It happens after nearly every tragedy. Initially, some spokesperson, or government official, or pundit says the event was “unprecedented,” “unforeseeable,” or “could not have been anticipated.” Some time later, society adopts protective measures that, in a word, are “obvious.” At times, we seem to be completely reactive, unable to identify and avoid non-routine risks, until calamity strikes, and then we implement common sense protective measures. Must we suffer every disaster at least once? From a risk management perspective the answer should be a resounding no. All too often, however, enterprises limit their assessment of risks to the known or obvious risks, without a dedicated effort to look beyond. We can and should do better.
For starters, lets challenge every explanation that an event was an unforeseeable calamity. And by challenge, I don’t mean adopting conspiracy theory as a belief system. Instead, we should ask ourselves whether the claim of unforeseeability is consistent with our own knowledge of the world.
Let’s think about one such event from this perspective. In the immediate aftermath of 9-11, the attacks were described as unforeseeable, but does that statement hold up? Using planes as weapons in coordinated suicide attacks goes back at least to World War II (kamikazes). Jihadists had already tried to take down the World Trade Center, so the target could hardly be described as new. So what was new and unknowable about that tragedy- the use of commercial airliners as weapons of mass destruction? While that point is debatable, the debatability of a risk is not an excuse for failure to anticipate the risk and adopt reasonable avoidance measures.
Ask yourself this question about all such “unforeseen” events: If it was my life’s work to think about possible risks in this area, in this instance, risks associated with air travel, should I have foreseen this risk, and recommended common sense measures against it, e.g., fortifying cockpit doors. Maybe this is just a case of hindsight being 20/20, but then again, maybe not. I tend to think that the risk that an airline hijacker would do something other than simply ask to be flown to a destination, and would instead try to use the plane as a weapon to make a political statement, indeed, flying the plane into an iconic building, was readily foreseeable, at least if any smart person was charged with thinking about such risks.
Run this same analysis for any number of reportedly unanticipated events, (the uncontrolled release of oil from a deep ocean well in the Gulf of Mexico, the Challenger explosion, etc., etc.) and in most instances the results would be the same, in hindsight, the events seem entirely knowable from the perspective of someone specifically charged with anticipating risks.
Given the consequences of major catastrophes, why don’t we, at the enterprise level, pay more people to creatively anticipate the unknown? There are several reasons for this. For public companies, the drive to meet or beat short term (quarterly or annual) expectations certainly works against maintaining a dedicated cost center charged with thinking about and avoiding (usually by incurring more costs) calamitous events to the enterprise. Given the American penchant for eternal optimism, the role of Chief Risk Officer, (a/k/a Chief Naysayer) is not likely to be a popular one, and will clash with other officers who may see themselves in the role of Cheerleader in Chief.
What we need is a culture shift, in which the timely identification and prudent avoidance of risk is valued and rewarded, at least as much as fortitude in crisis response. Fortunately, there are some inklings of change. According to a recent press release,here, one of the ratings agencies has highlighted the identification of “emerging risks” as an integral part of its “enterprise risk management” (ERM) reviews which are incorporated into overall credit opinions for the property and casualty insurers it rates:
The assessment of emerging risks is a critical and forward-looking component of our ERM and credit analysis for property/casualty insurers. …Our world is increasingly dynamic, and to the extent an insurer can demonstrate a meaningful degree of preparedness in handling emerging risks, the more likely, in our view, it will be able to maintain its creditworthiness when a risk emerges.
Indeed, while the press release describes the benefits of controlling emerging risks (“risks that so far have not resulted in significant losses for … but have the potential to cause problems”) for insurers, the point could be applied more universally to all enterprises. Those companies that actively try to anticipate and reasonably avoid catastrophe, should be recognized and rewarded for their effort.
To be fair, there will always be something beyond our ken, and mistakes will be made, but we should view these facts as motivation for planned forethought and action, not as an excuse to be uttered from the ruins of a preventable disaster.