Office team developing a crisis response plan
Oct 2022 | Fraud Prevention
By Posted by Jim Steven

Around half of UK business leaders surveyed in recent research said their organisations didn’t have crisis response plans in place

That’s a startling statistic when you consider that more than three quarters of respondents (78%) said their organisations had experienced a crisis in the past 18 months that had impacted customers, with the most frequent crises experienced including data breach of consumer information (78%), product recall (76%), cyber-attack (74%) and ransomware attack (73%).

These are among the findings of independent research carried out on behalf of Experian into crisis preparedness, response and recovery. 500 senior business leaders and more than 2,000 members of the public were surveyed about their experiences of crises over the preceding 18 months.

That was a period in which Covid-19 transformed the way many organisations operate, and accelerated the switch to remote working and a digitally led economy. It exposed businesses to new risks, and propelled risk management to the top of the boardroom agenda.

Insights into crisis readiness

In our research, we wanted to find out how organisations had adapted in this environment to improve their resilience, how they were organising their resources to better respond to future crises, and how they were mitigating impacts on consumers.

Download the full whitepaper

You can read a detailed summary of the findings in our whitepaper: Crisis Response: Assessing the readiness of UK organisations to manage the impacts of a consumer crisis.

Download whitepaper

In this blog post I’d like to outline some of the key insights, which highlight the issues facing organisations preparing for any crisis, the vulnerabilities they need to address, and the responses required to meet public expectations.

Facing up to the risks and costs

Firstly, our findings confirm that the risks to organisations are very real, and are well recognised by business leaders. All organisations surveyed (100%) felt they were at risk of crisis within the next 18 months. Among the greatest concerns were cyber-attacks, health emergencies, ransomware attacks and IT system failures.

If a crisis did occur, leaders identified some of the things they were most worried about. These included:

39%

Financial impact and high costs to the business

36%

Complaints / legal action due to poor response

29%

Negative impact on customers if crisis not handled well

The financial costs of failing to prepare for or respond well to a crisis are significant. Survey respondents in businesses with a turnover of £1m- £9.99m thought it would cost 36% of turnover. That equates, on average, to a cost of £1.97m . In businesses with a turnover of £50m-£99.99m, leaders thought it would cost 43% of turnover, which equates to an average cost of £32.24m .

Misplaced confidence

However, there were high levels of confidence among leaders in their organisations’ ability to deal effectively with a crisis. More than 70% said they were confident. But our survey findings suggest this confidence may be misplaced. We found that:

HAD A CRISIS RESPONSE PLAN IN PLACE:

50%YES

38%NO

13%DON’T KNOW

HAD A BUDGET ALLOCATED TO CRISIS RESPONSE:

49%YES

39%NO

11%DON’T KNOW

CARRIED OUT REGULAR RISK AUDITS:

45%YES

42%NO

13%DON’T KNOW

Until a crisis strikes, it’s difficult for leaders to comprehend the level of costs and resources required to respond effectively, and the extent of communication and resource management needed to minimise impacts. A swift and targeted response is key to minimising the financial, reputational and emotional damage caused. That’s why it is so important to recognise any gaps in advance and plan in advance to minimise damage.

Who is responsible?

There is also uncertainty about who within the business is responsible for crisis response planning. Almost half of respondents (41%) felt it was the responsibility of the IT department. But when you consider the wide-ranging impacts of a crisis on every part of the business, and the resources required to respond effectively, it’s clear that an effective response will demand expertise beyond the IT team, including legal, C-suite, communications, customer service and other departments.

Positive outcomes

The survey also looked at the benefits to businesses of an efficient crisis response. We asked leaders what they thought would be the biggest benefits to come from a positive response to a crisis:

46% - Increased customers and business

Increased customers and business

43% - Avoiding reputational damage

Avoiding reputational damage

42% - Retaining customers

Retaining customers

The findings of our consumer survey backed up these assertions. We asked people how they would react if an organisation they dealt with handled a crisis situation positively and kept them well informed:

46% - Continue to be a customer

Continue to be a customer

43% - Think favourably of the organisation

Think favourably of the organisation

31% - Recommend the organisation to others

Recommend the organisation to others

16% - Post about it on social media

Post about it on social media

It’s clear that planning a consumer crisis response properly in advance brings many benefits to a business and its customers, and could ultimately be the difference between survival and failure.

Want to know more?

Take a look at the detailed findings in our whitepaper: Crisis Response: Assessing the readiness of UK organisations to manage the impacts of a consumer crisis.

To find out more about crisis response planning, please visit our Data Breach page and contact one of our specialists to ask about our crisis response services. Feel free to also connect with me on LinkedIn.