EA should absolutely be vetting its funding more. You already gave three reasons: risk of the funding drying up (diversification being a possible solution), legal obligations (as evidenced by the possibility of clawbacks), and the reputational effects of EA laundering its funders’ reputations. There are also significant reputational effects going the other way, as evidenced by the costs of SBF’s fall to EA’s reputation.
I guess it depends on what we mean by “vetting funding”. EA should definitely do more to understand and manage the nature and extent of the risks it is exposed to—i.e. general risk management. I don’t think we need to wait for much more information to make such an assessment—the way this has unfolded with so many grant recipients, etc seeming to have been caught completely unprepared is enough evidence that the EA community’s risk management and communication were lacking.
But some people also seem to suggest “vetting funding” means EA should be trying to find fraud or other malfeasance in its donors. (That is suggested by the OP’s post and is what I meant by “vetting funding” in my previous comment). I’m less sure about this claim. It’s not clear how much due diligence is required in these cases vs how much due diligence EA actually did. So this is something that, as the OP suggests, would benefit from more information before coming to a conclusion.
Edit: Put another way, I think there are two questions:
Should EA have conducted better risk management? I think the answer on this question is quite clearly “yes”.
Would that “better risk management” have detected this fraud?
I’ve seen some discussions conflating the two. Even if the answer to the second is “no “or “unclear”, EA’s risk management practices could still be improved. That’s all I’m saying.
Risk management as a field (or component of internal auditing) has ground rules where it can determine the key areas of how a certain organization should function and what are the areas where such org may fail. At its basic form, it will Risk managers are assessing inflows and outflows of cash and the policies behind those functions. They will also see how the management process is being performed and potential conflicts of interest issues.
Setting up an internal audit function that regularly assess the risk landscape of any EA org the soonest can help avert future fraud. As I have mentioned in my other posts, fraud is very hard to detect especially when collusion is in play—yet I again strongly point out that this is the best practice in traditional systems of conducting transactions when large sums of money are involved. Not following best practices will always leave possibilities for gaps to where fraudulent actors may exploit.
EA should absolutely be vetting its funding more. You already gave three reasons: risk of the funding drying up (diversification being a possible solution), legal obligations (as evidenced by the possibility of clawbacks), and the reputational effects of EA laundering its funders’ reputations. There are also significant reputational effects going the other way, as evidenced by the costs of SBF’s fall to EA’s reputation.
I guess it depends on what we mean by “vetting funding”. EA should definitely do more to understand and manage the nature and extent of the risks it is exposed to—i.e. general risk management. I don’t think we need to wait for much more information to make such an assessment—the way this has unfolded with so many grant recipients, etc seeming to have been caught completely unprepared is enough evidence that the EA community’s risk management and communication were lacking.
But some people also seem to suggest “vetting funding” means EA should be trying to find fraud or other malfeasance in its donors. (That is suggested by the OP’s post and is what I meant by “vetting funding” in my previous comment). I’m less sure about this claim. It’s not clear how much due diligence is required in these cases vs how much due diligence EA actually did. So this is something that, as the OP suggests, would benefit from more information before coming to a conclusion.
Edit: Put another way, I think there are two questions:
Should EA have conducted better risk management? I think the answer on this question is quite clearly “yes”.
Would that “better risk management” have detected this fraud?
I’ve seen some discussions conflating the two. Even if the answer to the second is “no “or “unclear”, EA’s risk management practices could still be improved. That’s all I’m saying.
Hi Trish,
Risk management as a field (or component of internal auditing) has ground rules where it can determine the key areas of how a certain organization should function and what are the areas where such org may fail. At its basic form, it will Risk managers are assessing inflows and outflows of cash and the policies behind those functions. They will also see how the management process is being performed and potential conflicts of interest issues.
Setting up an internal audit function that regularly assess the risk landscape of any EA org the soonest can help avert future fraud. As I have mentioned in my other posts, fraud is very hard to detect especially when collusion is in play—yet I again strongly point out that this is the best practice in traditional systems of conducting transactions when large sums of money are involved. Not following best practices will always leave possibilities for gaps to where fraudulent actors may exploit.
All the best,
Miguel