Nearly half of middle-market businesses feel unprepared for key threats despite implementing various risk management strategies, according to Nationwide Insurance’s latest “Agency Forward” survey.
The survey found that while 90% of businesses have formal risk management policies that are reviewed regularly, 21% lack a business continuity plan, leaving them exposed to potential disruptions that could severely impact their operations.
Additionally, 45% lack a disaster preparedness plan, and only half have a fleet safety program in place.
These shortfalls create vulnerabilities that could lead to financial and operational setbacks.
The survey found that companies allocate an average of 6% of their budgets to risk management and safety. Industries with higher risk exposure, such as construction and manufacturing, dedicate a larger share — 19% and 13%, respectively.
Key business concerns
Middle-market businesses identified their top risks over the next two years as:
- Costs and finances (42%),
- Economic and regulatory factors (40%), and
- Technological disruption (26%).
Economic downturns, supply chain disruptions, cyber-security threats and regulatory changes are the most pressing risk management priorities, each cited by 42% of respondents. However, only 5% of businesses listed natural disasters as a risk management priority, which could be a blind spot given recent climate-related disasters affecting various industries.
Leveraging technology
Technology is playing an increasingly important role in risk management, with 76% of surveyed businesses utilizing some form of digital solution.
Owners reported improved efficiency and compliance to regulations, enhanced data analysis and reporting, and better real-time monitoring of risks as a result of their technology use.
While only 11% have fully integrated technology into all aspects of risk management, 65% use it selectively.
The most common digital tools include:
- Cyber-security solutions (78%),
- Compliance and reporting software (67%), and
- Supply chain management software (58%).
However, technological adoption is not without challenges. Business owners cite the cost of safety measures (38%), maintenance of safety equipment and technology (31%) and keeping up with evolving safety standards (30%) as significant barriers to effective risk management.
How companies can better manage risk
To close these protection gaps and strengthen their resilience, mid-market businesses should consider the following strategies:
- Develop a comprehensive business continuity plan — Organizations without a continuity plan should work with risk management professionals to create one, ensuring they have a roadmap for responding to disruptions.
- Review the company’s compliance with regulations and laws — It’s important that your human resources team stays on top of regulations and legislation to ensure the organization doesn’t run afoul of them, which can result in penalties and fines.
- Enhance disaster preparedness — Natural disasters may be a low priority for many businesses, but proactive planning can prevent severe financial and operational consequences. Developing an emergency response plan can help mitigate potential damage.
- Analyze workplace accident data — Managing workplace safety is key to any company’s risk-management efforts. You should track incidents and thoroughly investigate each accident or near miss to find out what led to the event.
- Invest in technology for risk mitigation — Consider expanding your use of AI, predictive analytics and cloud-based risk management platforms to identify and address vulnerabilities before they become major issues.
- Regularly review and update risk management policies —As regulations and business risks evolve, you should regularly assess your policies to ensure they remain effective and aligned with industry best practices.
- Integrate risk management with business strategy — Risk management should not be seen as a separate function but as a core component of business success. Leaders should align their risk strategies with company objectives to ensure a seamless approach to resilience.