Guest post: Legislating for Black Swans – legal considerations for business crisis management

Steve Whiter of Appurity looks at the communications technologies that are being deployed to help law firms and their clients mitigate the impact of crises.

There is a risk management principle known as ‘Black Swan Theory’. It proposes, broadly, that conventional risk assessment practices are flawed, because they take insufficient account of what statisticians call ‘outliers’ – events that are unlikely, but may have massive impact.

Sadly, one of the factors driving the rise of business crisis management as a practice is the increasing incidence of events that would once have been considered outliers. Acts of terrorism, flooding, ransomware attacks – they make headline news and serve to heighten the focus on how organisations deal with significantly disruptive events, of human or natural origin.

For legal practices, there are two major considerations. The first is how to assist clients affected by serious incidents; the second is how to protect the practice itself against the impact of a crisis.

The fine legal print of crisis response, encompassing liability, post-event legislation and mitigation of reputational damage, is outside the scope of this article. What we can consider are some of the practical steps that legal firms can take to help deal with a crisis, which may also form part of the advice given to clients.

It’s worth acknowledging at this point that the term ‘crisis’ is relative. Not every incident is on the headline-making scale of a major disaster. But for a medium-sized engineering firm, a small explosion and fire, which causes minor injuries, can have serious consequences, perhaps even threatening the existence of the business.

Any hint of negligence, or possible breach of safety regulations, may leave the company open to claims for compensation, as well as significant fines. Ultimately, however, the reputational damage to the company, in the local community and within its industry, may prove even more harmful.

Employees can be properly compensated. Fines can be paid. Buildings and machines can be repaired. But gossip, misinformation and sensationalised news reporting are elusive and capricious foes. And in business, as in politics and almost everywhere else, the perception is the reality.

This is why one of the most important aspects of crisis management is the role of communication as the incident is unfolding. In the post-event investigations, whether your client or your own practice is under scrutiny, you must be able to demonstrate that the response to the incident was as effective as it could be.

It is not enough to show that you or your client ticked all the boxes of regulation and compliance. Following the letter of the law may serve to fend-off prosecution, but the local community, the press that serves it and the key influencers in the industry will not be so easily appeased. In assessing the response to any crisis, they’ll focus on the drama, not the truth.

With the right communications infrastructure in place, you can act swiftly to mitigate the impact and avoid the worst possible consequences. You can also capture an audit trail of your response, providing documentary proof that you did all you could to prevent harm and contain the threat.

Of course, one of the paradoxes of modern communications technology is that it often makes effective communication more difficult. Do you call someone’s mobile, or try to reach them with an instant message? Or both, plus email, a call to their desk phone, and a message via social media?

In a crisis, there’s no time to juggle communication links. And if the usual communications networks have failed in the area affected by the incident, you need to know that mobile networks can still get you through to the people you need to reach.

This is why many organisations are adopting unified communication technologies, such as the BlackBerry® AtHoc Network Communications Suite, to form the backbone of their crisis response. These solutions bring together mobile, hybrid cloud and the IP network to enable real-time collaboration between all key personnel as the incident proceeds.

Crisis management teams can use communication dashboards, on a desktop or on a mobile device, to see all the affected areas and keep track of people on the front line. They can enable two-way communication between all the key stakeholders, regardless of the devices or networks they may be using.

Geo-location capabilities automatically show where everyone is, and who is on the move, so that resources can be directed immediately to where they are most needed. Users on the ground can also file status reports and call for additional assistance.

An effective collaboration and communication system should also allow communication with third-party organisations, such as blue-light services. This can help to limit the impact of the incident by ensuring a rapid and co-ordinated response from all concerned.

But these days, it is not only people that can help to resolve emergencies quickly. Automated devices such as fire panels, sirens, entry systems, cameras and other systems can all provide valuable intelligence to the key decision makers.

Unified crisis communications systems can create an instant internet of people and things, providing real-time information and interaction between everyone and everything that is connected. And in the aftermath of the event, they can provide second-by-second accounts of what really happened.

Perhaps Black Swan Theory is an extension of Murphy’s Law: the principle that whatever can go wrong, will go wrong. What the Black Swan adds to Murphy’s remorseless logic is the possibility that whatever goes wrong can be managed and its impact mitigated, provided the right plans and resources are in place.

And, as with so many legal matters, the success or failure of a plan relies heavily on effective communication. We can resolve almost anything, if we can only talk to each other.

Steve Whiter is a director of Appurity, specialists in business mobility, with extensive experience of secure communications for the legal profession.