About Me

This blog carries a series of posts and articles, mostly written by Anthony Fitzsimmons under the aegis of Reputability LLP, a business that is no longer trading as such. Anthony is a thought leader in reputational risk and its root causes, behavioural, organisational and leadership risk. His book 'Rethinking Reputational Risk' was widely acclaimed. Led by Anthony, Reputability helped business leaders to find, understand and deal with these widespread but hidden risks that regularly cause reputational disasters. You can contact Anthony via anthony.fitzsimmons At cranfield dot ac dot uk

Saturday, 22 October 2011

Ethos and Leadership

The latest 'Index of Leadership Trust' survey by the ILM and Management Today makes worrying reading for those who recognise the importance of 'soft' risks.
"[H]alf the people surveyed thought that their organisation puts financial performance ahead of ethical considerations, and 48% and 44% say the same of their CEO and line manager."
One of the lessons from 'Roads to Ruin' is that ineffective leadership on ethos and culture is a major but unrecognised cause of corporate failure.

It doesn't only matter when the organisation is rotten at its core, as were Enron and the Independent Insurance Company.  It matters just as much when leaders have sound ethical ideas but fail to embed them throughout the organisation.  This seems seems to have been the problem at BP.  There, a disconnect on ethos and culture on safety between BP's aspirational board and the reality of its American operations led to a series of crises that came close to disaster for BP's shareholders.

Almost half the survey's respondents thought their leaders put profit before ethical considerations.  That probably means half the organisations surveyed had the same weakness.  Other results of the survey suggest that this type of weakness may be more prevelant in larger organisations.  Other findings from 'Roads to Ruin' suggest this is likely.

Many people see ethos as a nice-to-have.  The ILM puts it as a factor in earning trust of employees. Ed Milliband sees it as a way to divide the business world into "producers" and predators".  But 'Roads to Ruin' demonstrates that inadequate leadership on ethos and culture is an important example of a potentially catastrophic 'soft' risk.  It's hard to self-test on risks like these because of cognitive biases.  Self-testing can easily entrench dangerous self-delusions.

Risks related to ethos and culture may be soft by name, but 'Roads to Ruin' shows how easily they lead to disastrous consequences.  It's not just about dishonesty as discovered, too late, at Enron and Independent Insurance.  It's about effective leadership on ethos and culture - and how unrecognised incentives can derail the best intentions.  Ask BP's longstanding shareholders. 

Anthony Fitzsimmons


 Anthony Fitzsimmons is Chairman of Reputability LLP and author of “Rethinking Reputational Risk: How to Manage the Risks that can Ruin Your Business, Your Reputation and You

Monday, 3 October 2011

Chief Risk Officer becomes CEO

Congratulations to Amer Ahmed, the Chief Risk Officer of Allianz Re, the reinsurer, now appointed Chief Executive of his company.

This may be a better outcome than for RBS, the bank that lost CRO Nathan Bostock to a competitor. But promoting a CRO to CEO is not without risks.

It's not just a question of the incentives working on an ambitious CRO.  There is the question whether the new CRO can ever be in effective control of risks emanating from a predecessor so respected as to become CEO.

And there is a fundamental problem similar to but different from that of bank traders having back-office experence.  Jerome Kerviel's compliance team experience helped him to evade Soc Gen's risk controls; and UBS may have had the same problem with Kweku Adoboli.  Its a risky policy to allow risk people to acquire executive control.

The best solution remains persuading CROs that being CRO is a career destination.  Barclays Bank  seem to be having some success with Robert Le Blanc at a cost that is modest at least in in banking terms.

Anthony Fitzsimmons

Wednesday, 7 September 2011

Musical Chairs

In March I wrote that Chief Risk Officers needed skills and intellegence to the level needed by CEOs - but that this would give Boards a challenge:  How do you keep the CRO in post for a decent length of time?

The problem is now illustrated by real life.  Nathan Bostok became CRO at RBS in March 2009, to sort out RBS' Augean Stables with their $380 billiion or so of toxic assets.

Having learned that Stephen Hester is not planning to leave his RBS CEO post any time soon, Bostok will be off to Lloyds Bank in the New Year, where he will be CEO of Wholsale Banking.  More stable cleaning will probably be involved, but the thrust of the new job is apparently to grow the wholesale banking business.  Further experience for a CEO job.  Well done Mr Bostock; but RBS loses his intimate knowledge of RBS' business after only 3 years in post.

A perpetual game of Musical Chairs - which will cause few losers among good CROs - will be bad for complex institutions.  They need CROs of great talent; but they also need continuity of leadership in risk management and risk strategy.    Achieving both will be an important challenge for Audit Committee Chairmen.

Channelling CRO ambition will be a part of the solution.

Anthony Fitzsimmons

Tuesday, 19 July 2011

"Roads to Ruin" is published

What causes organisations to face existential crises? And what turns crises into catastrophes?  "Roads to Ruin", a new report from the Cass Business School for Airmic, the risk managers' association, analyses the entrails of over 20 major crises of various shapes and sizes.  The report was previewed here last month.

The conclusions are stark.  As Anthony Hilton summarised it in today's London Evening Standard, the reasons for failure often emanate from the very top.  Inadequate board skill and poor leadership on ethos are a recurring cause of crises.  And adapting the title of an earlier blog, he wrote: "Too many boards live in a rose-tinted bubble". 

He also highlighted poor internal communication as a source of much of the problem, made worse by the insufficiently high status of risk professionals.  This issue was flagged here last year as regards the financial sector.  Since then, RBS' Chief Risk Officer has taken the road to becoming a bank CEO, fulfilling a prediction of problems that are developing with the arrival of CEO-calibre CROs.

Nick Edwards' interview for Reuters is here.  And Carly Chynoweth wrote a piece on the implications for NEDs in the Sunday Times.

An executive summary of the Report is still available free of charge here; where you will also find a link to buy a copy of the full report from Airmic.  Its well worth reading.

Anthony Fitzsimmons

Friday, 15 July 2011

Police seige intensifies

The reputation of the Metropolitan Police continues to be under seige as Sir Paul Stephenson's former personal PR consultant was arrested yesterday.

The Daily Telegraph reports that the Met's Commissioner Sir Paul Stephenson, employed a former News of the World Executive Neil Wallis as his personal PR consultant from October 2009 to September 2010.  A member of both the newspaper editors' code of practice committee and of the Press Complaints Commission, Mr Wallis was arrested yesterday on suspicion of phone hacking.  Calls for Sir Paul's resignation have begun.

The reputation of the Met is being eroded at an alarming rate.  Things will continue to get worse until its leaders acknowledge the full extent of what is wrong and set out to fix the fundamentals.  PR won't fix anything.  It will only store up more trouble for the future

The Metropolitan Police Authority faces a challenge.  They need a police chief who is not only competent but also sufficiently free of baggage and independently minded to be able to recognise and deal with the Met's fundamental problems.  These urgently need fixing by someone who is determined to see and understand what they are.  The question is whether any career policeperson can have enough detachment.

Time for a very senior commander of intelligence and integrity to be snatched from the Military?  Some have considerable experience of security issues if not of policing.

Anthony Fitzsimmons

Thursday, 7 July 2011

Police under Siege

It isn't just the News International that faces a whirlwind similar to that faced by BP.  London's Metropolitan Police faces one too.

The crumbling of the News of the World - or even its UK stablemates - may annoy some in the UK, but any gap will soon be filled by the market.  Indeed the Sun may soon start shining for NoW readers every Sunday.  But a collapse of confidence in the Metropolitan Police would be a calamity of a different order of magnitude.

Over the last few years, a succession of Metropolitan Police tactics have alienated increasingly large sections of the population. The use of "Stop and Search" powers alienated youths and visibly ethnic minorities. Use of  similar anti-terrorist powers has alinenated many muslims including some of the police force itself. The Met's reluctance to countenance the possibility of error - not to mention allegations of covering up - in response to the deaths of Charles de Menezes and Ian Tomlinson are just two examples of circumstances that have undermined trust with other sections of the UKs population.

The latest allegations are far more corrosive.  It is alleged that some policemen received large sums from the News of the World in exchange for inside information. There is also the possibility that something - whether more money, personal relationships, the desire for positive newspaper coverage, the scope for mutual blackmail or something else - led the Metropolitan Police to hold back from investigating the News of the World phone hacking allegations.  If true, this could easily cause trust in the police to plunge to depths not previously seen.  And to paraphrase Warren Buffet, you can lose trust in minutes but it takes years to build it.  Traditionally the UK's police were seen as trusted members of the community.  Without trust, traditional style policing won't work. 

Its no wonder that the Met has become obsessed with managing its reputation with the 'silent majority' that it relies on for support.  Brian Paddick, the well known former Deputy Commissioner of the Met, is quoted by the Financial Times as saying:
“The police tend to be obsessed with reputation management because British policing is based on the consent of the public and it is important to keep the trust and confidence of the public.”
Unfortunately, the Met is addressing the wrong problem.  Reputation management isn't the answer.  As Julian James, then trying to rebuild Lloyd's then battered reputation, perceptively put it:
"You soon discover that it can't be done by clever marketing or spin. You have to fix the fundamentals."
Fixing them doesn't mean fixing just the bribery allegations and the other historical grievances. It means fixing the causes: these probably include the culture, ethos and behaviour of the police and its leadership.

An imminent study of mainly private sector crises, will set out nearly twenty under-recognised but fundamental areas that can destroy both reputations and the organisations that own them.

From the outside, many - perhaps most - of the fundamentals highlighted in that report seem to need fixing at  the Met.  It will also have to exorcise the effect of what too many citizens see as a toxic track record.

The rehabilitation of the Metropolitan Police can't start too soon.

Anthony Fitzsimmons

Wednesday, 8 June 2011

"Roads to Ruin"

Described as "Groundbreaking" by Julian James, CEO of Lockton UK, this study examines the underlying causes of over 20 major corporate crises.  This Cass Business School report was researched on behalf of Airmic.  The team, led by Professor Chris Parsons, included Anthony Fitzsimmons and Professor Derek Atkins, two members of Reputability's own team.

The Executive Briefing, released on 6 June 2011, is based on 18 case studies of high profile crises. They were triggered by events ranging from product contamination, explosions and crashes through derailed projects and IT failures to executive fraud.

Companies studied include AIG, Arthur Andersen, BP, Cadbury's Coca-Cola, Airbus, Enron, Firestone, Independent Insurance, Maclaren, Northern Rock, Shell and the French bank Societé Générale, with aggregate pre-crisis assets of over $6 Trillion.

Most companies involved had their reputations damaged or wrecked.  Only a few avoided immediate reputational damage, but that is to igonore latent damage.  Owners saw the value of their shares destroyed on a massive scale.

After stripping away the immediate triggers for the crises, the Executive Briefing  identifies seven key areas of underlying risk that are not captured systematically even by state-of-the-art risk analysis.  All are risks to reputation - and potentially to the long term survival of the business.  These underlying risks, which all have to do with the behaviour of people individually and in the context of their organisation, arise from:
  1. Inadequate board skills and inability of NED members to exercise control
  2. Blindness to inherent risks, such as risks to the business model or reputation
  3. Inadequate leadership on ethos and culture
  4. Defective internal communication and information flow
  5. Organisational complexity and change
  6. Inappropriate incentives, both implicit and explicit
  7. ‘Glass Ceiling’ effects that prevent risk managers from addressing risks emanating from top echelons 
These findings present three challenges to the risk community:
  1. To develop a systematic approach to finding these 'missing' risks;
  2. To develop the requisite new skills in risk analysts and managers; and
  3. To persuade boards that there is a problem - and to deal with it.

They also present a challenge to boards:
"[T]hese risks will remain unmanaged unless boards - and particularly chairmen and NEDs - recognise the need to deal with them.  Boards will also need risk professionals with enhanced vision and enhanced competencies to help them do so."

The role of the risk manager has evolved over the last 50 years. This report shows that the techniques of risk analysis and management will have to evolve further.  And those in charge of analysis will have to learn how to bring sometimes unpalatable truths to Power.

The full report will be published in July.

For further reading, try this for more on the information disconnect between boards and their companies; and this on changes in incentives in the banking, legal and accounting sectors; and this for ideas on how the role of Chief Risk Officer might develop.

Anthony Fitzsimmons

Thursday, 28 April 2011

Berkshire Hathaway's Dilemma

It isn't often that a company publicly - and rapidly - reports on a breach of its ethical code.

On 30 March, the FT reported the resignation of David Sokol, hitherto seen as a possible heir to Warren Buffett.  Buffett's response to the resignation seemed mild given that there appeared to be a cloud over Sokol as he left.

The sky has now cleared - with a robust report by Berkshire Hathaway's Audit Committee.  Trenchantly critical of Sokol, the report was published partly to clear the air and partly to illustrate how Berkshire views threats to its reputation.  Sokol has protested his innocence.

Even if the Audit Committee is right, there is no evidence that this was anything more than an isolated breach of Berkshire's ethical principles.  But if there was any other impropriety at Berkshire, they must get on top of it before anyone else discovers it.  The reputational risk is particularly high.

Buffett's bienniel letter to his top managers wisely includes the following (here at page 26)
"If you see anything whose propriety or legality causes you to hesitate, be sure to give me a call. .....[and] let me know promptly if there’s any significant bad news. I can handle bad news but I don’t like to deal with it after it has festered for awhile. "
Buffett has a choice.  He can hope that his staff revisit his letter and voluntarily tell him if they are aware of any possible impropriety; or he can actively make sure that Sokol's act was an isolated one. 

Making sure is a tougher way to go: but were Berkshire pre-emptively to discover and deal with any other impropriety, they could well suffer modest or no reputational damage.  Were such mis-deeds to emerge independently, the damage would be far greater.

Buffett has repeatedly emphasised that Berkshire's appetite for reputational risk is zero.  The active investigation route is the only way in which Berkshire can be reasonably confident of keeping their reputation substantially undamaged.

And that reputation has a distinct value to its shareholders.  It is one of the reasons why Berkshire Hathaway shares trade at a significant premium to their reported asset value.

Anthony Fitzsimmons

Monday, 25 April 2011

PWC appoints Reputation Tsar

It takes years to build a reputation and minutes to lose it. Since it gives a company its 'licence to operate' as a respected citizen of the world, its loss can be devastating.

Things are far starker for pure service providers such as lawyers and accountants.  They have few assets beyond human wits and their reputation.  Their ability to attract clients and to borrow depend on it.  It is by far their most valuable and important asset.  The redoubtable Lex has suggested that regulators should attack accountants' reputations, and the House of Lords has been critical of the "disconcerting complacen[cy]" of the Big Four in relation to their role in the financial crisis.  

Now PWC is appointing a reputation tsar,  Richard Sexton.  To judge by the Telegraph's report, Richard Sexton's focus will be on reputation management.  If so, PWC is making a common mistake in trying to fix its reputation.

The task PWC needs to address is more profound.  They need to fix the fundamentals.  That means finding - and admitting to and dealing with - more profound problems than how regulators and politicians see you.

The stakes are high, and not just for PWC.

Anthony Fitzsimmons

Tuesday, 19 April 2011

Performance related pay

Here is a thoughtful  FT article by the LSE's Richard Layard on performance related pay.

Once you have read that, you may wish to look at "Limited liability, increased risk", "Does bonus size matter?" and "Extracting bankers from the doghouse", which look at incentives such as bonuses through a variety of lenses.

Happy reading

Anthony Fitzsimmons

Thursday, 7 April 2011

Unknown Knowns

 Berkshire Hathaway is having a surprising spot of bother.  One of its leaders - some say Buffett's preferred successor - has left under what looks like a cloudThe commentariat is pontificating

Warren Buffett clearly understands the principles.  For many years he has published these instructions (see page 26 here) to his CEOs.

"The priority is that all of us continue to zealously guard Berkshire’s reputation. We can’t be perfect but we can try to be. As I’ve said in these memos for more than 25 years: “We can afford to lose money – even a lot of money. But we can’t afford to lose reputation – even a shred of reputation.” We must continue to measure every act against not only what is legal but also what we would be happy to have written about on the front page of a national newspaper in an article written by an unfriendly but intelligent reporter."

Implementation is harder.  It is well nigh impossible for a group to see itself as others see it, and this is as true for leadership groups as for scout troops.  And it is easy for a sense of "this is what is normal around here" to develop.  Buffett foresees that too, in the same letter:

"Sometimes your associates will say “Everybody else is doing it.” This rationale is almost always a bad one if it is the main justification for a business action. It is totally unacceptable when evaluating a moral decision. Whenever somebody offers that phrase as a rationale, in effect they are saying that they can’t come up with a good reason. If anyone gives this explanation, tell them to try using it with a reporter or a judge and see how far it gets them."

Leaders need more than Buffett's principles to guide them.  They lack a means of discovering unknown truths.  Some are things that the organisation can't see.  Others are truths that can't be told to Power.  Some leaders find it hard to listen and others tranlsate what they hear to fit their world view.  But without the knowledge, leaders have no chance to fix the problem before an "unfriendly but intelligent reporter" reports it.

Uncovering these uncomfortable truths is not easy, but success is worthwhile.  What Donald Rumsfeld might have called "Unknown Knowns" (see the first Q&A here) includes potentially catastrophic risks that are often fundamental to the business and its reputation.

The key to finding unknown knowns is to make it safe for people to tell and ensure that those who need to listen do.  This is the aim of  'Resilience Evaluations'.

But as unknown knowns they remain unrecognised and unmanaged by leaders.  When the wrong kind of spark arrives in the wrong place at the wrong time, they will discover another unknown known.  They were sitting on a powder keg primed with a painfully short fuse.

Anthony Fitzsimmons

Friday, 1 April 2011

Reputation and Nuclear Power

The reputation of the nuclear power industry and its regulators has been shaken by the Fukushima nuclear power station crisis in Japan, which brings back memories and concerns that followed the Three Mile Island (1979) and Chernobyl (1986) disasters.  Here are a few thoughts on how the nuclear industry can bring its reputation to that which it deserves.

First, the public needs reliable facts.  The nuclear power industry is notoriously secretive.  The resulting lack of transparency is not likely to encourage good safety practice. To start recovering its reputation, the industry needs to be inspected thoroughly and independently with the conclusions published.  And independently means independently of regulators.  History has too many tales of ineffective and incompetent  regulators, not to mention regulatory capture, for regulators to be universally trusted.

Here are some key questions.
  • What is the physical condition of each nuclear facility
  • How well is it run? 
  • How robust is the system, particularly if something starts to go wrong?
  • How could it go wrong?
  • How well is it prepared for mishaps or worse? 
  • How effective is its regulator?
BP was a highly respected company, but the authoritiative and independent  enquiries into the Texas City and Deepwater Horizon disasters showed unacceptable levels of equipment maintenance and management even if some of it had been inherited.  And Deepwater illustrated regulatory ineffectiveness, capture and worse.  If the nuclear industry is as good as it claims to be, it has nothing to fear from transparency.

Second, there needs to be a thorough, dispassionate assessment of the economic up- and down- sides of nuclear energy at the economic level, including a life-cycle analysis and risk.  Nuclear power reduces dependence on oil and coal, but a nuclear accident can bring huge cost and disruption to an economy.
  • How comparable, economically, is a serious nuclear accident to a major oil shock?  
  • How frequently can we expect one to happen?
  • With what economic consequences? 
  • How should we value the long term benefits and disbenefits?
Nuclear accidents are thankfully of low frequency - three in the last 32 years.  But the nuclear industry may well have been foooled by randomness into thinking that it is safe and well run. If the population of reactors doubles, it is quite possible that a major nuclear energy disaster every 5 years will come to be expected - just as there is a major banking crisis somewhere in the world every ten years

This is a serious task for independent multidisciplinary teams since the assumptions made must be realistic.  Poor modelling on inappropriate assumptions is one of the reasons that so few foresaw the latest banking crisis.  (Regulatory failure and capture were others.)

Third, governments must move beyond prevaricating about the long term storage of nuclear waste to constructing and using long term storage.  Temporary storage of nuclear waste dumps the problem on future generations.  This weighs heavily on how the public views nuclear power because the public is at times surprisingly - perhaps reassuringly - concerned about bequesthing dangerous problems for its grandchildren and beyond.

Fourth, since nuclear radiation does not stay within borders, nuclear regulation must become international.  There needs to be a network of nuclear industry policemen and regulators. They should linked internationally and, ideally, be independent of government and the military.  They need teeth, including the power to shut nuclear power stations if they are not being operated to the required safety standards.

Without information on the first two areas, there can there be no well-informed public debate on the risks and benefits of nuclear power to current and future generations.  Without resolution of all four, the nuclear industry and its regulators are unlikely to be trusted.  And without trust, the industry will face continual opposition from the public.

Whilst politicians can be won over by the industry's lobbying, politicians regularly face re-election. Nearly ten years ago, the perceptive Anthony Hilton observed that technology now allows public to mobilise against the Establishment.  That keeps pressure on politicians between elections.

Anthony Fitzsimmons

Thursday, 24 March 2011

Limited Liability, Increased Risk

Once upon a time, most financial, law and accounting firms were true partnerships.  The partners shared all the profits, but if anyone in the partnership made a really bad mistake, the firm would lose its reputation and all the partners could lose their shirts.  This gave partners a viceral interest in managing risks to the business.  Risks to their reputation were the biggest.

Along came the Big Bang, and most financial firms became limited liability companies. Partners became shareholders with limited liability.  If disaster struck, they could lose their shares - if they retained any - but only the person who actually made the mistake was at any risk of losing his shirt.  Corporate reputation no longer matters so much to most individuals since most can move if their firm loses its reputation.

Since then, most big accountants have become limited liability partnerships.  Law firms are following closely behind.  A few professional firms have welcome external capital, and more will do so.

When you add the way in which profit is distributed, the effect is increasingly similar to the Big Bang, though its slow motion is more like a prolonged whimper.  Most of those who run or trade through financial firms, law firms and accountants now take a full share of the upside but only limited or no downside risks.

For individuals, a system that offers "vast risk-free payouts" (as Geraint Andersen described them) is as attractive as it is valuable.  Banks have learned just how disastrous it is to separate the depths of downside risk from reward; but accountants and lawyers seem to be going, blindly, down a similar route with one important difference:  no audit or law firm is "too big to fail".  No-one will rescue them from oblivion.

Bankers are starting to shape a partial solution.  The FT reports that HSBC is considering forcing top bankers to hold increasingly large amounts of stock until retirement.  Goldman already obliges its senior leaders to hold up to 75% of share awards until they leave with many more senior staff obliged to hold at least 25%.

UBS has gone further.  Not only does the bank have a 'bonus/malus' sytem.  UBS has moved to pay its leaders' bonuses in bonds and insists, amongst other measures that Executive Board members hold at least 350,000 shares, and its CEO holds 500,000 shares.

Since reputation is one of the big drivers of share price, this personal risk of losing money may well influence behaviour, particularly as accumulated unsellable share awards become a substantial proportion of the personal wealth of influential individuals.  Even so, there will be unintended consequences, such as increasing the reasons for stars to move regularly.  Identity economics points to one way to solve this problem.  And to be effective, the system  needs to draw in all important players, not just 'top bankers'.  Goldman has already got that point.

But for lawyers and accountants, this approach is not likely to work.  Unlike banks (not to mention the likes of BP), law firms and accountants are often fairly thinly capitalised; and few are quoted companies.  Their most important asset by far is their reputation. Without that, they can't attract clients, get credit or retain their valuable but mobile talent.

For professional firms, reputation is the key to life.  For them, finding, understanding and controlling sources of reputational risk is the key to surviving almost any kind of crisis, as professionals' personal interests increasingly diverge from those of their firms.

The trouble is that current risk analysis techniques were not designed systematically to find let alone manage risks to reputation.  As one sage put it, conventional risk assessment does not address reputation risks adequately, but produces an incomplete picture of susceptiblity and escalation potential.  Nor does it present a sufficiently joined-up picture.

When that kind of reputational risk becomes a reality, they call it a Black Swan.  But it isn't.  The risks are there to be found.  If you know how to look for them.

Anthony Fitzsimmons

Updated 28 March 2011

Thursday, 17 March 2011

The Nuclear Industry

As Lex reports today, the reputation of nuclear technology has "suffered a mortal blow". For those seeking readable technical background on nuclear safety, Charles Perrow gives a lucid analysis of why at least older nuclear power stations are inherently risky particularly once something starts to go wrong, in his book “Normal Accidents”.

We are already hearing claims that Japan's nuclear problems "couldn't happen here” and that modern nuclear power can be “safe”. This claim needs rigorous examination.  As Japan's nuclear travails again show, a mistake in balancing the probabilities and the potential harm exposes large numbers to exceptionally great harm.

Both politicians and CEOs regularly make bad decisions in balancing short term gain (tax flows, profit flows, growth and votes) with a small probability of a very serious harm. Their decisions are regularly shown to be spectacularly bad once enough time has elapsed for the small probability in any year to turn into a real and nasty event. Whether this is because they underestimate the risks or because they correctly conclude that 'it' is unlikely to blow up on their watch is a question for more research. Nicholas Taleb would say many are 'fooled by randomness'.

The problem is that whilst the basic risk seems small (one chance per thousand per unit per year seems minuscule), over enough units and years, the risk can become a substantial probability. And if the probability is of something very nasty and equally expensive, it matters. For some national examples, consider Japan's nuclear problems, Iceland's banks or Ireland's economy. And for companies, consider Andersen, Lehman, Northern Rock and oil companies drilling in deep water, not to mention what has become the "too big to fail" problem in the banking sector.

There needs to be greater understanding of risk.  This should begin with greater clarity in explaining risks particularly of the very low probability/very high impact type. Nuclear power is an excellent and topical example, particularly since the nuclear industry does not have a reputation for openness or honesty.

One approach is to show risk not as pure probability but as the probability (including any time factor) multiplied by the harm. At its simplest, a random “once in a hundred years” risk of a £10 billion harm can be visualised as having a present value of £100 million per year; or (give or take an assumption or two) £2 billion over 20 years.
If the nuclear industry wants to regain public trust, it needs to be open and scrupulously honest in explaining nuclear risks.  It should start doing things differently today.
This won't happen immediately, if at all, so the UK's civil service - not to mention its political masters - need to get scientifically and statisitcally literate in rapid order.  It is more than 40 years since Lord Fulton pointed out its scientific illiteracy but there is still no sign of a change.

Anthony Fitzsimmons

Friday, 4 March 2011

A new breed of Chief Risk Officer

Is there a cadre with the experience and skills to become Sir David Walker's new generation of BOFI1 Chief Risk Officers?  The largest insurance and reinsurance companies and some big banks, have had CROs for a few years, but the arrival of these pioneers has been haphazard.

A recent report by Hedley May , drawn to my attention by the FT's Megan Murphy, makes interesting reading. Propelled by Sir David Walker's insistence on universal CROs for BOFIs, with near-board-level status, HM suggest that a new, high-flying breed of CRO needs to emerge. It does.  And the breed, with its status, should spread to all large complex enterprises.

There is no specification of this new breed. What should it look like? Here are some ideas.  Some are borrowed from HM's report. Please hone them using the comment space below.  Characteristics should include:
  • very high intelligence
  • sophisticated, practically-oriented numeracy – perhaps engineers and statisticians rather than pure mathematicians and physicists
  • CEO potential
  • a deep understanding of the entire business
  • an independent and questioning mindset
  • a nose for 'something not quite right' and the inquisitiveness to follow through
  • persistence
  • forensic and policing skills
  • people, mediation, problem-solving and negotiation skills
  • the imagination and flair to turn problem risks into sound commercial opportunities
Three difficult areas are incentives, promotion and education.

Pay, bonuses and other incentives will need careful thought. The CRO's overwhelming motivation should be to ensure that the company is able to continue through whatever vicissitudes fate, its staff or its leaders throw at it. Total loyalty to the company, not to the team, will be essential.  CRO pay, rations, life and death will probably have to be in the gift of the NEDs, not executives.

Promotion is problematic for such high fliers. If the CRO job is seen as a route to internal promotion dependent on the C-suite, it will corrupt a CROs' loyalty.  To be effective, a CRO needs unqualified loyalty to the company, not the C-suite. And the notion that "CRO" is a 3 year job on the way to CEO will produce inexperienced and ineffective CROs tuned to the short term and gaining favour rather than long term stability of the company. 

Different solutions will be found, but all are likely to involve primary loyalty to non-executives rather than executives and the means to make the job sufficiently high status, interesting and rewarding that potential CEOs are prepared to spend 10 years not three in the job.  In the longer term, many CROs may be of equivalent status to CFOs - and content to stay that way.

Thirdly, specialised education will be essential. Few if any MBA establishments teach about risk to the depth and breadth necessary. Most will find, if they are honest with themselves, that they lack the skills to teach it properly. New specialist education will be required, with teaching by risk specialists that operate at business strategy level as well as understanding the nuts and bolts of risk. A range of risk-strategy MSc courses may be needed for budding CROs.

Risk has long been been a Cinderella area. BOFI CROs are being created and invited to the C-suite ball. Once they have gained the skills and performed well, many will see top positions opening up to them.  Other large complex companies should follow the trend.  The challenge for boards will be to keep the best CROs in post for long periods.

Upate 24 March:  See also the discussion on this FT article about McKinsey's reputation

Anthony Fitzsimmons

1Bank or Financial Institution, a term coined by Sir David Walker

Wednesday, 2 February 2011

Oil company reputations in deep water

Investors in oil companies have learned that drilling oil wells in deep water can be like 'betting the company' on every well, even for oil majors.

Ceres is coordinating an initiative to persuade oil companies to manage the risks in offshore drilling. It seeks better disclosure, better incentives and higher industry standards. And Ceres recognises that the weakest performer matters because a bad accident can easily cause collateral damage to the entire industry.

These are good intentions, but they miss an important ingredient. BP's direct financial losses were huge.  The current figure, $40.9 billion, represents almost three times 2009's profit, and is leading to a smaller BP. Insurance would have been insignificant for losses on this scale.

But what brought BP uncomfortably close to its knees was the the scale of the reputational damage, which came close to destroying BP's 'licence to operate'.

Oil companies need to get a grip on reputational risk. Reputation is a valuable, strategic asset even though it is not even mentioned in most balance sheets.  For a well regarded company, reputational capital represents a large proportion of the share price.  As Warren Buffett put it, “It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently.”

Failure to identify reputational risks means that the opportunity to manage and reduce risks to this valuable strategic asset is lost. Unfortunately, traditional risk analysis techniques miss large swathes of reputational risk. And by revealing some reputational risks, they lull practitioners into thinking they have found them all.  The truth is that many are very hard to find.

So it is no surprise that BP seems to have been unaware of important risks to its once-valuable reputation. Yet looked at with the right analytical approach and experience, it is now predictable whether (and why and how) a serious accident for a large company is likely to mushroom from a crisis into a reputational catastrophe.  Timing is of course something else.

Unfortunately these new analytical tools, designed systematically to uncover and assess risks to reputation, were not widely available before the crisis struck.

Better, independent, safety regulation is essential, but it is not enough. Oil companies need to understand their reputations, systematically find and catalogue their reputational risks and fix the foundations. Otherwise the next oil spill to hit global headlines won't just damage the company involved. It could set back the whole industry. 

Activist investor groupings such as Ceres, Calpers and Hermes should encourage investee companies to understand their reputations, systematically analyse and understand the risks – and take a proactive approach to making their reputations sustainable.

As Bill Margaritis of FedEx put it, “A good reputation can be a life saver in a crisis and a tail wind when you have an opportunity.”  But the best reputation won't save you if it is built on hope and good intentions.  You need solid foundations.

Anthony Fitzsimmons

Monday, 24 January 2011

The demise of Audit?

It is clear from today's FT at  that the big four accountants fear collapse to the extent that they are discussing contingency plans.  The discussions centre on how to re-boot a new company as a phoenix from the ashes of the old.

As the demise of Arthur Andersen illustrates, any sign of 'rotten' sends clients running elsewhere - what is the value of an audit certificate from a malodorous firm?  The suggestion from John Griffith-Jones of KPMG, that 'regulators might need to compel clients to stay with a stricken auditor temporarily', is therefore particularly striking. 

But the discussion should not just be about whether and how a big audit firm can rise like a phoenix from its own ashes.  It should include whether audit as we know it would survive as a business after the destruction of a Big 4 audit firm.  That one has been filed under "Too Difficult". 

Update: See also Lex on 24 February 2011

Anthony Fitzsimmons

Are civil service leaders competent?

Are the Civil Service's top mandarins competent?  Two strong pieces of evidence suggest that they have a reputation for incompetence among those who deal most closely with them.  Another suggests that this reputation is deserved.  Re-visiting Lord Fulton's seminal 1968 report on civil service competence suggests why.

The UK Commons Public Accounts Committee reports on the civil service.  At its last review, the Committee concluded: "The confidence reported by staff in departments’ boards and senior leadership has been improving but is still low."  Those who know the mandrins best have little confidence in their leaders.

Coalition ministers clearly arrived thinking mandarins lack management skills.  Despite resistance from senior civil servants, one of the coalition's first acts was to try to bring experienced private sector leaders into the so-called boards of government departments in order to inject management skills into the top of the civil service. 

Now there is evidence that this reputation for incompetence is justified.  It comes from a recent lecture by Professor Van Reenen of the LSE, as reported by Tim Harford.  Van Reenen evaluated management competence in a double-blind survey based on 8000 interviews.  A striking conclusion was that government-run companies rank right at the bottom of management quality tables.  As Tim Harford put it, "David Brent is alive and working in Whitehall".

Depressingly, this is not a new phenomenon.  As long ago as 1968, the Fulton Report characterised the upper reaches of the civil service as based on the cult of the clever, classically educated amateur. 

Lord Fulton made two important recommendations.  The first was to provide management training for the civil service's policy-makers.  Whilst civil servants do get management training, the evidence suggests there is a continuing systemic failure of the civil service to deliver good management.

Secondly, the Report recommended that scientists and engineers should be given more training and responsibility in management and policy spheres (Chapter 1 para 17 on page 12).  

There has been a total failure here.  Over forty years on, only two of the 42 permanent secretaries that lead the UK's Civil Service have science or engineering degrees.  Only two more have degree level numeracy.   The nearest the UK Treasury's policy-making Executive Management Group has to a scientist is one person with a maths degree.  (Source: Cabinet Office and Treasury FoI answers).  

This failure explains two weaknesses in government policy-making.  Firstly, senior mandarins as a class are scientifically ignorant to an extent that should make them blush.  This makes them vulnerable to stupid mistakes because they have no independent basis for knowing where to probe any subject that has scientific content.  A cadre of specialist scientists is no substitute for mandarins who, collectively, are not scientifically ignorant.

Secondly, the lack of science training amongst mandarins has excluded the scientific culture and way of thinking from the civil service leadership.  The civil service leadership is deprived of the evidence-based culture and rigour that imbues those with a good science education.  This evidence-seeking rigour can be uncomfortable, but it is highly desirable.  

It seems clear that the Civil Service has no intention of developing scientists and engineers to fill the highest levels. This is probably because it does not recognise its own weakness.  A recent FoI answer states "There is no strategy or policy that has been pursued by the Civil Service (either at present or in the last five years), to ensure that current and potential permanent secretaries are selected to ensure a certain distribution of academic backgrounds amongst this group." 

The civil service leadership needs to improve.  Its is notoriously resistant to change as the abiding image of Sir Humphrey reminds us.  It will take a determined government to change civil service culture.  

Political leaders could do worse than resurect Lord Fulton's report because forty years on, its diagnosis still seems to fit. They should commission a small group, well balanced between science and arts graduates, to revisit the Civil Service's culture and competence.  

And in the meantime, they should set the Civil Service Commissioners the objective of making scientific ignorance as embarassing to mandarins as ignorance of literature, history, politics or the rhetorical arts.

Postcript: You will find a recent piece by Richard Bacon MP here.

Anthony Fitzsimmons

Anthony Fitzsimmons is Chairman of Reputability LLP and, with the late Derek Atkins, author of “Rethinking Reputational Risk: How to Manage the Risks that can Ruin Your Business, Your Reputation and You

Wednesday, 19 January 2011

Do boards live in a rose-tinted bubble?

Are boards living in a rose-tinted bubble?  Roffey Park's latest survey suggests they are.  This matters because any disconnection of a board from reality is dangerous and can wreck the organisation.

Roffey Park carries out an annual survey of managers and directors.  Apart from looking at trends, this year's statistics were analysed by seniority.  The 2011 results showed board members to be more confident both in themselves and in the future than lower echelons. 

There are two obvious explanations for this.  It may be that board directors have a better view of things from their elevated position.  Alternatively, board members are poorly informed about what is going on at the coal face, for example because lower level staff try to avoid telling their bosses bad news.

It is extremely easy to create a system of incentives that discourages the flow of bad news up a hierarchy.  The result is that some problems will be widely discussed below a certain level in the organisation but will not communicated upwards.  A typical example seems to have occurred at BP.  Before the Deepwater Horizon exploded, the Mocando well was being described among engineers as a "nightmare well", but the US House Energy Committee found  "no trace of that news reaching senior management".

This matters doubly.  First, the lack of 'bad news' means that management does not have all the organisation's know-how available when making decisions.  This means decisions are made on the basis of information that is unnecessarily incomplete.

But worse happens when a disaster opens top management to public scrutiny.  Outrage and severe reputational damage frequently follow when it is discovered that top mangement has made a bad decision because it did not have access to the organisation's collective knowledge.  The history of disasters is littered with cases where top management was lambasted - and sacked - for not knowing what was really going on lower down their organisation.  

Poor communication within an organisation is an operational and reputational risk.  These results from Roffey Park's are more evidence that poor internal communication is a common problem.

Anthony Fitzsimmons

Wednesday, 12 January 2011

Whither Goldman Sachs?

These are torrid times for Goldman Sachs despite weathering the 2008 financial crisis better than most. The least of it was reports of its advice to investment clients to short Californian state bonds that it had helped to sell and of its help to the Greek government to 'mask' the size of Greek government debt.  More serious were the Massachusetts investigation of sub-prime mortgage sales in the state (settled for $60m) and CDO issues, which include a fraud case launched by the US SEC in April 2010 and settled by payment of a $550m fine.

All this has taken place against the background of a witch hunt against bankers by politicians who have persuaded themselves and the public that only bankers, not politicians or voters, are to blame for the financial crisis.  The result is that Goldman's currently excites a mix of emotions ranging from admiration and fear to scorn and hostility, packaged with a back-story that has a toxic potential that begins to rival BP's.
So at last May's AGM, Goldman's chairman, Lloyd Blankfein, announced Goldman's new Business Standards Committee (“BSC”). “Questions have been raised that go to the heart of this institution’s most fundamental value: how we treat our clients. ...There is a disconnect between how we as a firm view ourselves and how the broader public perceives our role and activities in the market”.

A good start.  It got better.  The BSC's mandate was to “ensure the firm's business standards and practices are of the highest quality; that they meet or exceed the expectations of clients, other stakeholders and regulators; and that they contribute to overall financial stability and economic opportunity”.

The BSC report  was published on 10 January 2011.  Referring to Goldman's Business Principles it correctly recognises Goldman's reputation as one of its most important assets and that reputation risk is important.  It admits that clients see some some shortcomings at Goldman's – questioning “whether the firm has remained true to its traditional values” and suggesting that “in some circumstances the firm weighs its interests and short term incentives too heavily”. But from that encouraging start, and despite its 39 recommendations, the report does not engage with the fundamental issues. Why?

The first clue is BSC membership.  Plenty of senior bankers and bank functionaries, a seasoning of lawyers - but who is the obvious omission?  Goldman's Chief Risk Officer, Craig Broderick.  Why exclude Goldman's most senior risk professional from the BSC, whose report mentions reputational risk more than 20 times?

Secondly, the report's focus is primarily on clients.  "The cornerstone of the [BSC]'s recommendations is the relationship between Goldman Sachs and its clients, and a deeply rooted belief that if our clients are successful, our own success will follow."  All beliefs, especially the deeply rooted variety, should be questioned regularly, and this is no exception.  Their client' success probably is important to Goldman's; but it is quite different to believe that client success necessarily leads to success for  Goldman's.

Looking back at the report's introduction reveals a third clue.  The report coyly refers to Goldman's recent “considerable scrutiny” and the arrival of an “opportunity to engage in a thorough self-assessment” and to “consider how we can and should improve”.  At best this is deliberate understatement driven by lawyers; at worst, it represents self-delusion, never the best starting point for recovery.

Against that background, it is no surprise that the BSC's 39 recommendations focus primarily on what its members understand well – clients, governance, committees, training, procedure and good intentions.

Whilst reputational risk management is mentioned 16 times, there is no reference to the importance or place of systematic reputational risk analysis or reputational strategy, without which reputational risk management is unlikely to be effective.  Avoiding these subjects may have been due to tactical coyness, but if so it has been taken to the degree of suggesting ignorance.  

Whither Goldman's?  Predicting the future is a mug's game, but without focus on these areas, Goldman's will remain perched uncomfortably close to the edge of a reputational abyss.  And Goldman's will miss a rare, valuable opportunity to become the world's most respected bank, set in a class of its own.  Since reputational capital can represent as much as 40% of market capital for a well respected company, its shareholders would be happy - and the more so if Goldman's improved reputation was built on rock-solid foundations.

Anthony Fitzsimmons

Thursday, 6 January 2011

Lessons from BP's collapse

When BP's share price fell, shareholders' pockets felt lighter by up to £58 billion. Much, probably most, of the drop in share price reflected the collapse of the value of BP's reputation, once a huge asset even if it did not appear in BP's balance sheet.

Good corporate reputations are built on the assumption that management is sound so that, for example, it joins up knowledge, culture and behaviour across the entire organisation and learns systematically from the many small mistakes that do not cause a disaster. 
Anything that undermines this assumption is an important risk to reputation.  In a view that summarised the new perception of BP, Professor David Green suggested "the painful truth is that BP may not have been very well run."  Perceptions like this were important reasons for BP's reputational collapse.  

The first release from the final report of the US President's National Commission Report into the Deepwater Horizon blowout seems to confirm (at page 90) that the perception was in fact justified even if the management deficiencies were not known to BP's board at the time.
Few companies systematically analyse risks to their reputation. As a result, there is a large, widespread lacuna in management - and board - knowledge of risks to reputation in this important area, among others.

This is the result of history. As originally conceived, classic risk management and Enterprise Risk Management (“ERM”) were not designed to find reputational risks. Even state-of-the-art risk management and ERM miss large and important areas of risks to reputation. The lacuna is made worse because traditional approaches do pick up some risks to reputation, lulling practitioners into a false sense of security.

The consequence is that many – from my own sample of observations I believe most – well-regarded companies have large and important gaps in their risk analysis as regards reputational risks.  This leaves potentially catastrophic risks and risk combinations unrecognised.  As a result, the opportunity to manage this huge area of risk to shareholder value is lost.

Boards - particularly Chairmen and Chief Executives - need to recognise this lacuna and set strategy to deal with it.

Anthony Fitzsimmons 

Tuesday, 4 January 2011

Only 5% of top civil servants have degree level science education

Only two of the 42 permanent secretaries that lead the UK's Civil Service have science or engineering degrees.  Two more have degree level numeracy.   And the nearest the UK Treasury's policy-making Executive Management Group has to a scientist is one person with a maths degree.  (Source: Cabinet Office and Treasury FOI answers)

Yet the seminal 1968  Fulton Report  recommended professionalisation of the civil service's cult of the clever (typically Oxbridge) amateur.  Apart from recommending training in management (though why is No 10 drafting in top businessmen to bring management acumen to all government departments?) Fulton specifically recommended that scientists and engineers should be given more training and responsibility in management and policy spheres (Chapter 1 para 17)

It is clear that the Civil Service has not developed scientists and engineers to fill the highest levels; and a FOI answer states "There is no strategy or policy that has been pursued by the Civil Service (either at present or in the last five years), to ensure that current and potential permanent secretaries are selected to ensure a certain distribution of academic backgrounds amongst this group."

Two questions remain:
  1. Why has the Civil Service leadership not implemented the Fulton recommendation on scientists and engineers over the last 40 years?
  2. What are the consequences of their failure to do so?

Anthony Fitzsimmons

Anthony Fitzsimmons is Chairman of Reputability LLP and, with the late Derek Atkins, author of “Rethinking Reputational Risk: How to Manage the Risks that can Ruin Your Business, Your Reputation and You

RNIB risks undermining its reputation

In a move that will increase risks to its reputation, the RNIB is taking a line that supports Genentech and Roche, drug companies that market and make Avastin.

Avastin is a drug licensed for treatment for bowel cancer.  It has been discovered that Avastin can also stem wet macular degeneration, a condition that condemns many elderly people to blindness.  And Avastin is much cheaper than alternative treatments.

Nice is considering appraising Avastin as a treatment of macular degeneration because it is more cost-effective.  Genentech and Roche are resisting NICE's efforts to appraise Avastin for this use.  The RNIB is reportedly running the same argument as the drug companies, essentially that NICE should not seek out cheaper treatments by using existing drugs for new purposes.

This argument seems counterintuitive but for one additional fact reported by the Guardian.  Both drug companies give money to the RNIB.

Whatever the truth, many will perceive that the RNIB is dancing to its donors' tune.  Whilst this episode on its own is unlikely to cause serious damage, the accumulation of episodes like this will erode the reputation of RNIB as a trustworthy advocate for blind people. 

This is a common problem for charities.  Big business likes to buy their endorsement and the charities like the money.  The danger for charities is that they come to be seen as just another advocate of their commercial sponsors.  With that comes the loss of a valuable reputation that has taken decades to build.

Anthony Fitzsimmons