4 Informative Case Studies to Help Guide Reputational Risk Management

By: | October 29, 2018 • 4 min read

Nir Kossovsky is the Chief Executive Officer of Steel City Re. He has been developing solutions for measuring, managing, monetizing, and transferring risks to intangible assets since 1997. He is also a published author, and can be reached at [email protected]

Societal phenomena such as #MeToo, #opioidcrisis, #boycottNRA and #deleteFacebook are exposing inadequacies in risk and governance frameworks, and astute managers recognize the need to seek remedies.


What’s needed are systems and processes helping risk managers prepare to adapt and respond to culturally-linked perils that are outside the usual framework of 1st party, 3rd party and compliance risks. Notwithstanding the implications for mission creep, development of those systems to protect corporate reputation is something enterprise risk managers should embrace.

Confidence in a company’s ability to pursue its strategy is what motivates investors to risk capital, lenders to advance capital and employees to engage. Customers expect to be delighted by product and service experiences.

These stakeholders, implicitly or through covenants, expect risks to their expectations will be managed. In addition, in certain commercial sectors, regulators demand risk management with failures manifesting in fines, criminal charges and loss of business rights. It is therefore obvious that the economic benefits of meeting stakeholders’ expectations is the value of a firm’s reputation; the Economist newspaper crowned risk to that value as the “risk of risks” more than a decade ago.

Most risk management frameworks lump reputation among a firm’s valuable assets. Reputation risk, it would seem, should be managed like other 1st party risks. Actuarial models developed by risk bearers help risk managers allocate resources to mitigate 1st party economic losses. However, until my firm developed actuarial models for reputation risk using synthetic measures of reputation value, the insurance world offered little guidance.

What follows are four case studies on how company’s tried and failed or succeeded in managing this risk.

Example 1: Facebook.

Facebook’s 2017 10K explicitly notes the value of reputation and the potential cost of its loss 14 times. In the spring of 2018, the audit committee was overseeing reputational matters but had no quantitative measure of reputation’s importance and no risk managers working from a framework that linked reputation risk to cash flows or other economic metrics. As a result, few at Facebook seemed to anticipate that the loss of trust precipitated by the Cambridge Analytica disclosures would erase 20 percent of the firm’s market cap when its impact on user growth and engagement became known to investors.

Facebook created the expectation of trust and failed to meet it. Reputation risk is the peril of stakeholders’ disappointment and anger when there is a gap between stakeholder expectations and reality. Noxious media typically amplifies that gap, which it certainly did in Facebook’s case.

Liability risk models, such as the burden-probability-loss formula that was articulated in Judge Learned Hand’s 1947 ruling are failing in the face of cultural issues. Among the most memorably is the case of the exploding Ford Pintos.

Example 2: NiSource

A current example of cultural issues shaping a liability exposure involves NiSource, one of the nation’s largest natural gas distribution companies serving approximately 3.9 million customers in seven states.

Well aware of its reputation risk, which is disclosed in six mentions in the 2017 10K, it also acknowledges that angry disappointed stakeholders lead to “loss of cost recovery and increased litigation.” The board’s nominating and governance committee is charged with “reviewing and evaluating risks to the Company’s reputation and the steps management has taken to monitor and control such risks.”

After a series of gas explosions in the Boston area, and facing a complaint from the Governor of Massachusetts, the company undoubtedly faces costly liabilities and has already experienced a loss in market cap. However, they could in theory be much worse. In my firm’s experience, reputational value losses can exacerbate 3rd-party related liability losses by factors ranging from 2 to 7 times. What is helping to mitigate the reputational damage is that NiSource appears to have a genuine interest in the welfare of both its customers and employees, and such culturally-sensitive goodwill manifests in times like these where competing forces are battling for the mind of the stakeholder.

Reputation risk is the peril of stakeholders’ disappointment and anger when there is a gap between stakeholder expectations and reality. Noxious media typically amplifies that gap, which it certainly did in Facebook’s case.

Financial stakeholders may have been somewhat impressed with the company’s apparent sensitivity to reputation risk. Had they been more impressed, the company may have mitigated the loss in equity value which will trigger the inevitable pile on of litigators. How? Through the conventional practices of risk financing and transfer.


On a pro-forma basis, our firm modeled NiSource’s potential equity loss in a material crisis to be $764 million. Based on its inferred reputation risk management efforts, existing P/E ratios and other actuarial factors, a source of contingent capital from the pooled resources of an insurance captive and insurance markets of about $40 million would have materially dampened the stock market’s negative reaction.

Example 3: Weinstein and Company

Two other recent cases also illustrate weaknesses in the third pillar of a risk management framework: compliance-centricity.

In the matter of Weinstein and Company, the board was too close to the alleged perpetrator to be able to distance itself from the ethical breach. Stakeholders expect that, even with a strong CEO, a company’s board will be able to exercise appropriate oversight. As a result, found culpable in the court of public opinion, the firm was not salvageable.

Example 4: Wynn Resorts

On the other hand, at Wynn Resorts, the board successfully jettisoned the alleged perpetrator, Steve Wynn, protected itself from the opprobrium of gaming regulators and recovered all of its lost

The former Wynn Commons at the University of Pennsylvania. Photo by Natasha A. Kossovsky

equity value in under 20 weeks. The American Law Institute, in its upcoming publication Principles of the Law, Compliance, Enforcement, and Risk Management for Corporations, Nonprofits, and Other Organizations, is expected to address the timing discrepancy between courts of law and public opinion.

When it comes to mitigating enterprise-wide threats, reputation risk appears to be challenging existing risk management frameworks.

Risk managers must understand that the work involves mitigating not only negative media coverage but also anger and disappointment of stakeholders whose expectations have not been met.

In this mix, reputation insurances provide indemnifications that affirm trust and reduce economic losses. &

4 Companies That Rocked It by Treating Injured Workers as Equals; Not Adversaries

The 2018 Teddy Award winners built their programs around people, not claims, and offer proof that a worker-centric approach is a smarter way to operate.
By: | October 30, 2018 • 3 min read

Across the workers’ compensation industry, the concept of a worker advocacy model has been around for a while, but has only seen notable adoption in recent years.

Even among those not adopting a formal advocacy approach, mindsets are shifting. Formerly claims-centric programs are becoming worker-centric and it’s a win all around: better outcomes; greater productivity; safer, healthier employees and a stronger bottom line.


That’s what you’ll see in this month’s issue of Risk & Insurance® when you read the profiles of the four recipients of the 2018 Theodore Roosevelt Workers’ Compensation and Disability Management Award, sponsored by PMA Companies. These four programs put workers front and center in everything they do.

“We were focused on building up a program with an eye on our partner experience. Cost was at the bottom of the list. Doing a better job by our partners was at the top,” said Steve Legg, director of risk management for Starbucks.

Starbucks put claims reporting in the hands of its partners, an exemplary act of trust. The coffee company also put itself in workers’ shoes to identify and remove points of friction.

That led to a call center run by Starbucks’ TPA and a dedicated telephonic case management team so that partners can speak to a live person without the frustration of ‘phone tag’ and unanswered questions.

“We were focused on building up a program with an eye on our partner experience. Cost was at the bottom of the list. Doing a better job by our partners was at the top.” — Steve Legg, director of risk management, Starbucks

Starbucks also implemented direct deposit for lost-time pay, eliminating stressful wait times for injured partners, and allowing them to focus on healing.

For Starbucks, as for all of the 2018 Teddy Award winners, the approach is netting measurable results. With higher partner satisfaction, it has seen a 50 percent decrease in litigation.

Teddy winner Main Line Health (MLH) adopted worker advocacy in a way that goes far beyond claims.

Employees who identify and report safety hazards can take credit for their actions by sending out a formal “Employee Safety Message” to nearly 11,000 mailboxes across the organization.

“The recognition is pretty cool,” said Steve Besack, system director, claims management and workers’ compensation for the health system.

MLH also takes a non-adversarial approach to workers with repeat injuries, seeing them as a resource for identifying areas of improvement.

“When you look at ‘repeat offenders’ in an unconventional way, they’re a great asset to the program, not a liability,” said Mike Miller, manager, workers’ compensation and employee safety for MLH.

Teddy winner Monmouth County, N.J. utilizes high-tech motion capture technology to reduce the chance of placing new hires in jobs that are likely to hurt them.

Monmouth County also adopted numerous wellness initiatives that help workers manage their weight and improve their wellbeing overall.

“You should see the looks on their faces when their cholesterol is down, they’ve lost weight and their blood sugar is better. We’ve had people lose 30 and 40 pounds,” said William McGuane, the county’s manager of benefits and workers’ compensation.


Do these sound like minor program elements? The math says otherwise: Claims severity has plunged from $5.5 million in 2009 to $1.3 million in 2017.

At the University of Pennsylvania, putting workers first means getting out from behind the desk and finding out what each one of them is tasked with, day in, day out — and looking for ways to make each of those tasks safer.

Regular observations across the sprawling campus have resulted in a phenomenal number of process and equipment changes that seem simple on their own, but in combination have created a substantially safer, healthier campus and improved employee morale.

UPenn’s workers’ comp costs, in the seven-digit figures in 2009, have been virtually cut in half.

Risk & Insurance® is proud to honor the work of these four organizations. We hope their stories inspire other organizations to be true partners with the employees they depend on. &

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at [email protected]