On today’s show we’re talking about one of the key take-aways from the World Economic Forum in Davos Switzerland only a few weeks ago.
A few weeks ago the Forum published their annual Global Risks Report. This 114 page document was developed in partnership by the Zurich Insurance Group and Marsh and McLennan Companies.
Insurance companies make it their business to understand risk. But before we can dive into the content of the report, it’s important to actually define what risk means.
Risk, by definition is something that is not in your plan. If you’ve planned for 4 weeks of weather delay in your project, and you only experience 3 weeks of weather delay, then weather delays are not a risk because they’ve been already accounted for in your plan. Risks are anything outside your plan.
When we talk about risk, we divide the risk into two components, likelihood and impact. The likelihood is the likelihood of the risk coming true. The impact is the actual impact of the risk if it comes true.
The purpose of talking about risks is to ensure you have contingency plans for the risks that represent a threat to your business.
The top 3 risks in terms of likelihood are all environmental. This encompasses extreme weather events, earthquakes and the like. It’s amazing to me how in this day and age in 2019 the number of commercial property owners that are still under-insured in high risk areas. Taking the time to read and understand your insurance policies to understand their limitations. Insurance policies can be incredibly complex to understand. There can be language in one section that is in conflict and superseded by opposing language in another addendum. When a claim is made under a policy, the claims department will send the policy off to the legal department for review. That process makes the insurance company your legal adversary at that point in time. Their job is to pay as little as possible under the policy.
The two highest likelihood man made risks are theft, data theft, and cyber attacks.
Here too, this is an area where there are simple procedural safeguards that you can employ which will protect your business. This past week I was speaking with the owner of a jewelry business who has experienced employee theft on multiple occassions. We’re talking theft in the hundreds of thousands of dollars.
Cybertheft is a major issue that continues to make headlines. Data breaches have exposed personal data of billions of people.
The largest was in India, where the government ID database, Aadhaar, reportedly suffered multiple breaches that potentially compromised the records of all 1.1 billion registered citizens. It was reported in January that criminals were selling access to the database at a rate of 500 rupees for 10 minutes, while in March a leak at a state-owned utility company allowed anyone to download names and ID numbers.
It amazes me that in that environment, people still send wire transfer instructions via email without an old fashioned safety protocol to doublecheck the details by phone. If your investor sends a wire transfer and the email is hacked and the money ends up in the wrong account, you may be liable for hundreds of thousands of irrecoverable stolen funds.