Looking back over the last 12 months, corporate scandals continue with the finance industry seemingly always managing to make the headlines. Wells Fargo fake accounts in the US, CBA anti money laundering issues in Australia are two examples. The flow on effects from these scandals are often similar:
The ultimate cost to companies involved in these type of scandals are enormous and I'm sure, corporate governance and risk management get elevated as a priority. Albeit it too late.
The focus of many commentators on these events include that they are examples of "Reputation Risk". Whilst reputation damage is a major aspect of these events, further investigation using Bow Tie (Cause, Event, Impact) analysis provides a greater and more valuable insight into these scandals.
Using causes, events and effects to create a risk statement
"The Risk of... (Risk Event/s)... due to... (Risk Cause/s )... resulting in... (Risk Impact/s)..."
In the case of the Wells Fargo fake accounts scandal, we have:
The risk of:
Protecht has developed a Bow Tie App. Read more information here.
The Webster dictionary defines reputation as "Overall quality or character as seen or judged by people in general".
The use of the word "overall" suggests that one's reputation is comprised of multiple building blocks - customer service, corporate governance and ethical behaviour as examples. Often, however, we see "Reputation risk" being considered as a risk event when upon closer inspection, it is the end result of more specific risk events that can have a number of impacts.
So if you see reputation damage being assessed as a risk event, stop and ask yourself, what actual events would lead to our reputation being damaged and what would be the more specific impacts that can be associated with them.
In all likelihood, these will be the true risk events and impacts that should be assessed.
David Bergmark consults on a variety of market and enterprise risk management issues and is actively involved in the development and implementation of Protecht's risk management software (ERM and ALM). David started out in the audit division of Price Waterhouse in 1990, handling clients such as Macquarie Bank and Bankers Trust. By 1994 he was Risk Controller for Carrington Securities - a financial markets trading company. In 1996 David left Carrington to head up the Risk Management Department at IBJ Australia Bank (IBJA) where he was responsible for the development of all risk disciplines at the bank – market, credit, liquidity and operational.