The ever-widening scandal over Volkswagen AG’s violations of US auto emissions tests is such a high profile story that it’s easy to overlook how rare events like these are. In a risk management context their rarity increases the chances of companies being caught unawares and incurring huge damage.
In his new book The Power of Resilience: How the Best Companies Manage the Unexpected MIT CTL Director Professor Yossi calls such events black swans, a term popularized by Nassim Talebin in his 2007 book about occurrences that are thought to be impossible.
Sheffi describes the dangers of black swans as well as mitigating strategies in a recent Wall Street Journal Guest Voices column.
As he argues, when safeguarding their supply chains against disruptions, companies commonly assign the highest priority to events that happen relatively often and hit hard. Focusing on those with the highest likelihood and the greatest potential impact certainly seems like a logical approach to risk management.
Except that these are not the worst perils that companies face. In fact, events that rarely happen but wreak havoc pose the most dangerous threat to corporate health.
Examples of such rare but high-impact events include Hurricane Katrina in 2005, the BP Horizon oil rig explosion in 2010, the 9/11 terrorist attack, and the tsunami that hit Japan in 2011. This October South Carolina was hit by what Gov. Nikki Haley called the worst rains “in 1,000 years,” causing record-setting floods and fatalities and shutting major transportation corridors.
Volkswagen AG’s emissions test-fixing scandal is another high-impact/low-likelihood event. Who would have thought that the biggest and most famous company in Germany, a country known for its precision, straight-laced dealings and strong green movement, would be caught cheating on auto-emissions tests?
As is typical with this type of risk, the damage to Volkswagen is acute and likely to be long-lasting.
It’s not that high-impact/high-likelihood disruptions are not worrisome; their impact can be devastating for the ill-prepared. However, because such events occur relatively frequently or hit other companies, enterprises can imagine the outcomes and prepare for them. This may create something of trap for companies, allowing them to believe they have prepared for high risks when they are more exposed than they know.
Black swans are never rehearsed because they are perceived as beyond-the-pale disruptions. Yet the likelihood of a black swan is not zero.
Three principles are important to keep in mind in this context.
First, statistical reasoning, the basis for most forecasting, is based on history, which may not repeat itself. Second, the worse disruption will always take place in the future (because the past is bounded and the future is not). Lastly, lack of evidence of a possible disruption is not the same as evidence of lack of potential disruption.
The changing nature of supply chains has made it more important to consider the potential impact of the black-swan event, even if the events themselves are difficult to imagine.
Over the last two decades, supply chains have become increasingly long, complex and more vulnerable. Global supply chains that rely on deep-tier suppliers provide brand owners less visibility and diminishing influence over their own operations. At the same time, changing population patterns and severe weather phenomena are driving an increase in the number of significant disruptions.
The impact of major disasters on business also is growing due to the prevalence of “lean” operations, which allow for minimal inventory as a buffer.
Still, there are ways to prepare for unimaginable disruptions.
Creating and maintaining an emergency operations center ensures that a response can be triggered quickly. Knowing who to call to staff the center when a crisis hits is critically important. Supply-chain professionals who possess a deep and wide familiarity with the company’s operations and processes, and engineers who can qualify new suppliers and materials quickly, should be on the team.
Likewise, the ability to quickly identify a disruptive event and to respond immediately is critical to a company’s efforts to keep global operations running and to recover.
Over the last five years the use of sensors that detect threats ranging from tsunamis to suppliers in financial difficulty has become widespread.
A new crop of software applications are able to take such data, along with other information about worldwide events and translate that into recommended actions for a company. Applications can use tailored knowledge of supplier locations, bills of material, and the role certain products and customers play in supply chains to prioritize responses. Such systems are becoming essential to fast detection and efficient response.
And learning from experience will continue. For example, following the Volkswagen debacle many companies might start instituting engineering audits on top of financial audits to discover potential disasters.