MEASURING AND MITIGATING REPUTATIONAL RISK SEPTEMBER 2014
|
|
|
- Norma McDowell
- 8 years ago
- Views:
Transcription
1 SEPTEMBER 2014
2 DEFINING REPUTATIONAL RISK WHAT DO WE MEAN BY AN ORGANIZATION S REPUTATION? Everything an organization does or says creates an indelible impression in the minds of its key stakeholders senior management, employees, customers, local communities, investors, and so on. The sum total of all these interactions represents your reputation. Reputation Risk: A Rising C-Suite Imperative 2014, Oliver Wyman 2
3 DEFINING REPUTATIONAL RISK: MISSED EXPECTATIONS Reputation is a consequence of corporate behavior that motivates stakeholders to behave in ways that either reward or punish the corporation. Kossovsky, N. Reputation, Stock Price and You: Why the market rewards some companies and punishes others 2012, Apress 3
4 WHERE REPUTATIONAL RISK ARISES TYPES OF EVENTS GIVING RISE TO REPUTATIONAL RISK* BAD CONDUCT QUESTIONABLE JUDGMENT OPERATIONAL SHORTCOMINGS EXTERNAL ATTACKS Disreputable exposure to controversial clients or countries Misuse of customer data or information Doing business in an unethical manner Misrepresentation of company position to the market Illegal or fraudulent activities by rogue individuals/groups Workplace violence Unexpected exposures in non-core markets Unfortunate behavior by company leaders Overly aggressive tax avoidance and other regulatory bending Excessive executive compensation Business activities that contradict core brand values Mishandled response to operational/conduct failure Major product or service quality failure Badly executed business strategy Poor customer relations Non-performance of core infrastructure (including IT) Poor labor standards and approach to labor issues Local or larger disaster caused by the company or its suppliers Business disruption from a natural or man-made disaster Collateral damage from a peer company incident Incorrect or unfounded rumors and accusations Negative public remarks by politicians/public institutions Protest group opposition to business activities * Actual events may overlap between these categories Source: Oliver Wyman 4
5 REPUTATIONAL RISK RESPONSIBILITY FUNCTIONAL RESPONSIBILITIES FOR KEY REPUTATION RISK MANAGEMENT ACTIVITIES RISK ASSESSMENT Marketing BRAND DEVELOPMENT Risk and Compliance Risk and Compliance Chief Executive / Senior Management Communications RISK MITIGATION Operational Business Units Units Operational Business CRISIS MANAGEMENT Note: The organizational location of these functions varies across industries and companies. Moreover, business continuity may sit within risk, operations, or independently. Source: Oliver Wyman 5
6 A TOP 10 RISK TOP RISKS 2014 C-SUITE 1) Legal or Regulatory Shifts RISK PROFESSIONAL 1) Data Security / Privacy 2) Litigation or Claims 2) Economic Conditions 3) Regulatory Compliance 3) Brand / Reputation 4) Brand / Reputation 4) Natural Disaster 5) Economic Conditions 5) Regulatory Compliance 6) Workforce Health and Safety 7) Business Continuity / Crisis Management Execution 6) Litigation or Claims 7) Legal or Regulatory Shifts 8) Talent Availability 8) Technology / Systems Failure 9) Competitors 9) Supply Chain Vulnerability 10) Business Disruption 10) Business Continuity / Crisis Management Execution Source: 2014 Excellence in Risk Management Survey 6
7 REPUTATIONAL RISKS AND THE BOARD Reputational risk is now more prominent at the board level. Structural options: Risk committee. Reputational risk committees. Plenary discussion. How do boards know whether the organization is addressing reputational risk adequately? Ability to monitor the existence and proper operation of reputational risk management arrangements, including the testing of crisis responses. Receipt of regular and ad hoc reports about trends, incidents, and proposals that may have significant reputational implications. 7
8 REPUTATIONAL RISK: DETERMINANTS OF IMPACT EVENT-BASED FACTORS CONTEXTUAL FACTORS Event Origin Endogenous vs. exogenous. On-strategy vs. off-strategy vs. accidental damage vs. malicious action. Core service or product failure vs. peripheral activity. Systemic governance or cultural failure vs. unstoppable rogue individual. Company Situation First time vs. repeat offense. Degree of alignment with recent financial performance story. Brand resilience and financial strength. Market positioning and scope for customer switching or competitor advantage. Event Characteristics High vs. low profile of key involved parties. Incident geographically close to vs. remote from key stakeholders. External damage-causing vs. internal commotion. Potential high financial loss to firm vs. embarrassment only. Company Response Level of concern for affected parties. Speed of attention. Quality of corrective action. Perception of trustworthiness. External Influences Industry characteristics. Confinement to company vs. industry-wide contagion. Degree of popular interest and social media activity. Extent of politicization of the incident and potential tightening of regulatory scrutiny. Source: Oliver Wyman 8
9 REPUTATIONAL RISK IMPACT IMPACT Stock price drops in S&P 500 companies ( ): 12.6% PROPORTION OF SUDDEN STOCK PRICE DROPS THAT ARE RELATED TO REPUTATION, IMAGE, PRICING, AND PRESENCE IN THE MARKET 80 WEEKS AVERAGE TIME FOR THE COMPANY STOCK PRICE TO RECOVER Source: Wharton, Corporate Strategies for Managing Catastrophic Risks in the S&P 500, 2013 Note: A stock price drop is defined as a drop in the company stock price that is greater than 20% within a 10-day period relative to changes in the industry average. Stock price drops from reputational damage emerged as the largest category in the study. 9
10 UNDERSTANDING OF REPUTATION HAS MATURED 2004 Company-centered 2014 Stakeholder-centered Pricing power Vendor considerations Gross margin Employee engagement EBITDA Creditor confidence Net income Investor expectations Stock price Qualitative Quantitative Source: Steel City Re 10
11 Model: Behavioral Economics Big Data: Signature Extraction Reputation Income Statement Executives and Board Members COMPANY Source: Steel City Re 11
12 REPUTATION RISK MANAGEMENT PHASES Understand Vulnerability Assess risks and damage Review corporate reputation Integrate with ERM and oversight Build Resilience Reinforce values and brand Strengthen crisis preparedness Adjust operations (and strategy) Regain Trust* Review processes, governance, etc. Embed sustainable solutions Revitalize stakeholder engagement Resolve Crisis* Demonstrate ownership Communicate decisively Implement a swift fix for problem * Required measures will vary depending on the incident. Source: Oliver Wyman 12
13 PREPARING FOR REPUTATIONAL RISK WHAT CAN AN ORGANIZATION DO TO PREPARE TO MANAGE REPUTATIONAL RISK? Building an accurate picture of your reputational strengths and weaknesses is the essential first step to beginning to manage reputation strategically. Reputation Risk: A Rising C-Suite Imperative 2014, Oliver Wyman 13
14 BEST PRACTICES A robust and well-maintained corporate preparedness program includes crisis management, business continuity, and emergency response. In addition, companies with world-class corporate preparedness programs: Have senior management involvement. Maintain program with appropriate resources. Build preparedness into the organization s culture. Ensure that the elements of the program are well integrated. Recognize the unique requirements of countries, cultures, etc. Practice all the way to the top of the organization. 14
15 LOOKING AT THE RANGE OF RISKS Establish a core management approach that can be employed regardless of the event. Consistent, stable, repeatable process. Can be relied upon no matter what happens. Next, add specific management details, unique risks, additional planning, or unique requirements. All planning and preparedness aims to improve the response time and minimize an event s impact on your organization. 15
16 IMPACT DRIVERS Minimizing the reputational impact on an organization from an adverse event is going to be driven by four key things: 1. Detecting the problem early and getting visibility to the right levels of your organization quickly. 2. Engaging a well-practiced team or teams to manage not only the event but other potential impacts. 3. Transitioning out of chaos and moving toward a proactive and controlled response. 4. Taking bold action: Getting in front of the situation. 16
17 SOCIAL MEDIA A RAPID RISE IN CONNECTIVITY PERCENT OF WORLD POPULATION MATCHED BY A GROWING USE OF SOCIAL MEDIA ACTIVE MONTLY USERS (MILLIONS) JANUARY 2014 DATA CAGR FACEBOOK % SMARTPHONE 45% CAGR INTERNET 13% CAGR YOUTUBE QZONE GOOGLE TWITTER % 33% N/A 90% TUMBLR TENCENT WEIBO % % Source: Connectivity: IDC, CI Almanac, Nua Ltd., Internet World Stats, ITU, BI Intelligence estimates, Gartner, IDC, Strategy Analytics, company filings, World Bank Social media: Marketing Land, 2012, USA Today, ComScore 2009, Mashable Youtube facts, Social Time, SEC Filings, press releases, TechCrunch 2009 and 2013, Mashable 2009, Bloomberg 2014, Web2Asia Rounded approximations for January 2014 for all except YouTube, which is from CAGR since 2009 unavailable for Google+ due to 2011 launch date. Oliver Wyman analysis
18 This document and any recommendations, analysis, or advice provided by Marsh (collectively, the Marsh Analysis ) are not intended to be taken as advice regarding any individual situation and should not be relied upon as such. This document contains proprietary, confidential information of Marsh and may not be shared with any third party, including other insurance producers, without Marsh s prior written consent. Any statements concerning actuarial, tax, accounting, or legal matters are based solely on our experience as insurance brokers and risk consultants and are not to be relied upon as actuarial, accounting, tax, or legal advice, for which you should consult your own professional advisors. Any modeling, analytics, or projections are subject to inherent uncertainty, and the Marsh Analysis could be materially affected if any underlying assumptions, conditions, information, or factors are inaccurate or incomplete or should change. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Except as may be set forth in an agreement between you and Marsh, Marsh shall have no obligation to update the Marsh Analysis and shall have no liability to you or any other party with regard to the Marsh Analysis or to any services provided by a third party to you or Marsh. Marsh makes no representation or warranty concerning the application of policy wordings or the financial condition or solvency of insurers or reinsurers. Marsh makes no assurances regarding the availability, cost, or terms of insurance coverage. Marsh is one of the Marsh & McLennan Companies, together with Guy Carpenter, Mercer, and Oliver Wyman. Copyright 2014 Marsh LLC. MA All rights reserved.
