Regulatory Reporting on ESG Matters and the First Greenwashing-Related Cases
Navigating the geopolitical risk landscape at a time of heightened tensions
Regulatory & Investigations - People Challenges
Geopolitical risk is always present, but today, the range and severity of issues it presents is creating extremely significant challenges for businesses to grapple with. From cybercrime and technology risks to the climate crisis, energy security, Russia’s war in Ukraine, trade tensions with China, and the threat from North Korea, companies today must prioritise attention and resources across a seemingly ever-growing roster of geopolitical risk areas.
So it was no coincidence that Clyde & Co and Winmark, the executive network, chose to host an event on these issues at the same time that they were high on the agendas of the G20 meeting of world leaders and the UN COP27 climate change summit. The event was chaired by Clyde & Co, Partner, Rachel Cropper-Mawer, and a diverse panel of speakers shared their stories, knowledge and experience in a lively discussion. They were: Sapna Dutta, SVP Legal & General Counsel, Health at Reckitt; Nigel Paterson, GC and Company Secretary at Currys plc; and Seamus Tucker CMG, a security expert who spent 30 years working for the UK Government in security and foreign policy roles, before founding the security and investigations firm Monarch Security.
A delicate balance of inter-linking risks
As Rachel explained in her introduction, as political friction increases, all these factors and more – plus risks that are as yet unknown and unforeseeable - have the potential to impact the people and performance of any business, in any sector, anywhere in the world. She explored how risks are often interlinked, and how opportunity and risk can go hand-in-hand, such as the transformative power of 5G and AI (artificial intelligence), which poses both regulatory and reputational concerns.
Rachel also made the point that some risks create new threats in themselves, one pressing example being how tightening reporting and disclosure standards around climate risk create the potential for greenwashing. And she highlighted the competing pressures that companies are facing, balancing long and short-term priorities, internal and external expectations, and the potentially divergent views and needs of a global workforce and the wider stakeholder base.
Though these concerns often create personal reactions, reflecting on geopolitical risks objectively is critical when assessing the impact on business. Horizon scanning is key. But as I say to my clients, your risk management is only as good as your imagination.
Rachel Cropper-Mawer, Partner, Clyde & Co
Risk evaluation and preparedness
Picking up the theme of risk evaluation and preparedness, John Madden, Research Director at Winmark then set out some of the key findings of Clyde & Co and Winmark’s recent Looking Glass research report. This canvassed opinions of general counsel, in-house legal teams and senior board and C-suite decision-makers globally on the risk landscape their organisations face and their ability to navigate it effectively.
Madden explained that the top risks identified in this year’s study – namely people challenges, the regulatory and compliance burden, technology risks and economic risks – all relate in some way to geopolitical risks. To put this into context, he referenced Standard & Poor's  four main categories of geopolitical risk, which are: global financial integration, global security, migration and supply chain vulnerabilities.
When it comes to risk readiness, geopolitical risk was in the top three risk areas for which survey respondents feel least prepared (along with climate change and societal risks), with between a fifth and a third saying they do not think they are fully prepared on these fronts.
This is perhaps not surprising, given that the geopolitical risk landscape today is more complex and unpredictable than at any time since the Second World War.
John Madden, Research Director, Winmark
However for this reason, proactively assessing the risk landscape and carrying out horizon scanning is now seen as an increasingly vital aspect of the role of the General Counsel, as it is for the rest of the C-Suite and Board.
Playbooks and processes
The panel discussion kicked off with a question about the extent to which there can and should be a corporate playbook for crisis management. Sapna Dutta’s view was that while most companies will have a defined process for handling critical events, there will be cases where it may not be possible to rely entirely on an established playbook, and senior representatives from all business functions and specialities will need to be involved in framing and scoping the issues at hand.
You can’t make the plan up as you go along. You need to define what a crisis is, what the escalation process is, who the team are and what are their set roles. But each crisis is different and you need to be flexible. Cybercrime requires a different response to Covid. You may need specialist experts to respond or it may require a whole company approach.
Nigel Paterson, GC and Company Secretary, Currys Plc
Reflecting on the way good corporate crisis management playbooks often mirror those used in the military, covering issues like planning, intelligence, finance, people and legal considerations, Seamus Tucker warned that having the appropriate structures in place is not enough. People need to know them and regularly exercise them in practice scenarios, to build resilience into the business.
Crises take a major toll on individuals, and leaders need to consider their own physical and mental wellbeing as well as that of their staff if they are to sustain their ability to manage a crisis over the long haul. Exhaustion is the enemy of strong leadership.
Step back each day and take a break. Think about: what is your succession planning? Who is in your tier two? Where is your resilience?
Seamus Tucker, CMG
Responsibility and reputation
Managing external expectations is another important consideration in the risk management process. For example, in the context of geopolitical conflict, “Businesses are increasingly expected to take a political or quasi-political stance as well as taking strategic and operational decisions. A lot of the judgments that leaders are required to make involve moral and ethical questions as much as operational decisions or risk assessment,” observed Dutta. As such they require a collective leadership approach and strong corporate and leadership values to act as overarching guiding principles.
Nigel Paterson talked about the importance of a values-driven response in tough times, noting that his organisation had achieved increased employee engagement as a result of its response to Covid-19. "It is important that you don’t chuck values out in a crisis,” he said, noting that when it comes to issues like ESG commitments, “We need to live up to our promises."
In an age where real-time social media engagement is becoming an integral part of the marketing mix, managing social media interactions and tackling online disinformation in an appropriate way also looms large for companies. "It is important to have guardrails and guidelines in place to help teams navigate this responsibly," said Dutta.
Strengthening links with others
The supply chain is a critical factor in risk management, which can either help to bolster or undermine resilience to risk. Asked about the importance – and effectiveness – of engagement and communication with supply chain partners, Paterson’s answer was, “Geopolitical risk is so multi-dimensional. You can’t manage it alone.”
The supply chain is the weakest link. Even if you’ve got tight security on your end, someone will get in through the supply chain. No one is immune. You need to put a lot of effort into how you will respond because it will happen.
Seamus Tucker, CMG
Since all organisations are part of a supply chain and are therefore vulnerable, it’s important to keep the skills and education of all staff up to date. “If you think it’s just the job of IT, you’ve failed already,” he said.
Asked to sum up their key takeaways, the panel concluded:
- Scan the horizon holistically: the next risk may come from where you least expect it
- Think when, not if, and plan accordingly
- Have a crisis plan in place but be flexible. Agility is key but it should not come at the expense of consistency and informed decision-making
- Document why decisions have been made
- With complex geopolitical risks, you may need to engage the full organisational ecosystem
- Be ready to take tough decisions under pressure on ethical as well as legal/operational issues
- Don’t assume that a risk won’t reappear: risks can often progress in waves
- Expect global challenges to increase in the years ahead
Though the outlook is stormy, and organisations must stretch resources across a broad spectrum of potential problems, the message was one of resilience. Pragmatic planning must be coupled with resourceful reactiveness, people and values matter, and each crisis survived should provide an opportunity to learn and improve. Delegates went away with plenty to digest.