Introduction: Leading In-Crisis and Beyond
The COVID-19 public health event, and similar 21st century threats impacting business continuity, require plans for immediate action while management and boards may face an extended period of financial and operational uncertainty. The current crisis is one of those times when core operational impacts demand immediate leadership attention and rapid decision-making. Even organizations with robust emergency response and business continuity plans are under operational and financial stress to continuously prioritize, analyze, and adapt. Ankura has identified ten focus areas that should be top of mind with business leaders for accelerated consideration and execution during the current crisis. Our experts will consider the key short-term actions, identified risks, and future considerations in a series of articles.
In part one, we examine:
- Liquidity & Business Planning
- Secure Remote Workforce
- Government Aid
- Business Interruption Claims
A Note on Terminology:
Throughout these articles, we use the term “crisis” as an umbrella term for COVID-19 and correlated volatility. We use the phrase “next normal” to highlight the as-yet unforeseen future state beyond the initial crisis. This “next normal” does not refer to life pre-COVID-19. Rather, it is to be envisioned as the unfolding future state geopolitically and economically, in which organizations will reposition to operate.
1. Liquidity and Business Planning:
ACTIONS FOR THE NEXT 30 DAYS:
Pursue Thirteen-Week Cashflow Forecasts: Organizations must immediately pursue a robust thirteen-week cashflow forecast, identifying fixed and variable expenses. In the current environment, this forecast should coincide with a line-by-line review of key expenses, with C-suite driving strategies designed to deal with relevant items (e.g., navigating rent negotiations as a non-fixed expense).
Tighten Delegation of Authority: In addition to participating in relevant C-suite reprioritization efforts, CFOs need to immediately reevaluate, revise, and tighten Delegation of Authority in this period of crisis. As appropriate, they must consolidate control of expenditures and establish immediate cost containment directives. Though this effort rests with the CFO, it should not live in a vacuum. Key functional leaders should provide input.
Steer a Conservative Course: Financial leaders should caution operators to reduce optimism and pursue a conservative course to protect liquidity. Additionally, leaders should identify any non-core assets and inventory, liquidating when possible to increase cash-in-hand.
Clarify CAPEX: From a capital requirements perspective, any discretionary capital expenditures (CAPEX) needs to be eliminated. There also needs to be clarity around nondiscretionary CAPEX. If there is a revolving line of credit, leaders should be cognizant of how best to utilize this facility.
KEY RISK FACTORS:
Lack of Clarity for Reopenings: Given a lack of clarity on timelines and associated costs, organizations will need to carefully manage when and how they sequence reopening considering local, state, and federal guidelines. Mis-sequencing, or attempting too many activities at once, will place organizations at risk. Organizations should maintain a conservative approach to reopening efforts, tamping down unfounded optimism. The “next normal” will not look like the business environment pre-COVID-19.
Difficulties Raising Capital: Difficulties raising additional debt or equity capital are expected. Most organizations will likely continue to be challenged to raise additional capital for the foreseeable future.
KEY CONSIDERATIONS FOR THE FUTURE:
Assess Ongoing Changes: Business leaders will need to continually be aware of the ongoing socioeconomic situation as the national and international community transitions from the immediate effects of being in-crisis to the “next normal.” Agility will be required.
Act with Risk, and Liquidity, in Mind: Striking the delicate balance between employee safety and the economic ramifications of reopening, organizations will need to consider ongoing risks and their impacts on liquidity. As the “next normal” begins to establish itself, companies will want to continue acting conservatively, maintaining a certain level of reserve in the prevailing context.
2. Secure Remote Workforce:
ACTIONS FOR THE NEXT 30 DAYS:
Assess Mobile Workforce and Help Desk Support: From a mobile workforce perspective, it is crucial to identify and build the structure for ongoing help desk support. The ability to provide white glove touchpoints in the office is unavailable; flexible and potentially sustaining alternatives need to be developed.
Provide Cybersecurity Guidance and Training: Cybersecurity leaders must create guidance and rapidly train employees on the increased risks pertaining to phishing, malicious text, and other forms of cyberattacks associated with COVID-19. Additionally, cybersecurity policies will need to be updated in-line with increased telework and work-from-home initiatives.
Further, employees must be provided with appropriate guidance on password complexity across systems.
Reexamine and Test Existing Technology and Security: Organizations must reexamine how they are using existing technology to enhance security, as well as patching core systems to ensure risk reduction.
KEY RISK FACTORS:
COVID-19 Related Cyberattacks: There is a substantial increase in COVID-19 related malicious attacks. March 2020 saw phishing attacks increased 667%.[1] Leaders will need to communicate and reinforce appropriate protocols for protecting their organizations.
Telework Technologies & Cyberattack Risks: Telework technologies are experiencing heightened cyberattacks. Leaders will need to communicate relevant security protocols, as well as carefully consider the level of security needed within their selected platforms.
KEY CONSIDERATIONS FOR THE FUTURE:
Continue Cybersecurity Efforts: Organizations will need to consider how best to provide ongoing security for new and existing technologies, including telework solutions. This may require reprioritization of previous strategic initiatives to pave the way for necessary cybersecurity efforts.
Secure Home Office Environments: Depending on how the “next normal” is defined, working from home will likely become far more commonplace. Accordingly, organizations need to ensure the appropriate infrastructure and provide guidance as to the best means to secure home office environments. Additionally, device management for remote workers will need to be taken into consideration (e.g., “Bring Your Own Device” policies and capabilities).
Accelerate the Migration to the Cloud: While many organizations were already migrating, or planning to migrate, their technology platforms to the cloud-based storage, COVID-19 has accelerated the need to pursue a cloud-based strategy.
3. U.S. Government Aid:
ACTIONS FOR THE NEXT 30 DAYS:
Determine Private Insurance Coverage: Organizations will need to coordinate and pursue sources of potential recovery from private insurance policies (e.g., business interruption policies), as for many government funding streams the amount of actual or potential insurance recovery can reduce or eliminate funding eligibility.
Strategize & Pursue Government Funding Sources: Companies will need to track federal and state funding sources for which they may be eligible and determine whether those funds will be directly allocated by a government agency pursuant to an established formula or will require an application. Where an application is required, organizations will need to be able to submit a comprehensive application as quickly as possible, balancing a need to ensure approval of the application with, often, securing a place in line to receive funding.
Design & Execute on Compliance Program: Enterprises must assess their existing compliance programs to ensure they have the requisite structure and systems in place to demonstrate compliance with the variable and nuanced requirements of government funding streams. Receipt of government funding is often followed by extensive, searching audits. A robust compliance program mitigates audit-related risks, in particular “claw backs” or “de-obligations” where a government agency demands a funding recipient to pay back all, or some portion, of funds that were awarded because of non-compliance.
KEY RISK FACTORS:
Delays in Government Aid: Distribution of certain federal government funding streams could be significantly delayed. Therefore, organizations must have liquidity strategies in play while awaiting results.
Ineligibility for, or Inadequacy of Funding: Many federal funding streams place strict limitations on the definition of “eligible” entities (e.g., FEMA Public Assistance generally limited to units of state/local government or 501 entities; HUD business funding usually limited to “small businesses” as defined by SBA). Likewise, some funding streams may not be able to fully meet the substantial demands of the market (e.g., additional funding recently allocated to the SBA loan program).
Lack of Compliance Programs: Organizations unfamiliar with the receipt of government funds may not have compliance functions and systems equipped to address the variable, nuanced compliance requirements associated with government funding.
KEY CONSIDERATIONS FOR THE FUTURE:
Government Funding as a Partial Solution: Even for organizations that are eligible for certain government funding streams, that funding likely will not be enough to address the organization’s needs arising out of the COVID-19 pandemic. While government funding can be part of an organization’s solution, it should be one part of a more comprehensive and holistic recovery approach.
Observe & Respond to Future Funding Opportunities: With government funding programs effective on different cadences, organizations will need to remain vigilant in continuing to assess whether new funding opportunities have reached the market.
Promote Awareness for Potential Future Audits: Organizations that have looked to, or plan to look to, government funding as part of their solution to recovering from the impacts of COVID-19 should remain aware of future audits and should take steps to evaluate their compliance program to ensure they are prepared for audits.
4. Business Interruption Claims:
ACTIONS FOR THE NEXT 30 DAYS:
Preserve Documentation: Organizations need to assemble relevant resources for preserving documentation, tracking and measuring losses, and preparing claims. An ongoing log should be maintained. Additionally, organizations should track all relevant customer inquiries and cancellations for comparison to relevant forecasts, outlooks, and backlogs.
Track Direct Expenses: Organizations should carefully track direct expenses incurred to maintain operations and labor expenses.
Pursue Rapid Application: Business leaders should pursue rapid application to relevant coverage sources, both private and government.
Monitor Ongoing Legal Efforts: Additionally, organizations need to closely monitor legal efforts associated with business interruption claims associated with: the CARES Act, Paycheck Protection Program (PPP), and private insurance coverage.
KEY RISK FACTORS:
Inadequate Private Insurance Coverage: Organizations should recognize the risk that private insurance may not provide adequate coverage. Most business interruption (BI) and contingent business interruption (CBI) insurance policy claims are being denied, due to COVID-19 being a disallowed loss trigger and nullifying this risk transfer vehicle. Additionally, government coverage may not provide adequate resources for all organizations.
Slow Response and Application: Organizations take risks by not acting rapidly applying for private and government aid, either due to excessive conservatism or by failure to document losses appropriately.
KEY CONSIDERATIONS FOR THE FUTURE:
Examine Demand and Impact on Business Interruption Coverage: Companies submit for business interruption coverage on a yearly basis. For businesses seeing demand either expand or contract, it will be important to review and consider whether their operating environments need greater or lesser coverage in the “new normal.”
Consider Hiring “Cover Counsel”: To best negotiate BI and CBI insurance coverage going forward, explore engaging cover counsel – law firms that specialize in interpreting and negotiating insurance policy triggers, conditions, exclusions and limits – to create policies that are more likely to respond to COVID-type “acts of god.”
Monitor Ongoing Efforts to Protect Against Future Risk: Organizations and associations, such as the risk management society RIMS, are pursuing legislative and other actions to protect against future risk associated with COVID-19. Business leaders should remain cognizant of these efforts.
[1] Esther Shein, “667% spike in email phishing attacks due to coronavirus fears”, TechRepublic, March 26, 2020.
© Copyright 2020. The views expressed herein are those of the author(s) and not necessarily the views of Ankura Consulting Group, LLC., its management, its subsidiaries, its affiliates, or its other professionals. Ankura is not a law firm and cannot provide legal advice.