11 minute read
Overcoming challenges in HK’S construction INDUSTRY INSIGHT
OVERCOMING CHALLENGES IN HK’S CONSTRUCTION
Whilst still facing major challenges such as supply chain and labour shortages, experts believe that Hong Kong’s construction sector will be well on its way to recovery with the support of two factors.
According to Turner & Townsend’s Hong Kong Market Intelligence Report, the first key to overcoming headwinds in the construction sector is through closer collaboration between developers and suppliers.
“For real estate and infrastructure developers to tackle the current challenges in the Hong Kong market, greater attention will need to be paid to allocating risk fairly between client and contractor. This will enable contractors to build the resilience they need to navigate through and survive unexpected external events,” Turner & Townsend’s Strategic Lead for South China, Daniel Cheung, said.
A collaborative approach will likewise help real estate and infrastructure developers to mitigate the impact of tender price inflation and the competition for resources.
Based on the report, tender prices are estimated to rise between 2% to 4% in 2022.
2022 budget
The other key that will push the sector further to recovery is the measures in the 2022 budget.
Under the 2022 budget, the government has expressed plans to boost the housing supply in Hong Kong, identifying 350 hectares of land for the provision of 330,000 public housing units in the coming decade.
The government of Hong Kong has also estimated the completion of private residential units to average over 19,000 units annually in the next five years from 2022.
Another measure that can help the sector is the proposed $1b fund to train and upskill workers to “encourage the adoption of new materials and modern methods of construction.”
Strong performance from liability, property, and financial lines insurance to boost the industry
Cyber threats to grow HK’s insurance industry
Rising cases of cyber threats is actually helping the growth of the general insurance industry in Hong Kong, which is estimated to reach more than $10b by 2026, a report by data and analytics firm GlobalData said.
The general insurance industry is projected to grow at a compound annual growth rate of 6.6% in terms of gross written premiums (GWP).
According to Jeneshree Sahoo, GlobalData insurance analyst, the growth was going to be driven by strong performance in liability insurance as well as property and financial lines insurance.
Currently, personal accident and health insurance is the largest general insurance line in Hong Kong with a GWP share of 30.8% or $2.2b in 2020. It declined by 4.8% during the pandemic however with the expected easing of restrictions, it is projected to grow at CAGR 5.1% in 2021 to 2026 reaching $2.7b.
Meanwhile, liability insurance is the second-largest line with a GWP share of 23.9% in 2020. It grew by 8.8% in the year, driven by the growing demand for cyber insurance policies due to remote working and increased risk of cyber attacks. Additionally, increased cases of financial frauds in the last few years gave a rise in demand for directors & officers insurance.
Property insurance is also expected to contribute to the growing industry as it currently is the third-largest general insurance line with a share of 18.7%, growing by 13.2% in 2020.
The fastest growing segment is financial lines insurance, accounting for 8.3% share in 2020, growing by 60.7% in the year due to increase in premium prices following the upward adjustment of property values defined under the Mortgage Insurance Program.
Financial lines insurance, which accounted for 8.3% share in 2020, is the fastest growing segment. It grew by 60.7% in 2020 due to an increase in premium prices following the upward adjustment of property values defined under the Mortgage Insurance Program. The remaining 18.3% share consists of Motor, and marine, aviation, and transit (MAT) insurance.
Sahoo said after recovering in 2021, Hong Kong’s GDP growth is expected to slow down by 1.5% this year due to resurgence of COVID-19 cases. However, the general insurance industry will be able to overcome this hurdle, with an increase of 5.7% driven by strong performances of some of its general insurance lines.
“Hong Kong’s low insurance penetration, as a percentage to GDP, at 1.6% provides ample opportunities for general insurance growth. A gradual economic recovery, increasing cyber risks and growing commercial real estate activities are expected to support growth of general insurance over the next five years,” Sahoo concludes.
Increased cases of financial frauds gave a rise in demand for insurance
Personal accident and health insurance is the largest general insurance line in Hong Kong
The privacy conundrum: Tackling the issue of the century
Crypto.com executive and HKB Management Awards winner Jason Lau answers some serious questions on data privacy.
Jason Lau, Chief Information Security Officer at Crypto.com
With the increased digitisation and reliance on technology brought by the pandemic to industries and societies, making sure that these systems are secure became the top priority.
Being an established industry figure for cybersecurity, Crypto.com’s Jason Lau led the company into becoming the first company to achieve new Data Privacy Certifications ISO 27701, NIST Privacy Framework, Singapore’s Data Protection Trust Mark (DPTM), Hong Kong’s Gold Award from the Privacy Commissioner for Personal Data (PCPD), and one of the first to obtain a crypto license in Malta, and most recently obtaining a in-principle approval for a Major Payment Institution License in Singapore. These are just some of the accolades contributing to winning him the Data Privacy - Executive Of The Year Award at the HKB Management Excellence Awards.
Working as the current Chief Information Security Officer (CISO) at Crypto.com, Jason has been overseeing the company’s global cybersecurity and data privacy strategy. He is aided by his responsibility as the Regional Lead, Co-Chair, Advisory Board Member for the International Association of Privacy Professionals and Adjunct Professor for Cybersecurity and Data Privacy at the HKBU School of Business.
“I am extremely humbled to have won the Executive of the Year in the Cybersecurity category at the HKB Management Excellence Award last 2020, and to follow this up last year in 2021 in the Data Privacy category is a privilege and honour given the calibre of the other nominees. I have been lucky that my dedication and commitment at Crypto.com and also within the broader community is being recognised by peers and industry,” said Jason.
A top issue Jason’s award is a testament to how he is taking data privacy seriously. For him, privacy concerns impact corporate multinationals from all industries big and small, through to the user and consumer, as digital transformation drives greater adoption of technology in everyday lives, with accelerated growth being seen from the effects of the pandemic.
Even Apple’s CEO Tim Cook recently said that privacy is one of the top issues of the century.
“From contract tracing apps to individuals and workplaces that are adopting video conferencing and working from home, the world has been thrown into the deep end and organisations are now playing a catch-up game in order to meet the data privacy standards and regulations in order to uphold the privacy rights of the individuals,” Jason said.
What set the tone for corporates to meet data privacy standards is the General Data Protection Regulation (GDPR), when it became effective in 2018, providing one of the most comprehensive privacy regulations to date. Over the last few years, more and more regions around the world follow suit with their own respective regional cybersecurity and data privacy regulations and laws.
“When we look at it from a data security perspective, research has shown that there is one ransomware attack every 11 seconds, and there is a growth of over 20% compared to previous years and this issue will continue to grow as personal data is the new currency for hackers. On top of ransomware, industry data shows that there are 92% of breaches just in Q1 2022 due to external targeted cyber-attacks, so when you look at it from this perspective, prioritising privacy and security data needs to be board-level responsibilities at all organisations.”, Jason said.
Ensuring data protection Jason says that data protection starts with having cybersecurity and privacy strategies supported by those from the top of their organisations.
“Whilst from a very high-level perspective, security is more about the safeguarding of assets, whereas privacy is more concerned with upholding the rights of the individuals,
FROM CONTRACT TRACING APPS TO INDIVIDUALS AND WORKPLACES, THE WORLD HAS BEEN THROWN INTO THE DEEP END AND ORGANISATIONS ARE PLAYING A CATCH-UP GAME IN ORDER TO MEET THE DATA PRIVACY STANDARDS AND REGULATIONS TO UPHOLD THE PRIVACY RIGHTS OF THE INDIVIDUALS
both functions have to work hand in hand in order to achieve this – and it is much harder than you think,” Jason said. He added that different organisations have very different organisational structures, and this is often the first challenge of how to drive a data privacy strategy, and whilst there is no set way to go about this, data privacy in some companies has fallen within the legal team, some have it within the risk management teams, through to some organisations having data privacy being run out of their human resources operation.
Jason pointed out that the key success factor is the existence of a Data Protection Officer (DPO), who helps provide oversight to ensure the organisation processes personal data in compliance with the applicable data protection rules and regulations, and accountability, as well as having a Steering Committee at the top to ensure that the privacy team has transparency of the different projects.
An example of an initiative is their Privacy Impact Assessments for all projects and integrated into Vendor Risk Assessments due to the growing security concerns with 3rd party supplies and maturation of their privacy programme over time, through to contractual Data Processing Agreements to ensure there are clear responsibilities with respect to data protection in a contractual manner and much more.
Jason suggested that companies should also need to be closely connected with their local privacy regulator, where Jason sits on the official Standing Committee on Technological Developments for the HK Privacy Commissioner’s Office. This helps to be up to date with the everchanging rules and regulations, and with one of the biggest challenges to come globally being the new EU Standard Contractual Clauses (SCC) requirement, which come into force December 2022, where all old SCCs would need to have to be transitioned and replaced with new ones which may pose to be a tough deadline for many companies to meet. This will also pose a challenge and a large undertaking for multinational organisations that have complex entity structures operating in multiple jurisdictions, that also have a significant number of vendors which they may be using, making close connections with industry and regulators an essential part of any privacy programme.
Whilst it is a challenging task to drive global cybersecurity and privacy programmes, they are just a very small portion of what goes into the strategy covering people, processes, and technology throughout an organisation.
“If companies want to make the most of their resources to improve their data protection posture, they need to ensure they align and orchestrate their teams to include data privacy in all processes and not just an afterthought at the end and thus bringing in a greater focus on corporate data privacy accountability where DPOs need to be a must-have and not a nice-to-have in order to drive a successful privacy programme in any organisation,” Jason added.
Metaverse and Web3 Looking forward, Jason also identified some of the would-be key privacy issues with rising trends such as Web3 and the metaverse. Jason’s view on it is that Web 3.0’s immersive experience is going to take privacy concerns to a whole new level. This is in stark contrast with the transition from the physical world to the earliest forms of Web 1.0 with mainly static websites and personal sites to broadcast information and limited interactivity.
Having faced challenges over the last years, such as excessive personal data collection for profiling which in turn leads to targeted marketing, based mainly on what users click on when browsing or using a website or app, the Metaverse potentially poses new issues where companies could be measuring everything from users’ behaviour, pupil dilation, and eye movement in reaction to different visual ads and much more whilst wearing immersive VR goggles, something which is not possible whilst you are browsing websites on your laptop.
Other concerns include the treatment of one’s Metaverse personal profile and identity once the unfortunate death of the real life person happens, as there are no clear rules yet governing personal data in a centralised or decentralised metaverse, and many more issues such as cross-border privacy rules and whether there will even be concepts of Controllers and Processors.
For Lau, the emergence of the Metaverse poses many new challenges that are difficult to answer at the moment due to the lack of precedence and its scale in terms of technology utilisation, with all of this needing to be properly debated and challenged before the large tech companies start to develop the technologies.
“In my opinion, at the core of the development of the metaverse, should be ethics; and data ethics should be the common underlying theme for any feature or function in the metaverse. I look forward to more industry sharing on these topics in the future,” Jason said.
Conference Chairperson at the Data Privacy Forum