Introducing Marketplace: Fast-track your ERM system implementation
Learn More

Looking back over the last 12 months, corporate scandals continue with the finance industry seemingly always managing to make the headlines. Wells Fargo fake accounts in the US, CBA anti money laundering issues in Australia are two examples. The flow on effects from these scandals are often similar:

  1. Executives and CEO's involved are ushered out the door - key person risks arise.
  2. Fines were or will be imposed by regulatory agencies, which seem larger and more punitive in recent years.
  3. Class action lawsuits are attempted on behalf of disgruntled shareholders resulting in additional legal fees and potential settlement costs.
  4. Strategic growth objectives are derailed, as the companies involved need to batten down the hatches to recover from the scandal.

The ultimate cost to companies involved in these type of scandals are enormous and I'm sure, corporate governance and risk management get elevated as a priority.  Albeit it too late.

The focus of many commentators on these events include that they are examples of "Reputation Risk". Whilst reputation damage is a major aspect of these events, further investigation using Bow Tie (Cause, Event, Impact) analysis provides a greater and more valuable insight into these scandals.

Using causes, events and effects to create a risk statement 

"The Risk of... (Risk Event/s)... due to... (Risk Cause/s )... resulting in... (Risk Impact/s)..." 

In the case of the Wells Fargo fake accounts scandal, we have:

The risk of:

  • creating fake client accounts (internal fraud)

Due to:

  • unethical staff and excessive sales targets

Resulting in:

  • Financial loss - loss of shareholder value,  legal fees and regulatory fines  (USD 185 million)
  • Global adverse media coverage.
  • Non compliance with banking laws.
  • Departure of key executives (CEO resigned)


Bow Tie Analysis in Protecht.ERM

Tell your risk story by linking causes, events, impacts and controls in a Bow Tie Analysis. Learn more about making Risk Bow Ties in Protecht.ERM here.


 

The Webster dictionary defines reputation as "Overall quality or character as seen or judged by people in general".

The use of the word "overall" suggests that one's reputation is comprised of multiple building blocks - customer service, corporate governance and ethical behaviour as examples. Often, however, we see "Reputation risk" being considered as a risk event when upon closer inspection, it is the end result of more specific risk events that can have a number of impacts.

So if you see company reputation damage being assessed as a risk event, stop and ask yourself, what actual events would lead to our reputation being damaged and what would be the more specific impacts that can be associated with them.

In all likelihood, these will be the true risk events and impacts that should be assessed.

What Next?

There has been a big focus recently on non-financial risk management which includes reputational risk event management among others. Read more about the main reason for the current focus here: Non-Financial Risk - Why the big focus?

Check out our free educational webinars for ideas on other risk management opportunities and how you can leverage them to meet the risk management goals of your organisation.

 

Related Articles

feature image
Compliance Management, GRC

ISO 37301: your next step in compliance?

Investment in compliance management continues to grow exponentially. In Macquarie Group’s latest financial results, compliance spend amounted to 17%...
Read more
feature image
Compliance Management, Risk Management, Risk Manager

Are you allocating enough resources to compliance and risk management, and are you getting a positive ROI?

Macquarie Group has disclosed in its latest financial results that the group spent $785 million on compliance in the year to 31 March 2022, a 22%...
Read more
feature image
Risk Management, ERM, Protecht.ERM

Risk Appetite Driven Decision Making

"Would you rather?" is a party game that poses dilemmas by asking questions starting with "would you rather?". As an example: Would you rather be...
Read more