I really enjoyed the story by Joe Nocera in the New York Times: Risk Mismanagement. The author focuses on the failures of risk management during the most recent financial crisis.
The author starts with the failure of the VaR (Value at Risk) model used by many companies. He then moves on to the theories of Taleb captured in his book Black Swan (next on my reading list).
Taleb says that Wall Street risk models, no matter how mathematically sophisticated, are bogus; . . . . And the essential reason for this is that the greatest risks are never the ones you can see and measure, but the ones you can’t see and therefore can never measure. . . . Because we don’t know what a black swan might look like or when it might appear and therefore don’t plan for it, it will always get us in the end.
The key for a compliance professional is do handle the current know risks to your company, while at the same time keeping an eye out for unknown risks.