Equipment failure, cyberattacks and natural disasters top operational risks in the U.S. over the past five years: FM Global

Equipment failure, cyberattacks and natural disasters have negatively affected operations at companies based in the United States over the past five years, according to a new FM Global-commissioned study on operational risks.

The study, titled Finance’s Role in Operational Risk Management: CFO Research on Building a Resilient Company and released on Wednesday, was commissioned by FM Global, one of the world’s largest business property insurers and conducted by CFO Research Services. The research is based on responses received during late 2016 from 100 chief financial officers or senior most financial executives at U.S.-based companies, the majority of whom are from Fortune 1000 organizations across a wide variety of industries, FM Global said in a press release.

The study found that 66% of financial executives surveyed said their organizations have been harmed by equipment failure, nearly 60% said their firms have been impaired by data breaches or cyberattacks and more than half (52%) have had their operations affected by natural disasters. Yet the majority (54%) said their organizations have not developed or tested formal loss recovery plans, the release said.

“It’s surprising the number of companies that have been harmed by operational risk events, coupled with the relatively low number of companies that feel they are very well prepared for a disruption event,” said Eric Jones, operations vice president and global manager of business risk consulting with FM Global, in the release. “The findings reveal the opportunity for financial executives to implement stronger plans with increased data, to help move resilience forward within their organizations.”

Other study findings include:

• Only 34% of financial executives believe their firms are very well prepared to recover from an equipment failure. Just 33% feel their organizations are very well prepared to recover from a natural disaster, while merely 24% feel their companies are very well prepared to recover from a data breach/cyberattack;
• Nearly 70% of financial executives are concerned that their revenues or earnings will become more vulnerable to operational risk over the next two years, and nearly 60% said that the need to manage operational risks will make it more difficult to meet revenue and earnings targets over the next two years;
• 41% of financial executives said they will place more focus on preventing losses from operational risks over the next two years, with nearly the same percentage of respondents saying loss prevention and mitigation is more important than insurance coverage; and
• Overall, the study found a need for improved resiliency in the future. Eighty-six per cent of respondents said their companies will need to be more resilient in the future.

“The role of the CFO is being increasingly challenged by serious risk events, which drive volatility and will make it more difficult for them to meet revenues and earnings if these risks are not properly managed,” said Jones. “The pathway to a successful risk management program must include an effective loss prevention program, combined with resilience planning in order to deal with constantly evolving technological, political and environmental risks.”