Stay current on changes and developments in corporate law with a wide variety of resources and tools.
By Patty P. Tehrani
Patty P. Tehrani, Esq., is an experienced compliance attorney and has nearly 20 years’ experience in compliance including senior in-house roles at top financial institutions, authoring articles and blogs, and compliance consulting engagements. She has created a series of tools, guides, and reference materials on governance, risk, and compliance functions—including guidance to help establish reputational risk frameworks—available in the compliance-focused practical guidance on Bloomberg Law’s Corporate Practice Center.
Does your organization know the importance of its reputation? Warren Buffett (Chairman and CEO, Berkshire Hathaway) said years ago: “It takes 20 years to build a reputation and five minutes to ruin it.” Recent scandals confirm that even hard-earned reputations can be vulnerable via social media and ongoing news coverage. The impact is faster and more enduring, leaving a once impeccable reputation tainted or irrevocably damaged.
Most organizations understand that their reputation has value and know the benefits reaped from a good one but struggle with how best to protect it. The enduring trust of customers, investors, suppliers, regulators, employees, and other stakeholders boosts the organization’s confidence and its bottom line, but a weak or damaged reputation can lead to shareholder dissatisfaction and loss of revenue.
This article focuses on using a dedicated framework or program to anticipate reputational risk and provide defined measures to prevent, detect, and manage them. If designed/implemented properly, the program would align organizational values with what it does (or does not do) in response to a crisis.
As a first step, an organization should define reputational risk based on its operations, values, and vulnerabilities. Your definition should be able to answer questions like the following:
And make sure the defining process is collaborative. Get input from different groups/functions within your organization, document it, and then review it periodically for effectiveness.
Defining reputational risk is not the finish line. Your organization needs to also determine how it will manage it. Even the most mature organizations struggle with how best to manage their reputation and the conduct that can negatively impact it. It’s not that these organizations ignore these risks. Many have well-established compliance and risk management frameworks, but they often omit reputation in these controls only to be forced to address these risks when facing a crisis. With little to no focus on long-term repercussions, pitfalls abound amid the rush to react to a crisis, especially when there has been no proactive strategy to assess and minimize reputational risk:
A program’s success requires ongoing support at the highest levels of management. Don’t stop there — make sure your employees are aware of their role in protecting the organization’s reputation. Integrate reputational risk considerations into regular training and reminders. Even the third parties engaged by your organization must know the program and their responsibility for safeguarding your organization’s reputation.
At a minimum, don’t wait to be amid a full-blown public relations crisis or other difficult situation to start your efforts. Unless your organization is well-positioned to act swiftly and effectively to change or avoid a negative event, outcomes could be severe if not irreparable. Having a dedicated framework allows your organization to identify potential risks in advance, to prevent the preventable, and to quickly deploy measures to manage them.
The reputational risk materials in the Bloomberg Law practical guidance library include outlines for developing a framework and other critical reputational risk considerations:
The materials also provide sample policy and employee communication templates for raising awareness and reinforcing the importance of your program.
There should be a structured approach to establishing and ultimately maintaining your reputational risk program. Consider the practical guidance materials, which set a suggested outline for a step-by-step development process summed as follows:
Step 1: Establish Team and Define Plan.
Step 2: Identify and Measure Reputational Risk.
Step 3: Define and Maintain Response Measures.
Step 4: Establish and Maintain Reputational Risk Program Policy.
Step 5: Integrate Program into Controls and Operations.
Step 6: Response/Communications Plan.
Step 7: Establish Reputational Risk Reporting and Metrics.
Step 8: Educate and Train.
Step 9: Monitor and Test.
Step 10: Maintain Program.
Keep in mind that the program can stand on its own or part of an existing program. However, if your organization elects to establish its reputational risk program, make sure it has dedicated and sufficient resources for proper maintenance.
In the end, building a good reputation may take years to achieve but protecting it will be easier if there is continuous support of these common principles:
R – definition of reputational risk
E – expectations set in a policy
P – promotion of compliant and ethical controls and actions
U – understanding of and defined approach to mitigate risks to reputation
T – tone at the top through engagement of senior management
A – alignment with organizational culture and values
T – training on program
I – inventory and integration of reputational risk triggers
O – oversight by a cross-functional team
N – new products and certain transactions
The Bloomberg Law practical guidance materials can help establish a framework factoring in these principles and ultimately protecting your organization’s reputation.
Copyright © 2018 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)