Five takeaways from the most comprehensive repository of corporate crisis data ever assembled

Register/login to receive updates

1. It’s not if. It’s when: No one is immune.

Nearly 7 in 10 (69%) leaders have experienced at least one corporate crisis in the last 5 years — and, of those companies, the average number of crises experienced is greater than 3.

What’s more, the risk scales up: companies with more than 5,000 employees are likely to have experienced more than 5 crises — an average of one per year.

The sheer number of crises reported is striking in light of our definition of the phenomenon: a major disruption to multiple functions of the enterprise — and one with the potential to significantly harm your reputation.

Clearly, crisis is here to stay. Nearly all respondents (95%) — including those who did not report a crisis — expect to be hit by one in the future.

Crises don’t discriminate. Like companies themselves, they come in all shapes, forms, and sizes — and no one, and no region is immune. What’s more, the very makeup of a crisis will vary by industry. For example, consider a wind storm: for a financial services company, it’s a meaningless event; for a utility, it could trigger a catastrophe.

What is a crisis?

For the purposes of this survey, we defined a crisis as a situation that:

  • Is triggered by significant internal and/or external factors or escalation of smaller incident(s)
  • Has an enterprise-wide, multi-functional impact
  • Creates disruption in normal business operations
  • Has the potential for reputational harm/damage

2. The diversity of crises keeps companies guessing

In order to capture the granularity needed for a study of this size, we listed 19 possible crisis triggers. We then sorted these into 7 broad categories — operational, technological, humanitarian, financial, legal, human capital, and reputational — to facilitate a broader analysis.

Over half of respondents (53%) say at least one of the crises they experienced was operational in nature, including operational breakdowns, competitive disruption, supply chain issues, and various forms of product failure — a statistic that makes sense, given the centrality of operations to any company’s lifeblood. Tech-related crises — triggered by technology failures and/or incidents of cybercrime — were cited by one third of all crisis responders, with humanitarian (29%) and legal (28%) categories of crises close behind.

What’s the reality for the largest companies? Organisations with 5,000 or more employees are most likely to experience crises related specifically to cybercrime (26%), natural disaster (22%), leadership (17%) or ethical misconduct (16%), including fraud, corruption and corporate malfeasance.

3. The most disruptive crises aren’t necessarily the most newsworthy

Companies list liquidity issues, technological failure, and operational disruption as the top three most disruptive crises they faced — hardly the front-page stories we see every day. Their future concerns, however, do skew toward larger, “in the news” crises such as cybercrime (38%), marketplace disruption (37%), or ethical misconduct (20%).

This apparent disconnect could be evidence of familiarity bias, where humans are predisposed to expect what they hear about or already know, despite the evidence. If the most disruptive crises aren’t the most newsworthy, the most newsworthy may not end up being the most disruptive, either — a potential blind spot when it comes to crisis-readiness. We know from experience that financial liquidity crises are often triggered by other business disruptions. Our data suggests that smaller companies tend to see financial crises as the trigger while larger companies view it as the impact of another disruptive crisis trigger.

The types of crises experienced varied considerably by region. While we tend to see technological or operational disruption most frequently in Western Europe, Australia, India, and Japan, financial liquidity crises were most common across the rest of Asia, Brazil, and Central and Eastern Europe, while natural disaster and cybercrime loomed largest in the US.

4. Who’s responsible for crisis management? Everyone — and no one

When it comes to pinpointing who “owns” crisis, it’s a mixed blessing. Interestingly, everyone from board members and CEOs to Legal to Risk to IT claim responsibility for a variety of crisis roles — preparedness, response, recovery, ERM, communications. This tells us that most senior executives want to be involved in helping their companies prepare for and respond to crisis, which is a positive sign. While our results tell us that companies have not aggregated around a single function that is best suited to “own” crisis, we also found that C-Suite respondents are significantly more likely to claim responsibility for these roles than non-C-suite ones, underscoring how crisis management is escalating as a necessary function for the corner office in this new normal to drive success.

That said, the “ownership map” clearly highlights the overlapping of roles and responsibilities, which should cause some concern given the importance of efficient coordination, communication, and decisions in crisis. This is highlighted by respondents ranking the ability to make timely and deliberate decisions as the second-largest area of vulnerability during their most disruptive crisis event.

Balancing the desire for help with the confusion that comes from having “too many cooks in the kitchen” is a critical element of crisis planning and response. In the end, it doesn’t matter who owns crisis — as long as someone clearly does and the roles are clearly defined. 

Another sign of how companies are becoming more sophisticated and attentive to crisis: nearly three quarters (74%) sought outside help either during or after their biggest crisis. Meanwhile, fewer than 3 in 10 (29%) say they have no staff dedicated to crisis preparedness or response. This trend towards committed internal and external resources demonstrate how crisis management is transitioning to be a strategic program to protect corporate strategy sponsored at the highest levels of the organisation.

5. Companies that emerge stronger from crisis do specific things

What doesn’t kill you makes you stronger. Of the 1,400 who had already faced a major crisis, 42% said they were “in a better place” post-crisis — with some even reporting revenue growth as a direct result of their management of the crisis. 

What’s their secret? Our report outlines the specific crisis preparedness steps these companies took to come out ahead of their peers. These are measures every organisation can and should be taking, right now, to emerge stronger and healthier from the crisis that — let’s face it — is likely to hit when you least expect it.

Take our pop quiz based on our Global Crisis Survey 

Find out what your Crisis Profile is by answering six questions about crises and compare your result to executives around the world.

Take the quiz

Contact us

Kristin Rivera

Partner, Global Leader, Forensics & Crisis, PwC United States

Dave Stainback

Principal, US Territory Crisis Leader, PwC United States

Follow us