Risk & Crisis Communications


6 minute read

Can you keep your head when everyone around you are losing theirs?

Kipling had some sage advice about rising above adversity in his poem “If you can talk with the crowds and keep your virtue…yours is the earth and everything in it”.

Risk vs Crisis Communications

We hear a lot about crisis communications but not so much on the essential precursor, risk communications. There’s some fundamental differences between risk and crisis communications, even if ultimately, they’re trying to achieve the same aims.

We strive to make risk communications part of business as usual, sustained, and systematic to ensure our employees and our customers are informed. We’re really trying to encourage them to do the right thing, apply good practice, and educate (rather than direct) them on how to protect themselves and the organisation. Of course we have the luxury of time in this context and try to use that opportunity to build relationships so were seen as a trusted advisor.

Crisis communications is of course more urgent. It comes at the beginning of an actual or potential crisis when we’re looking to reduce impact and protect our people, our clients and of course our organisation. Now we don’t have the luxury of time, so our messages need to be concise and where possible unidirectional, so everyone gets the same unambiguous message, which should be building on but amplifying and escalating our original risk messaging.

The cut through of our risk communications is one of the elements that has a bearing on the effectiveness of our crisis comms:

  • How is our organisation perceived. Are we trusted? Are we seen as honest and competent?
  • Whether it’s our people or our customers, “is this my problem”? Have we explained the risk and impacts that collectively we’re facing.
  • Is this our fault! Is our organisation the victim here, or is neglect or negligence at play?

Of course in recent time we’ve had ample opportunity to learn how not to do it. When Medibank knew it had been breached its disclosures were designed to satisfy the market, provide assurance that they continued to operate, and to fulfil its legal obligations. But what about its customers who had no idea if their data was compromised? Even if there was a chance that customer data had been lost, they deserved to know. And Optus was even worse, posting public messages on it’s media webpage, but failing to communicate in any way to customers for another four days.

Reporting to the government and regulators may well meet statutory obligations, but failure to be transparent with customers, can lead to much longer term issues of trust in the brand.

What are we seeing now

At Battleground, we have a broad cross section of public and private sector clients, both large and small, but the themes are pretty consistent.

  • Stakeholder mapping has got really complicated! Stakeholder matrices are important but hard to keep current
  • It’s not just corporate affairs or the communications team’s job. There’s an essential coordination piece to play, but every leader has skin in the game.
  • During simulations we often hear “…I think we have to notify…” Ground truthing the actual vs perceived obligations is critical.
  • Stakeholder prioritisation. Not all stakeholders were created equal and until we ground truth the obligations, we won’t know if we’re overdelivering in the wrong place.
  • Consistency of messaging. Don’t wing it! Clarify who has authority to approve messages, even if it’s a collective process to draft them.
  • Divide and conquer. All leaders manage relationship every day, so leverage those relationships when you need them most.

BUT…you must speak to your people first!

Not treating employee communications as imperative and at the very least providing concurrent messaging for employees along with other stakeholders is a big mistake and can remove your most important players from the board if managed poorly.

Your employees will be affected by the crisis. They may also be victims, they may have had their own data compromised during a breach for example. They will experience the potential public and/or customer concern or backlash, and they are the only ones who will be there to help you dig your way out of the crisis, so whatever else you do, keep your people in the loop.

What should you do if it happens tomorrow

If the worst happens before you’ve written your crisis communications plan at least apply these simple rules in all your messaging:

  1. Show your care and concern for those affected
  2. Demonstrate control over the situation at the highest levels
  3. Clarify your commitment and transparency in investigating the causes and cooperating with authorities…and then follow through on that commitment
  4. And do it quickly!

And after the crisis?

Think back to what you were trying to achieve with your risk communications in light of what you know post crisis.

  • How can you maintain and build on the relationships you’ve built in that period of adversity. You have a window of opportunity, but it’s finite.
  • Share what you learned – with your people, your customers, and the community, remember it’s about education and learning.
  • Don’t just identify your lessons. Commit and translate them into changes in policy, practice, operations, strategy etc. Only then you can call them lessons learned.

To keep your cool when the heat is on, speak our expert Battleground consultants today.

Share this article with your network

More articles