Risky Business – nine of the biggest reputational risks and how to mitigate them

Many of the brand and reputational risks that businesses face are like Monty Python’s take on the Spanish Inquisition — nobody expects them.

If they did, they would presumably do more to prevent them.

And so, like ghoulish specters, reputational risks haunt the corporate landscape, providing cautionary campfire tales and giving business leaders sleepless nights.

And with good reason.

As the saying goes, it takes years to build a good reputation and seconds to lose one.

What exactly is a reputational risk?

In short, reputational risk is anything that could tarnish a company’s name, reduce its standing in the eyes of others, or threaten its very existence.

Or, as one global bank puts it, it involves a “failure to meet stakeholder expectations as a result of any event, behavior, action or inaction … that may cause stakeholders to form a negative view” of the business.

For some, the damage is financial. Failing to meet stakeholder expectations torpedoes revenue streams, wipes out market cap, or exposes the company to costly lawsuits.

For others, the damage wrought by a reputational risk is intangible – and indelible. In some cases, it merely tarnishes the corporate reputation. But in others, it ruins it forever.

Where do reputational risks come from?

Brand and reputation risks are everywhere and anywhere.

They may arise from a company’s own actions, from its employees, or from third parties with whom it’s associated — such as suppliers.

Which is what connects horsemeat, faulty phones, and 4.9 barrels of crude oil: they’ve all caused reputational damage.

More on that in a moment.

Because here’s the thing.

Even the best-run companies face brand risks and reputational damage.

Meaning savvy businesses need to be aware of the biggest reputational risks – and try to learn from the mistakes of others.

So, here’s our guide to nine of the biggest reputational risks a business can face – including some infamous examples of companies that suffered reputational damage.

Reputational risk #1 – THE DEFECTIVE PRODUCT 🤕

From Samsung’s exploding phones to Peloton’s faulty treadmills, a dodgy product is one of the greatest perils a company can face.

A problematic product — like the discovery it’s dangerous — can lead to a consumer boycott, a product recall, and a PR nightmare.

Then there’s product liability — the legal mechanism for finding a company responsible for any damages caused by its product.

In short, defective products can cause incalculable damage – literal, financial, and reputational. In many instances, the “hangover” can last for years.

Worse than a tarnished reputation: Japanese airbag maker Takata went bankrupt after a decade of product recalls and lawsuits left it facing tens of billions of dollars of costs and liabilities.

Reputational risk #2 – THE CORPORATE CRIME 💰

Reputational risk 2 – THE CORPORATE CRIME 💰

From forgery and fraud to market manipulation and asset misappropriation, white-collar crime is all too common in the business world.

Sometimes, the reputational risk comes from a company’s own employees.

Take the German fintech giant Wirecard. It had to file for insolvency when three former executives were accused of falsifying financial statements to defraud creditors out of more than €3 billion.

 Yet reputational risks can also arise with external stakeholders.

Credit Suisse’s when it acted as an underwriter when Chinese firm Luckin Coffee went public on the Nasdaq in 2019, only to be pulled off the exchange after it fraudulently inflated sales.

Reputational risk #3 – THE DATA BREACH 🥷

Cyber-security threats, phishing attacks, and data breaches are now among the most prevalent reputational risks that companies face. Just ask British Airways.

In the summer of 2018, BA was flying high, literally and reputationally. Then came the first of two data breaches – tarnishing its reputation.

The airline revealed in September that hackers had obtained the personal and financial details of more than 420,000 people – including both customers and staff.

The data breach eventually resulted in a £20m fine from the UK data protection watchdog – its biggest such penalty at the time.

And in 2021, British Airways reached an undisclosed settlement in a class action lawsuit brought by victims.

As if a data breach weren’t enough, a series of IT glitches – including one in 2023 that led to 175 flight cancellations – have further harmed BA’s reputation.

Reputational risk #4 – THE HARMFUL SUPPLIER 🐴

Reputational risk 4 – THE HARMFUL SUPPLIER 🐴

Unlike the first three reputational risks, this one comes from third-party relationships

Today, almost every business associates with or relies on third-party vendors such as suppliers, subcontractors, and software providers.

Every business that does so runs the risk that its reputation will be damaged by misconduct by third parties that becomes public knowledge. The risks range from breaking laws to leaving the door open to hackers to supplying faulty goods.

Consider what happened in 2013, when Irish food inspectors said they’d found traces of horsemeat in some frozen beefburgers stocked by UK supermarkets – including Tesco and Iceland.

Inevitably, their reputations took a hit. According to one poll, 20% of respondents said they felt less favorably about Tesco and 14% felt less favorably about Iceland. 

Reputational risk #5 – THE ENVIRONMENTAL DISASTER ⚠️

Few incidents tarnish a corporate reputation like an oil spill.

Just ask Exxon, whose reputation was hit in 1989 when one of its supertankers hit a reef off the coast of Alaska and spilled 10 million gallons of crude oil.

Decades on, memories of its misconduct linger – Breaking Bad even referred to it – suggesting Exxon may not erase its reputational tarnish.

Ditto with BP. In April 2010, Deepwater Horizon – an offshore oil rig the company was leasing in the Gulf of Mexico – exploded, killing 11 workers and causing the largest-ever marine oil spill in US history.

Corporate reputation is fragile at the best of times, but BP was up against it. According to one study of the impact of the accident on its reputation, “the shock value of the event, the vivid footage of marine pollution, and the media attention were overwhelming”.

The study found BP’s reputation declined by about 50% relative to a synthetic control – and that the decline lasted for seven years after the accident.

Reputational risk #6 – THE PROBLEMATIC CEO 😖

Travis Kalanick, Co-Founder & CEO of Uber, Photo by @Kmeron

Just as we decide whether to watch a movie by considering who stars in it, so do our opinions of a company’s reputation depend on our perceptions of its CEO.

According to one study, two-thirds of consumers say their view of a company’s CEO affects their opinion of it – with almost half a company’s overall reputation being attributed to the top dog.

In other words, what CEOs say and do matters – much more than before and much more than many perhaps realize.

A case in point? In March 2017, Uber became mired in controversy when dashcam footage emerged of CEO Travis Kalanick arguing with his own driver over the company’s treatment of drivers.

Uber faced other problems and criticisms, of course, but Kalanick’s brash style only poured oil on troubled waters – and by June he’d resigned.

Reputational risk #7 – HEIGHTENED SCRUTINY 🔎

Reputational-risk-_7-–-HEIGHTENED-SCRUTINY-_

Corporate success can be a double-edged sword. The bigger your market position, the more attention you’re going to get from muckraking journalists and zealous regulators alike.

A case in point is the increased scrutiny of Big Tech. But is that a much-needed corrective to their market dominance? Or the corporate equivalent of “tall poppy syndrome” – the pegging back of those perceived as being too successful?

The answer’s irrelevant – either way, Big Tech’s reputation – and the perception of stakeholders in particular – has been affected.

Reputational risk #8 – THE VOLTE-FACE ↪️

Reputational-risk-8-–-THE-VOLTE-FACE

Call it a volte-face, a U-turn, or – if you’re a British tabloid editor – a “reverse ferret”, the impact is the same: whenever a company promises to do one thing but does another, it runs the risk of reputational self-harm. 

This reputational risk is especially serious for B2C companies, who have to face the heightened scrutiny of journalists and politicians but of disgruntled consumers who may have identified with or “bought” into the company’s ethos and values but now feel betrayed and let down.

A boycott of the company can be an all-too-common consequence of its volte-face.

This situation often arises when shareholder opinion trumps stakeholder opinion – when the desire to accrue higher profits supersedes the willingness to meet a social or environmental target.

Reputational risk #9 – CORPORATE HYPOCRISY 🤥

Reputational-risk-_9-–-CORPORATE-HYPOCRISY-_

A distant cousin of the previous risk is one that arises when a company says or does one thing over here and something very different over there.

For as long as companies have engaged in corporate philanthropy or social responsibility, they’ve faced brickbats from stakeholders angry at their apparent hypocrisy.

A common case in point is a corporation that celebrates Pride Week in a Western country but conspicuously avoids any reference to LGBTQ+ rights in authoritarian regimes in which it invests or does business.

Likewise, companies that make splashy commitments to, say, combat unconscious racial bias or to promote diversity, equity, and inclusion risk being seen as hypocrites if they’re linked to sweatshops, slave labor, or other human rights abuses.

What can companies do to mitigate reputational risk? 🏰

As many of these examples show, reputational risks can originate without warning and spread quickly. That’s why they give CEOs and communications specialists nightmares.

But while many brand risks are unforeseeable, businesses can still prepare themselves for a reputational crisis and reduce the likelihood of reputational damage. Here’s how.

Doing so starts at the top, with ethical leadership.

But it also includes ensuring effective oversight of the company’s activities at the board level, instilling a culture of ethics and compliance throughout the company, communicating clearly with stakeholders, and building reputational risk into the business plan.

By remaining on the lookout for potential threats to their reputation, businesses will be on the front foot if and when the proverbial hits the fan – allowing them to respond better and recover quicker.

What can companies do to prevent reputational damage? 🛡

When a reputational risk does rear its ugly head, there are steps businesses can take.

First, they should prepare to go on a long journey of rebuilding trust — one that may take months, if not years – and avoid making promises they can’t deliver. Communication is key. Companies facing reputational harm need to keep relevant stakeholders informed of the obstacles faced and the solutions reached.

Second, they should engage at once with their wider stakeholder community — in other words, their employees, consumers, customers, partners, suppliers, regulators, shareholders, opinion leaders, and the media.

Being transparent with employees and rallying the troops internally is especially important. Businesses facing a reputational crisis need to do whatever it takes to keep their talent motivated.

To that end, businesses shouldn’t back away from bringing about deep-seated internal change if it’s needed.

What can companies do to anticipate reputational risk? 📈

Ideally, businesses make the requisite “repairs” before the storm hits. How, though, can they get a reliable weather forecast – one that lets them know the path of the storm? By using data – and stakeholder intelligence, in particular – to spot potential brand risks.

Think back to that bank’s definition of reputational risk – “the failure to meet stakeholder expectations as a result of any event, behavior, action or inaction … that may cause stakeholders to form a negative view” of the bank”.

In this light, a reputational risk doesn’t have to involve a calamitous product launch or environmental disaster – risks that few companies might be able to anticipate. 

Rather, it could be anything that entails a mismatch between a company’s performance and the expectations of its stakeholders – like current and potential employees, customers and business partners, journalists, and others among the informed general public.

To anticipate their changing expectations, companies can track stakeholder perceptions – continuously, in real-time. 

This allows them to gauge not only emotional perceptions (do they still like and trust the company?) but rational ones (what do they make of its integrity and leadership). Real-time trackers can also reveal expected behavior (will they recommend, consider buying from, or want to work at the company?)

Why can tracking stakeholders reduce reputational risk?🦉

When the nightmare comes true and the reputational risk strikes, there’s another benefit to using real-time data. It can inform, monitor, and optimize the subsequent recovery.

By tracking what stakeholders think of your company and how you’re responding to the crisis, you can tell what is — or isn’t — working, allowing you to pump the brakes, hit the accelerator, or change course.

If listening to stakeholder perspectives is smart at the best of times, it’s invaluable in a crisis. It can mitigate the damage to your brand and reputation and make the recovery shorter and easier. And it can guide your internal activities and external communications in real time, allowing you to explain your positions and actions widely and clearly.

Finally, of course, companies should never let a good crisis go to waste. For one thing, the experience will inform future responses and crisis-preparation plans. Those who find themselves in the mire also have an opportunity to show their values and purpose — and witness in real time that it’s having a positive impact. 

Reputational risks often arise unexpectedly — but businesses should still prepare for them and respond accordingly.