Eye of the storm for Facebook

Normally companies have the chance of dealing with one or two major crises at the same time. But this wasn’t a luxury afforded to Facebook’s VP of Policy Solutions, Lord Allen, when he appeared in front of a committee of lawmakers from nine countries this morning at the UK Parliament in London.

Mark Zuckerberg was repeatedly invited, but didn’t show up. Regardless, the committee set up a spare chair and his name card (top photo, credit: Parliamentlive.tv).

Given the committee wanted to grill the organ-grinder and not the monkey, Lord Allen didn’t do a bad job. But he was fighting with one arm tied behind his back as he faced questions and accusations on Facebook’s corporate governance and corporate responsibility, and how it handles GDPR, trust, data protection, hacking, privacy, election meddling and fake news.

With a very few exceptions, the three-hour session offered very little support for Facebook, nor the type or extent of its efforts to solve the issues or mitigate the risks.

The final blow came when Charlie Angus, a Canadian MP concluded the session by saying: ‘Facebook is the problem’ and suggesting the company should face anti-trust legislation as ‘the only way to get a credible democratic response from a corporation’.

Facebook has been slow off the blocks on most, if not all of these issues.

First they denied there were problems, then insisted the problems weren’t their problem, given they’re ‘only a platform’; before being hit by the freight train that is this multi-country parliamentary committee.

A case of too little, too late by Facebook bosses, and a classic example of how ‘an issue ignored is a crisis ensured.’

At crisismanagement.ch, we often spend time with senior executives identifying scenarios, horizon-scanning and working to fix the root causes of the problem, rather than waiting for the solid matter to hit the aircon. We believe it’s time well-spent and an investment that offers a significant return for the business.

 

 

A 101 for press conferences

I have no idea why, but today, I’m prompted to share some hints a tips on press conferences.

Some key principles:

  1. Unless you have something earth-shattering to communicate to all of the media, at the same time – don’t do a press conference; for businesses a conference call is often more effective
  2. Use the first couple of minutes for an opening statement, covering the two or three key messages you want to get out during the session
  3. Answer the question, then shut up; if in doubt, leave it out
  4. Use answers to communicate your two, or maximum three key messages
  5. Don’t talk about yourself, or how good you are, the size of your brain, or how unfairly treated you feel
  6. Don’t insult the journalists and don’t belittle them, their questions or their news organisations
  7. If you have answered the question previously, you don’t have to include that answer to other questions
  8. Use simple language, especially if the topic is complex or technical, but don’t use slang and don’t swear. If you have to explain a phrase, like ‘con-job’, you shouldn’t use it
  9. Don’t call people who are not in the room ‘dishonest’, ‘low-life’ or ‘bad people’ – they can’t defend themselves at the event, but will definitely get even later
  10. Press conferences are streamed, so both friends and opponents can selectively cut your comments and post them on social media to support or harm you. So keep the messages as simple as possible

Anything I missed?

With thanks to my mate and all-round comms expert, @liamherbert, who sometimes sanity-tests my drafts.

Photo: Richard Nixon Presidential Library and Museum [Public domain], via Wikimedia Commons, October 26, 1973.

Oxfam – work begins on ensuring a permanent fix for the aid sector

Since allegations emerged of aid workers participating in sex parties in disaster-stricken Haiti, Oxfam has been fighting a rear-guard action.   It’s looked like an organization that was wrong-footed from the outset, never regained the initiative and is struggling to use its undoubtedly noble values as a defence for the defenceless.

This is doubly ironic, as many who know the sector say Oxfam’s HR and investigation processes are ‘stringent’ and better than many smaller, less well-resourced charities. A systemic issue that ranges across the sector as a whole looks more of a possibility.

Oxfam won’t win this one, but it must prevent the next one.

Aside from Oxfam’s unenviable current position, other notable elements of this crisis include the role of the International Development Department of the UK government and the Charity Commission. It could be the international development aid sector’s version of the #MeToo movement, with complainants or whistle-blowers feeling empowered by seeing stories of Oxfam.

The charity no doubt has systems and processes in place to collect, triage, verify, report and remedy allegations of all types of problem from bribery and corruption through to assault and mobbing.  There was a whistle-blower, there were internal reports and there are safeguards over employment processes.  So either the information didn’t reach the highest level or if it did, someone either didn’t appreciate its seriousness, or they decided to sit on some or all of it.  Its report of ‘misconduct’ to the Charity Commission, apparently, did’t contain specific allegations of abuse of  beneficiaries, according to a statement from the Commission.

Why not? And if not, does the Charity Commission have to take some heat because it didn’t dig sufficiently deeply into the allegations?  And how much did the International Development Department know and how diligently did it seek to discover more?

What next?

  • Bosses of any organisation must set a tone from the top that expresses a ‘zero tolerance’ for misconduct.  AND they must have the strength of character to also welcome reports of misconduct and ensure they are properly investigated and action taken.
  • The organisation must review its compliance processes, including whistle-blowing policies, hotlines and protection to ensure they’re fit for purpose
  • The processes and systems for ensuring good oversight of human resources management and safeguarding of employees and other stakeholders must be robust and must be tested
  • The Charity Commission has launched a statuary review and this must include a review its own processes if it finds that this incident has raised concerns that its oversight was weak or incomplete
  • The government is channeling public aid money through charities and has a duty to ensure it is satisfied with how the money is spent and that the organisations it contracts are the subject of rigorous due diligence from a financial, ethical, social and governance perspective.  The process may now have to be more intrusive than prior to the Oxfam/Haiti revelations
  • Any charity sitting on similar allegations should be seriously considering going public on anything they know – and soon…because the allegations will find their way into the public domain, sooner or later and it’s better to be proactive on this

Penny Mordaunt, for the International Development Department, announced a new unit, which clearly implies there are perceived weaknesses in the oversight processes. She said: “This unit will be wide-ranging and comprehensive in its remit, looking at safeguarding across UK and international charities, suppliers, and the UN and multilateral organisations so that together we can make progress.

‘This will look at how to guard against criminal and predatory individuals being re-employed by charities and abusing again, including the option of establishing a global register of development workers.”

And finally – all parties need to do the acid test: imagine there is a repeat of this scandal and review whether their improvements to policies, training, oversight and whistle-blowing would stand scrutiny in the court of public opinion. Imagine they’re picked over in The Times and see how complete and robust they seem to be then.

CrisisManagement offers crisis and resilience audits to ensure organisations have the right levels of awareness and proactive processes in place to avoid or mitigate risks.

Photo cropped from original of Haiti by @verdyverna. Many thanks for posting royalty-free.

 

The Presidents Club: the sound of British businessmen in five-speed reverse

20-20 hindsight is a great thing…

Bear with me on this, because the fallout from this dinner is a great crisis, business ethics and risk management case study.

Case study scenario: Bosses of company X are invited by supplier Y to a charity dinner as their guests where they will be treated to entertainment costing around £1,000 each at the men-only event. The guest list is packed with clients and competitors in the industry. Should they attend? End of scenario.

The ticket price of £1,000 would be ‘trigger one’. It would prompt a deeper dive into whether attendance is a good idea, initially relative to the UK Bribery Act and the Gifts and Entertainments clause of ISO 37001, the anti-bribery standard.  At a rough guess, the invitations should have been rejected at this stage by many guests, as attending the event, with this ticket price, could be seen to represent a significant potential compliance issue. Whereas they probably wouldn’t take a £1,000 bung for a business favour, a dinner ticket worth a grand needs careful handling. Alternatively, executives could be offered the chance to pay for their own tickets to avoid any whiff of a business ethics issue.

But if the company still considered allowing executives to accept the invitation, it should have a policy on, and a process to evaluate, offers of gifts, entertainment etc and give or refuse approval to attend on the company’s behalf.

‘Trigger two’ would follow, once due diligence had established the real nature of the event (men only except professional hostesses), aside from its charitable fund-raising.  And perhaps it would be good if men AND women were involved in this due diligence.  At this stage, it would probably be a ‘no’.

But in a broader context, if any scenario identifies a risk as having potential to hit the company, it must decide what to do against clear criteria.  Should it mitigate the hazard, avoid it or share it (insure against it)?

Avoiding it is the only option. It’s almost impossible to ‘share’ the risk of attendance at the Presidents Club dinner by insuring against it – and post-hoc mitigation attempts by those invited have been hilarious and represent some are excellent examples of throwing fuel on the fire.  Companies refuse to comment (their name is already in the Financial Times), so they’re guilty by association.  Individuals, including politicians say they were invited, but claim they left early (presumably before any of the harassment or groping got underway); some said they weren’t aware of any bad behaviour and others say that although they were invited, they weren’t there.  It’s the sound of British business in five-speed reverse… 

Anyone who thought a dinner like this couldn’t possibly be the subject of headlines of the Financial Times – for consecutive days – and that the Presidents Club itself would be dead in a day and a half following these revelations – needs a reality check.

So what should have happened?

A company wanting to avoid reputational damage and possibly a big-ticket legal item, like being the wrong side of the UK Bribery Act, should have implemented a systematic and arm’s length approach to event due diligence, which may include the following:

  • A diversity of people should review events the company is involved in on a strategic basis – and a case-by-case
  • The review needs to thoroughly determine the type of event – by using multiple sources
  • It needs to evaluate whether the cost of the tickets offered are in line with its own gifts and entertainments policy. If it doesn’t have one, it needs to get weaving PDQ…
  • On a company basis, it should avoid the hazard and not attend the event, as mitigation is also almost impossible. Mitigation, in this case, would be like choosing new material for the deck chairs on first day of the first voyage of the Titanic
  • And finally: Executives should do their own risk management 15 second test, by answering this question: “What would my kids think if they knew everything about the event I’m about to go to?”

As my old news editor used to say: “If in doubt (lad), leave it out.”