The level of risk that businesses face today is remarkable. Companies across the EMEA region, especially those expanding their operations abroad, face a geopolitical, economic and regulatory environment where volatility and complexity seem to be the new norm.
In this challenging environment a range of new risks is emerging that can have serious effects on a company’s reputation, bottom line and its very survival. In the age of the 24-hour news cycle and heightened scrutiny for corporates these risks frequently lead to crises that are almost impossible to manage or contain.
Are companies across EMEA ready to deal with this new range of risks? The short answer is that, largely they are not. And this needs to change.
According to ACE’s recent Emerging Risks Barometer, a survey of 650 companies in Europe, the Middle East and Africa, busy management teams are struggling to keep pace with emerging risks. 57% of respondents cite lack of management attention as the biggest barrier. This leads in turn to the second and third challenges – lack of human resources and lack of risk management tools and processes.
Even though companies are struggling to manage risk, they appear to be aware of the gravity of new emerging risks. The top three emerging risks as ranked by the companies that took part in the survey are telling:
Supply chain and infrastructure risk tops the list. Lack of visibility into where risk exposures lie, reliance on creaking civil infrastructures, energy security and other challenges expose businesses to severe financial risks in the event of business interruption.
Environmental risk ranks second. Companies are being held accountable for their environmental impact as never before – and not only in industries that “traditionally” pollute. Nearly three quarters of firms say their shareholders are taking environmental risk more seriously.
Cyber risk is joint third. Companies cite threats like viruses and hacking among their greatest concerns; but a majority of 63% recognise that the greatest threat often comes from within, viewing the threat from employees and internal failures as more important than that posed by cyber criminals.
In our globalised world events do not respect neat categories. Today’s risk challenges demand a cross-disciplinary approach. Businesses need to better understand the risks that emerge from the interdependencies between different processes, operations and players in their global supply chain. Cyber risks cannot be the responsibility of the IT function alone. Risk managers have a very important role to play. They can help their organisations put their strategic plans on a sustainable footing. But management teams and boards need to put in place a culture as well as processes that minimise the potential for crises to emerge in the first place.
The insurance industry has a crucial role to play too. Our emphasis should be on helping companies to respond in a way that helps mitigate damage early and, ideally, to prevent the reputational risk events from happening in the first place. Underwriters and brokers have to take a strategic approach to their client relationships and work with businesses to help them make emerging threats an integral part of their approach to enterprise-wide risk. The insurance industry has always helped companies manage risk. In this new, uncertain world of interconnected economies, people and risks we can help our clients navigate safely this challenging environment. After all, for businesses that want to survive and grow, not ready is definitely not an option.
The views and opinions expressed in this article are those of the authors and do not necessarily reflect the views of The Economist Intelligence Unit Limited (EIU) or any other member of The Economist Group. The Economist Group (including the EIU) cannot accept any responsibility or liability for reliance by any person on this article or any of the information, opinions or conclusions set out in the article.