Risk comes from not knowing what you’re doing. ~ Warren Buffet
I was having lunch the other day at one of my favourite business restaurants in London with a colleague. At one point the conversation turned to the “world of the CEO”; that is, what those in charge of large groups of people and organizations have to deal with and what really “keeps them up a night”.
At one point in the conversation my colleague put our whole discussion into sharp focus with these words:
“There are three risks that keep CEOs up at night: financial risk, market risk, and reputational risk!”
The first two, financial risk and market risk are easy to understand. Overspending to get a product to market poses a financial risk since there is no guarantee adequate sales will materialise. Opening new facilities in emerging markets in order to capture early entry advantage is an example market risk since emerging markets are notorious for not growing as predicted.
These two risks, while potentially huge, are the most studied and analysed. Every newly minted MBA spends hours devoted to lectures and case studies on them. CEOs surround themselves with risk experts of all sorts to assess and analyse financial and market risks. The probability of making a giant mistake in either of these areas is becoming less and less as we learn more and more about the world through the use of new technologies such as Big Data, market intelligence and sophisticated analytics.
Reputational risk is less well understood.
Imagine that the company has an account similar to a bank account. Every time the company does something good its reputational capital account goes up; every time the company does something bad, or is accused of doing something bad, the account goes down. What’s interesting about a reputational risk account is that it can be filled or depleted with either actual actions, or perceived actions. And the consequences of reputational risk can be enormous.
For example, look at the current state of global banking. As a result of excessive profit seeking individual traders and others in the banking world have crossed the bounds of ethical activities, such as the LIBOR rate fixing scandal and pension mis-selling activities, causing fines in the billions from regulatory authorities and others. To date, the financial services industry, and mainly banking, has been fined more than $100 billion.
As a result of poor behaviour at all levels and an unwillingness on the part of banks to really address rogue and unethical behaviour, the reputation of big banks is at an all time low. Basically the financial services industry, even 6 years after the global financial crisis of 2008, remains the least trusted of all industries (Edelman 2014 Trust Survey).
“The most remarkable finding is that risk professionals – on the whole a highly analytical, data rational group – believe the banking crisis was caused not so much by technical failures as by failures in organisational culture and ethics.” ~ UK Institute of Risk Management
An additional example is the poor media handling by BP and its former CEO, Tony Haywood of the Deepwater Horizon oil spill in the Gulf of Mexico in 2010. The cost alone to BP has been upwards of $40 billion, but the reputation and trust in BP took a giant hit in the eyes of the public, and its share price has yet to fully recover.
Corporate Culture at the Heart of Reputational Risk
Risk is not knowing what your culture is doing!
Our conversation then turned to ideas on how CEOs can more effectively deal with reputational risk. Since reputations are usually damaged by behaviours that are out of alignment with company values and/or consumer values and regulation, and since corporate culture is the habitual behaviours used by employees at work to solve problems, deal with colleagues, customers and stakeholders, then a greater understanding and management of culture can be an effective way to mitigate reputational risk.
The problem is, most CEOs and senior executives don’t know what their culture is, and most importantly, don’t realise that their corporate culture is not one unified element, but actually is a collection of subcultures.
Subcultures are formed when employees trust and respect informal leaders (trusted colleagues) more than management (Edelman). As a result, they take their clues on how to behave not from Company Values Statements or CEO speeches, but from peer and subgroup pressure to “fit in” and “be a part of the team”. And all the regulation and corporate training cannot overcome the power of peer pressure in determining how people behave at work.
When subcultures are aligned with the overall company strategy and values, culture can be a significant business asset. But when subcultures are out of alignment, corporate culture becomes a significant business (and reputational) risk.
Who is advising you on culture and reputational risk?
Thanks for joining the conversation.
John R Childress
Senior Advisor on Corporate Culture, Leadership and Strategy Execution
Author of LEVERAGE: The CEO’s Guide to Corporate Culture
Visting Professor, IE Business School, Madrid