Although business executives still worry about the impact of direct property loss due to natural catastrophes or fire, their primary concern now is possible business and supply chain interruption from such events. They also say increasing competition in their markets and cyberthreats are critical business risks, according to the results of a new survey.
Indeed, a report, the Allianz Risk Barometer 2016, summarizing the results of the fifth annual survey on corporate risks conducted by specialty insurer Allianz Global Corporate & Specialty (AGCS), notes that business and supply chain interruption (BI) is considered the top risk for businesses globally for the fourth year in a row. The firm surveyed more than 800 risk managers and insurance experts from more than 40 countries, and found that BI was cited as the chief business risk by 38 percent of the respondents. That stands to reason because BI losses for businesses are increasing, typically accounting for a much higher proportion of the overall loss than a decade ago—and often substantially exceeding the direct property loss, AGCS explains in the report.
According to responses, major causes of BI feared most by executives are natural catastrophes, cited by 51 percent of the respondents, followed by fire/explosion, cited by 46 percent of the respondents. Nonetheless, many executives also believe that new “non-physical damage” causes of disruption will increasingly be driven by cyberattacks, technical failure or geo-political instability.
Interestingly, slightly more than a third of the responses (34 percent) cited market developments such as intensified competition or market volatility/stagnation as one of the three most important business risks in 2016, which moved the category into second place. Market developments are a particular concern in engineering, financial services, manufacturing, marine and shipping, pharmaceutical and transportation industries, the report notes.
Another risk of increasing concern for businesses globally is cyber incidents, which includes cybercrime or data breaches, as well as technical IT failures. This year, 28 percent of the survey’s respondents cited the risk of cyber incidents as one of their top three business risks. What’s interesting is that while cyber incidents are now seen as the third largest business risk by survey respondents, last year the respondents had the risk ranked in fifth place. Even more telling, five years ago, cyber incidents was identified as a risk by just one percent of the respondents. Loss of reputation (69 percent) is the main cause of economic loss for businesses after a cyber incident, according to responses, followed by business interruption and liability claims after a data breach.
Furthermore, executives are increasingly concerned about the growing sophistication of cyberattacks, according to the Allianz Risk Barometer. Since this type of attack is increasing both in frequency and severity, companies should not underestimate the impact of an operational failure in today’s highly digital and connected industries, the report notes.
“The corporate risk landscape is changing as many industrial sectors are undergoing a fundamental transformation,” explains AGCS CEO Chris Fischer Hirs. “New technologies, increasing digitalization and the ‘Internet of Things’ are changing customer behavior, industrial operations and business models, and bringing a wealth of opportunities, but also raising awareness of the need for an enterprise-wide response to new challenges.”
The problem is that while companies are aware of and test for internal risks, many fail to assess risk across their supply chain. Often, only Tier One suppliers are considered, and little thought is given to those further downstream. Assessing every supplier across every tier may not be necessary, but if companies identify and concentrate on higher-risk suppliers, they may become more effective and confident in risk mitigation.
What I would like to know though, is if you agree with the results of the Allianz survey. Do you consider the top three business risks to be business interruption, sudden market developments and cyberthreats?