As forensic consultants, we keep hearing about Asia-Pacific financial institutions holding four crisis meetings a week for every practice. In many cases, these meetings have been going on for more than two years. And that challenges us. If “business as usual” is now “crisis as usual”, how can we plan for the long term?
By definition, companies in crisis mode operate minute by minute, making quick decisions to solve short-term problems. In this environment, long-term strategic planning goes out the window. But when does long-term planning come back? When – and how – can we move beyond the crisis and begin to operate and plan in an unstable world?
In our view, the point is now. Crisis response is now a well-established habit in your establishment. This means that corporate crisis responses are now business as usual. They no longer represent a crisis.
Accept that volatility is here to stay
It’s time to figure out how to operate in a permanently unstable world. In 2020, when “unprecedented” became Dictionary.com’s chosen word of the year, it was clear we were heading into uncharted territory. Two years later, we’ve stepped so far into the unknown that the “old normal” has become quaint, ancient history.
Instead, business leaders should expect an increasing number of “gray rhino” events (obvious, but overlooked) as well as “black swan” events (unexpected and unlikely), both of which pose challenges to long-term planning.
For events related to the gray rhino, climatologists have long predicted crises such as extreme weather events, water and food shortages. Likewise, the pandemic (if not its timing) was also expected. Now the COVID-19 genie is out of the bottle and rapidly mutating – and it’s only a matter of time before the next major pandemic hits, bringing with it another round of supply chain disruptions. related to the pandemic.
Leaders must accept that these large-scale shifts are coming and prepare for such events – even if the timing is hard to pinpoint. For example, building more sustainable and climate-diverse supply chains is an important way to mitigate the risks of gray rhino-related events.
On the other hand, Russia’s invasion of Ukraine was an unexpected event (black swan) for most companies. The ongoing and increasingly dangerous war has resulted in multiple crises, including soaring energy prices, a global food emergency and a deluge of refugees across Europe. Black Swan events are, by definition, impossible to predict. Instead, leaders must build crisis response systems that allow them to meet the unique challenges that black swan events bring without allowing them to overwhelm long-term thinking.
US-China relations are another area of potential crisis, especially after the new tension created by the war in Ukraine. According to the Center for Strategic and International Studies, companies should prepare for “the unthinkable” and are not ready for what is to come. As the Center puts it: “US-China relations have deteriorated to depths not seen since the late 1960s, when the two had no diplomatic relations and were shooting at each other in Vietnam.” Companies operating in China and the United States should be prepared for more supply chain shocks, data security issues and other market disruptions.
Reconfigure your risk controls and change your reward culture
Organizations must accept that they are operating in a world that will face regular occurrences of gray rhinos and black swans – sometimes simultaneously. And not all of them will come from world events: some are also hiding in your organization.
Before the pandemic, most companies were looking at risk universes where the ratio of controlled to uncontrolled risk was around 90:10. Today, the scales have tipped. Some of our clients feel that the pace and scale of change means the ratio is now closer to 50:50. These institutions are now working with us to repopulate risk registers and implement new controls to address the wide range of previously uncontrolled risks.
While many of these risks relate to climate and geopolitics, which are largely beyond the control of companies, others are internal and can be managed. For example, hybrid working has created new fraud risks, including inadequate controls and employee disengagement. Some of these issues have only just come to light, prompting investments in new controls, better training, more active wrongdoing investigations, and employee engagement.
In addition to using ‘stick’ tactics to manage these new fraud risks, institutions should also look at ‘carrots’. If a job is worth more than the bribe offered, people are more likely to do the right thing. In this sense, employee engagement and satisfaction become critical. As fears of rising unemployment grow, institutions need to ensure key staff have a clear vision of what the organization will look like over the next two years – and that they are secure in their place within it.
Businesses need to be aware of survival bias. For example, members of the IT team who take down the hacker become employees of the month, but IT workers who work diligently to prevent hundreds of potential attacks are often dismissed as “just doing their job” and overlooked. These are the real heroes and behavior that institutions should reward. People who have quietly integrated the “crisis as usual” into their daily tasks. For whom, protecting the organization from crisis is part of their job description.
In this operating environment, we must stop treating those facing the crisis as something special. Because crises were once unusual and scary, companies have taken to rewarding those who solve them.
Rethinking and outsourcing crisis management
If leaders are to return to strategic planning, they need others to help their organization prepare for, respond to, and emerge stronger from ongoing crises. Leaders cannot base future planning on the crisis that erupted this morning – or act on the last thing they heard. They need a pair of safe hands to deal with today’s crisis so they can focus on planning and investing tomorrow.
Former regulators, intelligence officials, and government and industry security professionals are well placed to identify, analyze, and manage risks – both in advance and at critical times. They also provide external information that can feed into long-term planning, ensuring that strategy takes into account the unlikely and the unexpected.
When leaders are helped to manage risk and deal with uncertainty, they regain the space to think long-term and develop strategies that will survive exposure to extremely volatile business conditions.
The content of this article is intended to provide a general guide on the subject. Specialist advice should be sought regarding your particular situation.