Protection insurance – which risks to cover

The figures speak for themselves and what they reveal makes you pause for thought. Indeed, according to Mactavish, an independent expert working in the field of risk analysis and research, 58% of medium-sized companies believe their business is more exposed to risk today than in the past. And the facts are there to back them up. In 2018, over 70% of companies were victim to at least one attempted fraud, such as cyber crime, company director fraud, or the falsification of documents. A quarter of them suffered more than five attempts, of which nearly 25% experienced more than 10 attempts, according to a study published by Euler Hermes and the DFCG. Almost eight out of 10 executives fear that the frequency of attacks will continue to rise.

Yet fraud is not the only risk capable of putting medium-sized companies in jeopardy – 75% of the 250 medium-sized companies surveyed by Mactavish say they have suffered from more intense regulatory and contractual pressure. A great many threats – property, financial, human and cyber risks – can tarnish your image and their number is on the rise, primarily due to markets becoming more international, business becoming increasingly digital, components being sourced from a variety of sources and legislation becoming ever tighter. The consequences can be catastrophic. According to the INRS (the French National Research and Safety Institute for the Prevention of Occupational Accidents and Diseases), 70% of companies that are victims of major damage fail within the following months. Your company must understand these pitfalls to avoid any potentially devastating repercussions.

Property risks

To avoid suffering damages, prevention is the key. A damaged building or equipment out of order could cause your business to stop production. You would no longer to able execute your contracts, payments you were due to receive will be suspended and your unhappy customers will look to your competitors to replace you. Insurance providers are able to offer you advice regarding the risks you face.

Is the factory located near a river? If so, do certain key areas need to be protected? For example, machines could be raised off the ground so they don’t sustain any damage in the event of a flood.

If some of your production tools were specially manufactured for your business, it may be sensible to keep spare parts in stock, or even keep your older machines in a warehouse to rapidly repair equipment breakdowns and safeguard business continuity.

Executives must also ensure their equipment complies with current regulations. The texts are constantly changing. It is necessary to regularly check your equipment, particularly any electrical facilities, which must be checked each year. In areas of your factory especially at risk of fire, such as paint workshops, it is essential to put in place firebreaks and partitions.

Financial risk

Company executives must pay considerable attention to managing financial risk. The financial risk management strategy is still not fit for purpose in many medium-sized companies, even though it enables executives to more precisely define the roles and responsibilities of everyone in the decision-making chain to best suit the company’s objectives.

Financial risk includes:

• Foreign exchange and raw material risk against which companies can protect themselves by making use of the financial products and instruments provided by banks and other financial institutions ;
   
• Payment fraud risk, which represents a genuine operational risk. An effective way of combating this fraud risk involves putting in place an electronic payment system, supplemented by a process of electronic signature and validation ;
   
• Finance risk can be countered via factoring, which is used by companies in particular to finance their working capital requirement or expand their business (flexibility and cost) ;
   
• Risk of unpaid debt as the risk of default or bankruptcy is always present. The most effective way to manage these risks is to analyse customers’ and suppliers’ balance sheets. “When a problem arises, it is better to start by trying to find a resolution that suits both parties, for example by agreeing a payment schedule,” recommends Matthias Bleuzen, Prevention and Post-Claims Leader at MMA ;
   
• Country risk, which is mitigated by analysing the geopolitical instability of certain regions as well as political (including wars and coups d’état) and economic crises affecting certain countries.

Personnel risk

Some of your employees may have knowledge of skills that make them indispensable. However, employees can be absent, fall ill or choose to leave the company. It is therefore necessary, if not essential, to train a second employee so they may replace their colleague in the event of any unforeseen developments.

Cyber risk

Companies face a genuine risk of cyber attacks. In 2017, 76% of executives of medium-sized companies experienced such an incident, according to PwC and the insurance broker Bessé. The number of cyber attacks has risen considerably since the Covid-19 pandemic due to the rapid and widespread uptake of remote working. These attacks can cause data leaks, paralyse your IT systems or even shut down your production facilities. Your company is threatened by the potential threat of employees being unable to work or production lines going down.

Hackers use ransomware to demand payment in exchange for restoring IT systems that have been compromised. Sometimes the ransom demanded is lower than the cost of repairing and upgrading the IT systems. The majority of outside attacks on medium-sized companies are launched by their competitors (34%) seeking to paralyse the company or steal their strategic data. Criminal organisations are only behind 17% of such attacks, over half (54%) were caused by internal factors and 32% were related to suppliers and/or consultants.

As for employees, they sometimes involuntarily “infect” their company’s IT system by opening a fraudulent message, which accounts for 30% of incidents.

To minimise your exposure, it is essential you update your IT systems and software as and when upgrades are released by publishers. It is highly recommended to call upon a specialist firm to conduct a comprehensive audit of your connected systems, including websites, emails and surveillance equipment. Particular care must be taken with respect to your back-up systems which must be fit for purpose (as even back-ups can sustain damage) and tested regularly.

Reputation risk

Social media now makes it possible to communicate information, which may be true or false, to the entire world at just the click of a button. A minor incident can have serious repercussions for the image of a medium-sized company, while a baseless rumour can damage its reputation.

“When your reputation is called into question, you need to react quickly, as the situation can degenerate fast,” explains Matthias Bleuzen. “Within a few hours of the incident breaking, you need to publish information to reassure your customers and suppliers, which means you need to be ready. It is therefore necessary to consider all the issues you could one day come up against well ahead of time in order to develop a suitable response to each risk. If you are well prepared, you will make the right decisions and react appropriately when an unfortunate incident occurs, and you will therefore better protect your brand reputation.”