client login    languages

Why Reputation Risk is Quickly Climbing the Ethics and Compliance Priority List, Part 3 | Beyond Compliance Training

Request A Demo of Our Ethics And Compliance Solution

Why Reputation Risk is Quickly Climbing the Ethics and Compliance Priority List, Part 3 | Beyond Compliance Training

So far in this series, we’ve discussed why companies are adopting a more public focus on ethics and compliance, how reputational risk can impact a company and its brand, and the first three elements of a five-part framework for determining the impact of a reputational risk event.

Today, we’re going to discuss the last two elements, as well as share some tips for better brand resilience from Christopher McClean, Vice President and Research Director for Forrester Research’s Security and Risk division.

5 Elements of Determining Reputational Impact

Here are the last two elements of the five-piece framework for determining the impact of a reputational risk event. (Missed the first three? Find them here!)

Previous Reputation

Sony has had a poor reputation concerning information risk management in the past, to the point that security experts have speculated that Sony “executives didn’t care,” which resulted in several breaches over the past 2 years. When something happened, no one was surprised, which made them look negligent. When the Anthem breach happened, they didn’t have that kind of reputation. Ask yourself, are people likely to say, “We expected this – we know they just don’t pay enough attention to ethics and compliance”? Clearly, a breach is never ideal, but companies that with better reputations tend to weather the storm better.

Scope of Violation

Siemens received the largest ever FCPA enforcement penalty at $800 million. If you look at the SEC and DOJ reports on Siemens, they explain why their enforcement action was so high, which was that the problem was pervasive. Internal practices made it easy for people to bribe foreign officials, and in some cases even encouraged them. Compare that to Morgan Stanley – a few years ago, a single individual was fined as a single actor. The regulators said this was a one-time issue, not a pervasive cultural issue, and a as a result declined to prosecute the company. You have a reputation with regulators, examiners and law enforcement, as well as with the public. You want to be able to let those people know, “We’re doing everything we can to build an ethical culture with documentation, training, attesting to policies, etc.” You’re creating a reputation based on participation of your employees.

Brand Resilience

A resilient brand is one that, after a risk event occurs, retains the loyalty of customers and other stakeholders. The idea behind brand resilience is that the brand promise and brand experience match. People stay loyal after a risk event to a resilient brand because they can say, “This is still a company I believe in.”

You start to have a vulnerable brand when these two things are misaligned. Good examples of recent trust breaches would be apparel companies whose executives have made statements like, “These types of people should not shop in our stores or wear our clothing.” That is a serious breach of trust – you go to these apparel companies thinking, “This is going to be a reflection of my body image or how I look.” And these companies are essentially saying, “We don’t want people like you.” That’s really hard to recover from. In that case, you can clearly see where the customer’s brand promise and brand experience are wildly divergent.

Tips for Success

Christopher McClean of Forrester Research shared three tips for success to guide you as you craft your strategy for mitigating reputational risk.

  1. Assess your customers’ expectations. Do your customers care about CSR, do your investors care about environmental practices? What’s the damage if things go poorly? If customers care a lot about CSR, and you mess something up in that arena, the reputational impact could be disastrous.
  2. Tie your internal ethics and compliance communications to your external brand values. Think about things like your CSR and sustainability reports, privacy statements and how you can marry those with the public brand promise.
  3. Measure success by level of support for business performance metrics, including customer satisfaction and loyalty. You can show that when things go wrong, customer satisfaction and loyalty go down. Value statements can show correlation with a rise in customer loyalty.

Share Your Thoughts with Us

We’d love to hear from you! What advice would you add? How does your company manage reputational risk? You can share your thoughts with us by commenting on the blog, messaging us on JDSupra or messaging me directly on LinkedIn. We look forward to hearing from you – and don’t forget to check back next week for Part 3 of this series!

PS: Want to watch Christopher McClean, Vice President and Research Director for Forrester Research’s Security and Risk division, and Jimmy Lin, The Network’s Vice President of Product Development and Corporate Strategy, discuss all this and more? Download our on-demand webcast, Managing Reputation Risk Through Ethics and Compliance.

For More Information About Mitigating Reputation Risk with Ethics and Compliance Training, Check Out These Resources:

About the Author

Pia Adolphsen, Associate Manager of Marketing Content Strategy. Pia leads content strategy at The Network. Previously, she led client advocacy and marketing initiatives in the competitive intelligence industry. She is strongly in favor of lattes, 1.0mm pens, and her Georgia Bulldogs. Connect with Pia on LinkedIn

Leave a Comment

We would be glad to get your feedback. Take a moment to comment and tell us what you think.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

 
Awards & Certifications 2013 GRC 20/20 Technology Innovation Award 2013 TAG Top 40 Innovative Company 2012 IABC Gold Quill Award 2012 MarCom Award We self-certify compliance Safe Harbor Safe Harbor Certification SOC 2 Certification