Reputational Crises Put CEOs at Risk

When reputational crises hit, market cap, sales, margins and profits are all on the line. And these situations are becoming more frequent—and more costly—than ever, with a recent study showing an increase in losses from reputational attacks increasing by more than 400% in the past five years.

But it is not only the corporate entity facing challenges, individuals in leadership—particularly CEOs—face personal risk as well. It has become clear that CEOs need tools to protect themselves as well as their companies’ reputations. Since damage from reputational attacks takes place in the court of public opinion, traditional liability solutions, such as directors and officers coverage, are not effective. But new tools are available in the form of a reputation assurance solution that can help deter attacks from even happening and bundled insurances to mitigate the damage when they do occur.

Research by Steel City Re has found that:

  • Financial losses related to reputational attacks have increased by more than 400% in the past five years, a trend that continues.
  • There is an increase in public anger and, as a result, more blame is being cast upon recognizable targets, such as CEOs.
  • Anger by stakeholders is fueled by disappointment—the gap between expectations and reality—which is all too often fueled by the company’s own actions.

Against that backdrop, the turnover rate among CEOs is increasing, with 58 of the S&P 500’s CEOs transitioning out of their jobs in 2016 according to SpencerStuart (although not all as a result of reputational crises). That is the highest number since 2006, a 13% increase over 2015, and a 57% increase over 2012.

If that weren’t enough reason for concern, history shows that when strong companies and their brands come under fire, their reputations eventually recover, despite the initial and medium-term impacts. Individual reputations of those companies’ leadership are not nearly as resilient, however, especially at a time when society; be it the media, social media, politicians or direct stakeholders; seems intent on personifying crises and affixing blame on individuals in positions of authority. And for CEOs, a reputational crises can affect their career and compensation for many years ahead.

In this environment, it is essential that risk managers understand the tools that are available to protect both companies and senior executives personally. Serving as a third-party warranty and available only to highly qualified insureds, reputation insurance attests to the efficacy of the company’s governance and operational practices, as adopted and overseen by the board and implemented by the CEO. Such coverage can deter reputational attacks in much the same way as a security sign on the front lawn deters burglars. It is a sign of quality governance. And when incidents do occur, it provides a built in alternative narrative to counter the attacks that are bound to occur. Finally, it gives the company and key individuals financial indemnification to mitigate any damage that ultimately does take place.

Just as “doing the right thing” did not protect directors and officers from liability in the era before the wide adoption of D&O insurance, it is no guarantee that attacks in the court of public opinion won’t take a significant financial toll. But it is one of the few solutions proven in the court of public opinion. In today’s culture, reputations are in jeopardy as never before and risk managers must utilize all tools available to protect those on the front lines.

Protecting Employees in the Face of International Risks

Increasing globalization and the growing world market presents employees with opportunities to travel and experience new countries and cultures. With travel comes risk, however. In the event of an unforeseen incident, it is an organization’s top priority to ensure its employees are safe and out of harm’s way.

By following proactive travel risk management strategies, employers can help ensure not only the safety of their employees abroad, but also the success of their businesses while avoiding major financial, legal and reputation costs. When developing travel policies, companies must consider the health, safety and security risks that their employees could encounter.

Security Risks
The frightening unknowns of crises such as sudden earthquakes or airport terror attacks can cause distress and chaos. It is the duty of a company’s human resources department to ensure employees are safe and secure, as being unprepared for such events could have dire consequences. For the best outcome, companies should proactively develop travel risk management plans before disaster strikes. Consider these guidelines for your company’s travel emergency plans:

  • Share information. Ensure employees are educated on how to avoid security risks in their destinations and share corresponding safety advice.
  • Develop a communication plan. Decide how employees should contact HR and/or other crisis response team members and vice versa in the event of an emergency.
  • Give employees information about who to contact if they’re in an emergency scenario. Create staffing patterns or third party resources that can accommodate after-hours calls.
  • Consider rearranging travel plans if there’s a high security risk. Use technologies, such as video conferencing, to keep business rolling as usual if employees need to conduct in-person meetings in destinations where it may be temporarily unsafe to travel.
  • Encourage employees to enroll in the Smart Traveler Enrollment Program (STEP). The app provides updated travel warnings and alerts via email. It can also help the nearest U.S. embassy or consulate locate individuals in the event of a disaster.

Health Risks
Recent disease outbreaks in several countries have caused concern among business and leisure travelers alike. If organizations have plans for employees to travel to areas experiencing widespread illness, consider exercising flexibility. If a disease epidemic is dominating news headlines, there is a good chance employees will be concerned about going to a destination that’s affected. In these cases, advise alternative options such as video calls or contacting local partners to help out. On the other hand, if employees elect to travel to the location, it is the employer’s job to ensure they have the knowledge and resources they need to have a safe and successful trip. To help protect the health of a traveling employee, HR professionals should:

  • Research and understand destination-specific health risks and share this information with employees. Education is essential to preventing life-threatening situations.
  • Ask employees to fill out personal medical information Forms. An employee should bring a copy on the trip and also leave copies with trusted friends or family. In the event of a medical emergency, the trustees will be able to obtain important personal medical details from the document, such as insurance coverage, current or past medical conditions and emergency contact information.
  • Remind employees to carry prescription paperwork. This can prevent issues at airport security and can be useful should a new or similar prescription be necessary locally.
  • Confirm that employees are covered by health insurance that is accepted overseas. This will help avoid monstrous fees later on.

Potential Costs for the Business
The costs of not following these strategies can be far-reaching. Your employees’ health and safety is always of utmost importance. However, there are also some continuity issues to consider.

At the most basic level, a health or safety issue that affects a traveling employee will likely cause a loss in productivity and, therefore, an impact to your organization’s bottom line. Companies could furthermore face cancellation fees, lost deposits, unused inventory or lost sales. Additionally, medical bills, medical evacuations and security evacuations can pose huge financial burdens on both employees and the company.

Furthermore, an organization that doesn’t adequately prepare for potential risks and therefore compromises an employee’s safety can lose loyalty quickly. If employees know their colleagues were put in risky situations, they will likely lose trust in their companies—which could cause engagement (and business results) to decline.

Adding to the strain of a disillusioned workforce, legal disputes could arise. An injured worker seeking remedies could bring an injury claim against their employer. The cost a company could face when it comes to duty of care disputes depends on the complexity of the case, the length of time and whether it reaches a full trial. Businesses should be prepared for the possibility of facing court cases by following key risk management strategies before being pulled through lengthy and costly litigation processes.

There are also reputation costs to consider. One of the most damaging scenarios may be that the company’s failure to fulfill their duty of care obligation leads to media headlines resulting in serious brand damage. In this case, the news can mar the company’s reputation, causing stakeholders to pull away and resulting in devastating loss in revenue.

Above all, employees are the backbone of an organization, and their safety and security should be the top priority for every business. Devising a sound risk management plan for travelling employees is crucial for ensuring the safety of employees as well as the longevity of your business.

Firestorm Over Forced Removal Proves Costly for United

United Airlines stock tumbled nearly 4% in early trading Tuesday morning before recovering late in the day as the company continued to deal with fallout after video surfaced showing a passenger being forcibly dragged from a United flight at Chicago’s O’Hare International Airport. United shares were down by as much as 6% in premarket trading Tuesday morning, according to MarketWatch.

Shocked viewers responded with universal outrage Monday to a video appearing to show a 69-year old man being brutally dragged off his flight by three uniformed officers from the Chicago Department of Aviation, one of which has since been placed on leave. The man’s face was bloodied and he appeared disheveled as officers dragged him along the narrow aisle of the plane.

“The incident on United flight 3411 was not in accordance with our standard operating procedure and the actions of the aviation security officer are obviously not condoned by the Department,” the agency said in a statement. “That officer has been placed on leave effective today pending a thorough review of the situation.”

Compounding the Airline’s misery was a letter sent to employees Monday night by United’s CEO, Oscar Munoz, saying that he supported the actions of the flight’s crew in removing the passenger, who Munoz accused of being “disruptive and belligerent.” Munoz later apologized directly to the passenger but his public sentiment was judged disingenuous in the wake of the leaked employee memo.

The passenger was removed from the flight to make room for four United employees, although it was initially reported that the passenger was removed from the flight to Louisville due to overbooking—a standard industry practice of selling more seats on any given flight than are actually available to shield the airline from lost revenue from no-shows. Although the flight was not technically overbooked, United followed the policy in order to seat the four employees.

In 2016, the 12 largest U.S. airlines bumped slightly more than 40,600 of 659.7 million passengers, for a rate of 0.62 per 10,000 passengers, down from 0.73 per 10,000 in 2015, according to the Bureau of Transportation Statistics, Bloomberg reported.

In this case, the airline requested that four passengers relinquish their seats to United employees. According to reports, the airline first offered passengers $400 in addition to hotel and flight vouchers, and then raised the cash component to $800. When there were no takers, the airline chose four passengers to be removed. Approached by the flight’s crew, the man declined to give up his seat, asserting that he is a doctor and needed to see patients Monday morning.

The incident also sparked an international outrage across China, where it was the top item trending on Sina Weibo, as it was reported the removed passenger was Asian. The BBC reported that a passenger seated next to the doctor said the doctor was originally from Vietnam, where there was also widespread negative reaction. The hashtag #UnitedForcesPassengerOffPlane had more than 270 million views and an online petition, “Chinese Lives Matter,” which has some 38,000 signatures and calls for a U.S. investigation into the case, according to Bloomberg.

Reputational damage can be potentially costly as a company may have to deal with expenses related to managing a crises, such as public relations and advertising, as well as any loss to the company’s stock market value. The incident is the second in as many weeks to envelop United, which previously suffered scorn in the court of public opinion after barring two nonrevenue passengers from boarding a flight based on a dress code violation.

United’s largest shareholder is Warren Buffet, whose 9% stake in the airline, worth roughly $2 billion, was down some $90 million when United’s stock was at its lowest point on Tuesday.

Dallas Alarms Hack a Warning of Infrastructure Vulnerability

Dallas residents were wide awake and in a state of confusion late Friday night when the city’s outdoor emergency system was hacked, causing all of its 156 alarms to blast for an hour-and-a-half until almost 1:30 a.m.

With some interpreting the warning as a bomb or missile, a number of residents dialed 9-1-1, but the number of calls—4,400 in all—overwhelmed the system, causing some callers to wait for up to six minutes for a response, the New York Times reported.

The alarms blasted for 90-second durations about 15 times, Rocky Vaz, the director of the city’s Office of Emergency Management, told reporters at a news conference.

Mr. Vaz said emergency workers and technicians had to first figure out whether the sirens had been activated because of an actual emergency. And turning off the sirens also proved difficult, eventually prompting officials to shut down the entire system.

“Every time we thought we had turned it off, the sirens would sound again, because whoever was hacking us was continuously hacking us,” Sana Syed, a spokeswoman for the city told the Times.

Eventually the alarms were turned off, which had to be done manually, one alarm at a time.

On Saturday afternoon the system, used for hurricanes and other warnings, was still down, but officials said they hoped to have it functioning soon. They also said they had pinpointed the origin of the security breach after ruling out that the alarms had come from their control system or from remote access.

Mr. Vaz said that Dallas had reached out to the Federal Communications Commission for help and was taking steps to prevent hackers from setting off the system again, but that city officials had not communicated with federal law enforcement authorities.

Security officials have warned about the risks that such hacking attacks pose to infrastructure, which is often aging and in disrepair. Federal data shows that the number of attacks on critical infrastructure appears to have risen: to nearly 300 in 2015 from just under 200 in 2012. Attacks include a 2008 oil pipeline explosion in Turkey; a 2015 hacking of Ukraine’s power grid, leaving 200,000 people in Western Ukraine without electricity for several hours; and in 2013, hackers tried to gain control of a small dam in upstate New York. Seven computer specialists, who worked for Iran’s Islamic Revolutionary Guards Corps., were indicted for trying to take over controls of the dam, according to the Times.