Political risk has increased in Latin America, marked by an antiestablishment change in the region and in the world. It is a tangible risk because it leaves investments on hold during electoral contests.
In this interview, Federico Greppi, Marriott International’s CFO for Latin America and the Caribbean, talks about those political shifts and their effects, as well as a financial executive’s work to counter the risk of cyber-attacks and culturally accepted practices that are not always beneficial.
Q: What are the risks that have grown in importance in recent years and how are you mitigating them?
A: We focus primarily on economic risks, political risk in Latin America, natural disasters risk, and security risks.
Q: Does that work include physical security?
A: Yes, against organized crime or in certain places that have a travel warning from the U.S. Department of State. That affects us a lot. These are risks, but they are uncontrollable.
Q: Have any of these in particular grown in importance?
A: Political risk is the one that stands out. The political changes we are seeing throughout Latin America are a paradigm shift. There is a significant discontent in the voters. You see outsiders—I’m not giving my opinion whether it’s for good or bad—but [Mauricio] Macri won in Argentina, [Andrés Manuel] López Obrador won in Mexico against the establishment, and [Jair] Bolsonaro...in Brazil.
You could say that this is not … unique to Latin America. You might say Latin America is a follower. [Donald] Trump won in the United States, Brexit passed, [Marine] Le Pen competed in France, and now Euro-skeptic Giuseppe Conte won in Italy. That also happens in Latin America.
This risk generates uncertainty in the medium and long term, because we have developers who build hotels with our brands and often suspend construction until the president takes office or until the elections are defined. In Mexico, between the election at the beginning of July and the transition of power in the beginning of December there are almost six months, not complete inactivity, but the business community stays on standby waiting to see what will happen.
Q: What does a CFO do with those unmanageable risks?
A: What you [must not] lose as a business partner of the CEO is the vision of context, the trends. You mustn’t lose sight of the trends and where things are headed. It was announced that López Obrador was very likely to win. We had been doing our calculations and we were waiting for it. I lived in Mexico when he was the mayor of Mexico City and he was a good mayor. The reality is that he did pro-business things and operated well. So, the risk isn't significant.
I differentiate between trendlines and headlines. If you read headlines you get scared, but if you see trendlines, the level of risk is lowered a little.
But the important thing is not to lose peripheral vision, not to lose the context. If you lose the context, you lose yourself on the front page of the newspaper and it does not take you anywhere.
Q: What do you do in terms of administrable risks such as cybersecurity?
A: It’s not the sole responsibility of the CFO, at least at Marriott. Technology does not report to the finance department. It is a separate organization that stems from the importance of having back-of-house systems. We have huge global booking systems. From China, you can book rooms here at the Marriott in Medellín. All those systems that have to be online and centralized make for a very professional, highly developed technology department.
However, out of all the manageable risks, it is the most important. For me it is the one that keeps me awake at night. Especially, because I don’t know what can happen. It’s like fraud. How do you prevent fraud? People’s inventiveness is constantly evolving and there is always something new to do, but first it surprises you.
With cyber attacks we see that the criminal mind evolves to an extreme level and it is very difficult to anticipate. Really, very difficult.
Q: So, what is the CFO’s job in preventing cyber risks?
A: It’s working together with technology and making sure we have the systems in place, that there are system standards and that there are regular controls on access to the hotel network, that you can’t just come here and connect to a terminal and access.
We do that kind of audit. Have you noticed sometimes there are internet cables on the walls? We secretly send people and they connect, to see if they can access the hotel network. We do that type of surprise audits.
Q: In your experience in Latin America, is there a risk that is underestimated? Is there a case in which the trendline indicates that it is riskier than what the headline says?
A: The thing is, our local teams get used to practices that seem normal. I am Argentine, I am Latino, so I grew up with many practices that, to my understanding, while working in Argentina were normal. When you start working outside—I worked in England, Miami, New York—you begin to see that the world is not handled with the paradigms that you had in your head.
Q: Can you give an example?
A: As you know, we are regulated by the FCPA (Foreign Corrupt Practices Act). It is very difficult in the hotel industry to [communicate] to our teams that giving a box of wine to the municipality is not [permissible]. I am Latino, I understand it is done. Everyone does it. But it’s wrong, it’s not the right thing to do.
This interview was conducted by Latin Trade for Council of the Americas. It has been edited for length and clarity.