Train Your Entire Organization to Predict, Prevent and Recover From a Reputation Crisis

By: | March 12, 2019

Nir Kossovsky is CEO of Steel City Re, which mitigates the hazards of reputation risk with parametric reputation insurances, ESG insurances, and risk management advisory services.

Just as people who are physically fit are generally better equipped to recover from illness or injury, companies and other entities that have strong governance and risk management practices in place are better equipped to recover from reputational crises — or to prevent them from occurring in the first place.

Reputation risk management, financing and insurances can deter and mitigate reputational attacks, reducing the cost of negative events and the ensuing media coverage. Indeed, it would be foolish to engage in a broad marketing and communications effort without having first prepositioned critical risk management processes and assets.

Trying to recover from a reputational crisis without having done the earlier foundational work is like the blundering knights of Monty Python’s Arthurian legend sending their Trojan Rabbit into the French fortress — only to be flummoxed when the plan failed because they hadn’t put any soldiers inside.

Bearing this vital lesson in mind, here is the story of reputation risk — its triggers, its strategic management — and the 7 tactical steps companies and their leadership can take to recover from a reputational crisis.

Reputation Risk Management Problem

A reputational crisis, characterized by broad stakeholder disappointment and diminished trust, causing economic and political losses.

Common triggers — Corporate or leadership-level breach of stakeholder expectations for ethics, innovation, safety, security, sustainability or quality.

Reputation Risk Management Solution

Victory Conditions — Forgiveness with preservation of the value of the soft power — an intangible asset — that companies leverage to sell more, faster and at a higher price; obtain labor, vendor and supplier services; and capital at a lower cost; and hold both regulators and activists at bay.

Defeat the inciting forces of negativism in the battle for the mind of the stakeholder.

7 Tactical Steps:


1) Delegate risk management to manage reputation risk. 

Too often, companies treat reputation as a marketing, communications or Corporate Social Responsibility function. But when a reputational misstep occurs, stakeholders aren’t going to care if you’ve reduced your carbon footprint or sent mosquito netting to Africa. They are going to want to know if the company did everything reasonably possible — in advance — to avoid the reputational crisis and to mitigate its damage.

Reputation risk needs to be under the purview of risk management, which can review all aspects of operations and coordinate with the disparate silos within the organization. It is the story key stakeholders long to hear and which they will value.

2) Know your stakeholders.

Know what your customers, employees, vendors, creditors, investors, regulators and the many socially-focused non-governmental organizations expect of you, what might trigger disappointment, and its potential economic impact.

When a potential crisis does hit, acknowledge it quickly and hold yourself accountable for addressing it.

This must be an ongoing process. The direction of society’s winds change — a group that’s not on your radar today could be extremely important tomorrow; activities that are acceptable today might anger stakeholders tomorrow.

3) Plan and disclose your reputation risk governance strategy.

Reputational crises move quickly and can hit suddenly, like tornadoes, and storm shelters need to be built and disclosed before the storm appears.

No matter how complex the inner workings, ensure that stakeholders are presented with an enterprise risk management plan that is simple, easy to understand and completely credible. For example, explore and engage third parties that can evaluate, validate and insure the entity, its leadership and its plans for mitigating reputation risk.

Communicate with stakeholders in your 10K, Def 14A, and more traditional marketing platforms that outsiders reviewed your governance and processes and were sufficiently confident to provide insurance to protect against reputation losses.

4) Look around corners.

Be alert to the subtle signs of lurking reputational crises. Build this mentality into the corporate culture. And when a potential crisis does hit, acknowledge it quickly and hold yourself accountable for addressing it.


5) Communicate promptly with stakeholders.

With the weaponization of social media, bad news travels faster than ever. Stakeholders need to know you’re on top of the situation and that you understand their expectations and have anticipated their potential disappointments.

Mollifying stakeholders can mitigate the media amplification that characterizes reputation risk today and confine an operational failure before it bursts into a reputation tornado.

6) Determine the root cause, and do so transparently.

Investigate and identify the cause of the issue. Was it a rogue employee or simple human error or a significant failure of systems, training or culture? Determine if your problem is idiosyncratic or systemic.

7) Raise the operational bar for the entire peer group of companies or organizations.

Put in place a serious, credible plan for addressing the root cause, that is sufficiently generic and all industry participants can adopt it and benefit from it. Whatever the solution, it must credibly convince stakeholders that the new systems in place will prevent that problem from ever occurring again.

The degree to which the plan is accepted by stakeholders as credible depends on the strength of the foundation – whether you’ve built a Trojan Horse with soldiers ready to defeat your adversaries, or an empty Trojan Rabbit that may look good when viewed superficially but is actually of little use in the face of a crisis. &

More from Risk & Insurance