The risk management profession measures success by the extent to which it can best help forecast, evaluate and protect organizations against financial and reputational risk. Grey swan events—long-tail risks, known but believed to be highly unlikely—complicate this mission.
Often, organizations are convinced that these events are unlikely to happen, so they avoid allocating resources toward their prevention. The Aon and Pentland Analytics reputational risk report Respecting the Grey Swan highlights the indelible impact grey swan crises have on reputation and shareholder value. The report analyzes 300 corporate reputational crises, representing all major industry sectors. In over 10% of the crises analyzed over four decades, more than 50% of shareholder value is destroyed within one year of a grey swan event.
Across the 40-year study, reputational crises destroyed $1.2 trillion in shareholder value. When reputation crises occurred, shareholders lose an average of 26% of value at some point during the post-event year. Of all the reputation crises analyzed, 36% of them stem directly from a failure in governance or poor business practices and are the most damaging to shareholder value.
What can risk managers do to prepare their organizations for unexpected future risks? The answer boils down to four key areas: cultivating resilience, reimagining the risk landscape, acknowledging the seriousness of the impact, and translating understanding into action.
Organizations’ resources are finite and risk managers need to strike a balance between protecting against grey swans while still preparing for the more likely risks. However, as the report demonstrates, ignoring grey swan events can significantly threaten a company’s reputation and financial wellness.
Organizations with a culture of resilience are less likely to be derailed by sudden shocks, and risk professionals who treat resilience as a continuous effort rather than a one-off exercise are more likely to successfully manage risk. Building a resilient workforce is also a key area firms are addressing as the world becomes more interconnected and risks become more severe.
The best way to build resilience is to have a strong commitment to loss prevention and mitigation. Organizations need to have contingency plans in place so that, when grey swan events occur, they are prepared to respond, and leaders know how to effectively manage the crisis. For some organizations, this means developing a strong response plan that serves as the go-to when a specific type of crisis occurs. For others, it could be holding simulation trainings to help build muscle memory so organizational leaders know how to respond. Depending on the organization, the industry and the type of crisis we are preparing for, it takes a wide variety of different actions to adequately prepare.
Reimagining the Risk Landscape
Before the COVID-19 pandemic, many risk managers knew that a pandemic was possible but assumed that the probability was not significant enough to require preparation and investing sufficient resources. Organizations that best handle grey swan crises have been proactive dedicated the time and effort to fully grasp the potential and severity of any given situation before it occurs.
Many organizations have risk registers that were formulated 10 to 15 years ago and in some instances are rarely reviewed and updated. With risks constantly evolving, especially in areas like technology and cybersecurity, risk managers need to assess the risk landscape at least annually to ensure that they are consistently taking new factors into consideration. They should embed themselves in communities like professional risk organizations and associations to keep a finger on the pulse of global risk. These communities can provide invaluable insights into what other organizations are doing to prepare for grey swans.
Acknowledging the Seriousness of Impact
Risk management professionals understand the importance of proactive thinking and preparedness, but organizational leaders within organizations do not always share this mindset. Risk managers need commitment and support from the top, and it is their job to highlight the seriousness a grey swan event’s potential impact. The average impact of a grey swan event was -8% movement in share price, representing a loss of $1.2 trillion in shareholder value. This kind of data can help organizations’ leaders understand and acknowledge how harmful grey swan events can be, which in turn can help risk managers make their case to invest the proper time and resources into developing the necessary resiliency plan.
Translating Understanding into Action
Agile companies with strong leadership can better reorganize their resources if a disaster strikes. As risk managers establish their crisis response plans, they should prioritize three key items:
- Elevating a strong, visible leader: During crises, whether it be a global disaster like the pandemic or a reputational crisis for an individual organization, companies need to have a strong leader. Putting a face to the organization who can take accountability and control of the situation adds a human element and can help navigate backlash or disaster.
- Ensuring timely communication: Organizations’ communications teams should deliver prompt, accurate and consistent messaging. It is sometimes more important to get factual information out as soon as possible than to wait and risk appearing opaque.
- Taking an action-oriented approach: The organization needs to be able to answer the following: How is it managing the situation? What is the company doing to prevent this from happening in the future? What commitments is it making as a result of the incident?
Organizations cannot afford to ignore grey swan events or postpone preparing for them. Risk managers have experienced the consequences of under-preparing for improbable events like the pandemic. They must ensure that their organizations understand the importance of investing resources ahead of a crisis.