Crisis Management

Target as Target

Risk experts grade Target's efforts to manage the reputation damage caused by the data breach.
By: | February 3, 2014 • 4 min read
TargetV1

After fumbling its initial response to a massive data breach, Target Corp. has rebounded, according to experts in crisis management.

However, they said, the retailer still faces challenges in regaining consumer confidence, especially among people directly harmed by the cyber attack, which struck at the height of the holiday shopping season.

Advertisement




In late November and early December, malware lodged in the retailer’s point-of-sale system siphoned off account and personal information for up to 110 million customers. But Minneapolis-based Target is not the only company that may have been struck. Luxury retailer Neiman Marcus suffered a smaller breach, and news reports suggest at least six other retailers have been hit. These other companies likely are keeping a close eye on Target’s handling of the crisis.

Critics have focused, in part, on the company’s early communications. Target appeared initially to underestimate the gravity of the situation, crisis consultants said. For example, Target’s first message to customers apologized for the inconvenience.

“You don’t call something like this an inconvenience,” said Rich Klein, a crisis management consultant in New York City.

Initial email (truncated) sent by Target on 12/19/2013. The original email included an additional 4 pages of information.

Initial email (truncated) sent by Target on 12/19/2013. The original email included an additional 4 pages of information.

Subsequent messages from Target used stronger language, acknowledging customers’ stress and anxiety, he said. Messages also switched from assuming customer confidence to promising to regain it, Klein added, praising the change.

“I would still say it’s so much better to get it right the first time,” he said.

2nd email to guests, 12/20/2013.

2nd email to guests, 12/20/2013.

Still, he added, the company made good use of its Twitter feed and Facebook page. Facebook, for example, was used only to communicate about the breach, not to advertise sales, though it also acted as something of a lightning rod for complaints.

Consultants also panned the company’s decision to extend a 10 percent discount to shoppers during the weekend of Dec. 21, a few days after news of the breach first surfaced. While the discount was a nice gesture, it did not adequately address customer concerns and seemed to suggest the crisis had passed, consultants said.

In addition, the company has occasionally appeared to be behind the news, with information trickling out in the media before being revealed by Target, said Jeff Jubelirer, vice president of Philadelphia-based Bellevue Communications Group. “We should expect more from a retailer of that size and that reputation and that level of success.”

A key turning point came on Jan.13 when the company’s CEO, Gregg Steinhafel, appeared on CNBC, apologizing for the breach, reassuring customers and defending the company’s reaction:

Steinhafel should have been giving interviews in December, said Jonathan Bernstein, an independent crisis management consultant in Los Angeles. “They would have suffered less loss of sales and less impact on their stock value if they had been more assertive from the get-go.”

Other observers gave Target high marks for making a relatively quick disclosure of the breach and offering a free year of credit monitoring to customers. The four-day gap between discovery of the breach on Dec. 15 and public disclosure on Dec. 19 was faster than it’s been in other cases, said Alysa Hutnik, an attorney in the Washington, D.C. office of Kelley Drye.

“I haven’t done the math, but I think that would rate somewhere at the very top,” said Hutnik, who specializes in cyber security issues.

Another high point is the prominent role of Target’s CEO, Hutnik said. “He knows there’s work to be done to earn back customer trust, and it looks like he is taking that obligation seriously,” she said, noting that top executives rarely serve as public faces after a data breach.

Other positive steps include Target’s $5 million investment in cyber security education said Michael Soza, a partner in accounting and consulting firm BDO.

“This latest move … is really going on the offensive to show that they really are trying to get out in front of this thing and really attack what is not just a Target problem,” Soza said.

Advertisement




As long as no other damaging details leak out, most customers will remain loyal to the chain, said Daniel Korschun, an assistant professor of marketing at Drexel University in Philadelphia.

But the company will have to work harder to win back customers who suffered directly. They will be hard to find and hard to soothe, especially if they’ve had to spend hours on the phone undoing damage to their credit or bank accounts.

“Those are the ones where the trust has really been lost,” Korschun said.

Joel Berg is a freelance writer and adjunct writing teacher based in York, Pa. He has covered business and regulatory issues. He can be reached at [email protected]
Share this article:

Risk Insider: Elizabeth Carmichael

Putting Your Organizational Values Where Your Risks Are

By: | July 8, 2016 • 3 min read
Elizabeth Carmichael is the director of compliance and risk management for Five Colleges Inc., which includes Amherst, Hampshire, Mount Holyoke, and Smith College. She can be reached at [email protected]

I think that many risk managers (myself included) struggle with guiding their organizations to choose what risks to prioritize for management.

Even when we work for an organization that has a highly functional ERM process, and senior leaders are actively engaged in the identification, management and mitigation of risks, can and/or should compliance and risk officers be leaders in helping them set their priorities?

If the answer to that question is “yes,” how can we be better leaders? We can do it by identifying and aligning risk management as a cornerstone of institutional values.

One of the things that has always bothered me about “reputational risk” is that it measures how the outside world will view the institution (by measuring lost revenue, increased costs, or reduced shareholder value) if it fails to address a particular issue.

This has become a shorthand of sorts for measuring the ethical aspects of failure to address some kinds of risks. The problem is, it doesn’t address the actual values of the organization. Reports have been published on the atmosphere at Penn State where alumni and other donations actually increased in support of the university after the news of the Sandusky sex scandal broke.

Other schools, like Dartmouth University, may have seen a drop in applications from women because of sexual assaults and harassment, but given the strength of the school, it probably hasn’t impacted the bottom line. The outcomes of bad press are impossible to predict.

Advertisement




There is no discussion, no scoring, in the enterprise risk management process of “How antithetical to our institution and our values would it be if something happened because we failed to address this risk?”

Or, “What are our institutional values and how does this risk conflict with our values?”

We should ask ourselves how risks might be scored if these questions replaced, “What is the reputational risk?”

Assuming — and admittedly it may be a big assumption — that organizations want to align their operations with their stated and implied values, the ERM process can and should be used to support this objective.

Even when we work for an organization that has a highly functional ERM process, and senior leaders are actively engaged in the identification, management and mitigation of risks, can and/or should compliance and risk officers be leaders in helping them set their priorities?

Now, if your company’s sole value and objective is to sell products more cheaply than any other company, ethics and values will not be likely to have any traction with company leadership on risk matters.

But if your company or organization has a mission, vision and/or values statement, you will have a place to start.

Reputation, on its most basic level, is a measure of trust — how well does the organization deliver the products and services, the values, which it promises?

This applies to both the organization’s customers and employees.

Do employees know what the organization’s values are? Are policies, procedures and risk mitigation efforts aligned with its values?

Compliance officers and risk managers may find that, when faced with opposition on a risk mitigation effort or prioritization, that helping mangers understand how the mitigation helps the organization’s actions align with its values will break down the resistance.

I’ve seen it work; try it!

Share this article:

Sponsored: Liberty Mutual Insurance

Buyers Beware: General Liability Outlook May be Shifting

Buyers should focus on building a robust GI program and risk management infrastructure to lessen the impact of emerging GI trends.
By: | July 5, 2016 • 6 min read

The soothing drumbeat of “excess capital” and “soft market” to describe the general liability (GL) market is a familiar sound for brokers and buyers. Emerging GL trends, however, suggest the calm may not last.

Increasing severity of GL claims may hit some sectors like a light rain at first, if they have not already, but they could quickly feel like a pelting thunderstorm in others. A number of factors could contribute to the potential jump in GL prices for certain industry segments or exposures, possibly creating “micro” or niche hard markets in the short-term, and maybe even turning the broader market over the longer-term.

“There are trends we’re seeing that will play out slowly. Industries that carry more general liability exposure will and have been hit first and hardest, but it won’t apply across the board initially,” said David Perez, Senior Vice President and Chief Underwriting Officer, for Liberty Mutual Insurance’s National Insurance Specialty operation. “There is ample capital in the market today, which allows a poor performing account to move its policy frequently from carrier to carrier. Poorer performing classes, however, will likely face increased pricing for GL policies and a reduction in capacity.”

The good news for buyers is that they can take action today to lessen the impact these trends and the evolving market may have on their GL programs.

David Perez on the state of the GL market.

Medical and Litigation Trends Drive Severity

One factor increasing claim severity is the rising cost of health care, driven both by greater demand and by medical inflation that is growing faster than the Consumer Price index.

The impact of rising medical costs on commercial auto is well-known. Businesses with heavy transportation exposures are finding it more difficult to obtain coverage, or are paying more for it.

That same trend will impact general liability, just on a slower and more fragmented basis.

LM_SponsoredContent“In light of these trends, brokers and buyers should seek to understand how effectively their current or potential insurers defend GL claims, particular in using evidence-based medicine to assess and value the medical portion of a claim, and how they can provide necessary care to claimants while still helping clients control their total cost of risk.”

— David Perez, Senior Vice President & Chief Underwriting Officer, National Insurance Specialty, Liberty Mutual Insurance

“It takes longer for medical inflation to register through the tort system in general liability than it does in auto liability (AL) because auto claims are generally resolved more quickly,” Perez said. “But the same factors affecting severity in AL also exist in GL and as a result, it’s foreseeable that we will not only see similar severity trends in GL, but they may in fact be worse than we’ve seen in commercial auto.”

Industries with greater exposure to severity in general liability claims should be the first wave of companies to notice the impact of medical inflation.

“Medical inflation will drive up costs across the board, but sectors like construction and product manufacturing have a higher relative exposure for personal injury lawsuits.”

The impact of medical inflation on the GL market.

Beyond medical inflation, two litigation trends are increasing GL damages. First, plaintiffs’ lawyers are seeking to migrate the use of life care plans—traditionally employed only for truly catastrophic injuries—to more routine claims.  Perez recalled one claimant with a broken thumb and torn ligaments who sought as much as $1 million in care for the injury for the rest of his life.

Second, the number of allegations of traumatic brain injuries (TBI) in GL claims is growing.  It can be difficult to predict TBI outcomes initially and poor outcomes can be expensive and long tailed.

“In light of these trends, brokers and buyers should seek to understand how effectively their current or potential insurers defend GL claims, particular in using evidence-based medicine to assess and value the medical portion of a claim, and how they can provide necessary care to claimants while still helping clients control their total cost of risk,” notes Perez.

Changing Legal Landscape

Medical inflation and litigation trends are not the only issues impacting general liability.

Unanticipated changes in court interpretations of policy language can throw unexpected pressure on GL pricing and capacity.

Courts sometimes issue rulings interpreting policy language in a manner that expands coverage well beyond the underwriter’s original intent. Such opinions may sometimes have a retroactive effect, resulting in an immediate impact on not only open, but also closed cases in some circumstances.

Shifts in the Marketplace

In addition to facing price increases, GL brokers and buyers will be challenged by slightly shrinking capacity due to consolidation and repositioning among carriers in the marketplace. “Some major carriers have scaled back their GL writing, resulting in a migration of experienced senior management. As these executives leave, they take their GL expertise and relationships with them, resulting in fewer market leaders and less innovation,” Perez said.

“Additionally, there are new carriers coming into the business that may not have the historical GL loss data to proactively identify trends or the financial strength and experience to effectively service their GL customers and brokers. Both trends make it important for brokers and buyers to work with an insurer that is committed to the GL market and has the understanding and resources to help better manage risks impacting customers.”

Last year saw a high level of mergers and acquisitions in the insurance industry. Buyers should take advantage of that disruption to re-evaluate their needs and whether their insurers are meeting them.  Or better yet, anticipating them.

What’s a Buyer to Do?

Buyers—and their brokers— should look to partner with insurers that can spot emerging trends and offer creative solutions to address them proactively.

What should buyers and brokers do, given the trends facing the GL market?

“Brokers and buyers should value insurers that have not only durability and a long history in the general liability business, but also a strong risk management infrastructure,” Perez said. “Your insurer should be able to help you mitigate your specific risks, and complement that with coverage that works for you.”

Beyond robust GL claims and legal management, Liberty Mutual also provides access to one of the insurance industry’s largest risk control departments to help improve safety and mitigate both claim frequency and severity.

In addition, notes Perez, “Even if a company has a less than optimal loss history in general liability, there can be options to provide adequate coverage for that company. The key is to partner with an insurer that has the best-in-class expertise, creativity, and flexibility to make it happen.”

By working closely with their insurers to understand trends and their potential impacts, brokers and buyers can better prepare for the possible GL storm on the horizon.

To learn more about Liberty Mutual’s general liability offering, visit https://business.libertymutualgroup.com/business-insurance/coverages/general-liability-insurance-policy.

SponsoredContent

BrandStudioLogo

This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Liberty Mutual Insurance. The editorial staff of Risk & Insurance had no role in its preparation.

Advertisement




Liberty Mutual Insurance offers a wide range of insurance products and services, including general liability, property, commercial automobile, excess casualty, workers compensation and group benefits.
Share this article: