Category Archives: Risk Culture

Want to create a cyber-resilient organization? Start with your board of directors

Man holding a laptop while looking at servers with a female colleague. Both have security badges around their neck

No company — regardless of size or stature — is immune from cyberattack. Given their pervasiveness, it’s no longer enough to have a thorough, carefully constructed plan to mitigate against cyber risk. The thinking “It won’t happen to me because … Continue reading →

Three tips for senior managers seeking to avoid reputational damage

man in a suit leaning over a railing

A theme to which I often return is the extent to which there is scope for divergence of interest between individuals and their employers, especially in the context of regulatory investigations. For more, see my blog, Supreme Court victory for … Continue reading →

Learning about natural hazards: A recap of Willis Research Network’s spring seminar series

streets flooded around a building

This past spring, Willis Research Network (WRN) hosted a series of morning seminars that featured a number of research projects and partners. Topics ranged from severe convective storms to corporate risk profiling, and included findings from some of the WRN’s … Continue reading →

Don’t let your actuaries sit on the bench on IFRS17

Accountant adding figures on a calculator

IFRS17 may be an accounting standard, but getting ready for it requires serious actuarial input. The January 1, 2021 live date for the new international insurance accounting standard, IFRS17, is somewhat deceptive. The reality is that, due to the need … Continue reading →

Avoid these 4 pitfalls to favorably resolve challenging environmental claims

Environmental worker in a hazmat suit putting a soil sample into a bottle

From obtaining a carrier’s consent before incurring costs, to a straightforward late claims notice, making an environmental insurance claim can be fraught with hazards. All can be avoided with early, accurate information. The most important test of environmental insurance comes … Continue reading →

Insights from the Willis Re Flood Club: the weaknesses and strengths of flood modelling

cars in flooded parking lot

When industry experts gathered to consider the state of flood modelling, they discovered a disconnect between theory and reality that can leave insurers under some expensive water. So what’s next for modelling approaches? Insurers are worried about their flood exposure. … Continue reading →

Should banks require commercial lending customers to have cyberinsurance?

man sitting at a desk in an office looking at a laptop

In light of increasingly prevalent and highly publicized data breaches, the Federal Financial Institutions Examination Council (FFIEC) recommends that banks require commercial lending customers have cyberinsurance to supplement existing risk management programs. The FFIEC’s statement isn’t a regulatory expectation, but … Continue reading →

8 reasons why energy companies should have an Enterprise Risk Management framework

Worker in a yellow vest walking between solar panels lined in a field

Establishing a resilient Enterprise Risk Management (ERM) framework can be a challenging process that requires a clear action plan with specific improvement points and defined timelines. And it’s for those reasons, along with lack of resources and determination that some … Continue reading →

5 questions hospital board members should ask about enterprise risk management

Female doctor sitting with a man in a suit holding a laptop and a man in a suit and tie

Risk management in health care can vary greatly across different organizations. Yet the focus on managing risk should be an integral part of all boards of directors’ ongoing discussions. So what should the directors and their senior executives be thinking … Continue reading →

Recent nation state cyberattacks: What they mean, and how to respond

man talking on a phone and looking at a tablet

On April 17, 2018, the U.K. and U.S. governments issued an unprecedented statement calling out Russia as the originator of cyberattacks on businesses and public sector organizations during 2017. According to the statement, routers — the devices that direct traffic … Continue reading →