Locating risk and opportunity in 2022
Risk Types and Ratings Explained
The Risk Ratings are compiled from sources that Control Risks considers to be reliable or are expressions of opinion. Control Risks has made reasonable commercial efforts to ensure the accuracy of the information on which the Risk Ratings are based. However, the Risk Ratings are provided ‘as is’ and include reasonable judgements in the circumstances prevailing at the time. The Risk Ratings provided should not be construed as definitive or binding advice. Boundaries and names shown on this map do not imply endorsement or acceptance by Control Risks.
Political risk evaluates the likelihood of government interference and political instability, and their impact on the business environment. Political risk assesses general political stability and policy issues such as regulatory change, high-level corruption, reputational risk, expropriation and nationalisation, contractual interference, sovereign default and non-payment, and international sanctions. While the rating applies generally to the designated jurisdiction, political risk may vary considerably between industry sectors and investor nationalities.
- EXTREME - The political and policy environments present sustained critical challenges to business.
- HIGH - The political and policy environments are persistently challenging for business.
- MEDIUM - The political and policy environments are periodically challenging for business.
- LOW - The political and policy environments are broadly favourable for business.
- VERY LOW - The political and policy environments are favourable for business.
Security RiskSecurity risk evaluates threats to the financial, physical and human assets of a company, as well as the willingness and capability of public security forces to protect corporate assets and personnel. Factors assessed include military conflict, insurgency, terrorist attacks, strikes and riots, vandalism, kidnapping, and violent and acquisitive crime. Security risk may vary for companies and investment projects because of factors such as industry sector, investor nationality and geographic location.
- EXTREME - Security conditions pose sustained critical risks to business; companies require significantly enhanced security provision to operate.
- HIGH - The security environment presents persistent and serious challenges for business; routine business activities generally require enhanced or specialised security provision.
- MEDIUM - Security conditions sometimes impede business operations; routine business activities may sometimes require enhanced security provision.
- LOW - Security conditions do not impede normal business.
- VERY LOW - The security environment for business is favourable
Terrorism risk evaluates the capability and intent of groups and individuals to carry out acts of terrorism that may impact business operations. Factors assessed include intent to attack targets inside the country; the operational capabilities and likely target preferences of threat groups; and the ability of the authorities and security forces to counter terrorist threats. Terrorism risk may vary for companies and investment projects because of factors such as industry sector, investor nationality and geographic location.
Control Risks defines ‘terrorism’ as the calculated use of violence by non-state actors against state or civilian targets to advance an ideological cause by influencing a wider audience through intimidation. Terrorist acts include bombings, shootings, assassinations, hostage-taking, improvised or opportunistic attacks, and attacks using unconventional weapons.
- EXTREME - Terrorism has sustained critical impacts on business.
- HIGH - Terrorism has persistent, often direct, and serious impacts on business.
- MEDIUM - Terrorism has periodic but occasionally serious impacts on business, mostly indirect
- LOW - Terrorism has occasional, typically indirect, impacts on business.
- VERY LOW - Terrorism rarely or never affects business.
Our cyber ratings evaluate the likelihood of cyber threat actors affecting an organisation’s operations in, or remote workers visiting, a given country. These ratings consider the overall capabilities and intent of state-sponsored threat actors, cybercriminals and cyber activists operating in or targeting the country.
Although each country’s rating refers to the overall threat of significant cyber attacks within that country, it can reflect the predominance of a particular category of threat actor over others, and does not entail that all state-sponsored, cybercriminal and cyber activist groups possess the same level of capabilities and intent. When one of these categories of threat actor has a disproportionate weight in determining the country’s rating, this will be detailed in the country profile.
- EXTREME - Cyber threats pose sustained and critical challenges to business.
- HIGH - Cyber threats pose persistent and serious challenges for business.
- MEDIUM - Cyber threats pose occasionally serious challenges to business.
- LOW - Cyber threats pose infrequent or low-level challenges to business.
- VERY LOW - Cyber threats rarely affect business
Operational risk evaluates the influence of societal and structural factors either facilitating or impeding efficient business operations. Factors assessed include infrastructure; ease of establishing and maintaining a functioning business; ease of recruiting and retaining skilled workers; bureaucratic and business culture; and resilience to natural disasters. Operational risk may vary for companies and investment projects because of factors such as industry sector, investor nationality and geographic location
- EXTREME - Operating conditions present sustained critical risks to business.
- HIGH - The operating environment presents persistent and serious challenges for business.
- MEDIUM - Business faces regular operational difficulties; occasionally these may be serious.
- LOW - The environment is broadly positive with occasional challenges that do not significantly impede business
- VERY LOW - The environment for business is favourable.