focus After more than two centuries in business, Barings Bank was declared bankrupt in 1995, all because of the actions of Nick Leeson. Andersen was another that paid a high price for its mistakes. The target The sight of Apple and Samsung fighting their patent wars before courts around the world perfectly illustrates the power wielded by these brands today. Apple also boasts the largest market capitalisation in the world at 345 billion euros. (02/2014). Under these conditions, the slightest hint of misconduct, whether wilful or not, can take on dramatic proportions. The main difficulty lies in the fact that, ultimately, a reputation is made and broken outside the control of a company, by its clients, competitors, the press and public opinion. Suffice to say that when the bullets fly, the sniper is usually invisible. And shooting back blindly in all directions serves only to aggravate the situation. The conventional v the unconventional arsenal Information theft by a dishonest employee, defamation by a competitor, a scandal created by dissatisfied customers, accusations of prohibited practices by the press ... even the earliest companies had to contend with these threats. The challenge today
LE BULLETIN 26
11
“It can take 20 years to build a reputation and five minutes to ruin it. Think about that and you’ll do things differently.” Warren Buffett
comes from the less ‘conventional’ sources of attack: Wikileaks disseminating videos stolen from the army, Edward Snowden denouncing the practices of the NSA, Madame Bettencourt recorded by her butler and even Nicolas Sarkozy spied upon by Patrick Buisson. When Hervé Falciani stole a file at HSBC, public opinion saw him merely as a “whistleblower’, the act justified by his heroic quest to denounce the dark practices of a world of finance responsible, in its eyes, for the current global crisis. Indeed, the fact that the file went on to be purchased by various States seems only to confirm the legitimacy of such practices, which can see the authors pocket up to several million euros. The lessons of the Clearstream affair do not seem to have been learned. On another note, companies such as Amazon, Google or Starbucks come under fire for practices that are legal but considered as ‘unethical’ by public opinion. The media response, of Google or
Apple in particular, is almost nuclear in intensity! In Luxembourg, where discretion is part of the culture, the status of financial market increases the reputational risks at a time when information has become a source of entertainment and when the press is hungry for headlines that will boost sales and halt the steady decline in advertising spending. The defence For a compliance officer, the risks fall into two broad categories: first come the internal risks of a badly intentioned or badly trained employee. Added to these are the external risks related to the past or present actions of clients and public opinion. To counter the internal risks, the challenge is to impose a positive culture with respect to compliance and its requirements. A KYC drawn up according to the rules may lose a contract, but discovering that a client is in breach of the antimoney laundering laws could cost much more. As far as the external risks are
concerned, the ‘Nikki Catsouras’ case perfectly illustrates the omnipotence of Google and the fact that the internet cannot be erased. The father of this young girl who suffered atrocious injuries in a car accident paid out large sums to erase internet photos taken by a rogue emergency worker. Years later, they were still prominent Google hits. Prevention is the only arm capable of reducing the risk of outbreaks. This means research conducted by specialised operators capable of delving into the murky world of the deep web. The investment is on a scale concomitant with the risk: even the News of the World, a specialist in «unconventional» attacks, gave up the ghost after the wiretapping scandal.
The keys of reputational risk Strategy
> Integration of reputational risk in the business strategy > Training of employees in compliance rules and monitoring
Brand
> Strong branding
Communication
> Fluid internal communication > Definition and alignment of external corporate messages > Media training of persons exposed
Control
> Internal control culture at all levels > Regular external dialogue with clients, the press and the general public
Joe Garner:
Solving crises with new leadership
© Shutterstock
10
It’s midnight. You are CEO of one of the UK’s largest retail banks. Your website has been down for six hours due to an on-going cyber attack. Panic could ensue if customers can’t move money and the media start raging. One hundred of your top people are on the line waiting for your decision. What do you do next? What would you do? This was the real life situation faced by Joe Garner, ex-CEO of HSBC UK (and since 10 February, the CEO of Openreach, a British Telecom subsidiary) during the evening, night and morning of 18/19 October 2012. Step by step, he took the 250 guests at the Magenta Horizons conference through the crisis. The crisis began at 6pm when the CIO called to say all sites were down across the world, adding “normally this is easy to fix.” “So” Mr Garner asked the audience “what would you do?” Leaving these thoughts hanging, he then presented his ideas on the changing nature of business leadership. Good CEOs create a virtuous circle of motivated employees generating customer loyalty and thus growth, which boosts staff morale further. This model will come under pressure, he said. Growth will be harder to achieve as competition increases. Also, prices will rise as resources become scarce and climate change costs are borne. Now it’s 8pm. The cyber attack is 500 times bigger than any seen by HSBC. There is some tweeting but mainstream media is quiet. Mr Garner decides to wait for more
developments. What would you do? The customer really is king Customers are no longer loyal towards brands. Google gives them instant, full market knowledge and they want good value and compensation if things go wrong. “This means selling as we knew it is over,” he said. “Any sales involving pressure no longer work.” It’s 10pm. There’s not much more information and the media are still relatively quiet but now Mr Garner is considering asking all call-centre staff to return from holiday and sick leave. Of course, this action might in itself set off a panic. At midnight, he decides to call staff in. He then begins practising his media routine centred around the message “we are doing everything we can”. Fortunately, at 4.15am the IT guys finally repel the attack and restore service. Allow staff to grow “Treating your staff with humanity and respect liberates their energy and creativity,” advised Mr Garner. This, he believes, gives people the tools and strength to react independently when times get tough.
LE BULLETIN 26