There is a number - 72 - that I can't get out of my mind. It’s the percent of airline loyalty programs ‑ 72% - that claim to have been victims of fraud.
I've used this number before, most recently in an article in which I shared a few thoughts about loyalty program fraud. The number came to mind again this week during a crisis communications webinar hosted by the Loyalty Fraud Prevention Association (LFPA).
[KGVID]https://thinkinkpr.com/wp-content/uploads/2017/04/LFPA-ThinkInk-PR-Crisis-PPT-170403_REV.mov[/KGVID]
Airlines and other industries are actively addressing fraud issues - and there is no better evidence than the 2016 formation of the LFPA. The association is working on several fronts, including sharing information about technology and business practices that will defend airlines and other industries from fraud, hacking and the theft of valuable points and miles.
I tend to think that program managers and their IT and risk management partners will eventually win the war against fraud, but in the meantime there is enormous pressure on all companies to develop, maintain and effectively implement crisis communications plans that will protect their brand as well as loyalty program members.
An example I used during the webinar was the late 2016 communications fiasco triggered by Yahoo when it divulged a security breach that may have involved more than one billion accounts. It turned out that the breach had been discovered in 2013 but went unreported and, worse still, followed a separate 2016 cybersecurity incident involving 500 million accounts.
At the time, Yahoo had reached an agreement to sell the company to Verizon for $4.8 billion. That price was quickly negotiated downward, presumably to the dismay of Yahoo equity owners. The brand was in tatters. But of course the real victims were Yahoo's users.
Quite apart from the security shortcomings, Yahoo broke major rules in the PR handbook, starting with its inexplicable delay in notifying users. But if its clumsy handling of the episode was of historic scope, the battlefield is littered with many examples of crisis PR failures - and some successes - in wake of data breaches.
In the LFPA webinar, I laid out a few guidelines that bear repeating:
- Have a solid but flexible crisis communications plan in place, and make sure it is both current and clearly understood by key players across marketing, communications and operations.
- When a crisis occurs, have systems in place to distribute accurate information quickly.
- Even if you don't have all the information immediately after a breach, don't delay in telling program members when they are potentially affected by fraud or data breaches.
- Have an open, honest narrative that will clearly convey your concern for members and commitment to fix any underlying security issues. (A mea culpa will go a long way.)
- Follow up with your members after the event to let them know the status of any remedial security efforts and to assure them that you have their interests at heart. Because you do, right?
I think the last two points were well illustrated earlier this week when Wells Fargo's new CEO followed up on last year's scandal involving an incentive program that prompted some employees to defraud many of the bank's customers. CEO Tim Sloan published an open letter thanking customers for their loyalty and to share progress on reforming its sales practices.
“As we work toward rebuilding the trust of our customers, team members, community partners, and shareholders," Sloan wrote, "we are committed to keeping our stakeholders informed. This is why we are not only thanking them, but also sharing the significant progress we have made to make things right, fix problems, and build a better Wells Fargo, recognizing much work remains that we are committed to do.”
Given the mess in which Wells Fargo found itself, I think Sloan took a significant step to repair some of the damage to the battered brand. Importantly, his letter sounded as if it came from a thoughtful and engaged human being. This type of action illustrates the importance of not just working with a plan, but also having an authentic voice and tone that will connect on an emotional level with customers affected by - or appalled by - egregious corporate shortcomings.
If you like this post, here are a few others you might also enjoy reading:
