In 2008, Nassim Nicholas Talib published a book called “The Black Swan”. A Black Swan is defined as being an event which has three characteristics; it is highly improbable, has massive impact and, in a strange way, appears almost inevitable after the event! Due no doubt to the timing of the book’s publication relative to world events, the term Black Swan has crept into business language. So how do we protect our businesses from Black Swans?
Black Swan Events
Talib coined the term “Black Swan” from the story of the discovery that black swans existed. Before the discovery of the New World, the Old World assumed that all swans must be white. In other words, if a black swan had never been seen, then it was assumed that the possibility of a non-white swan was so improbable as to be non-existent.
Examples of recent Black Swan events are 9/11, the success of Google and the current global financial crisis. Many people would say that any or all of these examples could have been predicted, but even if some people did foresee these events then no significant mitigating actions were taken or their impact would not have been so great.
For most growing businesses, a Black Swan event would be a risk, that has not been explicitly considered and that would lead to a major setback for the business and even complete business failure.
So why doesn’t risk management cope with Black Swans?
Traditional risk management relies on identifying risks based on the experience of the teams involved in the enterprise. If the risk is outside the experience of the group it is unlikely to be considered. Even if it is considered it is likely to be prioritised very low by being allocated such an extremely low probability rating.
Risk management is not really designed to identify Black Swan events. Risk management concentrates of managing the risks to the enterprise that would have a significant impact and have a reasonable probability of occurring. This is simply a way of prioritising all potentially “bad events” so that time and resource can be allocated. It is appropriate for ongoing business operations to focus on risks in this way, but this means that by applying traditional risk management methods, most Black Swan risks will not be identified and any Black Swan risks that are considered will be not be actioned due to their very low probability.
Brainstorming risks is highly unlikely to capture Black Swans. The exercise will either be too narrow, by staying within the comfort zones of the participants, or too broad by considering risks that are not relevant to your business (eg earthquakes in a non-earthquake zone).
In addition, the negative connotations of the word “risk” means that people have to change the way in which they think in order to identify negative events. A much more effective way to operate is to use ABCD Risk Management and consider the strategic assumptions of the business ie what are the things that must happen for your business strategy to succeed. Thinking assumptions rather than risks also helps to keep you focussed on the objectives of the business and grounds any “out-there” risks in the context of your enterprise.
The assumptions are analysed for risk using Sensitivity and Stability. Assumptions that are rated as CC or above are considered to be “risky assumptions”. However, up to this point, this is still a form of risk analysis and not Black Swan analysis.
Black Swan Assumption Analysis
So how do we use Assumption Analysis to identify Black Swans? Firstly we need to identify the strategic assumptions for our business. The strategy statement should be broken down into its constituent assumptions i.e. the things that need to happen to ensure that the strategy is achieved. Aim for about 10-20 assumptions and ensure that you consider both internal and external factors as much as possible.
The Sensitivity of the assumptions should all be rated as Cs or Ds or they are not really strategic! The Stability ratings could take any rating from A-D. However, unlike risk management, it is not the CC and above rated assumptions that we are interested in – these would be handled as “risks” and be part of the ongoing (strategic) risk management process. Black Swan assumptions will be rated as Sensitivity D and Stability A or B ie they will have a massive impact if they don’t hold but are considered to be fairly or very stable.
We then need to further test the assumptions by considering relevant risk drivers in the world that could potentially affect our business strategy to a massive extent eg:
- Market changes eg oil prices, currency fluctuations, credit availability etc.
- Socio-political changes eg change of government, adoption of Euro etc.
- Health crises eg flu pandemic, fall-out from dirty bomb etc.
Note that we are not looking for minor events here (eg oil prices rise by 10% per annum) but massive events (eg oil prices triple in 12 months) and the compound effect of events occurring together.
We can then use these drivers to challenge the Sensitivity and Stability ratings and change them if appropriate. It is important to note that it may not be possible to undertake an effective assessment of risk drivers without engaging an external industry expert to challenge the internal thinking. Some limited degree of academic input or management consultant involvement may pay dividends in breaking down what Irving Janis calls “Groupthink” – i.e. the tendency for homogeneous teams to fight too hard for consensus and to not consider alternative viewpoints – and therefore miss Black Swans.
An effective risk driver approach will inevitably move more assumptions into the risk management category where they can be dealt with appropriately. This will leave us with a small number of assumptions that are rated as D Sensitivity and A or B Stability and these are our potential Black Swan assumptions and events.
Managing Black Swans
These Black Swan assumptions will need to be considered completely separately from the risks. By their very nature, you do not think that they will happen and therefore you will not be pre-disposed to take action. You basically have one choice – to de-sensitise your business to the effects of the assumptions, but you have two ways in which this can be accomplished – proactively or reactively.
Proactive means that you will take action now to reduce the potential impact later. This could be done by building in redundancy or standby systems, creating emergency systems, tightening procedures etc.
Reactive would be to define contingency plans if the Black Swan did materialise. These may range from quite sophisticated to very basic if that is all that can be realistically done eg replacing automatic systems with totally manual ones.
The highly unlikely nature of Black Swans will tend to lead you towards reactive rather than proactive approaches but this is not always the right thing to do – think 9/11!
And of course the big factor is likely to be cost but this must be weighed against the potential massive impact if the Black Swan materialises. In the tsunami of 2004, 230,000 lives were lost and $15B of damage was done because the cost of a warning system, estimated at around $30m, was considered too expensive. That works out at $130 per life lost.
Good Black Swans
A final point to note is that Black Swans can be good as well as bad for your business. Some of the biggest business successes seemed highly unlikely but today Google and eBay are massive global businesses, the iPod has outsold all expectations and more recently the use of Twitter seems to be growing exponentially. Consequently, when considering your strategic assumptions, don’t just look for the risks, look for investment opportunities.
Interesting article Keith. I suspect that the Black Swan will potentially affect all those that it touches. However, those that recognise it for what it is fastest and that are then willing to ask ’so what does this mean’ will suffer the least or gain the most benefit. To make this happen we must adopt systematic scanning mechanisms linked into our core decision making processes – including of course our risk management processes.
Interesting Keith but I cant see the difference between Black Swans and contingency planning?
Contingency planning traditionally looks at everything that could go wrong and sets up procedures to seal with the fall-out. The contingency planning exercises that I have seen over the years have been laboreously expensive and ultimately useless. Black Swan analysis is trying to isolate a much smaller set of disaster scenarios that are worth “insuring” against. Don, feel free to give me a call if you would like to discuss further.
Keith, I have read The Black Swan and this is a good summary of what was an incredibly long and annoying read! Talib goes around in circles on this subject and ultimately says nothing about how to identify and manage Black Swan events – well done for trying to rectify this!
Hi Keith – thanx for the articles, and for the videos! I’d heard about this Black Swans book – must confess I haven’t read it, so may be wide of the mark – but how do you get top level management to think about / identify possible events that are “highly improbable”? Is it not a characteristic of such events that they were so out there that nobody did think of them before they occurred? Is this where the role of the management consultant comes in?!
David – thanks for the comment. I tend to agree with you re the book – as do many people if you read the reviews on Amazon which are completely split between those that love the book and those that think Talib is a meglomaniac!
Jane – spot on – its the independent expert angle that opens up the thinking and challenges the “Groupthink”. I will do a thought-piece on Groupthink in the near future as its a really important factor in getting organisations to see the bigger picture
I am a long-standing advocate of the strenghts of ABCD, and the way in which it thrusts its users into thinking about their vulnerability to the assumptions which underpin their decision-making.
The “Black Swans” concept is interesting and adds another layer to the thinking that can be applied, i.e. focused upon Sensitivity as a priority for coonsideration. Irrespective of their probability, ‘catastrophic’ events, such they occur, as just that, so the provisions (financial) derived from a probability X impact equation could well fall short of what is required to deal with the actual impacts.
However, one issue that I do think we need to consider our ability to deal with the complexity of our assumptions, and therefore the associated risks.
For example, the complexity of financial markets both caused their recent problems, but, argueably, through the complexity of the various instruments, financial regimes (or lack thereof) also sustained the financial services industry in the face of events such as Barclays, Enron, etc.
Again, for example, great sensitivity to currency fluctuations can, in theory, be hedged (i.e. mitigated) but what if the underlying mitigation / contingency (in this case the hedge) is itself a risk; for example unexpected volatiliy of the currency used in the hedge?
I guess the point I am trying to make is that we typically deal with a lot of complexity, where any one event can be influenced by, or influnce, others. So, our line of sight into underlying cause (which is the real risk) can be blurred.
Therefore, perhaps what appears to be a benign White Swan might not be so. But, the above article is still valuable in directing our thinking in the right direction, although as noted above, the role of the independent expert who can peel back the compexities of our environment will be key to seeing the true colours of the swabs.
Terry – good stuff. The relationship bewteen assumptions can indeed get complicated but then it often gets to the point of thinking what your assumptions really are ie they may change under examination. If you suspect that complex relationships still exist you could use techniques such as Influence Diagrams to model the situation. See
http://systems.open.ac.uk/materials/t552/pages/influence/influenceAppendix.html
for a quick overview of this technique.
Isn’t the Black Swan syndrome a major element of benefit or opportunity exploitation and leadership? This can best be exploited by having an organization with the flexibility of mind, agility of process and innovative ‘first mover/trail blazer’ management style to move into new business spaces and opportunities? Being different from the crowd can generally be a positive attribute, rather than a sheep when trying to generate and exploit new market opportunities, especially in these interesting low carbon, sustainable business and fossil-fuel starved times in the future. Taking Rumsfeld’s insight – Look for the unknown unknowns and when known turn them to your advantage.
[...] 15th Jul, 2009 Avoiding Black Swans Read more [...]
Keith – just looking at the Eurostar fiasco http://www.independent.co.uk/news/uk/home-news/eurostar-cancels-services-amid-chaos-1846069.html
Is this what you would descibe as a Black Swan event or just a failure of operational risk management?
Don – I was just thinking about this one myself.
I think that this would qualify as a Black Swan event as, apparently, it is colder in N France now than it has ever been (?) In other words, if the trains were breaking down whilst operating within their normal parameters then this would “simply” be a failure of operational risk management.
If this is truly beyond their working specification (which actually I find difficult to believe!) then it is a Black Swan and could have been managed by addressing the potential for these extreme situations at the design stage.
[...] This post was mentioned on Twitter by Keith Baxter, Keith Baxter. Keith Baxter said: The Eurostar fiasco – is this a Black Swan? Blog update http://bit.ly/4XvEyv #riskmanagement [...]
Keith – so was the Xmas day “underpant” bomber a Black Swan? This is a loaded question
Don thanks for that! – I think that I know why this is a loaded question. There is no doubt that 9/11 was a Black Swan event ie no-one thought that such a terror attack was likely so very little was done to protect against it. After it had happened, people were expecting more attacks and took “appropraite” precautions.
The Xmas day “underpant” bomber came out of the blue again as no similar attacks had been attempted for some time. The answer would come out of how the assumption would have been rated and I think that this would have made it a Black Swan assumption at this time.
As I write this, there is a Twitter report of someone locked in an airline toilet claiming that they have a bomb. Given the recent alerts, this current incident is not a Black Swan event as security has been hightened since Xmas in anticipation.
Hope that this is clear?
Keith – you ask if the current Iceland volcano eruption is a Black Swan. Looking at the definitions it probably is but my question is, what could you do about it? Its clearly an “act of god” and therefore not even insurable. So guess the thing that I am interested in your view of is, whether it a Black Swan or not, what difference does it make?
Colin – thanks for the comment. The difference is that, having identified a Black Swan, you should then decide if and what to do about it. Aparently, the current situation is caused by two “unlikley” events – the eruption and the weather patterns. This was going to happen sooner or later and the airlines could/should have though what they might do about it – for instance, is it possible to fit some kind of filter over engines to stop the dist being sucked in?
9/11 was another classic Black Swan. After the event, businesses started to talk about “wild” things such as parachute escape and anti-aircraft systems for tall buildings. They should have had these discussion before the disaster not after. And if they had chosen to accept the risk at least they have thought it through and documented the reasons as a minimum.
Keith, so the obvious question is – is the current BP oil slick a Black Swan (pun intended)?
Hi Don – sorry for the delay in replying.
I believe that the BP situation actually falls into the same category as the icelandic volcano ie they are both things that could happen, were highly unlikely to happen but were both devastating impacts when they did happen.
So the BP oil leak is definitely a Black Swan in my book. The question is, if it had been identified as such beforehand, would this have made a difference? And of course it should have because, if the real impact here had been assessed, BP would probably have been driven to prepare some kind of “well-capping” device in advance – and even tested it. This wouldn’t have stopped the leak happening in the first place but it would have stopped it much sooner.
Keith,
Do you have any examples of Black Swan events that might occur (or have occurred) in the service industry where people are the main company assets (so law firms, consultancies etc).
Thanks,
Adam
Hi Adam,
Sorry for the delay in getting back to you – too much travelling at the moment. I do have experience in “service industry” Black Swans.
A good example was a big government contract that I worked on some years ago. A primary deliverable was the IT system and there was much focus on the risks to delivery. However, lurking in the background was the need to re-skill the current staff to cope with IT generally – before the specific system training. The general consensus was that there was plenty of time to do this (and “the system will probably be late anyway”).
Ultimately the system was delivered on time but the people were not ready – the scale of the change had been underestimated and the general IT skills of the staff had been greatly overestimated.
In the event the system sat idle for 18 months while the organisation caught up and the loss of benefits was catastrophic. And afterwards, everyone said “well you could see that coming…”