Corporate investigations are on the rise, with over a quarter (27%) of businesses saying they have experienced a claim or investigation involving a director of their company in the past year, up from one in five in 2014.
That was one of the key findings from the joint survey titled Directors’ liability – D&O: The changing face of personal exposure, conducted by Allen & Overy LLP and Willis Towers Watson (WTW) and released on Tuesday. The survey asked directors and officers about personal exposure to risk, their experience of claims, current levels of protection and concerns around liability going forward.
The survey included more than 125 responses from directors, non-executive directors, in-house lawyers, risk experts and compliance professionals, explained Allen & Overy, an international legal practice, in a press release. The majority of respondents – 56% – worked in public companies, as compared with 38% from private companies. In terms of international reach, 39% worked in companies that conducted most of their business in the United Kingdom, while 35% described their businesses as global. Further, 42% of this year’s respondents are from financial institutions, the release noted.
When asked about the greatest risks facing their businesses, 71% of respondents said regulatory and other investigations top their list of concerns, for the fourth consecutive survey. This was followed by the risk of a cyberattack (66%) and data loss (58%), both new entries which knocked anti-corruption legislation (including the Bribery Act) and criminal and regulatory fines and penalties (both 43%) off second and third place.
Joanna Page, a partner at Allen & Overy, noted that in 2015, U.K.’s prosecutors and regulators levied close to one billion pounds worth of fines and penalties on companies. “So directors are right to have this as a top concern,” Page said. “The regulatory pressure on companies shows no sign of abating and in fact we have witnessed a whole swathe of new regulations that directors and officers must contend with, and so personal protection is becoming increasingly important.”
The survey also found cybersecurity is a high profile issue for business leaders, with nearly a third (31%) revealing that their companies have experienced a cyberattack or loss of data “significant enough to have been brought to the attention of the board in the past year.” This figure jumped to 39% in the public sector, compared to 10% in the private sector.
“We asked specifically about significant cyberattacks, but even then we suspect that the number of serious breaches is much higher than reported,” said Francis Kean, executive director of WTW, a global advisory, broking and solutions company. “The concern here is that companies don’t always know either at a senior level – or in some cases at all – that they have been hacked. Perhaps of equal concern for senior managers is that they don’t always understand their personal liability.”
Kean suggested that directors should be “taking steps to inform themselves about the risks posed to their companies and how to mitigate those risks so as to minimize their exposure in the event of a claim. They cannot delegate their duties of oversight and, as we are seeing over and over again with different areas of responsibility, they are increasingly being held to account.”