Covid, Cyber, Compliance and ESG Top Risk Concerns for Financial Services Sector: Allianz
- New AGCS report identifies key risks and loss trends for the financial services sector.
- Covid-19 may drive market corrections and insolvencies – which could impact financial institutions’ balance sheets, increase exposures for directors and result in litigation.
- AGCS analysis of $1bn of insurance industry claims show cyber incidents, including crime, is the top cause of loss. Insurers see a rising number of losses from outages or privacy breaches with third-party service providers a potential weak link.
- Compliance issues are already one of the biggest drivers of claims and the burden is growing – particularly around ESG factors and climate change.
NEW YORK–(BUSINESS WIRE)–#FinancialServices–Financial institutions and their directors have to navigate a rapidly changing world, marked by new and emerging risks driven by cyber exposures based on the sector’s reliance on technology, a growing burden of compliance, and the turbulence of Covid-19, according to a new report Financial Services Risk Trends: An Insurer’s Perspective from Allianz Global Corporate & Specialty (AGCS). At the same time, the behavior and culture of financial institutions is under growing scrutiny from a wide range of stakeholders in areas such as sustainability, employment practices, diversity and inclusion and executive pay.
“The financial services sector faces a period of heightened risks. Covid-19 has caused one of the largest ever shocks to the global economy, triggering unprecedented economic and fiscal stimulus and record levels of government debt,” says Paul Schiavone, Global Industry Solutions Director Financial Services at AGCS. “Despite an improved economic outlook, considerable uncertainty remains. The threat of economic and market volatility still lies ahead while the sector is also increasingly needing to focus on so-called ‘non-financial’ risks such as cyber resilience, management of third parties and supply chains, as well as the impact of climate change and other Environmental Social and Governance (ESG) trends.”
The AGCS report highlights some of the most significant risk trends for banks, asset managers, private equity funds, insurers and other players in the financial services sector, as ranked in the Allianz Risk Barometer 2021, which surveyed over 900 industry respondents: Cyber incidents, Pandemic outbreak and Business interruption are the top three risks, followed by Changes in legislation and regulation – driven by ESG and climate change concerns in particular. Macroeconomic developments, such as rising credit risk and the ongoing low interest rate environment, ranked fifth.
The Allianz Risk Barometer findings are mirrored by an AGCS analysis of 7,654 insurance claims for the financial services segment over the past five years, worth approximately €870mn ($1.05bn). Cyber incidents, including crime, ranks as the top cause of loss by value, with other top loss drivers including negligence and shareholder derivative actions.
Covid 19 impact
Financial institutions are alive to the potential ramifications of government and central bank responses to the pandemic, such as low interest rates, rising government debt and the winding down of support and grants and loans to businesses. Large corrections or adjustments in markets – such as in equities, bonds or credit – could result in potential litigation from investors and shareholders, while an increase in insolvencies could also put some institutions’ own balance sheets under additional strain. “Claims may be brought against directors and officers in the financial services industry where there has been a perceived failure to foresee, disclose or manage or prepare for Covid-19 related risks,” says Shanil Williams, Global Head of Financial Lines at AGCS.
Cyber – highly exposed despite high level of security spend
The Covid-19 environment is also providing fertile ground for criminals seeking to exploit the crisis as the pandemic led to a rapid and largely unplanned increase in homeworking, electronic trading and a rapid acceleration in digitalization. Despite significant cyber security spend, financial services companies are an attractive target and face a wide range of cyber threats including business email compromise attacks, ransomware campaigns, ATM “jackpotting” – where criminals take control of cash machines through network servers – or supply chain attacks. The recent SolarWinds incident targeted banks and regulatory agencies, demonstrating the potential vulnerabilities of the sector to outages via their reliance on third-party service providers. Most financial institutions are now making use of cloud services-run software which comes with a growing reliance on a relatively small number of providers. Institutions face sizable business interruption exposures, as well as third party liabilities, when things go wrong.
“Third-party service providers can be the weak link in the cyber security chain,” says Thomas Kang, Head of Cyber, Tech and Media, North America at AGCS. “We recently had a bank client suffer a large data breach after a third-party vendor failed to delete personal information when decommissioning hardware. How financial institutions manage risks presented by the cloud will be critical going forward. They are effectively offloading a significant portion of cyber security responsibilities to a third-party. However, by partnering with the right cloud service provider, companies can also leverage the cloud as a way to manage their overall cyber exposure.”
Compliance challenges around cyber, cryptocurrencies and climate change
Compliance is one of the biggest challenges for the financial services industry, with legislation and regulation around cyber, new technologies and climate change and ESG factors constantly evolving and increasing. Indeed, the report notes that there has been a seismic shift in the regulatory view of privacy and cyber security in recent years with firms facing a growing bank of requirements. The consequences of data breaches are far-reaching, with more aggressive enforcement, higher fines and regulatory costs, and growing third party liability, followed by litigation. Regulators are increasingly focusing on business continuity, operational resilience and the management of third party risk following a number of major outages at banks and payment processing companies. Companies need to operationalize their response to regulation and privacy rights, not just look at cyber security.
Applications of new technologies such as Artificial Intelligence (AI), biometrics and virtual currencies will likely raise new risks and liabilities in future, in large part from compliance and regulation as well. With AI, there has already been regulatory investigations in the US related to the use of unconscious bias in algorithms for credit scoring. There have also been a number of lawsuits related to the collection and use of biometric data. The growing acceptance of digital or cryptocurrencies as an asset class will ultimately present operational and regulatory risks for financial institutions with uncertainty around potential asset bubbles and concerns about money laundering, ransomware attacks, the prospect of third-party liabilities and even ESG issues as “mining” or creating cryptocurrencies uses large amounts of energy. Finally, the growth in stock market investment, guided by social media raises
mis-selling concerns – already one of the top causes of insurance claims.
ESG factors taking center stage
Financial institutions and capital markets are seen as an important facilitator of the change needed to tackle climate change and encourage sustainability. Again, regulation is setting the pace. There have been over 170 ESG regulatory measures introduced globally since 2018, with Europe leading the way. The surge in regulation, in combination with inconsistent approaches across jurisdictions and a lack of data availability, represents significant operational and compliance challenges for financial service providers.
At the same time, activist shareholders or stakeholders increasingly focus on ESG topics. Climate change litigation, in particular, is beginning to include financial institutions. Cases have previously tended to focus on the nature of investments, although there has been a growing use of litigation seeking to drive behavioral shifts and force disclosure debate. Besides climate change, broader social responsibilities are coming under scrutiny, with board remuneration and diversity being particular hot topics, and regulatory issues.
Claims trends and its impact on the insurance market
The AGCS report also highlights some of the major causes of claims that insurers see from financial institutions. The fact that compliance risk is growing is concerning, as compliance issues are already one of the biggest drivers of claims.
Cyber incidents already result in the most expensive claims and insurers are seeing a rising number of technology-related losses including claims made against directors following major privacy breaches. Other examples include sizable claims related to fraudulent payment instructions and “fake president” scams. Such payments can be in the millions of dollars.
Recent loss activity, compounded by Covid-19 uncertainty, have contributed to a recasting of the insurance market for financial institutions, characterized by adjusted pricing and enhanced focus on risk selection by insurers, but also a growing interest for alternative risk transfer solutions, in addition to traditional insurance. Insurance is increasingly an important part of the capital stack of financial institutions and a growing number are partnering with insurers to manage risk and regulatory capital requirements or utilizing captive insurers to compensate for changes in the insurance markets or to finance more difficult-to-place risks.
About Allianz Global Corporate & Specialty
Allianz Global Corporate & Specialty (AGCS) is a leading global corporate insurance carrier and a key business unit of Allianz Group. We provide risk consultancy, Property-Casualty insurance solutions and alternative risk transfer for a wide spectrum of commercial, corporate and specialty risks across 10 dedicated lines of business.
Our customers are as diverse as business can be, ranging from Fortune Global 500 companies to small businesses, and private individuals. Among them are not only the world’s largest consumer brands, tech companies and the global aviation and shipping industry, but also satellite operators or Hollywood film productions. They all look to AGCS for smart answers to their largest and most complex risks in a dynamic, multinational business environment and trust us to deliver an outstanding claims experience.
Worldwide, AGCS operates with its own teams in 31 countries and through the Allianz Group network and partners in over 200 countries and territories, employing over 4,400 people. As one of the largest Property-Casualty units of Allianz Group, we are backed by strong and stable financial ratings. In 2020, AGCS generated a total of €9.3 billion gross premium globally. www.agcs.allianz.com
Allianz Global Corporate & Specialty
973 876 3902
Harden Communications Partners
631 239 6903