Hack attack Liberty CEO David Munro’s biggest test yet?
Loss of clients’ data derails drive to build trust
Attempts by the Donald Gordon-founded financial services firm, Liberty, to change its almost decade-long narrative of shrinking market share in a highly competitive industry were set back this week as it reeled from the news of a hack of clients’ e-mails and other data.
Liberty, founded by the legendary businessman in 1967 and majority-owned by Standard Bank, has largely underperformed its rivals on the domestic front as it failed to retain and attract new clients. On the rest of the continent, it has canned expansion plans that contributed to the axing of its former CEO, Thabo Dloti, last year.
Over the past five years, Liberty’s shares have remained stagnant, increasing by just 1.22% compared to Discovery’s 92.84% climb, Sanlam’s 71.5% rise and Old Mutual’s 38.74% appreciation, spurred by the insurer’s planned return to its Johannesburg headquarters.
This week’s hack seemingly sets back recently-appointed CEO David Munro’s plans to win back investor confidence so that it can regain lost market share domestically.
In recent months it seemed that Munro had at least been winning back faith from Liberty’s parent company, Standard Bank. In an interview on Classic Business, Standard Bank CEO Sim Tshabalala said there was a smile on his face in the sense that Liberty was starting to see some green shoots.
The question whether the data breach will undermine those shoots remains open. There is a lot of trust involved in deciding which insurer to take.
Warwick Bam, an insurance analyst at Avior Capital Markets, said perception was important and in looking at what the hack could do to the prospects for Liberty, it was undoubtedly negative.
“There is basic personal data that you share with [Liberty] just to transact with them, but ideally they want to collect more than that. Liberty’s data breach is a lesson for all insurers that cyber-risk needs to be close to the top of their risk register.”
Bam said the key strategy for Liberty and other insurers was to use trust to collect customer data, which would assist with risk management and product development.
The financial services firm has collected vast amounts of data on its clients over the years.
Bam said Liberty’s customer-centric approach couldn’t be achieved without collecting customer data and for that there needed to be trust between Liberty and its clients.
Munro said it was too soon to say what impact the hack would have on the progress he made at Liberty since his appointment just over a year ago.
“Liberty and its management totally understand its customers’ concerns, and we deeply regret the possible impact of this act of criminality.
“At this stage there is no evidence that customers have suffered financial losses,” he said, adding that the group’s priority was to rebuild the trust of its customers.
The priority to rebuild trust will undoubtedly take management’s attention off Liberty’s stated objective to regain market share in South Africa.
Early this year, in a show that Liberty’s priority was firmly rooted in South Africa, Munro overhauled Liberty’s strategy and cancelled the group’s R160-million plan to acquire a 75% stake in a Nigerian long-term insurer.
Bam said it was now a wait-and-see approach for the market as the full extent of Liberty’s data breach remained unknown.
It was a difficult week for Liberty, with its shares falling sharply.
Rahima Cassim, a fund manager at Ashburton investments, said the speed at which a company reacted to a crisis like the one Liberty suffered was a strong driving force behind positive consumer sentiment towards the company.
Liberty was alerted to the intrusion into its network on Thursday last week, informing clients on Sunday.
“Reputational risk is a strategic risk, so crisis-management preparation and response is imperative.
“Providing colour to stakeholders around the control of cyber risks within the broader strategy and business plan, along with board oversight and accountability of these issues, would be a good start to limiting the damage,” said Cassim.
She said while the perception was negative for Liberty, it could mitigate the damage by providing clients and potential customers with an assurance that this issue would not reoccur in the future.
She said considering that the business was in a turnaround phase, now would be a good time to begin implementing strategic changes to limit cyber crime.
Liberty has indicated that it is in the process of upgrading its legacy IT infrastructure, which is one of the initiatives pushed for by Munro. Analysts indicate that Liberty is at a base-level relative to some of its peers like Discovery and Sanlam, which have a few years’ head-start on the group.
A senior executive with more than a decade of experience with Standard Bank told the Financial Mail this week that “nobody [at Liberty] takes IT seriously”.
Cassim said Liberty should consider holding itself accountable for any losses to clients that might occur in future from the leak of personal information. Such action would create an image of trust and integrity, which is what an insurer like Liberty needed for longer-term growth.
Munro said: “The data that was stolen is largely unstructured. With this experience, many others, including Liberty, have learnt the hard way and we will take all necessary remedial actions once the investigation is complete.”
At this stage there is no evidence that customers have suffered financial losses David Munro
Where there is smoke Share price close Friday June 22 R120.29 June 2013 - June 2018
Liberty CEO David Munro faces an uphill struggle.