Black Swan – an unwarranted excuse for management failure and its implications

The impact of COVID-19 has led managers world-over to use the terms black swan at their will, often without any reservations. This however isn't surprising, given the increasing popularity of the word since the financial crisis of 2008. But the question risk managers have to ask themselves is whether, is this pandemic really a black swan event?  

It is therefore imperative to truly understand the essence of the Black Swan Theory to answer our question. Nassim Nicholas Taleb, the person credited for popularising the term, in his book ‘The Black Swan’ highlights 3 attributes of a black swan event, 

First, it is an outlier, as it lies outside the realm of regular expectations, because nothing in the past can convincingly point to its possibility.

Second, it carries an extreme 'impact'.  

Third, in spite of its outlier status, human nature makes us concoct explanations for its occurrence after the fact, making it explainable and predictable

Taleb summarises the attributes as rarity, extreme impact, and retrospective (though not prospective) predictability.  

While the COVID-19 undeniably has the characteristic of ‘extreme impact’, which is evident from the economic shrinkage of even the first world countries, its predictability is highly debatable. Experts have been highlighting the threat of a pandemic and pointing out how vulnerable the governments and  various organisations are to it. As far as probability of occurrence is concerned, the UK National Risk Register of Civil Emergencies -2017 Edition  gave 4 out of 5 for the likelihood of a pandemic influenza, with a risk score of 20 of 25, it stood at the top of the risk table. The GPMB, a body backed by the World Bank and WHO, in its Annual Report -Sep 2019 in the foreword stated that  

there is a very real threat of a rapidly moving, highly lethal pandemic of a respiratory pathogen killing 50 to 80 million people wiping out nearly 5% of the world’s economy . 

Many other organisations in the Hospitality, pharmaceutical and the like sectors had also recognised the risk of a pandemic. It is also logically obvious to recognise such a risk, for the world has seen an average of 3 pandemics in a century. Statistically the COVID-19 may have been under-due, but it wasn’t unforeseeable.  

However, a diligent view of the third attribute of Taleb’s theory discourages any retrospective predictability of the event, and when seen in conjunction with the first attribute, stripping any event of its ‘black swan’ title in the aftermath of such event, is improbable and invites the crocodile dilemma. Therefore, we alternatively have to ask the question that irrespective of categorisation of the pandemic as a black swan event, aren’t risk managers responsible for a Business Continuity Plan? An error or deviation in estimate is understandable, but how do we justify turning a blind eye to LPHI (low-probability-high-impact) events altogether.

It is high time for organisations to understand risk management in its essence, and embed risk based internal audits into the very business fabric. Business environment today is dynamic than ever before. Traditional internal audits are no match to this turbulent business environment. For example traditional attendance controls have become irrelevant in remote work environment, while cyber security threats are at all time high even to the industries that were not vastly dependent on IT infrastructure. The exposure to credit risk has significantly increased and is expected to increase further with the domino-effect kicking-in with a default in supply chain. It has in-fact become impracticable for many organisations to update existing risk register given the high volatility and complexity of risks, whereby organisations have resorted to radically redesign their risk registers to cater to the current business environment.  

Risk management or internal audit which has been conventionally placed as the third line of defence should be placed at the forefront of organisations. The pandemic has clearly distinguished the risk enabled organisations from the risk naive ones. While the latter were formulating and communicating a recovery strategy to the people in the organisation, the former already had the risk culture and the continuity plan to handle the situation. 

Presuming the Pandemic to be a Black Swan event not only obscures management responsibilities, but also hinders the organisation’s preparedness for any LPHI events in the future. In doing so, organisations not only incur huge reputation risk, but also lose-out on the plethora of  new opportunities that any event brings with it.

Author,

Manish Solanky