Avoiding Black Swans

Avoiding Black Swans

13:35 15 July in Business

n 2008, Nassim Nicholas Talib published a book called “The Black Swan”. A Black Swan is defined as being an event which has three characteristics; it is highly improbable, has massive impact and, in a strange way, appears almost inevitable after the event! Due no doubt to the timing of the book’s publication relative to world events, the term Black Swan has crept into business language. So how do we protect our businesses from Black Swans?

Black Swan Events

Talib coined the term “Black Swan” from the story of the discovery that black swans existed. Before the discovery of the New World, the Old World assumed that all swans must be white. In other words, if a black swan had never been seen, then it was assumed that the possibility of a non-white swan was so improbable as to be non-existent.

Examples of recent Black Swan events are 9/11, the success of Google and the current global financial crisis. Many people would say that any or all of these examples could have been predicted, but even if some people did foresee these events then no significant mitigating actions were taken or their impact would not have been so great.

For most growing businesses, a Black Swan event would be a risk, that has not been explicitly considered and that would lead to a major setback for the business and even complete business failure.

So why doesn’t risk management cope with Black Swans?

Traditional risk management relies on identifying risks based on the experience of the teams involved in the enterprise. If the risk is outside the experience of the group it is unlikely to be considered. Even if it is considered it is likely to be prioritised very low by being allocated such an extremely low probability rating.

Risk management is not really designed to identify Black Swan events. Risk management concentrates of managing the risks to the enterprise that would have a significant impact and have a reasonable probability of occurring. This is simply a way of prioritising all potentially “bad events” so that time and resource can be allocated. It is appropriate for ongoing business operations to focus on risks in this way, but this means that by applying traditional risk management methods, most Black Swan risks will not be identified and any Black Swan risks that are considered will be not be actioned due to their very low probability.

Brainstorming risks is highly unlikely to capture Black Swans. The exercise will either be too narrow, by staying within the comfort zones of the participants, or too broad by considering risks that are not relevant to your business (eg earthquakes in a non-earthquake zone).

In addition, the negative connotations of the word “risk” means that people have to change the way in which they think in order to identify negative events. A much more effective way to operate is to use ABCD Risk Management and consider the strategic assumptions of the business ie what are the things that must happen for your business strategy to succeed. Thinking assumptions rather than risks also helps to keep you focussed on the objectives of the business and grounds any “out-there” risks in the context of your enterprise.

The assumptions are analysed for risk using Sensitivity and Stability. Assumptions that are rated as CC or above are considered to be “risky assumptions”. However, up to this point, this is still a form of risk analysis and not Black Swan analysis.

Black Swan Assumption Analysis

So how do we use Assumption Analysis to identify Black Swans? Firstly we need to identify the strategic assumptions for our business. The strategy statement should be broken down into its constituent assumptions i.e. the things that need to happen to ensure that the strategy is achieved. Aim for about 10-20 assumptions and ensure that you consider both internal and external factors as much as possible.

The Sensitivity of the assumptions should all be rated as Cs or Ds or they are not really strategic! The Stability ratings could take any rating from A-D. However, unlike risk management, it is not the CC and above rated assumptions that we are interested in – these would be handled as “risks” and be part of the ongoing (strategic) risk management process. Black Swan assumptions will be rated as Sensitivity D and Stability A or B ie they will have a massive impact if they don’t hold but are considered to be fairly or very stable.

 We then need to further test the assumptions by considering relevant risk drivers in the world that could potentially affect our business strategy to a massive extent eg:

  • Market changes eg oil prices, currency fluctuations, credit availability etc.
  • Socio-political changes eg change of government, adoption of Euro etc.
  • Health crises eg flu pandemic, fall-out from dirty bomb etc.

Note that we are not looking for minor events here (eg oil prices rise by 10% per annum) but massive events (eg oil prices triple in 12 months) and the compound effect of events occurring together.

We can then use these drivers to challenge the Sensitivity and Stability ratings and change them if appropriate. It is important to note that it may not be possible to undertake an effective assessment of risk drivers without engaging an external industry expert to challenge the internal thinking. Some limited degree of academic input or management consultant involvement may pay dividends in breaking down what Irving Janis calls “Groupthink” – i.e. the tendency for homogeneous teams to fight too hard for consensus and to not consider alternative viewpoints – and therefore miss Black Swans.

An effective risk driver approach will inevitably move more assumptions into the risk management category where they can be dealt with appropriately. This will leave us with a small number of assumptions that are rated as D Sensitivity and A or B Stability and these are our potential Black Swan assumptions and events.

Managing Black Swans

These Black Swan assumptions will need to be considered completely separately from the risks. By their very nature, you do not think that they will happen and therefore you will not be pre-disposed to take action. You basically have one choice – to de-sensitise your business to the effects of the assumptions, but you have two ways in which this can be accomplished – proactively or reactively.

Proactive means that you will take action now to reduce the potential impact later. This could be done by building in redundancy or standby systems, creating emergency systems, tightening procedures etc.

Reactive would be to define contingency plans if the Black Swan did materialise. These may range from quite sophisticated to very basic if that is all that can be realistically done eg replacing automatic systems with totally manual ones.

The highly unlikely nature of Black Swans will tend to lead you towards reactive rather than proactive approaches but this is not always the right thing to do – think 9/11!

And of course the big factor is likely to be cost but this must be weighed against the potential massive impact if the Black Swan materialises. In the tsunami of 2004, 230,000 lives were lost and $15B of damage was done because the cost of a warning system, estimated at around $30m, was considered too expensive. That works out at $130 per life lost.

Good Black Swans

A final point to note is that Black Swans can be good as well as bad for your business. Some of the biggest business successes seemed highly unlikely but today Google and eBay are massive global businesses, the iPod has outsold all expectations and more recently the use of Twitter seems to be growing exponentially. Consequently, when considering your strategic assumptions, don’t just look for the risks, look for investment opportunities.

  • Keith Baxter
    Keith Baxter 20:19h, 10 June Reply

    Keith, so the obvious question is – is the current BP oil slick a Black Swan (pun intended)?

  • Keith Baxter
    Keith Baxter 15:52h, 10 June Reply

    Hi Don – sorry for the delay in replying.

    I believe that the BP situation actually falls into the same category as the icelandic volcano ie they are both things that could happen, were highly unlikely to happen but were both devastating impacts when they did happen.

    So the BP oil leak is definitely a Black Swan in my book. The question is, if it had been identified as such beforehand, would this have made a difference? And of course it should have because, if the real impact here had been assessed, BP would probably have been driven to prepare some kind of “well-capping” device in advance – and even tested it. This wouldn’t have stopped the leak happening in the first place but it would have stopped it much sooner.

  • Keith Baxter
    Keith Baxter 09:49h, 10 July Reply

    Hi Adam,

    Sorry for the delay in getting back to you – too much travelling at the moment. I do have experience in “service industry” Black Swans.

    A good example was a big government contract that I worked on some years ago. A primary deliverable was the IT system and there was much focus on the risks to delivery. However, lurking in the background was the need to re-skill the current staff to cope with IT generally – before the specific system training. The general consensus was that there was plenty of time to do this (and “the system will probably be late anyway”).

    Ultimately the system was delivered on time but the people were not ready – the scale of the change had been underestimated and the general IT skills of the staff had been greatly overestimated.

    In the event the system sat idle for 18 months while the organisation caught up and the loss of benefits was catastrophic. And afterwards, everyone said “well you could see that coming…”

  • Avatar
    guest 12:27h, 10 June Reply


    Do you have any examples of Black Swan events that might occur (or have occurred) in the service industry where people are the main company assets (so law firms, consultancies etc).



  • Keith Baxter
    Keith Baxter 16:53h, 10 January Reply

    Keith – so was the Xmas day “underpant” bomber a Black Swan? This is a loaded question ;-)

  • Keith Baxter
    Keith Baxter 17:10h, 10 January Reply

    Don thanks for that! – I think that I know why this is a loaded question. There is no doubt that 9/11 was a Black Swan event ie no-one thought that such a terror attack was likely so very little was done to protect against it. After it had happened, people were expecting more attacks and took “appropraite” precautions.

    The Xmas day “underpant” bomber came out of the blue again as no similar attacks had been attempted for some time. The answer would come out of how the assumption would have been rated and I think that this would have made it a Black Swan assumption at this time.

    As I write this, there is a Twitter report of someone locked in an airline toilet claiming that they have a bomb. Given the recent alerts, this current incident is not a Black Swan event as security has been hightened since Xmas in anticipation.

    Hope that this is clear?

  • Keith Baxter
    Keith Baxter 10:09h, 10 April Reply

    Keith – you ask if the current Iceland volcano eruption is a Black Swan. Looking at the definitions it probably is but my question is, what could you do about it? Its clearly an “act of god” and therefore not even insurable. So guess the thing that I am interested in your view of is, whether it a Black Swan or not, what difference does it make?

  • Keith Baxter
    Keith Baxter 18:19h, 10 April Reply

    Colin – thanks for the comment. The difference is that, having identified a Black Swan, you should then decide if and what to do about it. Aparently, the current situation is caused by two “unlikley” events – the eruption and the weather patterns. This was going to happen sooner or later and the airlines could/should have though what they might do about it – for instance, is it possible to fit some kind of filter over engines to stop the dist being sucked in?

    9/11 was another classic Black Swan. After the event, businesses started to talk about “wild” things such as parachute escape and anti-aircraft systems for tall buildings. They should have had these discussion before the disaster not after. And if they had chosen to accept the risk at least they have thought it through and documented the reasons as a minimum.

  • Keith Baxter
    Keith Baxter 10:41h, 14 December Reply

    Keith – just looking at the Eurostar fiasco http://www.independent.co.uk/news/uk/home-news/eurostar-cancels-services-amid-chaos-1846069.html

    Is this what you would descibe as a Black Swan event or just a failure of operational risk management?

  • Keith Baxter
    Keith Baxter 10:49h, 14 December Reply

    Don – I was just thinking about this one myself.

    I think that this would qualify as a Black Swan event as, apparently, it is colder in N France now than it has ever been (?) In other words, if the trains were breaking down whilst operating within their normal parameters then this would “simply” be a failure of operational risk management.

    If this is truly beyond their working specification (which actually I find difficult to believe!) then it is a Black Swan and could have been managed by addressing the potential for these extreme situations at the design stage.

  • Avatar
    guest 12:22h, 14 December Reply

    […] This post was mentioned on Twitter by Keith Baxter, Keith Baxter. Keith Baxter said: The Eurostar fiasco – is this a Black Swan? Blog update http://bit.ly/4XvEyv #riskmanagement […]

Post A Comment