Arjen Boin and Martin Lodge / Jul 2019
One of the less visible, but nevertheless prominent features in European governance over the past two decades has been the formalization of crisis management in public administration. Whatever level of government, there is hardly a bureaucracy left that does not house a crisis room and a trained crisis communications team. In addition, there has been a parallel embrace of formalized approaches to risk management: no modern bureaucracy worth its salt wants to stand accused of not being ‘risk-based’ in its approach.
The institutionalization of risk and crisis management in contemporary bureaucracy writ large – including ministerial departments, regional and municipal administrations as well as regulatory agencies – may offer some reassurance to citizens. At the same time, it has created a “blind corner” for potentially threatening developments that may one day pose huge challenges to these bureaucracies and therefore European societies. These new challenges are emerging and morphing in what we call the Twilight Zone between crisis and risk management.
We are referring here to the phenomenon of creeping crises: developments that carry crisis potential, but have not been formally recognized as such. These creeping crisis fall between the cracks of organisational attention because of the hard boundaries between the worlds of crisis and risk management. These boundaries come naturally, as these worlds are really very different. They are governed by different paradigms and different tools.
The world of risk management is largely one of calculating probabilities of nasty events and assessing the level of impact should these materialize. It’s about managing day-to-day activities so as to mitigate the likelihood of adverse events from occurring. It is a world in which careful assessment, calculation, regulation and monitoring take centre stage. There is no focus on immediate threats; urgency does not feature prominently. The potential threat has been defined and its possible paths of emergence are more or less known (or believed to be known). It is a world of monitoring to ensure timely discovery of emerging threats, but also to safeguard the smooth operation of the system in question. A sense of control is accomplished through standard operating procedures that govern reporting requirements, inspections and potential interventions; the aim is to shape behaviours so as to ensure that a crisis simply does not occur. This is the world of ensuring inter-agency collaboration on the basis of (usually long-forgotten) memoranda of understandings. There is generally little involvement from organizational leaders.
The world of crisis management begins where the risk world ends. It handles ‘risks come true’– acute events that are described in terms of urgency, threat and uncertainty. The world of crisis management is one of urgent decision-making, action-packed crisis rooms and the chaos of Ground Zero. This is the world of well-drilled professionals doing the best they can. It is the world of the crisis leader who must take timely and sometimes dramatic decisions. It is the world in which the strategic domain is separated from the world of operations by different professional cultures and perennial information bottlenecks. In this world, technologies are often found wanting and planned efforts to coordinate the response network are easily undermined by inherent capacity limits.
The borders between these traditional worlds are defined by two key variables: urgency and uncertainty. In the risk world, the level of uncertainty is relatively low; the threat is defined, the chance that it may occur is known. There is no urgency, as the threat has not materialized in this world. In the world of crisis, the opposite is true; the level of uncertainty is high as is the level of urgency. This explains why these worlds have very different modes of governance.
This traditional distinction creates opportunities for creeping crises, those slow-moving, hard-to-detect and ever-developing threats that require sustained attention and effective intervention if they are to be controlled. Examples include demographic or climate change, the shifting security environment, exotic diseases in far-away countries, economic anomalies, energy challenges, and, of course, Brexit. Think of Europe’s crowded airspace, which may lead to midair collisions. Think of antimicrobial resistance, which may facilitate new epidemics. Think of universities, hospitals or other care facilities facing potential financial collapse. Yes, there is trouble. But whether this trouble will lead to a crisis, especially at systemic level, is shrouded in ambiguity.
These creeping threats receive little attention in the traditional risk domain, because they are hard to precisely define and consequences cannot be appropriately assessed; they are rejected in the crisis domain, as they have not reached the threshold that must be met to be recognized as a real crisis event.
This Twilight Zone between risk and crisis land is a breeding ground for new threats. In this Zone, threats do not develop in a linear or even progressive fashion; apparent improvements in the situation may conceal longer term deepening of the threat(s). This deep uncertainty is accompanied by an absence of immediate urgency, even if the destructive potential of the threat is easy to imagine, including likely accompanying political dynamics. It is the entrance point for transboundary threats that originate in far-away domains but can easily travel the ‘un-bordered’ links between systems everywhere.
This Twilight Zone calls for a new type of organization with specific resources to monitoring creeping crises. Attention needs to be maintained, which is a challenge within single organizations, let alone where such efforts require inter-agency cooperation. The challenge is to determine when a monitored threat no longer fits the risk domain or when it must be ‘promoted’ to the crisis domain. When is a threat “manageable” and when does it become a crisis? When insolvency hits and the shutters literally come down on certain activities, the issue can immediately be forwarded to the crisis domain. In absence of urgency in this twilight domain, there is always a temptation to move a threat back to the risk domain – as there are no established governance structures to deal with this particular type of phenomenon. In other cases, it may be a challenge not to go in outright crisis mode, declaring circumstances to be critical and urgent.
These challenges are already considerable in the context of national jurisdictions where there might be some settled policy consensus. In the context of the European Union, however, such challenges are currently nearly unsurmountable, given that member states do not just disagree about policy, but the nature of European cooperation as such.
We can point to a number of areas where “watchful crisis monitoring” has already started to assume importance, without much recognition of the unique challenges involved. We can learn from organizations that prepare for ‘bail ins’ or for spare capacities for ‘stranded’ patients, students or holiday-makers. We can learn from the intelligence domain, where work arounds are being created (“joint centres”) to navigate hard bureaucratic borders. We suspect that these areas are not the only ones that feature this new type of crisis management, but they indicate how different these activities are from the traditional risk and crisis governance modes. Given the centrality of potential threats for social and economic life, it is high time that the unique properties of this Twilight Zone are placed at the centre stage of attention.