A New Approach to Managing a ‘Classic’ Reputation

coca cola sweetener challenge

A new Coca-Cola-sponsored contest seems to publicly acknowledge its reputational risk, but at a minimal cost that could manage or even reduce it.

In early August, the beverage giant announced its Sweetener Challenge, seeking non-employees (preferably scientists or agriculture or nutrition professionals) who can bring the company a “natural, safe, reduced, low- or no-calorie compound that generates the taste sensation of sugar when used in beverages and foods.” The winner will be announced in Fall 2018 and will receive $1 million.

Taxes on soda, the decline of its consumption, and mounting data that sours on sugar has unquestionably affected the bottom line for the company and put pressure on the broader beverage industry. By initiating the contest, Coke seems willing to try a fresh approach to manage or favorably alter its reputation as a brand founded on sugary cola, while simultaneously attracting and retaining consumers and generating sales. That seems far less risky than not trying new techniques.

“[Reputation risk] is created when expectations are poorly managed and exceed capabilities, or when a company simply fails to execute,” wrote Nir Kossovsky in the 2014 Risk Management article “How To Manage Reputation Risk.” “Managing expectations is all about governance, operations and risk management—the blocking and tackling of running a business. Clearly, there can be perverse brilliance in a business strategy of setting expectations very low.”

Last year, Coca Cola suffered a net revenue decline from $11.5 to $9.7 billion, making the $1 million prize a cost-efficient gamble that, as Kossovsky suggested, can “conceptualize an ideal state and implement a roadmap to reduce reputation risk.”

Other companies have turned to their audiences for new ideas to increase awareness and improve their reputations. Folgers was jonesing for a new jingle this year and paid a songwriting duo $25,000 for a flavorful new take on “the best part of waking up.”

Even the commercial aviation industry sought out-of-this-world innovations from average stargazers. When the X Prize Foundation wanted to inspire the private sector to pursue commercial space flight, it did so with a $10 million prize. The pursuit of the Ansari X Prize generated $100 million in new technologies and was ultimately won by the Tier One project’s ShapeShipOne, which was financed by Microsoft co-founder Paul Allen.

According to Kossovsky, “reputational events are tried in the court of public opinion,” and Coke’s will both there and in stores. The company’s new sugar substitute will be announced in October 2018 and will eventually make its way into supermarkets. With just a few sips, consumers can ultimately decide if the company’s investment and reputation risk management technique was a sweet move.

Reputational Crises Put CEOs at Risk

When reputational crises hit, market cap, sales, margins and profits are all on the line. And these situations are becoming more frequent—and more costly—than ever, with a recent study showing an increase in losses from reputational attacks increasing by more than 400% in the past five years.

But it is not only the corporate entity facing challenges, individuals in leadership—particularly CEOs—face personal risk as well. It has become clear that CEOs need tools to protect themselves as well as their companies’ reputations. Since damage from reputational attacks takes place in the court of public opinion, traditional liability solutions, such as directors and officers coverage, are not effective. But new tools are available in the form of a reputation assurance solution that can help deter attacks from even happening and bundled insurances to mitigate the damage when they do occur.

Research by Steel City Re has found that:

  • Financial losses related to reputational attacks have increased by more than 400% in the past five years, a trend that continues.
  • There is an increase in public anger and, as a result, more blame is being cast upon recognizable targets, such as CEOs.
  • Anger by stakeholders is fueled by disappointment—the gap between expectations and reality—which is all too often fueled by the company’s own actions.

Against that backdrop, the turnover rate among CEOs is increasing, with 58 of the S&P 500’s CEOs transitioning out of their jobs in 2016 according to SpencerStuart (although not all as a result of reputational crises). That is the highest number since 2006, a 13% increase over 2015, and a 57% increase over 2012.

If that weren’t enough reason for concern, history shows that when strong companies and their brands come under fire, their reputations eventually recover, despite the initial and medium-term impacts. Individual reputations of those companies’ leadership are not nearly as resilient, however, especially at a time when society; be it the media, social media, politicians or direct stakeholders; seems intent on personifying crises and affixing blame on individuals in positions of authority. And for CEOs, a reputational crises can affect their career and compensation for many years ahead.

In this environment, it is essential that risk managers understand the tools that are available to protect both companies and senior executives personally. Serving as a third-party warranty and available only to highly qualified insureds, reputation insurance attests to the efficacy of the company’s governance and operational practices, as adopted and overseen by the board and implemented by the CEO. Such coverage can deter reputational attacks in much the same way as a security sign on the front lawn deters burglars. It is a sign of quality governance. And when incidents do occur, it provides a built in alternative narrative to counter the attacks that are bound to occur. Finally, it gives the company and key individuals financial indemnification to mitigate any damage that ultimately does take place.

Just as “doing the right thing” did not protect directors and officers from liability in the era before the wide adoption of D&O insurance, it is no guarantee that attacks in the court of public opinion won’t take a significant financial toll. But it is one of the few solutions proven in the court of public opinion. In today’s culture, reputations are in jeopardy as never before and risk managers must utilize all tools available to protect those on the front lines.

Firestorm Over Forced Removal Proves Costly for United

United Airlines stock tumbled nearly 4% in early trading Tuesday morning before recovering late in the day as the company continued to deal with fallout after video surfaced showing a passenger being forcibly dragged from a United flight at Chicago’s O’Hare International Airport. United shares were down by as much as 6% in premarket trading Tuesday morning, according to MarketWatch.

Shocked viewers responded with universal outrage Monday to a video appearing to show a 69-year old man being brutally dragged off his flight by three uniformed officers from the Chicago Department of Aviation, one of which has since been placed on leave. The man’s face was bloodied and he appeared disheveled as officers dragged him along the narrow aisle of the plane.

“The incident on United flight 3411 was not in accordance with our standard operating procedure and the actions of the aviation security officer are obviously not condoned by the Department,” the agency said in a statement. “That officer has been placed on leave effective today pending a thorough review of the situation.”

Compounding the Airline’s misery was a letter sent to employees Monday night by United’s CEO, Oscar Munoz, saying that he supported the actions of the flight’s crew in removing the passenger, who Munoz accused of being “disruptive and belligerent.” Munoz later apologized directly to the passenger but his public sentiment was judged disingenuous in the wake of the leaked employee memo.

The passenger was removed from the flight to make room for four United employees, although it was initially reported that the passenger was removed from the flight to Louisville due to overbooking—a standard industry practice of selling more seats on any given flight than are actually available to shield the airline from lost revenue from no-shows. Although the flight was not technically overbooked, United followed the policy in order to seat the four employees.

In 2016, the 12 largest U.S. airlines bumped slightly more than 40,600 of 659.7 million passengers, for a rate of 0.62 per 10,000 passengers, down from 0.73 per 10,000 in 2015, according to the Bureau of Transportation Statistics, Bloomberg reported.

In this case, the airline requested that four passengers relinquish their seats to United employees. According to reports, the airline first offered passengers $400 in addition to hotel and flight vouchers, and then raised the cash component to $800. When there were no takers, the airline chose four passengers to be removed. Approached by the flight’s crew, the man declined to give up his seat, asserting that he is a doctor and needed to see patients Monday morning.

The incident also sparked an international outrage across China, where it was the top item trending on Sina Weibo, as it was reported the removed passenger was Asian. The BBC reported that a passenger seated next to the doctor said the doctor was originally from Vietnam, where there was also widespread negative reaction. The hashtag #UnitedForcesPassengerOffPlane had more than 270 million views and an online petition, “Chinese Lives Matter,” which has some 38,000 signatures and calls for a U.S. investigation into the case, according to Bloomberg.

Reputational damage can be potentially costly as a company may have to deal with expenses related to managing a crises, such as public relations and advertising, as well as any loss to the company’s stock market value. The incident is the second in as many weeks to envelop United, which previously suffered scorn in the court of public opinion after barring two nonrevenue passengers from boarding a flight based on a dress code violation.

United’s largest shareholder is Warren Buffet, whose 9% stake in the airline, worth roughly $2 billion, was down some $90 million when United’s stock was at its lowest point on Tuesday.

Wells Fargo: What Should Have Happened

wells-fargo

When Wells Fargo fired 5,300 employees in September for inappropriate sales practices, then-CEO John Stumpf approached the scandal with an outdated playbook. In response to the $185 million in fines levied by regulators, he first denied any knowledge of the illegitimate accounts. Attempting to mitigate press fallout by distancing the company from a group of “bad eggs” acting independently is not the answer, however. Even if Stumpf had maintained this assertion of innocence, changes in the risk environment over the past few years demand a proactive approach.

Rather than simply deflecting responsibility in these situations, executives must be able to accomplish two things:

• Provide historical evidence of due diligence and risk management (if such a program was actually used)
• Demonstrate how the company is adjusting its policies and/or implementing new policies to ensure a similar incident doesn’t happen in the future

In 2010, the SEC’s Proxy Disclosure Enhancement (rule 33-9089) explicitly made boards of directors responsible for assessing and disclosing risk management effectiveness to shareholders. It mandates the use of risk monitoring systems to demonstrate that existing controls (mitigation activities) are effective. Under this rule, “not knowing” about an activity performed by employees is considered negligence. This is a crucial development; negligence carries the same penalty as fraud, but it does not require proof of intent. The Yates Memo (2015) gave the SEC ruling more “teeth” by requiring organizations to provide the Department of Justice with all the facts related to responsible individuals.

As a result, many companies have suffered significant penalties and frequently criminal charges, even though their executives were allegedly unaware of illicit activities. Consider the emissions scandal at Volkswagen and fines paid (to the SEC) by global health science company Nordion Inc. In both instances, deceptions were perpetrated by individuals below the executive level, but senior management’s inability to detect/prevent the incidents came back to bite them.

How to Prevent Risk Management Failures at Your Organization

John Stumpf’s approach should have started with an admission of Wells Fargo’s failure in risk management processes across the enterprise, followed by evidence that a more effective, formal enterprise risk management process is being implemented. For example, risk assessments must cascade from senior management down to the front lines and across all business silos. This ensures that the personnel most familiar with operational risks (and how to mitigate them) can keep the board informed.

In other words, instead of simply apologizing and attempting to provide restitution, Stumpf should have demonstrated that Wells Fargo is taking proactive risk management measures to protect its many stakeholders. It is the company’s duty to ensure that something like this never happens again.

The scandal is predictably following the same track as have previous failures in risk management: it starts with regulatory penalties, then leads to punitive damages, class action lawsuits, and finally, criminal charges and individual liability, depending on the particular case. The key to this pattern is the absence of adequate risk management, which means negligence under the new enterprise risk management laws, regulations and mandates passed since 2010.

The good news is that avoiding serious, long-term consequences is possible if proper actions are taken. For example, by providing a historical record of risk management practices, Morgan Stanley avoided regulatory penalties when an employee evaded existing internal controls. Other corporations that can provide evidence of an effective risk management program (risk assessments, internal controls that address risks, monitoring activities over these internal controls, and an electronic due-diligence trail) are largely exempt from punitive damages, class-action lawsuits, and possible jail time.

When implemented proactively, effective risk management systems have and will continue to prevent scandals, regulatory fines, litigation and imprisonment. For a more in-depth analysis of the Wells Fargo scandal, read the LogicManager blog post “The Walls Fargo Scandal is a Failure in Risk Management.”