Mar 19, 2020

Imagine if only a couple months ago you had told colleagues that life as we know it was about to be ransacked by a pandemic. It probably would have elicited little more than the same “I suppose it’s possible” response, as any earlier prognostications of airplanes crashing into buildings, earthquakes causing a tsunami leading to a nuclear catastrophe, or a near-collapse of the global financial system.

Had you been certain that such things were about to happen, you might have taken some additional preparation steps, but you didn’t because the near-term likelihood was way too low, and the universe of possible bad things is much too broad.

Of course, once the event happens, it’s too late to get ready.

So it goes with “black swans,” a label given to highly unlikely and relatively unforeseeable events with potentially extreme adverse consequences. History proves that black swans occur with disturbing frequency, and their collective impact is enormous. But on a case-by-case basis, they are highly unpredictable: We don’t know when the next black swan will take place or what it will consist of. We can’t be sure that we have even contemplated in advance its particular form.

Assessing pre-event risks
With any specific black swan event being extremely unlikely and perhaps unclear as to its very nature, it is reasonable to ask whether there is any value to preventive steps or other forms of pre-event risk management. The answer is an emphatic “yes!”

Why? Because even though there are hundreds of possible black swan scenarios, their adverse consequences can be collected into a relatively short list of categories. By dealing with consequences rather than causation, we can identify a handful of the most-critical preparatory action steps focused on lessening the impact of the next adverse event, whatever it happens to be.

Let’s explore that chain.

The list of bad things that could happen is, as has already been noted, impossibly large. I once led an enterprise risk management project that identified more than 600 distinct things that could go wrong and thereby harm my organization. It’s not necessary to prepare such a list, but there is value to some group brainstorming in order to identify a spectrum of potential events that might be particularly relevant to your situation. Be very eclectic, and don’t focus just on natural catastrophes.

Whether your list is near-exhaustive or relatively short, you can take the more significant items and list out what might be the consequences of each in the event it were to take place. For this purpose, you should emphasize events with the most severe worst-case consequences, with lesser regard for their actual likelihood. You’ll find that the consequences can be grouped into a short number of key categories, such as:

  • Injury to people;
  • Damage to property;
  • Unavailability of staff;
  • Reduced demand for your product or service;
  • Interruption of vital services or other operational disruption;
  • Liquidity challenges;
  • Supply chain interruption; and
  • Political or compliance obstacles.

This list won’t change much whether you analyze a few dozen or a few hundred key causes of loss. You might wish to add a category or two, but try to keep them fairly broad.

Now for the payoff
You can take this shortlist of consequences and start thinking about three things:

  1. What specific forms might each take?
  2. Which of these are of the greatest concern?
  3. What can you reasonably do to lessen the potential impact?

An example might help. Let’s say that you produce a product that is dependent on one key supplier, and this supplier faces risk from one or more circumstances such as too much financial leverage or having a critical facility in a high-hazard earthquake zone or in a nation with known political risks. Although you possess imperfect information, you reasonably conclude that this exposure is potentially severe enough to be placed on your shortlist of most-concerning scenarios.

Once you have this shortlist together, you can brainstorm some things that might be done to lessen the risk. In our example, this may include finding a viable alternative source or determining whether the supplier can reallocate a portion of its production to a different facility. Similarly, if the likely consequence of some other notable peril is a severe distraction or contraction of your own workforce, perhaps you can better equip staff to work from a remote location or identify critical workflows that a larger portion of your staff can become familiar with. Sometimes the remedy can be fairly simple, such as acquiring a source of standby electrical power.

Managing with imperfect information
These responsive gestures have a few things in common: If they aren’t practical, you don’t pursue them, they are probably responsive to many black swan scenarios, and they aren’t necessarily cure-alls or 100% effective. Rather, they are responsible for things that, in the face of imperfect information, seem to offer appealing trade-offs when comparing cost and effort to resulting risk mitigation. You can list out the best possibilities and make line-by-line decisions about action and prioritization.

Virtually any organization can pursue this path. Having an enterprise risk management expert on hand to participate would help, but it’s neither necessary nor an excuse for inaction. What’s important is that you start now and get a decent cross-section of people to work on the project. Don’t be superficial, but do be ruthlessly practical. Remember that perfection isn’t your goal.

A black swan preparation exercise is compelling evidence of your resolve to protect your stakeholders and the enterprise upon which they depend. It is truly risk management at its finest. The time to start is now, because you don’t know when the next swan might knock on your door.

As published in PropertyCasualty360