This article, authored by Peter L. Bernstein, discusses the economic crisis is changing the risk management landscape in various ways. The economic crisis and staggering losses that have occurred should naturally decrease appetites for risk but the bailouts that have helped to prevent a further meltdown could have the effect of increasing risk appetites. Government bailouts will have many far-reaching effects on the economy, some of which can be counteracted. One effect of government bailouts is that, absent sharp increases in taxes, the size and costs of government borrowing will increase substantially. There is currently sufficient demand for Treasury debt, but if and when demand slackens, yields will rise, increasing the cost of government borrowing. This large government need for financing will make it expensive for businesses to borrow and lead to inflation.

Impact of Government Bailouts on Risk Appetite

Perhaps the greatest potential consequence of government bailouts is that they could lessen our aversion to risk. The bailouts were enacted because the risk to the economy from government inaction was believed to be greater than the risk of any moral hazard of increased risk taking. However, there has been little dissent voiced over the bailouts and their potential negative impacts on risk taking, even though the bailouts of businesses that created the bubbles have been done without hesitation at potentially significant costs to taxpayers. This minimal dissent could be a problem if it means that we have become more tolerant of moral hazard because the size and frequency of the bailouts experienced in this crisis could cause a lack of restraint in the future.

Increased risk-taking could occur because when we believe the environment is low-risk and take more chances, we fundamentally change the environment to become less low-risk. For example, greater liquidity leads firms to borrow more but increasing debt levels increase vulnerabilities to adverse changes and stability can actually lead to instability. However, the current environment could cause the reverse process to happen. We are currently in what is perceived as a high-risk environment, especially in the credit area, and the more these risks are emphasized, the more inclined we will be towards risk aversion and the more our actions will change the environment to be less risky. Likewise, the current lack of liquidity leads firms to borrow less, reducing their vulnerability to negative changes and leading towards increased stability. In this way, the economic crisis we have experienced could lead to a more risk-averse environment in the future.

Security Risks

Another impact of the economic crisis has been that the recession has hit security budgets, and security directors have to address the shifts occurring in the enterprise risk environment with constrained resources. Adopting an enterprise risk perspective is an important strategy in enabling organizations to track, quantify, and analyze shifting thresholds of risk. Security is then responsible for mitigating threats to stakeholders, facilities, and tangible and intangible assets.

The percentage of firms cutting their security budget has risen from 19% last year to 52.5% this year. And, at the same time as budgets are being cut there are increases in reported security problems such as human resources interventions (45%), property theft (44%), and fraud (43%).

Insider Risk Threats

Insider threats result in the majority of economic losses incurred by businesses and these threats increase in times of employee discontent. Organizations can address this risk by embracing transparency and communicating candidly with employees. Data siphoning also rises with increases in layoffs and organizations can protect information by communicating corporate policies about data misappropriation and enacting IT security measures.

Another impact of difficult economic times is that consumer goods manufacturers are likely to see increases in product diversion and counterfeiting and retailers will likely see increases in organized professional shoplifting. Companies can combat this issue by watching auction sites for spikes in bargain goods and by keeping loss-prevention problems in place. An organization’s security is not just impacted from within but companies should investigate the resilience of security at third-party organizations that may be suffering from falling security standards as well.