This page contains a Flash digital edition of a book.
W a l k i n g


What are the key issues for businesses in unstable environments?


A


ny organisation (from a family start up through to a FTSE 100) is exposed to a


scale of risks, across a range of vulnerable areas, on a continuous basis. In the most basic terms this exposure can be reduced to human, financial, operational or reputational vulnerabilities; and the risk to an organisation from those vulnerabilities increases directly in line with external threat factors. It goes without saying that unstable environments often – if not always – pose a higher level of threat, and hence a greater risk, to any organisation operating in that environment.


Although it is tempting to think that an ‘unstable environment’ must refer to the streets of Baghdad or Kabul rather than the suburbs of Surrey, there are nevertheless factors which can render an otherwise stable environment deeply unstable, thereby increasing organisational risk exposure (think the London Riots; Bahraini civil unrest; the collapse of the Icelandic banks; or the LA Race Riots).


Factors which may predispose an otherwise ‘stable’ environment to instability include:


• Ethnic, sectarian, racial, or religious tensions


• Economic inequality and/or widespread poverty


• Political antagonism • Ineffective security forces • High rates of criminality • Financial or liquidity problems • High instance of corruption and bribery


• Lack of clarity on regulatory and legal issues and many more.


By taking basic steps to mitigate the threat of instability, organisations operating in those environments can significantly reduce their risk exposure – and in many cases the best practice models are those developed in the most severe environments, which have been tested most rigorously.


2


The threats in an unstable environment where any international organisation has operations, or even intermittent travel, are many and varied. People are at direct risk from threats including road traffic collisions, terrorist or criminal action, or open conflict. Capital is at risk from excessively lax or stringent regulatory


environments; collapsing banks that can trap large sums of money indefinitely; or relationships with partners, suppliers, and customers on which adequate due diligence cannot be carried out effectively (among many others). Operations are at risk from all of the above, and from other factors including: austere environments; civil disorder interrupting supply chains; or high levels of corruption inhibiting effective delivery of service. And finally, an organisation’s reputation is at risk from any impact to people, finances or operations: in effect from any of the threats above and many more not listed here!


What can businesses do to reduce their risk and protect themselves against the prevailing threats in unstable areas where they operate?


The answer is a simple one: Prior Preparation Prevents Poor Performance – “the five P’s”. Any organisation worth its salt recognises this, and engages in prior preparation across its core operational activities. Insurance, resilience, business continuity / disaster recovery, and other measures are examples of prior preparation against foreseeable threats or risks. However, in an unstable environment such as Libya, KSA, Israel, Nigeria, India, Iraq (and most emerging markets, as well as some more developed ones) additional measures are called for.


The first critical factor in mitigating organisational risk in an unstable environment is good intelligence. Information in a vacuum can and does rapidly become cripplingly complex, and organisations are often not sufficiently resourced to exploit the information gathered and produce usable intelligence.


There are many tools available: the UK FCO, US State Department, UN, and other bodies release regular general intelligence reports; or there are numerous private intelligence providers who can produce more specific reporting, bespoke to an organisation’s requirements. But for organisations whose structure does not provide the capacity for in-house intelligence collation and analysis, the best solution is often to identify specific intelligence requirements and to outsource these requirements to a specialist provider in the industry. This has significant benefits in terms of cost-effectiveness, but even more importantly it ensures that information is gathered from effective intelligence source networks and analysed effectively to develop useful intelligence.


The second critical factor is planning – which in unstable environments assumes an even


t h e


greater importance than in other areas. Although any reasonably mature organisation (in either stable or unstable environments) is highly likely to have well-developed plans for business development and for normal operations, the threats inherent to unstable environments mean that organisational risk is correspondingly higher, and therefore necessitate enhanced mitigation measures.


The real threat of death, injury, illness, arrest, kidnap, or other personal harm must be incorporated into organisational planning as a likely eventuality. Similarly the threat of financial setbacks, cash-flow difficulties, fines, or anti-competitive penalties must be addressed; and the reputational risk to the organisation’s brand (local and global) must be mitigated by effective corporate communications strategies.


Due to the higher levels of threat in unstable environments, planning needs to be correspondingly more robust. While many organisations in ‘stable’ environments have a relatively laissez-faire approach to security in general, this is not viable in more hostile or unstable environments: Risk Registers, Security and Business Continuity policies and plans, Standard Operating Procedures, Emergency Operating Procedures and Evacuation Plans must be developed, tested, maintained and adjusted. As with intelligence support, external specialist providers with detailed local knowledge and a specific focus on delivering these services are likely to represent both a capable and a cost-effective solution to the organisation’s requirements.


The third critical factor for effective risk mitigation in an unstable environment is operational readiness, supported by the two pillars of good intelligence and prior planning. Knowledge and plans are absolutely necessary – but without the ability to act upon these preparatory elements, any organisation will struggle and potentially fail when confronted with a crisis.


Specific readiness measures will vary widely between different organisations. However the core principles of readiness will generally be common to any well-developed risk mitigation strategy:


• Intelligence is monitored proactively, informing a trigger-based escalation of security response measures.


• Plans are well-developed and routinely tested and updated.


• All personnel involved have a clear understanding of their roles.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36