Just as history is oft said to repeat itself; there is rarely a crisis without precedent. For each and every conceivable event, there is likely someone, somewhere, who has experienced it. At the very least, they will have imagined it. Perhaps in their worst nightmares.
Although the risk itself might be easy enough to discern, the specifics behind it are what keep law firm leaders up at night. These are the great unknowns of any potential crisis. The severity, speed of development, or escalating factors which are often unique to each event.
Preparing for the how, when and why often requires more than just crystal-ball gazing; but a finely-honed capability for predicting and analysing those contributory factors. My previous blog explored how to differentiate between different types of crisis event. This instalment will provide an overview of the tools available to identify those threats.
A good predictive capacity must necessarily move beyond a simple anticipation of events towards an awareness of the reputation-environment in which the business operates. It is about building a reputationally conscious organisation in more than name; one that embeds risk prediction into its strategic and operational decision-making.
An important step to creating a risk-intelligent structure is to recognise its key traits:
- An open, engaging organisation that listens to its stakeholders: A mechanism for continual monitoring of reputation amongst key external stakeholders.
- Reputational awareness deeply embedded into culture: Internal stakeholders must be aware and willing to contribute to the process of reputation risk management.
Learning to Listen: the External Reputational Risk Radar
A key objective for acquiring the first of these traits is a keen radar for external risks. The most popular tool for delivering this is horizon scanning. Since the crisis, developing the capacity to accurately capture incoming risks has become absolutely business-critical. This is in part, due to the sheer volume of issues which could currently manifest into crises presenting a significant threat to reputation.
An important aspect to building an attuned horizon scanning function is to clearly set its objective, scale, and timeframe. It is primarily an exercise from bringing the ‘outside world’ into your organisation for consideration. However, it is critical that it is not just an item for idle deliberation. The intelligence gathered must inform an active process, closely linked to your firm's strategy for crisis prevention. For an external issue, such as a social, political or economic trend, this might involve an issues management strategy to mitigate or limit the potential harm.
These issues may even present an opportunity for those bold enough to take it. There has been a growing trend of companies attempting to position themselves on typically divisive political or social issues, such as climate justice or migrant rights, to demonstrate their ESG credentials – or simply to distinguish themselves from the pack. These are the kind of issues which, in years gone by, would have populated the red column of the corporate risk register.
Equally as important is the range of sources at your disposal. The media, both traditional and new, will always - despite perennial suggestions to the contrary - be of the utmost relevance. Not just as a shifting pool of information, ready to be drawn upon at a specific moment, but also as a mechanism for identifying and interpreting the shape of the public narrative. A skilful interpretation of this information can help you to be one step ahead of the curve; to spot emerging trends.
Social media monitoring will only grow in significance, with many businesses moving increasing amounts of resource into its engagement. Just as importantly, however, are primary sources – that is, your capacity to listen, talk, and understand clients, end-users, policymakers, and all other stakeholders whose perceptions form the constituent parts of your accumulative reputation. Stakeholder mapping is a popular tool and is an effective method for mapping favourability against influence. However, it should also lead to an informed engagement strategy to continually interact with, carefully monitor and respond accordingly to each of their concerns.
Always Conscientious: The Internal Reputational Risk Radar
If the external radar is about discerning the issues that are important to stakeholders, the internal radar is about understanding how your actions will be perceived by them. Internal reputational risks are varied in their type: it can be incident or issue-led, but also proactive or reactive, negative or positive.
Proactive internal risks are usually those which are an inevitable consequence of a strategic decision. Proactive positive moves could be a new product, or joint venture, which could harbour identifiable risks. Proactive negative issues often entail risks deemed unavoidable but necessary, such as restructure or poor financial results. Reactive internal risk, on the other hand, is the realm of the typically unforeseen. They might be, reactive negative, misconduct allegations against a senior partner. The notorious ‘New Coke’ launch is an example of a positive announcement which become a reactive crisis.
The point of distinguishing further between these risks is to demonstrate each and every stage in which the internal risk radar should be embedded into the organisational structure. It is about being able to predict key risks at the right stages of decision-making. The question will also be, at what stage in the process of a decision, should reputational risk be brought into the room? If the answer is once it lands on the desk of the marketing team, then it is probably too late.
Of course, some companies deliberately, and successfully, choose strategies that are provocative; particularly if the venture is in itself a risky proposition. Those situations should illustrate that those accountable for reputational risk need not forever be regarded as spoilsports, or seeking to always stifle innovation. Instead, the culture of valuing reputation should be so deeply embedded that everyone feels capable of contributing to the process of identifying internal risks.
Of course, it is not just about acquiring the information; but about knowing what to do with it. In the next blog, I will look at how to apply scenario planning techniques in order to predict the triggers and to measure the impact of reputational risk.