Welcome to this quarter’s edition of RBCM News., a round of risk and business continuity management news across the SE Asia region.
The Health Ministry are reviewing the impact of Covid 19 epidemic in Malaysia following the announcement from the World Health Organisation that the epidemic is no longer categorised as a global health emergency.
The New Zealand government has announced a flood and cyclone recovery package of around NZ$1bn ($625m) as part of Budget 2023 that covers the basics of rebuilding roads, rail and schools while preparing for future events with a big investment in flood protection measures.
Malaysia: Around three in five or 62% of Malaysians are willing to commit fraud to file an insurance claim, according to a study revealed by FICO, an international data analytics company.
As soaring temperatures cause sea levels to rise at a rapid rate, Malaysia is at risk of losing about 1,350km of coastline from severe erosion due to global warming in the next few years if no immediate measures are taken, according to environmental data and experts.
Mercy Malaysia is urging the private sector and donors to become strategic partners in the Resilience Living Lab programme, which will boost disaster risk reduction and management.
Cyber risk levels in Asia Pacific (APAC) have improved from the first half to the second half of 2022, according to global cybersecurity leader Trend Micro incorporated in its latest report. However, organisations remain pessimistic about the threat landscape, with 82% anticipating successful attacks this year.
India CBank deputy has commented that the boards of Indian banks must pursue robust risk management strategies and emphasise compliance and effective governance while preparing for any potential risks, a deputy governor of the Reserve Bank of India said.
An early warning monitoring and fire prevention system has been set up by Malaysia for its ASEAN neighbours, in a bid to reduce hot spots as the warmer El Nino weather phenomenon looms and increases the risk of fires in vegetation and other areas.
Data from the cybersecurity expert, Kaspersky shows that email phishing attacks in Malaysia remain at an alarming rate. In 2022, Kaspersky Anti-Phishing System has blocked 8.27 million cyber-attacks.
The head of South Korea's financial supervisory agency asked foreign financial firms on Wednesday for pre-emptive risk management in the face of various uncertainties.
Indonesia, Malaysia and Singapore may be hit in coming months with their worst haze crisis in five years due to warming ocean temperatures, a report by a Singapore-based think-tank said.
Finally, The Institute of Risk Management India (IRM) India affiliate has entered into a knowledge partnership by signing a memorandum of understanding (MoU) with Reliance Jio Infocomm to build resilience and promote the need for and importance of Enterprise Risk Management (ERM) in the telecom industry.
For further information on any of these topics, please see below and if you would like to discuss how Beard RBCM can help your business in risk management and business continuity management, please contact me.
Health ministry to conduct Covid-19 risk assessment
The health ministry will carry out a risk assessment of the Covid-19 infection situation in the middle of next month following the announcement by the World Health Organization (WHO) that the epidemic is no longer categorised as a global health emergency.
Its minister Dr Zaliha Mustafa said the assessment is necessary to review the declaration of local areas of infection, which will expire on June 30, and to facilitate the government in determining the next direction involving the latest protection measures against Covid-19.
Although WHO no longer categorises Covid-19 as an international health emergency, she said, the ministry needs to take into account local factors.
Zaliha said the ministry will also review and update the Covid-19 guidelines with reference to the WHO's recommendations regarding the long-term management transition of the pandemic.
Yesterday, foreign news agencies reported that the WHO has lifted the public health emergency of international concern status for Covid-19, but insists the disease continues to pose a global threat.
Institute of Risk Management India Affiliate signs MoU with Reliance Jio to strengthen risk management in telecom
The Institute of Risk Management India (IRM) India Affiliate has entered into a knowledge partnership by signing a memorandum of understanding (MoU) with Reliance Jio Infocomm to build resilience and promote the need for and importance of Enterprise Risk Management (ERM) in the telecom industry.
IRM is the world's leading professional body for ERM qualifications across more than 140 countries and Reliance Jio is an Indian telecommunications company and a subsidiary of Jio Platforms that operates a national LTE network with coverage across all 22 telecom circles, a release said.
Reliance Jio has been holding the lion's share of the market with a portfolio of products and services, it said.
As a part of this knowledge partnership, both IRM India Affiliate and Reliance Jio will be organising webinars, roundtables, industry meetings, and contributing thought leadership articles towards knowledge building and enhancing ERM and risk intelligence for the sector.
IRM has recently entered into knowledge partnership with leading organisations including Cipla, UltraTech, IHCL, NIMSME (a ministry of MSME organisation), All India Council for Technical Education (AICTE). IRM India Affiliate has also recently welcomed representatives from international bodies like the International Organization for Standardization (ISO) and the Committee of Sponsoring Organizations (COSO) as external board advisors.
Govt allocates US$62.5m for flood protection
The government has announced a flood and cyclone recovery package of around NZ$1bn ($625m) as part of Budget 2023 that covers the basics of rebuilding roads, rail and schools while preparing for future events with a big investment in flood protection measures.
The package includes a Flood and Cyclone recovery bundle that will boost resilience against future extreme weather events with an investment of NZ$100m ($62.5m) in flood protection. Regions affected by the recent North Island extreme weather events will be able to apply for funding from an initial NZ$100m in Budget 2023 for local solutions to keep them safe from future floods.
This adds to the NZ$890m already provided in a rolling maul of repair works and business support.
Treasury has estimated the damage from Cyclone Gabrielle and the Auckland Floods could range from NZ$9bn to NZ$14.5bn, second behind only the Canterbury earthquakes in terms of damage from natural disasters New Zealand has faced. Of this, NZ$5bn to NZ$7.5bn of damage is expected to relate to infrastructure owned by central and local government.
Survey unveils attitudes towards fraud
Around three in five or 62% of Malaysians are willing to commit fraud to file an insurance claim, according to a study revealed by FICO, an international data analytics company.
The study noted that around 35% of respondents feel it is "OK" to exaggerate income on a loan or mortgage application, while around 25% thought it was normal to do so. The study also revealed similar proportions of consumers would exaggerate an insurance claim or add items to a claim.
These findings arose from a survey in January 2023 which FICO conducted of more than 1,000 consumers in Malaysia to determine perceptions and impacts of scams.
The study also pointed out that financial institutions frequently possess the evidence required to distinguish between fraudulent and legitimate applications.
However, fraud teams are frequently unable to utilise this data because they are siloed. These inefficiencies result in inadequate fraud protection and compromise the customer experience.
Parts of Malaysia at risk of disappearing due to global warming-induced sea level rise
As soaring temperatures cause sea levels to rise at a rapid rate, the country is at risk of losing about 1,350km of coastline from severe erosion due to global warming in the next few years if no immediate measures are taken, according to environmental data and experts.
Based on data from the National Coastal Erosion Study 2015, Utusan Malaysia’s special report said that the affected areas facing critical coastal erosion are mainly in Sarawak, Sabah, Johor, Perak and Terengganu.
It said that several areas across Malaysia were at risk of disappearing entirely before the projected date of 2050 due to rising sea levels.
The report cited the coastal areas of Pantai Ban Pecah in Perak that were once paddy fields before being flooded by seawater in the 1960s, believed to be from global warming and extreme weather.
Private sector urged to get involved in disaster risk reduction
Mercy Malaysia is urging the private sector and donors to become strategic partners in the Resilience Living Lab programme, which will boost disaster risk reduction and management.
A statement said the Resilience Living Lab Master Plan was launched yesterday by Mercy Malaysia trustee and Universiti Teknologi Malaysia board chairman Tan Sri Azman Mokhtar.
It said the programme is a catalyst for the institutionalisation of the Human Development Nexus approach in the next seven years.
In his keynote speech at the launch, Azman said environmental disruption due to climate change affects many levels of society.
He said as environmental disruption is accelerating, it is difficult for society and the ecosystem to deal with it.
Cyber Risk Levels in APAC Improve But threats Still Loom
Cyber risk levels in Asia Pacific (APAC) have improved from the first half to the second half of 2022, according to global cybersecurity leader Trend Micro incorporated in its latest report. However, organisations remain pessimistic about the threat landscape, with 82% anticipating successful attacks this year.
The findings come from Trend Micro’s biannual Cyber Risk Index (CRI) report, which measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked. In the second half of 2022, the CRI surveyed more than 3,700 CISOs, IT practitioners, and managers across North America, Europe, Latin/South America, and Apac.
In APAC, enhanced cyber preparedness is a key driver of improved cyber risk levels which has shifted from “elevated” to “moderate”.
However, local organisations remain on guard with majority of organisations citing that they are “somewhat to very likely” to experience a breach in customer data (74%), intellectual property (68%), or successful cyberattack (74%) in the next 12 months.
Organisations in Malaysia and APAC cited ransomware, clickjacking, and crypto-mining among the top five cyber threats that they expect to experience this year.
In APAC and Malaysia, some of the primary risks are people related. APAC respondents named employees as representing three of their top five infrastructure risks. In Malaysia, negligent insiders and lack of qualified personnel comprised two of their top five infrastructure risks.
India Cbank deputy calls for better risk management, governance at banks
The boards of Indian banks must pursue robust risk management strategies and emphasise compliance and effective governance while preparing for any potential risks, a deputy governor of the Reserve Bank of India said.
"Effective risk management, governance, and compliance practices are essential in safeguarding the bank's reputation, financial stability, and long-term viability," MK Jain said in a speech at the conference of directors of state-run and private banks on May 22 and May 29, respectively.
The RBI has been urging banks to adopt effective risk management practices and strengthen their governance standards to avoid financial instability.
The deputy governor also sought banks to ensure that their actions comply with the intended purpose and principles of regulation and not just stick to the literal or technical interpretation.
Lenders should also take a long-term view of their business and consider the impact of decisions on their financial health, reputation, and broader societal and environmental factors, the deputy governor said.
Boards must remain vigilant, adaptive, and continuously assess the bank's performance, risks, and opportunities, and take timely and informed decisions, he added.
Malaysia establishes monitoring and warning system to predict level of fire risk for South-east Asia
An early warning monitoring and fire prevention system has been set up by Malaysia for its ASEAN neighbours, in a bid to reduce hot spots as the warmer El Nino weather phenomenon looms and increases the risk of fires in vegetation and other areas.
The Fire Danger Rating System, or FDRS, is able to assess the risk of fires and predict fire behaviour for up to seven days in advance. This information is used to assist in fire management.
The system utilises satellite data that can differentiate if heat comes from an industrial area, an oil and gas well or burning vegetation, as well as data on weather, temperature, and hot spots from 459 Asean weather stations from the Global Telecommunication System, said Malaysian Natural Resources, Environment and Climate Change Minister Nik Nazmi Nik Ahmad.
It has also invested in watchtowers to look out for fires on agricultural land. Forest fires, however, may pose bigger challenges.
Indonesia is also exploring climate modification technology to produce artificial rain and strengthen water reserves, which could help prevent peatland fires, said Indonesia’s Coordinating Minister for Maritime and Investment Affairs Luhut Binsar Pandjaitan.
Alarming rise in online attacks Malaysia’s cyber security landscape in 2023
Data from the cybersecurity expert, Kaspersky shows that email phishing attacks in Malaysia remain at an alarming rate. In 2022, Kaspersky Anti-Phishing System has blocked 8.27 million cyber-attacks.
According to CyberSecurity Malaysia, the country has reported 4,741 cyber threats in 2022, and already recorded 456 fraud cases as of February 2023.
To raise the red flag higher, a total loss of RM27 million (as of February 2023) was recorded by The National Scam Response Centre (NSRC).
In 2022, pages impersonating delivery services had the highest percentage of clicks on phishing links (27.38%) followed by online stores (15.56%), payment systems (10.39%) and banks (10.39%).
According to the latest data from Kaspersky, there was a 45% increase in web threats blocked by the cyber security company last year. These threats refer to attempts to download malicious objects from infected websites.
Web threats are made possible by end-user vulnerabilities, web service developers/operators, or web services themselves.
S Korea market watchdog urges preemptive risk management by foreign firms
SEOUL : The head of South Korea's financial supervisory agency asked foreign financial firms on Wednesday for preemptive risk management in the face of various uncertainties.
"Especially, I request that you do your best to maintain financial soundness and proactive risk management by pre-emptively responding to recent external and internal uncertainties," Lee Bok-hyun, governor of the Financial Supervisory Service (FSS), told firms.
Representatives from 11 foreign institutions including JPMorgan Chase Bank, HSBC Bank, MUFG Bank, Yuanta Securities, Goldman Sachs Securities, insurers, and investment companies attended.
Lee also told the meeting, which is held once or twice a year, about progress in regulatory changes and authorities' efforts to improve foreign access to financial markets, the FSS said in a statement.
Indonesia, Malaysia could see worst haze in five years, report warns
Indonesia, Malaysia and Singapore may be hit in coming months with their worst haze crisis in five years due to warming ocean temperatures, a report by a Singapore-based think-tank said.
This year’s heatwave will be a stress test for cooperation between governments and the private sector, according to the Haze Outlook 2023, published Wednesday by the Singapore Institute of International Affairs (SIIA).
It designated a “red” rating for haze, indicating the most severe of the three levels of risk for the first time since the outlook – which analyzes the risk of a severe transboundary haze crisis affecting Indonesia, Malaysia and Singapore, and the surrounding region – began five years ago.
However, it did not include the Lower Mekong region of Myanmar, Thailand and Laos, which were hit hard by an extreme haze crisis earlier this year primarily due to wildfires and agricultural waste burning.
2015 was region’s worst haze crisis
In 2015, industrial-scale slash-and-burn practices for agricultural purposes, particularly palm oil and pulpwood production, in Indonesia and parts of Malaysia choked a large swath of Southeast Asia with smoke for weeks, causing strained relationships among governments.
The transboundary haze may have caused more than 100,000 deaths, which was 2.7 times higher in 2015 than a decade earlier, according to research in 2016.
Last month, Singapore issued a precautionary advisory to its residents, urging them to acquire an ample supply of face masks and air purifiers.
Risk & Business Continuity Management News SE Asia April 2023
Welcome to this quarter’s edition of RBCM News, a round of risk and business continuity management news across the SE Asia region.
As the global market volatility continues, we are seeing the risk of a possible technical recession in Singapore due to a weakness in manufacturing. This runs the risk of a ‘spill over’ to surrounding regions and companies that have a reliance on technology.
ESG is becoming a topic of interest for insurance regulators, according to an Abrdn survey, with companies expected to incorporate ESG risks into their strategies.
A spotlight on vendor assessments is getting more regular traction globally with companies focusing their risk management lens on how vendors are identified assessed and managed, and the software solutions out there to manage this process.
Disaster recovery in Malaysia has been highlighted as receiving significant investment from the central government, with better communication highlighted between central powers, regional and local government.
A lack of digitalisation in Singapore companies has been identified as representing a corporate risk. Managing this risk can help to mitigate the root causes, such as overburdensome admin tasks and a lack of risk management documentation.
Cyber security is continuing to be a concern with an increase in cyber attacks across Malaysia highlighting a significant gap in companies’ arsenal of managing and keeping safe employee and customer data. Bad threat actors extracted nearly 200 million gigabytes of data from Malaysian companies in 2022.
Finally, Godrej Agrovet have recently been awarded a prestigious risk management award in India, demonstrating their commitment in their respective highly diversified industry, congratulations Godrej!
APAC insurers consider regulatory adoption as the highest priority, reveals abrdn APAC insurance survey
Around 40% of APAC insurers plan to allocate more of their investments to private market products, including private debt and private equity.
Global asset manager, Abrdn, and Hong Kong-based financial services strategy consultancy, Quinlan & Associates, have launched the first APAC Insurance Investment Landscape report, which explores how insurers in the APAC region are tackling – and capitalising on – various industry-specific developments, as well as to understand the key priorities in their future investment strategies.
The report surveyed 56 senior executives across 43 insurance companies covering eight markets in APAC, including Hong Kong, Singapore, Mainland China, Thailand, Taiwan, Malaysia, Australia, and South Korea on six key topics ranging from regulatory adoption to Environmental, Social, and Governance (“ESG”) and net-zero, to investment and hedging strategies, ILP business, and external partnerships.
As regulators in APAC have set out rapidly evolving expectations on ESG requirements for regional insurers, focusing in particular on environmental initiatives (e.g., net-zero), as well as risk management strategies in recent years, insurers are incorporating ESG considerations into their operations and investments. The survey findings show that 70% of APAC insurers have either already integrated ESG into their investment strategies or are in the progress of doing so, while 50% of respondents have not yet started to integrate net-zero. Data quality remains the largest integration barrier for both ESG and net-zero, followed by investment management, which are the starting points of the entire integration value chain.
An average of 62% of APAC insurers believe local ESG regulations will become stricter in the coming three years, and expectations are particularly high in Australia (77%), Malaysia (72%), and Hong Kong (69%).
Insurers expressed strong demand to outsource their ESG integration efforts, investment execution, as well as hedging strategies to external partners. When considering partners, 96% of surveyed insurers believe that brand, reputation, and performance track record are very important or important factors, while independence is not a concern.
https://www.abrdn.com/docs?editionId=7d0ec25b-9e6f-4ce5-a52a-057b934f8e54
Streamline Vendor Assessments with Risk Management Software
Vendor assessments are critical for evaluating the performance and risk associated with third-party providers. They help businesses ensure that their suppliers meet required standards, comply with regulations, and protect sensitive data. To optimize these assessments, businesses can employ third party risk management software (TPRM software).
Third party risk management software, also known as vendor risk management software, is a digital tool that automates and streamlines the process of evaluating and managing risks posed by vendors, suppliers, and other third-party partners. It helps organizations maintain a structured approach to vendor assessment, ensuring all relevant information is accounted for and that appropriate risk mitigation strategies are in place.
TPRM software plays a central role in the vendor assessment process by providing an organized framework for identifying, assessing, and monitoring third-party risks. By automating various aspects of the process, TPRM software enables businesses to reduce the time and effort involved in managing vendor relationships, while improving the accuracy and consistency of their risk evaluations.
Disaster preparedness: Malaysia on right track
Malaysia is on the right track towards ensuring the country's preparedness in dealing with disasters, said Mercy Malaysia deputy executive director Hafiz Amirrol.
He said one of the improvements implemented was from the aspect of communications and information management, as well as awareness of risks and requirements to deal with disasters at every level, namely the federal government, state governments and local authorities.
When tabling the 2023 Budget on Feb 24, Prime Minister Datuk Seri Anwar Ibrahim announced that RM150 million would be channelled to the National Disaster Management Agency (NADMA) to improve asset requirements, warning systems and assistance to affected people.
A total of RM50 million was also allocated to the armed forces, the Fire and Rescue Department and Rela for the provision of equipment and assets to deal with disasters, while the role of the community as the first responders is strengthened with a RM20 million allocation under the Caring Community Organisation Grant.
Lack of digitilisation in Singapore impacting risk management and workplace safety practices for SMEs
Since 2020, workplace fatalities in Singapore have been increasing from 30 in 2020, 37 in 2021 to 46 in 2022, the highest since 2016 when there were 66 workplace fatalities reported according to Channel News Asia. This alarming trend reveals the gap in Singapore’s risk management process resulting in an increased number of workplace accidents.
Small and medium-sized companies have been identified by the Ministry of Manpower (MOM) as having more workplace accidents when compared to larger organisations. This was mainly contributed by the lack of knowledge and resources when it comes to adopting WSH practices such as obtaining risk assessment certificates and bizSAFE certificates.
It is undeniable that the high cost and time needed to obtain the certification could deter businesses from doing so. Hence, the question of how businesses could obtain both Risk Assessment and bizSAFE certification without the hefty price tag and time invested remains.
Due to the lack of digitalisation within the risk management industry, businesses face many administrative challenges that could have easily been overcome by leveraging technologies. For instance, a typical challenge faced by organisations is the loss of risk management documentation and the lack of secure storage space.
The need for digitalisation and modernisation in risk management cannot be overstated. By incorporating technology and advanced analytics, Singapore can improve its risk management practices and become more efficient and safe.
Cyber security continues to be a top concern in Malaysia
Many firms in the country lack proper cyber security measures, making them vulnerable to threats like malware, ransomware and phishing
Last year, Malaysia suffered multiple cyber attacks, including the theft of 22.5 million people’s personal data from a national registry and a payment gateway data breach. In the same year, hackers broke into a payslip system, extracting nearly two million payslips and tax forms, stealing up to 188.75 gigabytes of data. This group, known as the “grey hat cyber security organisation”, highlighted the vulnerabilities of the system.
These cyber-attacks have shown that many organisations in Malaysia are vulnerable to threats like malware, ransomware and phishing due to the lack of proper cyber security measures. Cyber security should be taken seriously as it poses significant financial risks to enterprise value, justifying its classification as a governance issue and management quality indicator.
Godrej Agrovet Wins Prestigious India Risk Management Award
Godrej Agrovet Limited (GAVL), one of India’s largest diversified agribusiness companies, has been recognized as the winner at the India Risk Management Awards 2022-23.
GAVL has established a comprehensive risk management program comprising of well-defined procedures, structures, and guidelines to identify, evaluate, monitor, and address business risks including any material changes to its risk profile. To achieve this, the organization has clearly defined and ensures proper risk management through a system-based approach, which is supported by solid internal control systems and processes. This strategy combines divisionally developed procedures with centrally issued policies to guarantee the creation of appropriate risk management policies and processes.