Alongside the human toll, the invasion of the Ukraine provides a salient reminder of the omnipresent danger of state-sponsored cyber-attacks that aim to disrupt and disable IT systems. Banks and financial institutions are on alert for an escalation in hacking attempts and Russian reprisal cyber-attacks after the imposing of sanctions by Western nations, resulting in a number of the country’s lenders being kicked off the global payments messaging system.
This comes at a time when risk managers have never been more aware of the hazards posed by cyber criminals. regularly show that the sector is the industry most targeted, particularly in the form of ransomware attacks and advanced persistent threats (APTs), which are often linked to nation state-backed groups. In addition, recent high-profile cyber-attacks (such as Log4J, and )  have shown a worrying trend for incidents where hackers target technology or software supply chains. AGCS analysis of more than 7,500 insurance claims involving financial services companies over the past five years (worth $1bn+) show that cyber incidents is already the top cause of loss. IT outages, service disruptions or cyber-attacks can result in significant BI costs and greater operating expenses from a variety of causes, such as customer redress, consultancy costs, loss of income and regulatory fines. Last, but not least, brand reputation and, ultimately, a company’s stock price can also be negatively impacted, while management can also be held responsible for the level of preparedness.
It is unsurprising then that cyber incidents was ranked as the top risk for the financial services sector by 51% of the 872 respondents who participated in the Allianz Risk Barometer 2022 – the highest ever total. For companies, and their senior management, this ultimately requires them to maintain an active role in steering the information and communications technology (ICT) risk management framework, including assigning clear roles and responsibilities for all functions and appropriate allocation of investments and trainings. Companies need to operationalize their response to regulation and privacy rights and not just look at cyber security.
At the same time, the broader ESG impact is being felt by asset managers assessing the impact these developments have on the sustainability of their investments post widespread sanctions, on a country that already scored relatively low in terms of governance and social matters. No doubt some asset managers will consider to divest Russian assets based on ESG considerations. Companies’ boards from their side are re-evaluating presence and activities in the country due to concern over reputational damage.
“AGCS regularly engages in open dialogues with the banking, insurance and asset management segments to discuss trends and challenges in order to contribute to a better management of risks in a complex environment that is constantly evolving,” says Paul Schiavone, Global Industry Solutions Director for Financial Services at AGCS. “It is at such tumultuous times in the world that strong partnerships are essential, whether country to country or company to company. At Allianz we strive to be more than just an insurance leader and stand firmly with all people whose lives have been affected by these events.”