News and analysis

Mega risks and disasters – a resilient company will get back on track faster

Businesses are increasingly expected to prepare for, and manage the effects of major disasters and they play an integral role in disaster risk mitigation and recovery.

We produced a blog for 6-Group on what businesses should be doing to ensure they are resilient and therefore become partners of choice for their customers if disaster strikes.

Photo, thanks to ‘Jessica Lea/DFID’

 

 

Oxfam – work begins on ensuring a permanent fix for the aid sector

Since allegations emerged of aid workers participating in sex parties in disaster-stricken Haiti, Oxfam has been fighting a rear-guard action.   It’s looked like an organization that was wrong-footed from the outset, never regained the initiative and is struggling to use its undoubtedly noble values as a defence for the defenceless.

This is doubly ironic, as many who know the sector say Oxfam’s HR and investigation processes are ‘stringent’ and better than many smaller, less well-resourced charities. A systemic issue that ranges across the sector as a whole looks more of a possibility.

Oxfam won’t win this one, but it must prevent the next one.

Aside from Oxfam’s unenviable current position, other notable elements of this crisis include the role of the International Development Department of the UK government and the Charity Commission. It could be the international development aid sector’s version of the #MeToo movement, with complainants or whistle-blowers feeling empowered by seeing stories of Oxfam.

The charity no doubt has systems and processes in place to collect, triage, verify, report and remedy allegations of all types of problem from bribery and corruption through to assault and mobbing.  There was a whistle-blower, there were internal reports and there are safeguards over employment processes.  So either the information didn’t reach the highest level or if it did, someone either didn’t appreciate its seriousness, or they decided to sit on some or all of it.  Its report of ‘misconduct’ to the Charity Commission, apparently, did’t contain specific allegations of abuse of  beneficiaries, according to a statement from the Commission.

Why not? And if not, does the Charity Commission have to take some heat because it didn’t dig sufficiently deeply into the allegations?  And how much did the International Development Department know and how diligently did it seek to discover more?

What next?

  • Bosses of any organisation must set a tone from the top that expresses a ‘zero tolerance’ for misconduct.  AND they must have the strength of character to also welcome reports of misconduct and ensure they are properly investigated and action taken.
  • The organisation must review its compliance processes, including whistle-blowing policies, hotlines and protection to ensure they’re fit for purpose
  • The processes and systems for ensuring good oversight of human resources management and safeguarding of employees and other stakeholders must be robust and must be tested
  • The Charity Commission has launched a statuary review and this must include a review its own processes if it finds that this incident has raised concerns that its oversight was weak or incomplete
  • The government is channeling public aid money through charities and has a duty to ensure it is satisfied with how the money is spent and that the organisations it contracts are the subject of rigorous due diligence from a financial, ethical, social and governance perspective.  The process may now have to be more intrusive than prior to the Oxfam/Haiti revelations
  • Any charity sitting on similar allegations should be seriously considering going public on anything they know – and soon…because the allegations will find their way into the public domain, sooner or later and it’s better to be proactive on this

Penny Mordaunt, for the International Development Department, announced a new unit, which clearly implies there are perceived weaknesses in the oversight processes. She said: “This unit will be wide-ranging and comprehensive in its remit, looking at safeguarding across UK and international charities, suppliers, and the UN and multilateral organisations so that together we can make progress.

‘This will look at how to guard against criminal and predatory individuals being re-employed by charities and abusing again, including the option of establishing a global register of development workers.”

And finally – all parties need to do the acid test: imagine there is a repeat of this scandal and review whether their improvements to policies, training, oversight and whistle-blowing would stand scrutiny in the court of public opinion. Imagine they’re picked over in The Times and see how complete and robust they seem to be then.

CrisisManagement offers crisis and resilience audits to ensure organisations have the right levels of awareness and proactive processes in place to avoid or mitigate risks.

Photo cropped from original of Haiti by @verdyverna. Many thanks for posting royalty-free.

 

The Presidents Club: the sound of British businessmen in five-speed reverse

20-20 hindsight is a great thing…

Bear with me on this, because the fallout from this dinner is a great crisis, business ethics and risk management case study.

Case study scenario: Bosses of company X are invited by supplier Y to a charity dinner as their guests where they will be treated to entertainment costing around £1,000 each at the men-only event. The guest list is packed with clients and competitors in the industry. Should they attend? End of scenario.

The ticket price of £1,000 would be ‘trigger one’. It would prompt a deeper dive into whether attendance is a good idea, initially relative to the UK Bribery Act and the Gifts and Entertainments clause of ISO 37001, the anti-bribery standard.  At a rough guess, the invitations should have been rejected at this stage by many guests, as attending the event, with this ticket price, could be seen to represent a significant potential compliance issue. Whereas they probably wouldn’t take a £1,000 bung for a business favour, a dinner ticket worth a grand needs careful handling. Alternatively, executives could be offered the chance to pay for their own tickets to avoid any whiff of a business ethics issue.

But if the company still considered allowing executives to accept the invitation, it should have a policy on, and a process to evaluate, offers of gifts, entertainment etc and give or refuse approval to attend on the company’s behalf.

‘Trigger two’ would follow, once due diligence had established the real nature of the event (men only except professional hostesses), aside from its charitable fund-raising.  And perhaps it would be good if men AND women were involved in this due diligence.  At this stage, it would probably be a ‘no’.

But in a broader context, if any scenario identifies a risk as having potential to hit the company, it must decide what to do against clear criteria.  Should it mitigate the hazard, avoid it or share it (insure against it)?

Avoiding it is the only option. It’s almost impossible to ‘share’ the risk of attendance at the Presidents Club dinner by insuring against it – and post-hoc mitigation attempts by those invited have been hilarious and represent some are excellent examples of throwing fuel on the fire.  Companies refuse to comment (their name is already in the Financial Times), so they’re guilty by association.  Individuals, including politicians say they were invited, but claim they left early (presumably before any of the harassment or groping got underway); some said they weren’t aware of any bad behaviour and others say that although they were invited, they weren’t there.  It’s the sound of British business in five-speed reverse… 

Anyone who thought a dinner like this couldn’t possibly be the subject of headlines of the Financial Times – for consecutive days – and that the Presidents Club itself would be dead in a day and a half following these revelations – needs a reality check.

So what should have happened?

A company wanting to avoid reputational damage and possibly a big-ticket legal item, like being the wrong side of the UK Bribery Act, should have implemented a systematic and arm’s length approach to event due diligence, which may include the following:

  • A diversity of people should review events the company is involved in on a strategic basis – and a case-by-case
  • The review needs to thoroughly determine the type of event – by using multiple sources
  • It needs to evaluate whether the cost of the tickets offered are in line with its own gifts and entertainments policy. If it doesn’t have one, it needs to get weaving PDQ…
  • On a company basis, it should avoid the hazard and not attend the event, as mitigation is also almost impossible. Mitigation, in this case, would be like choosing new material for the deck chairs on first day of the first voyage of the Titanic
  • And finally: Executives should do their own risk management 15 second test, by answering this question: “What would my kids think if they knew everything about the event I’m about to go to?”

As my old news editor used to say: “If in doubt (lad), leave it out.”

Carillion, the government and when someone else’s problem becomes yours

The situation with Carillion seems to support the old adage: “If you owe the bank £100, it’s your problem, if you own the bank £10m it’s the bank’s problem.”

In this case, last week’s theoretical, but realistic prospect of the melt-down of Carillion looked like the banks, bondholders and shareholders would have a problem, but this morning, the UK government has a huge problem.
Carillion has, after all, taken on a lot of risk from the government, simply because running contracts in return for money is a form of accepting risk.  But the level of exposure the government faces became clear as this turned from a corporate finance problem to a government headache.
To appreciate the scale of the challenge, this link shows just one aspect of the government’s exposure to the company – in the defence area.  In the recent past, the government also continued to award contracts worth hundreds of millions to the company, despite one, then another profit warning.  Perhaps the intention was to keep cashflow flowing, in the hope that the company would turn around and continue to manage these risks on behalf of the government.
The cash didn’t keep flowing and the company hasn’t turned around.
The government has now ‘crystallised its responsibilities’ and in solving company’s problems, ministers now must decide how they want to manage the coming few days, weeks and months.  They have a few options:
  • temporarily re-nationalise some of the service contracts, therefore maintaining continuity of service (in defence and prison contracts this is particularly important)
  • at a corporate level, hope for and encourage debt for equity swaps and plough on while restructuring on an ongoing basis
  • find trade buyers for some of the businesses or contracts and inject some funding for an interim period on critical strategic infrastructure projects in order to maintain continuity and retain key staff
  • JV partners of Carillion take over contracts (maybe with government guarantees)  in a way that ensures continuity on contracts
  • a mix of the above
  • none of the above, or anything else the government has planned with the administrator
The extent to which government-led crisis and contingency management planning has been going on – and for how long – will be directly related to how ‘bumpless’ the transfer is between Carillon and a new solution, like those listed above.  I’d expect any JV partners to have been working overtime since September (the last profit warning from Carillion) to ensure an orderly transfer of responsibilities.
Compounding the woes, lurking in the background is the spectre of the government’s pension lifeboat having to take over the 28,000-member scheme, which reports a deficit of £580m. Costs could end up being more than twice that, but either way, it’s additional angst for the government and politically another point of exposure.
We do know that the pension situation, and the scope and scale of government work that was contracted out to Carillion, will clearly mean the taxpayer will take a hit on this insolvency. The unknown is how and how much it will cost.
Lessons for crisis management?  A business would undoubtedly have n process by which it identifies big-ticket potential hits to the organization in a systematic way – via an Enterprise Risk Management process, for example.  In this case, they will have generic, adaptable plans to activate if a supplier or a customer goes out of business.  The plans will be developed on a risk basis (how likely how damaging), including from a ‘worst-case, what if’ scenario planning perspective, and contingencies will be put in place in good time.
So how will we know whether the government (and constituent departments that contract with Carillion) has been through a similar exercise?  If they have, while the first few days will naturally be a bit ragged, the stabilising solutions should be ready to implement relatively quickly and smoothly.  If it hasn’t planned or planning is incomplete, expect a more extended period of uncertainty as solutions are more obviously invented and cobbled together on a tactical, case-by-case basis.
And finally, the plunge in the company’s worth from £2billion to Friday’s closing valuation of £61m reminded me of the time the company I worked for took a 60% hit on the share price in one day, and then fell further to just over one Swiss Franc.  The national financial magazine here characterised the situation thus: “Question: What’s the difference between [the company’s] share price and a sausage? Answer: You can eat a sausage.”
Cruel, but in that case, the company recovered, stabilised and thrived, but it was scary.
[Thanks to Terry Robinson for allowing his photo above to be used via a Creative Commons licence]

Toby Young, tweets and the challenge of hiring the right people

By early Tuesday morning, the name ‘Toby Young’ had been trending on Twitter with nearly 50,000 tweets. The outraged Twitterati were celebrating that their pressure on the government had resulted in Young falling on his sword. And this, despite earlier support from the PM and senior government ministers, like the Johnson brothers.

Just days earlier, Young, an abrasive ‘shock-jock’ of a journalist turned founder of schools, had been appointed to the UK government’s Office for Students (OfS).

His downfall, it seems, stems from a combination of his long-form articles on eugenics, among other topics, and his track-record of obscene tweets which are covered in detail elsewhere.

And aside from the time it took for Young to go (many were presuming it would be a firing by the government, when they realized about the man’s previous form), the whole sorry affair prompts questions about how people are appointed to quangos. What is the process, who administers it, and who made the final decision that Young was the preferred candidate?  Or was this a case of ‘jobs for the boys’ – or as the phrase went on the radio on Tuesday morning, the ‘chumocracy’. Or worse still – was there no process, was it finessed, or was it ignored?

When my son joined the forces, his background check included my background and even my parents’.  When I appointed someone to my team in a large company, for some sensitive roles in security, with the candidate’s permission, we undertook deep due diligence into the person’s professional and personal background in order to ensure they were what they said they were on their CV. It’s also common for references to be taken from a candidate’s previous boss AND the colleagues on the same level with whom they worked.

The key challenge for the government now is to share the process whereby Young and the others appointed to the regulator are selected, applications processed, decisions made and background checks undertaken.  It’s not clear to me how this works, but as the committee is funded by the taxpayer, it should be made clear.  And specifically, was this process properly applied to Toby Young, or was there a nod and a wink between old mates?

It’s disappointing that the government cannot immediately spring to the defence of the human resources processes in this case, but it’s not surprising. Perhaps if they had done their homework, they would have been ahead of the curve and may not have been in the position of having to reactively deal with this fiasco.

Lessons learned?  Apply a clear, transparent and robust process for the appointment of members of regulators and watchdogs that is at least as tough as the processes used for the appointment of civil servants and managers in many businesses.

Classic final lesson? An issue ignored (or not searched for) is a crisis ensured.

STOP PRESS: Commissioner for Public Appointments, Peter Riddell, said on BBC Radio Four’s PM programme later on Tuesday that the process was followed, interviews conducted by an independent panel, but that the candidate’s web and social media profile wasn’t ‘googled’ and ‘common sense plus’ wasn’t applied in terms of flagging his social media activities to a minister.