Risk professionals are operating in a world of volatility, uncertainty, complexity and ambiguity (VUCA). The Covid-19 crisis has brought that to a whole new level, putting the profession to the test. The key is velocity.
This resource site, brought to you by Airmic, offers knowledge content support to our members, partners as well as the wider risk management community. You will find guides, reports, articles and thought leadership pieces organised by five megatrend areas, to equip you to navigate the VUCA world of the Covid-19 new normal. The site began with research for Airmic’s 2020 annual survey report, and will be regularly updated and refreshed.
Cyber & technology
Individual and corporate exposure to cyber threats is expanding at a rapid rate. Artificial Intelligence techniques, while still in their infancy, are being utilised in more state and criminal operations for faster and harder-to-detect attacks. Targeting of operational technology is increasing as outdated analogue systems digitise and converge with IT networks at corporate headquarters.
Geopolitics & populism
The nature of risks today, especially geopolitical risks, is that they are increasingly interconnected. Indeed, while much has changed, there is a surprising element of continuity in the geopolitical threats that companies face in the Covid-19 era.
Governance, laws and regulations
Risks in relation to governance, laws and regulation continue to exhibit a significant level of concern for risk professionals and their organisations.
Trust & reputation
Trust and reputation have become increasingly important to businesses. With the pandemic, all businesses and organisations have been placed under additional stress. One might think they may be more easily forgiven for their errors, but consumers continue to find many corporate transgressions unacceptable.
Climate & environmental
Businesses will bear the brunt of climate change. These will cause knock-on effects that will disrupt supply chains and impact staff, ultimately leading to lost revenues and repetitional damage. Yet many businesses still see climate action as external to them – something for governments instead to deal with.
Risks megatrends
1
Business interruption from a cyber-attack
3.93
2
Data compromise
– resulting in fines (e.g. from GDPR), reputational damage
3.82
3
Economic outlook
(e.g. recession in key economies)
3.73
4
Compliance with evolving digital regulation
(e.g. data protection, privacy and the upcoming online harms legislation)
3.67
5
Regulatory uncertainties
(e.g. Brexit)
3.65
6
Digital disruption to businesses and workforce
3.60
7
The organisation falling victim to phishing or fraud
3.53
8
Regulatory failing or incident
(e.g. Volkswagen scandal)
3.45
9
Social media-driven reputational risk
(e.g. #MeToo allegations)
3.93
10
Increased sanctions, regulatory activity, bribery and corruption, and anti-money laundering activity
3.33
11
Extreme weather events due to climate change
(e.g. fires, storms, flooding)
3.27
12
Ethical breaches
3.23
13
Victim of state
- sponsored cyber warfare
3.18
14
Climate change-induced shift in consumer sentiment towards your product or service
3.17
15
Societal change and unrest
(e.g. populist politics, riots, strikes)
3.16
16
Heightening shareholder litigation risk
(e.g. individual directors & officers (D&O) liability)
3.15
17
Loss of trust in media, information sources
(e.g. as a result of fake news)
3.14
18
Trade disputes and rising tariffs
3.10
19
Outbreak of war, acts of terrorism
3.04
20
Transition and liability risks from the transition to a low-carbon economy
(e.g. the economic and political impact of dramatic shifts in the price of carbon)
3.02
21
Risks to human health as a result of air and water pollution
3.00
22
Tech wars
(e.g. US-China tech war over Huawei)
2.98
23
Loss of trust in governments and elites
2.97
24
Catastrophes not necessarily related to climate change
(e.g. earthquakes, volcanic eruptions, human-induced environmental disasters such as oil spills)
2.74
25
Product-related reputational risk
(e.g. product recalls)
2.71
The average score on a scale of 1 to 5, where 1 means the megatrend is “not a concern”, and 5 means it is of a “very high concern.
Download full 2020 Report Here
Survey & research methodology
Airmic’s 2020 survey on risks and megatrends received 150 responses from 14 February to 31 March 2020. For context, this corresponded to the period when the Covid-19 pandemic was beginning to hit Europe, in particular from the first cases of infection in northern Italy until the end of the UK’s first week of lockdown.
Subsequently, roundtables with Airmic members were held to gather qualitative responses. Written interviews were held with key representatives of the associations listed below in the acknowledgements.
Risk megatrends: ranking methodology
From a list of five risk megatrend areas with five sub-areas each, survey respondents were asked to assess the extent to which each of these would be of concern to them and their organisations, in the course of the next three years. They were asked to do so on a scale of 1 to 5, where 1 meant it was ‘not a concern’ and 5 meant it was of a ‘very high concern’.
The list of megatrend areas and sub-areas was mapped out by Airmic during December 2019 and January 2020, and reinforced through secondary research and benchmarking with other risk megatrend studies. To reduce selection bias and to pre-empt unforeseen risk areas, survey respondents were also offered open-ended options to identify and assess other risk megatrends not on the list.
A simple average for the level of concern each risk megatrend sub-area posed to all respondents was calculated and expressed as a score out of 1 to 5. The level of concern for any given risk can thus be formally denoted as:
where N_r is the number of respondents for risk r, and concern_(r,n) is the level of concern assigned by respondent n to risk r. The level of concern felt by respondents to each risk was measured on a scale of 1 to 5.