Book review: The regulatory craft - Controlling Risks, Solving Problems and Managing Compliance by Malcolm K. Sparrow

Are you working in a policy-setting team and, at the same time, would you really like to see problems occurring in reality being solved?
How do you normally answer the typical dilemma between theoretical governance and effective policy-implementation in reality?

If the answer to the first question is "yes" and the answer to the second question is "hardly", this book by Malcolm K. Sparrow is for you. Also if the answer to the second question was "I am doing fine but I am running out of ideas", then this is your book to read, too.

It has 4 parts, about 330 pages and a myriad of real examples coming from the author's broad experience.

Part 1 sets the scene describing current regulatory practices and the very much used process improvement approach. A useful manner to achieve a gain delta i.e. improvements (but non-major) in policy implementation.

Part 2 proposes an innovative way to achieve bigger gains than those obtained with process improvement. The author calls it "problem solving" i.e. the capacity to focus on a specific non-compliant situation and to make it compliant. In other words, the possibility to solve real problems, one after the other.

Once a problem is listed, identified and selected, it needs to be precisely defined and, as important as that, the problem-solving team needs to set up a way to measure impact.

Only when these initial steps are thoroughly reflected and mature, one can start with the design of the measures to be taken and their implementation and monitoring. It seems pretty common sense, however, this approach is often not followed.

Together with this problem-solving approach, the author mentions different systems that need to be in place: a problem nomination and selection system, a resource and responsibility assignment system, an oversight and review system and finally, three additional systems: a reporting system, a support system and a learning and reward system.

Clearly problem-solving is not just an ad-hoc alternative to process improvement. It is a thoroughly thought through approach to manage compliance while providing value to the community.

With regard to reactive, proactive and preventive techniques, the author states that the three of them are valid and useful. He adds a valuable ingredient: using risk control as the meter to decide which technique to use in each moment.

Part 3 of the book is precisely devoted to risk control. The innovative element that would empower compliance in their quest towards excellence. The author makes risk management pivotal to apply problem solving techniques.

Risk management methodologies (like the ones also mentioned here and there) and strategic thinking would then become working tools to guide our daily work and to make it effective, regardless of the compliance field we are working on.

Worth mentioning are three risks whose treatment is, according to the author, somehow challenging: "Invisible risks", "risks involving opponents" and "risks for which prevention is paramount".

Certainly in a risk-centered world, the task to assess current and new risks, mostly know as intelligence gathering, becomes crucial for success.


The last part of the book, Part 4, provides examples and summarises proposals.

All in all, a reference for those responsible to make out of a compliance agency a successful story!

Happy problem solving and risk control!

Solving height problems