solution.

  3. Uncertainty – if change feels like being walked blindfolded, people will reject it. Education is the tool you have to remove the blindfold.

  4. More work / not enough time – change can be perceived to take up time and it may well do in the short term. But what you must focus on is the time and effort savings your change will represent in the medium to long term.


We mentioned the solution of education twice above, this is an important step to creating a strong risk management framework in your organisation. It not only helps you to manage change, thus increasing buy-in but guarantees success of your framework.

One of the reasons for failure of the risk management process is individuals not understanding the definition of a risk, failing to routinely raise risks in accordance with company policy and an inability to accurately “rate” the risk. Moreover, the single most important reason for failure is individuals shying away from the process because they don’t understand it. Confidence is something you must provide your team with.

Education is the way we provide confidence to our teams. Sitting a short course on risk management can provide learners with the basic knowledge, skills and understanding to:

  1. Buy-into the risk management process and thus become less likely to create barriers and more likely to continually raise risks

  2. Not shy away from the process

  3. Have the knowledge to effectively follow the process

Revisit your risk management policy and process

We also recommend that you revisit your key documents and processes. Were they created by someone who did not quite understand risk management? Is it lean (an absolute requirement for risk management)? What are its key weaknesses?

Research shows that successful risk management frameworks have the following common traits:

  1. Risk management permeates the whole organisation, driven by board level engagement

  2. Process for raising risks does not rely solely on individuals – instead regular, structured, risk reviews with each department should be used alongside the ability to individually raise risks Multiple drivers sought to improve the function – both internal and external factors

  3. Culture and awareness – ensuring a strong culture and awareness of risk is embedded from day 1 through induction training.

  4. Figurehead – a figurehead continually pushing the message is helpful but more importantly someone there to offer support, advice and guidance produces greater results.

Conduct Rules Training.png
Corporate Compliance Training

Our online compliance training platform is specially designed for firms looking to book a number of learners on our courses

Stacked Books
Compliance Resources

Our online compliance resources provide all the information you need to know in relation to compliance hot topics.

bottom of page