Issues for 2002
As Risk Management Reports begins its 29th year, I put forward the most significant issues of the year for risk managers, continuing a habit first started in 1988. Most prior years focused on practical and financial concerns. In 2001 I identified governance and the role of risk management in the organization as the most pressing issues: how the discipline should be structured, led, coordinated and communicated. Judging by the numerous papers and conferences that addressed these subjects, it was on target.
In this year dominated by global political and economic turmoil, I submit three broader and more philosophical issues. First, how can organizations, particularly those in the profit-making sector, re-establish their severely eroded credibility with stakeholders? Second, how can all organizations, profit and nonprofit, improve their resilience in the face of increasing contingencies? And third, how can we regain a more balanced perspective of the future? Are these proper issues for risk managers? I submit that they are essential to the goal of our discipline, which is to build and maintain the confidence of stakeholders in the future of the organization.
Are we losing it? From Europe and Asia to the Americas, a global recession commands economic headlines. Argentina struggles against default and chaos. Afghanistan cries for relief funds. The World Meteorological Organization in Geneva reports that 2001 was the second warmest year in the past 140 years of record-keeping: global warming continues, even though we are not sure why. Political violence continues, from the Middle East, Sri Lanka, Spain, Nepal, the Balkans, and the Caucasus to Indonesia, the Philippines and many areas of Africa. Disease and famine remain uncontrolled. Malaria kills 3,000 people a day. New antibiotic-resistant strains of tuberculosis threaten millions. AIDS has grown from 225,000 infected people in 1980 to 40 million in 2001, 70% of whom live in sub-Saharan Africa. Of these 3 million will die in 2002. The gap between rich and poor looms over us: almost half the world’s population lives on less that $2 a day. And the events of September 11, 2001 destroyed forever the “innocence” of those living in the United States, who harbored the illusion that “it couldn’t happen here.” Terrorism is a global problem. And to top it off, doctors tell us that Americans are submerged in obesity, a major contributing cause to 300,000 deaths a year. Is anything going right?
Yet there is no reason to wallow in pessimism. Jacques Barzun provides the key for 2002:
That’s the goal for risk managers in these unsettled times: to use enthusiasm, imagination and reason to help guide our institutions into intelligent action.
Credibility Can we believe what we are told? If confidence in an organization is the goal of risk management, then this is the paramount issue for 2002. The public’s opinion of the words of corporations comes close to scorn. The pabulum pushed out over the airwaves and in print is openly discounted: many of us use the mute button whenever an advertisement appears on television. “Research” reports funded by corporations are dismissed with derision. These beliefs are justified. Consider corporate earnings reports, an “open scandal of misinformation,” according to Peter Bernstein (Economics and Portfolio Strategy, October 15, 2001). They are twisted into numerical contortions to satisfy management’s desire to meet the expectations of securities analysts and to avoid the inevitable stock price plunge when they do not. Off-balance sheet guarantees, contributing factors to the Enron melt-down, are grossly misused. For Alstom in Europe they were an astounding 12.8 billion euros in December, according to The Economist. They are another example of trying to manipulate financial statements to meet the narrow goal of short-term improvement in earnings per share. Then add the appalling conflicts of interest that further erode our confidence in both organizations and their numbers. Accounting firms grow rich on consulting fees, not on audit fees. People therefore believe that accountants compromise their auditing standards to meet management’s wishes. This is one allegation in the Enron case, and it has been raised in almost every other financial disaster in the past five years. Arthur Levitt, the former head of the US Securities & Exchange Commission, sought to separate the consulting and auditing functions, without success.
Conflicts of interest are rampant in almost every area of business. Board members are pals of management, often representatives of service providers, such as banks and legal counsel, compromising independence. Securities analysts from banks and investment firms allegedly modify their recommendations based on whether or not their firms are handling lucrative loan, merger, acquisition and initial public offering (IPO) business for their clients. One broker acknowledged that commissions received from insider trades were “. . . a way of saying thank you for the (favorable) research coverage” (New York Times). Credit Suisse First Boston stands accused of splitting profits with favored clients allocated shares in IPOs during the dot.com bubble. Insurance brokers, legally charged with representing their client’s interests, regularly accept commissions, overrides, and temporarily invested premium fund incomd from the insurers with whom they place business. They even invest in their own underwriting facilities. How can we trust counsel from these advisors when these conflicts exist?
Finally, add the growing scandal in pension and 401(k) retirement investment plans, many of which are too heavily invested in company stock. Lucent and Enron are but two recent examples of companies whose employees have been made paupers by the precipitous decline of the stocks they held. In England, soft commissions from favored stock brokers are under attack as ultimately harmful of the interests of clients. Two lessons come out of these disclosures. First, the investment advisors to pension and 401(k) plans should be completely independent of corporate management. This includes being separate from firms that do other business with the company. “Undivided allegiance to the plan beneficiaries” must be the rule. Second, employees need independent counsel on their investment selections.
Risk managers will perform an invaluable service in 2002 by working to identify the real and perceived conflicts of interest within their organizations and starting to change the situation. They can also encourage management to report financial and other information quickly and accurately. Re-establishing corporate credibility will take time but a start must be made. It requires a continuing two-day dialogue with stakeholders. I’ve emphasized the importance of risk communication for some years in these pages. It remains the single most under-recognized aspect of risk management.
Resilience We cannot abolish uncertainty. It continues to dominate our lives and is indeed the relish of life. What we learned from the disasters of September 11 is a fresh appreciation of the innumerable contingencies and interdependencies that make our modern economy work and organizations thrive. While we are increasingly vulnerable to the unexpected, we can construct new responses to improve our resilience. Creating these responses and communicating them to critical stakeholders are key issues for risk managers this year. The crises of the early 21st century are also opportunities. Y2K was an expected event that did not materialize, in large measure because we modified our procedures. September 11 was an unexpected event that did happen. Again we are responding globally. Both have strengthened, not weakened, our institutions.
Paul Slovic suggests that “. . . risk analysis should be supplemented by vulnerability analysis that characterizes the forms of physical, social, political, economic, cultural, and psychological harms to which individuals and modern society are susceptible” (Risk Newsletter, Vol. 21, No. 4). I add to those “harms” also the “opportunities” that vulnerabilities create. Don’t forget the plus side!
Interdependencies inevitably involve ripple effects. September 11’s ripple moved outward from Ground Zero, to the local businesses in downtown Manhattan, throughout New York City, to the entire US, and then beyond. Airlines were shut down for a week and triggered the ensuing bankruptcies of both Swiss Air and Sabena. The ripples are still being felt. The anthrax mailings crippled portions of the U.S. Postal Service and continue to affect the economy. Three accidents in two years in Switzerland’s alpine tunnels rippled throughout Europe. In March 1999, a fire closed the Mt. Blanc Tunnel. It remains closed. In October 2001, a fire shut down the St. Gotthard Tunnel and, two days later, another fire hit the San Bernardino Tunnel. Six tunnels through the Alps throttle trans-European truck and rail transportation. We live in a wired world, dependent on the Internet and the servers that give us access to it. How susceptible to shutdown is this global electronic linkage? We do not really know. Within the next three years we’ll probably have a challenge, another crisis that will test our planning and, in its aftermath, that will help us build new safeguards. Another on-going dependency is the reliance of the bulk of the developed world on fossil fuels. The current Middle Eastern unrest accentuates this problem, yet we in North America seem unwilling to trade in our gasguzzling S.U.V.s for more fuel-efficient vehicles (for example, the gas and electric cars that go 60 to 70 miles per gallon), to price gasoline realistically, or to twist our thermostats down to 60 degrees Fahrenheit (about 15 C.), which doctors say would in any event be better for our health.
Identifying these interdependencies and their effects (both unfavorable and favorable) is a major responsibility of risk managers. It should go beyond the obvious or primary results to the secondary and tertiary ripples. Small events in another part of the world may be magnified into disasters elsewhere. This is analogous to the famous beat of the Chinese butterfly’s wings that ends up as a hurricane in the US. The risk manager’s role of identifying potential effects is followed by creating considered responses, planning for all contingencies. In a sense, risk management is merging with contingency or business recovery planning. Aren’t these two disciplines are essentially the same?
Resilience also depends on access to financing following a change of circumstances. The volatility of financial markets over the past decade suggests that risk managers will do well to return to an old idea. A reserve or emergency fund may be more effective than dozens of derivatives and a lockbox full of insurance polices. Southwest Airlines has already proved this point. In the aftermath of September 11, when its sister airlines were scrapping flights, laying off employees, and pleading with Congress for financial aid, Southwest turned to its reputed $2 billion cash reserve fund. It, in stark contrast to other airlines, continued to fly most of its routes and maintained its employee rolls. Think of the confidence it built with its customers, employees and served communities. Why not return to that old-fashioned idea of a contingency fund? No, contributions to such a fund are not tax deductible, but why not lobby for that status, as corporations are doing in France? Why not re-consider catastrophe bonds? Sure, they cost more than conventional insurance (for the time being), but the cash is in hand! Why not consider new industry pooling arrangements, as the airlines are now doing? These are proven financial tools, witness the successful and financial secure pools of YMCAs, oil companies, and universities, among others, in North America. Resilience requires secure and quickly available financing.
Unfortunately, public opinion can subvert sound financing decisions. The American Red Cross, more than successful in raising funds for the victims of September 11 in its Liberty Fund, wisely (in my view) decided to set aside half (about $300 million) of its disaster receipts to help fund potential future disaster victims. A public and Congressional outcry forced the resignation of its President, Dr. Bernadine Healy, (for this and other reasons) and cancellation of the decision. The initial decision was the right one; the communication of the actions of the Red Cross was flawed.
Two potential problems require close attention by risk managers in 2002. The first involves worms, viruses and the plague. It’s not medical, it’s the Internet. A worm, a self-replicating, self-contained program, could infiltrate the more than half million Internet Information Servers and effectively cripple Internet operations. As computer use expands geometrically throughout the world, the potential repercussions will grow at the same rate. Scientific American addressed this problem in an article entitled “Code Red for the Web” in its October 2001 issue. Risk managers should inform themselves on this issue (see www.sciam.com and the National Infrastructure Protection Center at www.nipc.gov). Responses include not only the conventional approaches to backing up, storing and retrieving data, but also new views on how an organization would continue if the entire Internet was shut down for a considerable period.
The second potential problem is that of our heavy dependence on Middle Eastern oil. Heat, transportation and power all rely on fossil fuels. This dependence can distort foreign policy as well as threaten individual organizations. Has you organization considered a worst-case scenario that involves a reduction in the availability of these fuels, combined with a radical rise in cost?
Building resilience is a basic risk management responsibility, as is communicating to stakeholders how the organization plans to proceed in the event of certain contingencies.
Perspective An argument can be made that many of us in the developed world live in self-indulgent cocoons. We foster a Panglossian delusion that we live in the best of all possible worlds, one in which all problems are solved by the operation of the “market” and our ever-expansive technologies. We have, after all, successfully demolished the presumptions of Communism, and we are on a roll. We are more concerned with shortterm results. What count are the numbers of this quarter and the next, corporate stock prices, and this year’s bonus. Simply stated, we’ve lost perspective. We fail to see the world as it really is and the necessity for long-term planning. That illusion lies in shards at our feet. We now must re-establish long-term perspectives for governments and corporations alike. Perspective means taking into consideration the desires and needs of all stakeholders, not just those who hold stock. It means considering the effects of today’s decisions ten years on. It means looking at all issues and ranking their relevance. Each year, in the US, we kill each other with cars, cigarettes, drugs, alcohol, and guns, doing little to change habits, even while mounting expensive crusades to eliminate diseases that claim far fewer lives. We litigate equally expensively for other relatively minor injuries and deaths. Let’s begin to apply funding more intelligently to the protection of life and limb. That effort can and should begin with corporations taking a broader and more informed perspective on the allocation of funds.
Two other aspects of perspective warrant comment. First, in a world dominated by television’s talking heads and commentators eager to provoke sensational sound bites, we need to take a bit more time before speaking. Our tolerance for delay has disappeared in a wired world. We want instant comments and answers. Shorter attention spans mean that competing messages interfere with each other. The cautious and considered response is, too often, non-existent. I was therefore pleased to listen to the answers of the US Secretary of Defense, Donald Rumsfeld, in many of his press conferences on the war in Afghanistan. He often pauses, at length, to weigh and consider his answers, deliberating in his own mind as to what he should say. It’s a trait that risk managers can productively follow.
Second, we could learn something from the tried academic idea of the “reading period.” A week’s hiatus from lectures and labs, devoted to reading and re-reading assigned materials before examinations, refreshes perspective. I was reminded of this idea on the arrival of The Economist’s annual two-week,year-end issue, one crammed with reflection on both past and future. Why not devote the last week of the year to a similar reflective reading period, to restore perspective?
My three issues for 2002 are re-establishing credibility, building resilience, and regaining perspective. Implicit in these is s new understanding of the importance of ongoing, twoway communication with an organization’s stakeholders. It’s an opportunity for risk managers. Take it! Late last year, the Society for Risk Analysis asked each of its past presidents for their comments on September’s disaster. Vince Covello, Director for the Center for Risk Communication, suggested 21 guidelines for effective risk and crisis communications (see RISK Newsletter, Vol. 21, No. 4). I cite three of them for risk managers:
Copyright H. Felix Kloman and Seawrack Press, Inc.
to RMR Table of Contents
RiskINFO Home Page
Additional Topics This Month and Archives