It’s Week 5 of our blog series ‘7 emerging trends that are changing finance’. This week we take a look at Emerging Risks. With new responsibilities comes new risks for financial professionals, including new IT security risks, risks of globalization, and risks pertaining to changing workforce demographics.
Previous Posts on 7 emerging trends that are changing finance:
5. Emerging Risks
CFO as a risk manager
With the laundry list of new capabilities and responsibilities comes a list of new risks. Perhaps foremost on that list are legal regulations. From the anti-monopoly laws of the 1950s to the Sarbanes-Oxley Act of 2002, finance professionals have had to adapt to a variety of new regulations throughout time. While some of these have merely altered processes, many have changed the way CFOs lead their businesses altogether. Even within the last few years, new standards and regulations are stirring the pot again, as organizations like COSO and FASB are trying to update to reflect the modern world.
Finance leaders are also facing an expansive new set of risks that come with technology, the most serious of which are perhaps external security risks. Even companies with large and sophisticated security measures in place are still at risk for being targeted by hackers. While data breaches of consumer information can certainly damage a business’s reputation, the possibility of leaking confidential financial information and business plans could be detrimental to a business and a finance leaders career.
Social media has created a new type of risk for finance professionals, one that is difficult, if not impossible to control. As many companies have learned the hard way, information spreads quickly on social media. Stories may range from the unintentional release of confidential information to discussions of internal issues, policies, or other employees. Certain regulations regarding employee rights limit an employer’s ability to restrict their employees’ use of social media. This leaves corporations with few options other than to educate their workforce and encourage them to be on their best behavior.
The last emerging technology risk has risen from the volume of data and ease of transfer within organizations. Twenty years ago, when an employee was let go, they took their personal belongings in a box and were on their way. Nowadays, employees frequently share information between business and personal devices, store it on flash drives and in clouds, and retain duplicate copies of confidential business information, which can be particularly problematic when an employee leaves a company to work for a competitor.
Mitigating IT risks
In today’s modern work environment, flexibility is increasingly important. Upwards of 71% of office employees work remotely at times, an 80% increase since 2005. Of the mobile workforce, 37% work from multiple locations, 82% use many different apps, and 53% use multiple devices. More workers are using personal devices for work, and vice versa. Nine-two percent of workers believe that their smartphones should be enabled for both work and personal use.
To compound this challenge, a new class of tech-savvy employees are flooding the workforce. These employees are savvy enough to implement their own tools, deauthorize software, and even find ways to work around company regulations that they feel inhibit their ability to do their job. A 2013 McAfee study reported that 81% of employees use unapproved software and applications in the workplace, and that 35% of SaaS applications used within companies are unapproved. Forty percent of IT workers said they use unapproved software to bypass company-regulated IT processes.
Yet at the same time that employees are requiring (and taking) greater flexibility to do their jobs, the need for tight security is greater than ever. According to Microsoft’s Cybercrime Center, over 1 million people are victims of cybercrime every day, and IBM estimated the cost of a data breach in 2015 averaged $3.85 million. Employees may be a company greatest vulnerability; in a 2011 test conducted by KnowB4, 43% of employees clicked on a test phishing email sent from a trusted server. Other relaxed applications of security best practices by employees can also create issues.
In a 2010 study by CREDANT Technologies, 52% of respondents said they could not remember what was stored on their USB drive, and 34% said at any given time, they didn’t know where their USB drive was. To compound the issue, 68% said that they shared USB devices with family members, friends, or colleagues, and 10% admitted losing a flash drive with company info on it. Twenty-one percent of people admitted to using more than 10 USB drives.
In this evolving environment, it is important for companies to protect themselves while still allowing employees to access applications that will make them more productive. Provide the right tools that employees need to excel at their jobs. According to Good Technology, there was a 3,000% growth in secure browsing applications between Q3 and Q4 of 2013. Instead of creating rules prohibiting certain uses, create a process that enables employees to work their way.
Risks of going global
With growing economies abroad, the lure of global expansion seems inviting; labour costs can be much less expensive and worldwide retail sales are on the rise. According to a recent study by eMarketer, retail sales both in-store and online—reached $22.492 trillion in 2014, and they project that retail sales will reach $28.300 in 2018. Yet to date, many businesses have struggled making the leap. Virtually all of the world’s largest retailers, from Walmart to Tesco to Carrefour, have had to pull out of foreign markets after attempting to establish a local presence.
Yet despite these challenges, the unrelenting pressure to grow is leading many businesses into new territories. Global M&A activity has spiked in recent years, reaching an all-time high in 2007 with $4 trillion in deals, nearly half of which were cross border. In 2013, 25 out of every 100 M&A deals featured emerging markets, an increase of 300% from ten years ago when the number was closer to 8 out of every 100.
There are many challenges with going global. Laws and legal systems vary greatly throughout the world. This has many implications for businesses, including how financial reporting, business setup, and lawsuits are handled. Beyond the law, many businesses going global struggle to adapt to local culture. In countries with less sophisticated legal systems, finance leaders must have a firm understanding the local business culture to help navigate a complex business and legal environment. Furthermore, having a strong cultural understanding is also important when localizing products and messaging, and when hiring local employees.
Perhaps the largest risk for companies expanding abroad is the risk of IP theft. This threat is particularly high in China, where a culture of theft and imitation is widely accepted. Locally, it is viewed more as adaptation rather than theft, often referred to as “re-innovation” by the Chinese government. Centralization can provide significant operational efficiencies, but when trying to protect IP, having too much centralized knowledge can be problematic. Finance professionals can help protect their businesses by disaggregating IP, such as steps in the manufacturing process, especially the elements that have unique proprietary value to the company. This restricts employee knowledge to only a piece of the IP, limiting their ability to replicate externally.
Lastly, as businesses expand globally, finance leaders must address the security vulnerabilities that will arise as well. This is particularly true in parts of the world where technology and infrastructure are less advanced or less controlled.
Changing demographics within the workplace are proving to be a large risk for businesses and their finance leaders. As Millennials are growing up, a new generation of employees fluent in technology are taking over the workplace, and the expectations for technology are shifting. Employees who have entered the workforce with smartphones and social media may be unaware of the harm that these tools can do if not managed properly.
In 2015, it’s impossible to keep employees from using social media. Nor would we recommend it. Social media is a great way to hear what customers are saying and share your story, but it undeniably comes with risk. The case studies of employee missteps on social media are plentiful. Federal regulations governing employee rights may limit a company’s ability to prevent its employees from using social media, but employers should provide clear guidance on how social media can best be used. Business leaders should also reiterate the consequences of confidential information being leaked.
With Millennials, finance leaders are also dealing with a new entrepreneurial breed of employees. While having an “entrepreneurial spirit” is increasingly thought of as an asset for an employee, there are additional risks if that employee is actually an entrepreneur in their spare time. The largest risk with employees starting companies on their own time is IP theft. This threat has played itself out countless times, particularly in China, where employees have left their company only to create nearly identical products at a lower cost.
Beyond IP theft, bootstrapped entrepreneurs may take the liberty to utilize company resources for their personal endeavors. This may include small items, like pens and paper, as well as the use of data subscriptions, or the use of enterprise software. Employees may also be using their work devices for their side business. This creates security risks for the company, and may put you in violation of software licensing agreements. Furthermore, it could create a complicated legal situation should the ownership of the “side-work” be called into question. An employee’s side business may also create problems if there is any conflict of interest. For example, even if the side business is producing a non competitive service, an employee may harvest certain client relationships for their own business instead of putting all of their resources into helping their employer succeed. Furthermore, employers may find themselves in a difficult position should a group of employees leave simultaneously to pursue a startup full-time, which could easily happen if their startup gets funded.
Moonlighting in any capacity, whether entrepreneurial or not, can have its downsides for employers. Employees who work excessive hours will be more fatigued, have lower productivity, and will be more prone to making errors. But all that being said, companies may not want to automatically ban moonlighting, as there are some benefits. Along with some of the practical value to allowing it, like lower cost labour, a company that is supportive of its employees’ entrepreneurial exploration will harvest a culture of creativity and innovation, and denying employees opportunities may simply force these high-value employees to work elsewhere.
The benefits burden
As workforce demographics change, employee benefits are also evolving. Benefits are a great way to gain a competitive advantage in recruiting and retaining talent. In a 2014 Prudential Financial study, three out of four CFOs said that providing health insurance, retirement, and group benefits were important for their company. However, with a new generation of workers, many young employees are placing more emphasis on balance versus compensation. Benefits like flexible work schedules and additional time off may be of more value to some employees than a bigger paycheck. In the battle to recruit the best employees, companies are offering a more diverse range of benefits, including a pet friendly work environment, a clothing allowance, on-site gyms, and even a personal travel stipend.
As CFOs try to balance competitive benefits offerings with employee value, turnover costs, and fiscal responsibility, exploring benefits packages that are more customized to the individual can make for happier employees at a lower cost. In Prudential’s report, they noted a trend towards voluntary benefits, an à la carte approach that helps control costs while offering a broader set of benefits. Seven out of ten CFOs said that offering voluntary benefits helped increase employee satisfaction while remaining cost-effective.
At the opposite end of the spectrum in the benefits-risk discussion are the issues surrounding older employees. Companies who have not helped their workforce adequately prepare for retirement find themselves bearing the costs of senior employees who opt to postpone retirement due to inadequate savings. Not only do these employees have higher salary and benefits costs—41% of CFOs reported that employees who are unprepared for retirement make it difficult to control workforce costs—but 27% said that it made it difficult to forecast and manage staffing needs and 26% said that it actually hurt retention by limiting growth opportunities for younger employees. While there is a cost to investing in your employees’ retirement, companies need to acknowledge that there is also a cost for not doing so.
Join us next week where we will look at the penultimate emerging trend that is changing finance: Evolving Regulations.