How ESG, insolvencies, cyber intrusions, emboldened regulators and now sanctions could challenge your board

As the Covid-19 pandemic enters its third year, directors and officers (D&Os) across the globe remain vulnerable to an ever-growing range of risks. Environmental, social, and governance (ESG) factors, Covid-19-related liabilities, insolvencies, cyber attacks, and the long arm of the regulator continues to put company board members and decision-makers in the firing line.

Now, on top of all that, they must ensure their value chains are compliant with the growing raft of sanctions against Russia. 

Across the globe, risks are greater than ever, and new ones are emerging. In this uncertain environment, corporate risk managers are under pressure to manage the evolving risk landscape and protect their organisations from company level and director-level liabilities. Strong governance and risk transfer will remain vital layers of protection.

As the latest Willis Towers Watson Liability Survey Report outlined, Covid-19 has had a considerable impact on the scope of D&O risks. The ‘working from home’ phenomenon and subsequent cyber threat were cited as a future driver of D&O risks, with more organisations implementing flexible working arrangements after the pandemic’s peak.

The survey’s leading risks were once again, cyber attack and data loss. Insolvencies did not feature as a top-five risk in the WTW 2021 survey but this exposure is expected to increase as the economic fallout of the pandemic hits home. Global stimulus is being removed, and nations are attempting to move beyond supportive monetary policy and emergency Covid measures — meaning that more companies will fail.

Compared to the last year’s survey, more respondents considered insolvency, bankruptcy, or corporate collapse as “a very or extremely significant risk”. However, it did not make the top five in the regions surveyed.

In England and Wales, new laws, including the Pensions Act 2021, have heightened the risk threshold for directors and officers. The law puts D&Os on the hook for greater personal penalties for breaches of pensions regulations, following a series of scandals in recent times. UK regulators and those further afield have shown a greater willingness to prosecute corporations and directors.

Emerging global risks

Cyber extortion was a new risk, added to the survey for the first time this year: “It is notable that it immediately made its way into the number 3 spot,” a WTW spokesperson says.

Return to work, Covid-safety, and vaccination status (as a risk separate from health and safety) was the fourth ranked risk for North America and did not in the top five for any other region. However, health and safety fell within the top five for Europe, Britain, and Australasia.

Surprisingly, climate change was not listed as a top-five risk in any region. But it was cited as the sixth ranked risk in Britain, Asia, and Australia.

Bethany Greenwood, global head of cyber and executive risk at insurance group Beazley, says D&O risks are trending towards three main issues. “The current buzz words around D&O are very much ESG, cyber and Covid-related,” she says. “However, Beazley’s latest Risk & Resilience Report found that the key boardroom risks for 2022 also include supply chain risk and the reputational risks that arise from social inflation and employment. It is important that boards focus on these issues too, even if they are less top of mind at present.”

Amid ongoing global supply chain constraints, directors need to assess their risk exposure, Greenwood says. “Large companies should be leveraging their size to engage multiple sources of supply wherever possible, and all businesses should be planning stock resourcing so that they soften the impact of any disruption.”

With supply chain issues hitting every sector, boards need to be mindful of potential investor litigation, she adds. “There is also a reputational issue at play here. Companies need to consider how they communicate supply chain issues to shareholders. If supply chain issues are affecting profits, it’s vital to be able to explain clearly what’s happening and what is being done about it.

“Boards that fail to do this adequately face risks to their share prices, damage to their reputation, and ultimately the danger of shareholder litigation.”

Boardroom exposure to employment risk also looms large, Greenwood says, with social changes making workers more likely to speak out if they feel they’ve been wronged, and to “litigate for compensation”. Amid that threat, “employment risk needs to be a significant point of focus within the boardroom”, she adds.

“Directors and officers need to lead from the front to drive a culture of equality. Chief people officers are increasingly common, and it can be very valuable to have someone at C-suite driving the correct cultures,” Greenwood continues.

“Boardroom risk is high around both physical supply chains and employee rights. Corporate insurance buyers need to be clear on what their own patterns of risk are in order to take appropriate steps to address both issues.

“For example, clients may require more granular study of their insurance policies, so that they can be sure they have mitigated rising boardroom risks. This is something that brokers need to be prepared for, so that they can work with clients on ensuring that they are adequately covered.”

Navigating the hard market

With so many D&O threats out there, how effective is risk transfer in protecting companies and their directors? The continuing hard market means that capacity remain constricted and terms and conditions considerably tightened. In some jurisdictions, Side C cover remains nigh on impossible to secure and insurance buyers have voiced their frustration over the renewal process.

Alex Traill, a partner at insurance specialist law firm BLM, says that while D&O insurance is a well-established risk mitigation tool, the fact emerging risks are growing is also leaving directors more exposed.

“For example, claims related to the Covid-19 pandemic,” he says. “These claims include those arising from pre-lockdown activities but also how the company reacted to lockdown difficulties and trading. Firms are now also seeing claims relating to the post-lockdown actions of D&Os from shareholders who are questioning how transparent their boards were in disclosing the financial effect of the virus on their businesses.”

The risk areas that come under the umbrella banner of ESG matters also pose a growing threat to D&Os - and, by default - their organisations. Risks in those areas are growing as regulatory pressures and responsibilities build.

“We also shouldn’t overlook the growing exposure of D&Os to environmental, social and corporate governance matters,” says Traill. “D&Os are under increasing pressure both internally and from clients, and they also need to ensure they are meeting regulatory standards.”

With boards under growing pressure, he believes companies can take proactive steps to deal with the evolving risk landscape and protect themselves. “From a governance perspective, they [directors and officers] should regularly review the financial strength of their business and how that financial strength has been affected by the pandemic. Boards need to appreciate that it is important to be transparent with stakeholders.

“This is particularly pertinent for publicly listed companies’ statutory obligations of financial disclosure. If needs be, companies should discuss with their auditors the need for balance sheet adjustments to reflect the impact of Covid,” Traill adds.

Next level governance

From London to Australia, risk and insurance professionals recognise the need to build robust risk management frameworks to cope with the growing threat. It is no longer simply enough to follow the principles of an effective corporate governance framework. Directors must document each and every decision and ensure these are backed by the most accurate information available at the time.

“From a legal perspective, documents and witnesses are the two key ingredients to defending cases, demonstrating risk assessment planning, training and consultation,” says Traill.

“Accessing and using appropriate professional advice, be that legal, financial or insurance is key to managing new and evolving D&O risk. The more D&Os surround themselves with professional expertise and follow the advice received in a logical fashion, the better protection they will have, and the greater the sympathy a Court will have on them.”

Eamonn Cunningham, president of the Risk and Insurance Management Society of Australasia (RIMS Australia), says companies need to have the confidence that there is a soundly-based enterprise risk management (ERM) framework in place within the organisation, and that it is operating as intended. “Questions need to be asked, and checks need to be undertaken, to ensure that this vital part of the operation works properly,” he says.

“Everything today is moving at a rapid pace; therefore, boards and risk managers need to be nimble in their thinking and be able to act early and decisively when required. There needs to be a well-developed mechanism for horizon scanning and reporting the results of this quickly into the boardroom.”

The Australian-based executive tells risk managers to engage closely with their D&Os and insurance brokers to spot emerging threats as they come down the line.

“Introduce a mechanism where workshops are carried out with relevant executives and your insurance brokers to ensure that you have really good ideas to the form of the risks you face today and in the near term. Stress test the output of these workshops to ensure that they are relevant and effective.

“And ensure those risks are addressed by a combination of risk management controls and the purchase of adequate, fit-for-purpose insurance.”