Sorry doesn’t have to be the hardest word

July 24, 2018


It should not be so hard for companies to “Sorry.”

Recently, I was mulling over the different responses I normally see during a crisis meeting if the CEO asks, “What happens if we just apologize?

General Counsel: panic.  

“No. We can’t do that. We can’t accept blame because of the implications it’ll have on us in litigation.”

VP of Communications: enthusiasm.

“Absolutely. We have to apologize, and you personally, Mr. CEO, is the one that has to do it but let’s be careful about the exact wording we use.”

VP of Operations: hesitation.  

“What are we apologizing for? We still don’t know what happened in this situation.”


Situations like that play out in most crises situations that I’ve been involved in. Companies repeatedly debate and wordsmith the details of what they say in statements to the media but often they fail to simply say, “I’m sorry” when it’s appropriate.

And I got to thinking that maybe Elton John was right.  Maybe sorry is the hardest word to say.  But why?

There are lots of reasons for not saying sorry and the General Counsel’s view above is just one of them.  In addition to the concern that saying sorry admits fault, there may be cases where the company thinks it has apologized but never actually uses the phrase “I’m sorry”.  At other times, the company may genuinely feel that they are not at fault.

Whatever the case, my advice is that when you have been part of something that has caused loss, damage, disruption or hurt, strongly consider saying sorry.

Exactly what you are saying sorry for relates to the event itself and we can use my basic risk framework to help understand this.

spe risk framework

I use this framework to look at the type of risk that the company has encountered before they take that big step of actually apologizing.  This helps me determine if they are dealing with a strategic, preventable or external risk as each of these will be handled slightly differently.  Each still requires someone to say “I’m sorry” at some stage but let’s see how the exact approach might differ.

A strategic risk is a risk that you took intentionally to achieve some strategic benefit.  Assuming that you have an appropriate reputation mindset, practice effective outreach and communicate with those involved, the fact that you are taking this risk shouldn’t be as much of a surprise as you announced this in advance.  Moreover, you were (hopefully) taking the risk for the right reasons – to improve the organization and how it serves others.

However, trying to do what you perceive as a good thing, even something as simple as giving away a free album, can backfire.  In the case of a strategic risk, you need to explain what you were trying to achieve but admit you got it wrong.  ‘We are sorry we got this wrong. This is what this change was intended to do.  Here are the reasons why we thought it was a good thing and here are third parties who think so as well.  Here’s how we are going to fix this.

Preventable risks, on the other hand, are risks where there is zero tolerance from those affected, from the public, or from regulators and the authorities.  These were not risks you took to improve things, but rather risks that you neglected to do anything about that could have been prevented. In this case, you are at fault and owe everyone an apology.  So you have to apologize and be as honest and forthcoming about what happened because people need to know what you are going to do and what they need to do. And clearly explain how you are going to fix it.

And the faster you can do this the better.

For example, if there is a contaminated product in the market, there are two parts to the recall.  The first is the company’s efforts to recover all the product that exists in the supply chain through to the point of sale.   The second is by consumers who need to check their shelves and to return or destroy any suspect product. Remember, a consumer cannot be contaminated by something that remains in the supply chain so this second public effort is critical.

The hardest thing with a preventable risk is that you are entirely at fault: you messed up and this is a hard thing to stomach.  Unfortunately, you still have to confess your mistake, no matter how hard this is. Avoiding saying sorry, or blaming someone else, will only make matters worse.

By the way, whether you say ‘sorry’ or not will have no impact on likelihood of litigation.  I have come to the conclusion that it is not a matter of if you get sued, it is when in the process do you get sued.

Finally, for external issues you are apologizing from a position of empathy because you are likely also affected too. External risks come from outside your organization and fall into the force majeur category which can include active shooter situations or severe weather.  In these cases, you are apologizing in recognition that you cannot continue with ‘business as usual’ but will do whatever you can to get things back up and running as quickly as possible for those who matter most. Power companies in the northeastern US have to go through this every winter as they try to restore service to areas that are blanketed with snow while their own crews may have no power at home and struggle to get to work.

Therefore, the type of risk will determine how you are saying sorry but that doesn’t remove the basic need to actually apologize. So, whatever the situation, there is still a need to say sorry as clearly and as early as possible.

Despite that, in late 2017 and early 2018 Facebook, Wells Fargo and Uber have all shown that sorry is still the hardest word. During this time, these companies spent millions of dollars trying to atone for past behaviors and trying to win people over with highly produced brand boosting ads. However, a lot of this spending took place when a simple ‘I’m sorry, we are going to fix this’ at the outset, along with a genuine attempt to solve the problem, could have fixed everything.

However, even when an apology is issued, a second problem often arises. Instead of clearly saying sorry, what actually happens is that the organization issues a non-apology.

The non-apology is easy to spot because it is followed by ‘if’ or ‘but’.  Adding caveats waters down the apology but worst of all, this can end up transferring blame to those who were affected. For example, if your CEO is caught on tape being abusive, racist or sexist, saying “We are sorry if anyone might have found these comments unacceptable” sounds a lot like the problem isn’t with the CEO, but the listener’s overly-sensitive ears.

The other non-apology flat out tries to shift blame.  This is what we saw with the earliest statements after the Deepwater Horizon disaster in the Gulf of Mexico where BP seemed to be trying to pin everything onto the rig operator.  A non-apology also happens when the company lets too much time pass before saying anything. That was United’s problem after a passenger was assaulted and dragged off one of their aircraft. It took United two statements and an internal memo before the CEO actually came out and made an apology.  The phase ‘a day late and a dollar short’ comes to mind here.

When you get to that stage of apologizing, there is a simple three-recipe for an effective corporate apology.

First say you’re sorry.  Take responsibility, be clear, be sincere, and do it quickly. And make sure that the most senior person in the organization makes the apology in person – a press release or front-page ad alone just won’t cut it. This is when the CEO must step up.

Second, quickly appoint a special committee/group to look into the situation, cooperate with investigators and make an honest attempt to find out what went wrong. If it is pretty straight forward jump to #3 and just fix it.

Third, fix the problem(s).  Announce the changes to policies, practices or personnel which get at the root of the issue and ensure that these changes are implemented.  Only when notable change has been enacted can you really say that the apology is complete. Like a promise, it only matters if you keep it.

So be clear, say sorry and, most importantly, follow up and fix the problem.  Otherwise, a half-hearted or non-apology is worse than saying nothing. This is when your reputation is destroyed and the cases where the litigators win.

That standard model has worked for years when companies truly did something that they simply should not have done. So make sure you understand your risks, talk about these with your team and work out what you might have to apologize for and how would do it.  That will allow you to be fast, apologize when you have to, empathize when you need to, but communicate in a way that allows you to tell the stories that are most important to you.


Filed under: Blog


Bill is a reputation management, crisis communications and professional development expert, keynote speaker, Wall Street Journal Risk & Compliance panelist, and best-selling author of Critical Moments: The New Mindset of Reputation Management. He has more than 25 years of global experience managing high-stakes crises, issues management, and media relations challenges for both Fortune 500 companies and winning global political campaigns.