In the last few years, the largest risk events that have impacted corporates have been a result of new risks such as cyber, in particular, ransomware attacks which reportedly result in two out of 5 U.S. insurance claims currently. Cyber has yet to suffer a truly global financial loss on the scale of some events in recent history. So what are the top 5 events to date and what are the numbers?
9/11 – $40 billion
The COVID-19 pandemic will likely surpass them all. These high-profile risk exposures fall into a grey area across multiple insurance policies, which make it hard for insurers and their policyholders who may or may not be covered. Going forward, such risk exposures need to be modelled more accurately, quantified and priced otherwise corporates may look elsewhere to cover that risk.
In a report in 2020, the International Monetary Fund warned that the final bill for the pandemic would total $28tn (£21.5tn) in lost output. Even at that time, the IMF had scaled back its estimate of the hit to the global economy from Covid-19 but what is clear is that the pandemic easily outstrips the cost of the 2008 financial crisis.
The Zurich Global Risks Report 2021 explains that the highest likelihood risks of the next ten years are extreme weather, climate action failure and human-led environmental damage; as well as digital power concentration, digital inequality and cybersecurity failure. Among the highest impact risks of the next decade, infectious diseases are in the top spot, followed by climate action failure and other environmental risks; as well as weapons of mass destruction, livelihood crises, debt crises and IT infrastructure breakdown.
The report’s authors say: “COVID-19 has accelerated the Fourth Industrial Revolution, expanding the digitalization of human interaction, e-commerce, online education and remote work. These shifts will transform society long after the pandemic and promise huge benefits—the ability to telework and rapid vaccine development are two examples—but they also risk exacerbating and creating inequalities. Respondents to the GRPS rated “digital inequality” as a critical short-term threat.
“According to the GRPS, the risk of “youth disillusionment” is being largely neglected by the global community, but it will become a critical threat to the world in the short term. Responses to the pandemic have caused new domestic and geopolitical tensions that threaten stability. Digital division and a future “lost generation” are likely to test social cohesion from within borders—exacerbating geopolitical fragmentation and global economic fragility.”
The report recommends the formulation of “detailed analytical frameworks that take a holistic and systems-based view of risk impacts will help to surface potential dependencies at a fitting moment, spill-over consequences, vulnerabilities and blind spots. Holistic analysis provides a foundation for stress-testing assumptions; identifying and comparing the trade- offs required by different mitigation proposals and examining responsive capabilities against emerging crises and forward-looking scenarios.”
Another strategy the report recommends, which has echoes of similar initiatives instigated by Russell in recent years through its Corporate Working Group, is investment in “high-profile “risk champions” who can bring together different stakeholders to spur innovation in risk analysis, financing and response capabilities, and improve relationships between scientific experts and political leaders. The 2nd edition of the Global Risks Report proposed the concept of a “National Risk Officer” with a remit to enhance resilience by improving the decision-making culture.”
To address the point about data frameworks, and as Russell has outlined in previous reports, seven out of 10 boards say that they will be investing in new technology to address their risk management needs. Boards want risk reporting that is predictive, focusing on emerging and atypical threats, and built on a combination of external and internal data.
Interestingly, only 20% of boards believe that their organisations are effective at disaster response planning and understand the interconnectedness of their risks. Furthermore, the way forward is combining both new data technology with a strong risk reporting system, that incorporates the interconnectedness of the organisation across all areas.
Only 49% of CEOs say that their risk assessment processes are adequately data driven. Many board members believe the pandemic has precipitated a seismic shift in terms of priorities for their organisation. 66% of respondents to EY Long-Term Value and Corporate Governance Survey believe that COVID-19 has increased expectations of shareholders that their companies will drive societal impact, environmental sustainability, and inclusive growth.
Turning to the next point about risk champions discussions with Russell’s corporate working group have revealed that the viability of a corporate’s cash and balance sheet position to a range of scenarios, some of which are interconnecting, is a key concern. Our aim is to bring together a group of partners that can enable a business leader to plan and mitigate against a number of scenarios that threaten the viability of that business, and by doing so, secure the balance sheet. This would include insurers, reinsurers, risk managers and alternative risk transfer markets. Previously, Russell has referred to the idea of a corporate orchestrator, in a role not unlike the National Risk Champion, who would lead a data driven approach to high profile risk exposure management.
Media commentators are fond of asking why did no one in the Boardroom or at Government level see COVID-19 coming and take adequate precautionary measure to mitigate the risk but the reality, of course, is that almost everyone was aware – but, with hindsight, ill prepared and even complacent. The upside is that there is an opportunity to learn from this experience and apply it to other known high-profile exposures. As mentioned earlier, cyber exposures, climate change risk and generational warfare all have data points that can be collected, connected and managed. The same is true of other exposures not listed in the recent Zurich report mentioned earlier. Let’s take the potential for a solar flare from our sun, for example, to cause chaos on our planet.
A very recent example highlighted the potential risk when on 1st May 2019, the star next door to our own erupted. Proxima Centauri, our nearest star, became 14,000 times brighter in the ultraviolet range of the spectrum. According to reports, the radiation burst was strong enough to split any water molecules that might exist on an Earth-sized planet orbiting that star; capable of stripping our planetary home of its atmosphere.
It would be catastrophic indeed if our own star did the same. The sun does have outbursts — most famously, in the predawn hours of September 2, 1859. At that time, a brilliant aurora lit up the planet. People from as far south as Havana in Cuba to the inhabitants of Missouri could read by its light. “The whole of the northern hemisphere was as light as though the sun had set an hour before,” the Times of London reported a few days later.
This is what is called a coronal mass ejection; a fairly regular event that Russell has examined in the past. Such events can trigger the most ferocious of geomagnetic storms. The 1859 storm, named the Carrington Event for the scientist who witnessed the flare that preceded it, resulted in telegraph networks going haywire. Sparks flew from equipment — some of which caught fire — yanking telegraph cables from batteries.
Nevertheless, the Carrington Event offers important clues to what the sun might have in store for Earth in the future, solar physicist Hugh Hudson writes in the 2021 Annual Review of Astronomy and Astrophysics. “Danger lurks for humanity’s technological assets, especially those in space,” writes Hudson, of the University of Glasgow. In the wake of a Carrington-like event today, entire power grids could shut down and GPS satellites could be knocked offline. The negative impact on the Internet of Things (IoT) would be profound. Who is to say, how society, its economy, and the way we have become accustomed to living would react?
Whether it is a new Carrington-type event, an adapting strain of a coronavirus, a financial system meltdown or the prospect of the Earth warming up several degrees over the next few decades – if it’s true or not is immaterial; the perception is enough to cause conflict - such risk exposures need to be modelled more accurately, quantified and priced.
Climate action failure and other environmental risks; weapons of mass destruction, livelihood crises, debt crises, IT infrastructure breakdown and even solar flares all have to be factored into the risk matrix.