Risk management: Balancing compliance and communications

Careful planning and internal cooperation are the key to dynamic, responsive comms that avoids potential pitfalls.

Level heads: Collaboration between comms and compliance can make all the difference in crisis management
Level heads: Collaboration between comms and compliance can make all the difference in crisis management

Chinese healthcare company Eu Yan Sang’s recent TV campaign, which aired in December, caused a stir among consumers — but not in a good way. The ad featured a man attempting to beat a dog to stop it from biting a child, with the child eventually stepping between the two to promote the message: ‘Children have mercy’. The ad prompted a huge backlash on social media, with consumers claiming the ad was misleading and that it appeared to condone cruelty to animals.

Eu Yang Sang released a statement admitting that "something was amiss in the creative process", and changed the ad. Its approach highlights how some brands, in an age of instant/real-time communication, can fall far short of the mark when it comes to their comms departments working closer together with those of compliance and legal.

Brands in the financial sector may be making more concerted efforts than others to ensure cooperation between these teams — partly because regulation is already a high priority and also to overcome flaws previously exposed in compliance and comms infrastructures, in the wake of the financial crisis.

Morgan Stanley, for example, received kudos from the industry last July when it empowered its 16,000 plus financial advisors to craft their own tweets. Though messages still require approval from the firm, it was a step forward compared with the previous policy, which required advisors to choose from a library of pre-approved messages.

Charlotte Bilney, co-CEO for Asia-Pacific at Citigate Dewe Rogerson, says she knows of fund houses where the compliance officer sits next to the communications manager, a situation she describes as "very healthy".

Yet many organisations, irrespective of their sector, still appear to treat comms and compliance as two different teams. There is typically a lack of effort from both sides to work closer together, since they may have fundamentally differing points of view and goals, such as promotion versus protection.

Highlighting the value of both teams to one another through education is essential, says Nicholas Worley, manager, communications, Asia-Pacific at Deloitte Touche Tohmatsu. "At Deloitte, staff are required to take mandatory training courses that feature interactive exams and focus on regulation, social media compliance, communications and the intersection of these areas. This helps to provide background to both teams and while they don’t turn employees into experts, they do help individuals recognise when there is an issue."

Experience in these issues in the context of crisis management is important and understanding potential risks — be they financial, technological, operational or reputational — is also critical.

Tom Evrard, managing director, FTI Consulting Strategic Communications, cites the recent AirAsia plane crash as an example where an operational incident presented a significant reputational risk.

"The widely commended handling of that situation, while tragic in being required at all, demonstrated the cohesive interaction of several functions in the wake of the tragedy," he says.

It’s also equally important comms teams recognise when it is the right time to reach out to compliance, and vital that a robust comms policy is in place. "This should have been developed in partnership by both teams and should constantly be updated over time," says Worley. "These guidelines can allow comms teams to conduct the majority of their day-to-day work without constantly having to check in with compliance."

The latter can then be brought into the loop and maximised when specific situations arise where there is risk, potential risk or unknown variables at play. Challenges continue to arise, however, where legislation hasn’t kept up with consumer behaviour or marketing technology.

"Social media growth outpaces most companies’ risk management capabilities, where in many cases prevailing policies and procedures aren’t able to keep up with the dynamic and real-time social world," says Jeremy Woolf, senior vice-president, global digital and social media practice at Text 100. "One answer is a more frequent review of the wider media environment and its impact on policy."

He adds that it helps to have a focus on policy setting that recognises that brands operate in a very different, dynamic environment and that marketers need to be empowered to act faster.

Speed, both in terms of how quickly content is distributed across social networks and also the pace technology develops, is another barrier threatening the comms/compliance relationship. There are obvious benefits, therefore, to having a risk or compliance member connected to the comms team who can monitor and measure social media and react to them appropriately and timeously.

In the cases such as Eu Yan Sang, a creative idea or advertising campaign needs to be looked at through a filter of stakeholders and regulators.

FTI Consulting’s Evrard believes that where the two functions of comms and compliance are concerned, the convergence and integration of the two disciplines is on the horizon, with some organisations looking to, or having already established, the post of corporate communications and compliance officer.

While some may consider that extreme, Evrard believes it is a trend that will continue to grow in years to come.

AGENCY COMMENT: Controversy doesn’t always lead to crisis

Charles Lankester, senior VP, reputation management, Asia Pacific , Ruder Finn Asia

Marketing communications is unlikely to be subject to the same level of legal compliance as financial communications — but given the ability of a corporate crisis to impact share price, this may change.

We need a better term than ‘compliance’, as overly onerous restrictions would likely limit creative thought or initiative. A better term may be a ‘three-dimensional review’ of concepts and campaigns.

Data suggests this will be increasingly important — a 2013 Freshfields report showed that the first social media report about a corporate crisis appeared within 60 minutes whereas the first official response/statement took 21 hours.

There will always be exceptions to the rule — for example [Air Asia’s] Tony Fernandes speaking from the heart when many corporates choose (or would be told) not to. The lessons for big companies here? Authentic voices are those that are listened to.

Work through negative and positive scenarios. What’s the worst/best that could happen? Plan and prepare — don’t abandon an idea just because it’s controversial, but also be clear how you will defend it.

It’s important to ask your customers how they feel in the event of a problem. A social media controversy doesn’t always damage a brand in the long–term. It can enhance it.

CLIENT COMMENT: Set clear, concise ground rules for social

Paul Edwards, group general manager, corporate communications, ANZ

It’s become increasingly important to build stronger relationships with legal, compliance and operational risk areas as we develop new digital and social channels. Two important prerequisites have been to start the engagement at a strategic and senior level and to support this with briefing and education sessions on digital and social for our legal and compliance colleagues. It’s built a good working relationship and a stronger understanding of the new digital world.

We already have existing models for managing risk in real-time or near real-time communications, for example in the media relations unit. We have tried to leverage off that model while also investing in new guidelines or ‘rules of the road’ for social engagement, and in training and raising awareness throughout the organisation.

So far, the approach we have developed seems to be working but we are continuing to review and refine this. Part of that has been to actively engage our internal audit function to help us think more formally about the bank’s risk appetite regarding social and our control environment.

The collaborative approach we have built has also helped assure legal, compliance and risk that we are serious about risk management when it comes to social.

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in