Corruption, hooliganism, terrorism, cyber attacks, and robbery were risk-managed so tightly that no such incidents occurred. So how did the authorities achieve this?


The 2018 FIFA World Cup is over but the risk-management lessons are emerging.

Before the event the dangers were considered so grave and numerous that the British Foreign Office among other nations warned people to stay away. Corruption, hooliganism, terrorism, cyber attacks, robbery and anti-western sentiment: it was practically a laundry list of corporate and individual risk.

Yet the fears turned out to be largely unjustified. Most foreign companies, including some of the world’s biggest brands, and their employees got in and out intact after achieving their commercial goals.

So what lessons did the World Cup teach that would stand companies in good stead for future blockbuster sports events that seem to offer the same – or similar – set of risks?

Start early

The big lesson, advises specialist risk consultancy, Controls Risks, which worked with dozens of companies, is to start early on risk assessment and mitigation. Several companies were so quick off the mark that they put resources on the ground and began gathering intelligence as early as mid-2015.

“Don’t rely on the foreign media,” says specialist consultancy Control Risks’ Tim Stanley, senior partner for Russia and CIS, who has lived in Moscow for a decade. “It’s best to get information directly from the ground, for instance from the Russian-language media.”

And be sure to get information from primary sources. In a little-known and invaluable fact-gathering tool, the US State Department set up a special liaison section where American companies could attend regular meetings and share information about the security situation. These meetings also enabled companies to compare the effectiveness of their own arrangements with those made by others. “It was a kind of benchmarking process,” explains Stanley.

With a lot at stake, one of the earliest firms to send in its experts was Allianz. After all, it was insuring some of the biggest assets in the world and had to be confident of their integrity. The stadiums being new, the main concerns were those of crowd safety – adequacy of exits, fire protection, anti-terrorism measures, capacity of medical services to handle everything from heart attacks suffered by overexcited fans to the carnage of a terrorist attack.

Allianz also sent in risk consultants to make forensic assessments of the transport system – rail, highways, buses, road closures. With a giant-sized capacity involved, the insurance giant was also concerned about the public viewing areas dotted around the cities. Its risk consultants looked at the potential risks arising from heavy rain, hooliganism and crowd control.

Third parties

Despite accumulating a treasure trove of intelligence, Allianz didn’t hesitate to seek further information. And that’s another lesson. The firm urges companies to use third parties to bolster their own research. “There are market specialists focusing on safety, security and risk mitigation and it is recommended that companies collaborate with them and supplement their own information,” suggests head of international expansion entertainment, at Allianz Global Corporate and Specialty, Michael Furtschegger.


Nor should companies be deterred by conjecture, rumour and hearsay lest they miss out on big opportunities. As Control Risks points out, several Chinese companies seized the opportunities of global coverage and were conspicuously heavy advertisers at the main stadiums.

Record on security

And given the obsession about security, it’s essential to take a hard look at how the country will tackle these risks. In Russia’s case, it already had a good track record leading up to the World Cup. The 2014 Winter Olympics at Sochi may have been one of the most doped events in history, in fact leading to the outright ban on Russian competitors at the Brazil Olympics, but the security arrangements were rigorous, tough and highly effective. “We worked with companies for the Winter Olympics and we knew the Russians would do a good job,” recalls Stanley. The Russian authorities followed that up with the impressively secure Confederations Cup in 2017, another big football event.

So despite fears of terrorist attacks at stadiums, open-air viewing venues and popular meeting places for fans, no serious events occurred. The security authorities enforced a total ban on drones and planes flying near stadiums. Shipping near the venues was controlled. There was heavy security on trains and planes. The safety of national teams was assured by road closures as they moved from hotels to practice grounds and matches. Restrictions on alcohol were imposed.

No expense was spared in security measures. Just in case troublemakers or terrorists slipped through the net, the authorities installed hundreds of cameras at stadiums. Supported by the latest face recognition technology, security was able to scan people in real time and check them against databases.

Regarding personal safety, in another security measure Russia ordered that every visitor was registered by their hotel, camping ground or other location. Although Moscow isn’t the dangerous city that it was (“the city is very safe now, even at night”, says Stanley), it’s advisable to travel together. “And it’s best not to look too wealthy,” adds Furtschegger.

And in a lesson for other countries bedevilled by violent fans, Russia adroitly took its hooligans – the “ultras” – out of play. The police simply told around 450 known offenders to make themselves scarce during the World Cup or spend it in jail. In an encouraging collaboration, the authorities in UK, Germany, Poland and other countries worked with Russia to prevent known troublemakers from travelling. UK border authorities, for instance, made sure that no less than 1,200 England problem fans didn’t make it to Russia.

Another important lesson – bribes don’t work in the long run. Despite the endemic corruption of which Russia is constantly accused, the best advice is to steer clear of brown paper envelopes. The greasing of palms will only lead to trouble, warns Control Risks’ Stanley. “We advise companies to have zero tolerance on corruption. If you say no, [those people] will go away and find easier targets. A lot of low-level corruption has been stamped out in the last few years.”

Cyber risk also appears to have been exaggerated. Although fears were understandable given Russian security services’ known propensity for hacking some of the most sensitive agencies in the world, it seems that a few simple precautions sufficed, such as not using public-access wifi and not to leave devices unattended in hotel rooms.

Insurers such as Allianz with specialized risk consultants can help here. “Our cyber risk experts assess fire walls, back-up and network security,” says Furtschegger.

Overall, one of the most valuable takeaways from the World Cup is that companies and individual should not be intimidated by the apparent risks. “It’s not bad to be aware that there are risks,” explains Furtschegger. “But companies should thoroughly assess those risks and work to mitigate them so they can be controlled. It’s better than staying away.”