Measuring Reputation Risk

An organization’s reputation is part of its intangible assets, which include brand, human capital, goodwill and knowledge base. Moreover, as such, it has value in the context of the organizations market capitalization.

The possibility with which reputational risks can emerge to damage companies has become extremely high. In a nonstop, globally connected business, a problem can arise in the organization or with a partner company that could spread virally through social media and escalates into a full-blown crisis. Most companies are not prepared for the damage that could happen from reputational harm.

Reputation is critical to the long-term health of any organization. Top performing organizations in the country regard their reputation as their most significant asset. The result of this regard in a strong reputation is more robust in the high regard of their reputation is a better share price performance and customer trust and the added value of the organization’s product. A good reputation helps companies deal with future crises by creating a reserve of goodwill (sometimes called, reputational capital or reputational equity). Depending on the crisis event this reserve of goodwill can bring an organization back from the brink of collapse and potentially spend a large amount of capital to recover their reputation in the public’s view. Business today must face the fact that Social media is a double edge sword. Using social media to market your organization is a recognizable force in PR it can also be the very force that would shut your doors, due to an adverse event to the reputation.

Good reputational risk management is more than responding to a crisis. It is about building the protections around the organization’s reputation and tracking and building the organization’s reputation every day. Some estimates provide support that a positive reputation is also the driver for being able to deliver resource growth, attract top talent and avoid ethical mishaps. These estimates can account for 70% of the gap between an organization book value and its ability to deliver market capitalizations. The impact factors to an organization’s reputation as found in a study performed by Edelman trust barometer. A distrusted organization will experience 57% of its stakeholders will believe negative information after hearing negative reputation information about the organizations. Moreover, only 15% will believe the positive information after hearing the negative information. On the flip side, an organization that has its reputation intact, over half of the stakeholders believe positive reputation information about an organization after hearing it on one occasion or maybe twice.

Reputational risk happens most times during an incident and never is the discussion of reputation management as a daily practice. Reputational risk suffers from an industry-wide lack of definition. Because of this lack of definition in reputation risk means that organizations perceive it in different ways. Many view reputations as a risk of risk. Many do not even classify it as a risk category, but instead, it is perceived as an organizational impact.

Most things with an Identified High level of risk severity that affect large organizations have an impact on their reputation and even more so with startups and small business that share the same high level of risk. In today’s reputational protections organizations must go further and think about reputation risk other than financial risk.

1. Reputational risk can include

2. Product and its support

3. Financial strength protecting share price

4. Compliance, Regulatory, industry, ethics.

5. Litigation

6. Negative brand perception

7. Loss of key employees/ ability to recruit employees.

Measuring the impact to an organization’s reputation can be a challenge. However, it is possible to quantify reputational risk, both regarding the severity and likelihood of the risk, and financial impact. 43% of organizations worry about the loss of earnings from reputational risk, any number of reasons, could bring about economic consequences including loss of customer business to government compliance regulators or industry compliance regulators. These all have a bearing on an organization’s future performance and competitive position. Many senior executives recognize the threat to an organization’s lifespan from the damage of reputation, however quantifying the reputational risk remains a challenge for many organizations. The quantification of risk within the reputation remains subjective. Reputational risk increases with the size of the organizations and its complexity. Reputational risk events clearly can have a quantifiable impact, like fraud or breach (Material or Cyber) whereas fraud can influence market value and can lead investors to question the quality of management. Material and or cyber breach can have an immediate effect on customer relations and in some instance, may end the relationships. These quantifiable impacts can have broader financial implications. Potential customers may be discouraged from doing business with the organization. Investors may be deterred from buying company shares in the future. Regulators may impose a heavier compliance burden, and suppliers may be more reluctant to extend favorable credit terms or even do business with the company. When we think of quantification of reputation risk addressing the complexity becomes the biggest challenge. For example, does the damage come after a run of events that have affected the reputation of the organization? Moreover, how quickly was it able to reassure stakeholders that the underlying problems have been addressed. These two questions that address the extent of loss show that there are subtleties in the quantification of reputational risk which in the end rely on several assumptions, which will make the quantification of the risk to the reputation a subjective measurement.

The most crucial step in managing reputational risk is the initial identification of those factors that could impact reputation, either positively or negatively. There lies the rub finding a starting point. Key drivers of reputation include seven-pillar reputation bases that support an organization:

1. Financial performance &long term investment value

2. Governance and leadership

3. Social responsibility

4. Workplace talents and culture

5. Delivering customer promise

6. Legal and regulatory compliance

7. Communication and crisis management

Identification of the reputation drivers helps to build a heat map highlighting reputation risk that should be measured and tracked.

Each of the seven reputation pillars must be examined in more detail, to identify the interactions between the components and to determine potential conflicts.

Regulatory compliance

Dealing with regulations today in the business world has become a critical part of any organization’s reputation.  Compliance has become the new Important business process, From the reputational risk perspective, compliance failures send out a message that companies may be failing to manage the broader risks to the organization. When an organization fails to meet regulatory requirements, then it is going to have a disproportionate impact on the reputation of the organization if there is a breach or mismanagement of a core risk. Regulatory problems leave open allegations of wrongdoing and, in the current environment, the media and the public think the worst of an organization. Organizations that miss the compliance or is not compliant the general perception is mistrust.

There are three identifiable steps for reputation risk management. reputation risk differs from other organizational risk categories in that external perceptions entirely define it. The main thing to remember an organization can take steps to enhance its reputation however at the end of the day the organization does not control it. Organizational reputation perception consists of a combination of acuities held by external stockholders. Much of the time this perception does not reflect reality.

There are some simple steps that any organization can take to measure things more systematically. Such as directly testing the opinions of the public as well as critical stakeholders, through surveys, forums and focus groups. Collect and analyze data on social media pages relating to brand perceptions. While the effectiveness of the organization’s reputation can be measured by:

1. Installing a process of reputational risk management throughout the company

2. Identifying threats to reputation

3. Crisis management

4. Putting in place governance’s structures to manage reputational risks

5. Ensuring that reputational risks are managed across the entire supply chain

6. Restoring reputation following a risk event

7. Quantifying the financial impact of reputational risk

8. Measuring external perceptions of the company

Installing a process of reputational risk management throughout the organization is the core piece to succeeding in managing reputation risk. By introducing the metrics to measure risk on important organization decisions and product, deployment adds another layer of management to the reputation the other component is the tie into crisis management and Business Continuity. Many reputational risk events do not result from the first crisis, but from how well the company responds to the crisis. If the organization has the right processes and approach to dealing with a crisis, it can protect its reputation, and even enhance the reputation standing. However, failure to manage a crisis effectively will lead to reputational damage that will be difficult to repair.