The ICSA Ireland Conference24 May 2016
Conference ChairConor Ryan, Chair, ICSA Ireland Branch
To view all the slides, go to the conference webpage and click the link.
Follow us on: @ICSA_News
Please use the hashtag #ICSAIre16
ICSA 125Simon Osborne, Ireland conference, 24 May 2016
125 years of leading governance
ICSA125
This October we celebrate 125 years since the institute first was first formed.
ā¢ 1891: the Institute of Secretaries
ā¢ 1971: the Institute of Chartered Secretaries and Administrators
ā¢ 2016: ICSA: The Governance Institute
125 years of leading governance
ā¢ Positioning ourselves for the future
ā¢ ICSA: The Governance Institute
ā¢ Royal Charter to lead āeffective governance and efficient administration of commerce, industry and public affairsā
125 years of leading governance
Where weāre heading:
ā¢ ICSA to be the provider of products and services to support the skills and knowledge of professionals working in governance and legal and regulatory compliance roles in organisations of all types and sizes and in any sector
ā¢ A wider set of products and services, particularly qualifications, for people outside of the corporate market
ā¢ Revision of qualifications to keep them current and in demand
ā¢ Higher public profile in the media
125 years of leading governance
How weāre getting there:
ā¢ Continued focus on raising our public profile
ā¢ Increased public profile courtesy of the Policy team, ie Code of Governance for CCGs, blogs, technical briefings, articles, speaking at events and responding to consultations
ā¢ Positioning ICSA as a thought leader in national and regional media
ā¢ Governance and Compliance magazine
ā¢ Research projects
ā¢ www.icsa.org.uk
125 years of leading governance
Encouraging the future faces of governance:
ā¢ One to Watch, ICSA Awards
ā¢ Tom Morrison Essay Prize ā the Keating twins!
125 years of leading governance
Governance professionals are right at the heart of things, promoting accountability, transparency, integrity and stewardship to ensure that organisations operate in a manner which is most productive.
āGovernance focus has increased, the company secretaryās role has increased, [there is] more work to do, and that work is more visible.ā (The Company Secretary: Building trust through governance, Henley Business School)
The study, development and practice of governance are here to stay.
ICSA: The Governance Institute has a bright future ahead of it!
Keynote addressPJ Timmins, Director, The Alternative Board and former CEO, Clerys plc
Cyber security: What does it mean for your business?ICSA Conference 2016
Jared Carstensen24th May 2016
About meā¦..
A|14 Jared Carstensen | 24th May 2016
My Journeyā¦.Every kid dreams of their perfect job
Baby Firefighter Policeman Leader / Politician CISO
15 | Jared Carstensen | 24th May 2016
Perception vs RealityBefore & After
Before Breach16 | Jared Carstensen | 24th May 2016
During & Post Breach
Bringing the ease of an attack homeā¦..
B|17 Jared Carstensen | 24th May 2016
Information Security ā People, Processes & TechnologyEach of us is only ever one click away!How easy is it? An example scenario of what could happen!
18 | Jared Carstensen | 24th May 2016
Context
C|19 Jared Carstensen | 24th May 2016
The Threat LandscapeCriminals, Hacktivists, Insiders, Nation States
20 | Jared Carstensen | 24th May 2016
This is Real ā if you use the internet or send email, you are a targetā¦.āŖAffecting every single person & business (viruses, malware, cybercrime etc.)
āŖWorld Economic Forum highlights risk of cyber attack among its highest global risks
āŖOver 90% large corporates (globally) have experienced incidents & attacks
āŖTop 5 priority for CEOās ā FTSE 100 & FTSE 250 ā Wall Street Journal
āŖBreaches impact negatively on share price, consumer, people & partner confidence
āŖCyber crime makes more money than the narcotics / drugs trade and is a trulyinternational āborderlessā crime
Danger Signs
D|21 Jared Carstensen | 24th May 2016
Danger Signs for SecurityCommon mistakes that lead to failed programmes
10 | Jared Carstensen | 24th May 2016
Ineffective security programmes / departments do the following:
Ī§ āWhy would anyone want to hack usā mind-set.Ī§ Treat all information and systems the same.Ī§ Use āNoā often to block projects or initiatives. Ī§ Apply checklist based security!Ī§ Drive policies as the primary way to change behaviours. Ī§ Try to fix all security risks with technologies and products. Ī§ No metrics or reporting to Audit Committee / Board.Ī§ Treat security as a technical area that is looked after by the IT department.Ī§ Inability to communicate in simple and concise business terms.
Ensure the followingā¦.
E|11 Jared Carstensen | 24th May 2016
Effective Security Beats āGoodā or Compliant SecurityFocus on the small steps to yield big changes
12 | Jared Carstensen | 24th May 2016
Effective security programmes / departments do the following:
Endorsement, mandate and comment of support from highest member of company. Prioritised and categorised list of critical services, functions and systems. Embrace organisational culture and promote positive behaviours. Make the message stick and memorable ā people first / focussed approach!Ongoing reporting to Management, Audit Committee and Board.Which projects have been seen as a success, why they succeeded & replicate those. Focus on capability and enhancing maturity as opposed to purely controls based security. The best form of security is the one this is invisible to the user and has various layers. Consistently enhance practices to help prepare for incident response / breach activities.
Final Thoughtsā¦.
F|25 Jared Carstensen | 24th May 2016
Cyber Sales / Scaremongering ā it has got to stop!Call for calm, actionable and measured steps
26 | Jared Carstensen | 24th May 2016
Car Accidents vs Cyber Breaches!Are there similarities / comparisons?
27 | Jared Carstensen | 24th May 2016
ā¢ Rules of road to protect drivers and pedestriansā¢ Regulations and standards to protect businesses and consumersā¢ Speed limits depending on the type of roadā¢ Regulations depending on the type of industry and sectorā¢ Wide choice of cars available depending on your needsā¢ Wide choice of solutions and providers depending on your requirementsā¢ By not adhering to rules and laws of the road, you put your own and othersā lives at riskā¢ By not adhering to security rules, standards, frameworks and best practice, thousands of
incidents are happening every day putting your organization and itās customers at riskā¢ Despite all road safety guidelines, laws and awareness there are countless road accidents
and fatalities every dayā¢ Despite all the standards, guidance, frameworks, regulations and more solutions and
services than ever before; countless incidents, breaches and non-compliance continue
Is your organization driving recklessly, or are they simply asleep at the wheel?
Thank you
28 | Jared Carstensen | 24th May 2016
Jared CarstensenChief Information Security Officer
Tea and Coffee
30
Managing Risk and ReputationNiamh Boyle, Managing Director, The Reputations Agency24th May 2016, ICSA Annual Conference
About The Reputations Agency
31
The Reputations Agency is a full service Consumer Brand, Corporate PR and Reputation Management agency and part of Irelandās biggest ideas company, the ddfh&b Group and the global JWT network. Across our three divisions we tell brand stories and manage the reputations of some of the worldās biggest brands. Using global and local insights which shape and inform our thinking, we deliver smart strategies and great ideas with a single minded focus - getting your brands and companies talked about. We are the leading experts in reputation management in Ireland, and exclusive partners of the global Reputation Institute, with our Ireland RepTrakĀ® Report a calendar feature for the CEOs of many of Irelandās best known organisations. Our TRA Brands team builds campaigns from the ground up in partnership with some of the top marketers in the country. We are a key part of the inter-agency planning process with some of the most experienced brand experts and freshest thinkers in the country. Our Corporate and Financial team are PR experts with strategic marketing, financial, legal and reputation management capability who act as trusted advisors to leading Irish businesses. We offer analysis, strategy, media relations and expert counsel to build profiles and engage stakeholders while also providing issues and crisis management support when organisations need it most.
About the Reputation Institute ā¢ Reputation Institute is the worldās leading
reputation management consultancy, founded in 1997.
ā¢ Its Global RepTrakĀ® Pulse study is the world's largest reputation study, measuring more than 2,000 companies from 25 industries across 40 countries.
ā¢ The study provides key insights into what drives perceptions and how they influence marketplace behaviour, and powerful global benchmarking.
ā¢ RepTrakĀ® also serves as the basis for continued thought leadership in the reputation management field.
ā¢ RIās Reputation Leaders Network is the premier network of senior executives from more than 100 global member companies who work together to advance the practice of corporate reputation management collectively and for their organisations.
United Arab Emirates
c
Canada
United States
Colombia
Chile
Brazil
South Africa
Australia
Malaysia
India
JapanChinaPortugal Spain
Russia
Turkey
UkraineGermany
Norway
Greece
IrelandUnited Kingdom
FranceSwitzerland
Denmark
Netherlands
Sweden
Italy
Mexico
Panama
Puerto Rico
PerĆŗ
Argentina
Knowledge Publication Conferences Training
Research Information Analysis Presentation
Advice Insight Strategy Activation
Why should we care about reputation?
*
Direct experience
What a company communicates
What others say
Touch Points Reputation Behaviour Business Results
A strong reputation increases supportive behaviours
and delivers positive business results
Regulators
Media &Social Media
General Public
Employees
Customers
Key Opinion Leaders Support/
Refer
Work For/Recommend
Advocate/Refer Hold You In
High Regard
Recommend/SupportSeek Opinion
Necessary to understand your stakeholders, and how to influence them across communications touch-points, in order to drive/shape the perceptions that support your companyās results
Why should we care about reputation?
Note: The RepTrakĀ® Index was calculated from the daily stock market values of the 10 most reputed companies with a RepTrakĀ® Pulse score above 70 in the UK RepTrakĀ® Pulse rankings and adjusted each year in January. The values of the RepTrakĀ® Index and FTSE100 Index shown are percentage changes from January 1, 2009.
Ten most highly reputed companies outperform FTSE100 Index 2009ā2015Analysis of the share price of the most highly reputed companies shows that they consistently outperform the market ā in the U.S., FTSE, CAC and Nordic countries.
Why should we care about reputation?
ā¦and thereās much more at stake!
1975 1985 1995 2005 20090%
20%
40%
60%
80%
100%
17%
32%
68%
80% 81%
83% 68% 32% 20% 19%
Components of S&P 500 Market Value
Intangible Assets Tangible Assets
* Who you are as a Company matters more than what you Sell
Product Enterprise
38% 72%
The companies that are investing here are capturing competitive advantage
Would buy the products 6%
Would recommend the products
Would work for
Would welcome into local community
14% 34% 56% 86%
4% 9% 26% 53% 86%
5% 11% 28% 54% 84%
7% 16% 35% 59% 86%
0-39 40-59 60-69 70-79 80+RepTrakĀ® Pulse Score
POOR<40
AVERAGE60-69
STRONG70-79
WEAK40-59
EXCELLENT>80
* A Strong Reputation Reduces the Transaction Cost of doing Business
* How do we know what external audiences believe about us?
Why do you love me? Do you love me? What are the practical consequences?
Defines what drives corporate reputations
Direct measurement of corporate reputation (as a proxy for trust)
Defines the consequences of corporate reputations in terms of intended behaviour
Dimensions Reputation Behaviour
Y 2 0 1 0 Y 2 0 1 1 Y 2 0 1 2 Y 2 0 1 3 Y 2 0 1 455.00
60.00
65.00
70.00
75.00
80.00
85.00
Rep u t atio n Dev elo p men t s Th e Co c a-Co la Co mp an y
United States of America AustraliaChina Spainā¢ RepTrakĀ® enables a firm to see in
time negative trends in public opinion, regarding key issues like for example OBESITY
ā¢ Coca-Cola, just like McDonalds, could have seen the gradual decrease in the perceptions of the company that appeared to be linked to growing worries among external audiences regarding healthy food.
RepTrakĀ® works as an Early Warning System
ā¢ The company does well as a brand as it is in the Top 3 of Interbrandās Global Ranking
ā¢ However, its reputation is substantially lower and decreasing:ā Global RepTrakĀ® 2016 - The Coca-Cola company ranks #83 ā Global RepTrakĀ® 2015: Rank #67ā Global RepTrakĀ® 2014: Rank #52ā Ireland RepTrak 2016 Ā® - Rank #68
ā¢ As a consequence performance decreases
74.58
78.55
RepTrakĀ® Score Globally
All Global Pulse scores that differ by more than +/-0.9 are significantly different at the 95% confidence level. Pulse scores are based on questions measuring Trust, Admiration & Respect, Good Feeling and Overall Esteem (captured in the RepTrak Ā® Pulse score on a 0-100 scale).
78.98
85.41
79.19
83.19
83.34
84.77
78.95
79.29
76.64
88.33
76.19
75.19
69.80
71.26
POOR<40
AVERAGE60-69
EXCELLENT>80
STRONG70-79
WEAK40-59
BMW Group ā Reputation profile across 15 markets
Ireland RepTrak Ā® 2016 ā Reputations of the largest & most visible companies in Ireland
Ireland RepTrakĀ® 2016 ā Reputations of the largest & most visible companies in Ireland
RepTrakĀ® PulseIreland 2016
79,6
78,4
77,3
76,4
76,1
75,9
75,9
75,4
75,2
75,1
74,8
74,4
74,2
73,8
73,7
73,0
72,9
72,6
72,4
72,0
71,8
71,7
71,3
71,1
71,0
70,9
70,7
70,5
69,1
68,4
68,1
68,0
68,0
67,7
67,3
67,1
66,6
66,6
66,5
66,4
65,7
65,0
64,2
63,9
63,9
63,6
63,5
63,1
63,1
63,1
Bor
d B
ĆaE
ason
& S
onA
n P
ost
Goo
gle
Lidl
The
Irish
Lea
gue
of C
redi
t U
nion
sA
ldi S
tore
sB
MW
Ford
Boo
tsS
uper
Val
uIn
tel
Toyo
taK
ello
gg's
Gla
nbia
Cad
bury
Tour
ism
Ire
land
Aer
Lin
gus
Sm
yths
Toy
sK
erry
Gro
upA
pple
gree
nM
icro
soft
IRFU
Bro
wn
Thom
as G
roup S
par
Lloy
dsP
harm
acy
Hew
lett
-Pac
kard
Mar
ks &
Spe
ncer
Gro
upTh
e Iri
sh T
imes
Abb
ott L
abor
ator
ies
Hei
neke
nC
oillt
eA
rnot
tsA
viva
ES
BP
rimar
kB
ord
na M
Ć³na
Nis
san
App
leIB
MIri
sh D
istil
lers Del
lLa
ya H
ealth
care
Virg
in M
edia
Alli
anz
Thre
eD
unne
s S
tore
sB
ord
GƔi
s E
nerg
y GA
AIn
depe
nden
t N
ews
& M
edia
0
10
20
30
40
50
60
70
80
90
100
Excellent/Top tier 80+Strong/Robust 70-79Average/Moderate 60-69Weak/Vulnerable 40-59Poor/Low est tier <40
Ireland RepTrakĀ® 2016
28 companies in the Strong tier
41 companies in the Average tier
41 companies in the Average tier
30 companies in the Weak tier
One company in the Poor tier in 2015
RepTrakĀ® PulseIreland 2016
62,9
62,8
62,6
62,5
62,5
62,4
62,2
62,0
62,0
61,8
61,6
61,4
61,2
61,1
61,0
60,7
60,6
60,2
60,0
59,9
59,5
59,2
59,0
59,0
58,9
58,6
58,5
58,5
58,5
58,4
58,1
58,0
58,0
57,8
57,6
56,9
56,0
55,4
54,2
54,1
53,3
52,3
51,6
48,9
47,7
46,9
46,8
46,2
44,7
14,3
Cen
traP
fizer
Zuric
h Li
fe A
ssur
ance
Vod
afon
eB
us Ć
irean
n-
Irish
Bus DA
AIri
sh L
ifeIa
rnro
d Ć
irean
nV
olks
wag
en Sky
Axa
Tesc
oR
yana
irG
SK
Dia
geo
RTĆ
KB
C B
ank
The
Coc
a-C
ola
Com
pany
Dub
lin B
us
-B
us Ć
tha
Clia
th Pw
CFB
DV
hi H
ealth
care
EY
Max
olFr
iend
s Fi
rst
RS
ATV
3Li
berty
Insu
ranc
eK
PM
GTo
paz
Ene
rgy
Gro
upN
atio
nal
Lotte
ryfa
cebo
okS
SE
Airt
ricity
Del
oitte
Ren
ault
Pep
siC
oP
erm
anen
t ts
bM
eteo
rC
IĆP
addy
Pow
erU
lste
r B
ank
BT
Irela
nd EB
SLa
dbro
kes FA
IM
cDon
ald'
sB
ank
of Ir
elan
d AIB ei
rIri
sh W
ater
0
10
20
30
40
50
60
70
80
90
100
Excellent/Top tier 80+Strong/Robust 70-79Average/Moderate 60-69Weak/Vulnerable 40-59Poor/Low est tier <40
Ireland RepTrakĀ® Pulse 2016
Ireland RepTrakĀ® Pulse 2016 ā Ranked 75-51Ireland[sorted by 2016] 2015 2016 2015 2016
26 LloydsPharmacy - 70,9 51 Centra 67,4 62,9 -4,527 Hewlett-Packard 69,4 70,7 52 Pfizer 68,5 62,8 -5,728 Marks & Spencer Group 72,5 70,5 53 Zurich Insurance 67,1 62,6 -4,529 The Irish Times 67,1 69,1 54 Vodafone 56,7 62,5 5,930 Abbott Laboratories 67,8 68,4 55 Bus Ćireann- Irish Bus 67,2 62,5 -4,731 Heineken 67,7 68,1 56 DAA 64,0 62,432 Coillte 65,9 68,0 57 Irish Life 61,2 62,233 Arnotts 74,5 68,0 -6,5 58 Iarnrod Ćireann 58,1 62,0 3,934 Aviva 64,2 67,7 3,6 59 Volkswagen 77,9 62,0 -15,935 ESB 63,7 67,3 3,6 60 Sky 62,8 61,836 Primark 73,4 67,1 -6,3 61 Axa 63,0 61,637 Bord na MĆ³na 65,6 66,6 62 Tesco 60,2 61,438 Nissan 74,2 66,6 -7,7 63 Ryanair 54,1 61,2 7,139 Apple 71,1 66,5 -4,6 64 GSK 67,3 61,1 -6,240 IBM 71,6 66,4 -5,1 65 Diageo 64,7 61,0 -3,741 Irish Distillers 63,4 65,7 66 RTĆ 65,0 60,7 -4,442 Dell 70,9 65,0 -5,9 67 KBC Bank 60,8 60,643 Laya Healthcare 61,8 64,2 68 The Coca-Cola Company 61,8 60,244 Virgin Media 51,3 63,9 12,5 69 Dublin Bus - Bus Ćtha Cliath 53,2 60,0 6,845 Allianz 64,5 63,9 70 PwC 56,8 59,9 3,146 Three 57,2 63,6 6,4 71 FBD 61,9 59,547 Dunnes Stores 64,6 63,5 72 Vhi Healthcare 56,0 59,2 3,148 Bord GĆ”is Energy 59,2 63,1 3,9 73 EY - 59,049 GAA 71,9 63,1 -8,8 74 Maxol 59,7 59,050 Independent News & Media 53,4 63,1 9,7 75 Friends First 59,2 58,9
n = 3.211 3.619 n = 3.612 3.601
2015-2016
Excellent/Top tier 80+Strong/Robust 70-79Average/Moderate 60-69Weak/Vulnerable 40-59Poor/Low est tier <40
Ireland RepTrakĀ® Pulse 2016 ā Ranked 50-26
Excellent/Top tier 80+Strong/Robust 70-79Average/Moderate 60-69Weak/Vulnerable 40-59Poor/Low est tier <40
Ireland[sorted by 2016] 2015 2016 2015 2016
26 LloydsPharmacy - 70,9 51 Centra 67,4 62,9 -4,527 Hewlett-Packard 69,4 70,7 52 Pfizer 68,5 62,8 -5,728 Marks & Spencer Group 72,5 70,5 53 Zurich Insurance 67,1 62,6 -4,529 The Irish Times 67,1 69,1 54 Vodafone 56,7 62,5 5,930 Abbott Laboratories 67,8 68,4 55 Bus Ćireann- Irish Bus 67,2 62,5 -4,731 Heineken 67,7 68,1 56 DAA 64,0 62,432 Coillte 65,9 68,0 57 Irish Life 61,2 62,233 Arnotts 74,5 68,0 -6,5 58 Iarnrod Ćireann 58,1 62,0 3,934 Aviva 64,2 67,7 3,6 59 Volkswagen 77,9 62,0 -15,935 ESB 63,7 67,3 3,6 60 Sky 62,8 61,836 Primark 73,4 67,1 -6,3 61 Axa 63,0 61,637 Bord na MĆ³na 65,6 66,6 62 Tesco 60,2 61,438 Nissan 74,2 66,6 -7,7 63 Ryanair 54,1 61,2 7,139 Apple 71,1 66,5 -4,6 64 GSK 67,3 61,1 -6,240 IBM 71,6 66,4 -5,1 65 Diageo 64,7 61,0 -3,741 Irish Distillers 63,4 65,7 66 RTĆ 65,0 60,7 -4,442 Dell 70,9 65,0 -5,9 67 KBC Bank 60,8 60,643 Laya Healthcare 61,8 64,2 68 The Coca-Cola Company 61,8 60,244 Virgin Media 51,3 63,9 12,5 69 Dublin Bus - Bus Ćtha Cliath 53,2 60,0 6,845 Allianz 64,5 63,9 70 PwC 56,8 59,9 3,146 Three 57,2 63,6 6,4 71 FBD 61,9 59,547 Dunnes Stores 64,6 63,5 72 Vhi Healthcare 56,0 59,2 3,148 Bord GĆ”is Energy 59,2 63,1 3,9 73 EY - 59,049 GAA 71,9 63,1 -8,8 74 Maxol 59,7 59,050 Independent News & Media 53,4 63,1 9,7 75 Friends First 59,2 58,9
n = 3.211 3.619 n = 3.612 3.601
2015-2016
Ireland RepTrakĀ® Pulse 2016 ā Ranked 25-11
Excellent/Top tier 80+Strong/Robust 70-79Average/Moderate 60-69Weak/Vulnerable 40-59Poor/Low est tier <40
Ireland[sorted by 2016] 2015 2016
1 Bord BĆa 79,8 79,62 Eason & Son 72,8 78,4 5,6 Bord BĆa3 An Post 75,3 77,3
5 Lidl 72,9 76,1 3,26 The Irish League of Credit Unions 77,6 75,97 Aldi Stores 72,9 75,9 Irish Water8 BMW 71,8 75,4 3,69 Ford 72,7 75,210 Boots 81,6 75,1 -6,511 SuperValu 71,4 74,8 3,4 Biggest climb 201612 Intel 74,9 74,4 Virgin Media13 Toyota 76,3 74,214 Kellogg's 81,0 73,8 -7,215 Glanbia 70,5 73,7 3,216 Cadbury 73,5 73,0 Biggest fall 2016 -15,917 Tourism Ireland 73,8 72,9 Volkswagen18 Aer Lingus 74,9 72,619 Smyths Toys 75,5 72,420 Kerry Group 70,4 72,021 Applegreen - 71,822 Microsoft 74,7 71,723 IRFU 77,6 71,3 -6,224 Brown Thomas Group 71,3 71,125 Spar 66,4 71,0 4,6
n = 3.015 3.702
Ireland[sorted by 2016] 2015 2016
1 Bord BĆa 79,8 79,6 Highest score 20162 Eason & Son 72,8 78,4 5,6 Bord BĆa3 An Post 75,3 77,3
5 Lidl 72,9 76,1 3,26 The Irish League of Credit Unions 77,6 75,97 Aldi Stores 72,9 75,9 Irish Water8 BMW 71,8 75,4 3,69 Ford 72,7 75,210 Boots 81,6 75,1 -6,511 SuperValu 71,4 74,8 3,412 Intel 74,9 74,4 Virgin Media13 Toyota 76,3 74,214 Kellogg's 81,0 73,8 -7,215 Glanbia 70,5 73,7 3,216 Cadbury 73,5 73,017 Tourism Ireland 73,8 72,9 Volkswagen18 Aer Lingus 74,9 72,619 Smyths Toys 75,5 72,420 Kerry Group 70,4 72,021 Applegreen - 71,822 Microsoft 74,7 71,723 IRFU 77,6 71,3 -6,224 Brown Thomas Group 71,3 71,125 Spar 66,4 71,0 4,6
n = 3.015 3.702
2015-2016
Ireland RepTrakĀ® Pulse 2016 ā Ranked 10-1
Excellent/Top tier 80+Strong/Robust 70-79Average/Moderate 60-69Weak/Vulnerable 40-59Poor/Low est tier <40
Ireland[sorted by 2016] 2015 2016
1 Bord BĆa 79,8 79,6 Highest score 20162 Eason & Son 72,8 78,4 5,6 Bord BĆa3 An Post 75,3 77,34 Google 84,4 76,4 -8,05 Lidl 72,9 76,1 3,26 The Irish League of Credit Unions 77,6 75,9 Lowest score 20167 Aldi Stores 72,9 75,9 Irish Water8 BMW 71,8 75,4 3,69 Ford 72,7 75,210 Boots 81,6 75,1 -6,511 SuperValu 71,4 74,8 3,412 Intel 74,9 74,4 Virgin Media13 Toyota 76,3 74,214 Kellogg's 81,0 73,8 -7,215 Glanbia 70,5 73,7 3,216 Cadbury 73,5 73,017 Tourism Ireland 73,8 72,9 Volkswagen18 Aer Lingus 74,9 72,619 Smyths Toys 75,5 72,420 Kerry Group 70,4 72,021 Applegreen - 71,822 Microsoft 74,7 71,723 IRFU 77,6 71,3 -6,224 Brown Thomas Group 71,3 71,125 Spar 66,4 71,0 4,6
n = 3.015 3.702
RepTrakĀ® Pulse development2015-2016
52Ireland RepTrakĀ® 2016 - Industry ranking
Ireland Average Pulse 63.6
Food - Manufacturing (4) n = 401
Retail - General (11) n = 1.701
Computer (6) n = 606
Automotive (6) n = 603
Public Services (5) n = 602
Pharmaceuticals (5) n = 502
Information & Media (6) n = 707
Energy (7) n = 1.406
Retail - Food (5) n = 899
Transport & Logistics (5) n = 799
Beverage (5) n = 1.000
Financial - Insurance (11) n = 1.099
Services (6) n = 1.102
Telecommunications (7) n = 604
Financial - Bank (7) n = 1.699
Total n= 13.732
Ireland
73.1
69.1
64.8
63.9
63.4
62.4
58.7
55.8
71.7
68.5
64.1
63.5
63.2
61.5
57.1
63.2
73.171.7
69.168.5
64.864.163.963.563.4
62.461.5
58.757.155.8
0 20 40 60 80 100
Reputational Risk Management
54
1978 1984 2001
The topic is not at all newā¦
55
20101989
ā¦and the Energy/Petrochemical industry has seen some major incidents
56
The difference between then and now is extremely different ā Impacts today are immediate and globalā¦
TodayYesterday
57For BP, the Deep Water Horizon incident had a devastating impact on their reputation ā and consequently their financial performance
HOW VW LOST THE PUBLICāS TRUSTSeptember 2015 - US EPA announced Volkswagen had been installing sophisticated software to cheat diesel emission tests - Volkswagenās cars were environmentally friendly no more. The general publicās trust in the automaker was highly damaged in the US as well as globally.
Country Q1 RepTrakĀ® Pulse
Q4 RepTrakĀ® Pulse
Ī RepTrakĀ® Pulse
UK 82.7 52.8 -29.9
SPAIN 74.8 47.1 -27.7
ITALY 77.9 52.2 -25.7
FRANCE 76.1 51.3 -24.8
GERMANY 80.6 57.1 -23.5
US 69.7 61.0 -8.7
VW RepTrakĀ® Pulse in Germany and VOW.DE Stock Price: Q1 2015 through January 2016
59Crisis hits your reputation harder if your reputation is already weak. Be aware of industry belonging!
RepTrakĀ® Pulse
Score 40-59 70-7960-69
Reputation Loss post a negative
event - 15 - 11 - 6
CRISIS AND REPUTATION
Industry
Reputation Loss post a negative
event - 23 - 8 - 6
CRISIS AND INDUSTRY
Banking Consumer Goods
Pharma
1
2
3
4
60Reputation risk and how to manage it
ā¦That impacts stakeholdersā perception and
behaviourā¦
A reputation risk is a potential negative eventā¦
What it is
ā¦and ultimately impacts on business results
61
ExerciseTake two minutes to jot down
the reputational risks to your business
List the top five....
62
63
64Managing reputation risk
65
Perception
- 13,3
- 25,7Max loss on reputation score in case of risk
1
2
3
4
What is more at stake in case of risks?
66
1 Accounting malpractices
2 Bankruptcy fraud
3 CEO resignation after a financial scandal
4 Child labor in a supplier's factory
5 Delayed reporting of defects
6 Fraud and abuse allegations
7 Homophobic comments of top management
8 Incoherent communication of corporate strategy
9 Labor strike in emerging market
10 Mandatory product recall
11 NGOs very critical against a plant
12 Price increase
13 Product fraud
14 Bribery of Public officials
15 Repeated product recalls
16 Service changes and interruption
17 Sexual harassment
18 Strong layoffs
19 Unaware utilization of toxic packaging
20 Wage Renegotiation
The top 20 reputation risks Every company needs to monitor
How many of you are
monitoring these risks?
67
The process that tracks PROGRESS and provides input to the
organisationover time
The factor that describes how likely it is that
the RISK will materialize and how
it will impact stakeholder perceptions &
support
3. Monitoring1. Impact 2. Readiness
The factor that defines how PREPARED the
company is to identify, mitigate and
respond to a crisis
MITIGATION
Reputational Risk ā Three key variables need management
68Risk Register
Template - Risk Register
No. Description of Risk Area/Division Risk Type Impact Likelihood Control rating Risk Score Planned Response Mitigation/controls Risk Owner
Summary of Risks: X = Low Y = Medium Z = High
1 = minor 2 = significant 3 = v significant
1 = may occur 2 = likely 3 = very likely
1 = fully under control 2 = somewhat controlled 3 = poor/inability to control
1 -4 = Low 5-11 = Medium 12-27 = High red alert
69
Risk Readiness - five steps
1.ā¦identify reputation risks
2.ā¦predict potential damage
3.ā¦responsibility is clear
4.ā¦crisis management plans are well defined
5.ā¦reputation embedded in company culture
70
Niamh Boyle, Managing DirectorOffice: +353 1 661 [email protected] Reputations Agency, 25 Merrion Square, Dublin 2
Dennis TourishProfessor of LeadershipRoyal Holloway, University of LondonCo-editor of āLeadershipāEmail: [email protected]
DYSFUNCTIONAL LEADERSHIP IN CORPORATIONS
Ken LayAKA āKenny Boyā
Jeffrey Skilling
Amazon May 2016- 163253 books with āLeadershipā in their title. If you read one every day including weekends it would take you 447 yearsā¦.
BUT ā there are only346 books with āFollowershipā in their title We have a fixation on leadership, though without followers there are no leadersā¦
SOME ASSUMPTIONSā¢ Followers should
conform ā mostly, do what they are told
ā¢ Leaders know best (but do they always?)ā¢ Dissent is resistance
to be overcomeWhoās the bossBBC 2March 2016
INVOLVEMENTā¦ AND POWER
INVOLVEMENTā¦ AND POWER
A MAJOR SOURCE
OF ERROR???āThe temptation to tell a Chief in a great position the things he most likes to hear is one of the commonest explanations of mistaken policy. Thus the outlook of the leader on whose decision fateful events depend is usually far more sanguine than the brutal facts admit.ā
Winston Churchill (1931) INGRATIATION...
āA lot of times in politics you have people look you in the eye and tell you what's not on their mind.ā --George W. Bush, Sochi, Russia, April 6, 2008
EFFECTS OF FLATTERYā¢ A study of 451 CEOs looked at the impact on them of
more intense and frequent flattery (e.g., offering exaggerated compliments) and opinion conformity (e.g., expression of agreement even when people don't agree).ā¢ Flattery and opinion conformity linked to CEOs having more favourable evaluations of their own strategic judgments and leadership skills, being less likely to make strategic changes when firm performance suffered, and more prone to lead firms that suffered persistently poor performance.
Hyuan Park, Westphal and Stern, ASQ, 2011
EFFECTS OF NARCISSISMā¢ Highly narcissistic CEOs less responsive to
whether recent firm performance was good or bad - continued to make equally risky investments (e.g. acquisitions of new companies) regardless of recent performance. Their less narcissistic peers more cautious in bad times and tended to take bigger risks during good times.
Chatterjee and Hambrick, ASQ, 2011
EFFECTS OF NARCISSISMā¢ Less narcissistic CEO's werenāt affected
much by media praise. The highly narcissistic made riskier investments after getting praised in the media. The narcissists were swayed more by "social praise" and less by recent performance!
ā¢ āThe only benefit of flattery is that by hearing what we are not, we may be instructed what we ought to be.ā
Jonathan Swift
IRRATIONAL BIASā ILLUSORY SUPERIORITY
ā¢ 69% of drivers consciously worry about being killed when driving
ā¢ Only 1% believe they drive worse than average
ā¢ 98% think they are safer than, or as safe, as the average driver. Brake (Road Safety Charity) Survey of 800 UK adults, March 2011
āHave you ever noticed that anybody driving slower than you is an idiot, and anyone going faster than you is a maniac?ā George Carlin
PROBLEMS WITH FEEDBACK
People are especially sensitive to negative input ā the āautomatic vigilance effectā
HOW WE TREAT CRITICAL
FEEDBACKā¢ Subjecting critical
feedback to criticism/ accepting positive feedback
ā¢ āI DONāT BELIEVE ITāā¢ Deny failure
WHAT CAN BE DONE?
ā¢ Seek out formal and informal contact with people as often as possible
WHAT CAN BE DONE?
ā¢ Scrutinise positive feedback more rigorously than negative feedback
ā¢ Institutionalise dissent into the decision-making process ā e.g. promote/ cherish/ reward contrarians
ā¢ Create a culture that confronts āthe brutal facts of realityā ā i.e. where the truth is heard
A CLIMATE WHERE THE TRUTH IS HEARD
Lead with questions, not answers
Practice saying:ā¢ āI donāt knowāā¢ āWhat do you think?āā¢ āWhere have we gone wrong?āā¢ āWhat could we do better?ā
A CLIMATE WHERE THE
TRUTH IS HEARDEngage in debate, not coercionā¢ Have chaotic meetingsā¢ Loud debateā¢ Heated discussionsā¢ Healthy conflict
Career development for company secretariesValerie Teller, Switched On CoachingWith Conor Ryan FCIS, President, ICSA Ireland
Outline for this session
1. What are your long-term career aspirations?
2. How do you raise your profile?
1 | What are your long-term career aspirations?
ā¢ What do you really want?
ā¢ What is important to you?
ā¢ When you are 95, what will you want to say about your life?
2 | How do you raise your profile?
From their perspectiveā¦ā¢ When it comes to your career,
who are your stakeholders?
ā¢ Whatās important to them?
ā¢ How can/do you make their jobs easier?
From your perspectiveā¦ā¢ What is it that you see/know
about your organisation that others donāt?
ā¢ What is important about what you do?
ā¢ How does the co sec function add value to your organisation?
2 | How do you raise your profile?
A few tipsā¢ Create opportunities by creating connections
ā¢ Stretch your comfort zone ā itās like a muscle
ā¢ Get support
2 | How do you raise your profile?
BE CURIOUS
Career development for company secretaries
What will you take away from todayās session?
Thank you
Risk Culture and Risk Culture InspectionsICSA Conference 2016
24th May 2016
Mark Burke Chief Risk & Compliance Officer, Mediolanum Ireland
107
Agenda
Background & Context
What do regulatory authorities mean by culture?
Drivers of Culture in a firm
Conclusion
Indicators of a sound risk culture
What has brought about this focus on culture?
108
Global Financial Crisis
Legalistic approach to point-of-sale disclosure
Sufficient awareness of clients behavioural biases?
How to safeguard rather that inadvertently profit from these?
Prevailing view that weakness in culture at the heart of the financial crisis
Is point-of-sale material there to protect the company or inform the customer?
109
Agenda
What do regulatory authorities mean by culture?
Background & Context
Drivers of Culture in a firm
Conclusion
Indicators of a sound risk culture
110
What do regulatory authorities mean by culture?
Culture is like DNA: it shapes judgements, ethics and behaviours that matter to the reputation and performance of the business
It shapes the service provided to customers and clients
An effective culture is one that supports:
ā¢ the fair treatment of customers, and
ā¢ Promotes sound risk taking and risk aware decisions throughout the business
Examine culture though the lens of doing the right thing
Ownership and responsibility for ensuring risk aware and client focussed outcomes rests with each and every employee and should not be seen as something that can be delegated to the risk & compliance functions
111
Agenda
Drivers of Culture in a firm
What do regulatory authorities mean by culture?
Background & Context
Conclusion
Indicators of a sound risk culture
112
Drivers of Culture at a firm
Examine culture through the lens of doing the right thing whether from a risk or conduct perspective
- Strong Corporate Governance
- Setting the tone from the top
- Translating this into easily understood business practices through values such as accountability and ensuring effective communication and challenge
- Supporting the right behaviours through performance management, employee development and reinforcing these through reward programmes
The responsibility for ensuring the right outcomes resides with everyone at the firm, led by senior management, and not something delegated to compliance or control functions
113
Agenda
Indicators of a sound risk culture
What do regulatory authorities mean by culture?
Drivers of Culture in a firm
Conclusion
Background & Context
ā¢ Succession planning processes for key positions
ā¢ Focus on financial and non-financial incentives
ā¢ Job rotation between control functions and
business lines
Incentives and Behaviours
Tone from the Top
Accountability
Effective Communication & Challenge
ā¢ Board Ownership of Strategy
ā¢ Alignment of Strategy with Core Values
ā¢ Leading by example
ā¢ Learning from mistakes
ā¢ Ownership by the front line
ā¢ Common understanding and awareness at all levels
ā¢ Clear escalation processes to support risk management
ā¢ Consequences are clearly established
ā¢ Established mechanisms to facilitate communication and
ā¢ Bring alternate views to the decision making process
ā¢ Risk function seen as a genuine business partner
ā¢ Ongoing training on the institutionās desired behaviours
Indicators of a sound risk culture
115
Agenda
Conclusion
What do regulatory authorities mean by culture?
Drivers of Culture in a firm
Background & Context
Indicators of a sound risk culture
116
Key Takeaways
ā¢ Greater awareness of the importance of culture in driving key behaviours in firms
ā¢ Having a framework to demonstrate the various mechanisms in place toā¢ Monitor,ā¢ Shape, andā¢ Influence the culture within the firm over timeā¦
to deliver risk aware decision making and good consumer outcomes.
Sports governanceJim Boyce, former Vice President, FIFA
ODCE and the Companies Act
One Year on
Kevin PrendergastHead of Enforcement, ODCE
ODCE Impacts In insolvency
Offering restriction undertakings to remove the need for High Court proceedings
Power to wind up companies in public interest ā none to date
In examinership ODCE must get copy of report to the Court ā small
number to date
ODCE Impacts
In enforcement Auditors must report offence of financial statements
failing to give a true and fair view ā no reports to date ā preparing guidance for auditors
Directorsā loans can be validated by new Summary Approvals Procedure ā have found one example of this being undertaken
Other judicial developments Significant Court of Appeal judgement
DCE v Walsh & Ors, disqualification action by the Office under what was s160(2)(h) CA 1990, now s842(h) CA 2014, company struck off with debts owing
High Court declined to disqualify on basis of general economic downturn, lack of qualifications of directors, scale of enterprise, past behaviour
Court of Appeal judgement in January 2016
Other judicial developments Key aspects of judgement
āFinancial maelstromā does not change nature of the law
Scale of enterprise and qualifications of directors are irrelevant
Other past behaviour irrelevant Passive directors cannot be exonerated on that basis,
all director expected to take steps to secure compliance
Thank You
Further Information is available fromwww. odce. ie
Panel discussion: The Companies Act ā one year on
Conor Sweeney, CLS Chartered SecretariesMaureen OāSullivan, Registrar of CompaniesKevin Prendergast, ODCERuairi Cosgrove, PwCSal Nash, KPMG