Crisis Management in the financial sector
Starting my work experience in the financial sector, crisis management was classified as a vital pilar and for the management organization.
In that beloved Bank that gave me the opportunity to learn, train and grow professionally, I learned to manage the crisis before its occurence, taking preventive measures and timely reactions to different events of interruption or not, that trigger in crisis.
Currently in my professional practice, I interact with multiple industries, each with different visions about crisis management, however, it is recurrent to note that this discipline is not as strong as others that help with business continuity and/or resilience support.
From my experience, I consider that crisis should pre-emptively contemplate various scenarios that directly or potentially can cause a crisis and define preventive and containment measures in it, in case they materialized or can materilize.
What do I mean?, it is advisable to be clear that issues related to reputation, profit, errors, operations, interruptions of operations among others, can potentially generate a crisis, taking into account its impact and speed with its information is disseminated nowadays.
It is important to clarify that not all events are contained into the crisis table, cibersecurity events, business interruption, facility emergencies such as a fire, require an immediate response and they can trigger a crisis with the escalation of it. Precisely these are potential crisis are left out and not integrated into crisis management.
Some Points to review the Crisis Management:
- What happens if a unsoppable incident evolves with the emergency plan with the help from local authorities, that is previously integrated with the crisis committee? At what point in the emergency should it escalate?
- If I present information securtiy attacks and I contained them with the previous defined plans, at what point is defined the need to scale them?, Can they potentially trigger a crisis? How to define it? How to measure it?
- If we have an operational error with a potential impact, do you have a moment to stem it?
Three examples that can be presented and do not necessarily have the clarity of the escalation or steps to follow wothing the plan.
Also in some plans it scales when the situation can not be contained and the impact is high and should handle a reactive approach.
Looking for agile improvent opportunities, I make the following recommendations:
- Identify the potential scenarios that can trigger a crisis, keep in mind that reputations is very critical, but there are other events not directly related to reputation that activates crisis.
- Define the activities of initial containment and first response, unify alarm levels that allow clarity of the point at which notification to the crisis committee for decision – making should be initiated, actions or monitor the evolution of the event.
- Integrate first response fronts, offering clear guidelines, communication channels and margins of decision and action.
- Communicate, train your staff, and test your definitions with various crisis scenarios.
- Post-crisis or potential crisis, conduct at lessons learned session with those involved and identify opportunities for improvement to update their plans and successes that they must replicate in the future crisis.
Remember…. Something that can not be measure, does not improve!