Even as prime minister Theresa May this week failed to gain parliamentary support for a Brexit deal, the country was being warned that the UK’s departure from the EU could “blind” corporate leaders to other risks present in the business world.
The warning came as part of predictions for risk in 2019 from the Institute of Risk Management (IRM).
Brexit and its implications remains an obvious headline risk, but the IRM was at pains to point out that other risks deserve attention, notably cybersecurity, extreme weather and climate change, financial concerns and political uncertainty on the world stage. It’s worth reviewing what the IRM has to say.
According to Socrates Coudounaris, chairman of the IRM, businesses will continue to face risks from current macro trends.
“Leaders who think critically about the future, anticipate disruption to their sectors, while building resilience and agility in their models, will be in a better position to tackle a challenging risk environment in 2019 and thrive,” says Coudounaris.
The IRM asked a range of commentators to offer their views on risk in 2019, with Steve Greece, chair of the IRM’s health special interest group, warning that Brexit could obscure the view of other risks.
Elsewhere there were warnings for financial services. According to Sara Christman, speaking for IRM’s banking and financial services group, institutions are prepared for the severe shocks from Brexit, though there remain outstanding issues that could disrupt the ability to “execute strategy”.
She said “open banking”—the process of banks sharing data—was likely to be “evolution” rather than “revolution”. Cybersecurity will remain an issue, but so does ethics.
“Financial services are rich targets for well-funded criminal or state sponsored hacker attacks, but unauthorised access isn’t the only data threat that firms face,” she says.
The others are inappropriate use of data and unethical decision-making. “We expect these threats to foster increasing cooperation between security and privacy teams to ensure that controls are aligned to address the breadth of data risks exposure,” she says.
Ray Flynn, an IRM board member, predicts that 2019 will see further examples of unethical behaviour uncovered, despite the introduction of recent legislation. The reason? Companies are better at managing external risks than they are the risks emanating from within their own organisations.
“There is a reluctance to entertain the prospect of fellow workers or even business partners, suppliers or sub contractors, as capable of underhand practices.”
The risk of exposure is increasing, he says. “There is an element of iconoclasm and bloodletting involved as the gap between the ‘haves’ and the ‘have nots’ increases, which supports whistleblowing and puts pressure on regulatory bodies to act.”
Climate is uppermost in the minds of many IRM commentators. Adverse weather will continue to happen as a result of commercial, industrial and agricultural activities affecting nature, according to Paul May, the chairman of Concordia Consultancy, writing for IRM.
Fund managers and insurers are either avoiding investments in, or insuring, industries contributing to global warming. However, he offers a warning.
“The trend to desert such industries is likely to continue to increase, but it is not proven whether that retreat would be likely to lead to their closure.
“While the rationale may be ethical and provide a ‘feel-good’ PR feeling, such investors and insurers will lose any opportunity to influence improvements and change,” he says.
The chair of the IRM’s South Africa regional group, Zanele Makhubo, is blunt, calling the unpredictability of weather patterns a “serious risk”. She warns that governments will need to work with the the private sector in a multi-disciplined approach if climate change is to be properly tackled.
There is also a warning that a corporate reaction to climate change now forms a significant component in reputation risk.
Victoria Robinson, head of marketing and communications at the IRM, says: “Consumers are becoming more discerning and aware of protecting the planet, about the provenance of goods and, in the FMCG industries aware of slavery and working conditions—transparency is key.”
Climate is not the only issue in brand and reputation; data security is critical too. Indeed, one study puts the global average cost of a data breach at $3.6m per incident. Robinson says: “We have seen huge, well-known global corporates—airlines, hotel chains, banks and online retailers—suffer at the hands of hackers.”
As we have seen in the past, extreme weather can also affect supply chains significantly. Global politics—such the US-China trade battle—could also bite.
According to Carolyn Williams, director of corporate relations at the IRM, some organisations will this year “find their supply chains are affected, some will have anticipated it in advance, perhaps built up their skills and understanding, done some risk analysis, some scenario-planning and stress-testing covering their extended enterprise, putting controls in place; and some will discover that their strategy of just hoping for the best hasn’t quite worked out.”