ERM is on the rise

Magnus von Oldenskiold

Enterprise risk management (ERM) is developing more and more in the Nordic region. The concept of ERM has become increasingly embedded in the business process, particularly over the past year or so.

Growth of ERM has also provided Zurich with an opportunity to get closer to our customers, and to assist them in a number of different ways such as by benchmarking them against other customers. In many cases we are now working with our corporate customers very intensively through this process.

Much of this is achieved by drawing on our global expertise, accessing specialists from places such as the US where ERM is more established, to help our customers in this region.

While the primary risks to business in the Nordics continue to evolve around natural catastrophe events and supply chain issues, reputational risk has started to become a more prominent threat.

This has become particularly noticeable over the past six months. Boards now realise how easy it is to see their company’s status damaged if things go wrong, and ERM also touches upon this in terms of helping businesses deal with reputational matters.

The global nature of business is growing every day, and this is a huge change from how things were in the Nordic region even just 20 years ago. Back then, the majority of companies operated on a more national level, even in countries such as Sweden. Now Nordic businesses of all sizes are undertaking operations all around the world – especially in Asia – both in terms of dealing with either suppliers or clients or, in many cases, both.

This has obvious advantages, but also increases the exposure of risk for companies and corporations. We have seen in the Nordics an increased level of compliance and regulation becoming evident over the past three or four years, aimed at helping companies and risk managers handle international business.

The effects of this are not restricted to large corporations but to midmarkets as well, which now have greater international exposures than they have ever had before. In general, these companies do not have their own risk managers but instead use brokers to help them deal with risk. We work a lot with brokers to assist the mid-market in this way.

Cyber security and privacy is a clear and growing threat in the region, as it is everywhere else in the world. There are many communications companies in the Nordics as this is a very technology driven region. Despite this, however, cyber threats do not yet rank among the top three problems for Nordic risk managers.

Whether or not this will change over time remains to be seen, but what is clear is that the current set of risks faced by many businesses will only increase further. Having a greater understanding of those risks will be important, and we can see already how this is being valued as some of our largest customers in the Nordic region have been reaching out to us to learn from our ERM expertise – and this  demand is largely being driven from board level.