Skip to main content

A Risk Assessment Checklist for E-Commerce

It’s hardly an exaggeration to say that e-commerce saved many lives (and the retail industry) during the COVID-19 pandemic, allowing consumers to buy groceries, clothing and other essentials from the convenience and safety of their homes. In the U.S. alone, e-commerce sales increased by 42% from the previous year and accounted for 13.6% of total retail sales in 2020. Surveys show that many consumers intend to continue shopping online even after health and safety restrictions are lifted, which means the momentum of digital shopping will continue.[1]

However, the very factors that enabled the rapid growth of e-commerce — direct access to consumers, low barriers to entry and 24/7 availability of online platforms — also increases the exposure to a distinct set of risks that could determine the fate of new e-commerce solutions. Here are some of the more pressing strategic and operational risks that online retailers face today, and the actions that risk managers can use to take control of their risk, including making use of relevant data and analytics.


Risk Assessment Checklist for E-Commerce

Strategic Risks


Unpredictable Consumer Behavior - Online channels will certainly see a growing share of consumer traffic relative to in-person stores. But the extent of this shift, and the role of brick-and-mortar settings, remains to be seen. Lower switching costs have undermined brand loyalties and familiar consumer habits, making it even more difficult to project how, where and from whom online consumers will buy. The unpredictability of the postpandemic, omnichannel retail landscape means that e-commerce players need to be prepared for a range of future scenarios.



Reputational Risk - With many options and easy access to information, discerning online consumers are highly attuned to the reputation and the values of e-commerce brands. A handful of highly visible negative (or positive) reviews can dramatically shift demand in an instant. A single advertisement can stoke backlash that reverberates across social media. In this dynamic risk environment, e-commerce players must protect their reputation with a proactive customer service strategy and shape their digital identity to appeal to a new and more critical generation of online consumers.



Competitive Pressures - The low barrier to entry presents both an opportunity and a threat to new e-commerce solutions. In an era of increasing consolidation, successful e-commerce retailers are becoming an attractive target for larger companies, such as Amazon and Walmart, who experienced the largest gains from the e-commerce boom. Last year, the 10 largest retailers accounted for 68% of all U.S. e-commerce sales, with Amazon representing more than half of online sales.[2] These established retail giants can leverage their size, scale and existing digital platforms to dominate the market and continue to pose a risk to smaller e-commerce shops.


Operational Risks


CyberRisk - The most obvious risk to e-commerce solutions is rising cyber threat. Last year, there were an estimated 65,000 successful ransomware attacks — one every eight minutes, on average — and experts predict that it will only get worse.[3] As online retailers grow their business, they become bigger targets for cybercriminals and need to protect themselves and their consumers by investing in the appropriate cyber security measures, such as employing multifactor authentication, keeping systems patched and up to date, installing detection and response tools, prearranging a third-party incident response team, and creating a secure digital culture.[4]



Supply-Chain Disruption - Supply-chain resilience has taken on an additional level of importance and visibility since the onset of the pandemic, and this is even more true for e-commerce solutions. For a business model that revolves around customers being able to place an order 24/7 and expect next-day or even same-day delivery, it becomes even more crucial to monitor and mitigate any supply-chain and distribution risks. Online retailers that source their products offshore also need to pay special attention to geopolitical risks that may affect their suppliers (or their suppliers’ suppliers).


How to Manage and Mitigate E-Commerce Risks

Harness the Power of Data and Analytics

The use cases for data and analytics to help predict and mitigate e-commerce risk are innumerable. Companies can leverage data science to analyze purchasing habits, project consumer behaviors and personalize the digital shopping experience. Artificial intelligence and data-mining techniques can map out a comprehensive view of an entire supply-chain universe (down to fifth-degree suppliers) and model the risk implications. Sentiment analysis and natural language processing tools can also be used to analyze online reviews and customer service calls, generating insights on customer trends that can inform a more agile customer service strategy. This unprecedented amount of data, coupled with the analytics capabilities to extract and synthesize it, empowers e-commerce solutions to continuously monitor their key leading and lagging risk indicators, which provide the critical signals to help prepare for and mitigate impending risks.

Plan for Multiple Scenarios

Assessing and quantifying the risk is only the first step. To take it one level further, e-commerce players need to prepare their response to a range of catastrophic risk scenarios. How would you respond to an online outage or ransomware attack? What actions would you take if your primary supplier were blacklisted, and how would this affect your consumers? What would you do if an influx of negative reviews significantly reduced consumer demand? These are the questions that e-commerce risk managers should be prepared to answer and to revisit at regular intervals to keep pace with volatility in the digital retail space.

Look for the Upside of Risk

The risks that e-commerce solutions face may seem daunting, but they also sustain the conditions under which online retailers thrive. In response to the fluidity of consumer preferences and the competitive landscape, e-commerce retailers have been well positioned to adopt agile practices and quickly recalibrate their business models to meet changing consumer expectations. While e-commerce retailers are more vulnerable to algorithms and the whims of social media, they also have the flexibility to reinvent their brand and identity much faster than a retailer with a physical footprint. All in all, these risks come with extraordinary upside and the potential to create lasting value in the market.

[1] “Logistics Providers See E-Commerce Momentum Continuing Post-Pandemic,” Wall Street Journal

[2] “When You’re a Small Business, E-Commerce Is Tougher Than It Looks,” New York Times

[3] “White House Warns Companies to Act Now on Ransomware Defenses,” June 3, 2021,

[4] “The Ransomware Epidemic,” Aon