By Nir Kossovsky and Denise Williamee, Steel City Re
Reputational crises are nasty, brutish, and enduring. To deploy the type of reputational risk management apparatus needed today, companies must understand the expectations of ever-changing and diverse groups of stakeholders, and stay attuned to constantly shifting cultural trends that pose enterprise-wide risks and require a response from corporate America.
Board diversity is important because it ensures that board oversight of reputation risk management drives a diverse perspective, encompassing stakeholder groups and potential areas of risk that might otherwise be overlooked. Boards and new board members should not seek conformity of thought, but should embrace the value their different backgrounds create because doing so fosters better risk governance.
How many of the high-profile incidents leading to the #metoo movement, for example—and the reputational damage, lawsuits, and liability they caused—would have been avoided if an effective reputational risk-management process had been in place and the board committees overseeing it had included women?
How many companies could have avoided having to defend, and then scramble to remake, racially offensive brand names and logos if reputation risk management had been effective and overseen at the board level by a committee that included people of color?
Companies and their boards have repeatedly failed to anticipate, mitigate, and respond to the impacts of reputational crises in recent years—including COVID-19, social justice issues, privacy breaches, and sexual harassment and abuse in the workplace. Wave after wave of reputational challenges are catching companies and their directors on their heels.
Reputation is mission critical. Companies have been disclosing reputational risk as material in their public filings for years. But they have failed to address it adequately as a class of perils. Reputational risk is the risk of disappointing and angering stakeholders by failing to meet their expectations. To communicate their disappointment, angry customers will boycott; angry employees will strike; and angry jurors will render costly verdicts.
Who those stakeholders are and what they are expecting is changing, as new cultural and political trends emerge. For example, under pressure by investors to commit to practices that foster a healthier environment, a just society, and better governance, companies are broadening their base of stakeholders and raising expectations by their own actions, by signing onto the Business Roundtable pledge, through which they agree that the interests of the environment, community, and employees are equal in weight to the interests of the company’s owners. Yet through such practices, which critics have dismissed as aspirational marketing, greenwashing, and PR, companies are actually increasing reputational risk and the costs of crisis.
To manage reputational risk effectively, companies need to look around corners and anticipate what a new group of stakeholders might expect in the future. That requires boards to include women and people of color who can oversee and monitor risk management, and ensure staff is truly looking in the right directions and recognizing risks that are on the horizon.
It also requires transforming enterprise risk management at the operational level into a strategic intelligence-gathering and analysis process. The enterprise risk management team should comprise a diverse group of individuals who understand the behavioral economic nature of reputational risk and are empowered to gather relevant intelligence from every corporate silo. This diversely staffed and overseen Integrated Reputation Group (IRG) would develop an understanding of stakeholders’ expectations by gathering intelligence from sales, investor relations, treasury, and legal—and gather corresponding operational intelligence from the respective line operations, so that it could help companies not overpromise.
The IRG would also flag material risks, determine the financial damage that missed stakeholder expectations could cause, and, with the board’s and executive leadership’s support, coordinate the deployment of departmental resources to both meet and manage expectations, including risk transfer, through reputation insurance and, potentially, captive financing.
As more women and diverse directors join corporate boards, they need to understand the consequences their companies—and they personally—will suffer if they misunderstand, underestimate, or fail to mitigate reputational risks.
Directors from a wide range of companies, including such prominent brands as Wells Fargo, Boeing, PG&E, Equifax, Weinstein Company, Uber, and Perdue Pharmaceuticals, can attest to the personal toll that tarnished personal reputations, lost board seats, and diminished opportunities for service on other boards can take.
And recently, board legal exposure has expanded dramatically. The Caremark International litigation that set the legal standard for board liability implied that boards have a duty to oversee mission-critical processes; the Marchand v. Barnhill case recently affirmed that “mission-critical” means a host of business-specific processes that underpin companies’ reputations and enterprise values. That means that boards have a duty of loyalty to oversee these risks.
An Integrated Reputation Group, with diverse, socially conscious board members overseeing it, is a great story that, if preemptively communicated, sends a message to customers, employees, and jurors, among others, before they have a chance to anger. In this way, it mitigates the risk of the incidents that cause those attacks in the first place. And it forges reputation resilience by providing a clear defense for board members who can point to the existence of a state-of-the-art process for mitigating reputational risk.
Companies that view diversity as a way of checking the box for political correctness are missing the point entirely. Different perspectives and lived experiences are valuable and needed to address twenty-first century risks with twenty-first century solutions.
Nir Kossovsky is CEO of Steel City Re, a company that combines financial modeling strategies with insights from informational and behavioral economics in order to provide reputation risk management and insurance solutions for companies and their officers and directors.
Denise Williamee is Steel City Re’s Vice President of Corporate Services, where she heads client relations and education for integrated reputation groups.