A new year brings new opportunities, but also new risks. 2012 gave us the Costa Concordia shipwreck, Superstorm Sandy, political and economic struggles in the Eurozone and US, and a Pandora’s box of regulatory fines and reputational damage in the banking sector.As 2013 begins to unfold, we’ve asked our WillisWire bloggers to look ahead for the risks that businesses should prepare for now. From extreme weather volatility to discriminatory health plans, or the unintended consequences of cost cuts in the mining sector, the threats below should be on every risk manager’s radar because, failed resolutions aside, you never know what the new year will bring.
(Jump down: Captive Insurance, Chile, D&O, Employee Benefits, ERM, Executive Risk, Financial Services, Global Risk, Life Science, Mining, Reinsurance, Security, Social Media, Supply Chain, Terrorism, Weather)
Global Risks – Missing out on BRICS 2: MIKT
The emerging risk for global business in 2013 is the risk of missing out on the next emerging markets.
Having lived through the “BRIC” explosion as the global risk manager of a multi-national technology company, I understand why so much attention was paid to the emerging economies of Brazil, Russia, India and China through much of the past decade. The impact of the business opportunity created for many organizations was amazing.
However, the BRIC countries’ economies are maturing. I am therefore amazed at how little one hears in our industry regarding what is next! Clearly, globalization continues at a stunning pace.
If the first round of massive and rapid globalization produced four juggernauts of economic development that most companies were desperate to tap into and at times struggled to manage, shouldn’t more attention be paid NOW to round 2?
Dialogue with economists and academics supports attention to this subject today. While there are arguments for and against certain favorites based on politics, scale and headlines of the day, there appears to be a fair amount of consensus around Mexico, Indonesia, S. Korea and Turkey. Shall we call them MIKT? Are we ready? Come back next week when I explore the topic further.
Financial Services – A War on Financial Services
The emerging risk on the horizon for financial institutions is war. When two countries pick up arms against each other, we call that “war.” When two companies compete for business we call that “free enterprise.” What then do we call it when a sovereign nation deliberately targets a company, specifically a financial institution, from another country? At some point is that not war?
The headlines for the last few months have reported a drastic increase in aggressive cyber-attacks against some of the largest banks and financial institutions in the United States. Experts believe that these attacks are being funded and coordinated by sovereign states, even if the actual attacks are executed by independent operators.
These attacks are sometimes simple Distributed Denial of Service type of attacks aimed at slowing or crashing an institutions online capability, others are more nefarious, designed to steal data or corrupt systems.
Insurers have not yet designated such attacks as an uninsurable “Act of War” but if such attacks persist, (and we have every reason to believe they will) insurers can be expected to price their coverage accordingly with the knowledge that specific institutions are being targeted not by business rivals but by sovereign states. And in my book…that is war.
Supply Chain – Does Your Supply Chain Hold Reputational Risks?
It has been interesting to watch newly created heads of sustainability and corporate responsibility in major global companies taking a strong interest in supply chain risk. Whilst the loss of suppliers and supplies due to natural catastrophe events and non-damage related perils such as industrial disputes and financial insolvency are still very much on the agenda, there is increasing focus on reputational risk in relation to sustainability issues. If you look at the annual reports of many companies you will see strategies to ensure they have environmentally friendly and sustainable supply chains, or that they in fact already have a ‘green’ supply chain. The growing interest was reinforced when the Chartered Institute of Purchasing and Supply recently published the three most requested topics from its members:
How can sustainability translate into a risk then?
The supply chain disruption caused by natural catastrophes (nat cat) in recent years has driven the need to improve the availability and quality of risk data. This has not been restricted to nat cat related data, but includes information focused on carbon footprint, water usage and drought on a regional basis. Suddenly the level of transparency in the supply chain has increased considerably and companies now face the reputational risk of being exposed to environmentally unfriendly supply chains. When the reality does not meet expectations, it creates unhappy stakeholders and a negative reputational impact. This can affect future earnings and eventually destroy company value.
Weather Risk – Preparing for the Unpredictable; What’s Your Weather Outlook in 2013?
2012 marked the wettest summer in over 100 years for England whilst across the Atlantic in the US, American farmers are currently facing the consequences of last summer’s exceptional drought. Crop insurer losses currently stand at $11.58bn and overall GDP is expected to be gravely affected.
Whilst the weather alone does not represent a new risk, what these and other events of last year highlight is the relentless increase in likelihood of extreme weather and a heightened volatility that affects almost every business sector worldwide. It is this emerging awareness that means risk managers can no longer afford to brush off the weather as something the consequences of which are beyond their control in 2013.
Whilst certain policies protect against damage caused by extreme weather events such as hurricanes and floods, it is the non-damage related impacts resulting from the ‘wrong’ weather that need to be addressed. Take the retail sector for example; unexpected seasonal weather can result in under or over stocking of appropriate merchandise; be it barbeques for that hot summer or overcoats for winter. This mismatch and the attendant impact on footfall impacts the revenues and margins of an already stretched high street retail sector. Other similar examples abound; from leisure and entertainment to power and energy.
As the changing pattern of weather continues to throw out surprises, one thing that can be predicted is its very unpredictability. The past is no longer a reliable indicator of the future. It is for that reason that businesses should address this exposure where they have not before: consider the available means to mitigate its impact before it is too late.
The Harsh Realities of the U.S. Foreign Corrupt Practices Act
For organizations falling within the reach of the U.S. Foreign Corrupt Practices Act, the worry is that there is no business necessity exception and no affirmative defense. Nor, for the regulators, is there a materiality requirement: they will enforce the statute on big (they like big) as well as small infractions (in the tens of thousands of dollars).
There can be individual personal as well as corporate liability, civil as well as criminal penalties, and monetary as well as non-monetary damages (including potential jail time for the individuals involved).
You are responsible for not only the actions of your own organization and employees, but those of your agents and business partners (and those at the organizations that you may purchase).
Your organization may purchase Directors and Officers (D&O) Liability insurance, which may help with some of the defense costs (it depends) and potentially some nominal personal civil penalties. But the reality is that no insurance company is going to go to jail for an offender, salvage the reputation of an individual or organization or pay multi-million (or billion) dollar criminal penalties.
Mining – Cost Containment and Control in the Mining Sector
The “strike contagion” following the tragic events in South Africa in 2012 is a clear indicator of the employment cost pressures mining groups are facing across many countries around the world.
In addition, government pressure to derive more income from national resources is increasing across the globe. Right now, there is clear evidence of this in the likes of Venezuela, Peru, South Africa, Ghana, Cote d’Ivoire, Tanzania, DRC, Mongolia, PNG, and Australia. All these countries either have increased taxes and royalties, or are considering doing so.
Cost of workforce is up, cost of mine licensing is up, cost of mine construction is up, taxes are up, royalties are up, and operating costs generally are up. On the flip side of the coin, demand is down—especially for coal. So productivity is down, earnings are down, costs are up and government pressure to increase taxes and royalties is not helping an industry which is struggling to make ends meet.
Cost containment and control is the order of the day—workforces are being cut, mines are being closed down, projects are being delayed, scaled down significantly or cancelled, and orders for new plant and equipment are being deferred or reduced. It’s a challenging environment which is resulting in tough financial times for miners large, medium and small. When miners look to obtain the capital they need to continue to operate and invest in their business—for growth, risk management, risk improvement and loss mitigation, process efficiency, skill improvement in the workforce, project development, infrastructure debottlenecking and supply chain management—they are struggling to obtain the support they need which has potentially long-term negative implications for the industry as a whole.
Life Science – “No fault” Clinical Trials
The new drug and medical device discovery process necessarily requires human clinical trials. The insurance industry has traditionally provided insurance coverage for trial patients who are injured during a trial based on theories of negligence and tort liability.
An emerging risk for American drug and device companies is that many international regulators require patient compensation for trial subject injuries regardless of the sponsor’s or clinic’s negligence. If insurance won’t respond, the sponsor and/or clinic will be required to pay for these injuries as an operating expense. The insurance industry is struggling to keep pace with this emerging risk.
ERM – Abandonment of Risk Management
Insurers are rethinking their commitment to enterprise risk management (ERM) as Solvency II drifts further into the distance but this could bring new risks.
The shine of ERM has faded for many insurers and as budgets are finalized for 2013, the spending and staffing for ERM is dropping. But this shift could be a leading indicator for future problems:
- Less coordination of risk taking could lead to unknown concentrations of exposures.
- Risk appetites are not updated as the business and risk environment changes and are therefore ignored in the business planning process.
- A return to (or continuation of) reliance on the rating agencies to set the primary parameters for insurers’ businesses.
- A slower and less coordinated response to emerging issues.
- Unchallenged predictions of low risk for a new proposal that ends up being drastically underpriced and highly successful.
The irony is that those insurers who were less committed to satisfying Solvency II, or the rating agencies’ calls for ERM, may have developed an ERM program that actually helps them to achieve their business objectives and will be less exposed to this risk.
D&O – Directors in the Dock for Regulatory Risks
You have D&O insurance right? If you’re a director of a large listed company, the chances are that you have probably been told that you have a tower of cover worth some 10s or maybe 100s of millions of dollars and that all the carriers on the insurance programme are reputable and with strong credit ratings. So far so good.
You probably also understand that the policies operate on a “claims made” basis—i.e. they respond to claims made against you alleging personal liability in your capacity as directors.
What happens though if you get caught up in a regulatory investigation or enquiry and your company either can’t or won’t pay for the costs of your legal representation or perhaps they can and do but such support comes with strings attached designed to protect the company’s position rather than your own?
It does not take a very clear crystal ball to reveal that regulatory risk will be one of the greatest exposures for individual directors in 2013 and beyond. Yet (or perhaps for that very reason) D&O insurers are wary of opening their cheque books for legal representation costs in the context of investigations in the absence of an actual claim. To use the jargon, insurers often impose “late triggers” on this cover, meaning they require that the investigation be well advanced before they agree to pay. The risk here for directors is that by the time these triggers are engaged they may already have said something that they later have cause to regret.
Security – Death by Cyber
The legitimate potential for cyber-attack upon the United States’—or upon any country’s—infrastructure, and businesses will continue to be a major risk in 2013 and well beyond. The impact of significant liabilities and losses associated with a cyber-attack could have devastating corporate consequences.
The possibility of new governmental regulations via cyber-security legislation and the dire warnings of Defense Secretary Leon Panetta of a cyber-Pearl Harbor will clearly place additional protection responsibilities squarely upon the shoulders of both our country’s leaders and business leaders. We have already seen the loss of customer confidence as well as the financial and reputational damage created by these attacks upon major companies and government agencies.
Prepare yourself for the virtual risks of 2013, cyber-attack has become the new wild west of today and tomorrow.
Employee Benefits – Are Your Employee Medical Plans Discriminatory?
Most U.S. employers are fully aware of the risks associated with their employer-sponsored medical plans and the full implementation of health care reform. However, employers are currently focused on the risk of potential penalties around minimum value and bronze level plans and the risk of discrimination looms unnoticed on the horizon.
This risk, NOT often discussed concerning health care reform, is tied to the ultimate implementation of the nondiscrimination rules for non-grandfathered insured plans. PPACA prohibits insured plans from discriminating in favor of highly compensated employees (HCEs). These PPACA provisions—PHSA § 2716 as added and amended by PPACA, Pub. L. No. 111-148 (2010)—provide that the rules will be similar to those under IRC Section 105(h) that currently apply to self-funded plans.
The hidden risk is that many employer plans may be discriminatory. However, even if all employees are offered the same coverage and options, employers often make concessions for many HCEs. This may include waiving waiting periods, or charging less for the same coverage. Other ways employers might discriminate is to provide certain HCEs extended COBRA, or pay the COBRA premiums. Those types of accommodations could potentially be discriminatory.
The penalty for violating the prohibition will be $100 per day for each individual who is discriminated against (likely all the rank and file non-HCEs). The IRS has not yet released regulations but they are expected by 2014, which does provide employers a window of opportunity to mitigate the risk by identifying and amending potentially discriminatory programs, and to avoid the potentially damaging penalties.
While guidance issued on December 28 by the federal agencies has made compliance with many other requirements of health care reform much less problematic, this risk is still one that employers need to keep in view.
Captive Insurance – Compliance in Local Territories
Captive owners and practitioners face the challenge of designing a cost-efficient and silent-running global insurance programme incorporating a captive whilst complying with local territory insurance premium tax (IPT) requirements.
This is becoming even more important as local tax authorities are showing signs of enforcing strict compliance rules on foreign (i.e. captive) insurers to protect their local insurance industry.
The solution is for the insurance buyer and the captive to fully understand their respective responsibilities. Global programme premium should be apportioned to each territory on a justifiable (and auditable) basis. Additionally insurance carriers should be required to provide clear documentary evidence of the management and settlement of foreign IPT. Programme structures should be re-examined to consider the role of non-admitted cover provided by the captive versus local underlying policies.
In the past, risk managers may have chosen to downplay IPT compliance, today tax authorities are forcing a re-think and it is vital that this issue is tackled to avoid unwelcome calls from tax authorities.
Reinsurance – Euro Referendum Risk
The UK is caught in a quandary. Free trade in financial services has been and remains key to the City of London’s continued fortunes, particularly in the insurance sector.
The European Union promises (and has to a considerable extent delivered) a free-market in financial services across Europe and is a heavy-weight in global trade negotiation. But a European Union is not what most of the UK’s population thought they signed up for. In the 1970s when the UK joined the then European Economic Community, it was billed as a free-trade area but it has become more and more a political and economic union.
Demands for a referendum on an exit, or at least a renegotiation of the UK’s terms, are growing. The Conservative Party under Prime Minister David Cameron is caught between the Eurosceptic UK Independence Party on its right and its coalition partners, the Europhile Liberal Democrats, on the left. It seems hard to see how the Conservatives can resist demands for a referendum in their next election manifesto.
The position looks bleak, the UK is disliked in Europe, despite being the 3rd largest net contributor it is seen as always taking, never giving. The financial services industry is seen as a problem and ripe for more aggressive pan-European regulation and taxation; this could weaken the global competitive position of the UK’s dominant financial services sector and fuel further Europhobia with the UK electorate.
Terror Threat Rises in the Sahel Region of Africa
Whilst nodding vigorously to well-considered potential global risks such as Iran’s future, the potential for collapse in Afghanistan and Pakistan, European disintegration, further drugs-related disorder in Mexico and violent uprisings in North Africa, an emerging risk that has occupied our minds lately is the profound risk to security, livelihoods and stability in the Sahel, presented by a possible spread of Islamic terrorism from Mauritania in the West to the Horn of Africa in the East.
Osama bin Laden is dead but the seeds of dissent sown by Al-Qaeda and its franchises continue to foment violence globally. The great swathe of the Sahel region may appear neatly segmented by national boundaries on the map.
However, witness Mali, the desert topography and the ideological leanings of Al Qaeda in the Islamic Maghreb, (AQIM) and many of the nomadic Tuareg population make for an extremist threat to security that could percolate through porous border from Mali into Niger and Mauritania.
Potentially coalescing with Boko Haram (People Committed to the Propagation of the Prophet’s Teachings and Jihad) in Nigeria whilst filling power vacuums created by weak governance and increased support in Chad and Sudan, it is possible to project further alliances and coordination with Al Shabaab in Somalia and Northern Kenya.
Insidious New Reputational Risks
History is littered with examples of businesses that have been struck by reputational risks – the Perrier water example is oft quoted in management training programmes.
Traditionally a focus on product quality and service has been the best defence as the reputation of a company has depended almost entirely on its products being seen as “best in class” and delivered with a high quality of service.
Whilst this is still an excellent strategy to defend against reputation risks, it does not address the risk of reputational damage caused by more insidious ways. Increasingly, for example, a corporate reputation can be adversely affected by corporate ethics or behavior – such as the treatment of suppliers or a company’s environmental credentials.
The “wrong” type of publicity, generated through unexpected social-media coverage, is increasingly regarded as one of the principle sources of reputational risk.
Identifying and mitigating these risks requires much more than just a focus on product and service delivery, it also requires a crystal clear understanding of the changing business environment and stakeholder expectations.
Companies also have to learn to come to terms with social media in other ways. As with every risk there is an upside – companies that learn to engage with social media in the right way can reap significant reputational benefits.
Chilean Risks – Cybercrime, Underinsured Transport Systems and Sexual Harassment and Bullying
One of the most underestimated risks in Chile at the moment is cyber risk. This encompasses both the third party data protection liability, such as personal data destruction, and loss of profits for computer network outage. In short, very few companies in Chile have cover in place to protect themselves against these types of losses and the threat looks set to grow in 2013.
Underinsured Transport System
Civil Liability claims for passenger transport are a growing concern as the limits in the local market are insufficient. Accidents are becoming more frequent and often result in many casualties (eg passenger bus). However, the limits provided by the insurers for each event are very low and insufficient to the amounts needed to compensate everybody involved.
Sexual Harassment and Bullying
This is an increasing national concern. Parents are mounting civil suits against educational institutions for not preventing or avoiding these kinds of events on their premises. The local insurance market specifically excludes such events so policyholders are left defenceless in civil lawsuits associated with these types of cases.