Professional Documents
Culture Documents
SNAPSHOT: TOP BUSINESS RISKS AROUND THE WORLD IN 2018 ↘ View all country, regional and industry risk data here
CONTENTS
UK Germany
04
Canada
= Cyber incidents Business interruption
1 1
The Top 10 global business risks
1 = Business interruption France 2 Changes in legislation and regulation 2 Cyber incidents
Cyber incidents
06
2
1 = Business interruption
3 Business interruption 3 Natural catastrophes
2 Natural catastrophes
2 = Cyber incidents Executive summary and methodology
“With an increase both in the demand for our cyber risk “The new gold of the digital economy is
“Business interruption (BI) can be 3 Fire, explosion products and in volume of claims, it’s no surprise to see intangible assets such as data, platforms,
a consequence of many of the
other risks identified in the Risk
Barometer. Whether it stems from
“In the Industry 4.0 era, as
businesses rely more and more
cyber as the top risk again. Meanwhile, the challenging
macro-economic environment, threat of terrorism, and
uncertainty around Brexit will continue to drive up
networks or the company's reputation. As a
result of this shift, their protection is becoming
more important in Germany. Business and
08 1: Business interruption
a natural catastrophe or a cyber- on digitalization to manage their volatility. We need to adapt to the evolving landscape supply chain disruptions, as well as cyber
attack, it is a daily concern for
businesses.“
ULRICH KADOW, CEO, AGCS CANADA
supply chains, they face the new
issue of cyber-driven BI.“
CORINNE CIPIÈRE, CEO, AGCS FRANCE
to help our clients understand, manage and protect
against these complex risks in 2018.“
BRIAN KIRWAN, CEO, AGCS UK
threats, are among the greatest risks today.“
ANDREAS BERGER, AGCS BOARD MEMBER AND
CEO, CENTRAL AND EASTERN EUROPE
10 2: Cyber incidents
Japan
12 3: Natural catastrophes
2
Business interruption
Cyber incidents
14 Business risk risers and fallers: 4-10
16
Spain Italy 3 New technologies
Top risks for small- and mid-sized
1 = Business interruption 1 = Business interruption companies (SMEs)
China
US 2 Natural catastrophes 2 Cyber incidents
1 Cyber incidents
Business interruption
3 Fire, explosion 3 = Natural catastrophes 1
2
Business interruption
Cyber incidents
18 Future long-term risks
2 “Spanish companies were especially “Underestimated for a long time, cyber New technologies
20
3
3 = Natural catastrophes impacted by the earthquakes, hurricanes risk is an increasing concern for Italian
and storms of 2017, ensuring natural companies – moving up to second Contacts
“Cyber is a 24/7 365-day-a- catastrophes made a significant move in in the Risk Barometer, while loss of Australia
year risk that is evolving at a this year’s Risk Barometer.“ reputation is also a rising threat.“
rapid pace. Cyber losses can JUAN MANUEL NEGRO, CEO, AGCS SPAIN NICOLA MANCINO, CEO, AGCS ITALY 1 Cyber incidents
span many risk areas, such 2 Business interruption
as loss of reputation, BI and 3 Changes in legislation and
new technology. In addition, regulation
it is not limited to being an
external risk exposure, as the
“2017 was the costliest natural
actions of employees can
catastrophe year ever for insured
impact a company’s risk of
losses. Despite most catastrophes
data breaches or other forms
occurring in North America and
of cyber incidents.“
Nigeria South Africa Mexico, they still impact Asia, as
BILL SCALDAFERRI, AGCS BOARD
50% of claims by value are from
MEMBER AND CEO, NORTH
Theft, fraud and corruption = Cyber incidents subsidiaries of multi-national
AMERICA 1 1
companies located outside of
2 = Market developments 2 = Business interruption
the disaster zones. This reflects
3 = Changes in legislation and regulation 3 Changes in legislation and regulation the need for companies to
adopt a global approach to
KEY “Businesses in Africa are deeply concerned about the impact of business interruption, risk exposures and insurance
which is largely attributed to fire incidents, especially in developing markets. Political coverage. As manufacturing
Risk higher than in 2017
risks and violence; theft, fraud and corruption; and market developments are also a shifts east, Asia is increasingly
Risk lower than in 2017 rising concern across the region. Cyber incidents feature prominently in South Africa and exposed to such disasters.“
Morocco. This is not surprising as both countries are strong insurance markets.“ MARK MITCHELL, CEO AGCS ASIA
No change in 2017
THUSANG MAHLANGU, CEO, AGCS AFRICA
↘ View Africa & Middle East country risk data here
This risk map shows the top three risks for businesses in selected countries.
Source: Allianz Global Corporate & Specialty
Allianz Risk Barometer 2018 Top 10 Global Business Risks for 2018
ALLIANZ RISK
Source: Allianz Global Corporate & Specialty.
Figures represent the number of risks selected as a
42% BAROMETER
↘ View the full Risk Barometer 2018 rankings here TOP 10 GLOBAL BUSINESS RISKS FOR 2018
2 3 4 5
= 2017: 37% (1) 2017: 30% (3) 2017: 24% (4) 2017: 31% (2) = 2017: 24% (5)
Business interruption Cyber incidents Natural catastrophes Market developments Changes in legislation
(incl. supply chain disruption) (e.g. cyber crime, IT failure, data breaches) (e.g. storm, flood, earthquake) (e.g. volatility, intensified competition /
new entrants, M&A, market stagnation, and regulation
(e.g. government change, economic sanctions,
market fluctuation)
protectionism, Brexit, Euro-zone disintegration)
6 7 8 9 10
KEY
Risk higher than in 2017
Risk lower than in 2017
2017: 16% (7) 2017: 12% (10) 2017: 13% (9) 2017: 14% (8) NEW
= No change in 2017
SUMMARY METHODOLOGY
market developments (4th 22%) than
12 months ago. Risk perception of
changes in legislation and regulation
(5th 21%) remains the same, despite a The seventh Allianz Risk Barometer is the
reduction in the number of protectionist biggest yet, incorporating the views of a record
measures. Concerns about fire, 1,911 respondents from 80 countries. The annual
Business interruption and cyber explosion (6th 20%) are up – claims corporate risk survey was conducted among
analysis shows the average cost of a BI Allianz customers (global businesses) and
incidents interlink as the major threat loss from a large fire incident totals brokers. It also surveyed risk consultants,
for companies through 2018 and $2m (€1.7m) – while loss of reputation underwriters, senior managers and claims
or brand value (8th 13%) is also an experts in the corporate insurance segment of
beyond, according to the insight of increasing worry in an age when a crisis both Allianz Global Corporate & Specialty and
1,911 risk experts from 80 countries can spread globally within minutes. other Allianz entities.
Political risks and violence (9th 11%)
in the Allianz Risk Barometer 2018. is down year-on-year, although Respondents were questioned during October
businesses are more worried about the and November 2017. The survey focused on
impact of terrorism. A general trend of large and small- to mid-sized enterprises.
increased political activism is Respondents were asked to select industries
anticipated in 2018. ↘ Page 14 about which they were particularly
knowledgeable and name up to three risks they
The risk impact of new technologies believed to be of most importance. As multiple
Business interruption (BI) ranks as disrupt large numbers of companies (7th 15%) is one of the big movers in answers for up to two industries were possible,
the most important global risk for the through common internet the rankings year-on-year. It is also 2,376 responses and 6,472 risk answers were
sixth year in a row (42% of responses), infrastructure dependencies, are the second top long-term risk after recorded.
due to its tremendous effect on increasing. Meanwhile, the introduction cyber incidents, with which it is closely
revenues. Companies face an of the General Data Protection interlinked. Vulnerability of machines Most answers were for large enterprises
increasing number of scenarios – from Regulation (GDPR) across Europe in to failure or malicious cyber acts will (>€500m annual revenue) [1,257 responses,
traditional exposures, such as the May 2018, brings the prospect of more, increase in future, potentially causing 53%]. Mid-sized enterprises (€250m to €500m
physical damage impact of natural and larger, fines for businesses who significant disruption to critical revenue) contributed 516 responses (22%), while
catastrophes and fires on facilities and don’t comply. The way in which a infrastructure. Businesses also have to small enterprises (<€250m) produced 603
the supply chain to new triggers business manages a data breach has prepare for new liability scenarios, as responses (25%). Risk experts from 22 industry
stemming from digitalization and a direct impact on the final cost. This responsibility shifts from human to sectors were featured.
interconnectedness that typically come will become even more the case under machine. ↘ Page 18
without physical damage, but high the GDPR. Reputational damage is Ranking changes in the Allianz Risk Barometer
financial loss. Cyber incidents is the irrevocably linked if the response to a New risks require new tools to help are determined by positions year-on-year,
most feared BI trigger for the first time. cyber incident is inadequate. ↘ Page 10 manage and mitigate potential ahead of percentages.
BI is also the main cause of economic Awareness of the cyber threat is impacts. The role of insurance is
loss for businesses after a cyber soaring among small- to medium-sized evolving, whether it is through provision All currencies US$ unless stated.
incident. Cyber BI incidents are businesses (SMEs) ↘ Page 16 of new coverages such as cyber BI
increasing, resulting from hacker protection and non-damage BI which ↘ Click here to view the full regional, country and
attacks, such as ransomware incidents, A record-breaking $135bn in insured can protect against lost revenues due industry risk data
but more frequently from technical losses in 20171 ensures natural to an event disruption, or, increasingly,
failures and employee error ↘ Page 8 catastrophes returns to the top three via offering access to services that can
6 7
Allianz Risk Barometer 2018 Major Risks in Focus: Business Interruption
BUSINESS INTERRUPTION
incident (67% of responses). This represents a significant shift in the perception of
BI risk from respondents over the past 12 months, reflecting the fact cyber
incidents have escalated in scale. Events in 2017, such as the WannaCry and
Petya ransomware attacks (see page 10), have brought significant disruption
and financial losses to a large number of businesses and services. Others, such as
$5m the massive distributed denial of service attack on internet provider Dyn in
With more and more new loss triggers emerging, and an increase in cyber (€4.2m) October 2016 (see page 10), also demonstrate the interconnectedness of risks
Energy platform
business interruption (BI) incidents, BI is the top risk in a “networked society” incident
and shared reliance on common internet infrastructure, service providers and
technologies, according to Cyence Risk Analytics, from Guidewire, which partners
with AGCS in assessing cyber risk.
5-year risk rankings The threats may be changing but the result stays damage loss. ($2.4m and $1.75m respectively).
(% of responses
the same. Business interruption (incl. supply
$4.5m While cyber BI can result from the likes of ransomware incidents, which have
doubled in frequency over the past year and involve hackers encrypting files
(€3.8m)
and position): and demanding compensation to unlock them, a more frequent cause of cyber
chain disruption) is the top risk for companies for But as many businesses transition from being Strike/riot/vandalism
2017: 37% (1)
2016: 38% (1) the sixth consecutive year, according to the Allianz rich in physical assets to deriving more value $2m BI can be mundane technical failures or employee error. For example, in
February 2017, Amazon suffered an outage of its cloud storage service for four
(€1.7m)
2015: 46% (1) Risk Barometer, with 42% of responses rating it as from intangibles and services, increasingly, BI is Fire, explosion hours, impacting a number of internet services, websites and other businesses.
2014: 43% (1) It was reported the outage was caused by human error2 . Cyence Risk Analytics
one of the three most important risks companies being triggered by non-traditional risk
face in 2018, up year-on-year. Whether it results exposures which don’t cause physical damage
$1.4m $0.9m estimates that companies in the S&P 500 dependant on Amazon’s services lost
Top risk in: (€1.2m)
approximately $150m as a result 3 .
Canada from factory fires, destroyed shipping containers, but result in lost income – so-called non- Flood (€0.8m)
Storm
China or, increasingly, cyber incidents, BI can have a damage business interruption (NDBI). Cyence Risk Analytics notes that BI is one of the largest loss drivers for businesses
France after a cyber incident. For example, in the event of an outage at a cloud service
Germany
tremendous effect on a company’s revenues. Yet
provider lasting more than 12 hours, it estimates that losses could total $850m in
Hong Kong its impact is one of the hardest risks to measure. A “Businesses are facing an increasing number of North America and $700m in Europe, based on 50,000 companies in three
Average value of BI claim by cause of loss (selected). Energy
Indonesia severe interruption can even have a terminal disruptive scenarios, as the nature of BI risk platform and strike/riot/vandalism incidents are low frequency/high specific industry sectors (financial, healthcare and retail) being impacted by the
Italy impact, particularly for smaller companies. evolves in our networked society,” explains outage in each region.
severity events.
Japan
Morocco Moreover, increasing interconnectivity means the Volker Muench, Global Practice Group Source: Allianz Global Corporate & Specialty
Netherlands potential for higher losses is growing. BI can be a Leader, Property, AGCS. “They still have to deal
South Korea consequence of many of the other top risks in this with traditional exposures, such as the impact of
Spain year’s Allianz Risk Barometer. natural catastrophe activity, which we’ve seen
Switzerland
peak in 2017. But they are also challenged by a RISK MITIGATION, SEMANTIC ANALYSIS emergency plans to reflect the new BI
Top risk in the AN INCREASING NUMBER OF multitude of new triggers stemming from AND AN INSURANCE EVOLUTION environment, plan for a variety of scenarios
following sectors: DISRUPTIVE SCENARIOS digitalization – as data becomes a critical asset and have strategic alignment through all
Aviation
–, supplier interdependencies and product In this year’s Risk Barometer, BI also ranks as the departments on predictive detection of risks,”
Food & Beverage
Manufacturing BI can be triggered by traditional property quality incidents, as well as the indirect impact second most underestimated risk (see page 11). says Muench.
(incl. Automotive) damages resulting from natural catastrophe from terrorism and political events or strikes,
Power & Utilities losses or a break in the supply-chain due to which can result in loss of income from people “BI impact is easy to underestimate,” says Insurers such as AGCS can support businesses
Retailing &
Wholesale
property damages at the premises of a supplier staying away from impacted areas.” Thomas Varney, Regional Manager Americas, further through provision of new insurance
Transportation or customer, often known as contingent business Allianz Risk Consulting, AGCS. “Risks can be solutions such as cyber BI and NDBI cover,
interruption (CBI). The threats don’t stop there. In today’s extremely complex. In many cases it is difficult which indemnifies a business for lost revenue
uncertain political and business landscape, to know what the actual exposure is, how to due to disruption from an event. AGCS also
BI losses for businesses can often be much where the prospect of an abrupt change of calculate the loss, or even where the actual leverages semantic analysis tools to better
higher than the cost of any physical damage. rules disrupting business models is an disruption in the supply chain occurred.” understand a business’ supply chain risk. This
The average large BI property insurance claim is increasing concern, a withdrawal of regulatory enables mapping of supplier relationships up
now in excess of $2m1 . This is more than a third approval or product license is another potential “Companies often underestimate the complexity to the fourth tier, thus helping to identify
higher than the average direct property BI risk. of ‘getting back to business’ and can have exposure and accumulation issues.
bottlenecks in their emergency plans,
particularly with regards to alternative “It’s important that businesses understand that
WHICH CAUSES OF BUSINESS INTERRUPTION (BI) DO BUSINESSES FEAR THE IMPACT OF MOST? suppliers,” says Muench. “Cyber risk is another new NDBI triggers are evolving,” says Varney. 1 Allianz Global Corporate
example. They may have a cyber-attack “Today’s threats may be understood, but what & Specialty, Global
Claims Review: Business
continuity plan to start their own IT again but is about tomorrow’s? It’s an ongoing diligence to Interruption in Focus
Source: Allianz Global
Corporate & Specialty. the BI threat adequately assessed? What about keep abreast of the impacts that are going to 2 The Guardian, Typo
blamed for Amazon's
Figures represent the the impact of a cyber incident at one of their change as a business evolves. Businesses need internet-crippling outage,
March 3, 2017
42% 40% 39% 30% 23% suppliers stopping them from delivering to understand the new facilities they have,
percentage of answers of all
participants who responded 3 Evolution of Cyber Risks:
(845). Figures don't add up products or services?” mergers and acquisitions that may have Quantifying Systemic
Exposures, George Ng
to 100% as up to three risks occurred, different suppliers they may be and Philip Rosace,
could be selected.
1. Cyber incidents 2. Fire, explosion 3. Natural 4. Supplier failure, 5. Machinery Nevertheless risks can be mitigated. using – all of these continually change as a Cyence Risk Analytics,
Guidewire, MMC Cyber
catastrophes lean processes breakdown “Businesses should continuously fine tune their business grows.” Handbook 2018
8 9
Allianz Risk Barometer 2018 Major Risks in Focus: Cyber Incidents
CYBER INCIDENTS
on supply chains
Business Reputational
interruption 36% loss 52%
New threats such as “cyber hurricanes”, increasing reputational risk and tougher New Liability claims
data rules mean businesses and risk experts are more concerned than ever technologies 25% after a data breach 45%
5-year risk rankings Production of a vital vaccine is disrupted, MULTIPLE THREATS UNDERESTIMATED Source: Allianz Global Corporate & Specialty. Source: Allianz Global Corporate & Specialty.
(% of responses and Figures represent the percentage of answers of all participants who responded (902). Figures represent the percentage of answers of all participants who responded (857).
leading to fears of a drug shortage. One of Figures don't add up to 100% as up to three risks could be selected. Figures don't add up to 100% as up to three risks could be selected.
position):
2017 30% (3) the world’s busiest “smart” ports is brought “Every company has been or will be impacted by
2016 28% (3) to a standstill, leaving containers stranded. cyber risk. It is not over-hyped. If anything it is
2015 17% (5) These and other recent events from the June under-appreciated because the threats are not
2014 12% (8)
2017 Petya ransomware attack show how always well understood,” says Emy Donavan,
Top risk in: vulnerable businesses are to an ever- Global Head of Cyber at AGCS, noting that over core cyber risks such as BI,” says Donavan. cyber security and resilience and consider the role
Australia evolving cyber threat and its impact on the 50% of Risk Barometer responses rank cyber as “Small companies are likely to be crippled if hit of cyber insurance as part of their risk
Austria balance sheet – an estimated $275m 1 in the risk most underestimated by businesses. with a ransomware attack, while larger firms are management. As the cyber threat evolves, so does
Belgium
Brazil
insured losses alone from the vaccine “There are now multiple cyber threats to a targets of a greater range of threats, such as the cyber insurance proposition, beyond just
India incident and a potential $300m 2 hit for a company’s digital presence.” the DDoS attacks, which can overwhelm covering financial loss such as BI and restoration
Indonesia shipping company from the terminal incident, systems. It is almost impossible to completely costs. For example, if an organization suffers a 1 Reuters, Merck cyber-
Netherlands and others. Economic losses from the Personal data or intellectual property can be prevent cyber events but there are many data breach it will need instant access to specialist attack may cost insurers
$275 million: Verisk's PCS,
Singapore
South Africa WannaCry attack a month earlier could compromised. Businesses can incur network liability approaches that can make the ones that lawyers, IT forensics and crisis management October 19, 2017
2 Financial Times, Moller-
UK eventually hit $8bn, according to Cyence Risk if a corrupted file is transferred to another company. happen far less damaging.” consultants to help mitigate the impact of an Maersk puts cost of
USA Analytics. Just like a natural disaster, a single Respondents are increasingly worried about new incident as it develops. Insurance provides this. cyber-attack at up to
$300m, August 16, 2017
cyber-attack can potentially impact perils such as cyber extortion and, particularly, One of the most effective prevention techniques 3 Reuters, Hackers halt
Top risk in the plant operations in
following sectors: hundreds of companies, leading to severe business interruption (BI) (see page 9). Meanwhile, for ransomware is effective, secure, segregated “Companies can’t bury their heads in the sand. The watershed cyber-attack,
Entertainment & business interruption and loss of customers the emergence of two major security flaws in back-ups that are performed regularly, Donavan sooner they respond the better the outcome. December 14, 2017
4 MediaTenor, Enhancing
Media and reputation. It is no wonder that cyber computer chips – Meltdown and Spectre – in says. User-based access rights can also be Companies that respond poorly to a cyber incident risk management by
Financial Services
incidents continue a six year climb up the January 2018, which raised fears that hackers could effective. If the concern is a DDoS attack, systems will see more of a long-term impact on their stock helping companies shield
Professional Services and build their
Technology Allianz Risk Barometer in 2018 – cyber is steal data from computers and devices around the redundancy and back-up servers are vital. price than those that respond well,” says Donavan. reputations
Telecommunications now the top risk in 11 countries. world, shows how cyber interconnectivity continues
to bring unexpected threats. REPUTATION ON THE LINE
LARGER INFRASTRUCTURE ATTACKS IN 2018 Cyber incidents aren't just caused by hackers.
Technical failure or malicious or innocent GDPR: the most significant cyber risk development in 2018
DIGI-DANGER: NOT JUST CYBER-ATTACKS
There are multiple threats to a company’s digital presence Businesses worry about the increasing employee action is often to blame. Whatever the Data protection security is back in the spotlight following huge breaches
sophistication of cyber-attacks. December 2017 cause, reputational damage is irrevocably linked. at Equifax and Uber in late 2017, which potentially exposed the data of
brought the first report of a successful safety system According to reputation analysis and research 200 million people. The introduction of the General Data Protection
breach at an industrial plant by hackers, after institute, MediaTenor, 75% of all companies which Regulation (GDPR) across Europe in May 2018 will intensify scrutiny
Extortion further. The GDPR introduces stricter procedures – such as the requirement
Cyber theft
previous incidents at other types of critical suffer a cyber-attack also incur reputational to notify the regulator and data owners of a data breach – and
Network liability infrastructure3. Meanwhile, incidents such as damage or loss4 . Companies in the significantly higher penalties for companies doing business in the EU who
CYBER Data restoration & WannaCry, Petya, and Mirai, the massive entertainment, banking and retail sectors are don’t comply. Companies could be fined as much as 4% of global revenues,
ATTACK forensics cost so more and larger fines can be anticipated. Demand for cyber insurance
distributed denial of service (DDoS) attack on particularly vulnerable due to handling
is also expected to increase, as companies bolster security in response.
Employee error internet provider Dyn, which disrupted the likes of confidential data. Furthermore, companies can
System failure
Twitter, CNN and Netflix in October 2016, are part suffer reputational damage without negative “Compared with the US where laws are already strict and privacy
Regulatory
requirement of a growing trend of broader accumulation events, media coverage. If sensitive data is compromised, regulation is continuously evolving, firms in Europe now also have to
prepare for tougher liabilities and notification requirements,” says Emy
CYBER or “cyber hurricanes”. Hackers can disrupt larger trust can be destroyed among core stakeholders
DATA Donavan, Global Head of Cyber at AGCS. “Many businesses are waking
BUSINESS BREACH
Any breach of
numbers of companies by targeting common without media involvement.
privacy legislation up to the fact they have potential vulnerabilities, and the realization that
INTERRUPTION
Regulatory action internet infrastructure dependencies, for example privacy issues create hard costs will emerge fairly quickly once GDPR is
Client data in care, – a trend that will likely continue through 2018. CYBER INSURANCE AS A SERVICE implemented. Being well prepared for a data breach will help reduce
custody & control the reputational impact as well as the business interruption. Past
experience has shown that the way in which an organization manages a
“Companies of different sizes and industries need Increasing interconnectivity means it is more breach has a direct impact on the cost. This will become even more the
Source: Allianz Global Corporate & Specialty to pay attention to different threats to prevent important than ever for companies to review case under GDPR.”
10 11
Allianz Risk Barometer 2018 Major Risks in Focus: Natural catastrophes
NATURAL CATASTROPHES
Japan Mar 2011
$68.5bn $29.5bn Tohoku Earthquake/Tsunami
US Jan 1994 place, or have not been reviewed,
Northridge Earthquake $210bn $40bn
the magnitude of such losses can
$44bn $15.3bn
increase significantly:
China May 2008 Japan Jan 1995
US Jun-Sep 2012 Earthquake Kobe Earthquake
Drought $85bn $300m $100bn $3bn 1. Test and update emergency
$25bn $12bn
Uptick in activity begs the question: Is this a new “normal” of preparedness plans
2. Determine what events to
extreme weather? Allianz Risk Barometer respondents are US Aug 1992 prepare for e.g. flood, wind,
Hurricane Andrew
concerned it is – and about the potential for larger losses $26.5bn $17bn storm surge, and the exposures
3. Review and update business
Japan Oct 2004
US Sep 2008 US/Caribbean Aug-Sep 2017 Niigata Earthquake continuity plans
$28bn $760m
5-year risk rankings
Hurricane Ike Hurricanes Harvey, Irma and Maria 4. Understand the insurance policy
Approximately, $330bn in overall losses from more and more clear that natural catastrophes $38bn $18.5bn $215bn $92bn
– find any coverage gaps and
(% of responses and
position):
natural catastrophes. Around $135bn in insured can trigger or contribute to many other risks, Thailand Aug-Oct 2011
plug them
US Aug 2005 Floods
2017 24% (4) losses1 . At least $90bn from the three category such as business interruption or loss of market Hurricane Katrina $43bn $16bn 5. Improve the site ahead of time to
2016 24% (4) 4+ hurricanes – Harvey, Irma, and Maria (HIM) share, for example. This has certainly influenced $125bn $60.5bn minimize event impact
2015 30% (2) New Zealand Feb 2011
that wreaked havoc in September, making it the the sustained attention on natural catastrophes Chile Feb 2010 Earthquake ↘ Windstorm checklist
2014 33% (2) Earthquake
most active hurricane month on record2 and in the Risk Barometer. $24bn $16.5bn
$30bn $8bn
↘ Flood checklist
Top risk in the 2017 one of the costliest seasons on record.
↘ Earthquake checklist
following sectors: Over $2bn dollars in insured losses from an “The impact of natural catastrophes goes far Sources: Munich Re NatCatService. Graphic: Allianz Global Corporate & Specialty.
Engineering, earthquake in Mexico, also during September. beyond physical damage to structures in the Data as of March 2016, except Hurricanes Harvey, Irma and Maria – as of January 4, 2018.
Construction Loss locations are for guidance only.
Entertainment Nearly $10bn worth of wildfire insurance claims affected areas. They disrupt the normal
& Media in California alone through October3 . Wherever dynamics of societal and industrial operations
Marine & Shipping you look, it doesn’t take long to locate a startling in the immediate regions affected and beyond,
Oil & Gas statistic about natural catastrophe activity impacting a large variety of industries that The loss potential for businesses from future NEW TOOLS FOR RAPIDLY-CHANGING
Renewable energy
during 2017. And the numbers could get worse. might not seem affected at first glance.” natural catastrophes is exacerbated by RISK CONCENTRATION
Given the wide-ranging impact of HIM – from additional risk factors such as rapid urbanization 1,100+
flood damage by Harvey in Houston to business CHANGING CLIMATE AND RAPID URBANIZATION – and the failure of development of sufficient In order to keep up with rapidly-changing risk
interruption (BI) from record power outages in infrastructure to keep pace with this – and concentration, insurers such as AGCS are using a
Puerto Rico caused by Maria – it may be some Respondents fear the 2017 natural catastrophe greater interconnectedness, resulting in variety of new catastrophe management tools Number of claims
time before the final loss total is known. year could be a harbinger of things to come with increasing contingent business interruption (CBI) and insurance solutions to monitor storms and handled in 60 days by
AGCS from 4 events
many believing the intensity of natural and supply chain exposures. For example, there assess natural catastrophe damages from – three hurricanes
Activity was not just confined to the Americas. catastrophes will increase in future due to the has been significant growth in population and events such as those in 2017. These tools include and a wildfire
Severe flooding events rocked Bangladesh, impact of a changing climate. Research shows development of commercial property in the US drones – used outdoors to assess roof wind
China, Sri Lanka, Peru and Zimbabwe. Killer there has been a 46% increase in weather over the past decade. Modeler AIR Worldwide damages and inaccessible locations, but also
mudslides devastated Columbia and Sierra disasters since 2000 and that 797 events were estimates the insured value of residential and indoors to assess water damage in large
Leone. Extreme wildfires tore across the Iberian recorded in 2016 alone, resulting in $129bn of commercial properties in coastal counties in the facilities – and satellite technology and 3D
peninsula and multi-seasonal drought losses. 4 Climate change/increasing weather US now exceeds $13trn 6 . Values have increased imagery, to locate risks more quickly and
conditions continued throughout the volatility (10th position) is a new entrant in the 13% in three years. more precisely.
Mediterranean and parts of Africa and top 10 risks in 2018 (see page 15) and many
Australia, which was also hit hard by Cyclone scientists agree that changes in the climate and “There are more people and more “Currently we have several initiatives ongoing
Debbie in March. In the Philippines, Tropical weather patterns have the potential to affect development in harm’s way especially along that combine state-of-the-art data analytics
Storm Tembin triggered floods and landslides extreme events around the world in three the US coasts,” says Andrew Higgins, tools and the geographic information system
on Christmas Day. If businesses had become primary ways – more intense windstorms, more Technical Manager, Americas, Allianz Risk (GIS) with the latest technologies on satellite
1 Munich Re
NatCatService, Natural
complacent following a number of relatively incidences of heavy rainfall leading to flooding Consulting, AGCS. “In order to protect coastal imagery, big data and machine learning to
Catastrophe Review 2017 quiet catastrophe years – by insurance events and more severe drought episodes. communities, there need to be ample zoning provide advanced solutions that will significantly
2 The Weather Channel,
2017 Atlantic hurricane standards at least – 2017 provided a wake-up Reinsurer Munich Re believes that although it laws to prevent unbridled overdevelopment, aid critical decision-making,” explains
season recap: 17 call, ensuring natural catastrophe risk rises up cannot be attributed with any statistical along with less concrete and more green space Shahkarami. “For example, this would allow us to
moments we'll never
forget, November 28, the Risk Barometer to 3rd position in 2018. significance, the changing climate already to allow tropical rains to properly drain. For have aerial images of impacted regions and
2017
3 California Department of
played a role in the 2017 hurricane season 5 . It example, some areas of Houston received potentially assess damage level to facilities 6 AIR Worldwide, The
Coastline at Risk: 2016
Insurance, October “Recent events have been a reminder of how also warns that the 2017 season looks like “a about half of the amount of rain from immediately after a wildfire event or estimate Update to the Estimated
wildfire claims top $9.4 Insured Value of U.S.
billion statewide significant the impact of natural catastrophes foretaste of the future” and that future Hurricane Harvey compared with a record- the extent of flooding or damage to the top of Coastal Properties
4 The Lancet Countdown can be, both socially and economically,” says Ali projections of increased numbers of extreme setting deluge in Nederland, Texas the roofs of buildings after a windstorm. We live 7 Washington Post, 60
on health and climate inches of rain fell from
change Shahkarami, Head of Catastrophe Risk storms may materialize in terms of a higher (154cm/60.6 inches7), but experienced much in exciting times from a technological Hurricane Harvey in
5 Munich Re, The hurricane
season 2017: a cluster of
Research, AGCS. “As industries become leaner frequency of exceptional seasons such as 2004, worse flooding. The difference is perspective and are eager to utilize every tool Texas, shattering U.S.
storm record, September
extreme storms and more connected globally, it is becoming 2005 and last year. overdevelopment.” available to better serve our customers.” 29, 2017
12 13
Allianz Risk Barometer 2018 Top Business Risks: 4-10
caveats. With record amounts of cash on balance world will continue to be very fragmented. Global interruption insurance claims over a five-year
sheets, another M&A wave is expected in 2018, as trade agreements and multilateral platforms are period, with the average cost of a large
increasing share buybacks cast doubt on the ability on the back burner, as economic and financial incident totaling €1.7m ($2m). It is no wonder
to grow organically in the face of the digital balkanization becomes the norm: the US-initiated then that this risk continues to resonate with
revolution. In addition, should markets and politics tax war, uneven monetary and regulatory global respondents year after year – it also Act of terrorism Riots, strikes, State collapse or crisis
reconnect, volatility could potentially increase to conditions between regions, and the politicization ranks second in the causes of business or sabotage civil commotion (e.g. Brexit or breakdown
of Euro-zone)
mid-90s levels. Although bankruptcies around the of currencies threaten capital flows. The top interruption companies fear the impact of
world are stable, activity is up in the retail, services political risks continue to be about economic most, after cyber risk. Fire and explosion is also Source: Allianz Global Corporate & Specialty.
Figures represent the percentage of answers of all participants who responded (246).
and construction sectors. Industries closest to the drivers, such as a fragmented Gulf region, as oil the major peril for businesses in two countries Figures don’t add up to 100% as up to three risks could be selected.
final consumer are first in line for disruption and are prices remain low and continued secession risks in – Burkina Faso and Togo – appearing in the
already impacted by price pressures. Europe as economic imbalances prevail. Risk Barometer for the first time.
1 Brand Finance Global 500 Report 2012 2 and 3 Oxford Metrica/Aon Reputation Review 2012 4 Munich Re NatCatService, Natural Catastrophe Review 2017 5 The Lancet Countdown on health and climate change
14 15
Allianz Risk Barometer 2018 SME business risks
SME
Collectively, small- to medium-sized (SME) business experts SMEs can be vulnerable as many do not have
now account for almost half of Risk Barometer responses sufficient revenue to afford their own IT departments
(47%). For medium-sized companies (annual revenues or access to the knowledge and resources to protect
between €250m and €500m), cyber incidents ranks as the themselves against evolving threats. They can be
BUSINESS
top risk for the first time (39% of responses), while for small- particularly susceptible to phishing attacks via email
sized companies (annual revenues less than €250m) it ranks or fraudulent activity happening in their e-commerce
as the 2nd major business risk (30% of responses) storefronts.
RISKS
“The jump that cyber incidents have taken in the past year Employing a Chief Information Security Officer (CISO)
– from 3rd to 1st for medium-sized companies and from who can implement a comprehensive information
6th to 2nd for small-sized companies – is significant and security management system is considered a must in
reflects an uptick in the attention paid to data breaches combatting the cyber threat but this can be costly and
both by SME companies and their insurance brokers,” says time-consuming and is often beyond the financial
Vinko Markovina, Global Head of MidCorp, AGCS. reach of many SMEs. However, AGCS has partnered
Awareness of the cyber threat is with Silicon-Valley based software company Zeguro to
soaring among small- and medium- “Awareness is growing, as the Risk Barometer results implement a “virtual CISO” platform as part of its
show, but many SMEs still underestimate their exposure insurance coverage, which enables SMEs to access
sized businesses as the potential and are not prepared for, or are able to respond to, an tailored security recommendations and training for
impact from data breaches and incident. This can be a fatal mistake.” employees, helping to reduce the overall risk of
phishing attacks hits home. financial loss following an incident.
As increasing numbers of cyber incidents occur and are
Fighting back poses a different set reported, more evidence of its financial impact is available “Cyber insurance used to be a confusing and relatively
of challenges compared with larger to SME-sized businesses. The impact can be catastrophic. expensive cover for SME-sized businesses. However,
companies Research shows that in in 2017, the average cost of a data as coverage has become more available, affordable
breach in North America was $117,000 for SMEs1 , while and easier to understand, we are seeing more
other studies show that hackers have breached over 50% demand,” says Markovina. “Activity around cyber will
of small businesses, with these numbers up year-on-year2 . only accelerate in the SME space through 2018.”
2 Cyber incidents (e.g. cyber crime, IT failure, data breaches) 30% 6 (22%) 2 Business interruption (incl. supply chain disruption) 37% 1 (35%)
3 Natural catastrophes (e.g. storm, flood, earthquake) 28% 4 (25%) 3 Natural catastrophes (e.g. storm, flood, earthquake) 32% 5 (23%)
Market developments (e.g. volatility, intensified competition / new 4 Fire, explosion 23% 7 (17%)
4 27% 1 (32%)
entrants, M&A, market stagnation, market fluctuation)
Market developments (e.g. volatility, intensified competition / new
Changes in legislation and regulation (e.g. government change, 5 21% 2 (33%)
5 22% 3 (26%) entrants, M&A, market stagnation, market fluctuation)
economic sanctions, protectionism, Brexit, Euro-zone disintegration)
Source: Allianz Global Corporate & Specialty. Figures represent how often a risk was selected as a percentage of all responses for that company size. Responses: 516. Figures
Source: Allianz Global Corporate & Specialty. Figures represent how often a risk was selected as a percentage of all responses for that company
don’t add up to 100% as up to three risks could be selected.
size. Responses: 603. Figures don’t add up to 100% as up to three risks could be selected.
Business interruption (BI) ranks as the top risk for small enterprises (33% of responses), up from 2nd (27%) Four SME Risk Risers
year-on-year, and as the second most important peril for medium-sized companies, although this has been Natural Climate change Political risks Fire, explosion
displaced by cyber incidents as the most important risk in 2018. catastrophes Small- (7th position) and violence Impact is much more
The record-breaking and medium-sized Medium-sized of a concern for
“It’s no surprise that BI ranks prominently in the SME risk rankings, as threats are multiplying and the 2017 loss year has (8) businesses are companies (10th medium-sized
consequences cannot be underestimated,” says Vinko Markovina, Global Head of MidCorp, AGCS. provided a wake-up more worried about position) are companies where it
“Supply chain disruption is just one element of BI risk that can impact SMEs. Maintaining sufficient on-hand call for small- and its impact than increasingly concerned ranks as 4th top risk.
inventory levels, avoiding geographic concentrations of suppliers, monitoring mergers and acquisitions medium-sized larger corporations about the indirect Fall-out can be
1 Kaspersky Lab
2 Ponemon Institute, 2017 among suppliers and avoiding production specialization that leads to outsourcing can all be crucial businesses after a (>€500m annual impact of terrorism and terminal, destroying
State of SMB mitigation strategies in event of an interruption. If not managed effectively, the fall-out can quickly relatively quiet revenue) for whom civil commotion events, stock, halting
Cybersecurity Report escalate.” couple of years it doesn’t appear in which can keep production and
the top 10 risks customers away interrupting cash flow.
16 17
Allianz Risk Barometer 2018 Future risks
concern for Allianz Risk Barometer respondents our interconnected global economy and society,”
says Michael Bruch, Head of Emerging Trends
at AGCS. “And will there really be less human
error or is there only a shift in the type of human
error, moving from the operator/driver to the
Autonomous machines. Artificial intelligence potential eradication of jobs and its use in war software programmer of an algorithm or data
(AI). Smart factories and digitalized supply or influencing the views of the public via “fake analyst, which is actually the manufacturer?”
7 chains. The opportunities for businesses from
deployment of new technologies are immense
news”, there are a growing number of new risks
that businesses have to face. NEW LIABILITY SCENARIOS AND
and wide-ranging. It is anticipated that AN INCREASE IN PRODUCT RISK
risk ranking for new increasing interconnection of buildings, In today’s connected industries of smart
technologies in the factories and devices and better utilization of factories and digitalized supply chains, where Businesses will face new liability scenarios caused
Allianz Risk
data and analytics, will enable greater intangible assets such as data, networks, by this possible shift of responsibility from human
Barometer,
up from 10 in 2017 productivity and more tailored customer customer relationships and intellectual property to machine, and therefore to the manufacturer or
offerings. Safety will be improved as human can represent the major source of corporate its suppliers, with assignment and coverage of Smart factories and digitalized supply chains
↘ View a position error – a leading cause of loss in many value, more is at stake if things go wrong. liability becoming more challenging. Digital
paper on industries – is minimized due to automation of Unintentional errors or unexpected products are complex. Therefore, liability may
autonomous tasks. Autonomous machines can perform tasks consequences of applications of new technology arise from a product defect, from 3D-printing for
machines
in hazardous working environments, such as can quickly impact consumer trust and cause example, or could be traced back to a user error.
mines, reducing the risk of workplace injury, or reputational harm, as data privacy risks become It could even result from communication errors
in dangerous or inaccessible locations, more prominent and exposure to business between two machines, machines and sensors or
improving disaster response and relief. interruption risk is compounded. between machine and infrastructure.
Meanwhile, ongoing condition monitoring and
use of “big data” analytics could significantly Vulnerability of connected systems to system Technology will also likely become a bigger
improve risk management, enabling better risk failure or hacking and other malicious cyber driver of product recalls in future, whether due
mitigation and prevention, more robust pre- acts such as extortion and espionage will to cyber security vulnerability or untested AI,
disaster planning and even the ability to learn increase further in future. According to a recent nanotechnology or biotechnology advances.
from near-misses. report by Lloyd’s and Cyence Risk Analytics1 , a
malicious hack that takes down a cloud service “Cyber risk is currently underestimated for product
NEW VULNERABILITIES provider could cause estimated losses in excess recall despite there having been recalls because
The internet of things
of $50bn for an extreme event. of cyber security vulnerabilities in cars and
1 Lloyd’s and Cyence Risk However, even outside of some of the major cameras,” says Bruch. “Recalls involving emerging
18 19
Allianz Global Corporate & Specialty business scope
Allianz Global Corporate & Specialty (AGCS) is the Allianz Group’s dedicated carrier for
corporate and specialty insurance business. AGCS provides insurance and risk
CONTACT US
consultancy across the whole spectrum of specialty, alternative risk transfer and For more information contact your local Allianz Global
corporate business. Insurance product lines covered include: Corporate & Specialty Communications team.
Global
Credits Hugo Kidston Heidi Polke-Markmann
hugo.kidston@allianz.com heidi.polke@allianz.com
Contributors: +44 203 451 3891 +49 89 3800 14303
Christina Hubmann, Heidi Polke-Markmann, Patrik Vanheyden
Publications/Content Specialist:
Joel Whitehead (joel.whitehead@agcs.allianz.com) For more information contact
agcs.communication@allianz.com
Design:
Kapusniak Design Follow Allianz Global Corporate & Specialty on