Reputation at risk - navigating the fallout of fraud

Reputation is everything in business. Even when organisations are themselves the victims of fraud (whether through cyber hacks or employee theft), reputational risk arises where the lack of controls or proactive response captures the attention of stakeholders or the media.

Lessons learned from work completed by Bartier Perry’s Organisational Fraud & Corruption group were shared with our colleagues and clients during a panel event on 22 October 2024 focussing on reputation management in the context of organisational fraud.

The panel, moderated by Commercial Disputes senior associate, David de Mestre, consisted of:

·       Gavin Stuart – Partner, head of both Commercial Disputes and Bartier Perry’s Organisational Fraud & Corruption work group

·       Jessie McKenzie – specialist defamation and intellectual property barrister at Nigel Bowen Chambers

·       Chris Fogarty – public relations and communications expert at FMC Group.

Discussions centred around a fictional fraud scenario (involving employee theft, false accusations and cyber attacks), allowing real-life challenges facing organisations to be explored during a dynamic and engaging session.

Recurring themes emerged, including:

·       correlation between the rising occurrence of fraud events and the corresponding risk of reputational damage

·       importance of planning ahead and appropriate governance tools

·       early, regular and centralised communication with stakeholders during crisis events

·       tactics and considerations for managing internal stakeholders (like employees, shareholders, board members) and external stakeholders (clients, funders, regulators and the media)

·       potential legal claims (both by and against the organisational fraud victim)

·       repairing reputational damage

We share below the insights gleaned during the panel event for organisations to proactively manage their reputation in the aftermath of a fraud event, with insights from legal experts, crisis communication professionals, and reputation management specialists.

Planning ahead

Fraud events are inherently disruptive for businesses. Questions arise for stakeholders and consumers as to shortcomings in governance and controls when businesses suffer loss (even if the businesses are not responsible for the fraud event but are themselves victims) which, in turn, poses a threat to consumer trust and brand integrity.

Often organisations are taken by surprise and therefore unprepared for attacks. The initial focus is often on financial recovery and minimising operational disruption. However, reputation management and brand protection are sometimes left to last and only considered when the first media enquiry arrives.

From the discussions in our panel event, the importance of planning ahead and seeking advice early became clear. Future-planning and safeguarding against fraud risk requires organisations to also consider the indirect, long-term consequences of fraud events on their brand.

Businesses must build into their policies, training protocols and procedures the flexibility to respond quickly and effectively, ensuring that their reputation remains intact throughout the crisis. This involves developing and regularly reviewing:

·       sound investigation processes and governance tools

·       centralised and easily deployed communications strategies for internal and external relations

·       obtaining qualified advice from legal, insurance and public relations experts as soon as possible (with regular policy and governance reviews regardless of any crisis situations)

Investigation and governance

Planning starts with governance, a critical aspect of which is ensuring there are adequate investigation processes in place for employee-related fraud. Poorly managed internal investigations can have serious reputational consequences. Mistakes made at this stage can undermine any later attempts to repair the company’s reputation and might lead to new legal claims. According to Gavin Stuart during the panel discussions, mistakes made during an investigation, such as failing to quarantine key evidence or making incorrect accusations, can further damage the organisation’s credibility and lessen stakeholder faith in the organisation’s integrity and ability to pioneer recovery efforts.

Communications - early, regular and centralised

One of the critical elements in managing a fraud event is how an organisation communicates both internally and externally. Crisis management and media strategy should begin as soon as fraud is suspected (in accordance with policies and protocols developed – with the input of qualified advisers – long before the crisis occurs). While many organisations wait until the situation escalates before calling in external public relations consultants, our experience strongly indicates that organisations should engage these specialists early.

In our experience, a well-prepared communications strategy can prevent emotionally charged decisions. The insights arising from our panel event include:

Aligning key messages

Whether it’s clients, staff, or media, everyone should receive the same consistent message, from one dedicated central point of contact. Failure to do this risks creating confusion and potential leaks, which can further damage an organisation’s reputation. Inaccurate internal communications can cause irreparable damage to both the company’s reputation and its relationships with employees.

Responsiveness

In today’s digital age, news spreads rapidly, especially through social media and news outlets. By the time a story hits a national publication, it is often already circulating on other platforms. Speed in responding to misinformation and getting the organisation’s message out there is crucial. This is yet another argument in favour of planning-ahead and having strategies in place before an attack occurs.

Internal stakeholders - managing the response

When dealing with fraud, organisations must pay close attention to their internal stakeholders—employees, managers, and investors. Internal communications play a pivotal role in managing the crisis, particularly in ensuring that the company’s leadership is transparent with staff members and has a consistent response.

Organisations must ensure that internal stakeholders are provided with the right amount of information. Transparency helps prevent leaks and ensures that employees are aligned with the company’s response strategy.

For example, if staff members are left in the dark or misinformed, they may start to leak information. Conversely, oversharing information only adds names to the potential witness list for any adverse claims (discussed below).

External stakeholders - managing public perception

Once the crisis hits the media, organisations face the challenge of protecting their public reputation. A significant part of this process is managing external stakeholders—clients, the media, regulators, and the general public. Whether the media is asking questions, clients are seeking reassurance, or the public is demanding answers, organisations must provide timely, consistent, and accurate information.

Some tips emerging from the panel event include:

Media engagement

Companies should avoid offering detailed commentary or speculating about the situation. Instead, they should focus on the facts and the actions being taken to address the issue – delivered by a centralised point of contact.

Rebuilding trust

Over time, organisations can rebuild their reputation through transparency and consistent effort to fix the underlying issues. Positive news stories, reforms, and an empathetic approach can go a long way toward restoring public trust.

Potential legal claims

In any fraud event, organisations must be cautious of the legal ramifications of their actions (in addition to claims which may be available to them as a result of loss suffered through fraud). Each case will be different and must be assessed for its individual merits, however, the common claims arising for and against organisations in the context of fraud include defamation, injurious falsehood, breach of confidentiality and negligence or breach of contract claims.

Additionally, organisations must be careful about sharing information with the media or third parties during an investigation and any proceedings, as this could lead to significant legal consequences. Misleading or premature communication could not only harm an organisation’s reputation but also complicate ongoing legal proceedings.

Finally, regard must be had (and advice sought) on regulatory and reporting obligations for specific organisations (such as lawyers, accountants, government organisations and NDIS-funded businesses).

Conclusion - planning for the future

Fraud events can damage a company’s reputation, but with the right strategy implemented early and reviewed often, organisations can navigate these challenges and emerge stronger. By addressing both the immediate financial impact and the long-term reputational damage, organisations can safeguard their brand and ensure that they are prepared for future risks.

Ultimately, the key is proactive planning. Organisations must understand the risks to their reputation from the outset, engage crisis communication professionals early, and ensure that their governance practices are robust. By doing so, they can mitigate the reputational risks of fraud and ensure long-term success.

Bartier Perry’s Organisational Fraud & Corruption group is comprised of experts from each practice group in the firm, so we can provide a full service to our organisational clients.