Corporate reputation is increasingly able to either generate or destroy shareholder value rapidly, concludes a report by The Conference Board that provides recommendations on how corporate boards can ensure companies develop a robust reputational risk-management process.
“Despite a recent surge in research on the topic, corporate reputation remains a highly disjointed field of study,” says Matteo Tonello, senior research associate at The Conference Board Governance Center and author of the report, Reputation Risk: A Corporate Governance Perspective. “There is still very little guidance on the oversight function of the board in protecting and enhancing this corporate asset.”
To fill this gap, The Conference Board held a Corporate/Investor Summit on reputation risk governance recently in Washington, D.C. Moderated by Carolyn Brancato, director of The Conference Board Governance Center, the summit was sponsored by KPMG LLP and KPMG’s Audit Committee Institute and held in conjunction with the Council of Institutional Investors’ annual meeting. Summit delegates included representatives from corporations, investors and professional institutions.
The group reached consensus on a set of principles and guidelines in reputation risk governance. “This is an important study that thoughtfully explores an increasingly fragile ingredient of success, i.e., reputation, and how it can shape a company’s risk content and processes,” explains John Farrell, national lead partner, enterprise risk management at KPMG LLP.
“The report increases the awareness of reputation risk as a corporate governance matter and offers guidance on how corporate boards can approach their fiduciary responsibilities in this area,” Tonello adds. “Corporate governance is the system of checks and balances instituted by the board of directors to ensure that an organization is suited to meet its business objectives, not the interest of insiders."
Because corporate reputation is the perception of the firm by a variety of stakeholders, Tonello continues, board members should "consider having an organizational program in place to oversee any material event that may affect stakeholder relations so as to ensure that such events do not compromise the company’s ability to achieve its long-term goals.”
The report makes the following recommendations for corporate boards:
Reach a common understanding of the concept of corporate reputation, and tie its discussion to a comprehensive analysis of the firm’s stakeholder base. Corporate reputation oversight represents a formidable strategic opportunity to strengthen stakeholders’ relations that pertain to the company’s long-term business objectives.
Become familiar with management’s rationale for prioritizing stakeholder relations, and be persuaded that the selected relations are instrumental to achieving the firm’s long-term objectives. In doing so, directors should be aware that executives and other insiders might attribute different importance to the same group of stakeholders, according to the degree of interactions they have experienced with such groups or the potential private benefit they might derive from certain relations.
Discuss and understand the nature of reputation risk as an effect of certain business operational incidents, not a separate and distinct category of uncertainties. Accordingly, directors should consider objecting to the establishment of a dedicated organizational platform to address reputation risk, as it would conflict with current risk-management integration best practices and would slow development of a full-fledged enterprise risk management (ERM) program.
Failing to embed reputation risk into ERM could lead to inefficiencies and disparities in the company’s response to risk events. In addition, it could undermine the firm’s ability to foster a cohesive culture of risk awareness.
Oversee the design and implementation of a strategic, top-down and holistic risk-management program. The program should identify business events with potential consequences for the firm’s reputation, and measure their potential impact with regards to the firm's risk-tolerance levels.
Enterprise risk management enables the company to elevate relevant reputation issues to the board level, where they can be analyzed strategically and in relation to their possible impact on long-term shareholder value.
Consider adhering to The Conference Board "road map" to risk governance, which includes reputation risk within a comprehensive risk-management program. Specifically, the board should ensure that such ERM phases as the risk portfolio compilation, assessment and response strategy determination do not disregard potential effects of business risk events on reputation capital.
Oversee the process adopted by senior executives to identify, categorize and prioritize business uncertainties, even with respect to their reputation effects. Directors should ensure that prioritization criteria and other techniques used in compiling a risk portfolio comprise, among others, a set of reputation metrics. Specifically, the inclusion of a risk event in the portfolio should also be decided based on likelihood and impact of the event consequences on the company’s reputation capital.
Oversee the determination of a proper response strategy to each risk category affecting corporate reputation. Response strategies should be chosen, among other things, on the basis of a resource cost-benefit analysis.
Directors should be skeptical of any attempt at restoring stakeholder confidence exclusively through savvy communication tactics, and request that response strategies fully address underlying operational risks. In a well-designed ERM program, communication tactics and better disclosure should be seen as tools to corroborate and complete a business risk response strategy, not to replace it.
Stephen Miller is manager of SHRM Online’s Compensation & Benefits Discipline.