Most Kiwi directors rate the risk to their professional reputation as high, but the number concerned about being personally held liable for a legislative breach or losing personal assets if called to account has dropped in the past year, according to a new risk survey.
This was despite new Health and Safety legislation being passed that actually means directors and officers are facing greater liability.
The top ranking personal risk was around reputational risk to a director, which 61.3% of respondents rated as ‘high’ in the second biennial Directors’ Risk Survey by
Marsh and the Institute of Directors (IoD).
However, only 39.2% of the 525 IoD members who responded rated being held personally liable for a legislative breach as a high risk (down from 42% in 2013) and similarly, only 38.1% of respondents thought losing their personal assets was a high risk (also down from 42% in 2013).
Marsh executive director Steve Walsh told
Insurance Business the result was concerning.
“It is interesting to note that in a two year period these results have only shifted marginally – an individual’s reputation is still considered to be paramount.
“I do find this result surprising – especially in light of the incoming health and safety changes.
“The failure of directors to conform to the new legislation could see directors face huge penalties. As a director myself I’m taking this very seriously.”
Walsh said it was important to remember directors could be held liable for the actions of the officers of the company, whether they personally had knowledge themselves or not, a prospect he described as ‘very scary’.
“Ignorance is not a form of defence,” he said.
Walsh said it was crucial that governors put procedures and processes in place so any potential breaches came to the surface and he recommended getting bespoke D&O insurance policies for the company - and the individual director.
“Buying an off the shelf D&O policy, in our view, is not a satisfactory advice to a director.
“For the majority of entities and directors they need to be specifically designed for them and the company.
“I would strongly suggest considering an individual policy – the way these policies work, if there are six directors sitting around a table and one policy protecting all six, if there happens to be a claim and the policy limit is expired over the actions of two directors, the other directors have no cover.
“So it should absolutely be part of the actions considered by insureds.”
Brokers could advise on establishing some of the risk management frameworks, as well as the insurance protection.
“If the brokers don’t do their job properly they’re going to have problems themselves!” Walsh added.
A more heartening result was that 56.1% of directors believed risk was increasing in today’s business environment with 74.5% saying their boards were spending more time discussing risk management than they were two years ago.
Walsh put this down to osmosis plus the earthquake effect on legislation and greater consumerism.
IoD CEO Simon Arcus agreed this was encouraging.
“Management of risk is critical to a board providing strategic leadership and creating value.
“Risks change and evolve and the need to stay current is emphasised by this report.”
Technological disruption continued to be seen as a prominent business risk, with cyber-risk emerging as a key external risk for the first time.
Walsh said very public cyber breaches such as the Ashley Madison case, Target and Sony overseas, along with one affecting Eftpos in New Zealand, meant there was much more significant awareness about what cyber actually meant.
Most directors were confident they could handle a major IT disruption with 90.6% saying they had a procedure in place to manage, although just 19.4% could manage data loss and 35.2% were not able to keep up with technological advances.
Arcus said cyber risk was a ‘reality of our times’.
“The ability of boards to consider it as part of enterprise risk is critical in ensuring directors were confident about business resilience.”
Directors saw corporate governance requirements as the biggest emerging risk over the next 24 months. Other emerging risks included identity fraud/theft, environmental issues and business continuity.
Read more:
Insurance company director’s top three worries
Read the full report
here.