Reputational Crises Put CEOs at Risk

When reputational crises hit, market cap, sales, margins and profits are all on the line. And these situations are becoming more frequent—and more costly—than ever, with a recent study showing an increase in losses from reputational attacks increasing by more than 400% in the past five years.

But it is not only the corporate entity facing challenges, individuals in leadership—particularly CEOs—face personal risk as well. It has become clear that CEOs need tools to protect themselves as well as their companies’ reputations. Since damage from reputational attacks takes place in the court of public opinion, traditional liability solutions, such as directors and officers coverage, are not effective. But new tools are available in the form of a reputation assurance solution that can help deter attacks from even happening and bundled insurances to mitigate the damage when they do occur.

Research by Steel City Re has found that:

  • Financial losses related to reputational attacks have increased by more than 400% in the past five years, a trend that continues.
  • There is an increase in public anger and, as a result, more blame is being cast upon recognizable targets, such as CEOs.
  • Anger by stakeholders is fueled by disappointment—the gap between expectations and reality—which is all too often fueled by the company’s own actions.

Against that backdrop, the turnover rate among CEOs is increasing, with 58 of the S&P 500’s CEOs transitioning out of their jobs in 2016 according to SpencerStuart (although not all as a result of reputational crises). That is the highest number since 2006, a 13% increase over 2015, and a 57% increase over 2012.

If that weren’t enough reason for concern, history shows that when strong companies and their brands come under fire, their reputations eventually recover, despite the initial and medium-term impacts. Individual reputations of those companies’ leadership are not nearly as resilient, however, especially at a time when society; be it the media, social media, politicians or direct stakeholders; seems intent on personifying crises and affixing blame on individuals in positions of authority. And for CEOs, a reputational crises can affect their career and compensation for many years ahead.

In this environment, it is essential that risk managers understand the tools that are available to protect both companies and senior executives personally. Serving as a third-party warranty and available only to highly qualified insureds, reputation insurance attests to the efficacy of the company’s governance and operational practices, as adopted and overseen by the board and implemented by the CEO. Such coverage can deter reputational attacks in much the same way as a security sign on the front lawn deters burglars. It is a sign of quality governance. And when incidents do occur, it provides a built in alternative narrative to counter the attacks that are bound to occur. Finally, it gives the company and key individuals financial indemnification to mitigate any damage that ultimately does take place.

Just as “doing the right thing” did not protect directors and officers from liability in the era before the wide adoption of D&O insurance, it is no guarantee that attacks in the court of public opinion won’t take a significant financial toll. But it is one of the few solutions proven in the court of public opinion. In today’s culture, reputations are in jeopardy as never before and risk managers must utilize all tools available to protect those on the front lines.

Large Venues Reviewing Security Measures

Venues that attract crowds, such as large sports events and concerts are reviewing their security measures, both inside and out, to prevent an attack such as the suicide bombing after an Ariana Grande concert in Manchester, England, that killed at least 22 people.

Most venues have strict rules about bags, backpacks and coolers. Some check items thoroughly before allowing them inside an arena and others do not permit them at all. Venues also employ security detail to check those attending events as well as plainclothes detail to monitor the crowd. In the Unites States, the Department of Homeland Security warned that the U.S. public may experience increased security at public events.

Hong Kong’s AsiaWorld Expo, where Ariana Grande is scheduled to hold a concert in September, said it plans to improve security at all concerts and events. Besides baggage inspection, there will also be metal detectors and search dogs, it said in a statement.

According to the South China Morning Post, the Hong Kong venue said it will begin using metal detectors to screen for potential threats, in addition to its usual backpack and baggage inspections. It also said it would consider using search dogs for any suspicious items or requiring visitors to wear security straps to track them while in the venue.

One mega event, the annual Indianapolis 500 over Memorial Day weekend, took to heart the task of keeping attendees safe. Adding to security planning measures for more than 300,000 attendees was the safety of Vice President Mike Pence, who was expected to attend—and arrived on Sunday morning.

Indy 500 crowd, May 26, 2017. Photo by Dana Garrett

Reuters reported that the Indy 500 has a Homeland Security SEAR 2 (Special Event Assessment Rating) designation, which means federal assets can be brought in to enhance security efforts during the event.

The Indy 500 is regarded as the world’s largest single day sporting event. Only venues on par with the Super Bowl and the Democratic and Republican conventions are given higher security ratings. Local, state and federal agencies contributed to security efforts at the Indy 500, including sniffer dogs, license plate recognition equipment and multiple security checkpoints to enforce restrictions.

There are those who believe, however, that even with enhanced measures, terrorist acts cannot be completely anticipated or stopped.

“Whatever is done—and in this case it’s British intelligence which is considered among the best in the world—it won’t prevent such incidents happening,” Jean-Charles Brisard, president of the Centre for the Analysis of Terrorism told Reuters. “You can bring back the perimeter, add security gates and as many controls as you want, but that will not change the fact that a determined individual will carry out his act if he is not caught before.”

Disruptive Technologies Present Opportunities for Risk Managers, Study Finds

PHILADELPHIA–Disruptive technologies are used more and more by businesses, but those organizations appear to be unprepared. What’s more, companies seem to lack understanding of the technologies and many are not conducting risk assessments, according to the 14th annual Excellence in Risk Management report, released at the RIMS conference here.

The study found an apparent lack of awareness among risk professionals of their company’s use of existing and emerging technologies, including the Internet of Things (IoT), telematics, sensors, smart buildings, and robotics and their associated risks. When presented with 13 common disruptive technologies, 24% of respondents said their organizations are not currently using or planning to use any of them. This is surprising, as other studies have found that more than 90% of companies are either using or evaluating IoT technology or wearable technologies and that companies in the United States invested $230 billion on IoT in 2016.

Another finding was that despite the impact disruptive technology can have on an organization’s business strategy, model, and risk profile, 60% of respondents said they do not conduct risk assessments around disruptive technologies.

“Today’s disruptive technologies will soon be — and in many cases already are — the norm for doing business,” said Brian Elowe, Marsh’s U.S. client executive leader and co-author of the report said in a statement. “Such lack of understanding and attention being paid to the risks is alarming. Organizations cannot fully realize the rewards of using today’s innovative technology if the risks are not fully understood and managed.” According to the study:

Organizations generally, and risk management professionals in particular, need to adopt a more proactive approach to educate themselves about disruptive technologies — what is already in use, what is on the horizon, and what are the risks and rewards. Forward-leaning executives are able to properly identify, assess, and diagnose disruptive technology risks and their impact on business models and strategies.

This lack of clarity presents opportunity for risk professionals. In fact, previous Excellence reports have indicated that C-suite executives and boards of directors want to know what risks loom ahead for their organizations and increasingly rely on risk professionals to provide that insight.

“As organizations adapt to innovative technologies, risk professionals have the opportunity to lead the way in developing risk management capabilities and bringing insights to bear on business strategy decisions,” said Carol Fox, vice president of strategic initiatives for RIMS and co-author of the report. “As a first step, risk professionals are advised to proactively educate themselves about disruptive technologies, including what is already in use at their organizations, what technologies may be on the horizon, and the respective risks and rewards of using such technology.”

One thing companies can do to manage risks associated with disruptive technologies is facilitate discussions through cross-functional committees—yet fewer companies, only 48%, said they have one, a drop from 52% last year and 62% five years ago.

Whether discussed in weekly, monthly, or quarterly organization-wide committee meetings, emerging risks — including disruptive technologies — need to be examined regularly to anticipate and manage the acceleration of business model changes. When risk is siloed, too often the tendency can be toward an insurance-focused approach to risk transfer rather than an enterprise approach that may lead to pursuing untapped opportunities.

The Excellence survey, Ready or Not, Disruption is Here, is based on more than 700 responses to an online survey and a series of focus groups with leading risk executives in January and February 2017.

Findings from the survey were released today at the RIMS 2017 Annual Conference & Exhibition. Copies of the survey are available on www.marsh.com<http://www.marsh.com> and www.rims.org<http://www.rims.org>.

Protecting Employees in the Face of International Risks

Increasing globalization and the growing world market presents employees with opportunities to travel and experience new countries and cultures. With travel comes risk, however. In the event of an unforeseen incident, it is an organization’s top priority to ensure its employees are safe and out of harm’s way.

By following proactive travel risk management strategies, employers can help ensure not only the safety of their employees abroad, but also the success of their businesses while avoiding major financial, legal and reputation costs. When developing travel policies, companies must consider the health, safety and security risks that their employees could encounter.

Security Risks
The frightening unknowns of crises such as sudden earthquakes or airport terror attacks can cause distress and chaos. It is the duty of a company’s human resources department to ensure employees are safe and secure, as being unprepared for such events could have dire consequences. For the best outcome, companies should proactively develop travel risk management plans before disaster strikes. Consider these guidelines for your company’s travel emergency plans:

  • Share information. Ensure employees are educated on how to avoid security risks in their destinations and share corresponding safety advice.
  • Develop a communication plan. Decide how employees should contact HR and/or other crisis response team members and vice versa in the event of an emergency.
  • Give employees information about who to contact if they’re in an emergency scenario. Create staffing patterns or third party resources that can accommodate after-hours calls.
  • Consider rearranging travel plans if there’s a high security risk. Use technologies, such as video conferencing, to keep business rolling as usual if employees need to conduct in-person meetings in destinations where it may be temporarily unsafe to travel.
  • Encourage employees to enroll in the Smart Traveler Enrollment Program (STEP). The app provides updated travel warnings and alerts via email. It can also help the nearest U.S. embassy or consulate locate individuals in the event of a disaster.

Health Risks
Recent disease outbreaks in several countries have caused concern among business and leisure travelers alike. If organizations have plans for employees to travel to areas experiencing widespread illness, consider exercising flexibility. If a disease epidemic is dominating news headlines, there is a good chance employees will be concerned about going to a destination that’s affected. In these cases, advise alternative options such as video calls or contacting local partners to help out. On the other hand, if employees elect to travel to the location, it is the employer’s job to ensure they have the knowledge and resources they need to have a safe and successful trip. To help protect the health of a traveling employee, HR professionals should:

  • Research and understand destination-specific health risks and share this information with employees. Education is essential to preventing life-threatening situations.
  • Ask employees to fill out personal medical information Forms. An employee should bring a copy on the trip and also leave copies with trusted friends or family. In the event of a medical emergency, the trustees will be able to obtain important personal medical details from the document, such as insurance coverage, current or past medical conditions and emergency contact information.
  • Remind employees to carry prescription paperwork. This can prevent issues at airport security and can be useful should a new or similar prescription be necessary locally.
  • Confirm that employees are covered by health insurance that is accepted overseas. This will help avoid monstrous fees later on.

Potential Costs for the Business
The costs of not following these strategies can be far-reaching. Your employees’ health and safety is always of utmost importance. However, there are also some continuity issues to consider.

At the most basic level, a health or safety issue that affects a traveling employee will likely cause a loss in productivity and, therefore, an impact to your organization’s bottom line. Companies could furthermore face cancellation fees, lost deposits, unused inventory or lost sales. Additionally, medical bills, medical evacuations and security evacuations can pose huge financial burdens on both employees and the company.

Furthermore, an organization that doesn’t adequately prepare for potential risks and therefore compromises an employee’s safety can lose loyalty quickly. If employees know their colleagues were put in risky situations, they will likely lose trust in their companies—which could cause engagement (and business results) to decline.

Adding to the strain of a disillusioned workforce, legal disputes could arise. An injured worker seeking remedies could bring an injury claim against their employer. The cost a company could face when it comes to duty of care disputes depends on the complexity of the case, the length of time and whether it reaches a full trial. Businesses should be prepared for the possibility of facing court cases by following key risk management strategies before being pulled through lengthy and costly litigation processes.

There are also reputation costs to consider. One of the most damaging scenarios may be that the company’s failure to fulfill their duty of care obligation leads to media headlines resulting in serious brand damage. In this case, the news can mar the company’s reputation, causing stakeholders to pull away and resulting in devastating loss in revenue.

Above all, employees are the backbone of an organization, and their safety and security should be the top priority for every business. Devising a sound risk management plan for travelling employees is crucial for ensuring the safety of employees as well as the longevity of your business.