About Matthew Lerner

Matthew Lerner is the business content writer at RIMS.

Sears Suppliers Wary as Shares Plummet

Sears Holding Corps’ “going concern” filing has vendors and their insurers running for cover as the venerable American department store appears heading for bankruptcy or some other final disposition.

In a filing this week with the U.S. Securities and Exchange Commission, Sears Holding Corp. told investors and observers that, “substantial doubt exists related to the company’s ability to continue as a going concern.” The company is parent to Sears stores and sister retailer Kmart.

The filing sent Sears shares down as much as 16% to $7.60 in New York trading, the company’s biggest intraday drop since October 2014. Prior to the drop, shares had gained some 60% since Feb. 9, according to Bloomberg.

As a result, Sears’ suppliers are changing business terms with the troubled retailer, in some cases cutting back inventory or insisting on faster payment terms, in order to mitigate the downside associated with doing business with Sears.

One such supplier, a textile maker in Bangladesh, has sharply cut back on the amount of goods it manufactures for Sears. “We have to protect ourselves from the risk of nonpayment,” the textile maker’s managing director told Reuters. “So far there was only speculation that they would declare bankruptcy in 2017. But now they are acknowledging it, which definitely complicates our relationship with them and our decision to accept future orders from Sears.”

Bloomberg Intelligence analyst Noel Hebert noted, “They’ve got all kinds of issues.” Sears has enough cash to get through 2017, he said, but its declining payables-to-inventory ratio shows that vendors have been increasingly reluctant to keep the retailer stocked.

Although Sears posted a smaller loss than expected in the fourth quarter, the company has lost some $10 billion over the past few years, according to Bloomberg.

“Whatever vendors continue to support them are now going to put them on even more of a short string. That means they’ll ship them smaller quantities and demand payment either in advance or immediately upon delivery,” Mark Cohen, the former chief executive of Sears Canada and director of retail studies at Columbia Business School in New York City, said in the Reuters piece. “Sears stores are pathetically badly inventoried today and they will become worse.”

Insurers that supply coverage against the nonpayment of goods are also looking to limit their exposure to what appears to be a worsening situation by backing away from business with Sears as it sinks.

“We tried to hang in as long as we could,” said Doug Collins, regional director for risk services at Atradius Trade Credit Insurance, who added that his firm has stopped providing insurance to Sears’ vendors. “Vendors may try to get a few more cycles in before the worst happens, and then it just depends if they’re lucky or not,” he said.

The situation is complicated by the personal involvement of billionaire owner Edward Lampert, who has poured hundreds of millions into Sears from his other business interests, using some of Sears’ assets as guarantees against the loans. This has resulted in a complex, even byzantine ownership structure which may complicate or preclude assets sales which could generate cash, according to some observers.

Sears’ cash position has crashed to just $286 million at the end of 2016 from a high of $1.7 billion in 2009, according to the Street.com, which added that the company hasn’t generated cash flow from its operations since 2006. “With negative news like this, it’s never good for confidence on the company,” Moody’s vice president, Christina Boni said. Earlier this year, Moody’s downgraded Sears’ credit rating to Caa2 from Caa1 to reflect the accelerating negative sales performance of its business and risk of possible default.

Costs Climb as Companies Move to Mitigate Supply Chain Interruptions

Some 70% of companies have experienced at least one supply chain interruption during the past year, with an unplanned IT or telecommunications outage the leading cause, according to the eighth edition of the Business Continuity Institute’s (BCI) Supply Chain Resiliency Report, produced in association with Zurich Insurance Group.

Covering 526 respondents in 64 countries, the report studies the causes, costs, and frequency of such events while also looking at companies’ progress in responding to supply chain interruptions and mitigating further occurrences.

While 70% of respondents reported at least one supply chain interruption during the past 12 months, only 17% said they have had no supply chain disruptions, with 13% saying they did not know. Perhaps more alarming is the increase to 13%—from 3% previously—of respondents reporting more than 20 such incidents.

Also alarming is the upward trajectory of costs associated with supply chain disruptions. The portion of respondents reporting cumulative losses of more than € 1 million ($1,058,171.30) resulting from supply chain interruptions jumped to 34% in this year’s survey from just 14% previously.

An unplanned IT or telecommunications outage was the leading cause of a supply chain disruption for the fifth consecutive year, followed by a loss of talent or skills, which jumped to second place from fifth, and then cyberattack or data breach, which dropped to third place from second. Despite this drop, the portion of respondents which said that cyberattacks and data breach had a ‘high impact’ on their supply chains increased from 14% to 17%.

Reaching the top 10 for the first time was terrorism, which moved to ninth from eleventh, while currency exchange rate volatility had the largest move up the list of event causes, jumping to seventh from 20th last year and cracking the top 10 for the first time since 2012. Insolvency in a company’s supply chain also reentered the top 10 for the first time since 2012, moving from 14th to 10th.

Lost productivity (68%), increased cost of working (53%), and customer complaints received (40%) were listed as the top three consequences of a supply chain interruption by respondents. The perception of such incidents can also hurt a company, with damage to brand reputation/image (38%), shareholder/stakeholder concern (30%), and share price fall (7%) all named by respondents as consequences of a supply chain disruption.

“It is crucial to note that the percentage of organizations reporting reputational damage as a result of supply chain disruption is at its highest level since the survey began. As this coincides with greater media scrutiny and social media discussions related to organizations, this result might be a good opportunity to reflect on reputation management and how supply chain disruptions might translate into adverse publicity for a given organization,” said the report.

As threats and costs grow, there appears to have been at least some progress in more closely addressing the issue.

While the percentage of respondents without firm-wide reporting of supply-chain incidents remains high at 66%, the portion of those using firm-wide reporting has grown steadily across the past five reports, rising from just 25% of respondents in 2012 to 34% in the 2016 report, the latest. Similarly, the portion of respondents which employ no reporting has declined steadily from 39% in 2012 to 28% in 2016.

As reporting is on the rise, so too is the complexity of interruption incidents as external supply chains cause more incidents. The portion of respondents which said the majority of their interruptions came from external supply chains jumped to 24% from 9% previously, and the portion attributing at least a quarter of interruptions to external suppliers more than doubled to 34% from just 15% previously.

Even with reporting on the increase, however, insurance uptake appears to be declining. Just 4% of respondents said they were fully insured against supply chain losses, down from 10% previously, with small and medium-sized enterprises more likely to be uninsured, at just 39%, than large organizations at 62%.

“These variations in insurance uptake may indicate a need to revisit business continuity arrangements and risk transfer strategies pertaining to supply chain disruptions,” according to the report.

Insurance Rate Declines Moderate as Cyber Shines

Global insurance rates declined for the 15th consecutive quarter, remaining competitive for most of 2016, according to the Marsh Global Insurance Market Index, Q4, 2016, which tracks industry data.

Insurance rate decreases moderated in the fourth consecutive quarter as global property rates continue to drop at a greater rate than other lines, mainly due to overcapacity and a lack of insured losses, according to the report.

“The last quarter of 2016 marked the 15th consecutive quarter in which average rates declined, largely due to a market with an oversupply of capacity from traditional and alternative sources and a lack of significant catastrophe losses,” Dean Klisura, global industry specialties and placement leader at Marsh, said in a statement.

After peaking at a 5% global quarterly rate of decline during the fourth quarter of 2015, that rate moderated throughout 2016. “The fourth quarter of 2016 marked an entire year (four consecutive quarters) in which the average rate of decline for global insurance rates moderated—a first since Marsh initiated the index in 2012,” says the report.

Worldwide, rates declined by 3.1% while the U.K. and Continental Europe saw the greatest regional drops at 4.8% and 4.2% respectively. Latin America saw the smallest regional drop at just 0.5% as the U.S., Asia and Pacific regions hovered midway with declines of 3.0%, 2.7% and 2.2%, respectively.

By business line, global casualty lines had the slowest rate decline at 1.9%, followed by Marsh’s Global FinPro (financial and professional) at 3.0% and then global property with the largest decline of 4.2%. U.S. rate declines reflected global figures with U.S. casualty rates declining in the fourth quarter at a rate of 2.1%, U.S. FinPro at 2.5% and U.S. property at 4.8%.

By contrast, the Marsh report tracked rising U.S. cyber liability rates, up 1.4% for Q4 2016, which was actually the smallest increase since rates started rising in Q3 2014 at a rate of 4.8% before peaking at 20.0% in Q2 2015, then beginning a steady decline toward the latest quarter. Despite steadily rising cyber liability rates, the report notes that “the number of clients purchasing cyber insurance increased 25% from 2015 to 2016 across all industries, with the greatest overall take-up in healthcare, communications, media and technology.”

Insurance markets in the U.K. and Continental Europe remain competitive, the report said, as Latin American casualty and financial and professional liability rates increased. Casualty rate increases were largely due to rising auto insurance prices, particularly in Colombia and Mexico, where Marsh says it has a large market share.

Some rates in the Pacific region notched increases, with casualty rates up 0.4% and financial and professional liability rates up 1.7%. Asia’s commercial insurance market remains competitive, according to the report.

While the report appeared to paint an overall picture of industry-wide softness, there was some suggestion of a turn in the tide. “Early indications that capacity may be moderating and that combined ratios may be increasing could be harbingers of looming rate increases as carriers seek to boost profitability and keep combined ratios below 100%,” Marsh says in its report.

In addition to looking back with its rates report, Marsh also takes a look forward in its “U.S. Financial and Professional Market in 2017: Our Top 10 List.” The company states that decreases in the directors and officers insurance market, continue “nine straight quarters of rate decreases.”

The Top 10 list goes on to say that cyber insurance will evolve as “risk professionals will need to address evolving cyber risks across multiple platforms,” and adds that financial and technology industries are converging at an increasing pace. “Financial companies will increasingly see exposures that were historically the domain of the technology industry,” it says.

In its “Casualty Insurance Outlook: Good News for Buyers in 2017,” Marsh says 2017 is “generally a buyer’s market for casualty insurance buyers, who typically are seeing strong competition and ample capacity for most casualty lines.”

New York Cybersecurity Regs to Take Effect March 1

The state of New York is implementing sweeping new regulations designed to protect insurers, banks and others from the growing wave of electronic security breaches which are making headlines and causing headaches across the financial services industry.

The new rules, slated to take effect March 1, mandate that insurers, banks and other financial services institutions regulated by the Department of Financial Services (DFS) establish and maintain a cybersecurity program. In addition to setting program standards, the 12-page document also provides definitions for companies as well as laying out “Transitional Periods” of 180 days to two years for companies to comply with different parts of the conditions and parameters of the regulations.

Entities must create and maintain written policies, requiring board-level or equal approval, setting out the company’s cybersecurity plan. Companies also must designate a chief information security officer (CISO), either in-house or third-party, who will be required to report annually to the company’s board. The rules call for stress testing of systems and periodic risk assessment and for the inclusion of third party service providers in a company’s cybersecurity plan.

The regulations will be published in the New York State register on March 1 and lay out the Department’s logic in establishing the new standards. According to the document:

“The New York State Department of Financial Services (DFS) has been closely monitoring the ever-growing threat posed to information and financial systems… Given the seriousness of the issue and the risk to all regulated entities, certain regulatory minimum standards are warranted, while not being overly prescriptive so that cybersecurity programs can match the relevant risks and keep pace with technological advances… It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.”

New York’s regulatory framework is the first of its type in the nation, according to a release from the Governor’s office.

“New York is the financial capital of the world, and it is critical that we do everything in our power to protect consumers and our financial system from the ever-increasing threat of cyber-attacks,” Governor Andrew M. Cuomo said in the statement. “These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place in order to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cyber-crimes.”

Under development since 2014, proposed new regulations were first published in September 2016, followed by a 45-day comment period. Updated proposed regulations were then published in December 2016, followed by a 30-day period for comments. Then in December, N.Y. state delayed implementing the rules and subsequently adjusted some requirements to reflect input from the industry, which asserted the rules were burdensome and said they would need more time to comply.

In addition to these accommodations, DFS took measures not to burden smaller businesses by establishing limited exemptions for companies with fewer than 10 employees, less than $5 million in gross annual revenue in each of the last three fiscal years from New York business operations, or less than $10 million in year-end assets.

According to the statement from the Governor’s office, the new regulations mandate:

• Controls relating to the governance framework for a robust cybersecurity program including requirements for a program that is adequately funded and staffed, overseen by qualified management, and reported on periodically to the most senior governing body of the organization

• Risk-based minimum standards for technology systems including access controls, data protection that includes encryption, and penetration testing

• Required minimum standards to help address any cyber breaches including an incident response plan, preservation of data to respond to such breaches, and notice to DFS of material events

• Accountability by requiring identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance to DFS

While cybersecurity has become an outsized concern for many business as high-profile breaches have played out in the media, sometime drawing in millions of consumers and costing companies millions of dollars in addition to precious reputational damage, many businesses remain under—or unprepared—for the challenges posed by cyber threats.

Indeed, The Hiscox Cyber Readiness Report 2017 surveyed managers and IT specialists at 3,000 small to large companies in the U.S., U.K. and Germany and found that just over half, 53%, of businesses are ill-prepared to deal with cyber-attacks. The study ranked companies from novice to expert in four key areas: strategy, resourcing, technology and process. Only 30% qualified as “expert” in their overall cyber readiness, of which 49% were U.S.-based companies.