A number of unexpected catastrophes and shortages dominated the headlines in the first quarter of 2011. Japan was hit by a magnitude 9.0 earthquake and tsunami that caused a nuclear disaster, persistent power outages, and a host of other major societal and economic challenges. China sharply tightened its limits on exports of rare earth minerals, on which the information technology, automotive, and energy industries rely. The nations of the Middle East and North Africa experienced severe political eruptions, including civil war in Libya and regime-shaking protests in Algeria, Egypt, Iraq, Jordan, Syria, and Tunisia, which pushed oil prices above US$100 per barrel. Portugal and Greece tottered on the edge of insolvency, destabilizing their political leaders. Christchurch, New Zealand, was hit by two major earthquakes in quick succession, and the state of Queensland in Australia suffered the worst floods in recorded history in at least six river systems, resulting in great social and economic disruption.
All these events are examples of the kinds of high-magnitude, low-frequency upheavals that Nassim Nicholas Taleb labeled black swans, after a historical reference to their improbability. In The Black Swan: The Impact of the Highly Improbable (Random House, 2007), Taleb defined a black swan as “an event with the following three attributes. First, it is an outlier, as it lies outside the realm of regular expectations, because nothing in the past can convincingly point to its possibility. Second, it carries an extreme impact.... Third, in spite of its outlier status, human nature makes us concoct explanations for its occurrence after the fact, making it explainable and predictable.”
Whether environmental, economic, political, societal, or technological in nature, individual black swan events are impossible to predict, but they regularly occur somewhere and affect someone. Some observers argue that the frequency of these events is increasing; others say global communication networks have simply made us more aware of them than we were in the past.
In any case, with the rise of global business, it is likely that black swans carry increased risks for your company, including negative impacts on your customers, suppliers, partners, assets, operations, employees, and shareholders. Today, not only can a catastrophe in one part of the world affect the sourcing, manufacture, shipping, and sale of products locally, but the interconnections of global financial, economic, and political networks ensure that the effects of such events ripple around the world.
ERM Is Not Enough
Typically, a large company relies on its enterprise risk management (ERM) department to identify potential business disruptions, map out their most likely effects, and develop mitigation plans and preventive actions to reduce the risk exposures. After the multiple and severe disruptions of the past decade, starting with the terrorist attacks of September 11, 2001, the ERM functions at most companies have become well staffed with risk managers who work diligently to protect their company across strategic, operational, financial, and hazard risk categories. Through this process, ERM has become an indispensable member of the global functional teams in most large companies.
Most ERM groups focus their attention on the risks that businesses most frequently encounter — such as whether the enterprise is complying with regulations, suitably accounting for its activities, and operating in an ethical and legal manner — rather than on black swans. And this approach is appropriate. First, ERM resources are limited and must be invested in mitigating high-frequency risks, as well as servicing the growing demands imposed by Sarbanes-Oxley and other financial and regulatory requirements. Second, high-magnitude, low-frequency events can stem from sources too numerous and too varied for the ERM team to identify in full. Third, the internal politics and culture of many large companies unintentionally create blind spots that can be very difficult to penetrate for internal staff members using standard ERM tools.