Protests at AGMs are becoming more organised and coordinated than ever before. A strategy of “zooming out to zoom in” will spell the difference between spiralling disruption and protecting your shareholder meeting, says Protective Intelligence analyst Charlie Burnett Rae.
Environmentalists glueing themselves to seats at Barclays’ AGM. Abba flash mobs and baths filled with “greenwash” at the HSBC AGM. Chants of “We will, we will stop you!” to the tune of Queen’s 1977 rock anthem “We Will Rock You” at Shell’s shareholder meeting.
These incidents have been filling headlines at a continuously high tempo in recent years. And it isn’t just banking giants and oil companies that are feeling the heat. Stoked by conspiracy theories, vaccine backlash and the perceived failures of democracy in the tumultuous pandemic years, pharma and even consulting firms have found themselves in the crosshairs of protestors who see AGMs as the perfect platform to influence the company’s agenda and gain publicity for their cause.
For corporate security teams, ensuring the safety of shareholders and guests is paramount. But too often, they take a tactical approach to protecting their people, property and proceedings against the risk of a security emergency, focusing on the location’s vulnerabilities and events on the ground.
Yet, today’s protest landscape is increasingly unpredictable, marked by novel grievances and ongoing efforts to try something new. Zoom in too closely on tactical intelligence and you risk missing key information that can help you mitigate the threats that you face – such as understanding the grievances and tactics of protest groups that are likely to target you. A better approach is to zoom out and map the entire threat landscape well before the event.
We’re in a historic age of dissent
Studies have shown that the number of protests globally has tripled between 2006-2020. AGM disruption is just one arm of a broader global movement that has been gaining steam for a while.
In the UK alone, recent years have seen a boom of activism from Extinction Rebellion, Insulate Britain, Greenpeace and Just Stop Oil, alongside a proliferation of grassroots social justice / anti-lockdown / anti-vaccine protests. Increasingly, these groups have been taking their advocacy from the streets to AGMs — and protestors are becoming increasingly theatrical to get their point across.
Tactics include singing, chanting, setting off rape alarms, spraying paint, rushing speakers on the stage, abseiling down buildings, glueing and handcuffing people to venues and generally being disruptive — anything to get media attention and hold it. Today, a protest is as much about the photo opportunity as it is about halting the meeting; the ultimate aim is a viral video which encourages more action.
Irritating? Yes. Threatening? Often. Reputation-damaging? Definitely, especially if security teams respond to protestors in inappropriate ways. Disruption can also create a media frenzy that drowns out the messages you want to convey on your performance, green initiatives and so on – overshadowing your event in unfortunate ways.
Organised, trained and coordinated: The new shape of protest
Carnivalesque disruption is only the tip of the iceberg. The specialists on our Protective Intelligence team report that compared to even last year, the direction of travel is towards more strategic, planned and coordinated protests. Since AGMs take place on a 12-month cycle and usually within five months of the end of the financial year, there’s plenty of time for protestors to plan their approach in readiness for AGM season.
If there’s one trend that’s shaping AGM protests, it’s the emergence of large-scale organisations.
No longer content to line the route shareholders take to the front door, protestors are now buying shares to gain legitimate access to the meeting. Once inside, they quietly pass security checks before ripping away their business clothing to reveal protest slogans beneath. Some groups are openly training activists to do this, bringing a degree of professionalism to protests that would have been unimaginable just a few years ago.
Groups are also cooperating. They are sharing tactics and resources, even lending shares to each other to facilitate AGM infiltration. Organisers are very aware of the tools they can use to build momentum during protests, including encrypted messaging channels and the deep and dark web. Unless security leaders are actively monitoring these sources, it will be very difficult for them to spot the warning signs of a planned protest.
For corporate security teams, this complex web of interconnectedness is a game-changer. It means your lens has to be almost impossibly wide as the red flags of an upcoming protest may be waving in places you least expect.
Zoom out to zoom in
Zoom functions on digital devices allow us to view images from different perspectives. It’s an apt metaphor for what security teams are dealing with. Zoom in and you get a close look at the details — venue vulnerabilities, security controls, the prior tactics of known adversaries and so on. But you will miss the contextual nuances and subtle warning signs of planned disruptive action.
Zoom out and you get a view of the whole threat landscape. What’s the sentiment on socials and dark web platforms regarding your company? Who is chatting to whom and about what? Which threat actors with an interest in your company are attending training courses and what tactics are they being taught? Are specific executives being mentioned? What’s the significance of the banners protestors have been holding? Is a cause-supporting celebrity landing in the city around the time of the AGM, and is their presence likely to whip up more support, and therefore more disruption? Are there signs of an insider threat, for example, some form of ‘defection’ by an employee who will be present at the AGM?
Slotted together as part of a wider picture, these details can give security teams an extremely powerful early warning system as well as the knowledge necessary to take better-informed, more proactive decisions about how to react to protests.
Zooming out is a critical part of our Protective Intelligence service. This bespoke solution helps companies safeguard their people, assets and organisation, by monitoring, investigating and assessing client-specific threats online, including on the dark web.
Helping clients understand their threat landscape in the weeks leading up to their AGM is a frequent assignment, and also during the event if it is deemed to be at probable risk. The goal is to answer questions like:
- What is the likelihood of a protest happening?
- What actors are likely to be involved?
- How many people are likely to turn up — at the venue, online, or elsewhere in the city?
- How might protestors seek to gain entry to the venue?
- What tactics will they use once they are in there?
- What items will they try to smuggle in?
- At what times during the AGM are protesters most likely to mount disruptive action?
Armed with this intelligence, security teams have a much more accurate picture of the threats they need to look out for. This matters, because you can allocate resources precisely and prepare better for what might occur during the AGM.
Warning signs in non-obvious places
Risk profiles can turn on a dime. A protest-sparking tweet could have nothing to do with your company — it could be as seemingly innocent as an update on government policy — but if the subject matter is deemed particularly egregious to protestors, then the backlash could dramatically alter the situation on the ground.
Such a scenario would be impossible to plan for unless you have a proper overview and a deep understanding of what’s happening in your environment and can mitigate the element of surprise. In all cases, a disciplined, zoomed-out analysis leads to the best outcomes — both on-site and beyond.
Case study: Bank preempts protestors at AGM
For example, our client, a bank with strong financial ties to energy firms, was holding its AGM in a European capital. A frequent target of environmental and civil rights advocates, the bank asked us to provide regular monitoring in the weeks leading up to the meeting and active coverage during the day itself.
This was an example of a fast-evolving situation. While the likelihood of protests was initially assessed as “low”, continued monitoring suggested a “probable” disruption as we drew closer to the event. Many of the indicators came from non-obvious sources, including the fallout from the company’s stance on Russian dealings following Putin’s invasion of Ukraine, and the very different grievances of two separate threat actors.
We correctly forecast their intention to mount actions.
Our intelligence was a real asset to the client. Equipped with a detailed assessment of threat actors, tactics and numbers, security leaders were able to implement the best tactical measures and act with confidence to protect their AGM.
