GM Failure: Lessons to Learn

How does a corporation with an ERM program, which is recognized as one of the most effective worldwide, get caught in the grip of a strategic failure that is as damaging to their reputation and bottom line as the recent vehicle recall crisis? Investigations around the causes and contributing factors brought risk awareness, and the assignment of ownership to all business and non-business risks, firmly into the spotlight.

In February of 2014 General Motors recalled about 800,000 of its small cars due to faulty ignition switches. As of June of the same year, nearly 28 million cars worldwide: around 88% of these being in the USA, were recalled. Initial GM’s estimates put the bottom line damage at $1.2billion; however this figure is now closer to $3.8 billion affecting 30 million vehicles over 71 separate recalls.

Although individuals throughout the organization were exposed to the goals and objectives of the ERM strategy and program, this did not succeed in embedding and encouraging risk awareness. These failures were due to internal company operations, with the belief being that the switches were approved in 2002, even though they were aware that they probably wouldn’t meet safety standards. However nobody in the organization actually had ownership of this particular risk, and a risk assessment hadn’t been conducted in 10 years.

The risk owners allocated should not only be proficient at managing the risk, they should also have the necessary knowledge, resources and authority to deal with the risk in the necessary way. Consideration should be made in terms of the source of the risk, the person best placed to fully comprehend the risk and all its factors, as well as execute and implement what needs to be done. These owners should be required to assess their risks on a regular, ongoing basis, as well as provide updates on these risks during the necessary feedback sessions.

Further probes into the GM recall (although it must be said these probes were conducted by GM themselves) revealed that a lot of the blame was linked to cultural failings within corporate policies, mentioning issues such as prohibiting employees from using certain words that would intimate at product defects, thus blatantly turning a blind eye on intrinsic issues. These failings have been linked to a culture of management silos, where communication breakdowns lead to a situation where managers failed to communicate safety matters between departments and leadership levels. It was found that various pieces of information which could have highlighted the problem sooner were not shared with others, leading to what could have been a total corporate meltdown.

Some questions to consider:

• Do your managers take ownership of risks, and how often do they do an honest assessment of these risks?
• How do we avoid mistaking process for execution when it comes to our ERM strategy?
• What corporate cultures exist that might potentially threaten the achievement of objectives, and how do we eradicate these cultures?