Risky Business

7 common reasons given for a merger

Mergers and acquisitions are likely to be the biggest capital investment for a firm. For the acquired, stock prices typically rise significantly, but for the buyer, they typically fall. So what are the main reasons given for a merger or acquisition? In a recent Risk Series session hosted by The Risk Institute, Isil Erel discussed these and more during her talk.

Continue reading

Risk Institute Seeks Proposals for Research on Risk Management

Request for Proposals for Research on Risk Management

The Risk Institute at The Ohio State University’s Fisher College of Business invites area-specific and inter-disciplinary proposals for research covering all areas in risk and risk management. Priority will be given to topics of the Risk Institute’s 2017-2018 risk series:

  • Fraud & ethics
  • Protectionism
  • Macroeconomic consequences of demographic change
  • Weather and Climate risk
  • Longevity risk
  • Digital risk

The main focus of the research proposal should be understanding or managing risks with respect to any of these topics.

Funding will be up to $10,000 cash or research support per person with a maximum of $30,000 per project.

Proposals are due January 31, 2018, and should be limited to five pages plus necessary appendices. Submit proposals to RiskInstitute@fisher.osu.edu

For more details on what to include in your submission and for answers to our most frequently asked questions, visit our website.

You have questions, we have answers. Visit our website for FAQs on the submission process.

 

Resilience Answer to Major Cyber-attack

Researchers from The Ohio State University measure economic consequences of cyber attacks

In survey results released by Business Insurance last Thursday, risk management professionals believe that their bosses and boards aren’t taking cybersecurity as seriously as they did last year. The report comes just as Dr. Zhenhua Chen from The Ohio State University and Adam Rose from the University of Southern California released a preliminary report of their research examining the major economic consequences of a cyber-attack in terms of GDP and employment.

The survey, the seventh annual released by Zurich Insurance Group Ltd., shows that 62 percent of risk professionals said that their board of directors recognized cyber risk as a significant threat to the organization, down from 83 percent a year ago.

“Cyber-attacks continue to pose an extreme threat to the U.S. — major security breaches in private industry and government are on the rise,” says Dr. Zhenhua Chen, a research fellow of The Risk Institute and assistant professor at The Ohio State University. “These attacks haven’t yet caused major cross-sectorial damage, but the potential is there.”

Cyber-attacks can shut down industrial facilities, critical utilities and infrastructure systems, interfere with military operations, and compromise national security. And it isn’t just supposition, we’ve already seen it happen.

In Ukraine last December, hackers successfully blacked out a portion of the nation’s capital for about an hour. As reported by Wired, cybersecurity researchers discovered “disturbing evidence” that the Kiev attack was almost certainly a dry-run for a much larger attack using “most evolved specimen of grid-sabotaging malware ever observed” outside of a controlled setting.

Chen’s research focuses on answering three questions: 1) what are the economic consequences of cyber-attack measured in terms of GDP and employment? 2) How do the consequences vary when the attacks are targeted among different critical infrastructure sectors, such as manufacturing and cyber sectors? 3) What is the potential of various cyber-resilience tactics to reduce losses?

Chen’s overall research objective is to improve risk management for cyber-threats among both private and public sectors through better understanding of the economic consequence of cyber-attacks and the benefits of various cyber resilience tactics in reducing these consequences.

As a result of an extensive literature review, Chen and his team identified that although a plethora of studies have attempted to identify the economic impact of cyber-attacks, there is a lack of a systematic approach to evaluate economic impacts of cyber-attacks in terms of GDP and employment changes. They also realized that while several studies have addressed pre-disaster approaches to risk reduction (e.g.: mitigation), very few studies have addressed post-disaster approaches to recovering cyber capabilities (e.g.: resilience).

Chen has developed two attack scenarios to assess the direct costs and identify post-attack resiliency options. The first is a hypothetical cyber-attack scenario that assumes the supervisory control and data acquisition (SCADA) system of the auto-manufacturing sector in Michigan is disrupted by a cyber-attack for ten days. The second scenario pertains to a disruption of cyber sectors used by a broad range of industries in the event of a natural disaster such as an earthquake.

Zhenhua Chen is a research fellow at The Risk Institute. The Risk Institute at The Ohio State University’s Fisher College of Business exists to bridge the gap between academia and corporate America. By combining the latest research with the real-world expertise of America’s most forward-thinking companies, the Risk Institute isn’t just reporting risk management’s current trends — it’s creating tomorrow’s best practices.

 

Keep Your Little Goblins Safe This Halloween

Fall celebrations like Halloween, Dia de Los Muertos, and Harvest Day bring lots of fun for kids and adults, but they also mean extra caution is required to keep everyone safe on the road.

Drivers, here are some important tips to follow:

  • Drive slower than normal, and don’t pass stopped vehicles that may be unloading trick-or-treaters.
  • Enter and exit driveways and alleys carefully.
  • Always use your turn signals and communicate with eye contact with pedestrians and other drivers if possible.
  • Yield to kids in all cases—they may dart in the road because they don’t see you or don’t know how to cross the street.
  • Put away your mobile phone so you can concentrate on the road and your surroundings. Only use it when safely parked.
  • Party-goers: Drive sober or get pulled over! Always designate a sober driver and plan a way to safely get home at the end of the night if you plan on celebrating with alcohol.

 

Parents, here are some ways to keep your kids safe:

  • Ensure that goblins under the age of 12 have adult supervision.
  • Put on your hazards when dropping off or picking up your kids.
  • Stick to familiar areas that are well lit and trick-or-treat in groups.
  • Choose face-paint when possible instead of masks, which can obstruct a child’s vision.
  • Brighten them up! Decorate costumes with reflective tape and have kids carry glow sticks or flashlights.
  • Set a good example: Don’t J-walk, and look left, right and left again at crosswalks.
  • Stay inside: Consider an indoor or vehicle-free outdoor community event to enjoy a stress-free holiday.

Source: US National Highway Traffic Safety Administration and Mentor

Fisher team selected for national risk case competition

A team of four undergraduate students from The Ohio State University Fisher College of Business has been selected to participate in the national Spencer-RIMS Risk Management Challenge — a national case competition sponsored by Spencer and the Risk Management Society (RIMS).

Twenty-seven teams are selected to participate in the national contest. In a typical year, more than 100 colleges submit team applications. The contest, which takes place over several months, culminates in the winning team presenting at the RIMS national conference in April.

This is the second year in a row that a team from Ohio State has been selected. According to team advisor and Executive Director at The Risk Institute Phil Renaud, this year’s team is uniquely qualified to advance in the competition saying, “We’ve got a great group this year. They’re dedicated students with a passion for Risk. I think they’ve got a great shot.”

This year’s team consists of Megan Reardon, a fourth-year in Finance and Economics; Jessica Roth, a fourth-year in Actuarial Science and Economics; Benjamin Jessberger, a fourth-year in Finance; and Christopher Hull, a third-year in Actuarial Science and Economics.

The case will center on Sage and the Sage Foundation. The team expects to receive the case late next week.

The first round of work is due in December; teams will find out if they’ve advanced to the next round in early 2018.

The Risk Institute is proud to enable students to engage in the leading edge thought around risk practice.

About the Risk Institute

The Risk Institute is a collection of forward-thinking companies and academics that understand effective risk management strategies not only protect firms, but position firms to create growth and value. Housed at The Ohio State University Fisher College of Business, The Risk Institute is dedicated to bridging the gap between academia and risk practitioners. For more on the Risk Institute visit us at fisher.osu.edu/risk

About The Spencer Educational Foundation

Spencer Educational Foundation is the premier organization awarding scholarships and grants in risk management and insurance industry. Since its founding in 1979, it has awarded approximately $6 million in student and part-time master’s scholarships and $3.25 million in grants to universities, corporations and professional institutions for educational programs, internships and conferences. Spencer is a registered 501(c)(3) charitable organization whose purpose is to fund the education of tomorrow’s risk management and insurance industry leaders.

About RIMS Annual Conference & Exhibition

Launched in 1963, RIMS Annual Conference & Exhibition attracts some 10,000 risk and insurance professionals at all experience levels, business executives with risk management interests, brokers, insurers and service providers for the ultimate educational and networking experience. The four-day event offers more than 160 educational sessions, keynote presentations, special events and an expansive Marketplace Exhibit Hall with nearly 400 exhibitors. Following Philadelphia, the event will be hosted in San Antonio in 2018. For more information, visit www.RIMS.org/RIMS2017.

 

Risk evolution in the digital revolution take center stage at Risk Institute Annual Conference

The evolution of risk in a digital age took center stage at The Risk Institute’s 4th Annual Conference at The Ohio State University Fisher College of Business. It was held September 27th and 28th and hosted a diverse audience from a wide cross-section of industries. Speakers included industry luminaries Aneesh Chopra, First Chief Technology Officer of the United States appointed by President Obama; and Paul Zikopoulos, VP of the Competitive and BigData Analytics Teams for IBM.

Gender diversity, smashing glass ceilings, and being women in a male-dominated industry dominated the conversation of the ‘Women in Risk’ panel discussion featuring Helga Houston (Huntington Bank), Tami Hudson (EY), Tara Papp (Vantiv), Helen Patton (OSU) and Suzanne Surface (NiSource) sharing their perspectives as women in the risk industry. The path to achieving equity in the workplace “seems counterintuitive,” said Patton. “But female workers will not advance until their male counterparts become their advocates. It would be great to get to a point when we don’t have to have this conversation because that means we are at a point where diversity has become the norm.”

Just as the iPhone, Facebook, Amazon, and Google were changing the way we live our lives, the last decade has also seen an explosion of counterintuitive thinking in risk practice. Gone are the days of simply identifying a risk and buying insurance. Data breaches and hacks have become our new normal. When confronted with such obvious risk, just purchasing a cybersecurity insurance policy isn’t going to cut it. Aneesh Chopra suggested a more radical approach – opening up while locking down.

Women in Risk Panel

“Assume,” Chopra said, “everyone gets in.” Rather than the more traditional “moat-building” approach, he stressed the importance of comprehensive tracking/mitigation techniques so that once someone gets in a company can see where they went and, more importantly, shut them down quickly. He also underlined the importance of personal accountability in cybersecurity saying, “Any one of us is most usually not aware of the risk we individually pose to our organizations.”

How best organizations might be able to leverage emerging technologies, specifically blockchain was the topic Paul Brody, Global Blockchain Innovation Leader at EY spoke to. Blockchain is a tamper-resistant ledger of online interactions between parties (There’s a guide to blockchain on our blog– read it here). Paul Zikopoulos from IBM outlined ‘The Internet of Things’, and the surging power of data collection from everyday objects such as vehicles and buildings. Other speakers addressed timely subjects including data privacy, machine learning, and the management of cyber risk.

Covering so many subjects in the span of a couple days was no easy task; the complexity of digital trends is a constant evolution, one that changes as quickly as it picks up speed. As Greg Khairallah, Senior Manager for Big Data and Analytics at Amazon Web Services, put it, “So what’s the point then of adapting these technologies and embracing the risks involved if we’re just going to have to change again? Because this is the future.”

“We simply cannot afford to think about risk the same way we’ve thought about it in the past.”

Financial Flexibility Helps Keep Insurance Companies Solvent

In the face of ever-increasing weather volatility, insurance companies are becoming more adaptive to handle capital challenges and ensuring their solvency. While different divisions within insurance companies would ideally exist within a vacuum, severe price shocks often necessitate that resources flow between them.

In her working paper “How Do Hurricanes Affect Life Insurance Premiums? The Effects of Financial Constraints on Pricing,” Shan Ge, a researcher and PhD candidate at The Ohio State University’s Fisher College of Business and research fellow at The Risk Institute, examines this trend.

According to Ge’s model, a hurricane might result in a severe shock due to a large number of claims to the Property & Casualty (P&C) division while the Life division escapes relatively unscathed. Pricing adjustments can then be made in one division to help transfer needed resources to another division.

“The insurance industry offers a unique setting to study how shocks to financial constraints affect firms’ pricing behavior,” said Ge. “Many insurance companies are organized into groups of commonly owned affiliated companies. Some groups contain both life and P&C insurance subsidiaries, which are subject to unrelated shocks. For example, a hurricane can have a large impact on a P&C business but not directly on a life insurance business.”

In the wake of such an event, the Life division of the company will want to stimulate the amount of incoming capital and could lower the premiums of policies whose initial costs would be covered by the purchase price. Conversely, policies resulting in an initial outflow of capital would see their policies increase.

This increase in capital is important for a couple reasons: First, when assets are deemed too low to meet liabilities (say, when P&C claims spike due to a hurricane), regulators can seize control. Transfer of capital from one division to another can help to prevent this. Also, customers prefer to utilize better-capitalized insurers. This free flow of capital is vital to insurers when faced with heavy losses in one division vs. another.

While hurricanes bring a host of literal emergencies, flexibility of resources in their aftermath can help to mitigate some of the potentially devastating effects. Similarly, insurance companies facing financial shortfalls from such disasters can benefit by applying timely pricing strategy to allocate their resources where they’re needed most.

Shan Ge is a research fellow at The Risk Institute. The Risk Institute at The Ohio State University’s Fisher College of Business exists to bridge the gap between academia and corporate America. By combining the latest research with the real-world expertise of America’s most forward-thinking companies, the Risk Institute isn’t just reporting risk management’s current trends — it’s creating tomorrow’s best practices.

FCPA & Ethics highlighted at latest Risk Series

Ethics is more relevant than ever before; In public and private entities, ethical decision making seems to have taken a back seat to short-term profitability be it monetary gain or popular opinion. Companies like Volkswagen, Wells Fargo and Equifax are seeing share prices in freefall while simultaneously dealing with a public relations nightmare.

The Risk Institute hosted its first continuing professional development session of the academic year on October 11, 2017, on the Foreign Corrupt Practices Act (FCPA) and ethical decision making. Speakers included David Freel, a professor at The Ohio State University; Eric Lebson, a vice president at the Crumpton Group; Vlad Kapustin from New York Life; and Bill Foale, an investigator from EY.

Globally, corruption accounts for more than 5 percent of the global GDP — more than $2.6 trillion. Most of that corruption occurs in developed countries with approval from senior management. Which leads us to think that the tone at the top and organizational culture need work.

Organizational culture is the shared beliefs or expectations that influence thinking and behavior; it’s the glue that holds the company together. According to Prof. Freel local companies Nationwide, Cardinal Health are best-practice examples of excellent, ethical organizational culture.

And ethics is important to consumers too. The data currently says that consumers are more likely to do business with companies they perceive to be of a high moral fiber.

Since a company’s ethics is a priority to consumers, it could be assumed that strides have been made across industries to clearly define ethical behavior for its employees, provide training, improve whistleblower policies, etc.

Unfortunately, that’s not the case.

Over the last 30 years, there’s virtually been no change in anti-corruption policies. According to Eric Lebson, “It’s difficult to get a company that has never experienced a FCPA incident to take action.”

An FCPA investigation can be crippling. On average, an FCPA investigation lasts 3.7 years, 92.42% of defendants who settle with SEC, and 76.44% of defendants who settle with DOJ.

Bill Foale encouraged executives to empower their audience to make compliance second nature. Many anti-corruption policies are dense and jargony and therefore difficult for even a native English speaker to comprehend. Foale suggests asking the following questions about your anti-corruption policies:

  • Is the material understandable?
  • Is it written in a way that the information is relatable to the audience responsibilities? As in, not just a list of “do nots” and includes examples of practical tips
  • Language? Keep in mind that many of your employees may be native English speakers.
  • Is there a resource available for questions/assistance?

Many ethical challenges like transparency, privacy, self-interest, and data protection lie ahead. But with proper prior preparation, any organization can avoid ethical conflicts.

For more on this topic and many others, visit fisher.osu.edu/risk. Risk Series V continues on November 14 with a conversation on Mergers & Acquisition Risk. M&A is a high stakes game and getting it right matters. Join The Risk Institute and our experts from academia and industry for a lively discussion about the delicate balance of risk and reward in M&A. To register, visit go.osu.edu/marisk.

Exporting Strife

Researchers find that unrest can have international ripple effect on business

A recent study conducted by Professor Isil Erel, Academic Director of the Risk Institute at The Ohio State University’s Fisher College of Business, in conjunction with Jan Bena from the University of British Columbia and Serdar Dinc from Rutgers University, has found that global, non-financial companies that have subsidiaries in crisis countries experience negative financial effects that extend beyond that country’s borders.

In their findings, which were presented by Professor Erel last month at Carnegie Mellon University and Emory University, it was determined that investment in a corporations’ subsidiaries in non-crisis countries tended to be 18% lower for corporations who had other subsidiaries in countries experiencing turmoil. Employment growth rate was also shown to be net zero or negative for such companies compared to 1.4% growth for their non-affected counterparts.

To read the full paper, please visit http://go.osu.edu/erelresearch

Isil Erel is the Academic Director and research fellow at the Risk Institute. The Risk Institute at The Ohio State University’s Fisher College of Business exists to bridge the gap between academia and corporate America. By combining the latest research with the real-world expertise of America’s most forward-thinking companies, the Risk Institute isn’t just reporting risk management’s current trends — it’s creating tomorrow’s best practices.

The difference between Bitcoin and blockchain for business

Are Bitcoin and blockchain the same thing? No, they aren’t. However, they are closely related. When Bitcoin was released as open source code, blockchain was wrapped up together with it in the same solution. And since Bitcoin was the first application of blockchain, people often inadvertently used “Bitcoin” to mean blockchain. That’s how the misunderstanding started. Blockchain technology has since been extrapolated for use in other industries, but there is still some lingering confusion.

The Risk Institute’s 2017 Annual Conference: The Digital Revolution and Risk Evolution will feature Paul Brody, a blockchain expert from EY.

How are Bitcoin and blockchain different?

Bitcoin is a type of unregulated digital currency that was first created by Satoshi Nakamoto in 2008. Also known as a “cryptocurrency,” it was launched with the intention to bypass government currency controls and simplify online transactions by getting rid of third-party payment processing intermediaries. Of course, accomplishing this required more than just the money itself. There had to be a secure way to make transactions with the cryptocurrency.

Bitcoin transactions are stored and transferred using a distributed ledger on a peer-to-peer network that is open, public and anonymous. Blockchain is the underpinning technology that maintains the Bitcoin transaction ledger. Check out this infographic and watch the video below for an overview:

How does the Bitcoin blockchain work?

The Bitcoin blockchain in its simplest form is a database or ledger comprised of Bitcoin transaction records. However, because this database is distributed across a peer-to-peer network and is without a central authority, network participants must agree on the validity of transactions before they can be recorded. This agreement, which is known as “consensus,” is achieved through a process called “mining.”

After someone uses Bitcoins, miners engage in complex, resource-intense computational equations to verify the legitimacy of the transaction. Through mining, a “proof of work” that meets certain requirements is created. The proof of work is a piece of data that is costly and time-consuming to produce but can easily be verified by others. To be considered a valid transaction on the blockchain, an individual record must have a proof of work to show that consensus was achieved. By this design, transaction records cannot be tampered with or changed after they have been added to the blockchain.

How is blockchain for business different?

The blockchain that supports Bitcoin was developed specifically for the cryptocurrency. That’s one of the reasons it took a while for people to realize the technology could be adapted for use in other areas. The technology also had to be modified quite a bit to meet the rigorous standards that businesses require. There are three main characteristics that separate the Bitcoin blockchain from a blockchain designed for business.

Assets over cryptocurrency

There is an ongoing discussion about whether there is value in a token-free shared ledger, which is essentially a blockchain without cryptocurrency. I won’t weigh in on this debate, but I will say this: blockchain can be used for a much broader range of assets than just cryptocurrency. Tangible assets such as cars, real estate and food products, as well as intangible assets such as bonds, private equity and securities are all fair game. In one business use case, Everledger is using blockchain to track the provenance of luxury goods to minimize fraud, document tampering and double financing. Now, over one million diamonds are secured on blockchain.

Identity over anonymity

Bitcoin thrives due to anonymity. Anyone can look at the Bitcoin ledger and see every transaction that happened, but the account information is a meaningless sequence of numbers. On the other hand, businesses have KYC (know your customer) and AML (anti-money laundering) compliance requirements that require them to know exactly who they are dealing with. Participants in business networks require the polar opposite of anonymity: privacy. For example, in an asset custody system like the one being developed by Postal Savings Bank of China, multiple parties, including financial institutions, clients, asset custodians, asset managers, investment advisors and auditors are involved. They need to know who they are dealing with but one client or advisor doesn’t necessarily need to be able to see all transactions that have ever occurred (especially when those transactions relate to different clients).

Selective endorsement over proof of work

Consensus in a blockchain for business is not achieved through mining but through a process called “selective endorsement.” It is about being able to control exactly who verifies transactions, much in the same way that business happens today. If I transfer money to a third party, then my bank, the recipient’s bank and possibly a payments provider would verify the transaction. This is different from Bitcoin, where the whole network has to work to verify transactions.

Why will blockchain transform the global economy?

Similar to how the internet changed the world by providing greater access to information, blockchain is poised to change how people do business by offering trust. By design, anything recorded on a blockchain cannot be altered, and there are records of where each asset has been. So, while participants in a business network might not be able to trust each other, they can trust the blockchain. The benefits of blockchain for business are numerous, including reduced time (for finding information, settling disputes and verifying transactions), decreased costs (for overhead and intermediaries) and alleviated risk (of collusion, tampering and fraud).

 

A version of this article originally published on May 9, 2017 on Blockchain Unleashed: IBM Blockchain Blog.

Written By:

Global Blockchain Labs Enablement, CTO Europe Office, IBM Industry Platform