Trust Lines vs. Reporting Lines: The Hidden Risk Network

Why Your Perfect Risk Management Framework Depends on Relationships That Don't Exist

“The IT Director won’t even look at me in meetings,” the Risk Manager confided.

Three weeks into mapping a bank’s digital transformation; on paper, everything aligned perfectly. In reality, invisible battle lines had already determined its fate.

Org charts show who reports to whom. They miss who actually trusts whom.

The Visual Truth

==== UNBREAKABLE Connection: Deep trust, open communication

━━━ STRONG Connection: Mutual respect, reliable connection

•••••• WEAK Connection: Limited interaction, surface relationship

〰️〰️ BROKEN Connection: Active conflict, zero trust


What the Org Chart Showed:
CEO → Risk Director → Risk Team → Business Units

What Actually Existed:

CEO ═══ Finance Head 〰️〰️ Ops Manager •••••• Risk Director 〰️〰️ IT Team


When they mapped the actual trust network, the failure became obvious:

• IT Director had BROKEN lines with 3 business heads ⚡

• Change champion had WEAK links to frontline teams

• The “resistant” VP? UNBREAKABLE bonds with key implementers

They’d assigned the wrong champions.

The Exercise That Changes Everything

Give your team coloured markers:

1. Draw your org chart

2. Map who people actually go to for help

3. Mark trust levels using the visual code

4. Circle where decisions really get made

The gaps will shock you.

What I Discovered

In every failed risk management initiative I’ve examined:

• Trust travels through coffee conversations, not committees

• BROKEN relationships block even direct reports

• Your “difficult” stakeholder often has the strongest network

One regional organisation discovered their risk culture framework bypassed formal channels through WhatsApp groups. The informal trust network was stronger than 20 years of governance structure.

The Numbers Don’t Lie

Your most “difficult” stakeholder often has the strongest trust network. That VP One client tracked both:

• Org chart compliance: 87%

• Trust line effectiveness: 23%

After rebuilding around trust lines:

• Incident reporting: Up 340%

• Policy adoption: 95% (was 43%)

• Time to implement changes: 60% faster
  
  

“We built a perfect process for people who don’t trust each other to execute.”

– Every failed initiative

Your 10-Minutes Trust Test

Tomorrow at 10am:

1. List 5 people critical to your next risk initiative

2. Rate your trust level with each (1-10)

3. Rate their trust level with each other

4. Any score below 7? That’s your failure point

Fix the relationship before you fix the process.

Three global organisation now run trust mapping before any transformation. One CISO told me: “We spent millions on process. The solution was three coffee conversations.”

Traditional risk management asks: “Is everyone following the process?”

Human-centered risk management asks: “Can the people who need to trust each other actually do so?””

Sometimes the biggest risk isn’t in your processes. It’s in pretending relationships don’t matter.

Your next risk assessment: Stop counting signatures. Start mapping trust.

---

Which invisible line will determine your success tomorrow?

---

If you enjoyed this read, the best compliment I could receive would be if you shared it.