In the restaurant industry, risks are numerous and inevitable—contaminated food, supply chain disruptions, ethics regarding GMOs and the treatment of food sources, employee or executive misconduct—they all have the potential to turn into a reputational incident that puts companies in the hot seat with stakeholders. But now there are additional risks, legal and reputational, for companies and individuals in positions of leadership. But unlike the risks covered by D&O liability insurances, these new issues can be mitigated only through integrated operational, governance, and risk management strategies.
Executives and boards of directors are particularly susceptible to these risks given several recent developments. Late last year, the Department of Justice adopted a new policy stating that previous investigations have too often concluded, “without effectively punishing the human beings responsible for making corrupt decisions.” DOJ’s memo describing this policy reads like an invitation for companies to point fingers at individuals—even if they are not culpable and have acted in good faith—as a way of getting the enterprise itself off the hook.
Also, in the past nine months, there have been six shareholder derivative and class action lawsuit filings driven by shareholder disappointment in leadership’s ineffectual management of reputation risk. In fact, reputation was mentioned in more lawsuits than the entire previous seven years.
With 90 percent of S&P 500 companies referring to reputation as a material risk in their public SEC filings without laying out detailed and effective mitigation plans, board members are leaving themselves exposed. They are overseeing operations that recognize the risks reputational issues pose, but simply mounting a marketing or corporate social responsibility campaign is tantamount to putting targets on their backs that plaintiffs’ lawyers will hit every time.
The tide began shifting in 2016 when at Chipotle Mexican Grill, shareholders represented by a proxy advisory firm blamed food-safety missteps that rocked the company at least partly on members of the company’s board, recommending votes against two of them. They said the board’s audit committee failed to “appropriately implement a risk management oversight process that might have mitigated the severity of these incidents and their fallout on the company’s brand, reputation and stock price.”
Most corporate leaders know they need to do something to address reputation risk, but they usually make the mistake of leaning too heavily on marketing, corporate and social responsibility (CSR) campaigns, and environmental, social and governance (ESG) programs as their reputational strategies.
Consider Starbucks’ support of programs to deliver clean drinking water, Dunkin’s vow to remove polystyrene cups from its New York City locations, or Red Lobster’s partnership with the Monterey Bay Aquarium Seafood Watch to guide sourcing practices and protect global fisheries—CSR and ESG efforts are increasingly becoming prominent part of the identity of companies in the restaurant industry.
While these noble undertakings are valued by customers and employees alike, they don’t boost reputational value or bolster resilience to the extent leaders think they do. They won’t protect leaders and their companies from the perils of litigation, regulatory scrutiny or financial damages when something stakeholders passionately care about goes terribly wrong, especially with food freshness, quality and safety.
Reputational risk is the gap between expectations and reality, and stakeholders—customers, suppliers, employees, investors or government regulators—all have expectations about corporate governance, safety, reliability, business operations, and financial performance. When their expectations aren’t met, whether it’s because a bovine disease sickened a food source or because of executive wrongdoing, they will be disappointed or angry.
Ironically, the aspirational nature of marketing often exacerbates this gap. It’s the marketing teams’ job to support sales by creating the best possible image of the company, but in doing so, they may also be creating outsized expectations that don’t align with reality. While these aspirations may be attractive to some groups of stakeholders when all is going well, they will provide little insulation, or comfort, when there’s a crisis.
And yet, some companies continue to cling to the notion that marketing and CSR programs will protect them from reputational crises based on operational issues. YUM! Brands, for example, in responding to a move by some shareholders seeking board reports on various CSR initiatives, noted that, while reputation is indeed a board responsibility, it is overseen on an operational level by the chief communications and public affairs officer. That’s fine as far as it goes, but it misses the importance of taking the same type of enterprise risk management approach to reputation as the company takes to other types of risks.
Reputation risk should be managed by risk managers rather than by marketers. It’s already the risk manager’s job to engage with every level of the organization to identify, minimize and protect against enterprise risks—reputation should be no exception.
Enterprise risk managers, who now often hold the title treasurer, chief risk officer or chief financial officer, know how to talk to market analysts, creditors and other financially savvy stakeholders. They will also immediately understand the importance of third-party analyses and the type of insurance products that are now available that act as warranties on governance—making clear to lawyers, activist investors, regulators and others that outside underwriters have confidence in their systems and practices.
Employing enterprise risk management strategies is the best way to protect corporate reputations and convey to key financial and legal stakeholders a simple, clear, convincing and authentic story of good governance and operational control. It shows that company leadership has done its job and also protects them as individuals when the courts of law and public opinion come calling.
