How to manage threat of terrorism in crowded places

The changing nature of terrorist threats - both in terms of the type and severity of attack - require a serious and sophisticated response from corporate risk managers.

Today, crowded places are - and will remain - attractive targets for international and "home-grown" terrorists and so an important element of any counter-terrorist strategy is to create safer places and buildings that are less vulnerable to a terrorist attack. This is especially so for the leisure, hospitality, retail and property/real estate industries.

The Paris attacks in November 2015 and the more recent terrorist attack in Westminster are both evidence of the new forms of threats. In the Paris attack. terrorists used automatic machine guns and explosive devices to target sports and music events - as well as random attacks on bars and restaurants. Those complex, synchronised attacks were planned by individuals with links to organised groups based in Syria but there have also been examples of "lone wolf" attacks, in which radicalised individuals are inspired by these organised groups but have no direct links. Last month's attack in which British-born Khalid Masood drove a car along the pavement in Westminster and stabbed a policeman, appears to be the most recent example - although the extent to which an organised terror group was involved, if at all, is still unclear. Other examples include the June 2016 attacks on the Pulse nightclub in Florida, and the Nice lorry incident a month later. In the UK, the government continues to rate the threat of this style of attack at severe.

Cost of terrorism

The human and financial cost of terrorism is growing rapidly. The Institute of Economics and Peace has estimated that the direct cost of terrorism to the global economy in 2014 was $52.9 billion - a ten-fold increase since 2000 - and the indirect costs at $105 billion.

Companies still significantly underestimate their potential exposure to the related risks and losses, especially to the increasing indirect risks from terrorism elsewhere. For example, the Paris attacks in November 2015 paralysed Brussels' tourism and retail sectors some 320 kilometres away and had a lasting impact on the city's commerce. Many UK companies are unaware - or have underestimated - the financial losses that could occur if a key supplier or business partner (in the UK or internationally) were unable to operate for a significant period of time.

Practical steps

Companies can't predict all possible threats to their business. However, by working through a range of potential scenarios and consequences it is possible to make informed judgements and set appropriate priorities. The following four-step process is an effective way for companies to think about improving the management of these risks.

• Step one: identify the threats.
  Understand terrorists' intentions and capabilities, what they might do and how they might act, is a crucial first step to assessing potential threats.
• Step two: decide what you need to do to.
  Priorities should fall under the following categories: people, physical assets, information and process (supply chains and the operational process required to support the business).
• Step three: identify measures to reduce risk.
  Companies should introduce new proportionate measures that: deter would-be terrorists; 
aid detection of intrusion; and
delay any attempts at intrusion.
• Step four: continually review your security measures.
  Security and contingency plans should be rehearsed and reviewed on a regular basis to ensure they remain accurate, workable and up-to-date.

For organisations which are particularly vulnerable to terrorists targeting crowded places, the following counter-terrorism principles should also be considered.

New insurance products

Since the IRA attack on the Baltic Exchange in London in 1993, the UK established a mutual government reinsurer, Pool Re, to provide a backstop to insurers that offer terrorism cover on business property and business interruption policies. This has worked well and despite £600 million of claims from 13 separate incidents there has been no use of public money.

However, the increasingly interconnected nature of global commerce means that UK organisations are not only exposed to events in the domestic market but many also have international exposures through the global reach of their business activities. Companies can also be impacted via a change in consumer behaviour in the aftermath of a terrorist attack.

New threats and new risks require new insurance solutions and the private market is responding. For example, at least one international insurer is now offering a contingent Loss of Attraction cover. At Willis Towers Watson we are working with insurance providers to offer other new products such as updated Impairment of Access and Active Shooter policies.

As the risks from terrorism evolve, so too must the response of the risk management industry in order to minimize and manage the human and financial cost of such incidents.

Luke Bennett is executive director, financial solutions, in Willis Towers Watson's Terrorism & Political Violence Practice.