One of the primary responsibilities of credit managers is to ensure that their firm does not engage with customers who pose a significant risk of default. Companies with a higher risk of late payments and/or default on their obligations tend to also exhibit poor cybersecurity posture. Conversely, strong cybersecurity is a positive indication of strong corporate governance and management effectiveness. Trade credit managers must give dedicated attention to managing cyber risks as part of their due diligence process, alongside financial, operational, and compliance risks.
Trade credit professionals have the following concerns when it comes to their customers’ cybersecurity:
- Data Breaches: A data breach can lead to monetary loss, reputational damage, and potential legal and regulatory consequences. For trade credit managers, understanding the risk of their customers or suppliers encountering data breaches is critical, particularly when sensitive and proprietary data is shared, including financial and pricing data.
- Fraudulent Activities: Cybersecurity threats can result in fraudulent activities, such as identity theft, phishing scams, or invoice fraud. Often these events are due to compromised business emails. Trade credit managers need to be cautious about the authenticity of the parties they are dealing with and ensure that their customers’ and suppliers’ systems are adequately protected and have the right cybersecurity controls in place to prevent business emails from being compromised and related fraudulent activities. If your customer falls victim to a phishing scam, it can affect if and when your invoices are paid.
- Business Disruption: Cybersecurity incidents, like ransomware attacks, can cause significant disruptions to business operations. For trade credit managers, this can result in delays in processing orders, payments, or collections, leading to potential financial losses and damage to customer relationships.
This example illustrates how a ransomware attack impacted a company’s financial position:
An industrial manufacturer, known for its solid financial standing, faced a significant setback in 2020, when it fell victim to a devastating ransomware attack. The attack had a profound impact on both its operational health and its creditworthiness. Its probability of default, which had previously stood at a negligible 0.5%, increased tenfold. Research indicates that the average cost of a cyberattack to a company amounts to around $4.45M . The severe reputational damage from this attack left the manufacturer unable to secure any acquisitions, and to this day they continue to struggle with a weakened financial position.
Protecting against default includes managing cyber risk
Research indicates that the average cost of a cyberattack to a company amounts to around $4.45M1. As shown above, this kind of financial burden can easily affect a business’ ability to successfully maintain its commercial relationships and meet its credit obligations. Trade credit managers not only need to ensure their customers do not impose a significant risk of default but also proactively monitor portfolios to identify and address new risks before they lead to defaults. It is alarming to note that 60% of small businesses go out of business2 following a cyberattack, particularly considering that these businesses do not have cyber-risk insurance. Protecting against default includes considering the risk of cyberattacks.
Moody's Analytics can help trade credit managers to obtain an integrated view of risk to unlock opportunities and make informed decisions. We provide assessments of customer and third-party cybersecurity risk for use during the credit review process and help to continuously monitor the cybersecurity performance of customers and third parties to reduce the likelihood of cybersecurity incidents. Our assessments help credit managers understand a third-party’s potential exposure to data breach, business disruption events and fraud. To learn more, contact us today.
1 Cost of a data breach 2023 | IBM. (n.d.). https://www.ibm.com/reports/data-breach
2 60 Percent of Small Businesses Fold Within 6 Months of a Cyber Attack. Here’s How to Protect Yourself. (n.d.). Inc. https://www.inc.com/joe-galvin/60-percent-of-small-businesses-fold-within-6-months-of-a-cyber-attack-heres-how-to-protect-yourself.html
