There is no doubt that companies are faced a level of scrutiny that the world have never seen before. Almost on a daily basis are companies being exposed as fraudsters, environmental culprits, tax evaders or child labour abusers. No company can know what or who will be next to be exposed in the media as the biggest unethical corporate abuser of the worlds resources.
One side effect of this trend have been the numerous standards and quality management systems that focuses on different approaches to reducing the risk of poor decision making and unethical corporate behaviour. There is no doubt that companies need a systematic approach in order to keep their managers and decision makers on a leach. However, there are limits to how comprehensive a given system can be and still be relative effective. Just think of the Sarbanes-Oxley or BASEL 2 frameworks, which did little to prevent the biggest financial downturn with an epicentre in the very industry that they were put in place to regulate.
As I see it is traditional risk management programs such as the above mentioned narrowly focused on operational and compliance risks and consist of short-term point solutions. Which are narrowed down to mitigation actions specific to particular sources or impacts of risk. But what happens when risks are rising from multiple sources and places within all the corporate entities? Point solutions can work well for pinpointed risk areas, where the main objective of the risk management effort is to avoid or prepare for a particular event and in so doing reduce the associated cost. However, focusing on one point or case cannot work for strategic risks, where complex origins demand an integrated management approach across entities, borders and levels of authority.
One dimension of social risk’s complexity is that it is often a function of strategic or operational decisions companies have made that affect issues that stakeholders care about. So instead of being a “one system fits all”-approach it encompass a wide range of areas which overlap and are integrated into each others systems in order to create a fine masked network which enables organisations to catch issues as they arise and before they become a crisis.
In the coming weeks and months I will try to explore the different parts of the Social Risk wheel that I have developed in order to better understand the organisational impact these individual elements might have on the positive developments of corporations in a global context.
just came back from a two day seminar in Sweden on CSR in difficult markets. It was the first time that we ran this specialized course and even though we have significant experience within our respective fields we where a bit nervous if the outcome would be satisfactory. The CSR gender groups consist of people from the business world and professionals from the development community. Two groups under normal circumstances would not meet in some conditions are even perceived as having opposing goals.
The diverse group has on average over 15 years of experience within their field, so there is no doubt that we could do the job within our professional fields, but were we also able to merge the two worlds? We have been working with the material for about one month and had come up with a basic approach that would enable us and the participants to travel the many areas of contact between business and development operations. We opted for a risk management approach on the business side and a contextual analysis and stakeholder engagement on the development.
In essence we went through the following general areas:
- Brief history and background on CSR
- Development and difficult markets (Development are never active in anything else than what would be perceived as a difficult context)
- A structured approaching risk management as in addressing Social Risk factors
- Using SWOT to address stakeholder engagement issues
- Strategic approaches and lessons learned from working in difficult markets
We wanted to add some more on communication strategies when risks becomes issues that organizations have to deal with but we did not have time for this extra feature. In the courses to come we will however expand the course to include a half day more in order to include this very important feature. We also wanted to add a gender perspective to the difficult market context as it is one of the most salient issues that when having to deal with strategic problem solving in these areas.
I think the most important lessons learned from the course were that the development and business communities have a great deal to learn from each other when it comes to working in difficult contexts. First of all because the experience from the professionals in development can be directly used by business in order to produce countermeasures and control mechanisms that can reduce the risks that they are confronted with. Second, business has an impact on developing and emerging markets that development aid will never be able to match. The effect of foreign direct investments (FDI) in these areas imperative if some of these countries are over to overcome the social and structural challenges that they are faced with. Third, companies prefer risk free or low risk areas but through a structural approach they will be able to grown new business ventures were they in many instances will be first movers.
The potential for business-development cooperation is huge and there is no doubt that in the future we will see more public-private partnerships. But even beyond the just working together with in framework CSR there are new ideas to be explored that utilizes the business sense of the companies and the unique inside knowledge that development can bring to the table.
I have been working on some material to present at a two day seminar in Sweden later this month. The theme is business and CRS in difficult markets. The mani focus will on my part be on social risk and how to analyse, quantify and confont the potantial problems that companies can expect to be exposed to. According to Kyle & Ruggie (2005) social risk is defined as
“Social Risk arises when organisational behaviour or the actions of others in its operating environment create vulnerabilities, which stakeholders might identify and apply pressure on in order for it to change its behaviour.”
I have started out with a simpel model which put some structure to what risk is and what it basic components are.
In this model risk is the product of the organisations vulnerabilities and the threats which is exposed to (The overlap area between Vulnerabilities and threats). In order for companies to reduce but totally eliminate risk they adops differentypes of controls such as ISO 9000 for management, ISO14000 for environmental, signed the global compact etc. Or they apply counter meassures such as auditing, PR or lobbying, cause related marketing etc.
The question that remains is related to threats and the threat by whom to what? According to Mitchel (1997) Parent & Deephouse (2007) some stakeholders will ahve more ligitimate claims then others or atleast they will have the power to force their ligitimacy through. I found this matric in the corporate strategy tool box on stakeholder mapping and though it could make good use in a risk assesment context.
In my mind the model serves as a guide for how involved organisations are going to be with their individual stakeholders based on some key facts. How powerfull is the stakeholder and what is the level of interest he/she has in the affairs of the organisation.