I travelled from Tashkent to Moscow on an Aeroflot Ilyushin 86 in the early 1980s. The seats were basic metal framed deckchairs, screwed to the floor1. Why don’t airlines nowadays use simple deckchairs on airplanes, instead of very heavy, crash-resistant ones? The fuel saving alone would be enormous and the temptation, especially to low cost carriers, must seem overwhelming.
The answer is obvious, I hear you say; safety. But airlines spend hundreds of millions of pounds avoiding the risk of having an accident, so the chances of being in a plane crash is around 1 in 10 million each year. So why spend all that money buying and transporting excess metal when there is a vanishingly remote chance of it ever being needed?
Airlines, like most safety-critical operations, think very hard about risks and how to manage them. They think through three lines of defence of a risk;
Avoid – The best risk is one that never happens, so the top priority should be to try to avoid it. “If you think safety is expensive, try the alternative”.
Trap – If you are going to manage a risk, you need to know when it has happened and what has happened. That may seem obvious, but history is replete with examples of people not spotting something going wrong early enough, or being confused about what has happened. The meltdown at Chernobyl is a good example of the confusion that can beset those managing a risk-situation. The operators didn’t understand the significance of all the malfunction warnings happening at once.
Mitigate – If you acknowledge a risk exists, then you should always plan what you would do if it did happen, and how you would then reduce the harmful impact. It is unwisely complacent to gamble that your avoidance strategy is so good that it is 100% effective in any circumstance. For an airline, this means that, even though the chances of needing them are minimal, they install over-engineered seats to provide some protection even in a very severe accident.
This ‘threat and error management’2 is how high-risk industries think about risk. Let’s then look at how companies address their corporate risks.
The typical company risk-model is more like a deckchair – looks great, but you wouldn’t use it in a storm. Executives tend to be confused about how to respond to corporate risks, and the dreaded boilerplate gets polished up. The standard corporate risk model will have a risk, a probability of it happening, and a ‘mitigation’. It might then calculate a financial impact of the risk happening, with (gross) and without (net) any ‘mitigation’.
Mitigations in corporate risk registers are usually just measures that reduce the probability of the risk happening, ie risk avoidance. This example, taken randomly from a recent annual report of a leading UK company (it’s doesn’t matter which company wrote it, as it’s typical of most), illustrates the point;
This risk is “Failure to deliver an effective, coherent and consistent strategy to respond to our competitors and changes in market conditions in the operating environment, resulting in a loss of market share and failure to improve profitability. “
This is a pretty fundamental and existential threat. Let’s analyse how the company describes its “key controls and mitigating factors”;
- “We now have a more consistent approach to building impactful customer propositions, offering high-quality and competitive value while improving the customer experience.” This could be described as a measure to try to avoid the risk happening.
- “Propositions are now developed across channels and geographies to ensure consistency in the engagement with customers. Group-wide customer insight management is undertaken to understand and leverage customer behaviour, expectations and experience across the different parts of the business.” Again, this could be described as an avoid
- “We monitor the effectiveness of our processes by regularly tracking our business and competitors against measures that customers tell us are important to their shopping experience.” This is a process to ‘trap’ the risk happening, ie alert the board if its customer proposition were falling behind.
- “We have well-established product development and quality management processes, which keep the needs of our customers central to our decision-making.” This could be described as another avoid
The analysis of this risk and its mitigations is, I believe, absolutely typical of corporate risk registers. It is reassuring to the point of complacency. Most ‘mitigations’ are in fact measures to try to avoid the risk happening. They reduce the risk of the event happening, but don’t say what they would do to reduce the harm if that risk actually did crystallise. For example, there is no clue as to what this company would do if its customer proposition fell behind competitors and it lost market share and profitability.
Of all corporate ‘mitigations’, perhaps around 90% are avoidance measures, around 5% relate to trapping the risk happening and less than 5% are actual mitigations that reduce the harm caused by the risk actually crystallising. In contrast, safety risk management is characterised by a much more even split.
Underlying all of this is corporate complacency about risks crystallising. Executives tend to believe that risks won’t happen to them, and so they don’t think enough about what they would do if that risk happened3. They use the risk model to reassure themselves – and shareholders – that they wouldn’t allow a risk to happen.
The Titanic’s look-out had no binoculars, as they were locked away and the key was in a storage locker. Failure to spot, or trap, a risk occurring can be as serious as failing to avoid or mitigate a risk. The Titanic had lots of deckchairs, but lifeboats for only half its passengers. The owners believed that the risk of it sinking quickly was so tiny that it didn’t need to prepare for that eventuality. Safety management has come a long way since then, and that’s why passenger aircraft are now weighed down with almost indestructible seats.
Ask yourself whether your corporate risk model demonstrates that the business is keeping its binoculars trained to spot risks looming into reality?
And then, does your corporate risk register rearrange deckchairs or does it plan for the unthinkable?
Notes
1 The main problem was the knees pressing into your back from the passenger behind you, as there was no cushioning from the single piece of fabric on which you sat. However, there are no reports of any passenger fatalities ever suffered on an IL-86.
2 More detail about techniques to understand risk is available here.
3 The value of thinking the unthinkable and planning for the worst case, and the psychology of crisis preparedness, is described in the excellent book by Daniel Kahneman “Thinking, Fast and Slow”.