ICAEW.com works better with JavaScript enabled.

Cyber risks and data loss dominate director liability concerns

Author: ICAEW Insights

Published: 11 May 2022

A volatile business environment due to the pandemic and geopolitical pressures means cyber risks are perceived as presenting the biggest liability risk to directors.

Cyber attacks and data loss are the top liability risks facing directors and officers (D&O), with cyber extortion and the growth of ransomware attacks also flagged up as a significant source of financial or reputational risk, a new global study of directors has found.

According to the latest global Directors’ Liability 2022 survey from WTW and law firm Clyde & Co, 65% of respondents say the risk of cyber attack is very significant or extremely significant, while 63% say the same of data loss. Regulatory risks ranked fourth in this year’s survey, cited by around half of respondents as either very or extremely significant.

Although views on cyber extortion were only touched on for the first time in this year’s survey, it immediately ranked third, with 59% of respondents saying they regarded it as a very significant or extremely significant risk. WTW said concerns around cyber extortion were undoubtedly driven by the surge in ransomware attacks over the last 24 months, the majority of which have included the demand for an extortion payment. “Ransomware has become a low-investment, low-risk and high-reward method of cyber crime which organisations cannot ignore,” the survey report warns.

Angus Duncan, Executive Director and a D&O Coverage Specialist at WTW, said: “In fact, not many directors have actually been sued as a result of a cyber attack, it’s just not a big exposure. Regulators are saying cyber risks are a director responsibility and I’m not saying they are wrong to be worried about it, but it’s interesting that three cyber risks dominate the list of director risks.”

And despite the increased attention on climate change risks following COP26 and recent regulatory changes, it still remains outside the top five risks in any region, and sixth among UK respondents, where 44% of UK-based directors identified climate change and the environment as a ‘very significant’ or ‘extremely significant’ risk to business operations. However, when considering the risk that climate change presents to directors, the results fall to 24% among UK respondents. 

Duncan said that a ramping up of reporting requirements would likely see climate change risk move up the list of liability concerns against a backdrop of increasing pressure on financial institutions to make climate and ESG-related financial disclosures. 

In the UK, mandatory TCFD-aligned climate disclosure requirements that will apply to a broader range of organisations came into force in April 2022, extending the Financial Conduct Authority’s requirements for listed firms to produce climate-related disclosures and wider ESG-related risks and opportunities on a comply or explain basis. At the same time, a common global reporting framework from the recently-announced International Sustainability Standards Board is afoot. 

In the UK, reporting requirements were ranked as the highest climate-related risk for directors, when compared to transition risk and physical risk, with three-quarters of directors in the energy and utilities sectors highlighting reporting requirements as the most significant climate-related risk for directors. 

“Any mandatory disclosure requirement means that directors can be sued for not giving a disclosure or getting it wrong. It will be interesting to see whether next year’s survey findings show a ramping up of concern about climate risks,” Duncan said.

The survey also highlighted growth in use of alternatives to D&O liability insurance following huge hikes in premiums a few years ago – in some cases in excess of 400%. According to the survey, 7% of respondents said they had implemented a guarantee from a CEO or a chairman to cover any costs as an alternative to insurance, and 20% said they are considering implementing these kinds of alternatives to D&O liability insurance in the future.

The survey identifies the key risks for directors with responses from more than 40 countries around the world.

Recommended content

Podcasts
Accountancy Insights Podcast
Accountancy Insights Podcast

Hear a panel of guests dissect the latest headlines and provide expert analysis on the top stories from across the world of business, finance and accountancy.

Find out more
Newsletter
A megaphone
Stay up to date

You can receive email update from ICAEW insights either daily, weekly or monthly, subscribe to whichever works for you.

Sign up
Daily summaries
Three yellow pins planted into a surface in a row
News in brief

Read ICAEW's daily summary of accountancy news from across the mainstream media and broader financing sector.

See more
Open AddCPD icon

Add Verified CPD Activity

Introducing AddCPD, a new way to record your CPD activities!

Log in to start using the AddCPD tool. Available only to ICAEW members.

Add this page to your CPD activity

Step 1 of 3
Download recorded
Download not recorded

Please download the related document if you wish to add this activity to your record

What time are you claiming for this activity?
Mandatory fields

Add this page to your CPD activity

Step 2 of 3
Mandatory field

Add activity to my record

Step 3 of 3
Mandatory field

Activity added

An error has occurred
Please try again

If the problem persists please contact our helpline on +44 (0)1908 248 250