[Editor’s note: Thank you to our colleague and frequent contributor Tony Jaques for submitting this post on crises created by rogue employees and the excuses that often follow.]
Blaming a rogue employee or system failure is a pretty popular crisis strategy. But one of the most notorious cases of blaming a rogue employee for a crisis has just been turned on its head, with a court deciding the management system rather than the perpetrator was mainly at fault.
French derivatives trader Jerome Kervial famously went to prison after making €50 billion worth of unauthorized trades and committing forgery and fraud to cover them up.
Société Générale lost €4.9 billion unwinding his trades but, in a case which has come to exemplify failure to recognise and act on warning signs, a subsequent investigation found the French bank had ignored 75 red flags over the previous 24 months.
Kervial consistently argued that managers had turned a blind eye to his profitable transgressions, and earlier this year a French labour tribunal seemingly agreed when it ruled he should not have been fired from the bank he had defrauded. The tribunal concluded that his illegal actions presented “no real and serious cause” for his dismissal and ordered Société Générale to pay Kervial about €450,000 in compensation.
Now the bank has been handed another setback. Although a lower court originally ordered Kervial to repay Société Générale the full €4.9 billion it lost, recently the Versailles Court of Appeals reduced his obligation to one million euros, declaring that the bank’s “multiple faults” meant it “had a major and decisive role” in allowing the incident.
While blaming a rogue employee or the system in the face of a crisis is not uncommon, it can carry enormous risk. Take the tragic nightclub shooting in Orlando, Florida, where one challenging question was how the Islamic extremist shooter got to be employed as a gun-carrying security guard? Global security giant G4S quickly adopted the rogue employee strategy, emphasising that gunman Omar Mateen was off-duty at the time of the massacre and the system had failed to alert them to any concern. But that didn’t prevent the news causing an eight percent drop in the company’s share price on the London exchange, which slashed about £200 million off its market value.
After just about every crisis, someone steps forward to say they saw the warning signs, and sure enough, in the Orlando case, a former co-worker, Daniel Gilroy, told reporters Mateen was racist, sexist, homophobic and frighteningly aggressive. “This guy was unhinged and unstable. He talked of killing people. Everything he said was toxic, and the company wouldn’t do anything.” G4S, which is one of the world’s largest employers with over 600,000 staff, said it had no record of any such complaint.
But no matter how large or small the organisation, the lessons are the same:
- recognise that a single employee can bring high-profile crisis risk
- have robust processes in place to weed out rogue individuals, and
- have strong systems which can withstand individual failure.
No amount of blaming rogue employees or the system can detract from the inarguable reality that ultimate responsibility lies at the top. When hackers stole $81 million from Bangladesh’s central bank in February, Governor Atiur Rahman resigned, but blamed flaws in the global money transfer system, and declared: “As a Governor, I’m not supposed to look at each and every small thing.”
Sorry Mr Rahman, but that’s exactly what executive-level crisis proofing is all about.
Tony Jaques manages Australian-based issue and crisis management consultancy Issue}Outcomes, and is the author of the book, Issues and Crisis Management: Exploring Issues, Crises, Risk and Reputation, available on Amazon now.