Category Archives: Emerging Risk

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

Preparing for a Pandemic: Review Business Continuity Plans Amid Coronavirus Outbreak

Posted on by

Organizations worldwide have been reacting to the recent coronavirus outbreak, COVID-19, in a variety of ways, from restricting nonessential employee travel to canceling large events. The possibility of a pandemic has the potential to disrupt workforces, supply chains and economic activity in the months ahead. So, it is with a sense of urgency that prudent organizations review and update their business continuity plans to insure their operational resiliency.

A healthy and available workforce is any organization’s most valuable asset. A pandemic will incapacitate some employees and result in other employees being quarantined. This could result in a major disruption to normal operations, with potentially large numbers of employees working from home or remote locations.

To protect your workforce and help ensure its continued productivity, it is critical to:

  • Establish a strategy that enables employees to continue to function without endangering them.
  • Have a plan to isolate employees should the threat of possible infection arise.
  • Ensure employees can effectively work from home.
  • Verify that you have the tools, technology, capacity, and security measures in place to support a large remote workforce.
  • Review your HR policies to ensure employees will not be personally impacted if they must be quarantined for an extended period and modify any policies as appropriate to give greater flexibility to normal working arrangements. 
  • Determine your priorities and the minimum staffing requirements to support these priorities, in case you need to function with a significantly reduced workforce.
  • Identify key employees and ensure other staff members have received appropriate training to comprehensively cover their absence.
  • Create a communications plan that includes providing employees and other stakeholders with regular situation updates as well as actions taken.

In a global economy, virtually every organization is connected to or dependent upon others. You may not be directly affected by a pandemic, but could be impacted if a vendor at a critical point in your supply chain is. Understanding your dependence on entities outside your organization is critical. Are your critical third parties (e.g., suppliers, vendors and service providers) prepared?

To protect your operations and ensure continuity of services or products to your customers, it is important that you:

  • Map your dependencies to understand where disruptions might impact your value chains.
  • Review the preparedness of your critical third parties (suppliers, vendors, service providers, etc.).
  • Identify single points of failure in your ecosystem.

When assessing the impact of a disruption to your ecosystem, it is important to recognize the amount of time before the actual impact occurs. So, as you review and update your plans, you should also conduct walkthroughs and exercises. This is the best method for identifying gaps in your procedures and will give you the highest chance of successful execution. Active participants will become familiar with the goals and objectives of the plan and begin to use it as guidance rather than a prescriptive list of tasks to be followed without applying rational thought. Practicing the execution of your plan ensures all necessary parties understand their roles and responsibilities.

During preparedness reviews, you should also assess the tools used to maintain relevant information and assist in executing your plans. Old technologies and obsolete tools will put successful execution of even the best plans at risk. Identify any deficiencies in the tools available and create a comprehensive list of requirements that will enhance your ability to execute. The sooner you begin to upgrade your tool set, the sooner you will be able to reduce execution risk.

An organization’s ability to effectively respond to a disruption of its workforce or a critical third-party not only depends on how effective you were in the planning process, but also how effective you were with the tools you have and the training you implemented. The tools you use to communicate, maintain situational awareness, and provide current and accurate information will also have a major impact on the execution of the plan.

Mitigating Payment Fraud Risks

Posted on by

For businesses that thrive on person-to-person transactions, cash is quickly being replaced by cards, as well as tap-to-pay systems, mobile wallets and QR-based payment systems. These technologies will continue to dominate the market in the near future, but the long-term future of the payment card industry will likely be shaped by the impact of blockchain and artificial intelligence. These developments will eventually also impact risk management, marketing and financial planning, as they present opportunities for serious risks, including fraud. Hence, it is imperative for risk management professionals to plan for these short- and long-term changes in the industry.

Strong risk monitoring requires proactively assessing threats and planning mitigation measures to minimize risk impact on the company or organization. To help mitigate payment fraud risks, businesses can take the following steps:

Train your Employees Regularly

The more regularly you train your employees, the more likely are they to spot suspicious behavior, no matter what payment technology the business uses. Repeated and regular trainings are essential because employees tend to forget what they have learned with time. These training workshops should teach the workers to never accept damaged cards from customers, confirm customer identities, and never enter a card number manually.

Use Contactless and EMV-Enabled Terminals

As payment technology changes, businesses must evaluate what options are safest and least prone to fraud. Currently, businesses should use EMV (short for Europay, Mastercard and Visa), which involves chips embedded into payment cards—a significant step in making transactions safer. The introduction and adoption of EMV-enabled secure terminals, particularly when using PIN and EMV security together, has helped merchants and customers prevent fraudulent transactions.

Contactless smartcards such as chip and magnetic stripe cards use contactless payment, which can present another secure way to process transactions. Most EMV terminals are also enabled with contactless payment. At such terminals, a fast and secure transaction is possible using Near Field Communication (NFC) or Radio-Frequency Identification (RFID) via smartcard or smartphone. If a merchant chooses to use contactless payment without PIN, they can put a limit to the amount spent on each contactless transaction to further minimize risk.

Beware Uncommon Transactions

Transactions that involve unusually large purchases could be a sign of potential fraud. Businesses should examine such transactions closely and confirm the identity of the customer. Similarly, if several purchases are made with a card in a short timeframe, it could indicate that the card was stolen and being used by someone other than the owner.

Maintain Online Security

As merchants and consumers shift to contactless and EMV-enabled point of sale terminals, risk has shifted towards online transactions. To mitigate this risk, it is important for online businesses to use the Address Verification Service (AVS), which verifies that the billing information matches the one registered with the card issuer. Vendors should also ask for Card Verification Value 2 (CVV2) to verify that the user has the card in hand when placing the order. Another important check is to put a limit on an IP address for the number of cards it can use for online transactions.

Prevent Employee Fraud

Employee fraud is always a major concern for risk management professionals.  Businesses should remember to keep an eye on credit card activity, particularly returns, as employee theft often shows up in fake discounts or returns. Companies should create alerts that set limits on returns at stores and notify management any time those limits are exceeded.

Managing Coronavirus Business Interruptions

Posted on by

The novel coronavirus 2019-nCoV, now called COVID-19, has continued to spread through China and beyond, with more than 1,800 deaths reported as of this writing. The virus’s spread has also had major impacts on business operations around the world, slowing or shuttering international companies’ operations in China and prompting travel restrictions and evacuations.

Businesses around the world are taking travel precautions and creating or updating existing response plans to address these risks. Dr. Adrian Hyzler, chief medical officer of healthcare, assistance and risk management company Healix, told the RIMScast podcast that “Companies have to think on their feet and have crisis meetings, twice, sometimes three times a week just to try and keep up with the changes in government regulations and what they have to do to try and manage the situation.”

But companies may not be able to manage all of the issues resulting from COVID-19-related business interruptions, and some may even fail to fulfill their contractual obligations because of supply chain complications, risking severe penalties. If this occurs, companies throughout the supply chain have options for protecting themselves or recovering from lost business.

If contracts allow, companies may attempt to invoke force majeur clauses, which, according to international law firm Reed Smith, “excuse a party’s performance of a contract if an unforeseen event beyond its control prevents performance.” To prepare for these complications, Reed Smith recommends that companies:

  • review their contracts to determine what, if any, rights and remedies they have as a result of the delayed performance of contracts due to force majeure; 
  • provide timely notice of a force majeure event; 
  • prepare for potential litigation concerning failure-to-supply issues and the application of force majeure clauses, including by taking (and documenting) reasonable steps to mitigate the impact of the novel coronavirus; 
  • update form force majeure clauses to take into account, to the extent possible, modern risks to contractual performance, including diseases, epidemics or quarantines.

Reed Smith also noted that if a company intends use a force majeur clause to avoid financial penalties for business interruptions as a result of COVID-19, they should “take (and document) reasonable steps to mitigate the impact of the novel coronavirus. While these steps may prove futile, they are essential predicates to mounting a valid force majeure defense.”

There may also be insurance options for covering COVID-19-related losses. When speaking with the RIMScast podcast, Reed Smith’s Richard P. Lewis said that depending on a company’s exposures, some options for covering losses include contingent business interruption coverage, event cancellation policy, supply chain insurance or travel insurance. But, Lewis said, “The first big category would be first party insurance. That would be property insurance and more specifically a first party or property insurance policies providing ‘time element coverage’ that is impacted by time, usually known as business income or business interruption insurance.”

Lewis also said while property (like a factory that is shut down after the outbreak) may not have suffered actual physical damage, there could be legal precedent for claiming physical loss or damage “if the building can’t be used for its intended purpose.” Anderson Kill P.C.’s Finley T. Harckham also noted that in case law, people becoming sick on a property will not count as property damage, but contaminants at a property (including pathogens like COVID-19) could qualify.

U.S. companies, Lewis said, will be dealing with “contingent exposures, meaning the property affected is their customers’ or suppliers’ and not their own property.” However, if those companies have their own property, coverage is likely dependent on whether it was “closed by the order of a civil authority because of the actual presence of a virus and not the suspected presence of a virus.” Harckham noted that these restrictions would likely trigger civil authority coverage, which many insurance policies contain.

However companies attempt to cover their losses, Lewis recommended “Just make sure that if if this thing goes to court that you’re able to prove your losses. And that means to document them and to have witnesses who are able to explain what it is you lost and be able to testify at trial with that if it comes to that.”

To hear the full conversations with Hyzler and Lewis, listen to the RIMScast episode “What Risk Professionals Should Know About the Coronoavirus” here.

3 Key Risk Management Responses to the Coronavirus

Posted on by

The novel coronavirus 2019-nCoV continues to spread throughout China and other countries, seriously impacting business operations around the world. As governments and companies act to protect their citizens, operations and employees at home and abroad, these actions threaten to produce business interruptions, travel risks and other effects that could be detrimental to business continuity.

On January 30, the World Health Organization (WHO) declared the virus a global emergency, meaning that it is a threat beyond China, after more cases have appeared in other countries around the world.

online pharmacy nolvadex with best prices today in the USA

According to the New York Times, the WHO has only made such a declaration five times since 2005. The virus has killed more than 400 people (including 2 outside mainland China) and has infected more than 20,000 in more than 25 countries.

In addition to the cancellation of major public events in China (including celebrations of Chinese New Year), many international businesses have curtailed their operations there since the outbreak. According to Bloomberg, this includes Starbucks (which closed more than half of its shops), Toyota (which stopped production), McDonald’s and KFC (which both closed restaurants), and Disney (which closed its resort in Shanghai), among others.

online pharmacy advair rotahaler with best prices today in the USA

Some international companies have instructed their employees to work from home to limit exposure as the virus spreads, and Amazon, Microsoft and other tech companies also limited employee travel to and from China.

China has maintained mass quarantines of areas with high number of infections, including Wuhan, the origin of the outbreak, and some other countries are also taking extraordinary steps to limit the virus’s spread. Last week, Russia sealed its entire border with China and cancelled all trains between the countries except for a single train line between Moscow and Beijing. Japan is currently quarantining more than 3,000 people on a ship after a passenger tested positive after departing the ship, while the United Kingdom has advised its citizens to leave China. And the United States issued a proclamation suspending entry for non-citizens who spent 14 or more days in China before attempting to enter the United States.

The Center for Disease Control (CDC) stated that the risk for people in the United States is “considered low at this time,” with elevated risk for individuals who may have increased exposure—such as healthcare workers and others in close contact with patients with the virus. However, companies should still act to protect their operations and employees, especially if operations require international travel and if supply chains depend on Chinese business continuity. Here are three approaches to limit risk from the coronavirus:

1. Take Travel Precautions

The CDC has recommended avoiding all non-essential travel to China, and the U.S. State Department has asked people not to travel to China. If travel is essential, the CDC suggests avoiding contact with sick people, any animals, animal markets or products made from animals. If traveling employees are older, they should take extra precautions, since, “older adults and people with underlying health conditions may be at increased risk.”

2. Develop a Response Plan

Medical and travel security services firm International SOS also recommended that businesses have regularly-updated and evaluated business continuity plans in place to ensure smooth response to incidents like disease outbreaks. The Institute of Risk Management South Africa (IRMSA) recommended preparing a specifically-focused “Pandemic Preparedness Plan” or updating previously prepared plans to reflect current circumstances to ensure business continuity.

IRMSA also suggested creating a group within the company, chaired by a senior staff member, able to make quick executive decisions for the organization in response to any coronavirus-related impact to the business and prepare decision-making processes for future incidents.

online pharmacy biaxin with best prices today in the USA

3. Consult Reputable Information Sources

Relying solely on reputable news sources, like government disease control agencies and reliable media, can help when evaluating and taking courses of action to reduce risk. Conspiracy theories about the coronavirus have spread rapidly, including misinformation about its source, how to protect against or treat infections, and the number of people affected. Misinformation has also resulted in discrimination against Chinese-linked businesses and people of Chinese heritage, as well as East Asian people in general. Disseminating clear, reputable information to all employees, especially those traveling, can reduce risk of infection and impact on business operations.