Risk index - Taxation and cyber rise up the list of top business fears, according to Lloyd’s.

High taxation is perceived to be the number one threat to global business, according to the 2013 Lloyd’s Risk Index research.

The risk of high taxation is now the overall biggest risk facing businesses, according to the global survey of over 500 C-suite and board level executives conducted by Ipsos MORI for Lloyd’s during April and May 2013. Concerns over tax nudged ‘loss of customers/cancelled orders’ off the top spot it held in 2011 to the number two position - and perhaps unsurprisingly. Since the 2011 Risk Index was carried out, the perception of how (and where) global corporations pay their taxes has become an issue of corporate ethics as much as economics. From the US Senate’s investigations into Microsoft and Apple to the grilling given to Google, Starbucks and Amazon by the UK’s Public Accounts Committee, the past two years have seen perceptions of corporate tax avoidance become reputational poison. Perception of the issue has changed from that of a domestic problem to one requiring global action. One outcome of the G20 finance ministers’ meeting in Moscow in February 2013 was a joint communiqué pledging joined-up action to crack down on tax avoidance by multinationals.

The research has seen cyber-risk leap from position 12 (malicious) and 19 (non-malicious) in 2011, to the world’s number three risk overall. It appears that businesses across the world have encountered a partial reality check about the degree of cyber risk they face. But their sense of preparedness to deal with the level of risk appears remarkably complacent. The number of incidents attributed to state-sponsored hacking and revenge attacks by ‘hacktivist’ networks is growing. So, too, are the costs of cyber breaches. A 2012 study by the Ponemon Institute3 found that the average annualised cost for 56 benchmarked organisations was US$8.9 million a year, up from US$8.4 million in 2011, with a range from US$1.4 million to a staggering US$46 million per year, per company. The most costly cybercrimes involved malicious code, denial of service and web-based attacks.

Against all the evidence of the past two years, businesses believe they are slightly more able to deal with the risk. In 2011, the US was the only world region where the cyber threat made it into the top five; by 2013, this is now the region’s number two risk. And yet US businesses still score their preparedness at a higher rate than the risk itself. As in 2011, we must ask if, despite their escalating spend on cyber security; businesses are actually spending money on the right things? Cyber insurance specialists are offering increasingly integrated cyber products, including those that provide cover for data breach costs, forensic analysis and crisis public relations services in one package. While these products are highly effective in an emergency, spending money upfront on risk management – and ensuring recommendations are implemented throughout a company – might go a long way to preventing a cyber-disaster before it starts.

The risk of excessively strict regulation has moved from number ten position overall in 2011 to number five in 2013. UK-domiciled financial services have been among the most vocal in warning about the impact of regulation proposed in the wake of the financial crash, but it’s an anxiety shared by business leaders across the world. While the media focus in Europe is largely on financial regulation, in other world regions regulatory pressure is increasingly targeting environmental risks. In China, public concerns about pollution are increasing. In February, the Ministry of Environmental Protection (MEP) and the China Insurance Regulatory Commission issued joint guidelines for a pilot of compulsory environmental pollution liability insurance for heavily polluting industries.

These include heavy metal producers and petrochemical companies. State approval for operations will increasingly become dependent on such insurance being in place. Increasingly, however, the most pressing issue in many large developing markets is not a dearth of regulation but a lack of enforcement. The history and experience of traditional markets indicates that once public pressure and commercial growth reaches a critical mass, enforcement follows. Both domestic businesses and international companies operating in fast growing economies should not assume they will be able to continue to pollute with impunity in the years ahead.

Find out more and download the full report at: www.lloyds.com/riskindex