I start every seminar and presentation with definitions, so that I can establish a common framework through which I can work with my audience. In particular there are a number of definitions to describe reputation and reputation risk, each serving a slightly different purpose. These need to be further explored so that you can decide on how you will manage reputation.
The classic definition is that Reputation is all that is generally believed about your character, respectability, credit, integrity or notoriety. (Latin: reputatio – reckoning). But it is not enough to guide us.
I also use these definitions that give it more meaning:
Reputation is a state of mind – A Set of memories, perceptions and opinions that sits in your stakeholders’ consciousness.
Reputation is the net result of the interactions of all the experiences, impressions, beliefs, feelings and knowledge all stakeholders have about a company.
So what then is Reputation Management?
It is essentially a consulting discipline that realizes that Reputation is both an asset and a risk. The definition that I therefore like to work with says that Reputation Management is the building, sustaining, and protection of an organization’s good name, generating positive feedback from stakeholders and resulting in the attainment of strategic and financial objectives. It implies that there is a definite financial link between the work we do in reputation management and the bottom line.
However reputation is also the greatest risk that an organization can face.(Think of a run on a bank). As Warren Buffet have said: ” It can take twenty years to build a good reputation, and only five minutes to destroy it”.
WE therefore have to consider the following definitions as part of our approach to building and protecting reputation.
- Definition 1: (Stakeholder Perspective) – Reputational Risk emerges when the reasonable expectations of stakeholders about an organization‘s performance and behaviour are not met. This has been listed in some surveys as the most dangerous reputation risk of all. It essentially involves taking a look at each stakeholders needs and expectations, matching the drivers of an organization reputation and minimizing the gaps that exist.
- Definition 2: (Asset Perspective) – Some studies show that Reputation makes up between 55 – 73% of a company’s asset value. In this instance, Reputational Risk is defined as the loss of earnings that occur in a situation of negative public opinion. It normally results in loss of sales, share value decreases and breakdown of relationships. Many a crises have led to stock price decreases and impact in other areas of the business.
- Definition 3: (Incident Perspective) – Reputational Risk is the exposure incurred from unexpected incidents, or from unanticipated response to the institution’s initiatives, actions or day-to-day activities. This definition implies that Reputation Risk is the risk that an activity, action or stance performed or taken by a company or its officials will impair its image in the community and/or the long-term trust placed in the organization by its stakeholders, resulting in the loss of business and/or legal action, and is closely linked with the asset perspective.
- Definition 4: (Compliance Perspective) – Reputational Risk can also be defined and viewed as the loss or negative publicity that can arise from failure to meet regulatory or legal obligations.
From the above definitions it must be clear that essentially all risks and all related components of an organization potentially impact on reputation. This implies that reputation needs to be systemically managed if an organization wants to extract maximum value from it. Tip – It is essential that you define Reputation Risk in these four ways in your business, as each definition implies a different mitigation strategy and potential danger.
My question to you – Have you adequately defined Reputation Risk in your Business? Do you have a Reputation Risk framework that spells out how you will mitigate, treat and respond to Reputation Risk? If you don’t, you have some work to do.
I have just been quoted in an article in Norman Mark’s blog – ‘How Do You Determine Whether the Risk Management Process Is "Effective"?
This was my response: Effective risk management is when each risk event identified is examined through the lens of both the direct loss to the firm and indirect losses that may arise because of damage to the firm’s reputation associated with the event.
My definition has evolved from working with clients where I could see the imbalance the risk management process i.e that too much attention was placed on financial losses.
Those readers who received my Powerlines newsletter Nr. 89 dated Nov 2009 will recall my article ‘One Event, Multiple Stakeholder Impacts’ in which i showed the danger of how one event could have multiple stakeholder impacts.
That is the type of danger that exists when you do not view a risk event and put it through the stakeholder lens.
a While ago I worked with a client where it soon became apparent that too much attention was given to financial indicators and not enough to intangible measurement. As I explained to the client there is was a need to "balance the yin and the yang" of the risk management approach in the company.
This comment emphasizes both "hard" and "soft" sides of risk management. The hard (yin) includes committees, policies & procedures, quantitative assessments, reporting, limits, audits and systems.
The soft (yang) reflects awareness, people, skills, integrity, incentives, cultures, values, trust and communication. Both sides are essential to a sound program and a sound reputation.
Is your risk management system adequately balanced?
I just read an interesting article in the Business Report which stated that the global financial crisis is largely the result of financial institutions not taking risk management seriously.
The article contained a number of interesting pointers and is based on a KPMG survey on risk management in banks which was released on Monday.
The article states that risk management was just a support function and an interesting finding was that though risk management programmes exist, there were shortcomings in their approach.
This correlates with my experience in teaching understanding about reputation risk. Worldwide reputation risk is seen as the one risk that is the most difficult to define and manage. Therefore it is often left to chance and dealt with post event.
It just goes to show that if there are problems existing with traditional risk programmes, then reputation risk is even less understood and managed.
In my master class workshops I show the audience three ways to define reputation risk. It is only then that the reality dawns on them, how to mitigate it.
(If you are interested in learning more about Reputation Risk, and whether it is a strategic risk on its own or just a consequence of a risk, register for my next Reputation Risk Management Master Class).