No ESG Without ERM: The Lessons to Learn from Bud Light’s Misstep

By: | July 18, 2023

Nir Kossovsky is CEO of Steel City Re, which mitigates the hazards of reputation risk with parametric reputation insurances, ESG insurances, and risk management advisory services.

If risk managers were better integrated into ESG-related marketing and communications strategic planning, Bud Light might have been America’s top selling beer for a 23rd year straight.

Instead, it surrendered that perch to Modello in a self-induced reputation crisis.

This past summer, Bud Light’s marketing team recruited a transgender TikTok influencer to promote its beer and leverage “woke” ESG messaging to a niche market that’s predisposed against such tactics.

So it comes as no surprise that some of Bud Light’s stakeholders reacted emotionally — that is, negatively — and when Anheuser-Busch InBev executives walked back the campaign, they compounded the scope of aggrieved stakeholders.

There is nothing new about marketing campaigns falling flat. But today, the stakes are far larger, as many risks that were once delimited — operational, financial and now ESG — can surge into enterprise reputation crises.

Increasingly, angry stakeholders triggered by some ESG-related corporate strategy they don’t agree with change their behaviors, to the detriment of the business.

Consider these contrasting behaviors: customers buy or boycott; employees work or flee; investors buy or sell; lenders adjust interest rates; regulators enforce or defer; and social license holders acquiesce or protest.

This is ESG risk, which is one of a growing number of stakeholder-centric issues falling under the greater rubric of reputation risk.

What happened at Bud Light is a variant of what happened when underpowered software failed at Southwest Airlines, and when financial risk-taking triggered a loss of confidence in Silicon Valley Bank.

In all cases, outcomes might have differed materially had risk managers intervened successfully by highlighting the enterprise-level reputational risks — and mitigating them.

Marketing and communications tend to “own” reputation. But they’ll concede that risk management is not in their power alley.

On the other hand, risk managers are reputation risk management-ready through their expertise in enterprise risk management (ERM).

Most firms have existing ERM programs within which a reputation risk management program can nestle comfortably. Such programs are natural homes for managing threats to ESG strategies, CSR strategies and non-financial risk strategies.

Integrating mission-critical reputation risk management into an existing effective ERM program is not complicated.

An approach was outlined recently at a RIMS Chicago Chapter program, “ESG as a risk — what does it mean and what can you do?”

  1. Affirm the effectiveness of your reputation risk register. ERM already calls for periodic surveys of the expectations of a firm’s many stakeholders. Verify that no stakeholder group relevant to reputation risk is left behind.
  2. Affirm your process for determining a risk’s materiality. In a world of finite resources, this is prudent asset management. Verify that your risk modeling captures enterprise-wide impacts.
  3. Overlay an enterprise reputation health risk monitoring system to flag sudden surges in ethical, social, political and other culturally driven risks that can emerge in a heartbeat. Engage corporate executives who have their fingers on the pulses of all the firm’s stakeholders and have a sense of what issues, with respect to ESG, are emotionally meaningful.
  4. Preempt a cold start in crisis management and communications by pre-positioning, in cooperation with marketing and communications, stories about thoughtful, dutiful reputation risk management and governance. Having reputation insurance to authenticate the quality of risk management makes the story simple to understand.

High-profile, costly risk management failures at AB InBev (Bud Light), Southwest Airlines and Silicon Valley Bank indicate that it is time for risk management to be more fully integrated into corporate processes, like marketing: #letriskmanagersmanagerisk!

Reputation risk management needs to be a standard area of enterprise risk management responsibility. Can we drink to that? &