Following Charlie's previous bulletin 'Crisis communications, a dark art?' about how you can develop a crisis response strategy from Timothy Coombs' Situational Crisis Communications Theory (SCCT), this week's guest author Jim Preen makes his case against SCCT.
In 2007 WT Coombs posited a crisis communication theory known as SCCT. It was an attempt to categorise the different types of reputational crises that an organisation might face and couple them with a process for dealing with each particular threat.
Coombs identified three types of crisis clusters: The victim cluster, the accidental cluster and the intentional cluster.
Victim clusters are events that an organisation is not responsible for, for instance natural disasters such as hurricanes or earthquakes. Presumably this could also include a terror attack that takes place close to a firm’s place of business.
Coombs claims these types of crises present ‘only a mild reputational threat’ to an organisation because they can’t be held responsible and are sometimes themselves a victim of the incident.
This is demonstrably wrong. Unfortunately, as we saw with the Grenfell fire in London, the emergency services, particularly the fire service, were roundly criticised for their response to the blaze which was hampered by failings in fire service protocols. Obviously, the fire service was not to blame for fire, but they were hammered in Sir Martin Moore-Bick’s report particularly for their failure to evacuate the building once it was clear the fire was out of control.
The report also castigated the fire service for communication failings. Control room operators (CROs) must stay on the line with callers at risk from a fire, but the number of callers at Grenfell far exceeded the number of CROs.
CROs were also criticised for not logging crucial information from callers and communication between the control room and the incident commander on the ground was also found to be poor. At one point, CROs told occupants the fire was confined to the 4th floor when it had in fact reached the top floor of the tower.
As to a terror attack, a firm can’t be held responsible for the incident, but may well be held to account for an unfocused or dilatory response, particularly if staff and other stakeholders are put at risk.
Coombs identifies accidental clusters or crises as ‘organisational actions leading to the crisis (which) were unintentional’. These are seen as a ‘moderate reputational threat’. Presumably the accidental cluster would include the Samsung Galaxy Note 7 phone bursting into flames.
Samsung didn’t mean for their phones to catch fire, but the idea that this disaster, which triggered the biggest product recall in corporate history, only caused a moderate threat to Samsung is laughable. Samsung’s communications were guarded and slow and stakeholders were told of ‘heat damage issues’, that left customers unclear whether any Samsung devices were safe. They also branded what was clearly a ‘product recall’ an ‘exchange’, creating further confusion. Samsung has since recovered, but at the time many commentators saw this crisis as an existential threat to the South Korean giant.
Intentional clusters are where an organisation knowingly places people at risk, takes inappropriate actions or violates laws and regulations. If your firm or your people are to blame for a crisis particularly when people have been hurt or have died, then the result will inevitably represent ‘a severe reputational threat’.
An example of an intentional cluster would be Volkswagen fitting ‘defeat devices’ to their cars to falsify emissions data. Despite assertions to the contrary it seems that the devices were fitted intentionally with the full knowledge of senior executives; they just didn’t intend to be found out. This story bears further investigation and we will return to it shortly.
I don’t have a problem trying to place crises into groups of severity, but I’m not sure it’s particularly helpful. Crises are slippery items that often defy categories or else slip through the cracks.
A much bigger problem with SCCT can be found when we look at the Crisis Response Strategies that Coombs formulated to overcome the clustered crises. I’ve seen these framed in various different groups. Here’s an example:
- We did not do it
- We did not intend to do it, and this is why
- Those who accuse us are at fault
- We will sue the accuser
- We are not responsible
- We didn’t mean for this to happen
- This crisis is not so bad/no one was hurt
- The victim deserved the consequences of the crisis
- The real problem is much larger (industry wide)
- Let’s look at the positive outcomes
- Thank you for your help/advice
- Please accept our apologies
- We will compensate victims
- This is how we will fix this problem
- We are the victim of this crisis
The vast majority of these strategies set to distance an organisation from a crisis using various tactics: denying a crisis exists, accusing others, going to law, denying responsibility, claiming victim status etc.
As mentioned at the outset, these responses were formulated back in 2007 when social media was still a toddler. (Twitter launched 2006. Facebook 2004.) These approaches might have worked in a pre-social media age but are unlikely to be successful today. Trying to dodge the blame for a crisis or indeed to blame others will likely see you hung, drawn and quartered in the very antisocial world of social media.
Today to overcome a major incident an organisation needs to own a crisis, in effect to be the grown up in the room who takes responsibility when things go wrong.
Volkswagen Emissions Scandal
A prime example of a firm not owning a crisis and suffering the consequences is Volkswagen. Their crisis broke in 2015 when the company admitted to installing defeat devices to cover up emission levels from their cars.
And how did executives respond? The Boss Martin Winterkorn issued a video apology saying, ‘It’s the mistake of a few people’. Social media proved remarkably resistant to that notion. The situation wasn’t helped when he said as he resigned: ‘I’m not aware of any wrongdoing on my part.’
In the States there was a clumsy effort at damage control with VW claiming defeat devices weren’t illegal in Europe. German regulators immediately corrected them of that misconception.
VW is currently being sued by the Securities and Exchange Commission in the US. The SEC claims the firm misled investors into parting with billions of dollars without admitting it had cheated emissions tests. Martin Winterkorn is also being sued.
In the US alone, VW has already paid out more than $30bn in fines and buying back affected vehicles.
The above is a catalogue of errors with senior executives trying to run away from a crisis and place blame elsewhere; effectively following the Coombs’ playbook. To say it didn’t work would be an understatement.
Now it could be argued that whatever VW did or said once their duplicity had been discovered would have made little difference, but I would argue that isn’t the case.
BA Data Breach
Why? Well let’s look at how British Airways handled their recent data-breach. In the Autumn of last year, the airline admitted that around 380,000 payment cards were compromised over a two-week period.
Hackers had installed malware into the company’s website allowing them to scoop up confidential bank data belonging to clients.
The first action required of BA was to reach all the customers who had been affected by the hack. This they did within 48 hours.
Thereafter, the boss, Alex Cruz, didn’t shy away from accepting responsibility. He became the face of the fight back, faced tough questions from journalists, issued an immediate apology and said no customer would be hurt financially.
It was an object lesson in crisis management and the importance of owning a crisis.
Subsequently the UK Information Commissioner’s Office has issued BA with a fine which they are appealing against. The breach will have cost them money and may cost them more as a result of GDPR, but their reputation was not unduly affected.
I’m all for business continuity plans, crisis playbooks and the rest, particularly when they are validated during a challenging simulation exercise. I’m a big fan of checklists and templates together with pre-scripted messages and holding statements.
What concerns me is when crisis response becomes too process driven. Crowbarring crises into predetermined groups and then attaching mitigation strategies may seem comforting, but can lead to misplaced confidence.
Crisis management is about leadership, prioritisation and an intuitive sense of how audiences will respond to your actions. In the hyper-active world of online comment and social media, Coombs’ methods seem outdated and ill-equipped to deal with the febrile nature of crises in the 20's and beyond.