Category Archives: Reputation Risk

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

International Women’s Day: Risk Management Issues to Watch

Posted on by

A 2013 piece on the role of women in risk management remains the most controversial article we’ve ever run in Risk Management magazine and the one that received the most comments and letters to the editor, hands down. Many of those reader comments were…let’s just say less than kind or receptive.

buy amoxil online www.biop.cz/slimbox/css/gif/amoxil.html no prescription pharmacy

Today, International Women’s Day, offers the perfect opportunity to revisit that article, Woman at Work: Why Women Should Lead Risk Management, and some of our more recent coverage of pressing issues like the wage gap and gender parity at the board level.

The significance of this conversation is ever clearer, given not only the political climate and regulatory concerns, but also the simple data about the bottom line. Just last year, the Peterson Institute for International Economics and EY found that almost a third of companies globally have no women in either board or C-suite positions, 60% have no female board members, 50% have no female top executives, and less than 5% have a female CEO. After analyzing 21,980 publicly traded companies from 91 countries and a wide range of industries, their report, Is Gender Diversity Profitable? Evidence from a Global Study, found that organizations with leadership that is at least 30% female could add up to 6 percentage points to its net margin.

“The impact of having more women in senior leadership on net margin, when a third of companies studied do not, begs the question of what would be the global economic impact if more women rose in the ranks?” said Stephen R. Howe Jr., EY’s U.S. chairman and Americas managing partner. “The research demonstrates that while increasing the number of women directors and CEOs is important, growing the percentage of female leaders in the C-suite would likely benefit the bottom line even more.

buy pepcid online www.biop.cz/slimbox/css/gif/pepcid.html no prescription pharmacy

While study after study comes to similar conclusions, a recent report from EY explored why businesses need gender diversity for the innovation to thrive. Five disconnects continue to hold businesses back from achieving gender diversity on their boards, the firm found:

  1. The reality disconnect: Business leaders assume the issue is nearly solved despite little progress within their own companies.
  2. The data disconnect: Companies don’t effectively measure how well women are progressing through the workforce and into senior leadership.
  3. The pipeline disconnect: Organizations aren’t creating pipelines for future female leaders.
  4. The perception and perspective disconnect: Men and women don’t see issues the same way.
  5. The progress disconnect: Different sectors agree on the value of diversity but are making uneven progress toward gender parity.

Check out some of our previous coverage of key issues regarding women in business and risk management specifically:
Equal Work, Unequal Pay: Risks of the Gender Wage Gap
The Wage Gap in the Boardroom
Is the Insurance Industry Improving for Women?
Boards Still Lagging on Gender Parity
Preparing for New Pay Equity Requirements

Costs Climb as Companies Move to Mitigate Supply Chain Interruptions

Posted on by

Some 70% of companies have experienced at least one supply chain interruption during the past year, with an unplanned IT or telecommunications outage the leading cause, according to the eighth edition of the Business Continuity Institute’s (BCI) Supply Chain Resiliency Report, produced in association with Zurich Insurance Group.

Covering 526 respondents in 64 countries, the report studies the causes, costs, and frequency of such events while also looking at companies’ progress in responding to supply chain interruptions and mitigating further occurrences.

While 70% of respondents reported at least one supply chain interruption during the past 12 months, only 17% said they have had no supply chain disruptions, with 13% saying they did not know. Perhaps more alarming is the increase to 13%—from 3% previously—of respondents reporting more than 20 such incidents.

Also alarming is the upward trajectory of costs associated with supply chain disruptions. The portion of respondents reporting cumulative losses of more than € 1 million (,058,171.

buy symbicort online www.methanol.org/wp-content/uploads/2022/08/png/symbicort.html no prescription pharmacy

30) resulting from supply chain interruptions jumped to 34% in this year’s survey from just 14% previously.

An unplanned IT or telecommunications outage was the leading cause of a supply chain disruption for the fifth consecutive year, followed by a loss of talent or skills, which jumped to second place from fifth, and then cyberattack or data breach, which dropped to third place from second. Despite this drop, the portion of respondents which said that cyberattacks and data breach had a ‘high impact’ on their supply chains increased from 14% to 17%.

Reaching the top 10 for the first time was terrorism, which moved to ninth from eleventh, while currency exchange rate volatility had the largest move up the list of event causes, jumping to seventh from 20th last year and cracking the top 10 for the first time since 2012. Insolvency in a company’s supply chain also reentered the top 10 for the first time since 2012, moving from 14th to 10th.

Lost productivity (68%), increased cost of working (53%), and customer complaints received (40%) were listed as the top three consequences of a supply chain interruption by respondents. The perception of such incidents can also hurt a company, with damage to brand reputation/image (38%), shareholder/stakeholder concern (30%), and share price fall (7%) all named by respondents as consequences of a supply chain disruption.

“It is crucial to note that the percentage of organizations reporting reputational damage as a result of supply chain disruption is at its highest level since the survey began. As this coincides with greater media scrutiny and social media discussions related to organizations, this result might be a good opportunity to reflect on reputation management and how supply chain disruptions might translate into adverse publicity for a given organization,” said the report.

As threats and costs grow, there appears to have been at least some progress in more closely addressing the issue.

While the percentage of respondents without firm-wide reporting of supply-chain incidents remains high at 66%, the portion of those using firm-wide reporting has grown steadily across the past five reports, rising from just 25% of respondents in 2012 to 34% in the 2016 report, the latest.

buy bactroban online www.methanol.org/wp-content/uploads/2022/08/png/bactroban.html no prescription pharmacy

Similarly, the portion of respondents which employ no reporting has declined steadily from 39% in 2012 to 28% in 2016.

buy avodart online www.methanol.org/wp-content/uploads/2022/08/png/avodart.html no prescription pharmacy

As reporting is on the rise, so too is the complexity of interruption incidents as external supply chains cause more incidents. The portion of respondents which said the majority of their interruptions came from external supply chains jumped to 24% from 9% previously, and the portion attributing at least a quarter of interruptions to external suppliers more than doubled to 34% from just 15% previously.

Even with reporting on the increase, however, insurance uptake appears to be declining. Just 4% of respondents said they were fully insured against supply chain losses, down from 10% previously, with small and medium-sized enterprises more likely to be uninsured, at just 39%, than large organizations at 62%.

“These variations in insurance uptake may indicate a need to revisit business continuity arrangements and risk transfer strategies pertaining to supply chain disruptions,” according to the report.

New York Cybersecurity Regs to Take Effect March 1

Posted on by

The state of New York is implementing sweeping new regulations designed to protect insurers, banks and others from the growing wave of electronic security breaches which are making headlines and causing headaches across the financial services industry.

The new rules, slated to take effect March 1, mandate that insurers, banks and other financial services institutions regulated by the Department of Financial Services (DFS) establish and maintain a cybersecurity program. In addition to setting program standards, the 12-page document also provides definitions for companies as well as laying out “Transitional Periods” of 180 days to two years for companies to comply with different parts of the conditions and parameters of the regulations.

Entities must create and maintain written policies, requiring board-level or equal approval, setting out the company’s cybersecurity plan. Companies also must designate a chief information security officer (CISO), either in-house or third-party, who will be required to report annually to the company’s board.

online pharmacy celexa with best prices today in the USA

The rules call for stress testing of systems and periodic risk assessment and for the inclusion of third party service providers in a company’s cybersecurity plan.

The regulations will be published in the New York State register on March 1 and lay out the Department’s logic in establishing the new standards.

online pharmacy sinequan with best prices today in the USA

According to the document:

“The New York State Department of Financial Services (DFS) has been closely monitoring the ever-growing threat posed to information and financial systems… Given the seriousness of the issue and the risk to all regulated entities, certain regulatory minimum standards are warranted, while not being overly prescriptive so that cybersecurity programs can match the relevant risks and keep pace with technological advances… It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.”

New York’s regulatory framework is the first of its type in the nation, according to a release from the Governor’s office.

“New York is the financial capital of the world, and it is critical that we do everything in our power to protect consumers and our financial system from the ever-increasing threat of cyber-attacks,” Governor Andrew M. Cuomo said in the statement. “These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place in order to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cyber-crimes.”

Under development since 2014, proposed new regulations were first published in September 2016, followed by a 45-day comment period. Updated proposed regulations were then published in December 2016, followed by a 30-day period for comments. Then in December, N.Y. state delayed implementing the rules and subsequently adjusted some requirements to reflect input from the industry, which asserted the rules were burdensome and said they would need more time to comply.

In addition to these accommodations, DFS took measures not to burden smaller businesses by establishing limited exemptions for companies with fewer than 10 employees, less than $5 million in gross annual revenue in each of the last three fiscal years from New York business operations, or less than $10 million in year-end assets.

According to the statement from the Governor’s office, the new regulations mandate:

• Controls relating to the governance framework for a robust cybersecurity program including requirements for a program that is adequately funded and staffed, overseen by qualified management, and reported on periodically to the most senior governing body of the organization

• Risk-based minimum standards for technology systems including access controls, data protection that includes encryption, and penetration testing

• Required minimum standards to help address any cyber breaches including an incident response plan, preservation of data to respond to such breaches, and notice to DFS of material events

• Accountability by requiring identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance to DFS

While cybersecurity has become an outsized concern for many business as high-profile breaches have played out in the media, sometime drawing in millions of consumers and costing companies millions of dollars in addition to precious reputational damage, many businesses remain under—or unprepared—for the challenges posed by cyber threats.

Indeed, The Hiscox Cyber Readiness Report 2017 surveyed managers and IT specialists at 3,000 small to large companies in the U.S., U.K. and Germany and found that just over half, 53%, of businesses are ill-prepared to deal with cyber-attacks. The study ranked companies from novice to expert in four key areas: strategy, resourcing, technology and process. Only 30% qualified as “expert” in their overall cyber readiness, of which 49% were U.S.-based companies.

Bribery and Corruption: What’s the best approach?

Posted on by

On Feb. 17, Samsung empire’s heir Lee Jae-yong was arrested on corruption and bribery charges connected to a nationwide political scandal in South Korea. While this is unlikely to directly impact the global tech behemoth in day-to-day matters, it is important to investigate how firms and governments can work together more successfully to combat white collar crime and corruption.

online pharmacy lexapro with best prices today in the USA

An international affair
The fight against bribery and corruption has historically been led by the United States, the first country to implement tough legislation with the Foreign Corrupt Practices Act of 1977. The federal law was enacted to address accounting transparency requirements and to make bribery of foreign government officials illegal.

Europe is not far behind with a range of legislation designed to prosecute and punish corporate crime. Other emerging market governments are finally cracking down as well, holding both domestic and foreign businesses and their senior management, to account.

Tackling bribery and corruption requires prosecutors and regulators that are properly equipped to investigate and deal with complex factual and legal issues. It also requires a judiciary that is impartial and can operate without political interference.

The United Kingdom’s Bribery Act of 2010 is a good example of tough new legislation that regulators and prosecutors can rely upon when investigating such crimes. It has extra-territorial reach both for U.

online pharmacy naprosyn with best prices today in the USA

K. companies operating abroad and for overseas companies with a presence in the U.K. It also introduced a new strict liability offence for companies and partnerships of failing to prevent bribery.

The law is not enough
Unfortunately however, even the best legal framework in the world is insufficient on its own.

Companies need to understand exactly how to go about preventing unlawful behavior, particularly in new and distant markets that their headquarters may not clearly understand. Ultimately, the real responsibility and accountability remains with the business to ensure compliance.

Countries with robust criminal and anti-corruption laws might be able to prosecute those individuals or businesses that commit offences within or outside the jurisdiction but the problem will continue until international businesses rigorously apply universal global standards to tackle corruption across emerging markets.

It’s Still about the culture
In short, this issue is about corporate culture. The following are fundamental steps for fine-tuning your organization’s approach to corruption:

• Develop a culture through education, where turning a blind eye to unlawful activity is not an option. Staff should feel comfortable with speaking out if they see anything potentially suspicious. Anti-bribery and corruption training needs to be repeated and made relevant to the day-to-day scenarios employees at different levels might face.

• The tone must be set at the top. For instance it can be useful to educate your firm’s directors with formal governance training, such as from the Institute of Directors (IoD) in London.

online pharmacy vilitra with best prices today in the USA

This level of top-level attention to corporate compliance programs, including training, should be the norm.

• Proper dialogue needs to be established with regulators—not just a one-way stream of new laws and compliance requirements. A regulator should seek the views of those it is regulating.
buy avanafil online https://galenapharm.com/pharmacy/avanafil.html no prescription

This two-way approach really does work.