What is reputational risk management?

BLOG

What is reputational risk management?

Reputational risk management are strategies used to protect one of your company’s most valuable assets: its reputation.

But how should you act if a PR crisis hits and what are some real life examples of how to and how not to do it?

That’s something we will zoom in on in this blog post where we’ll also share how you can implement a framework to ensure your company is protected against reputational damage.

In this article

    What is reputational risk management?

    Reputational risk management are processes for identifying, monitoring and mitigating risks that could cause reputational damage to a brand or an organization. Threats can come from everywhere, so reputational risk management requires a thorough preparation, prevention and response strategy.

    Protecting a company’s reputation involves mitigating risks by creating a compliant company culture and setting up contingency plans to prepare for events that could impact a company’s reputation.

    Why is reputational risk management important?

    It’s imperative for a company to protect its reputation. Once word is out that a company has acted wrongly, it can be extremely difficult to come back.

    “It takes 20 years to build a reputation and five minutes to ruin it” Warren Buffett once said, and in the era of social media, this statement has only increased in validity. These days, if a company is caught in the act, news can spread like a wildfire with dramatic consequences.

    Revenue can drop if customers lose trust in the business, hiring can become difficult when talent cannot be attracted, and the stock can plunge if investors lose faith in the company’s ability to recover from reputational damage.

    What are some reputational risk factors?

    Reputational damage can come from anywhere, making it difficult to prevent or foresee. However, there are two main categories of reputational risks: internal and external risks.

    1. Reputational damage with internal cause

    A company can face criticism as a result of internal actions or failures to act. The leadership can have failed to act ethically or be caught in illegal actions. Employees or teams can also cause reputational damage – intentionally, by mistake or due to incompetence.

    2. Reputational damage with external cause

    Contrary to damage caused by internal actors, which can be mitigated through training and strong governance practices, external reputational risks can be more difficult to accommodate for. Reputational damage can come from a wide variety of external sources, among others the misbehavior of partners, environmental disasters, or cyberattacks.

    Reputational risk management in financial institutions

    All organizations face some level of reputational risk by simply existing. However, for some industries, the level of reputational risk is often not only higher, but can also have a more drastic impact if the company’s experiences a backlash.

    An example of this is the financial industry.

    The financial system is built on trust. If this trust is compromised, it can have disastrous consequences. There have been numerous examples throughout history of banks failing, often due to bank runs where customers withdraw their money due to a lack of trust in the bank’s ability to survive.

    Let’s look at how two financial institutions have managed a reputational crisis – with and without success.

    JP Morgan Chase strengthens security after data breach

    In October 2014, JP Morgan Chase experienced a massive data breach that affected approximately 76 million users. This could be disastrous for a bank whose most important asset is its reputation for being able to protect customer’s assets.

    However, in a case study of how to successfully respond to a looming PR crisis, JP Morgan Chase quickly reached out to customers, doubled cybersecurity spending, and implemented measures to prevent a similar incident in the future.

    Wells Fargo’s downplays illegal activities

    In 2016, it was discovered that Wells Fargo employees had been creating two million fake accounts in order to meet sales targets. The public got knowledge of the illegal activity after the bank was fined $185 million by the Consumer Financial Protection Bureau (CFPB).

    Wells Fargo stated that the employees who committed the fraud comprised just 1% of the company’s workforce. This was seen as downplaying their responsibility, and the market reacted. Wells Fargo shortly after reported that its new bank account openings in October had dropped 44% year-over-year.

    The scandal resulted in massive news coverage, fines, civil lawsuits, and the resignation of CEO John Stumpf. Wells Fargo’s reputation suffered serious damage that continues to affect the bank to this day.

    Be prepared with a reputational risk management framework

    Learnings from cases in successful and unsuccessful handling of public criticism can be used to help other organizations prepare for similar situations by developing a reputational risk management framework. Let’s look at some of the measures that can be implemented by companies to decrease reputational risk internally and implement processes to be prepared in case of a controversy.

    Reducing reputational risk:

    There are several things companies can do to reduce the risk of reputational damage.

    1. Act ethically: Companies should implement a strong governance structure to ensure everyone in the organization acts according to ethical guidelines.
    2. Train employees: Employees should receive training in how to adhere to these ethical guidelines and how they should act in case of a crisis. A dedicated crisis response team could be set up.
    3. Communicate transparently: If the company communicates transparently to all stakeholders, they will not be surprised by bad news.
    4. Monitor risks: By implementing monitoring software, companies can identify potential risks so they can be mitigated in a timely manner.

    Crisis response:

    In case of an unintended incident occurring, internally or externally, the company should act according to the ethical guidelines established. Here are some general rules of how to respond:

    1. Be proactive: If a company discovers an error, it should be announced before news hits the headlines. This signals that the company does not hope it goes undiscovered, and gives the company control of how the story unfolds.
    2. Take responsibility: Apologize and demonstrate that the company takes responsibility for what has happened. This shows stakeholders that the company is aware of the mistake and intends on fixing it.
    3. Communicate quickly: Radio silence is not a good response to a crisis. Instead, a dedicated crisis response team should quickly communicate to all stakeholders and issue a public statement.
    4. Be transparent: Companies experiencing an incident with potential reputational impact should continuously share information about what transpired, how it affects stakeholders, and how they are correcting the error.

    Implement reputational risk management software in your organization

    As we have learned, reputational risk can come from internal and external factors and have drastically different outcomes depending on how it’s handled.

    To ensure that the risks can be responded to accordingly, they first have to be identified. A tool like Brandwatch helps companies protect their brand from threats by monitoring millions of sources and setting up real-time alerts so companies can respond before problems develop.

    Protect your reputation with Templafy

    With a tool like Templafy, companies can automate documents and manage content centrally to ensure that communication is compliant and streamlined – something that is imperative for reputational risk management.

    With validation features, Templafy removes content, format and layout inconsistencies to decrease reputational risk and give companies control of how their brand is perceived. Get started today – book an intro call with a Templafy expert.