A good friend of mine who ended his career as a very senior police officer once gave me an excellent piece of advice. He told me that anyone can manage an organization when things are going well — it is when things become difficult that true leaders emerge.
Being a true leader requires serious investment in training and preparation as well as individual flair. Get it wrong and organizations can be destroyed or careers blighted; think of Arthur Andersen or Martin Winterkorn of VW. Get it right and you fulfill your mandate to protect all stakeholders and preserve reputations.
Thirty years after my friend’s advice, I find myself surprised that crisis management still doesn’t leap out of Wharton, Harvard or INSEAD MBA curricula. That means that many leaders of major corporations can be assumed not to have had the training of their equivalent leaders in the police or military. Nor can the modern CEO necessarily rely on experience. It’s rare that they will have more than one major crisis in their career to deal with.
So in the absence of training and experience, how do you prepare for the proverbial Black Swan event?
History teaches us that influencing the media agenda can have a material impact on the actions of others — including regulators and the wider stakeholder community. That can be crucial to ensuring the best possible outcome for a corporation mired in crisis. But to exercise influence most effectively, a clear picture of the facts is essential.
The news that the Panamanian authorities have raided the headquarters of Mossack Fonseca was a likely consequence of the decision by France to place Panama on its list of uncooperative countries.
The leak of 2.6 terabytes of Mossack Fonseca’s data is by far and away the largest loss of confidential data in the history of leaks and dwarfs the Luxembourg files and Swiss (HSBC) disclosures in 2014 and 2015 respectively. The regulatory action, commercial and institutional damage caused by those leaks is very well documented.
But the leak, as significant as it is, has merely provided the key to the door — not just to Mossack Fonseca’s records but to the close knit community of other law firms that provide similar services in other offshore jurisdictions, and their clients.
Learning from the experience of previous leaks, tax authorities are cognizant of the value of information which they would not otherwise not have had access to.
The Joint International Tax Shelter Information & Collaboration Network (JITSIC) has already convened a meeting in Paris to discuss how revenue authorities from around the world will share and action the data that has been disclosed.
The tax authorities will not be alone. The Department of Justice in the United States, the UK Serious Fraud Office, and the intelligence communities will be very keen to understand what intelligence Mossack Fonseca’s files contain and where that information will lead them.
At the outset of his tenure, David Green QC, the Director of the Serious Fraud Office, emphasized the importance of intelligence-led investigations; now he has access to large volumes of the raw material he will need to start them.
So what does this mean for leaders of organizations that may have used Mossack or for that matter other offshore law firms? The answer is that they and their CEOs must prepare, and to prepare they must first understand the exposure.
It is of course important to caution that the use of such a firm may have been, and in most cases probably was, perfectly legitimate. But in the current climate of anti-tax avoidance fervor there will be contamination by association, as Prime Minister David Cameron has found to his cost.
Having detailed and comprehensive answers to provide to stakeholders, regulators and the media is therefore critically important.
If an initial analysis reveals uncomfortable historic or current issues, the challenge will really begin. The DOJ and the SFO (as well as tax authorities) require early disclosure and full cooperation in order for corporations and individuals to be given cooperation credit. Similarly, tax penalties will be reduced if early cooperation is given.
But before one leaps into the abyss of full disclosure, it is essential to understand, and be prepared to explain why, how and who in each case. Business leaders should give very careful consideration to proposing remedial action which is structured, well financed and subject to external independent review, or at least how to answer questions about remediation. The regulators will not expect fully formed, detailed or documented answers but they will look for more than “we are investigating it and will get back to you in six months.”
As details continue to emerge from the Panama Papers, it is important to spend some time reflecting on and rehearsing the corporate crisis communications plan, just in case the chairman is doorstepped coming out of his house on a Sunday morning.
CEOs that think and act ahead in the coming months will help to ensure that their organizations emerge with minimal negative consequences from an event that it is sure to be part of the business risk landscape for years to come, and is very likely to be a portent of future leaks and investigations that will prove equally challenging.
Crisis management and business management are converging. Business leaders need to be ready.
Bill Waite is a contributing editor of the FCPA Blog. He’s one of the founders of The Risk Advisory Group, established in 1997 with the objective of building Europe’s leading independent risk management consultancy. He serves as the group’s CEO and general counsel. He formerly practiced as a criminal barrister before joining the U.K. Serious Fraud Office in 1991 as a prosecutor. He can be contacted here.