Directors and officers in Asia continue to rank data loss and cyber attacks as their leading concern in a new regional liability insurance survey, ahead of health and safety and regulatory breach.
The survey, conducted by Willis in collaboration with Reed Smith, found that 76% of respondents in Asia viewed data loss and cyber attack as very important or extremely important risks. The issue remained at the top of the regional ranking even as other priorities shifted.
The results point to a risk landscape that remains broadly familiar for Asia's boards, but with changing priorities beneath the surface. Data loss, cyberattacks, health and safety, and systems and controls remained among the main concerns, while regulatory breach declined in relative importance and bribery and corruption moved higher.
Corporate crime and so-called failure to prevent offences also entered the group of leading concerns, replacing traditional litigation risk. By contrast, geopolitical risk and artificial intelligence did not make Asia's top seven perceived risks, despite drawing increasing attention in other markets.
This regional picture differs from the global findings, where health and safety remains the top concern. Boards in Asia appear to be focusing more heavily on nearer-term operational and compliance exposures they see as more immediate and more directly controllable.
Rapid adoption of digital tools across the region has added to pressure on directors and officers to oversee cyber resilience, data governance, and incident response. That appears to have helped keep cyber threats at the top of board agendas even as other risk categories have moved up or down.
Artificial intelligence and machine learning again fell outside the top seven in Asia, continuing the pattern seen in the previous year. The findings suggest many boards in the region still view AI as a medium-term issue rather than an immediate governance threat compared with cyber risk or compliance matters.
Regulatory breach was cited as a very important or extremely important risk by 66% of respondents, down from 75% in the previous survey. Even so, the growing complexity of cross-border regulatory frameworks across Asia remains a significant issue for boards operating in multiple jurisdictions.
Bribery and corruption rose to fifth place in the regional ranking at 67%. The change reflects tougher enforcement activity by authorities across parts of Asia, according to the findings.
The report also highlighted growing attention to business crime. Boards are increasingly alert to offences such as money laundering, foreign bribery and corruption, terrorist financing, and fraud, as well as the expansion of corporate liability for failing to prevent misconduct by employees.
Climate change dropped out of Asia's top seven risk ranking. That marks a notable shift from earlier surveys and suggests environmental issues have, for now, been overtaken by concerns more closely tied to cyber exposure, governance, and enforcement.
Board priorities
The findings underline a difficult balancing act for directors and officers in the region. Boards must continue to manage familiar governance risks while responding to a more fragmented operating environment shaped by digital change, shifting enforcement priorities, and a rising burden of oversight.
For insurers and advisers, the results also show how much D&O discussions in Asia are being shaped less by headline geopolitical tensions and more by day-to-day operational exposures. That includes the possibility of claims linked to cyber incidents, compliance failures, and alleged shortcomings in internal controls.
Namit Mahajan, head of FINEX, Asia, at Willis, commented on the changing risk rankings.
"The latest survey findings show that while the core risks facing directors and officers in Asia remain broadly familiar, the order of concern is evolving in line with the region's economic and digital transformation. Data loss and cyberattacks continue to dominate board agendas, underlining the need for strong governance around cyber resilience, data protection and incident response."
"At the same time, shifts in areas such as bribery and corruption, corporate crime and regulatory exposure point to a more complex and fast-changing risk environment for boards across Asia. In this context, organisations need to take a proactive view of both risk management and D&O protection to stay ahead of emerging exposures," Mahajan said.
Boards and senior management teams in Asia are being pushed to strengthen cyber governance frameworks, balance established and emerging risks, and prepare for closer regulatory scrutiny and possible claims activity.
Those pressures are likely to keep cyber resilience, data protection, and conduct risk near the top of the boardroom agenda across Asia, with 76% of respondents still placing data loss and cyber attack among their most important concerns.