Strategic Resilience

Why you should read this blog

Welcome to the PwC Resilience blog, focused on helping organisations address the drivers of global instability — be they economic, environmental, geopolitical, societal or technological — and come out ahead.

Strategic resilience is not so much managing risk (playing not to lose) as shaping the future (playing to win). It’s about rethinking and reinventing the way you do business — with a sophisticated, proactive approach that "prices in" the deep trends that are moving the world.


Shouting “Fire!” in a Crowded Web

Consider an astounding fact. Within three years, the number of devices connected to IP networks will be nearly three times as high as the global population, according to CISCO.

In a hyperconnected world, where news can be captured and communicated as quickly as it is created, that can spell trouble. It’s easy to see how a digital wildfire — the viral spread of information, misinformation or disinformation via the Internet and social media — can wreak havoc on any organisation, government, or system, in the blink of an eye.

The interwoven technological fabric known as the World Wide Web is a flammable substance, indeed. And while not all incidences of fast-spreading, unfiltered information are necessarily negative — we’ve seen recent examples of the widespread use of technology to spread messages of reform and effect positive social change — digital wildfires, whether accidental or deliberate, are often disruptive.  

They’re also becoming more frequent, and more consequential. Beyond the immediate economic and geopolitical damage, digital wildfires can have a longstanding, corrosive effect on basic trust. The World Economic Forum (WEF), which highlighted the phenomenon in its Global Risks 2013 report, is now calling for new thinking to prevent “digital disintegration” — a large-scale loss of trust in the Internet.

Inasmuch as we define resilience as the ability to adapt to changing conditions, withstand shocks and bounce back to equilibrium, it’s clear that resilient organisations have a vital interest in creating strategies for dealing with these hard-to-control wildfires. This is especially true when you consider that we operate in a technological environment that is far from an orderly, globally regulated system.

Which is why this article, by PwC’s John Regas and Beth Cartier, is so timely. While it may seem almost an impossible challenge to put the genie of disinformation back in the bottle, there are, in fact, several concrete steps organisations, and market actors collectively, can take before, during and after a widespread panic, to prevent, extinguish — or at least, contain — the damage of a digital wildfire.

There is no doubt that technology, by making information instantly accessible across cultures, geographies and jurisdictions, has both increased the good of global connection and amplified the risks of fast-spreading false information and malicious rumours.

John and Beth’s fascinating piece lays down the background, the latest global developments, and the best practices you can follow in building digital firewalls. So that the next time somebody yells “Fire!” in a crowded Web, your organisation doesn’t have to be the one getting trampled.

I encourage you to read this important article, and to share your own thoughts and experiences in the Comments section.

Read the article | Meet Dennis Chesley | Meet John Regas | Meet Elizabeth Cartier  | Visit the PwC Resilience site


Why protecting your business processes from fraud can bolster your resilience

by Steven L. Skalak

It’s commonly accepted that fraud — from asset misappropriation to bribery to cybercrime — is a constant, nagging cost of doing business. But beyond that truism, what do these and other economic crimes have to do with business resilience?

As our just-released 2014 Global Economic Crime Survey (GECS), strongly suggests, the two are deeply connected.

Like a virus, fraud is both highly adaptable and opportunistic, shifting to ride the events, trends, natural disasters, and innovations remaking our world — and attacking at vulnerable points in your supply chain, distribution network, and other points of transaction with third parties. Shielding points of vulnerability against threats both known and unknown is, of course, part of what business resilience is all about.

Those points of vulnerability are many. In the connected world of 2014, one driven by the increasing use of technology in business functions and the rush of economic resources toward emerging markets, the risks of economic crime loom large. Meanwhile, various government anticorruption statutes have elevated the efforts of regulators, raising the risk of deeper damage to organisations who fall afoul of them.

But the virus metaphor only carries so far. After all, you can’t inoculate against fraud. What you can do is attempt to understand the strategic nature of the threat.

That’s why I believe it is crucial to understand the variety of business processes threatened by economic crime, and the risks they pose to your organisational resilience. A resilient organisation may not be able to predict where the next threat will arise — but to prevent or mitigate threats it needs to be just as adaptable and opportunistic as the perpetrators of fraud.

Our 2014 survey reveals that the various strains of economic crime — such as corruption and bribery, cybercrime, accounting fraud, IP infringement, or procurement fraud — continue to be major concerns for organisations of all sizes, across all regions, and in virtually every sector. Not only was overall reported economic crime up 3 percentage points, reports of especially damaging categories of fraud — such as bribery and corruption, and cybercrime — was also on the rise, relative to our last survey, which was conducted in 2011.

One of the key findings of the survey is that as companies seek growth, they invest in markets that are less familiar to them — and thus frequently expose their employees to situations with inherent conflicts between the fundamental goals of making a profit and remaining compliant.

Without strong CEO support and leadership, these situations can not only lead to significant fines and reputational damage — they can also lead employees down a slippery slope that erodes standards of integrity. And in a sign of how seriously boards and chief executives are taking both the financial and collateral damage from enforcement of statutes like the U.S. Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act, more than half of CEOs (52%) surveyed in our latest Global CEO Survey report being concerned about bribery and corruption.

In addition to outlining all the data from our survey, this year’s GECS report also offers an analytical look, grounded in our real-world experience, at how economic crime threatens your business processes — so you can address the key business issues from both a preventive and strategic perspective. In other words, from the point of view of organisational resilience.

I invite you to learn more by visiting our Global Economic Crime Survey site. And I welcome your questions and comments.


View/Download the Survey Results | Meet Steven L. Skalak | Visit the PwC Resilience site


Sustainability and Risk Management: Breaking Down the Barriers to Achieve True Resilience

One of the main themes of this blog is that re-orienting the conversation from “risk” to “resilience” enables organisations to better capture the desired outcomes of preparedness — and opportunity.

In a previous article we discussed how boards can assess and guide their ERM programmes to deal with a dramatically changed risk environment.

In this piece, written by PwC US’s Lillian Borsa, Peter Frank and Hannah Doran, we zero in on a language barrier between two critical business functions that can stand in the way of true organisational resilience.

In a global business environment increasingly driven by large-scale environmental and social risks ­— from disasters that can tear at the fabric of your supply chain or your reputation, to the race for talent in a fast-shifting demographic landscape — the classic ERM approach of historical-based predictive tools is, by its nature, insufficient to address a deeply evolving risk landscape.

Sustainability executives, whose jobs are focused on monitoring global mega-trends, have a great deal of knowledge about this new breed of environmental and social risk. But they don’t always speak the language of risk executives — and often cannot communicate these risks in ERM terms.

Yet, just as this disconnect can be a major barrier to achieving risk resilience, finding a common language and focus can unlock both business synergies and competitive advantage.

That’s why PwC recently brought together a group of senior risk and sustainability executives to discuss how to weave these two complementary but divergent approaches into a more unified, proactive risk platform — one that can address these critical environmental and social risks in a rigorous, strategic manner.

This thought-provoking article dives deep into both the issues and the potential solutions inherent in this tension. It makes for very stimulating reading.

As always, I welcome your comments.

Read the article | Meet Dennis Chesley | Meet Lillian Borsa | Meet Peter Frank | Meet Hannah Doran | Visit the PwC Resilience site


Why managing your most critical suppliers requires a strategic approach

 by Mitzi Campbell

You’ve just finished a gruelling competitive proposal process that took months to negotiate. Your business case to executive leadership, business units and functional stakeholders required significant selling. There were times where you didn’t even know which negotiation was more challenging — the one with the supplier or the one with key internal stakeholders; the contract was sent back and forth between legal departments so many times that you feel you could actually pass the bar exam tomorrow.

Congratulations, you finally have a signed contract. That was the easy part.

For most companies, the next step — managing your supplier relationships — can be a lot cloudier. And, as I’ll explain in this post, the murkiness of that process is a major gap that needs to be closed.

Supplier relationship management is the discipline of planning for, and managing, your interactions with third-party suppliers. Although it’s long been part of your procurement department’s “perceived” mission, in fact the stakes are much higher than just one department’s responsibility.

The truth is, the tactical — or, worse, the ad-hoc — approach can put your company at risk.

Here’s why. Many companies, when assessing the potential value of a supplier, choose to focus only on expense. But spend alone cannot provide an accurate, 360-degree picture of supplier impact. Focusing solely on cost can make you overlook some more strategic suppliers — and even potentially expose you to supply interruptions, negative media coverage about supplier actions, and increased costs of goods sold, as this graph illustrates.


So what’s the most strategic way to determine the real value of potential suppliers to your business?

First of all, I recommend zooming out — beyond the simple cost metric — to consider a wide variety of other factors, such as innovation, risk (financial, supply chain and regulatory), criticality to your product(s) and the availability of viable substitutions.

A recent client example underscores this point:

A global industrial products company with US$3+ billion in external spend purchases chemical elements with a total spend of approximately US$3 million. Only two suppliers worldwide can provide these elements. Both are government entities — one in the United States, the other in Russia. Assessed on percentage of external spend alone, these suppliers would not be considered “strategic.” But, when the client expands the determination measurements for “strategic” to include criticality to products and risks (regulatory and import), the suppliers are suddenly among the top 5 most strategic vendors to the entire company — even though they represent only 0.1% of the total spend.

The fact is, identifying your most strategic suppliers, and then managing and building relationships with them, requires establishing far more sophisticated metrics, both internal and external, that are closely aligned with your business goals and needs — be they driving innovation, lowering costs, reducing your carbon footprint or just assuring continuity of supply.

The process doesn’t end there, of course. Once you’ve selected your strategic suppliers, you have to shift your focus to sustainable process execution. And for that, it’s useful to think about supplier scorecards.

A scorecard can reduce problems in a supplier-client relationship by proactively establishing goals, requirements and deadlines. It’s also a very useful mechanism for receiving, and incorporating, valuable feedback from your suppliers — which can help you deal with both looming challenges and promising opportunities, while offering valuable customer insight. And all while building sustainable, mutually beneficial relationships with your suppliers.

Finally, because nothing in business is static — your suppliers’ strategic value can change if you, or they, experience a shift in direction or goals — it’s also a good idea to set up a refresh frequency.

True resilience means adopting a strategic, proactive approach to your business processes. Your supplier relationships and your management of the entire process — both today and tomorrow — have a critical part to play in that resilience.

So how does your company handle its supplier management process? Is it a work in progress… a finely tuned engine… or somewhere in between? I welcome your comments and feedback.


Meet Mitzi Campbell | Visit the PwC Resilience site


Retail Supply Chains in India: Weak Links or Building Blocks?

by Sasha Riser-Kositsky and Deepali Srivasta Sussman

India's $500-billion-plus retail market is finally open to foreign investors who can fully own single-brand stores and have 51% ownership in multi-brand supermarkets in the country. In approving foreign investment in the retail sector last fall, the ruling Congress-party-led minority government braved much opposition, survived a vote of no confidence, and lost its largest coalition partner.

Despite the political theater, however, not much has changed. Big-box retailers are not rushing to set up shop in India. In all likelihood, domestic requirements that are part and parcel of the new policy are deterring foreign investors.

Configuring the right supply chain for India is tricky business, indeed. Global big-box giants must source at least 30% of the value of manufactured and processed products from small Indian producers with less than $2 million in assets — though new changes announced in August this year allow retailers to continue relying on suppliers that grow beyond this threshold. Retailers are also expected to commit to investments worth at least $100 million, half of which must go toward building new back-end infrastructure.

And even those who meet these conditions won't secure nationwide presence. Franchising is prohibited and foreign retailers require local government approvals to operate. So far, only 10 of 28 states and three of seven union territories have welcomed foreign investors.

Still, for all the complexity of operating in India, ignoring this market would be a mistake. As this graphic shows, India's consumers are the real drivers of its economy — and winning them over has become a strategic priority for many global businesses. India is an incredibly complex and diverse market, where consumer tastes can change about every 100 miles. A mix of modernity and tradition, uneven development patterns, 22 official languages, and multiple cultural norms all add up to make India a complicated puzzle.

The painstakingly slow liberalization of the Indian economy actually offers a useful window of opportunity, forcing foreign retailers to take a cautious, step-by-step approach. And, from a supply chain point of view, that might be the best way forward in India.

As this recent PwC 10Minutes article shows, companies with high-performing supply chains have one thing in common: they know what sets them apart from their customers' perspective — be it cost, quality, innovation or customer experience. While all attributes are important, they pinpoint the one that matters most and design their supply chains "from the customer in." All aspects of operations — like service delivery, sales channels, and asset/tax footprint — follow from there.

Indeed, in a recent PwC report on the experience of foreign businesses operating in India, John Flannery, GE’s senior vice president for corporate business development (who led GE India until earlier this year), discussed how India forces established companies to change their mindset and approaches: “As a long-term legacy product engineering company, we tend to say, ‘here’s what we make — now who can we sell that to?’ The first thing we’ve had to really crack and break down in India is answering questions like: How does a village healthcare provider operate? How much can customers pay? What do they really appreciate? How will the workforce want to operate the equipment? And you really have to go backwards from there.”

In India, it will take time for retailers to put together the supply chain building blocks. For example, they have to create the necessary back-end infrastructure and, even more importantly, nurture relationships required to open and stock a big-box store. Establishing footholds in the wealthy and cosmopolitan megacities of New Delhi and Mumbai before going nationwide could be the best way forward. Slow and deliberate expansion would help retailers manage the uncertainties facing multi-brand retail investment.

What next for multi-brand retail? With India's next elections coming up in mid-2014, global investors should not be daunted by the sloganeering and political posturing in New Delhi. Rather, they must carefully evaluate opportunities across India's increasingly powerful states. Local and regional players are competing aggressively to attract capital and projects, and becoming important decision makers and stakeholders in India's future.

Read the 10Minutes article | Read the report on doing business in India | Meet Deepali Srivastava Sussman | Meet Sasha Riser-Kositsky | Visit the PwC Resilience site


Supply Chain Resilience: Keeping Your Customer Front and Centre by Mark Strom

When a disruption next knocks your supply chain, will you be able to continue giving customers what they most value — whether that’s low cost, innovation, quality or outstanding customer service? 

It’s from this customer perspective that our latest featured article, "How the strongest supply chains protect what customers cherish most", written by Constantine G. Vassiliadis and Glen Goldbach, suggests you approach building supply chain resilience.

Those of us in the operations world know as well as anybody that no business and no global supply chain is immune to disruption today. But with so many risks, complexities and variables to factor in, it’s difficult to know where we should be strengthening our chains and how.

There’s a chance that we don’t always keep the customer front-and-centre in creating our Plan B’s.

That’s where this article can help. It draws on recent supply chain research findings to bring you insights and frameworks for strengthening your supply chain against the threats of events you hope won’t become real — but that probably will one day.

Here are four essential things to consider in building supply chain resilience:

  1. Protect what your customers cherish. Are you clear on what your customers most value from you? On how you differentiate yourself in the marketplace? Focus on safeguarding your customer value proposition when building resilience.
  2. Consider complexity — it hides surprises. Identify the risks and level of complexity that threaten your capability to deliver that value proposition. Make sure you segment and prioritise your risks. What level of complexity is essential to continuing to deliver customer value? Which complexities add no value and can be eliminated?
  3. Choose the right kind of resilience capability to mitigate those priority risks. Do you need the capability to anticipate, to respond, or to adapt and evolve?
  4. Build your capabilities using a combination of seven practical enablers that will allow your company to prepare for and respond to disruptions.

Leading companies don’t design their supply chains to operate only in ideal conditions. They test them out and prepare them to withstand knocks and disruptions. But with only 9% of companies being fully prepared for supply chain disruptions, there’s a long way to go1.

So how strong is your global supply chain? Are you prepared to deliver to your customers in case of a disruptive event? Let me know.

I hope you enjoy reading this article and absorbing the research that lies behind it. Feel free to contact me with any of your supply chain, resilience and operational questions.

  1. PwC and the MIT Forum for Supply Chain Innovation, Making the right risk decisions to strengthen operations performance, 2013.
Read the article | Meet Mark Strom | Visit the PwC Resilience site


Climate resilience and “good growth”: Making the connection

It’s now nearly one year on from Hurricane Sandy. Climate Week NYC is back, and a new framework launches that gives businesses the capability to evaluate their total impact — and optimise “good growth.” Resilience truly is top-of-mind this week.

I’ve been thinking about the many families, businesses and local governments that are still working to get back on their feet a year after Hurricane Sandy devastated parts of the Eastern United States. What can we all do differently to better prepare for natural disasters and perhaps influence their frequency or intensity?

That’s one of the topics that the leaders at Climate Week, fittingly taking place in New York, will be discussing.

How can we build more climate-resilient communities? I’m reminded of the worthy initiative between the UN Office for Disaster Risk Reduction (UNISDR) and PwC. Its aim is to shape a sustainable, private-public disaster risk management platform, with the ultimate goal of creating risk-resilient societies. We’ve written about it here at Resilience before as well as the need for the public and private sectors to partner up to get it right.

We’ve also written before that ultimately, an organisation’s resilience depends upon decisions­—calls made by people facing adversity, uncertainty, and/or change. More often than not, these decisions require making difficult choices between equally valid options. And usually that means that one objective, or group’s interest, will be sacrificed for another’s in order to serve the greater good of resilience.

So in today’s real world of climate disruptions, stakeholder scrutiny, and intense competitive pressures, how can businesses weigh the risks, measure the impacts and make the choices?

We think it comes down to measuring a business’ total impact — the social, fiscal, environmental and economic effects of their activities. And this, week at the United Nations, PwC will launch its Total Impact Measurement and Management (TIMM) approach.

TIMM enables businesses to compare strategies and make decisions using quantified data, and evaluate the total impact of each choice. They’ll be able to measure, understand and compare the trade-offs between different options — and make decisions with a more complete knowledge of the overall impact they will have, and a better understanding of which stakeholders will be affected.

Ultimately TIMM requires, and enables, a different kind of language for evaluating growth and identifying “good” growth — a language that has a broader vocabulary than inputs, outputs and financial returns. That’s a challenge for business — not least for the accounting profession — and a debate that has to be opened. We’re encouraging all organisations to join the debate at

Surely this has to be a great step in helping businesses make the right strategic decisions for the right kind of growth. Quality growth rather than quantity growth. Resilient growth, good for all stakeholders. 

I hope you get involved in the debate, and I welcome your comments.

Visit the Total Impact Measurement & Management site | Meet Malcolm Preston | Visit the PwC Resilience site


Trust: The Most Important Asset of All

It’s clear that the financial crisis contributed to the erosion of public trust in both government and business institutions. Recovering that trust—and the trust between the public and private sectors—is necessary to achieving a sustained social and economic recovery.

That is the core message of this piece, the concluding article in our series on integrity and resilience.

The article features a fascinating interview with a World Economic Forum and PwC team leading a critical WEF initiative called The Leadership, Trust and Performance Equation. The project seeks to analyse the true impact of trust—and the economic and social costs of its deficiency—on both business and society.

The team cite three major reasons for why trust is so important to an organisation’s stakeholders: predictability, credibility, and, perhaps most important of all, resilience.

Their work—and their words—make clear that in a world where scepticism (it not cynicism) around both public and private sector institutions is on the rise, the simple virtue of trust has become one of the most powerful long-term business assets of all.

I hope you will find this piece as stimulating as I do. As always, I welcome your comments.

Read the Article | Meet Dennis Chesley | Visit the PwC Resilience site


All Apologies Are Not Alike

When is a corporate apology not an apology? And what does it have to do with resilience?


As it turns out, everything. All you have to do is gauge the response of stakeholders and­­ — especially — the public. A good apology will win back trust. A bad apology will throw gasoline on an already smouldering fire of public anger and mistrust, imperilling the reputation and even long-term prospects of the firm.


So when an incident of personal or corporate malfeasance or neglect comes to light, how can a chief executive deliver the “right kind” of apology? That’s the subject of this fascinating article by Daryl Koehn, a professor of ethics and business law at the University of St. Thomas.


As Daryl points out, for an apology to accomplish its aim, it must have a genuine ethical underpinning. An anodyne expression of corporate “regret” delivered by the CEO will not cut it.


She further breaks down corporate apologies into two categories — personal error on the part of the CEO, or an offence committed by his or her firm. In both types of apologies, Daryl argues, the response must be prompt and credible — and tightly focused on what the CEO can and will change.


As we have seen repeatedly throughout this series, resilience is about more than just recovering from a crisis. It’s about bouncing back with integrity — the true source of sustainability.


As always, I welcome your comments.

Read the Article | Meet Daryl Koehn | Meet Dennis Chesley| Visit the PwC Resilience site


Why Resilience Belongs on the Board Agenda

We know that resilience is — among other things — about anticipating and adapting to change. Which makes it an area of special importance in the boardroom. Or should.


It’s no secret that the challenges and expectations facing today’s boards are intensifying and evolving. And the pressures are coming not only from shareholders, but from a growing set of stakeholders, amplified by the explosion of social media and the 24/7 news cycle.


Which makes this article , by Catherine Bromilow, a partner in our Centre for Board Governance, so important. Given that unforeseen risks and emerging threats — as well as opportunities and changes in stakeholder expectations — are subjects of growing concern, what role should business resilience play in board-level decision making?


A great deal, as she argues convincingly. Whether they realise it yet or not, in a business landscape that continues to change, it is imperative that boards focus on embedding resilience into their overall strategic discussions. And they must be willing to change and adapt as well, within their own ranks and roles.


Catherine offers several cogent, board-specific recommendations — in a piece every board member should read.


As always, I welcome your comments.

Read the Article | Meet Catherine Bromilow | Meet Dennis Chesley | Visit the PwC Resilience site
Dennis L. Chesley
Global Risk Consulting Leader
Tel: +1 (703) 918 6154
Follow on: