Why compliance isn't stopping scandals

In Rethinking Reputational Risk, Anthony Fitzsimmons and Derek Atkins explore the problem of managing risks, but provide only half the solution.

by Simon Burton
Last Updated: 07 Dec 2016

Tesco, Volkswagen, BP, Serco, RBS - there seems to be a never-ending stream of companies who have messed up. Yet this is happening at the same time as companies are spending more money on risk management and compliance than ever before in the history of business. So why do things still keep going wrong?

I was working inside one of those multinational companies when they famously screwed up. My experience at the commercial coalface has given me some insight into why the current huge effort on risk management doesn't always reap rewards. And this is a perspective which is shared by the authors of this new book on tackling reputational risk.

Risk management all too often apes the starting point of economics: it is predicated on rational human beings acting in a rational way. But senior executives are not always rational; neither are a company's various stakeholders (investors, NGOs, media or employees). It is this heady brew that can often give rise to reputational risk which, if not anticipated, managed or mitigated, creates the headlines and ultimately hurts the value of the business.

The authors give the reader some classic vignettes of eye-catching corporate behaviour in recent years, and lift the lid on them to try and explain what actually happened. From the aggressive accounting practices at Tesco to the culture at Barclays that led to the rigging of the Libor rate benchmark, from Volkswagen's cheating on emissions testing to Mid-Staffordshire NHS Trust's failure to care for patients - all these and other case studies are forensically dissected in the quest to see what lessons can be learned.

For a topic that can easily be trapped in the abstract and wrapped in jargon, the authors have produced a crisply written tome which is easy and engaging to read. Its format of insights, followed by case studies and then solutions works well. This should be no surprise. The authors Anthony Fitzsimmons and Derek Atkins are well versed in this area - their previous publication Roads to Ruin on behalf of Cass Business School for the insurance and risk industry is rightly highly regarded. They bring their experience to bear in this book.

The analysis is insightful on a number of levels. They pinpoint the potential deficiencies in a company around culture and process, whether that be in the boardroom or on the factory floor. They also identify how much of the real risk comes from how reputation is (or isn't) organised internally within a business - ie responsibility is often split across functions so leaving cracks.

However, the authors' starting point and focus is predominantly on reducing negative reputation incidents. This is valuable, but it doesn't really 'rethink' how reputational risk management should evolve in the corporate environment.

Preventing or reducing the impacts of negative incidents is only one half of the reputational risk story. It is relatively easy for boards and senior executives to look back at recent big corporate crises and ask: what do we need to learn from these cases and how can we protect ourselves from similar incidents? But there are limits to the impact of any retrospective analysis. It would be far more effective to incorporate reputational risk into a company's mainstream decision-making processes. That is the other half of the story to rethinking reputational risk.

The most stark omission in the solutions section of the book is the relative lack of references to the supportive role that any in-house corporate affairs director can play in helping a business manage its reputational risk.

The corporate affairs function has the responsibility for managing corporate reputation: they have the expertise in managing the stakeholder relations that give rise to reputational risk and which are vital to mitigating it. Their work is part of a company's self-insurance on reputational risk. To pay relatively so little attention to their role, and how their function needs rethinking, leaves a glaring gap in the solutions that the authors propose.

The case for corporates to rethink reputational risk is strong. The authors make good advocates but their book only gives half the answer.

Rethinking Reputational Risk, by Anthony Fitzsimmons and Derek Atkins, is published by Kogan Page, £29.99.

Simon Burton is a partner at Headland Consultancy and leads the firm's reputational risk practice.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

How to manage a liar

No-one likes people who are economical with the truth. But workplaces are surprisingly full of...

Where are the opportunities for growth in 2022?

MT Asks: The Metaverse, good customer service and regional investment could all be fertile areas...

Groupthink the cause of Partygate, argues workplace psychologist

Partygate happened because the 10 Downing Street team didn’t feel comfortable standing up to its...

Should a rule-breaking boss always step down?

As Credit Suisse’s António Horta-Osório steps down for breaking covid quarantine rules, Bojo has apologised...

How to know if it’s time for fight or flight

Here’s what leaders should consider if they find themselves in ethical hot water, by leadership...

“Hedging your bets is one of the worst things you can do as ...

Tharsus CEO Brian Palmer has just stepped back after years of bringing robotics into the...