This week, I’ve been engrossed in Rory Sutherland’s book Alchemy — and frankly, I’m embarrassed it took me this long.

It’s a brilliant reminder that the best ideas in business often don’t make sense — at least not rationally. They work because they tap into how people feel about value, trust, danger, and loss.

It got me thinking:

🧠 Why Logic Can Be a Trap

We love risk registers, frameworks, and actuarial models.
But they’re often built on a hidden assumption:

👉 That people behave rationally.

(Spoiler: they don’t.)

When it comes to risk, emotion often beats calculation. Not because people are stupid — but because in uncertain, complex environments, feelings are faster, stickier, and (sometimes) more protective than spreadsheets.

Here’s how that shows up in practice:

🔸 People don’t fear the most statistically likely outcome — they fear what feels uncertain.
🔸 A risk that looks managed is often more reassuring than one that is managed.
🔸 Most risk communication fails because it explains when it should empathise.
🔸 Stakeholders want confidence, not caveats.

🛠 Practical Shifts to Build a Smarter Risk Culture

If you want risk management to actually work in the real world, you need people to internalise it instinctively — not just comply with it mechanically.

Here are four shifts that stand out:

✅ Frame Risk in Human Terms, Not Technical Ones

• Risk isn’t just about probabilities and severities — it’s about how people feel about danger, loss, and uncertainty.

• If you want teams to spot and respond to risks early, you have to talk about it in language they live every day.

• Example: Instead of “third-party vendor failure risk,” say, “What happens if our partners let us down when we need them most?”

✅ Use Storytelling and Symbolism, Not Just Spreadsheets

• Data doesn’t move people. Stories do.

• Strong risk cultures are built on shared narratives: cautionary tales, close calls, "we almost lost it" moments.

• Symbolism matters too — small rituals, visible reminders, and common language that keep risk felt and seen, not buried inside a monthly report.

✅ Design for Confidence, Not Compliance

• Compliance is a box-ticking exercise. Confidence is a felt sense: “We know how to act when things go wrong.”

• Good risk management empowers people to make smart decisions under uncertainty — not just follow procedures.

✅ Build Trust, Not Just Processes

• Good risk culture isn’t about having the thickest handbook or the longest compliance checklist. It’s about creating an environment where people trust that raising a risk, challenging assumptions, or flagging uncertainty will be valued, not punished.

• If your people don’t trust the system (or worse, don't trust each other) no amount of documentation will save you.

• Trust turns risk management from a box-ticking exercise into a living, breathing part of how decisions get made. It turns technical protection into a bigger emotional contract: "We’re ready. We’ve thought about this. We’ve got each other’s backs."

🧠 The Real Lesson

Don’t just quantify risk.
Psychologise it.

If your risk strategy only makes sense to a spreadsheet, it won’t survive first contact with real people.

Logic might explain risk, but it doesn’t move people to act on it — or to trust your judgment when it matters.

If you want your risk strategy to hold up under real pressure, you have to design for something messier: belief, instinct, confidence.

Risk culture isn’t a technical problem. It’s a human one.

Disclaimer: This post is for general informational purposes only. It does not constitute legal or financial advice. Always consult qualified professionals for guidance tailored to your specific situation.