Rebuilding trust after regulatory disasters

IPAA/ANZSOG Presentation 30 October 2014

The fundamental truth about picking up the pieces after a disaster is that it is largely determined by how you plan for disaster.

But first, to put that in perspective, are regulatory agencies different when it comes to crises? It’s a good question at the heart of questions about rebuilding trust after a regulatory disaster. Do the standard best practices for handling crises actually apply easily to regulatory agencies which can be considered unlike other organisations? Does widespread social media use invalidate much of those standard best practices anyway? I’m not planning to try to resolve these issues now but will ask you to think about them in the next half an hour or so.

Something else to think about in that time are these three regulatory problems/issues and what they might teach us: Norm Gallagher going to gaol; ASIC and the Commonwealth Bank; and, the US sub-prime crisis.

This presentation doesn’t provide a step-by-step guide to recovery plans – that’s impossible in half an hour but it will try to give some pointers and provide references for more detailed investigation at the end. It will, however, cover: Understanding trust and reputation – because that’s a first step in developing strategies around them whether for day to day operations or disaster recovery actions; how to prevent disasters arising – because that’s the best way to not only minimise the risk of disasters but also to build recovery strategies into your culture and planning. There are fewer pieces to pick up if you get preventative strategies in place first; and, some well-worn principles and practices about recovering from disasters – because the principles and practices increase the probability of recovering quickly and effectively.

In Dante’s Inferno murderers, rapists and other violent types were put in the seventh circle. In the ninth circle – only outdone by the pure evil of Satan him or herself – are those who betrayed trust. In more prosaic terms Confucius told a disciple that governments need three things: weapons, food and trust. If the ruler can’t hang on to all three they should give up weapons first, then the food, but they should guard the trust to the very end because without trust government cannot stand. We might update that to say that regulators need regulations, resources and trust – and that if you have to sacrifice something you might think a bit about the first two and focus on guarding the third.

In thinking about trust we need to address the now conventional wisdom that claims that declines in respect for authority, alienation, social media and a host of other things have created a crisis of trust. Yet Baroness O’Neill, a British philosopher, said in her Reith lectures that despite the widespread perception of a crisis in trust we go on day in a day out trusting in things, institutions and companies. We drink water from the tap because we trust water authorities; we write cheques and do online banking because we trust our own bank; we switch the electricity on and off without thinking we are going to get electrocuted; and we trust surgeons whose success rate is often far less than that of more strictly regulated pharmaceuticals.

By the way, as an aside some research I did with Quantum Market Research a few years ago, on behalf of Leadership Victoria, provides some insights into who we trust. It showed that bank managers were more trusted by Australians than religious leaders. One wonders what this means for George Pell now he is both.

The problem with the so-called crisis of trust is that as we get better off, our survival is less at risk, and we are more generally secure we become more susceptible to moral panics, scare mongering and narratives of doom. A couple of centuries ago women died in childbirth regularly, malnutrition was common across populations and the lack of sewerage and clean water meant millions died of preventable diseases. This century, in 2002, many Americans were getting themselves killed in road accidents because they were frightened of flying after 9/11 and chose a more dangerous form of transportation.

Regulatory authorities can’t expect to overcome these skews in perceptions of risks although they can take into account the new research on behavioural psychology, behavioural economics and risk communication in their education programs – of which more later. Rather, whatever their statutory purposes state, they can work on communicating a purpose and rationale defined by Kieron O’Hara “An institution is a group of people organised into roles that, in the case of guarantors of trust, must perform the checks and balances that a reasonably suspicious person would ordinarily wish to do on his or her own account.”

Reputation is a seductive concept because it conveys much more than the concepts of brands and image. Indeed, some theorists claim reputation is conferred on you by others while brands are something you create yourself. But the reality is that reputation stems from your own behaviours and your own cultures. Reputations are created by the daily demonstration of a superior culture in action.

Reputation is nurtured by the quality and nature of relationships with stakeholders as demonstrated by how you listen, engage, educate and respond when you interact with the community and the people most directly affected by your actions – on inaction. Reputation is ultimately built on the trust which comes from these processes and underpinning all reputation management is the notion that:

You build you reputation by building trust, by aspiring to authenticity and practising transparency. What that means in practice is simply a matter of considering the antonyms of each of those words: trust: disbelief, distrust, doubt; authenticity: phoney, spurious; and, transparency: obscure, opaque and unclear. And if anyone doubts that these considerations of antonyms are not relevant to regulatory agencies I invite them to think about some of the language which comes from their public announcements and their internal communications.

Another perspective on trust worth considering is that proposed by David Maister who is leading thinker on service businesses which are analogous with regulatory agencies in some ways. He proposes a Trust Equation which looks at a range of factors which interact to create trust. It’s easy enough to find online.

In terms of disasters the fundamental lesson is that prevention is the best defence. That sounds banal but in terms of crisis recovery the preventative measures you take are all measures which better equip you to handle things which do go wrong. If the preventative measures also involve engagement with stakeholders they are effective in creating a platform for restoring trust. So what are the best preventative measures? They can be broadly considered under the headings of cultural and operational strategic planning and how they are linked in your organisation.

In terms of culture what do the following have in common: Bernie Madoff, 9/11, Victorian Black Saturday – and the role of power lines and the CBA financial planning crisis?. In every case there were early warnings which were ignored, not followed up or downplayed in significance. In other words they represented either process or cultural failures which led to catastrophes.

I don’t pretend to dictate to you how to create good cultures but, if I may be permitted, let me use the Socratic approach to encourage you to think about it.

Do you find internal whistleblowers a nuisance or an aggravation? Are you spending too much time with those you regulate and subtly absorbing some of their world view? Who in your organisation challenges your internal conventional wisdom, the consensus within the industry you regulate and that within the wider community.

The business community often espouses a view which might be characterised as the view from the Chairman’s Lounge promulgated by people who fly at the front of the plane and the back of the chauffeured limousines. The famous Petty cartoon summed up when a group of American businessmen were sitting around in their club and one says to the other: “How can we spend billions on sending a man to the moon when the whole world is crying out for company tax relief?

If you had been regulating Goldman Sachs when their CFO said the market had experienced “25-standard-deviation events several days in a row” would someone in your organisation have said, as Bill Bonner did in Moneyweek, this sort of thing is only supposed to happen once in every 100,000 years. Would that staff member have then concluded that if it happened three times in 10 years perhaps the model was wrong?

Are your education and communications people reading and applying the lessons of behavioural psychology and economics as outlined by Daniel Kahneman’s writings? Have you ever employed Peter Sandman on risk communication, visited his website or read his books and articles before communicating about risks to consumers and those who you regulate?

You also need to take into account that your Minister may be scientifically illiterate and innumerate as his advisors may be as well. Much of the population is also and most journalists also. If you doubt the latter remember the last time you read that there had been a 100% increase in the risk of some cancer only to discover that the research showed an increase in risk from 1:100,000 to 2:100,000.

Are your internal and external communications infected by a mix of managerial sludge and gobbledygook? Have you built relationships with key media through education programs, briefings and establishing relationships or are you unforthcoming? The Reserve Bank has a long and successful program of briefing and training journalists and – as a result has better media coverage than most other organisations.

Are your change management programs just change for the sake of change – an end in themselves rather than a means to an end – which detract from your effectiveness, or are they making the organisation more flexible and responsible?

As Baroness O’Neill asks: Are your targets, incentives and accountability systems elevating processes above outcomes and locking you in to what Marshall Meyer called the performance paradox where the measures lose real information content?

Are your staff confident that they can push bad news upwards? Do you advise your Minister fearlessly? Do you push back against the stupid advice which comes from politically appointed Ministerial advisers and the worse advice which comes from Ministerial media advisers?

There are many similar questions which might be asked but the thrust of them all is to gauge the health of your culture and its ability to heed early warnings, avoid regulatory capture, anticipate and solve problems. Most importantly they provide the platform for rapid recovery from disasters.

Equally important is the issues management process you adopt. Anticipating issues and resolving them is the best way to avoid disasters.

….and let me say at the outset that issues management is not about issues in the media or managing the media. This is the most common error in public sector issues management practice – often driven by Ministerial media advisers.  Indeed, generally if an issue is already in the media that’s an indication that your issues management processes have failed.

Robust issues management rests partly on the sort of cultural factors I mentioned a minute ago. But it also rests on some fundamental systems and procedures. You can get wonderful insights into the process by reading Tony Jaques’ book on issues and crisis management which is referenced at the end of this article.

First, is to develop issues management plans and ensure they are embedded in your corporate planning processes. Developing an issues management plan requires:  Identifying and defining issues and constantly updating the slate of issues by thorough environmental scanning; understanding the issues life cycle and directing resources to identifying and planning for issues before they become problems. The references at the end give some guides to this.

Analysing the issues and looking at the priorities. The best way to do this is by developing issues management matrices which categorise issues by their significance, their probability and your capacity to influence them. Such a categorisation allows you to allocate resources more effectively and track movements in the issues (the references also provide templates for developing these); looking at strategic options for each issue – one of which might be masterly inaction by the way. In this respect is the Sydney Water crisis of a decade or so ago an exemplary crisis management study or an example of failure to communicate risk effectively; developing action plans to resolve the issues; and, re-evaluating options as required.

You can also categorise issues around areas such as: Is it something to do with contestability of views on operations, facts, evaluation or policy? Is it the product of an expectations gap between what is possible and what you are responsible for and the expectations and perceptions of others? Is it a form of legitimacy gap? Is it the result of the impact of a policy or a decision?

I’m sure every one of you at some stage or other has experienced an issue which fits into one of the categories. In each case the responses are different: from fact-based responses; to education; to re-appraisal; or to evaluation of whether the impact was planned or unintended.

A strong culture is very useful in these formal issues management planning processes – indeed it helps if you can think a bit like a feral. Perhaps the most creative and inspirational community and social activist was the American, Saul Alinksy, who advised activists of two things: “where possible go outside the experience of the enemy”; and, “make the enemy live up to their own book of rules.” Keeping the maxims in mind – and the likelihood of someone trying to campaign against you on the basis of them– is a very effective underpinning for issues management planning.

If you have thought about trust and reputation and how you can build trust; about how your culture can help prevent disasters; and, implemented terrific issues management processes you will have prevented many disasters but despite this they may still occur. So how do you rebuild trust when they do? There is no one strategy which always works but there are a number of systematic responses which can alleviate the situation and help you recover faster.

I should say here that I am reluctant to talk too much about specific cases for two reasons. First, there are implicit and explicit confidentiality agreements involved in work for government. Second, I am of the view that unless you have detailed knowledge of a situation it is silly to second guess what people did and why. But given that there are some general principles you can follow.

The first step is always to quickly make an evaluation of the crisis. What is the reputation threat level it represents? What happens if you do nothing? How do we craft an appropriate response which is neither too little nor too much? Generally speaking you can say that if you are a victim of some problem then it’s a mild situation. If it’s the result of an accident which is not a product of a fault of yours it’s a medium situation. If it was predictable – or perceived to be predictable – and created by your actions then it is severe then full recovery mode should set in.

In any crisis situation there are going to be tensions between your legal situation, you communication situation and your political situation but the following lessons are generally applicable.

Sackings: A very common response to regulatory failure is that someone gets sacked. Generally Ministers think it should be someone from the agency and Oppositions think it should be the Minister and sometimes the public think it should be both.  In these situations agencies, unless their actions have been egregious, can have strategies which can protect them.

Fixing the problem: There is absolutely no better remedy to a disaster than fixing the problem which caused it, demonstrating that you have done so and communicating it far and wide.

Common responses: Two crisis management theorists – Tim Coombs and William Benoit – have summarised some common responses to crises. They include denial, evasion of responsibility, corrective action or mortification. Some people try to deny that there is a problem – although perceived problems are real problems. Others seek to diminish the problem’s significance. Others, the most successful, focus on a rebuilding strategy which employs material or symbolic forms of aid to victims and which is underpinned by transparent empathy.

Apology: Perhaps the best advice is to overcome the urge to deny it all and make a full and frank apology and/or rectification statement as soon as possible. Your lawyers might have problems with that but there are ways to do it.

Language: Choose simple, clear and direct language and avoid obfuscation. In particular avoid weasel words like ‘mistakes were made’ where responsibility is fuzzy. Who made the mistakes, why and how are obvious questions? And learn from the CBA experience. In the Annual Review, a popular four colour version of the annual report, Chairman David Turner and CEO Ian Narev, say: “Our performance for 2014 has been marred by the negative and extensive publicity relating to shortcomings in our financial advice business in the past.”

The problem with this formulation seems to be the publicity and not the ‘shortcomings’. They go on to say they ‘deeply regret’ the situation and that they “took decisive action to do the right thing for our customers and to change the way in which we run that part of our business.”

In the Chair’s report in the Annual Report the ‘shortcomings’ become “the flaws in our financial advice business” and the ‘decisive action’ becomes “we believe we acted decisively when the problem was uncovered”. The Chairman also says “I apologised to all our shareholders for these unacceptable events.” It doesn’t need advanced training in deconstruction to understand why dodgy actions somehow become transmogrified into the rather more neutral ‘events’. At least in the Annual Report the Senate Committee report which, along with great reporting by Adele Ferguson, exposed the dodgy CBA actions gets mentioned, although once again the emphasis shifts to the fact that it was “a highly publicised report” that was “critical of these flaws.”  The lawyers and PR people laboured long and hard on all of that only probably to make the CBA look worse.

Strive to dictate the framing of the issue and debate about the disaster: The person who frames any debate dictates the agenda and shapes the debate. It’s impossible to go into framing in any detail here but to give an example of a brilliant piece of framing look at the Lake Mokoan episode in Victoria in which the ‘de-commissioning’ of an artificially created lake was re-framed as the “return of Lake Mokoan to its natural state” thereby defusing potential controversy.

Focus on your purpose not your brand: For some decades now government agencies have got obsessed with their brands and infuriate many of us by referring to people as customers or clients rather than as what we really are – citizens! So in dealing with disasters and rebuilding trust forget about image and other stuff and constantly frame your language around your purpose and your responsibilities and how you fulfil them and protect people’s rights and explain obligations.

Could it have been handled better? Finally when the crisis is over – whatever the outcome – take the time to ruthlessly and rigorously evaluate what you could have done better and feed it back into your corporate, issues and crisis planning?

…and to the questions about difference…Yes regulatory agencies are different – they are not companies or NGOs but the barriers to good crisis practice – like legal constraints and issues around transparency – are faced by other people and dealt with. Yes the world of social media is making things harder – just as the 24/7 political coverage and commentary and demand for announceables do – but just because it’s harder doesn’t mean good practices are no longer applicable.

… and to our case studies: Norm Gallagher going to gaol, ASIC and the Commonwealth Bank, the US sub-prime crisis.  Any suggestions?


  • For an excellent overview of issues and crisis management see Issue and Crisis Management: exploring crises, risk and reputation Tony Jaques (Oxford University Press, 2014)