Industry experts have been looking to get to the heart of a concept that has been regarded too often as unquantifiable
From Ashley Madison’s recent customer data loss to Volkswagen’s reputational hit following its emission scandal, intellectual property and brand damage – or intangible risks – are hot discussion points in today’s complex risk landscape. For 21st century businesses, intangible risks present a real challenge, if not a complete enigma. They are hard to identify, the triggers are unclear, losses are difficult to measure and underwriting data is lacking. For these reasons, risks to intangible assets are often struck off as ‘unquantifiable’. But, for risk managers, finding the best solutions is at the core of discussions about how to manage such nebulous threats.
So, in the first of a series of quarterly SR100LIVE events – the Intangible Risks Briefing – industry experts sought to provide insight and drill down on approaches to prevention and mitigation.
Held in November, the conference brought together Europe’s leading risk managers to discuss methods for dealing with such risks.
Lack of identification
The one-day event in London kicked off with an academic assessment of intangible risk, given by Professor Daniel Ralph, founder and academic director of the Centre for Risk Studies, University of Cambridge.
He defined such risks as having 100% probability but are often ignored by businesses because of a lack of identification. The result he said, was a set of risks that are not priced, quantified “and therefore are not managed”.
“Go into any large organisation and ask people whether they understand their own risk – They generally don’t. Ask whether they understand how they create reputation risk and their faces go blank,” he added.
Ralph ended his presentation with a call to action, asking risk managers to venture into the unknown: “[The industry] has done a lot of modelling but we must not be scared of going to places that we haven’t been to before. This means trying to assess the likelihood and damage caused by a systemic event. Just because it’s difficult it doesn’t mean we shouldn’t try.”
In a similar vein, Karen Morris, strategic advisor at DUAL International limited, the underwriting division of Hyperion Insurance Group, encouraged risk managers to challenge the status quo. The corporate culture needs to adapt to survive and thrive, she said, particularly where non-physical risks are concerned.
At the core of the challenge is an overhaul of today’s management culture. “We have enormous difficulty in putting prices, values and predictability around these yet-to-be-realised, but hugely imminent, risks. How do we do this in our organisations when we have a problem?” Morris asked. That problem is management.
“The school of management that the 20th century has left us with is one constructed on counting, controlling, and predicting. We’re still very much locked in to that.
“But in an uncertain world, counting, controlling and predicting are not the leadership skills that will help us build an organisation that is sufficiently resilient [and able] to resist that which we don’t fully understand yet.”
She continued: “If you want to do something different it begins with a mindset change and, more often than not, this is a communication challenge. All change and progress derives from questioning and creating an environment of truly open questioning where we are willing, able and trusting enough to hold up a mirror to the reality of our organisation and ask, are we designed for tomorrow?”
Next was an insightful presentation about safeguarding one of the most valuable assets to a company: their intellectual data. And in today’s hyper-connected business world, there is a lot, perhaps too much, Big Data.
In 2012 alone, some 2.5 quintillion bytes of data (18 zeros) was created every day. That is equivalent to 57.5 billion 32gb iPads. A lot of this data is unstructured, the value of which difficult to extrapolate and understand because it is not organised.
Long-term success
However, this information holds the key to long-term success if it is used correctly, said John Irving, business development manager at Ventiv Technology. Citing the work of a leading retailer, he said: “It was amazing how this company used its data to drive business decisions to make an impact. The company revised its maintenance schedules on refrigeration equipment because of what its data told them. It even changed its food-packaging design because of what it found.
“These changes resulted in improved store takings and reduced incidents.”
So how did this particular company come to reap the benefits of high volumes of seemingly worthless and unstructured data?
By becoming ‘data athletes’, he said. This, a term coined by Irving to describe the good health of a company’s data management, tops the list of ‘data consumption diseases/conditions’ that delegates would soon come to learn as ‘information eating disorders’.
The symptoms, he listed, were as follows:
- ‘Information anorexia’: an organisation, department or individual who takes on board the bare minimum of information, just enough to survive but not to thrive.
- ‘Information bulimia’: sufferers live through a cycle of binging and purging. For example, in the process of collecting a company’s insurance renewal data, departments make every effort to lap up vast reams of data, sometimes on a global scale. This is the information binge.
Next, the department regurgitates this information wholesale to their brokers and insurers. This is the information purge.
The question companies need to ask is, “how much value do our companies get from this information?,” Irving said. - ‘Information obesity’: a company that hoards, collects and over consumes masses of data. Answers to the following questions typically return blank faces: what are you actually using this information for? Is it being analysed diligently and correctly? Is your data being used to drive good business decisions? Are you getting any nutritional value from your data?
“Organisations that suffer from this condition tend to think they’re doing a really great job when it comes to data management. But where they fall short is when they mistaken quantity for quality,” Irving explained. - ‘Data athletes’: a company that regularly goes to the data gym where it conducts a hard ‘work-out’ of its data, enabling it to spot patterns and trends. The data gym describes the process of organising the data, analysing it and acting on key findings so that positive business-changing decisions can be made.
Delegates then grouped into four roundtables to participate in discussions and share best practice in the following areas: protecting intellectual property; managing reputational risk; developing an effective cyber risk management programme; and valuing intangible assets. This brought the first, new and improved, SR100LIVE event to a close. But the fun and games – and learning – did not stop there.
The afternoon saw SR launch a new event concept: the Rapid Risk Response Briefing.
To deal with emerging threats – and opportunities – risk professionals must respond quickly and decisively.
The idea with the Rapid Risk Response Briefing is to transform the news agenda into a forum in which risk managers can discuss how they can react/are reacting to emerging and emergent risks as events occur.
Strategic response?
The Volkswagen emission scandal kicked off the first of two Rapid Risk Response Briefings, with a presentation from John Ludlow, managing director at consulting firm, Leading in Risk.
In September 2015, the automotive brand admitted to falsifying US pollution tests on 500,000 diesel engine vehicles, by installing software (‘defeat devices’) to make them appear cleaner than they were when being tested.
Once on the road, the cars would pump out as much as 40 times the allowed level of nitrogen oxides.
This elicited many questions from the floor about managing reputation risk. The advice from Ludlow, who formally led on reputation management at the hospitality firm, InterContinental Hotel Group – said: “Is there an effective strategic response to dealing with major reputation crisis? The answer is yes.
“Understand your company’s reputation. If you don’t understand its reputation and, by that I mean understanding your stakeholders – what they want and how they feel about the business – then how are you going to repair the problem after a big crisis occurs?”
Nathalie Wlodarczyk, managing director, global risk consulting, economics and country risk at IHS, led the last of the two sessions, which aimed to assess the significance of the current wave of migration in Europe.
In 2015, Europe experienced a hike in refugees numbers from the Middle East, Africa, South Asia and Western Balkans. The phase ‘European migrant crisis’ came to being when five boats carrying almost 2,000 migrants to Europe sank, killing more than 1,200 people.
Media coverage has focused on the negative side of this issue but Wlodarczyk gave an objective overview, looking at the opportunities and addressing questions such as how to encourage companies to consider migration from a risk perspective.
From intangible risks to Europe’s migration issue, one question that risk managers left the day asking, “are we designed for tomorrow?” And in Morris’ words: “If you want to do something different it begins with a mindset change”.
No comments yet