In the final spotlight interview conducted for our report Intelligent Business: 2022 Strategic Intelligence Report Jerry Kral, Chief Risk, Ethics & Compliance Officer at Brown-Forman, discusses the expanding scope of compliance and due diligence work, and the pace of change in today’s risk landscape. He recommends a partnership approach to strategic intelligence to tackle these challenges – getting everything from alerts to actionable insights through an expert, trusted, partner.
A Historic Starting Point for Strategic Intelligence
When we look at the intelligence industry in the United States, a key moment in history is the Foreign Corrupt Practices Act (FCPA) introduced by William Proxmire, a US senator from the state of Wisconsin, in 1977. That law was seminal to our industry of strategic intelligence because of two factors. One, the law had extraterritorial coverage, so US-listed companies needed to know how they were going to be held accountable for actions outside the United States. And second, it imposed third-party liability – so it made those companies responsible for the actions of its third parties.
That law was rather dormant, sitting on the books until the mid-2000s, when the German conglomerate Siemens was prosecuted and ended up paying millions in fines. From that point on, from my perspective, the concept of strategic intelligence was born – as it placed the onus on the corporation to do third-party due diligence on all its higher-risk business partners outside the United States. And it’s only continued to grow from there.
I started my career in consulting when this concept of compliance, born out of the FCPA activity in the mid- 2000s, started to take shape. I worked with compliance officers who needed assistance in establishing processes and controls to ensure that they could defend their programmes. This snowballed to strategic business decisions overall – for example, mergers and acquisitions, entering new geographies, global expansion through distributors and other high-profile business transactions.
It is important to recognise the increasingly dynamic relationship between risk and reputation for our companies. We have broader corporate purpose and accountability standards, increased stakeholder expectations, and trust and transparency than commonly existed twenty years ago.
"IT IS IMPORTANT TO RECOGNISE THE INCREASINGLY DYNAMIC RELATIONSHIP BETWEEN RISK AND REPUTATION FOR OUR COMPANIES."
For my role, not only must we monitor our own operations and reputation, but there is an important responsibility to know who we are doing business with. We want to know as much as possible about the ‘who’, because not turning over every stone to understand them has a very steep downside. So, what started with anti-corruption and needing to know whether third parties, prospective or existing, were ‘dirty’ in any way, has only grown in scope. Now we are looking at our third parties from a human rights perspective, from an environmental perspective, from a corporate citizenship perspective, and so on. And we’re taking all these different perspectives into play when we evaluate candidates to do business with.
This additional scrutiny only expands the need for strategic intelligence. But finding the sources of intelligence and identifying any potential red flags is quite challenging. It requires a partner who has access to substantial information and the resources to assimilate it in a meaningful manner.
Intelligence and Risk
Along with ethics and compliance, I’m responsible for looking around the next corner and being able to anticipate what is going to be a challenge to our business in the near term. Now, doing that when you operate in over 100 countries is very challenging, mainly because the risks are always moving and evolving, and today they are moving faster than ever. From climate change to geopolitical issues to social media misinformation campaigns, the pace at which the world is changing means there’s a lot to stay on top of.
At Brown-Forman, our approach to external risk is based on ‘hotspots’ and ‘tripwires’. We want to be aware of where a potential issue could surface, and we call that a hotspot. Where there’s a hotspot, we put monitoring in place. And if the temperature starts to rise, we turn to what we call tripwires. These are conditions that, if met, will require us to take some sort of action. That action could be demonstrating duty of care, pausing our business or ceasing activities altogether with a particular business partner.
A Partnership Approach to Intelligence
Disciplines such as crisis management, emergency preparedness and business continuity have complex, detailed methodologies. The amount of rigor that must be applied to do them effectively requires a deeper investment than most companies are willing to make. Therefore, if you want to be prepared and able to respond appropriately on behalf of your people, your business and your shareholders, you need to partner with someone who can bring that expertise and experience to the table.
"IF YOU WANT TO BE PREPARED AND ABLE TO RESPOND APPROPRIATELY, YOU NEED TO PARTNER WITH SOMEONE WHO CAN BRING THAT EXPERTISE AND EXPERIENCE TO THE TABLE"
At Brown-Forman, our expertise is in making and marketing premium spirits, and we partner where a service is not a core competence, such as strategic intelligence. It’s imperative that we find an expert partner who understands our business with whom we can collaborate closely. When there’s an issue that’s potentially going to impact Brown-Forman, I want an alert – not one from a system that requires me to go through, read, and assess it. I want an alert from someone that knows our business and I trust, who has already scanned the information and can put it into context for me so it is actionable.