In our previous article we examined the different risks faced by companies. One of them was the “Operational Risk”, being the risk of loss resulting from inadequate or failed internal procedures, systems or policies, or from external events. That definition comes from the financial sector, but it can be extended to the start-up world.
That article was published on 14/07/2017 by Philippe Goutière, ABIL, on Silicon Luxembourg.
The depth and breadth of operational risks to which start-ups are exposed will depend on their specific activities, products or customers. But it is fair to say that start-ups are generally speaking more acutely exposed to them. New products, new processes, new people, increased regulatory scrutiny… they all contribute to an increase in operational risks. It is a challenge to manage all of them.
Operational risk includes a variety of events, including:
- Fraud by employees or third parties, with or without the assistance of computer equipment, such as fraud on bitcoin platforms, fake president fraud, hacking, ransomware…;
- Employment risks, in particular relating to key people retention, health and safety issues, discrimination issues, excessive turnover…;
- Business risks related to clients, products or business practices, such as loss of customers, product failure, non-compliance with regulation…;
- Risks of damaging physical assets, such as fire, terrorism…;
- Business disruption and systems failures risks, such as consequent to a DDOS attack, a cloud or network failure;
- Execution risks, such as fat finger errors, wrong entries, failed reporting.
Often, insurances are a pretty good solution to manage those risks.
- Fraud insurances: protect the company’s assets against the risks of fraud;
- Liability insurances, such as Directors & Officers’ liability (D&O), General Liability, Professional Liability, Product Liability, Employment Liability, Civil Liability, Tenants Liability;
- Cyber insurances, covering the consequences of electronic attacks and system failures;
- Data Protection insurances, covering the consequences of a loss of data, including business interruption losses and administrative fines (as imposed foreseen under the GDPR);
- Property insurances, protecting the tangible assets;
- Kidnap & ransom insurances, protecting individuals travelling in unsafe countries on behalf of the company;
- Trade risk insurances, protecting the company against commercial and political risks;
- Travel, key man, pension … to protect people or the company itself.
In all instances, it is important that all your insurance policies are looked at as a whole to avoid gaps and overlaps. For holdings or other top companies in Luxembourg, insurance policies will also contribute to the substance and the support Group risk management’s policies.
Finally, specific insurance coverages should be considered when performing acquisition or executing exit strategy. Transactional insurances facilitate acquisition or sale of companies and other products support IPO.