No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Risk

10 Keys for Executives to Manage Reputation Risk

by Jim DeLoach
August 3, 2017
in Risk
thumbs down with one-star rating

When a good reputation is difficult to build and easy as pie to destroy, it’s a business imperative to manage the company’s reputation carefully. Jim DeLoach outlines five critical areas leadership must pay close attention to, and 10 factors total that can be critical in managing reputation risk.

With today’s electronic and social media, the news cycle reporting on the downward spiral of a once-proud organization that has suffered severe reputation impairment is not a pleasant one to watch. Unfortunately, such news events capture our attention all too frequently, leaving an indelible impression about a company’s reputation and brand image.

Applied to a business, “reputation” represents an interpretation or perception of an organization’s trustworthiness or integrity. While the truth ultimately prevails over the long term, reputation can be based on false perceptions in the near term. If accurate over time, reputation provides a barometer of how an organization is likely to respond in a given situation. However one defines reputation, everyone agrees it’s a precious enterprise asset and recognizes a reputation that has been damaged beyond repair.

We define “reputation risk” as the current and prospective impact on earnings and enterprise value arising from negative stakeholder opinion. To one author, it is “the loss of the value of a brand or the ability of an organization to persuade.”1 Bottom line, reputation is fragile. What takes decades to build can be lost in a matter of days.

Below, we explore 10 essential keys for senior executives and directors to consider in managing reputation risk. We classify them in five critical areas – strategic alignment, cultural alignment, quality commitment, operational focus and organizational resiliency.

Strategic Alignment

#1: Effective board oversight: Reputation risk management starts at the top. Strong board oversight on matters of strategy, policy, execution and transparent reporting is vital to effective corporate governance, a powerful contributor to sustaining reputation and the ultimate checkpoint on CEO performance. For example, the board’s oversight of risk is important because effective identification and management of risk can identify major threats to reputation and ensure they are reduced to an acceptable level.

#2: Integration of risk into strategy setting and business planning: The board and executive management must ensure that risk is not an afterthought to strategy setting and business planning. Integrating risk with these core management processes makes it a relevant factor at the decision-making table, facilitates a strategic view to undertaking risk, and intersects risk management with performance management. In an effort to make the strategy more robust, directors and executives should understand the critical assumptions underlying the strategy, ask appropriate questions to challenge assumptions constructively and consider reasonable scenarios that could render one or more of the assumptions invalid. It is important for management to define the inherent soft spots, incongruities and opportunity and loss drivers that could impact execution of the business plan and dramatically affect performance. Also, the budgeting and forecasting processes supporting the business plan must be effective in managing liquidity risks that can threaten the organization’s viability during the planning period.

#3: Effective communications, image and brand building: Building brand recognition unique to a business is vital to market success and, when all else is working well, augments reputation. A good story is easy to tell, but every savvy board and CEO know that some companies are better at telling their story than others. Therefore, directors and executives need to understand the image and brand-building game plan. Typically, the best companies are customer-focused; understand their value proposition; develop powerful and distinctive messaging; listen well and act to improve their processes, products and customer experience continuously; establish accountability for results with metrics, measures and monitoring; work social media effectively; and passionately live up to their brand promise every day. The messages the press, analysts and others communicate about the company through print and electronic media and word of mouth are influenced by good marks on the other nine keys to managing reputation risk.

Cultural Alignment

#4: Strong corporate values, supported by appropriate performance incentives: The trickle-down notion that, if tone at the top is good, the organization’s culture must be good, doesn’t always hold. Lower-level employees often pay more attention to the messaging and behavior of their supervisory middle managers than the messaging and values communicated by the organization’s leaders. Boards need to ensure that executive management implements a strong tone at the top, a variety of effective escalatory processes, and periodic assessments of the tone in the middle and tone at the bottom. To that end, the executive team needs to ensure alignment of performance incentives with corporate values to shape and influence the corporate culture end to end:

  • Up, down and across the organization
  • Upstream with strategic suppliers
  • Downstream with channel partners

Also, executives and directors need to pay attention to the warning signs posted by the independent risk management function and in audit reports evidencing the possibility of dysfunctional behavior.

#5: Positive culture regarding compliance with laws, regulations and internal policies: Few incidents undermine reputation more than serious compliance violations with the attendant headline effect of the brand being dragged through the mud by the media. Senior executives, with board oversight, should ascertain that effective internal controls over compliance matters are implemented. Executive management must “walk the talk” with respect to compliance, meaning executives should:

  • Maintain strong compliance administration and oversight across the organization;
  • Periodically conduct a comprehensive risk assessment;
  • Refresh the compliance program for changes arising from new regulatory developments;
  • Understand the players and third-party agents in countries in which the organization does business and monitor their dealings closely;
  • Implement robust compliance training and certification;
  • Ensure that adequate documentation of compliance-related communications to and training of employees is maintained; and
  • Implement escalatory processes for reporting wrongdoing and suspected violations along with effective follow-up upon receipt of allegations meriting investigation.

In addition, effective auditing and monitoring capabilities to evaluate compliance effectiveness should be in place to ensure the above capabilities are functioning as intended.

Quality Commitment

#6: Priority focus on positive interactions with stakeholders: The executive team and board of directors should ensure that there is a passionate focus on improving stakeholder experiences. These are the accumulation of day-to-day interactions that customers, employees, suppliers, regulators, shareholders, lenders and other stakeholders have with a company as a result of its business operations, branding and marketing. If internalized and acted upon, they are a powerful driving force for improving and sustaining reputation. To illustrate, organizations that take the time to really know their customers, align company goals with customer needs and act to ensure a distinctively different experience for customers are going to be noticed in the marketplace.

#7: Quality public reporting: When public companies restate previously issued financial statements for egregious errors in the application of accounting principles or omission or misuse of facts, investors notice. For companies contemplating an initial public offering, a well-designed financial close process, effectively functioning internal financial reporting controls and an understanding of what not to say when talking with the press and the investor community are important. For established companies, vigilance in maintaining internal control over financial reporting and in deploying effective disclosure controls and procedures is important to ensure reliable public reports. The markets take quality public reporting at face value. Once a company loses the public’s confidence in its reporting, it’s tough to earn it back.

These points suggest that a strong audit committee is an imperative.

Operational Focus

#8: Strong control environment: A critical component of internal control, the control environment lays the foundation for a strong culture around achieving the organization’s operational, compliance and reporting objectives. In addition to management’s commitment to integrity and ethical values and the oversight provided by the board of directors in carrying out its governance responsibilities, as discussed earlier, the control environment consists of the organizational structure and assignment of authority and responsibility; the processes for attracting, developing and retaining competent people; and the rigor around setting the appropriate performance measures, incentives and rewards that drive accountability for desired results. Because embarrassing control breakdowns can tarnish reputation, every board should expect and demand a strong control environment.

#9: Company performance relative to competitors: Even if a company does everything else right, its reputation will suffer if its business model is not competitive. Market recognition of success is a huge validation of a company and its management team. Recognition of differentiating strategies, distinctive products and brands, proprietary systems and innovative processes are intrinsic sources of value that can translate into superior quality, time, cost, innovation, talent management and customer-fulfillment performance relative to the company’s competitors. On the other hand, significant performance gaps vis-à-vis competitors can diminish reputation if they are not addressed in a timely manner. These factors should weigh heavily on a board’s evaluation of company performance over time.

Organizational Resiliency

#10: World-class response to a high-profile crisis: Sooner or later, every company is tested. As a crisis event is a severe manifestation of risk, crisis management preparation is a natural follow-on to risk assessment, particularly for high-impact risk events with high-velocity, high-persistence and low-response readiness.

Executive management, under the board’s oversight, should ensure that the risk assessment process is designed to identify areas where preparedness is lacking and, therefore, response planning is needed. If a crisis management team doesn’t exist or isn’t prepared to address a specific sudden crisis scenario, a rapid response will be virtually impossible. Fires cannot be fought with a committee. Response teams should be supported with robust communications plans emphasizing the importance of transparency, straight talk and effective use of social media. The response team should update and test the rapid response plan periodically.

While a one-size-fits-all approach to reputation risk management does not exist, attention to how a company addresses these 10 keys will help shape its reputation over time. Reputation risk management is inextricably linked to the company’s risk management and crisis management disciplines, as well as to the alignment of strategy and culture with the enterprise’s commitment to quality and operational excellence.

From the standpoint of executive management and the board’s oversight, the 10 keys offer a framework for focusing on what’s really important when managing reputation risk.

Questions for Executive Management and Boards

The following are some suggested questions that senior executives and boards of directors may consider, based on the risks inherent in the entity’s operations:

  • Is executive management focused on the appropriate fundamentals for enhancing and preserving the enterprise’s reputation?
  • Does the risk assessment process source significant threats to the company’s reputation and identify areas requiring consideration of response plans to improve preparedness and rapid response? Is there a rapid response plan for the high-impact, high-velocity and high-persistence scenarios identified in the risk assessment process?
  • Is there adequate focus on the critical enterprise risks that could impair the enterprise’s reputation if not managed effectively? Does management apprise the board timely of significant changes in the enterprise’s risk profile? Is there a process for identifying emerging risks on a timely basis?

1 Governance Reimagined: Organizational Design, Risk and Value Creation, David R. Koenig, John Wiley & Sons, Inc., page 160.


Tags: Board Risk OversightReputation RiskTone at the Top
Previous Post

Thomson Reuters Regtech Solution Wins Prestigious Award

Next Post

The Impact of Technology on Enhanced Due Diligence

Jim DeLoach

Jim DeLoach

Jim DeLoach, a founding Protiviti managing director, has over 35 years of experience in advising boards and C-suite executives on a variety of matters, including the evaluation of responses to government mandates, shareholder demands and changing markets in a cost-effective and sustainable manner. He assists companies in integrating risk and risk management with strategy setting and performance management. Jim has been appointed to the NACD Directorship 100 list from 2012 to 2018.

Related Posts

cfpb building sign

What Does Weakened CFPB Mean for FinServ Compliance?

by Carrie Pallardy
April 30, 2025

Federal deregulation doesn't mean compliance professionals can relax. CCI contributing writer Carrie Pallardy investigates the implications of a weakened Consumer...

signing deal signature

When the Ink Dries: 6 Critical Post-Transaction Areas That Make or Break M&A Success

by Jim DeLoach
April 14, 2025

Poor follow-up once the deal is closed can cause culture clashes & value erosion

news roundup new

Bang for the Buck: Regulators Pivot to Fewer But Higher-Value Enforcement Actions

by Staff and Wire Reports
April 11, 2025

CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your...

farm silos

Siloed Thinking, Scattered Compliance: The Leadership Challenge in GRC

by Anna Muzalska
April 7, 2025

Strong leadership and integrated communication prove as critical to compliance success as policies and procedures alone

Next Post
The Impact of Technology on Enhanced Due Diligence

The Impact of Technology on Enhanced Due Diligence

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights