What drives reputational risk? Evidence from textual risk disclosures in financial statements

Corporate reputation is a critical asset, especially for financial institutions whose business models rely on trust. Damage to reputation can lead to significant financial losses, as exemplified by the UBS rogue trader scandal. While reputational risk has garnered increased attention from managers, regulators, and academics, research on its drivers remains at a preliminary stage. The Basel Committee on Banking Supervision (BCBS) encourages identifying reputational risk sources, yet a comprehensive and objective understanding is lacking. This paper addresses this gap by systematically identifying reputational risk drivers from textual risk disclosures in financial reports. These disclosures, mandated by the US Securities and Exchange Commission (SEC) since 2005, offer valuable, albeit unstructured, data reflecting senior managers' risk perceptions. The challenge lies in extracting this information from the massive volume of unstructured text. The authors employ a text mining approach, a modified Sent-LDA model, to overcome this hurdle and provide a more objective and comprehensive identification of reputational risk drivers.

Existing literature on reputational risk focuses primarily on reputational damage after crisis events, neglecting proactive risk management. Most empirical studies link reputational risk to operational risk events, such as internal or external fraud, observing reputational losses following operational risk announcements. However, the literature acknowledges that other drivers may exist. Previous attempts to systematically identify reputational risk drivers relied on expert opinions or summaries of prior studies, resulting in incomplete and subjective lists. This study leverages the rich information within the risk factor sections of Form 10-K filings to address this limitation, offering a more data-driven approach.

The study employs a text mining approach to extract reputational risk drivers from the textual risk disclosures in Form 10-K reports. The authors utilize a modified version of the Sent-LDA topic model, an unsupervised machine learning technique. The original Sent-LDA model is adapted to handle the characteristics of reputational risk disclosures, which often contain many noise words like “reputation,” “reputational,” “risk,” and “condition.” To improve accuracy, the authors introduce a word intrusion task to identify and remove these noise words. This improved Sent-LDA model is applied to a corpus of 352,326 risk headings extracted from 11,921 annual reports. The model clusters risk headings reflecting similar drivers into topics. The importance of each driver is quantified by calculating the proportion of risk headings assigned to that topic. Perplexity, a metric indicating the model's coherence, is used to determine the optimal number of topics, ensuring the model's effectiveness and preventing overfitting.

The improved Sent-LDA model identified 13 reputational risk drivers. Seven of these drivers had not been previously identified in the literature. The most prominent drivers, based on disclosure frequency, were "inadequate information safeguards" (20.15%), "system interruptions" (15.19%), and "litigation risk" (10.07%). Operational risk events accounted for 52.19% of the disclosures, confirming their significance in reputational risk. The analysis also revealed differences in the importance of risk drivers across different financial subsectors (banks, diversified financials, and insurance). Banks prioritized "partners' performance" and "investment risk." Diversified financials focused on "human error" and "regulatory scrutiny." Insurance companies emphasized "fraud." Finally, an upward trend was observed in recent years for the drivers related to information safeguards, system interruptions, partners' performance, product and service problems, and loss of professionals. This trend is linked to the rapid development of fintech, leading to increased reliance on online systems and partnerships.

The findings highlight the increasing awareness of reputational risk within financial institutions, as evidenced by a significant increase in disclosures over time. The identification of 13 drivers, including seven novel ones, significantly extends the current understanding of reputational risk. The confirmation of operational risk's importance and the revelation of the upward trend in data security risks due to fintech underscore the need for more comprehensive risk management strategies. The subsector-specific analysis highlights the importance of tailored risk management approaches based on the specific characteristics of each subsector. The methodology demonstrates the potential of applying text mining techniques to analyze unstructured data in finance and accounting research.

This study makes several key contributions. First, it offers a systematic and objective method for identifying reputational risk drivers using text mining techniques. Second, it expands the known set of drivers, especially those related to information and system security and legal risks. Third, it confirms the importance of operational risks while highlighting the growing significance of data security and system reliability in the age of Fintech. Future research could explore other methods of quantifying driver importance, such as measuring market reactions or stock price volatility following reputational events.

The study relies on the information disclosed in Form 10-K reports, which may not capture the full spectrum of reputational risks. The importance of drivers is measured by disclosure frequency, which might not perfectly reflect the severity of potential losses. Future research should explore alternative metrics, such as the impact on market value or customer confidence, to better assess the relative importance of different risk drivers.