Online marketplaces where companies and suppliers can purchase materials directly from manufacturers are the latest wave in Latin America’s Internet revolution. Vertical exchanges designed for a single industry and horizontal exchanges across a range of businesses are reshaping commerce and will eventually transform companies’ procurement, supply-chain management and logistics operations. In recent months, several Latin American companies have created or begun participating in such business-to-business (B2B) exchanges, the most ambitious of which is LatiNexus.

Unlike business-to-consumer transactions, B2B exchanges involve more complex relationships and more money. Pricing is based on negotiated long-term contracts, auctions and catalog purchases. Value, trust and partnerships drive the selection for the e-market or portal, and product availability and speed of fulfillment have added importance.

Strategic risks exist in doing transactions and executing binding contracts with buyers or sellers where there is no prior relationship. B2B exchanges need to verify the existence of legitimate buyers and sellers and authenticate their identities and credit profiles. Businesses also need confidence in the data security of the exchange providing the virtual space where transactions take place. Unaltered and confidential data is critical to avoid leaks of sensitive data and possible repudiation of transactions. The validity of transactions must be enforceable in a court of law.

New types of bonds and insurance products are being developed by insurers to provide the necessary guarantees behind B2B transactions. As risk managers explore the issues, it becomes apparent that a successful exchange requires much more than a forum to display bids and offers.

Companies considering such activities need to identify the risks associated with their participation in, investment in, or sponsorship of an online exchange. A thorough risk assessment should include an evaluation of strategic business issues and problems associated with intellectual property, contracts, privacy, anti-trust, security and business continuity.

The specific questions that pertain to business strategy include whether or not companies that participate in the exchange will maintain one-on-one sales relationships with their suppliers and customers, and whether there are specific membership requirements or qualifications to join the exchange. For instance, it is important to determine whether prospective members must meet financial or technical requirements relating to the product or service being exchanged and whether large purchasers can refuse to do business with a supplier that is not a member of the exchange.

Navigating Legal Issues
Internet-based businesses must navigate a maze of evolving legal issues. Among the most significant is establishing the jurisdiction of laws that would determine whether violations have been committed. The use of the Internet increases the chance for a number of problems to arise, including infringement of business process patents, trademarks, service marks or copyright; plagiarism and the misappropriation of ideas; misrepresentation of goods or services, and trade libel or product disparagement.

The risks of defamation issues, such as libel and slander, may be exacerbated in an online community. Business rivals routinely deride one another in private meetings, but defamatory comments by a competitor on the Internet may prompt legal action. Details such as the presence of hyperlinks to exchange members’ websites and whether or not the exchange sponsors its own chat room, can determine an increased risk of libel and slander.

Contractual issues need to be considered as well. Will bids and offers be displayed to all participants? Will “exploratory” bids or offers be allowed, even when there is no intention to purchase or deliver goods, but just to test the state of the market?

Will the exchange become involved in contracts between buyers and sellers? For example, will the exchange assume risk for a false bid, or for non-delivery or non-payment pursuant to a contract entered into on the exchange? What if a buyer meets an offer on the exchange, but later decides to back out of the transaction? And what if two bids are placed simultaneously for the same item offered for sale?

Who Handles What
Exchanges need to identify their role, if any, in disputes regarding transactions taking place there. What happens if the goods or services sold are not the quality or quantity agreed to on the exchange? Will the exchange have any role in resolving such a dispute? Will the exchange encourage members to standardize their products to encourage more price competition?

B2B exchanges also raise a number of concerns about privacy. Will one seller be able to gain access to the prices or cost information of other sellers? Assuming the answer is no, what are the consequences of disclosure of such information to a competitor? Will the exchange collect confidential information about its members and if so, how will the information be used?

Hacking incidents and distributed denial-of-service attacks have affected leading technology, software and Internet companies in recent months, bringing the issue of security to the forefront. Among the specific risks are: implantation of a virus; hackers or insiders inserting malicious code or creating other complications; spam attacks; theft, loss, or disclosure and/or sale of confidential information arising out of extortion, malicious acts, crimes, and security breaches; and fraud.

More mundane concerns about an exchange’s reliability involve the loss of service due to a capacity management or programming mistake, software or hardware failure, or a power outage.

Managing Online Risks
The first step in e-business risk management is to identify and understand these kinds of online perils. The hazards must be then classified as either direct risks-threats to the company’s operations and assets-or liability risks, arising from third-party claims, lawsuits and regulatory actions. The same incident or occurrence may result in both direct and liability losses.

Perils related to security can be assessed through a combination of policies and procedure audits and system-penetration testing. The key to effective security is to establish procedures to safeguard systems, educate employees on their roles and responsibilities related to security and provide continuous monitoring. Internal audits are also important in this regard. Reliability risks can also be evaluated, by doing a simulated test of the disaster recovery plan.

The valuation of potential losses and risk transfer, through the purchase of insurance, are two paramount issues. To properly assess the potential for financial loss and reduce its severity, online B2B risks require a business impact analysis and the development of a network continuity plan. Evaluation of potential losses through e-business must take into account the uncertain legal and regulatory environment.

Risk transfer is the best way to provide the funds to address these kinds of losses, which can neither be predicted nor prevented. But traditional property, casualty, crime and professional insurance policies may fail to respond to online risks.

Participants in e-business exchanges must consider what kind of insurance the exchange holds to meet risks associated with intellectual property, privacy, contracts, and security, and ensure that the limits purchased are adequate to address the exposures. Insurance for B2B exchanges includes coverage for loss associated with the shutdown of the website of the exchange’s clients or the exchange’s own website.

Current insurance programs that address these risks involve a number of major insurers and provide varying forms of protection and scope. Although the specifics of risk management in cyberspace are evolving along with Internet technology and its applications, with increased attention to its importance in B2B transactions, e-marketplaces should thrive.

Emily Freeman is the national practice leader for e-business risk solutions at Marsh, based in San Francisco. Selina Ericson is an attorney and senior vice president at Marsh, Inc. in charge of financial professional products for Latin America. Michael Gunther in Marsh Mexico and Paulo Baptista in Marsh Brazil also contributed to this article.