"Digital responsibility safeguards SMEs from reputational risks"

Digital transition poses numerous challenges for companies, including security, reputation, and operational issues. Corporate Digital Responsibility (CDR) principles are designed to help mitigate these risks. Vincent Kaufmann, director of the Ethos Foundation, explains.

Cybersecurity, data protection, transparency, and social and environmental impacts: digital transformation brings numerous risks to companies. Prevention begins with compliance with stringent regulations, such as the New Federal Act on Data Protection Act (nFADP) or the obligation to report cyberattacks to the relevant authorities (only in German, French and Italian), which will take effect in 2025. However, companies can go further by adopting Corporate Digital Responsibility (CDR) principles. These guidelines aim to better protect their customers, partners, and employees from the dangers associated with digitizing their activities. Vincent Kaufmann, director of the Ethos Foundation—a specialist in socially responsible investing established by pension funds—explains.

Ethos released its third study on Corporate Digital Responsibility (CDR) this year. What conclusions can be drawn from it?

Vincent Kaufmann: The results are still mixed, although they show improvement year after year, especially in cybersecurity and transparency. This is due to companies gradually becoming more aware of cyber threats and the potential damage they can cause. New regulations, such as the nDPA, have forced companies to implement measures for data protection and transparency.

We also see promising developments regarding environmental issues, with growing awareness among businesses about the importance of sustainability. For example, companies can take simple steps to reduce the carbon footprint of their digital activities, such as optimizing data storage and website design, and using refurbished equipment. An increasing number of organizations are embracing these practices.

What are the key challenges of Corporate Digital Responsibility (CDR)?

Kaufmann: It involves understanding the implications of digital transformation and addressing them with appropriate measures. We have identified seven pillars: governance, transparency, data protection, artificial intelligence, sensitive activities, social impact, and environmental impact.

The rise of generative artificial intelligence presents both risks and opportunities for businesses. How can these tools be integrated responsibly?

Kaufmann: We urge companies to implement measures to mitigate the social impact of these new technologies. As representatives of pension funds (note: the Ethos Foundation, which promotes socially responsible investing, currently has 252 members, the vast majority being pension institutions), we must also ensure the preservation of jobs, as they are crucial for funding retirements.

A responsible approach to AI involves prioritizing continuous training and task adaptation, or even reducing working hours, rather than eliminating jobs. To ensure the quality of AI-driven services, we recommend paying close attention to the quality of the data used to train algorithms, thereby minimizing the risk of analytical bias. Furthermore, if the machine generates results that specialists cannot explain, we advise against using those results.

Ethos' CDR studies focus on large companies listed on the Swiss stock exchange. Can SMEs also enhance their CDR?

Kaufmann: Yes. Regardless of the company's size, cybersecurity is often the first step to consider. Small businesses can also be targeted by cyberattacks, and the consequences, such as suspending operations for several days, are often underestimated. We also advise companies to avoid relying solely on one digital service provider. Many providers offer comprehensive solutions, which can be difficult to disengage from later, especially if prices suddenly increase. Before entrusting their data and their customers' data to a provider, businesses should thoroughly research their practices. In this area, it is best to seek advice from professionals.

These steps are numerous and potentially costly. Why should SMEs still be interested in them?

Kaufmann: Digital responsibility protects SMEs from existential threats like cyberattacks and reputational risks. Failing to commit to or be transparent about data management, staff training on new technologies, or effective carbon footprint reduction can tarnish the company's reputation with customers, employees, the public, and investors.

Are there simple and accessible ways to learn about CDR?

Kaufmann: Yes, several online tools are available that explain the fundamentals of CDR and raise awareness of its issues. In Geneva, for example, the School of Management and the University collaborated with the canton to develop a tool that is both accessible and educational. This tool allows anyone interested to familiarize themselves with CDR through practical and inexpensive advice. Additionally, the Institute for Responsible Digital Technology (INR) offers excellent training on the ecological footprint of digital technology.


Information

Last modification 03.07.2024

Top of page

News and useful information for founders and entrepreneurs.
https://www.kmu.admin.ch/content/kmu/en/home/New/interview/2024/digital_responsibility_safeguards_smes_from_reputational_risks.html