Cyber attacks and data loss are the top two risks facing directors & officers, with pandemic-related changes in working practices heightening these concerns, according to a global survey from broker Willis Towers Watson and law firm Clyde & Co.

Covering the UK, Europe, APAC and the U.S., the survey lists the top five risks for directors & officers:

• Cyber attacks (listed by 56 percent of respondents who said the risk was “very significant” or “extremely significant”)
• Data loss (49 percent)
• Regulatory risk, including threat of fines and penalties (46 percent)
• Health & safety / environmental prosecutions (41 percent)
• Risk of employment claims (38 percent).

Cyber attacks and data loss have featured in the top three overall since 2016, with data loss moving up to the top spot in 2018 and 2019. The survey report indicated this was likely due to the fact that the EU’s General Data Protection Regulation, or GDPR, became effective in 2018, subsequently resulting in significant fines.

Given the widely publicized statements that home working during the pandemic has increased these risks, it is unsurprising to see them feature so highly in the survey, according to the report “D&O Liability Survey 2021.”

The report attributed cyber attacks’ position at the top of the list to the prevalence of cyber crime and the severe consequences for companies and their directors and officers if they fall afoul of an attack and/or loss of data.

“The COVID-19 pandemic has proved to be a fertile ground for cyber criminals seeking to exploit the weaknesses presented by businesses having to move to new procedures and systems overnight, often with a remote workforce,” the report explained. “The trend is towards bigger targets and bigger incidences and ransomware attacks are also on the increase, which could expose D&Os to criminal sanctions for breaches of terrorism and proceeds of crime laws.”

Regulatory Risk

Regulatory risk has moved down in the rankings to number three in the survey over the past three years (2018-2021), while litigation risk and shareholder claims have fallen off the top five, said the report. (Regulatory risk topped the list of D&O risks from 2011 to 2017).

Nevertheless, the report noted, all the risks identified have the potential to trigger investigations (which are increasingly being brought by more aggressive regulators) as well as follow-on civil claims and shareholder litigation against boards of directors.

Employment Claims

Respondents working in U.S. offices provided a top five list that was fairly consistent with the overall global survey result, said the survey report.

The main difference was that the risk of employment claims was ranked considerably higher, making it the joint third highest risk, along with regulatory risk, by 45 percent of US respondents. This compares with the global result, which ranked employment claims as fifth by 38 percent of respondents.

Employment claims have long been a substantial business risk, with high frequency claims, and, in some cases, very high severity claims affecting operations, said the report, pointing to select matters, such as the #MeToo movement, which have shaken up the C-suite itself.

“It is perhaps not surprising that exposures relating to pandemic-triggered furloughs and layoffs, as well as return to work and vaccination policies, may exacerbate those concerns, bringing these issues higher into the top five in the minds of our U.S. respondents.”

In APAC and Australia, employment claims also ranked highly, the report said, pointing to recent developments in industrial relations legislation and increasing wage/employee-related class actions, which are consistent with this risk becoming more and more prominent.

Other key findings in the report include:

• Diversity. With board diversity class actions in the U.S. and NASDAQ imposing minimum board diversity levels and similar regimes being considered by the Financial Conduct Authority in the UK, “board diversity is becoming not just a concern, but a mandatory part of business, at least for some companies.”
• Climate change. The survey results indicate that directors’ concerns about environmental/climate change have taken a back seat to address more immediate risks emanating from the current economic and geo-political environment. However, the survey report predicated that climate risk will continue to be a key, and growing, risk for directors and officers.
• Insolvency. A “surprising” result from the survey is “the marked decrease in respondents’ concerns about the risk of insolvency, bankruptcy or corporate collapse,” despite insurers’ concerns about a “tsunami” of insolvencies related to the pandemic lockdowns. Indeed, the report noted that close to 63 percent of respondents considered that the risk of insolvency, bankruptcy or corporate collapse was either “not at all significant” or only “somewhat significant.” Nevertheless, insurers are still concerned “that corporate or financial restructuring, job losses and insolvencies could trigger investigations into directors’ conduct and then transcend into D&O claims.”

The survey is the eighth Directors & Officers Liability Insurance Survey conducted by WTW and Clyde. Survey respondents were located in North America (28 percent), the United Kingdom (34 percent), Europe (21 percent), Asia Pacific (16 percent), and Latin America (1 percent).

As for industry distribution, 26 percent of respondents worked for finance and insurance companies; 18 percent in industrial and manufacturing; 13 percent in services, hotels and leisure; 11 percent in other; 9 percent in wholesale, retail and consumer goods; 7 percent in telecommunications, media and technology; 6 percent in real estate; 5 percent in government and public institutions; 5 percent in life sciences, biotech and pharmaceutical, and 4 percent in Infrastructure and transport.

Source: Willis Towers Watson

*This story ran previously in our sister publication Insurance Journal