About Nir Kossovsky

Nir Kossovsky is the chief executive of Steel City Re and author of “Reputation, Stock Price and You: Why the market rewards some companies and punishes others” (Apress, 2012).

Reputational Crises Put CEOs at Risk

When reputational crises hit, market cap, sales, margins and profits are all on the line. And these situations are becoming more frequent—and more costly—than ever, with a recent study showing an increase in losses from reputational attacks increasing by more than 400% in the past five years.

But it is not only the corporate entity facing challenges, individuals in leadership—particularly CEOs—face personal risk as well. It has become clear that CEOs need tools to protect themselves as well as their companies’ reputations. Since damage from reputational attacks takes place in the court of public opinion, traditional liability solutions, such as directors and officers coverage, are not effective. But new tools are available in the form of a reputation assurance solution that can help deter attacks from even happening and bundled insurances to mitigate the damage when they do occur.

Research by Steel City Re has found that:

  • Financial losses related to reputational attacks have increased by more than 400% in the past five years, a trend that continues.
  • There is an increase in public anger and, as a result, more blame is being cast upon recognizable targets, such as CEOs.
  • Anger by stakeholders is fueled by disappointment—the gap between expectations and reality—which is all too often fueled by the company’s own actions.

Against that backdrop, the turnover rate among CEOs is increasing, with 58 of the S&P 500’s CEOs transitioning out of their jobs in 2016 according to SpencerStuart (although not all as a result of reputational crises). That is the highest number since 2006, a 13% increase over 2015, and a 57% increase over 2012.

If that weren’t enough reason for concern, history shows that when strong companies and their brands come under fire, their reputations eventually recover, despite the initial and medium-term impacts. Individual reputations of those companies’ leadership are not nearly as resilient, however, especially at a time when society; be it the media, social media, politicians or direct stakeholders; seems intent on personifying crises and affixing blame on individuals in positions of authority. And for CEOs, a reputational crises can affect their career and compensation for many years ahead.

In this environment, it is essential that risk managers understand the tools that are available to protect both companies and senior executives personally. Serving as a third-party warranty and available only to highly qualified insureds, reputation insurance attests to the efficacy of the company’s governance and operational practices, as adopted and overseen by the board and implemented by the CEO. Such coverage can deter reputational attacks in much the same way as a security sign on the front lawn deters burglars. It is a sign of quality governance. And when incidents do occur, it provides a built in alternative narrative to counter the attacks that are bound to occur. Finally, it gives the company and key individuals financial indemnification to mitigate any damage that ultimately does take place.

Just as “doing the right thing” did not protect directors and officers from liability in the era before the wide adoption of D&O insurance, it is no guarantee that attacks in the court of public opinion won’t take a significant financial toll. But it is one of the few solutions proven in the court of public opinion. In today’s culture, reputations are in jeopardy as never before and risk managers must utilize all tools available to protect those on the front lines.

Reputational Risk in Their Own Words

Many risk managers are struggling to get their arms around reputation risk. One challenge is that risk, a threat to valued asset or desired outcome, is hard to discuss in modern terms without statistics. Statistics, on the other hand, can be mind-numbing.

First, the accountancies. Eisner & Amper reports that reputation risk has been the number one board concern for each of the past four years. Deloitte concurs on the ranking but emphasizes the strategic nature of reputation risk. E&Y finds reputation risk in international tax matters; PwC finds reputation risk in bribery, corruption and money laundering. Oliver Wyman, a human resource and strategy consultancy, reports that reputation risk is a rising C-suite imperative ranking fourth this year (and third among risk professionals). Reputation risk was fourth in Aon’s 2013 survey. Willis shared data showing that 95% of major companies experienced at least one major reputation event in the past 20 years.

Ace in 2013 reported that 81% of companies told the insurer that reputation was their most important asset. Allianz’s 2014 global survey ranked the risk sixth of the top 10. Rounding out the professions, the 2014 study written by the Economist Intelligence Unit and published by the law firm, Clifford Chance, reported that 74% of U.K. board members see reputation damage as the most worrying consequence of an incident or scandal, ranking it as more serious than the potential direct financial costs, loss of business contracts and even impact on share price.

Anecdotes provide context that can personalize statistics. They can help transform a cerebral conversation about reputation risk to an action plan for managing enterprise reputation risk, protecting long-term enterprise value, and protecting the personal reputations of a company’s leadership.

This week’s anecdotes are exemplary. Goldman Sachs issued a company-wide directive banning its investment bankers from trading individual stocks for their own accounts. The Financial Times reported that “…Goldman told employees it was stopping bankers buying and shorting individual stocks and bonds to ‘help mitigate potential conflicts between firm personnel and clients . . . while helping the firm better manage reputational risk.’”

Across the pond after settling with U.S. and U.K. regulators, Lloyd’s Banking Group dismissed eight employees and clawed back bonuses for the rigging of the London interbank offered rate and related benchmarks. “Significant reputational damage and financial cost to the group are fully and fairly reflected in the options considered in relation to other staff bonus payments,” is how Chairman Norman Blackwell explained the personnel actions, according to Bloomberg.

The Daily Mail finds worrisome the loss of market share from 30.2% to 28.8% for Tesco, which currently reports annual sales of £65 billion ($105 billion). But given that the losses may have been intentionally contrived by senior management is mind boggling. “Most disturbingly of all is the reputational damage, which could linger for years.”

In contrast, Nishit Madlani, an analyst at S&P, is finding encouraging signs at General Motors. “The company’s performance over recent months has shown that recalls haven’t impacted sales. Reputational damage did not transpire, for the most part,” Bloomberg reported.

The statistics affirm reputation is top of mind. To make reputation risk actionable for a risk manager means understanding from the anecdotes that it is a going-forward risk affecting all stakeholder behaviors. Reputation damage will impact sales, credit ratings, regulatory scrutiny and executive compensation. Managing risk to reputation requires an enterprise-level strategic solution that, were it to think about it, senior management would demand today.

Fixing a Rotten Global Supply Chain

Something’s rotten in the global supply chain—figuratively and literally, as Shanghai’s Dragon TV revealed in July about a major supplier of meat for the iconic restaurant brands KFC, Pizza Hut and McDonald’s. In recent years various supply chains brought to market, through respected public companies, adulterated products such as drug-infused toxic chickens and horsemeat posing as beef, as well as dangerous products such as salmonella-laced peanut butter and melamine-fortified pet food.

In addition to the restaurant, food retail and agribusiness sectors, problems originating in their supply chains have adversely affected the automotive, electronics, pharmaceutical and toy sectors. GM, for example, is now dealing with what appears to be a 10-year long supply chain problem that compromised product safety. The immediate costs of all this supply chain rot may include business interruption, product recalls and third-party liability claims, but strategic costs may extend to reputational harm, too. With the rise of investor activism, the worst recent additional costs may be the personal reputations of corporate directors and officers.

Three reasons explain the rising costs of supply chain issues. Stakeholders expect that companies know how the products they offer are made, by whom, and with what raw materials. These expectations are not limited to “conscientious capitalists” or NGOs. The Dodd-Frank Wall Street Reform and Consumer Protection Act, for example, requires companies to disclose annually how they test for whether any minerals originating in the Democratic Republic of the Congo or an adjoining country are incorporated in products.

Another fact is that, as companies continue to grow around the world in an increasingly complex sourcing, manufacturing and distribution environment, insurers and their reinsurers are balking at accepting risk. A representative of Zurich, a major insurer of the global supply chain, explained that reinsurers were demanding more transparency into locations as a going-forward condition for blanket limits.

Then, intolerance for errors is growing. Stakeholders, many of whom now have near-instant awareness of errors and a front-row seat to global crises, are becoming less forgiving of companies being blindsided. Only a short window of time now separates an adverse event from the onset of what the Financial Times once described as “the pile on of litigators, regulators, and…bloggers.” Enter now also activist investors. Despite ample public contrition, Target’s board sacked its CEO only 18 weeks after a supplier provided credit card scanners whose security had been compromised—a sacking that did not prevent activist investors from calling for a sacking of the board. And only 10 weeks after Duke Energy’s coal ash spill and its public contrition, activist investors demanded the heads of four Duke Energy directors.

The court of public opinion where liability insurance offers no solace has become the primary battleground, making directors and officers especially vulnerable. One investor told the New York Times his opening gambit with the C-suite: “We can make you famous, and not for the reason you want to be famous.” Rarely will a company’s C-suite suffer public opprobrium silently like Rolls-Royce’s after a catastrophic engine failure exposed a systemic safety issue in their supply chain. The company went radio silent for 10 weeks until it isolated and repaired the problem, whereupon the firm emerged publicly to announce a new large engine order. They used the third-party endorsement of a respected customer to help reassure stakeholders and restore their reputation.

It is high time that companies acquire visibility into their supply chains, and demand from them responsible behavior appropriate for the notably higher 21st century norms. They can begin by evaluating the effectiveness of field audits that evidence compliance. Although that approach is industry-standard, it is expensive and disruptive to their suppliers and expensive to administer. For the overwhelming majority of suppliers and vendors that are in compliance, these audits interfere with their operations and strain the supplier/company relationships. For the few that are non-compliant, infrequent audits are poor policing tools. When audits fail to uncover deviations, and a negative event occurs, social critics have unfairly accused companies of ineffective oversight and even willful failure.

New integrated information management solutions are far more effective. These will help companies find hints and clues of noncompliance in open communications that, aided by big data analytics, converge on apparent discrepancies between self-reporting and actual behaviors. These signatures of misbehavior will more quickly expose potential deviations from responsible behavior and enable corrective actions.

Companies can also reduce irresponsible behavior by making it harder for potentially deviant suppliers to rationalize such behavior and assuage their guilt. Insurances have become available that will objectively affirm the authenticity of a company’s values and neutralize rationalization that might lower the barriers to irresponsible behavior by some suppliers. Insurances can also increase the disincentives for irresponsible behavior in two fundamental ways. First, escalating the behavior into the criminal matter of insurance fraud is a far greater disincentive than a terminated contract. Second, by making insurance a condition of contracting, loss of insurance becomes an independent and non-judgmental basis for termination. Companies cannot then be vilified for evading responsibility.

Companies that manage risks to their supply chains in a way that stakeholders can appreciate and value can transform risk management into a strategic advantage. These companies will emerge with reputations for being 21st century industry leaders in governance, management and control.