Executive Magazine

Cyber(in)securities

by Thomas Schellen March 15, 2017

written by Thomas Schellen

At the center of the cybersecurity issue in Lebanon resides, as with many issues in this country, an unfortunate and seemingly unmovable constellation. In one corner towers the banking sector as the primary force and primary concern for all things economic and also all things digital. The banking industry, as all the expert voices in conversations with Executive about the cybersecurity issue acknowledged, is the biggest target for cyberattacks and the most advanced in awareness, preparedness and spending on cybersecurity in Lebanon.

Crouching in the opposite corner is the public sector. It is limited by severe lack of information technology (IT) spending budgets in general, and cyberdefense in specific. Many ministries are not equipped with a single cybersecurity specialist in their IT departments. In the perception of experts on Lebanon’s cybersecurity, the public sector is in a worse state than the private sector and moreover gives the appearance of being engulfed in complete ignorance of advanced methods to maintain safety and simultaneously be on the cutting edge of internet usage.

Banks have undergone an evolution from a few years ago when they used to rely on having just one individual staff member with security responsibility who reported to the IT department. This was done to comply with a Banque du Liban (BDL), Lebanon’s central bank, requirement that mandated banks to have this security representative. Overall, in the experience of Iskandar Aoun, head of the security department at Banque Libano-Française (BLF), “it was a marginal function”.

According to him, this has changed in recent years as cybersecurity advanced from a marginal matter to the biggest threat for all banks and a major concern to their boards of directors. “This evolution occurred on different levels: the organizational level, the regulatory level, the media level and, of course, the technological level,” he says. On the important organizational level it is common, at least in the sector’s alpha group banks, that the security entity nowadays “is a complete entity with a minimum of five or six staff and reports directly to upper management,” Aoun explains.

The gauss Malware

Deputy General Manager Sleiman Maaraoui, head of Systems, Division Projects and Infrastructure at Société Générale de Banque au Liban (SGBL), tells Executive, via an emailed response, that maintaining first-class cybersecurity capabilities requires a “relatively significant percentage of IT spending” and quantifies the share of cybersecurity measures at around 10 percent of the IT budget. “At SGBL, we have a dedicated team [within Information Technology Security Evaluation Criteria (ITSEC)] to monitor cyberactivity and track any suspicious behavior using cutting edge tools. Alongside, IT teams have dedicated resources to support and maintain this infrastructure,” he says.

Maaraoui confirms that cybersecurity investments have gone up due to the necessity of implementing the latest tech tools and are expected to increase further. “This cost will increase over the coming years to meet targets set by top management and add new functionalities that will provide a seamless integration and an easier adoption by our customers,” he says, citing as an example biometric tools such as fingerprints, voice identification and face recognition.

It seems that the crunch moment in banks’ elevation of cybersecurity to the top in their list of priorities came after the 2012 discovery of the so-called Gauss malware, which had penetrated over 1,600 computers in Lebanon at several of the country’s top banks according to global security company Kaspersky Lab’s count. According to a Kaspersky Lab statement from August 2012, Gauss malware was a “nation-state sponsored cyberespionage toolkit designed to steal sensitive data,” specifically targeting online banking credentials and browser passwords. The malware was said to have been active for more than nine months before it was discovered on some 2,500 machines. According to Aoun at BLF, which was one of six major Lebanese banks which the statement mentioned by name. Several banks that were infected by the malware even refused to declare this fact.

Humble hacking past gives way to risk laden present

As Aoun tells Executive, the risk associated with cybersecurity breaches some 10 years ago was “relatively low” and this low risk was reflected in “humble topologies,” meaning simple physical or logical layouts of the computer networks at every bank. Hacking attacks were slow, often involving days of hackers poking around to find system vulnerabilities, and damage was of the kind that even successful breaches were hardly mentioned, i.e. any damage was below the cost of reputation loss if the breach was disclosed.

“Until now, we did not have a major breach in the area, especially in banks. We have the small [incidents] of fraud where an email sent by a customer asked to transfer money somewhere, and then the bank discovered that it was fake and the request was for a transfer to an unknown account. We did not have major breaches, touch wood,” he says.

In the 2017 environment, however, hacking tools are far more advanced. “All the hacker has to do is send a nice-looking email that contains an attachment or malicious URL link, and all that the end user needs to [do] is double click on the attachment or the URL with the result that malware is installed on the system, and the hacking job is done. The whole environment is infected,” he says, adding that the great increase in risk is reflected in banks having deployed advanced topologies to deal with this risk.

The adjustment to greater cyber risks on the technological level was mirrored in regulatory developments. According to Aoun, every bank has been obliged by the central bank to declare any incident that occurs on its premises, and the central bank evaluates all this information and incorporates it in updates of circulars related to security. He says, “Whether it is physical, a downtime of the system, a cyberattack, data theft, fraud, operational risk or anything [else], you are obliged to declare it to the central bank. We have to declare, and we also have to have a policy to inform our customers about an attack. I can also say that it is better for the bank to inform its customers rather than them finding it out over the internet or through media reports.”

According to SGBL’s Maaraoui, the rising importance of cyber risk has led to its embedding in the bank’s thinking, in addition to all other requirements that occupied the attention of banks, such as anti-money laundering regulations and recent rules on financial standards. “Cybercrime is no less important than compliance pressures or local and international regulatory tightening. This importance has been growing year after year thanks to digitalization,” he says.

In Maaraoui’s words, cybersecurity may not be on the agenda of every board meeting at the bank, but he confirms, “board members are fully aware of threats and challenges faced with cybersecurity.” Moreover, he implies that amidst a whole array of measures to enhance customer protection in contemporary banking, the issue of protection against theft of their banking data and other forms of cybercrime is possibly the most sensitive one. “If sensitive information is stolen or otherwise misused, the public will not see that the financial institution is a victim of a malicious actor, only that it did not properly protect that which was entrusted to it. Regulations enforce severe penalties for non-compliance, while the organization’s public image can be irreparably damaged,” he says.

Banking roads to better security

By the perception of perhaps the most potent company that Lebanese can turn to as a global powerhouse and authority in IT and cyberdefense, Microsoft, Lebanese banks have taken the national lead in cybersecurity measures, but often did so in ways that do not allow them to be on the forefront of digital innovation, warns Microsoft Country Manager for Lebanon Hoda Younan.

“Organizations in Lebanon, even in industries that we believe are advanced, like financial services, are very conservative and do not build on innovation because of fear [of being connected]. They sometimes cut off their people from the internet to protect themselves. We saw this as a reaction to the attack that three or four years ago that reached all banks. If you disconnect, this will definitely protect [you in one way], but it prevents you from innovating. Speaking from the perspective of a Lebanese person who feels responsible, I see that we have a lot to do. We need to build on the experience that the multinationals are giving us when they come into the country, so that we can be more aware and more protective,” Younan says.

According to Microsoft experts, local organizations face challenges that relate to a mindset of placing trust in static concepts of perimeter defense. In choosing a physical gap approach for their cybersecurity, they tend to bet their fortunes, and their lives, on erecting huge walls – in a way that resembles the approach of medieval castellans who build ramparts that were seemingly impenetrable. That approach worked only until trebuchets were invented (as the Microsoft-published game Age of Empires 2 already taught its addicts some 18 years ago).

For Nasser Kettani, Microsoft’s chief technology officer in the Middle East and Africa, to have online banking today is not enough for a bank to be innovative. For them to be able to innovate, he advises banks to develop a mindset for cybersecurity that is adapted to the current time, meaning to focus not on perimeter defense of their networks, but on technology and intelligence that can be obtained from the cloud. Moreover, perimeter defenses can be ineffective against internal hacks, he adds, citing the example of the National Security Agency (NSA) in the United States.

“The ability of banks to innovate in terms of Artificial Intelligence, Internet of Things, blockchain and a lot of things that you can do [is limited] because they have not changed their security posture. What we are finding is that you can expose yourself to the internet and be safe, but you have to change your way of doing things,” Kettani tells Executive. This requires a new security posture, he says, citing gains in security that companies and entire countries can achieve through collaboration.

In the case of Microsoft, the company – which at all times in digital history was a target of hackers – is now more than ever subject to cyberattacks since it moved a few years ago to become a major provider of services on the cloud. It responded to the threat with huge investments in cybersecurity – in 2016 it spent over $1 billion purely on cybersecurity according to Kettani – and also leveraged the data insights it obtained from operating about 200 cloud-based services with 100 billion user logins per month.

“Data collection gives you more insights than you can get otherwise. This volume of data that we see from around the world helps us to get intelligence that nobody else can,” he says. Microsoft uses these insights for building new security tools to protect itself and its customers through different units inside the Microsoft organization and also partners with other IT companies and law enforcement operatives in many countries – for example through national Computer Emergency Response Teams, or CERTs – to extend the umbrella for protection against cybercrime.

Under the common perception of most crime choosing the road of least resistance, the best defense will be one that elevates the criminals’ risk of detection and punishment when caught. Implementing such a strategy in Lebanon, however, transcends the capabilities of banks and other private sector entities. It necessitates legal measures and organized cybersecurity collaboration of private sector players with the state and with one another.

Calls for more government actions

This important need for interaction is reflected in the views of the cybersecurity specialists at BLF and SGBL. Of the important measures that the government should undertake in Aoun’s perspective, one prudent initiative would be to give companies tax incentives on investments into cybersecurity systems to make it as affordable as possible and help smaller players beef up their defenses. According to Aoun, “the government should not impose any tax [on cybersecurity systems]. This will reduce the equipment cost and encourage the banks to invest in security products.” In parallel to incentivizing cybersecurity investments, he advocates secondly, that the government should enforce cyber insurance as mandatory for banks, and thirdly that it should develop national cybersecurity infrastructure. Specifically, Aoun advocates for the creation of a CERT for Lebanon.

“A CERT will issue guidelines, monitor risks and inform banks of attacks. This has become an urgent matter for Lebanon,” Aoun reasons, adding that having a national team will also provide faster information on attacks that happen elsewhere because CERTs communicate with one another across countries. “If there is a threat in one country, they will communicate the information to all countries and every local CERT will communicate with the companies in its jurisdiction to take precautions – this needs government action to legislate. A CERT team will also minimize the phenomenon by which everybody refuses to say what is going on,” he says.

Regarding collaboration among cybersecurity officers of Lebanese banks, Aoun maintains that this issue was raised by BLF in the drafting of a letter to the Association of Banks in Lebanon and was also mentioned in discussions with the Banking Control Commission. The call is for regular meetings or a convention of CIOs (chief information officer) so that these professionals may share their experiences and exchange information with one another, meaning that all stakeholders are provided with immediate information on new risks and incidents.

Also in Maaraoui’s view, there is urgent need for government action on comprehensive legislation. He says, “The Lebanese government is urged to pass a new law that facilitates online transactions, yet ensures its security and authenticity by enabling [the] digital signature and extending it to full digital identity.”

He also recommends that laws to fight cybercriminals should be put in place and that legislative actions in those two regards should be coupled with other laws and central bank circulars to guide banks forward toward “true secure omni-channel experience. The guidance of banks toward ever-increasing cybersecurity should furthermore be accompanied by actions of the Banking Control Commission of Lebanon (BCCL),” Maaraoui opines.

“BCCL should mandate an external, internal and overall ‘security assessment’ to be performed by third-party companies with expertise and certification in cybersecurity, [similar to that of a financial auditor], the results of which are then sent to the bank, but also directly to BCCL,” he argues, citing a similar practice in Luxembourg as an example before adding that not only banks, but the entire enterprise-level environment in Lebanon needs directing toward measures that will prevent or at least minimize “potential financial, but more importantly reputational damage.”

Scenarios faced by insurers

While banks face the dual need to embellish their security – at the same time constantly enhance and evolve their online accessibility and digital services in order to respond to changing customer expectations – and also remain competitive in the face of disruptive fintech startup companies, insurers need to approach digitization and cybersecurity under a somewhat different paradigm. On one hand, they are, just as banks are, financial companies, and thus, attractive targets for cybercrime-syndicates and individual hackers. They therefore must adapt to the digital world in their distribution strategies. On the other hand, they have the mandate to harness cybercrime as an opportunity for providing new insurance services. Moreover, their function extends to demanding that insured parties comply with preconditions for insurability, whether in the form of fire doors in a building or firewalls in a data center.

In the multi-faceted context of being stakeholders in their own cybersecurity and insuring risks of others, Lebanese insurers could find a new boom in cyber insurance premiums, says Max Zaccar, chairman of Commercial Insurance and president of the Lebanese Insurance Association. “In future, cybersecurity could be a huge portion of overall business for insurance, with estimates going as high as 50 percent of premiums to be generated by cybersecurity,” he declares.

Zaccar concedes that there is yet limited understanding of insurance for cyber risks in Middle East. He points, however, to a factor that should make cyber insurance a welcome addition to the product offerings of local insurers. “Most of the cyber insurance risk, if underwritten by local companies, will be reinsured abroad, so companies will not face too much risk of having to pay out of their own pocket,” he explains.

Lebanese insurance companies have some demand from banks for cyber insurance policies, says Fateh Bekdache, general manager of BLOM-Bank affiliated Arope Insurance. “Cybercrime is a delicate subject that is becoming very important. A lot of insurers were reluctant to consider cyber coverage because it is very complicated,” Bekdache tells Executive.

He adds that it is a complex and challenging task to draft standard cyber insurance policies, which will stipulate the coverage terms of such contracts. This is a development in the domain of international reinsurance giants that local insurers observe from the sidelines. “There is a race among reinsurers as to who will draft a contract that is more advanced than that of the other. We are sitting and watching,” Bekdache says.

Another challenging issue is the fact that many companies are reluctant to declare if they have experienced a breach or quantify losses from intrusions, which makes claims management even more delicate. As Zaccar and Bekdache concur, the reported growth of breaches in Lebanon is high, but it is only the tip of the iceberg and statistics suggest that local organizations, just as companies everywhere, in their vast majority do not report their breaches.

Numerous recent reports by international consultants, banks and insurance players have highlighted cybersecurity as a growing area of business and insurance. Bank of America Merrill Lynch was quoted as estimating the cybersecurity business to represent on average 6 percent of IT expenditures, which was worth $75-77 billion in 2015 and projected to reach $170 billion by 2020. A 2015 report by PricewaterhouseCoopers sees cyber insurance as a “potentially huge but untapped opportunity for insurers and reinsurers,” estimating worldwide annual gross written premiums as set to grow from $2.5 billion in 2014 to $7.5 billion at the end of the decade.

Lloyds of London said in a 2016 report that over 90 percent of large European businesses surveyed had experienced a data breach, and 51 percent were worried about being hacked by cybercriminals for financial gain. However, only about 50 percent were aware that cyber insurance coverage for a data breach is available and many were equally unaware that cyber insurance not only provides a pay-out after a cyberattack, but also helps with expert consultancy during a crisis.

Moreover, most of the market, up to 90 percent, is currently in selling cyber insurance to companies in the United States. Given that cyber risk is a globally universal growth phenomenon, the estimates for future cyber insurance needs seemingly cannot be overstated.

To take the discussion of cyber insurance in Arab countries forward, the Lebanese Insurance Association and the General Arab Insurance Federation are collaborating to convene a digitization conference this May in Beirut. According to Zaccar, the first day of the two-day event will be dedicated to new digital distribution channels and the related issue of digitizing insurance services, while the second day will be dedicated to cyber insurance and the Lebanese law enforcement perspective on cybercrime.

March 15, 2017 1 comment

Protect us from the modern plague

by Executive Editors March 14, 2017

written by Executive Editors

When modernity was sending out its first rays of thought in the Enlightenment Age, thinker Thomas Hobbes wrote speculatively that the natural state of man is “war of all against all.” Overcoming the universal conflict to him was the central historical argument for the formation of states. Captivating and influential as his frightful idea of constant warfare as man’s original modus operandi was, it stands in history as a construct that could not be corroborated. We desire peace and are accustomed to existing in an interplay of conflict and harmony, in which we grudgingly live through periods of war, only in hope of a new peace. Until now.

More than ever before, the digital age could bring mankind closer to a situation of, albeit virtual, war of all against all. This is not talk of some online game. Cyberwarfare, cyberterrorism and organized cybercrime comprise a devilish triangle that is growing more sophisticated, more intense in its attacks, more devious, more profitable and greedier by the minute. Microsoft’s Chief Technology Officer for the Middle East, Nasser Kettani, tells Executive of assumptions that cybercrime will grow from a $500 billion impact on the world economy in 2015 to a staggering $4 trillion impact by 2020 (see overview). Cybercrime already reaps more profit than the illicit drug trade, but if the projections above prove correct, the impact of cybercrime will scale up from less than 1 percent of the world’s GDP to over 4 percent in just a few years – the International Monetary Fund (IMF) projects world GDP for 2020 to be $93.6 trillion.

This is bad enough for an illicit economic impact and sure to bring about unwelcome distortions to the societal equilibriums within states around the world, raising the specter of the type of disorder that existed in Prohibition-era America just before the Great Depression. What is even more frightening is that nobody is safe from deliberate cyberattacks – no government, corporate entity or individual. Under most social contracts of the modern age, people trusted their states with what sociologist Max Weber called the “monopoly on the legitimate use of physical force” in times of peace because they expected the state to guard them, broadly in line with Hobbes’ reasoning about the state’s role and raison d’etre.

Protection

This protection was never complete. Interpersonal violence and organized crime were the troubling exceptions to the state’s power of protection. But now, in the digital age, it seems that disruptive forces – whether cybercrime-syndicates, terrorist organizations or even hostile states – are punching many holes in the protective ability of nation states over our digital lives, which are increasing in importance as the new dimension that is being added to human existence in the internet age.

Even in full awareness of the many challenges that Lebanon’s (almost) elected parliamentarians face in this time, Executive calls for urgent implementation of the long overdue legislation on our digital rights and the best possible protection by the Lebanese state in the digital world to its citizens and residents. In the long run, digital rights may very well be as important as the voting rights, on whose timely implementation this year Executive insists in the sharpest form possible. For Lebanese citizens and the economy, the state’s contribution to protection against cybercrime through appropriate legal frameworks with stiff penalties will be vital, and so will be the implementation of best defense capabilities through a national Computer Emergency Response Team (CERT).

The world today is full of global dangers and policy challenges, from weapons of mass destruction and ever present dictatorial or totalitarian tendencies to technologically generated scourges. Lebanon, in addition, has its specific political plagues and worries. But let’s not forget that the greatest challenge to social contracts is the challenge to keep the lid on the human capacity for evil and that the noblest challenge for the state in this regard is to protect its people in their freedom. This makes it important for Lebanon to ward off cybercrime and cyberwarfare in the best possible and most globally integrated way. And there is much to do.

Lackluster cybersecurity

Lebanon is presently two decades overdue with its law on digital signatures. The public sector is short of cybersecurity experts in many ministries. Private sector financial players, namely our banks, are leading in awareness of the importance of cybersecurity, but there are still many issues to be solved in cyber protection of financial institutions, and of the still under-aware and under-concerned companies in other industries.

We are lacking legal penalties that can deter cybercriminals and need the legislative framework, budget and skilled experts to develop a national CERT (computer emergency response teams) as a core element in our cyber defenses. By all expectations, cybersecurity will be one of the most important issues globally in 2017 and beyond. We thus encourage the security agencies to speed up the development of national preparedness for cyberattacks. Most importantly, we call on the Lebanese Parliament and the executive branch to pass and implement necessary cybersecurity legislation now.

March 14, 2017 2 comments

Cybersecurity Overview

The battle between good and evil goes virtual

by Thomas Schellen March 14, 2017

written by Thomas Schellen

The serpent’s tale is a powerful narrative that has captured man’s attention over millennia. The contemporary version of the story goes something like this: the digital garden at first was created as a lush world filled with smart gadgets, useful computer programs, fun games, social networks and great business opportunities. People were delighted with these gadgets and used them freely to their hearts’ content. But then a snake entered this garden and hid in the undergrowth.

This serpent was more cunning than all of the gadgets and programs in the garden. It told people that they could partake in superior knowledge, if they just clicked on its emails and attachments that promised innocent fun and untold riches. But when the people listened to the snake and clicked, viruses and Trojan horses were unleashed and infested the digital garden. Thus, evil was released and proved impossible to eliminate.

In 2017, this ancient serpent is only too real. It is called malware and has reached a proliferation rate that is mind boggling and difficult to comprehend. What does it mean for individuals in the digital world that more than 1 million new malware tools come into existence every three days and that their number keeps growing? Or that more than 500 million personal records were stolen or lost in 2015, according to the 2016 Internet Security Threat Report?

How can an average user visualize, in front of their inner eye, that according to the Cisco Cybersecurity Report 2017, spam email increased from 500 spam messages per second in 2012 to 3,500 spam emails per second in 2016? Moreover, what can one do to protect their mobile phone? At the world’s largest congress for innovation and products in this sector – the Mobile World Congress (MWC) last month in Barcelona – security companies like Intel took this opportunity to turn our attention to the vulnerability of our beloved smartphones and pushed their various solutions, such as multi-factor authentication and home security platforms.

Numbers concerning the impact of breaches on businesses are just as bad. According to Cisco’s report, which was released at the end of January, of the organizations that experienced cyber breaches, more than one-fifth lost customers after a breach, almost one-third lost revenues, and close to one-quarter lost business opportunities. Serious damages – more than 20 percent losses of customers, revenue or opportunities – struck about 9 percent, 11 percent and 10 percent of breached organizations, respectively. There are reports by the bucket, which all have in common that they generally document the steady increase of cybercrime and also show that average costs per breach can be life-threatening for small, medium and large businesses.

Growing threat

Actually, whichever source one checks, all numbers about malware are bad, as malware is growing rapidly. But it is not only mass that matters. The student hackers of before, who did their hacks simply because they could, are still around, as are ideological hacktivists and small-time crooks. Yet the really malignant cyberactors today can be crime syndicates, terrorist organizations and even states. Cyberattacks are no longer like aiming a shotgun on a flock of small birds in the indiscriminate expectation to hit any one of them. They can be as surgical as a remote-controlled scalpel, hitting deliberately sought-out targets that can be a specific bank, government agency, any large corporation, small company, or even a single family or an individual.

With improved organizational skills on top of the high rate of proliferation and the increased sophistication of attack instruments, it is estimated that cybercrime will expand exponentially for years to come. Given a growth rate of internet viruses that would make any ethical company blush with shame for expanding so fast because it would be a sign of being either unsustainable or exploitative, the economic infestation of the digital world with cybercrime is predicted to grow eightfold in impact by the year 2020.

It can hardly come as a surprise, therefore, that there is an increase in cybersecurity conferences in the Middle East this year (the Executive calendar of regional conferences last month listed four conference headers containing the word “cyber” for the period between February and April 2017, up from one event in the same timeframe in 2015 and two in 2016). It is also unsurprising to see the internationally growing flood of alarming reports from the cyberfront, which generally mix dreadful warnings about cybercrime damages, with a pitch for selling this or that cybersecurity service. But, it nonetheless bears repeating that cybercrime is projected to reach $4 trillion in four years time – nota bene about the same magnitude as the GDP of Germany.

Clearly, it has not escaped companies around the world that the only thing we can safely say about our digital lives is that they are not safe. Banks are the biggest prize for many cybercrime syndicates where 2016 and the still young 2017 saw some spectacular international breaches. One large recently reported case involved Lloyds Banking Group in the United Kingdom. Claiming in an overview of its business to be the UK’s largest digital bank with 12.5 million online customers, Lloyds Banking Group has 818 billion pounds in assets (2016) and includes Lloyds Bank, Halifax Bank and Bank of Scotland. It was attacked in a distributed denial-of-service (DDoS) assault in January 2017 and for two days was under heavy data fire.

This breach also got a lot of attention because it had been preceded only months before by another successful cyberattack against a UK bank. In that incident it was TESCO Bank that suffered online thefts amounting to about 2.5 million pounds in total. The bank, which has more than 7 million customers, reported that roughly 9,000 customers each had as much as 600 pounds (approximately $750) siphoned from their accounts and pledged to refund those losses within 24 working hours. But, last year’s biggest incident in the financial markets was the criminal exploitation of the SWIFT interbank messaging network via an intrusion into Bangladesh Bank, the country’s central bank.

According to a December 2016 statement by security company Kaspersky Lab, this incident constituted “the [world’s] biggest financial heist” and used SWIFT-enabled transfers to steal $100 million, of which many millions appear to have not yet been recovered. According to reports, SWIFT has since updated its network through a global payments innovation (GPI) messaging platform and is asking member banks to take better cybersecurity measures.

Banks in Lebanon are clearly awakening to the challenges they face in the digital realm, or they are at least more aware than they were some years ago, said several Beirut-based cybersecurity experts. Moreover, every local cybersecurity consultant or company that Executive talked to said that banks constitute between half and 80 percent of their clientele. However, it seems that there is much room for improvement in the cyberdefense strategies of Lebanon’s banking industry, and there are open questions about the statuses of their cybersecurity measures. Some experts said that they found holes in the protection of some banks, and a surprising number of Lebanese banks told Executive that they preferred not to give interviews about cybersecurity issues, citing their “sensitive nature”.

The state of Lebanese cybersecurity is much foggier when it comes to the private sector economy outside of banking and the public administration in this country. From missing experts to non-existing budgets and weak awareness, the picture of cybersecurity in civilian government agencies is, politely said, dim and very different from developed countries.

In the United States, for example, the federal authorities are major cybersecurity customers. There is even a specific assessment of this market that estimates annual federal investments into cybersecurity with a recent forecast for spending to grow from $18 billion in 2017 to $22 billion by 2022, at a steady compound annual growth rate of 4.4 percent. In the European Union, regulatory cyberframeworks of international consequence have been adopted in 2016 and the EU’s General Data Protection Regulation – with steep fees for violators of privacy – will come into force in 14 months, in May 2018. In the UK, the new National Cyber Security Centre (NCSC) – operating since October 2016 – was inaugurated last month by Queen Elizabeth. The NCSC was created as an authority on cybersecurity, with a mission to improve cyber resilience.

Lebanon seems to be nowhere near similar levels of readiness found in the public sectors of the developed world. This is problematic for a number of reasons. There is no doubt that Lebanon has its share of state-level enemies which have a vested interest in creating any sort of impairment for the country’s development or obtaining sensitive information from public administration units. In addition, 2016 made it clear that age-old hostile behaviors of states (reminiscent for example of the Cold War era) have gone digital, such as seeking to influence a country with propaganda or manipulating elections with fake news.

Government agencies in the Middle East had a very recent reminder about the danger of targeted cyberattacks against them, attacks that were very damaging and possibly involved state sponsors. The Shamoon 2 virus made a repeat appearance in Saudi Arabia in January, after viruses from this family have hit the country twice in the past. Shamoon 2 targeted and disrupted at least 22 institutions, Al-Arabiya reported, including several ministries. Remarks made by government officials from several GCC countries at a cybersecurity conference held last month in Saudi Arabia said that there was an increase in attacks on their countries. Moreover, there are numerous initiatives in Gulf countries to embellish cyberdefenses and legal frameworks.

The defensive wall

In a broader picture, the global landscape of cyberthreats and defenders (see infographic below) has its villains that are growing more powerful and sophisticated from year to year. The malware arsenals of villainy are stocked with a wide variety of tools: viruses, their variants, such as worms which are self-contained malware and Trojans which disguise malware as innocent or useful programs, and further sub-variants from rootkits that give illicit administrator-level access to a computer or network to ransomware that blocks the legitimate owners’ access to a computer.

Across from these cyberattackers and their arsenals stand the other stakeholders in the digital world. They use perimeter defenses such as firewalls, preventive approaches such as assumed-breach policy, early detection instruments such as threat monitoring, forensic tools and skilled defense centers such as SOCs and CERTs, and most of all try to fortify the entities most vulnerable to falling for cyberattacks – the human being in the digital world – through training and awareness building.

All non-villainous stakeholders in the digital world are in one of two general categories: those that are primarily targets, like financial companies, utilities, the industrial sector, education institutions etc., and those that are defenders against cyberattacks, like specialized software companies and cybersecurity consultants. The borders between stakeholders that are targets and those that are defenders importantly are fluid: cybersecurity and defense is everybody’s affair and some of the leading contributors to the protection of the digital world against evil attacks are the large software and systems multinationals, network operators, integrators, device manufacturers and all companies with large IT departments.

Infographic by: Ahmad Barclay

March 14, 2017 0 comments

Business Investment Roundup

Roundup of numbers and sentiments

by Thomas Schellen March 8, 2017

written by Thomas Schellen

After a long and depressing dry spell that made local markets yearn for fresh investments, the Lebanese investment climate is looking up, says Jamil Koudim, the head of the asset management team at Beirut-based Banque Libano-Française (BLF). He presides over a family whose offspring has just doubled from a single fund to two. After the BLF Total Return Fund, which saw its inception in September 2012, the team put to effect the BLF Income Fund in November of last year. This new fund is open-ended, denominated in dollars and focused on fixed-income instruments. “We have mainly government bonds, central bank [certificates of deposit], maybe preferred shares of banks [in the portfolio] and any other fixed-income securities by institutions or corporations, and securitized products. Any fixed-income security is our market for this fund,” Koudim explains.

Though Koudim concedes that funds of this type are already offered by several Lebanese banks, the more significant part of the story surrounding the new product is its international attractiveness. He says that this rise in appeal is evidenced in the fact that financial entities outside of Lebanon have shown interest in this fund, and other local investment products. Koudim goes on by stating that what makes the new Income Fund (I.F.) alluring is the extra earnings potential that is encased in the possibility of Lebanese economic performance improving beyond expectations, which would enable the I.F. to provide returns in excess of its normal target. “If you offer an investment product, you have to be satisfied with the market that you are looking at. This is where the story is. We really think there is upside to [the Lebanese market] following what we have been through. We view last year as worsening of the economy, but the swap transactions [by Banque du Liban] put a floor to that,” Koudim tells Executive.

Attractive stability

He adds that he met with several representatives of international funds during a recent trip to London and that these funds, as well as some banks in the Gulf region looking for country-focused funds to recommend to their clients, are all showing an increased interest in financial investment opportunities in Lebanon. International funds were aware of the 2016 financial engineering measures adopted by Banque du Liban (BDL), Lebanon’s central bank, but their resurging interest was mainly based on political factors. “Their focus was more on the political outlook and political stability, both domestically and regionally. Syria is very important and the war of the past years is [now supplanted by rising stability]. All this is positive,” Koudim says.

[pullquote]

No economist in the survey expected growth of less than 1 percent for the Lebanese economy this year

[/pullquote]

His message of upside potential and optimism correlates with other recent local mood indicators for the economy in both soft and hard data. A January 2017 Economena survey of 17 economists working at Lebanese banks, universities, corporations and institutions found that the median expectation of the surveyed economists is for 2.5 percent growth of GDP in 2017, Economena referred to this as a “particularly bullish sign,” which was yet above the International Monetary Fund’s (upwards revised) projection of 2 percent growth. No economist in the survey expected growth of less than 1 percent for the Lebanese economy this year. Some even estimated growth to exceed the 3 percent real GDP growth projected by the International Institute of Finance for 2017.

According to the monthly EcoNews publication of bank SGBL, a consumer confidence indicator for Lebanon by regionally active ARA Marketing Research reached 161 points in the fourth quarter of 2016, which represents a 66.5 percent year-on-year increase, signaling the highest confidence level since 2011. EcoNews also pointed to economic upside potentials from oil and gas prospects, tourism, real estate, exports, external political relations and what it called a “rare domestic political breakthrough in late 2016.”

Optimistic views were also reported from a recent roundtable by the Lebanese Institute of Strategic Affairs (directed by economist Sami Nader), which said that the “enterprise landscape in the region is booming” and that Lebanon – albeit slow in embracing entrepreneurship as a drive for economic growth, and thus, not yet having developed to its full potential in this regard – “has gone a long way in developing its environment for entrepreneurs.”

As far as hard indicators from the banking sector, the Lebanon This Week (LTW) publication of Byblos Bank reported from Beirut Stock Exchange filings of six listed banks, that the aggregate net profits of these six banks rose 12 percent year-on-year to $1.36 billion in 2016.

Rich deposits

Alone, the country’s largest bank, Bank Audi, published headline numbers of $44.4 billion in assets, $36 billion in customer deposits, $17.3 billion in loans and $3.8 billion in shareholder equity. Its net profits came in at $470 million, representing a 17 percent year-to-year increase, accounting for about 35 percent of the aggregate profits reported by listed banks, and, nota bene, a new record profit in line with the expectation noted in the year-end issue of Executive.

While assets grew moderately, and net loan portfolio dropped 2.9 percent in year-to-year comparisons, Bank Audi noted that these dents in its figures were connected to currency depreciation in its largest two markets outside of Lebanon, Egypt and Turkey. When calculated on a constant exchange rate, the growth rates of consolidated deposits and loans both would have been 10 percent in 2016, the bank said, marking a difference in spirit to the opening sentence of its statement on its consolidated activity highlights in 2016, which read: “The year 2016 was difficult for the entire Middle East and North Africa region.”

Consolidated figures for the performance of Lebanon’s 14 largest banks were not yet available from specialized consultancy Bankdata at time of this writing, but total assets of banks operating in the country grew 9.9 percent to 204.3 billion at the end of 2016, according to central bank numbers. Based on Bank Audi’s publication in Lebanon Weekly Monitor (LWM), the growth of activity was higher than in 2015, and also higher than in the average of the past five years, by 78 and 61 percent respectively.

Customer deposits accounted for almost 80 percent of sector balance sheets and grew by $10.9 billion in year-to-year terms, or 7.2 percent. Of this total deposits growth, $8.6 billion, or 79 percent was in foreign currency deposits. Deposits in Lebanese lira (LL) increased by the equivalent of $2.3 billion. Deposit growth more than doubled from $3.1 billion in the first half of 2016 to $7.8 billion in the second half. Growth of resident deposits and non-resident deposits both showed uptrends from one quarter to the next throughout 2016, with the rise of resident deposits being more pronounced between the two.

[pullquote]

Not all the signs for the Lebanese economy have switched from red to green, yet the mood indicators are more positive than in recent periods

[/pullquote]

Whereas Lebanese Lira deposit growth was lower than in 2015, the growth of deposits in foreign currency exceeded that of 2015 by about 153 percent. The composition of deposit growth reflected the influence of BDL’s financial engineering operation in the May to October period and related offers by banks seeking to attract foreign currency deposits in the course of the QE exercise. The dollarization rate of deposits increased by 90 basis points to 65.8 percent.

Lending growth in 2016 was of $3 billion, a drop from the $3.3 billion seen in 2015. Two-thirds of the loan growth in 2016 was a result of an increase in the Lebanese Lira denominated loan portfolio, which was driven up by the central bank’s financial engineering, as intended. Foreign currency denominated loans rose by less than $1 billion. “Lending activity growth yet rose by a healthy 5.4 percent,” the LWM said.

Byblos Bank’s LTW noted that total banking sector assets and deposits at the end of 2016 were equivalent, respectively, to 393 percent and 312.7 percent of GDP and that these rates-to-GDP were higher than in 2015. Loan-to-deposit ratios were 38.8 percent in foreign currency and 28.2 percent in Lebanese liras. According to LTW, gross foreign currency reserves by the end of 2016 stood at $34.03 billion, having dropped by some 0.71 billion since the end of October last year. The year-on-year rate of increase, however, was up to 11.06 percent.

Not all signs for the Lebanese economy have switched from red to green, yet the mood indicators are broadly more positive than in recent periods. But while BLF’s Koudim highlights the good story for Lebanon that is entailed in regional scenarios of more stability, and domestic scenarios of budget and reforms for taking Lebanon in a more bullish direction, he makes a point that the known domestic downside scenarios of high risk and large public debts could be exacerbated “if the political hopes do not materialize.”

He elaborates: “We have seen that international investors, which normally are underweight on Lebanon, are now all interested and want to allocate a certain amount of money to trading Lebanon. What could turn things [back into negative sentiment] would be disappointment in terms of reforms, [and] in terms of political stability.”

March 8, 2017 0 comments

Access to Information Law Special Feature

A step toward transparency

by Jeremy Arbid March 8, 2017

written by Jeremy Arbid

After nearly a decade of preparation and debate, Lebanon’s Parliament finally ratified an access to information law in January. The country is consistently perceived as corrupt, according to global watchdog Transparency International, and Lebanon does not rate highly on the World Bank’s ease of doing business index. Enforcement of this new law might, over time, help improve those rankings, as well as the business investment environment and the quality of services the government provides to the public – all while coercing Lebanese authorities to be more transparent and accountable to the citizens. The law came into effect in February but, while this magazine has not yet put it to the test, its implementation could face some obstacles, and another law is still required to establish a key body crucial to define what information actually is accessible.

Obstacles

The law prescribes that virtually all government entities publish key documents showing indicators of each office’s performance, such as an annual report, orders and decisions, and office expenditures. Government offices are required by law to publish these documents online, but a number of these entities do not have websites, so it is unclear how soon they would be able to comply with this particular aspect.

The law also outlines a process by which specific information can be requested from the government (see Executive’s explainer and accompanying infographic below), detailing what is to be published and laying out the stages accompanying any request. The law is a welcome and positive step toward improving transparency and public accountability, civil society stakeholders tell Executive, but there will be challenges in requesting information and in appealing requests that are denied.

The law calls for the establishment of an anti-corruption commission (ACC) that would serve three primary roles. First, it would act as a watchdog by investigating allegations of corruption. Second, as an educational entity guiding public servants in filling requests and informing citizens’ awareness of their right to information. Third, it would serve as an advisory body consulting authorities on whether information should be disclosed or remain confidential. Establishing the ACC requires additional legislation that is still in subcommittee at the Parliament, according to Ghassan Moukheiber (see Q&A with Moukheiber below).

The fact that the ACC is not established as the access to information law goes into effect is a concern at multiple levels. Administrative records could be hard to track down because, based on observational evidence, they’re neither regularly digitized nor systematically archived.

Public officials, innocently or not, might not include pertinent information in the required documents to be published automatically on their offices’ websites, or they might deny requests simply because there is no culture of disclosure within the government, says Dany Haddad, a former consultant for the Lebanese Transparency Association, the local chapter of Transparency International. The law is “asking them to be like the private sector, where you have to report about your work, but the public sector has never done this,” Haddad says. The ACC would be instrumental in defining what information is disclosed, and without it in place there is no central authority deciding how narrowly to interpret information that is exempted from disclosure. The law lists broad categories where information would not be accessible, including: professional and trade secrets; private information relating to individuals and open court cases; minutes of confidential government meetings; opinions issued by the State Council; and state secrets relating to security, foreign relations or the economy. So, hypothetically, Banque du Liban (BDL), Lebanon’s central bank, could cite banking secrecy in a refusal to deny figures on its stimulus packages.

The ACC would also be the authority ruling on appeals to denied or ignored requests. But it is just one of several avenues of appeal, Moukheiber says. While the law prescribes that the State Council will rule on appeals of ACC decisions, it does not clearly outline where appeals should be heard in the absence of the ACC. “You always have to ask, what if we don’t establish the anti-corruption commission? Will this law be null and void? The answer is no,” Moukheiber says, adding that Lebanon’s common law of administration allows appeals of denied requests to be heard by the State Council and other courts. But, he admits, this could be open to interpretation. “I’d say you have three appeals possible: you can go to court; you can pursue disciplinary prosecution of administrative recourse to force the administration to give the document; or, after it’s established, appeal to the anti-corruption commission.”

That is worrisome, says Ayman Mhanna, executive director of the Samir Kassir Foundation. “My concern is that the law specifically says where the appeal should go,” a risk, he says, that could push the courts, or the State Council, to back away from ruling on appeals. “They could say ‘the law states the appeal should go to the [anti-corruption commission], therefore we cannot look into it’,” Mhanna adds.

How is it useful?

Access to information is not just about digging up the government’s dirt or exposing corrupt practices. “There is a very strong role for journalists,” Mhanna says, “very often people look at access to information only from a confrontational point of view. I think this approach is needed, but it’s not the only way to get results.” Access to information can be used in a very constructive and non-confrontational way to improve the quality of journalism, especially investigative journalism. Government-produced reports and statistics can inform long-term planning on public health issues, for example, by international donors and on-the-ground nonprofits providing health care access. Data measuring the sectors of the economy can also help foreign and local investors make decisions about where to put their money.

That information might take the form of up-to-date statistics, reports or internal government correspondence that could help business executives make decisions that impact their companies’ bottom lines long into the future. One of the complaints often voiced in Executive’s interviews with business owners, executives and managers is a lack of economic data (often because the government has neglected its collection or dispersion) across a number of indicators.

The law could help attract foreign investment and enhance the business environment by improving market transparency. Lebanon is ranked 126th out of 189 countries in the latest edition of the World Bank’s Doing Business report, a ranking of great concern, the minister of economy said in comments published last month in Executive. That the law requires government offices to publish annual reports, expenditures, decisions and reasons for making those decisions is, to the business community, less about corruption and more about indications of how those offices are governing and how they will in the future. More information could encourage investors to put their money to work in Lebanon.

While Transparency International measures the perceived levels of corruption, an index that consistently ranks Lebanon as a very corrupt country, there are no overall figures on the cost of corruption to the Lebanese economy. What is available are self-reported bribery payments by individuals seeking help in processing paperwork or securing other government services. Those bribes are tallied by Sakker el Dekkene, a local watchdog. The 2,543 self-reported cases of bribery since the organization began its tallies in 2014 totaled nearly $2.6 million. But that data gives only a limited picture of the scale of bribery and is only a first indicator of the total cost of corruption.

Then again, access to information and the substantial reduction of corruption are major tenets of goal 16 of the United Nations Sustainable Development Goals. “National and local institutions must be accountable and need to be in place to deliver basic services to families and communities equitably and without the need for bribes,” the UN says in response to why goal 16 matters. How does one do that? By exercising the right that Lebanon’s law now grants: to request information and hold public officials to account.

“The challenge of this law is implementation,” Moukheiber says. “But it is also a challenge for people to use it. For people who ask if it’s going to be enforced or not, I say that the proof is in the pudding, as the saying goes. You have to use your right, even if you’re denied. It is resilience that’ll lead us to the fulfillment of our rights.”

Q&A with Ghassan Moukheiber

E What will be the role of the Anti-Corruption Commission (ACC)?

The Anti-Corruption Commission is responsible for a number of tasks, in addition to hearing appeals [if access to information requests are denied]. It receives complaints related to the implementation of this law, investigates and issues decisions. It advises competent authorities on every issue. So if you’re an administration, and you’re uncertain whether [a piece of] information has to be disclosed or is confidential, it acts as an advisor. It publishes annual reports about the implementation of the law. So it’s a watchdog on the law, and it contributes in education and raising citizens’ awareness on their rights to access information. It’s a watchdog, it’s an education entity, it’s an appeal [body] and it’s an advisor.

E Who might be selected to sit on the ACC’s board?

The members will be nominated by third parties such as the courts, the bar associations, the auditors’ association and the banking association. So the Council of Ministers will appoint members from the ones that are nominated by third parties, and its operations will be totally independent.

E What is the status on forming the ACC?

It’s in subcommittee and is going to justice committee. So it’s in an advanced phase of drafting. In the absence of the anti-corruption commission, it is the role of the prime minister to oversee the proper implementation [of this law] by all ministries because the prime minister is the coordinator of all ministries. You always have to ask, what if we don’t establish the ACC? Will this law be null and void? The answer is no. Because you always have judicial recourse.

E Do you feel that now there is an appetite for reform?

It is necessary to complete our institutional build up for fighting and preventing corruption. [The ACC] is a tool to prevent corruption. And it’s only a tool, a necessary condition, but it is not a sufficient condition for fighting corruption. It is necessary to have transparency but that does not fight corruption all by itself. [The ACC] is not sufficient. It’s a piece in the puzzle, but an important [one].

E Is there other legislation that would complement access to information?

There’s the whistleblower protection, which is ready. I was surprised to notice that it was sent to another committee, but we are trying to get it through as quickly as possible. We are also in the last phases of drafting a new bill, a modification of a current bill on tacit declarations and illicit wealth. That’s also almost completed and will be sent to the justice committee.

Explainer

The access to information law prescribes that virtually all government entities – including public administrations, judicial authorities (civil and religious), municipalities, state-owned enterprises, private companies managing public assets and government concessions such as Electricite du Zahle – are required to automatically publish: an annual report and the laws, decrees or decisions they issue and the rationale behind issuance; and expenditures on their websites. A number of these entities currently do not have websites, so it is unclear how soon those offices could comply with this aspect of the law.

The law also allows for specific requests of information held by the government. Any individual or organization can request access to view and receive copies of the requested information, paying only the cost of printing. Requesting information is a relatively straightforward process. The requester simply sends a letter describing the documents or data sought to the office(s) that might have the information. The office(s) must immediately acknowledge receipt of the request and has 15 days to deliver, but can extend the deadline for another 15 days to track the information down.

Accessing this information however, could be problematic on both ends. While the government is slowly scaling up digitization of administrative records and some public entities do already have records accessible online, they have not always been consistent with the physical documents.

Information requests relating to national security, foreign relations, financial and economic interests of the state and safety of the national currency, individuals’ private information, including mental and physical health records, and trade secrets can be denied under this new legislation. Following a maximum of 30 working days after submission the requester should either receive the information or be given a reason why the information was not available.

There are procedures for requests that are denied. An appeal can be filed within two months from the date of the request’s denial or after the 30 day period if the request has been ignored. The body responsible for hearing appeals of denied requests, the Anti-Corruption Commission (ACC), is not yet established (see Q&A with Ghassan Moukheiber). In lieu of the ACC appeals can be directed to the judiciary, but there are questions as to whether judicial authorities would hear appeals that the law specifically states should go to the ACC. The infographic illustrates the request and appeal process.

Inforgraphic by: Ahmad Barclay

March 8, 2017 1 comment

Economics & Policy

Interview with a public servant

by Thomas Schellen March 8, 2017

written by Thomas Schellen

As part of our quest for highlighting possible future avenues of progress in the Lebanese Republic, Executive discussed the issue and importance of the 2017 budget with Alain Bifani, director general at the Ministry of Finance. In the course of the interview, the general director also commented on the systemic aspects of the public administration’s work to draft the budget and diligently reconcile national accounts, on planned revenue measures and on the benefits that an efficient civil service can bring to Lebanon.

E Is the Ministry of Finance, like all Lebanese public institutions, short of qualified manpower?

We are very short on manpower in general and on qualified manpower in this regard [for auditing]. One of the main things that was achieved [in reconstruction and reconciliation of national accounts] was to again provide the ministry with knowledgeable people. The function of the public accountant had disappeared, because it was not taken seriously in the past. So while people were on the job, we had to teach them how to be a public accountant and state of the art [practices] for handling public accounts.

E So you created a subspecies of a very important profession?

Absolutely.

E Was there any evidence from your work on the accounts that there was any large-scale corruption occurring in the years which you examined?

My job as a public servant is to provide Lebanon with proper accounts. I am not a judge to audit and I am not an MP to question. What matters to me has nothing to do with the political debate that is taking place. What matters to me is that when I am done, Lebanon will have proper accounts. It is mandated by law that we send the accounts to the Court of Accounts when we are done with them. Then they go to Parliament. It is up to them to decide if this was on purpose, if it was wrong or right, when mistakes happened.

E What about suspicious contracts when amounts suddenly go up?

This should have already been [scrutinized]. When it comes to contracts, you have ex ante and ex post control from the Court of Accounts.What we are doing is reconciling and reconstituting accounts, for instance if you have a revenue that was not registered as a revenue but is still pending in a temporary account. Or say something was paid to enterprise A and has been registered as paid to enterprise B.

E So you would not judge if something occurred because of incompetence, misinformation, or laziness as opposed to corruption, but you could say if there were incorrect numbers in the accounts?

Yes, I think everybody agrees that there is an enormous amount of incorrect [data] but it is not my job to determine why. My job is to correct and to flag [incorrect statements]. I have to say that the civil servants that we have, have done a fantastic job in reconstituting these accounts and this in itself should send a very positive message to the Lebanese and the whole world. We are improving the system and we mean business.

E I recall that at the time of debating the introduction of value added tax (VAT), there was a lot of doubt among the Lebanese public and international observers that the Lebanese Ministry of Finance could institute a VAT and supervise the implementation on time, but the ministry succeeded surprisingly fast.

I love this example because introduction of the VAT was my first main challenge at the ministry. We started working on the VAT system at the moment I joined and when we introduced it, I still remember that this was the first time the public had to acknowledge that civil servants in Lebanon accomplished this task alone and introduced a VAT, without consultants and huge outside teams. We also have been providing technical assistance to at least seven countries in this region on VAT, through our civil servants, and even consultants have asked for assistance from our civil servants. This totally contradicts the story of the inability of the public sector in Lebanon.

E My understanding is that the remuneration of Lebanese civil servants is not exactly at the top of the world.

No, it is not (smiles).

E When Lebanese civil servants thus go to help with a VAT project in the region, is there some special remuneration or honorarium?

There are two formulas. When they are still civil servants and go somewhere [for such a project], they are not paid [anything outside their salary]. The only thing paid is ticket and hotel by the host country. The second way is for a civil servant to take a leave of absence and they are then taken on by the World Bank or similar institution on a short-term contract. But this doesn’t happen often. Most of the time we just send people because we want to strengthen our ties with those countries.

E Would you say you are a model ministry of Finance for the Arab region?

In a few aspects, yes. Let’s not push it too far. We are aware of the fact that there is still corruption in our system and that there is still inefficiency. What I like to compare is where we are now and where we were a few years ago, and I do this comparison every year. Most taxpayers will tell you that it is amazing how different tax authorities have become. What we want in the end is not to be liked by people, but to be respected because we are doing our job properly.

E Why in the world did you join the Ministry of Finance? Was it the money or reputation?

It was definitely not the money. I was not programed to be a civil servant. When the position was proposed to me, I was 31 and I thought that it would be a fantastic exposure at my age. I was not planning to stay for long when I joined, but you are caught up in the huge number of projects that you have to do and I see myself as a permanent project manager. On the other hand, I am very proud to be a civil servant. There is nothing wrong with coming from the public sector; one has to be proud of serving his country. The two facts – challenging projects and that you are serving your country – made me stay.

E When I think of civil servants, they did not have the reputation of being the most industrious in mid-20th century Germany of the, but the Prussian work ethic of the duty-bound civil servant and their system of managing state accounts was in the background of success in building a national entity back in the time when Germany was an assembly of mini-states.

It is very interesting that you say that. To everybody who is telling me that “you cannot change this country and we have always been corrupt and inefficient”, I say, “Look at Europe in the 19th century”. Europe in the 19th century was basically about very corrupt administrations and weak states, and it was only this push towardspublic administration that made them what they are today. If it took them decades [to build an efficient administration], nowadays it can take less time and we really have to believe in that.

E In hindsight then you don’t regret the length of time you have spent at the ministry?

I don’t regret the length of time. I only regret that everything that should not require a lot of time [to accomplish] takes a whole lot of time. For example, when we worked on the debt administration, I wrote the first law to create the debt management directorate in 2002. This was passed in 2012. The first draft law that I wrote after I joined the ministry was about insider trading, about which there was no law in Lebanon. It was finally voted upon in 2011. Sometimes it was very frustrating but all together, it was worth it.

E There are many activities happening on the levels of cabinet and Parliament now after a long hiatus, for example with regard to the rent law. How do you adjust the planning when such a thing happens like adoption of a law with consequences on costs and finance?

Whether you have new expenditures or new revenues, it has to go through a law. Every time there is a new law, we immediately begin work to assess the impact of the law and propose the budgetary lines that come with it. Normally we would also try to find revenue with the law.

E Are there proposals for new revenue measures then?

Yes, and many of them have already been approved by MPs but not been voted upon. This is because many were discussed when MPs were discussing the salary and wage rate of the public sector.

E So this will be revenues in order to finance the public sector salary scale or the needs related to the rent law?

This is how the media and the politicians sometimes talk about it but there is no allocation for revenue in our system.

E So it is fungible money all the way?

Everything is fungible and meant to finance the whole budget.

E Can you specify some of the revenue proposals?

Yes. The public knows most of them. There is the story of taxing real estate capital gains for individuals. These are totally tax free, which is totally not logical. Then there is the increase of the 5 percent tax on interest rates and a slight increase on the income tax from 15 to 17 percent.

E For individuals or corporations?

This is on corporations. Plus there are issues with [increasing] stamp duties.

E VAT?

We don’t know yet if the government is going to be willing to talk about VAT, but for the time being it is not an approved measure. As far as I know, there is nothing yet in this regard.

E How about treasury advances and arrears that need to be balanced in the accounts. Is that a problem?

No, we have already balanced all of this to the penny. There is legal action that needs to happen and that is to close the advances. It will happen either now or with the closing of the accounts.

E Does the issue of the salary scale for public servants at this point give you still any headaches or sleepless nights?

The salary scale is a distortion from the past. Had the government in those years [when salary increases were suspended] respected the law and given the salary increase every year, we would have never had this problem today. Now we have the problem of an administration that is not paid properly. This is a fact and if we want Lebanon to again become a leading country in this region, we have to fix the situation of the administration.

E What makes you say this?

Because if the administration is of a lesser quality, then automatically the whole economy becomes of a lesser quality. It reflects on the private sector. What we need to do quickly is to provide Lebanon again with the means to become a hub and reference for the region. This has to start with the public sector. This does not mean we have to overpay people, or pay them to do nothing, or have bloated administrations. It means that people [in civil service] have to earn what allows them a proper and respectable life. It is unthinkable to tell civil servants “either you live on what you have and are miserable, or become crooks and take advantage of your position because you are not going to be paid a decent salary”.

E It was the impression already in the early 2000s that there was not so much large-scale corruption as much as petty corruption stemming from putting civil servants in a position where they have to become enterprising in some way because they cannot survive on their salaries. How do you see this?

It is also true that it is in the culture and [thus it is also an issue of building a culture of honest and respectable public service]. When you have honest people, it is true that even if they starve, they remain honest, and if you have crooks, they remain crooks even if you pay them well. But [you have to take care of] the vast majority that is in between [perfect honesty and total corruption]; you have to reassure them. Once they are reassured [in their positions], they have the resilience to say no [to corruption] and declare “we want to be recognized as decent people”. It is so difficult to all the time be accused without reason, simply because you work as a civil servant.

E A fair wage for rank-and-file public servants is long overdue, but do you think that would drive reform for the larger structural changes Lebanon needs?

Take the whole problem of this country. Why has Lebanon not been able to reform itself? Why are we not able to change whatever needs to be changed? It is because typically the part of the population that [drives and implements reforms and change] is the middle income group. The poor are unable [to effect change]. The very powerful don’t need to change anything. The simple fact is that the whole public sector, which includes the military and all [similar agencies] makes up a huge chunk of the Lebanese population and is not paid according to what it should be paid. If we had a strong middle income [segment in the population] this would boost [both] the administration and the private sector. Recreating the middle class in Lebanon is absolutely critical for this country. One point of entry to [the process of] doing so, and also for the private sector to become vibrant again, is to correct the wages and salaries in the public sector. This is critical.

March 8, 2017 0 comments

Leaders Opinion

Dashing our hopes for reform

by Executive Editors March 8, 2017

written by Executive Editors

Back in 2013, Parliament extended its own mandate in part to allow it more time to agree on a fair and representative electoral law. Instead of spending four years working toward this goal, the legislature did very little with the four extra years in office it granted itself. From the second the ink dried on Parliament’s second term extension (remember, the four years were granted in two chunks), it was clear a new law needed to be agreed prior to February 21, 2017– the date on which the current law says voters must be welcomed to the polls scheduled for May 21.

Missing that deadline is inexcusable. When President Michel Aoun assumed office in late October 2016, it was clear the government formed as a result of his election would be short-lived, with a very narrow mandate: choosing a new electoral law. Instead of immediately getting to work on agreeing to a more fair and representative electoral law during cabinet sessions, this debate has been held in secret among political parties. While some of the work cabinet and Parliament have done since December is important and helps build confidence (such as passing the oil and gas decrees and legislating the right to information), political life in this country is once again seemingly grinding to a halt, evidenced by deadlock over not only a new electoral law, but over the country’s first budget in more than 10 years.

At the moment our economy needs confidence more than anything. Even if the political class had passed a “reformed” electoral law, there is no doubt it would have been fine-tuned to best serve the parties in power. So while we defend and still hope for the actual implementation of the constitution (including elections free of sectarian quotas and creation of a Senate), we realize getting there will be a slow process. In the immediate term, we simply need the government to meet the minimum requirement of holding parliamentary elections as soon as practicable.

Parliament Speaker Nabih Berri recently set April 17 as a new deadline by which a decision on an electoral law must be made. Our politicians cannot miss another deadline. We want the process of drafting a new electoral law to be transparent. We want that law to be fair and representative. We are, however, realistic and reluctantly accept that reform might not materialize this year. No matter which law is used, we demand elections in 2017. We’ve waited long enough.

March 8, 2017 0 comments

Editorial Opinion

Recourse to reform

by Yasser Akkaoui March 7, 2017

written by Yasser Akkaoui

I can remember hiding from the bullets and bombs in the bathroom with my mom and brother. My father was out trying to earn a living, and the worry that he would not make it home made me sick to my stomach on a daily basis. We lived in hell as militias destroyed this country and its once-strong economy and currency. When we finally escaped, we headed for Canada. Arriving as immigrants, we were graciously welcomed and provided with every right the developed country had to offer. Except one. The most precious right. The right to vote. We were told that only after we proved worthy would that right be granted to us.

The men who literally destroyed this country were somehow entrusted with rebuilding it. They have unequivocally failed. This country is a crumbling mess, when it has the potential to be a regional economic powerhouse. The gross mismanagement is shameful. We have the drive and the talent, what we need now are elected officials who will take immediate action to improve Lebanon’s physical and legal infrastructure.

Take the national approach to cybersecurity, for example. We don’t have laws to protect citizens online, much less laws to enable and nurture business development on the web. Hell, we don’t even have the infrastructure for modern internet connections. Passing laws and investing in infrastructure are low-hanging fruit the people have been begging for over the last ten years. This is simple, but our politicians are deaf. Instead of a booming digital economy, we have broken promises and draft laws ignored by an arguably unconstitutional Parliament.

The failure to find a fair and representative electoral law is unacceptable. I’m sick to death and angry, but sadly, not surprised. In the 1980s, our politicians were combatants who did not respect our right to live. Why would they respect our right to vote 30 years later?

Let’s not lie to ourselves, there is no real opposition to the ruling class in this country. We call ourselves a democracy, but our election results are no different than those in dictatorships. People took to the streets to protest during the garbage crisis in mid-2015. Today, as our most precious right is being stolen AGAIN, the streets are silent.

We must begin to fight back. We deserve a standard of living that is very easily within reach. It will not take a generation to pull us out of the mess we are in, if we take the work seriously. Our problems are very well understood. Solutions are literally on the table. We need parliamentarians willing to work for Lebanon, and no matter which electoral law our princes decide on, we must stand against them.

Stealing back just a few parliamentary seats at a time would be a win. We need unity and focus. We have the ideas as well as the solutions. Let’s make sure our grandchildren do not end up hiding in a bathroom or queuing in an immigration line.

March 7, 2017 0 comments

Hospitality & Tourism Spirit Industry

Of spirits and whiskies

by Nabila Rahhal February 28, 2017

written by Nabila Rahhal

Whether it’s a vodka cocktail while dancing at a club, a glass of wine over dinner, a single malt paired with a cigar after a long day, or even arak to go with the Sunday mezze spread, alcohol is often a significant aspect of the lives and habits of many Lebanese.

And while every individual has a preferred poison, the global drinks market still promotes popular spirits and creates worldwide trends that will eventually make their way to Lebanon’s consumers.

Executive met with some of Lebanon’s major spirits distributors to learn more about their achievements the past year as well as the latest trends and consumption habits in the world of booze.

Toasting to a good year

While acknowledging that 2016 had been a tough year in general for the economy in Lebanon, all the distributors Executive spoke to reported double digit growth in their spirits sales in spite of national and global market stagnation.

The managing director of Etablissements Antoine Massoud (EAM), Anthony Massoud, attributes the company’s growth to “good dynamics in the spirit’s category”.

Two years ago, EAM launched The Malt Gallery, a specialized whiskey and premium spirits retail outlet that sells EAM’s brands as well as those of other distributors. Massoud says the liquor store has contributed to EAM’s growth, explaining, “In our spirits portfolio, we have two components, which are the distribution stream and the retail stream (The Malt Gallery). They are both growing.”

Gabriel Bocti and Diageo Middle East North Africa (MENA) say growth in their companies was in part due to security stabilization in Lebanon toward the second half of 2016 that led to an increase in expatriates and tourists visiting the country. Ziad Chami, head of marketing at Diageo explains, “When a lot of people are coming into the country it is better for our industry in terms of on-trade consumption as most venues were fully booked. This is positive for the tourism economy, and, as a result, positive for us as well.”

Meanwhile, Carlo Vincenti, CEO of G. Vincenti & Sons, ascribes increasing growth in spirits to their acquisition of six major brands. In addition to acquiring the distribution rights for No. 3 Gin and Angostura Rum (the brand was already present in the Lebanese market but with another distributor and in its bitters category only), Vincenti took over the distribution of The Edrington Group’s national portfolio, which includes the blended whiskey Famous Grouse, the single malt Highland Park and the high-end single malt The Macallan.

Usually spirit distilleries have long term relations with their local distributors, this has been changing recently.According to Vincenti, The Edrington Group switched distributors because they felt their brand vision aligned with that of G. Vincenti & Sons. Vincenti confirms, “Knowing the capabilities of Vincenti in marketing and distributing brands, they see it as more fitting their own vision and perception of their brand.”

The fallen spirits

However, this growth in 2016 was not across the board, and some spirit categories in fact declined in market performance. According to Vincenti, national sales of standard and non-premium blended whiskey consumption have been slumping for the past four years, with consumers being more in favor of bourbon or malt whiskey. While some distributors reported a growth with their vodka brands, others said sales were dropping because vodka consumption is largely associated with nightclubs as opposed to at home or cocktail bars, which was still a growing trend in Lebanon in 2016.

Division Manager at NeoComet, KFF Food & Beverage’s spirits distribution arm, Tony Mazloum, told Executive that although standard blended whiskey continues to outsell other whiskey categories, the company has started to invest more in high-end and premium brands. Malzoum explains, “Our goal is to stabilize the existing business, which is the standard whiskey. [Those brands] still [represent] the biggest share of the market although their share is decreasing as people are shifting to premium, and this is where we are spending our budget for marketing and communication.”

[pullquote]

The fastest growing segment of whiskey is single malt

[/pullquote]

Gin growth

With the world becoming more of a village, global trends in spirits are finding their way to Lebanese consumers a lot faster than ever before, says Jeanine Ghosn, managing director of Gabriel Bocti. Mazloum agrees, explaining that young Lebanese are consuming more gin as they buy into a global trend that sees this spirit as a healthier option due to its botanical ingredients.

Ghosn believes that in parallel to its global popularity, the rise of gin consumption in Lebanon is a result of an increase in cocktail bars across the city. These bars create a lot of gin-based cocktails and as a result “the bartenders became our brand ambassadors,” she explains, adding that their gin brand, Hendrick’s – which they introduced in 2012 – has seen triple digit growth.

Chami also reports that Diageo has seen growth in their gin sales, but adds that this growth is measured from a nationwide low baseline. He confirms, “Gin is of a much smaller base when compared to whiskey or vodka, but it is growing. We do see gin being a fast growing segment, driven by cocktails such as gin basil.”

The malt revolution

With the success of specialized retail stores such as The Malt Gallery, boutiques such as The Cask and Barrel or even events such as Whiskey Live (a whiskey tasting event that took place on December 2016 at Le Yacht Club that was attended by approximately 2,000 consumers), it is easy to believe that the biggest market growth of 2016 was in the sales of premium and single malt whiskey.

All distributors Executive spoke with reported significant growth in their single malt brands. While Massoud says they started to notice an increase in single malt consumption as of 2008, the category truly spiked two to three years ago. “The fastest growing segment of whiskey is single malt, but it is also coming from a much smaller base. Single malt consumption in Lebanon represents 1 percent of the whiskey market but there is increasing demand on it as whiskey drinkers become more discerning in their tastes,” explains Chami.

According to Massoud, the single malt’s popularity is part of a global trend toward the “premiumization” of spirits. “Worldwide there is a trend in alcohol toward premiumization, meaning drinking alcohol which is perceived to be better. While in vodka it is translated into visual details such as the bottle design or texture of liquid, in wine or malt whiskey you have history, craftsmanship and variety of production that is astounding. As such, single malt, because of premiumization, was the natural evolution of whiskey drinkers,” explains Massoud.

Vincenti believes that malt whiskey is causing an uproar because of its complexities when compared to other spirits rather than simply being a new market trend. “While there are different spirit trends going on, they don’t stimulate interest as much as single malts because the single malt category is so rich in history, production and education. You would rarely see this hype over gin, for example, although premium gin is a category that is increasingly consumed in Lebanon.”

Breaking the ice

In the past, drinking single malt whiskey was somehow seen as stuffy, but Ghosn explains that distillers such as those of Glenfiddich have worked to create new niche markets. “We tried to break the ice with the consumer and communicate the message that you drink malt the way you like it. It’s true that there are ways to make malt consumption more enjoyable but in the end you drink it the way you like it and there are no rules,” she says, adding that this has led to more young adults discovering the pleasures of drinking whiskies such as Glenfiddich. Vincenti agrees, explaining, “Today, young consumers are looking for an alternative whiskey choice and don’t want to drink the whiskies of their fathers and grandfathers. They want a whiskey that is more identifiable to their lifestyle and image, which is the bourbon category since it is much smoother and easier to drink, and opens a wide variety in that you have different tastes for different moods.” He gives the example of Jim Beam premium bourbon that comes in different flavors such as Jim Beam Honey or even Jim Beam Apple, which is particularly suitable for summer and easier to drink.

Capitalizing on young adults’ desire for new experiences, Mazloum says Fattal is introducing innovative ways to promote their premium whiskey brands that would appeal to their age group. “To win over new consumers, keep up with the trends and grow the business of Scotch, we moved over to mixology. We are introducing cocktails that use single malt and premium whiskey through initiatives that bring it closer to millennial consumers,” enthuses Mazloum, giving the example of their Scotch Egg Club, where food is paired with whiskey at an event to which they invite young bloggers and influencers.

Setting the scene

According to Massoud, the wide variety of single malt whiskies at the Malt Gallery means consumption is reliant on the mood of the moment and specific brand names have therefore become less important. “While it is important to have brands, and we do so, single malts are like wine in that they are more about the mood and the moment. It is interesting because we get to see consumer habits, and we noticed that when it comes to whiskey, the consumer is all about variety. They rarely stand by just one brand, because taste evolves as the drinker matures in age and experience,” explains Massoud.

For Vincenti, premium whiskey consumption mostly takes place at home, adding that,“Because 50 percent of malt whiskey consumption happens at home, presence in off-trade through specialized shops or displays in supermarkets is important. Single malt is really strong in social home gatherings as it’s a sign of prestige where you honor your guests by sharing a special single malt with them.”

Similarly, Ghosn says gifting premium and malt whiskies accounted for a big percentage of their sales in December 2016, highlighted by their presence in specialized retail shops. “We don’t cater just for on-trade, the big chunk of the business for us is in retail. The developments in the upper trade (specialized retail shops) are a great vitrine for us, especially now that there are a lot of events at home, due to the fact that purchasing power among locals is low,” says Ghosn, explaining that a bottle of premium whiskey at a retail shop would cost less than it would at a restaurant or bar.

The malt’s future

All distributors Executive spoke with believe there is big potential for malt consumption to grow even further in Lebanon, but such growth depends on educating the consumer.

Both Vincenti and Massoud say that the main reason they opened their specialized whiskey venues is to promote the single malt world through master classes and tastings. “There is a growing interest among Lebanese consumers for single malt, and although their percentage remains small, it is our mission is to make it the biggest possible through education,” says Massoud, explaining that while in distribution they focus on their brands, in The Malt Gallery, their aim is to enhance the single malt category in Lebanon as a whole.

Although The Cask and Barrel has only been open since September 2016, Vincenti says they have been “overwhelmed with feedback” about the boutique, which only showcases Vincenti’s spirits. “Consumers are receiving a lot of education right now, which is what they need. Through our Cask and Barrel premium boutique we have been holding weekly master classes and whiskey tastings. We have different formulas for people to come in and learn more about the single malt world. It’s a huge diversified world that the Lebanese are eager to discover,” enthuses Vincenti.

Still, whether it’s savoring a glass of single malt, sipping a glass of wine or enjoying a cold beer, one thing is for certain: you will surely find what suits your tastes in Lebanon.

February 28, 2017 1 comment

Hospitality & Tourism Ski Season

The power of a snowflake

by Nabila Rahhal February 26, 2017

written by Nabila Rahhal

Someone must have been smiling down at Lebanon this past December. For the first time in at least five years, it snowed early enough in the year that the Cedars Ski Resort – home to Lebanon’s highest accessible peak at an altitude of 2,870m – began welcoming skiers on December 4 with the country’s remaining ski resorts following suit a few days after (all ski resorts were open by December 19).

The slopes were in full swing over the winter break and therefore able to benefit from the increased activity brought on by locals, expats, Lebanese on holiday and some tourists, launching the 2016-2017 ski season on the right foot.

The snow economy

If the weather continues to bring in snow, this could be one of Lebanon’s best ski seasons in a while. This means that not only will resort operators reap in the profits of a full season, but so will the various businesses surrounding the resorts that range from the small grocery store owner to the five star hotel operator.

During the winter season, the economy of the resort towns is snow-centric. As a spokesperson for Kfardebian’s renowned French restaurant Le Montagnou puts it: “It’s very simple: when there is snow, we all – the village and all the restaurants – work extremely well and are busy. When there’s no snow, we suffer.” But with the ski season lasting two months at best in recent years, resort owners have realized that for them to remain in business, they have to promote themselves as a summer destination as well.

With these dynamics in mind, Executive took a closer look at some of Lebanon’s leading ski resorts to discuss their achievements to date and their expectations for the rest of the season and the summer.

Skiing among the Cedars

The Cedars Ski Resort is Lebanon’s oldest ski destination. As the owner of Cedars’ Alpine hotel Joseph Rahme recalls, wealthy Palestinians used to visit Lebanon in the 1920s and enjoy winter activities such as snowshoeing in the Cedars even before a proper ski resort was set up.

The first téléskis – or T-bar ski lift – was installed in 1959 by Les Teleskis Des Cedres (Cedars Ski Resort), a company formed by four friends (from the families Fakhry, Keyrouz, Rahme and Sukkar) who rented the land where the resort currently stands from the municipality under a long-term contract. Today, their children have taken over management of the company.

In 2004, the company invested $20 million into a complete modernization of the ski resort, including installing three new chairlifts and other modern equipment. A five star hotel, a few restaurants and a baby ski area were part of the second phase of renovation plans, but this all came to a halt with the onset of the 2006 July War.

Ever since the war, the low level of activity in the resort along with the internal instabilities and regional insecurities that surround Lebanon have discouraged the company from further investment or completing their plans. “As partners, we work in the resort and somehow make ends meet, but we have not returned our 2004 initial investment and are now investing only in the basic operational needs,” explains Elie Fakhry, one of the current owners, adding that it is all the more difficult to consider spending more on such a project when it is only seasonal.

Yet, Fakhry sees hope for the resort and the area for several reasons. To begin with, he believes there is renewed interest in the Cedars and speaks of the increased activity in the area during the summer due to the Cedar Music Festival, which was brought back by Strida Geagea in July 2016 after a long absence. Indeed, Alpine’s Rahme says his hotel was fully booked during the nights of the festival.

Also, a 150,000 square meter chalet resort project – rumored to be a joint venture between Saradar Group and Carlos Ghosn – already broke ground and has Fakhry hoping it will help attract other investors to the area once complete, thereby increasing the land value.

Finally, the election of a president and the stability that Lebanon seems to have been enjoying since could encourage tourists to return, many of whom frequented the Cedars given its nearby attractions such as the Cedars of God forest or the Gibran Khalil Gibran museum.

However, should these tourists flock to the resort to ski it would require a major upgrade in infrastructure. The roads leading to the resort are narrow, so the company has already worked with the municipality on rerouting them to allow for better traffic flow. While the resort can accommodate 8,000 skiers, the parking lot can only fit a few hundred cars and would need expanding.

[pullquote]

Standing at the slopes overlooking the Qadisha Valley and the Cedar’s Forest, one is struck by the sheer beauty of the area

[/pullquote]

As such, Fakhry says they are now looking for potential investors to help them complete their plans for the resort. “We are talking to investors from the area and there are some who are interested in large scale projects like this. We don’t have a problem partnering up with another company if it means that the resort and area will be revitalized. Projects like this can increase the economic activity in the area a lot and that’s what we want for Bcharre,” explains Fakhry.

The majority of those who frequent the Cedars Ski Resort today are from the surrounding areas. While skiers do sometimes come from Beirut, Fakhry says the two hour drive somewhat obliges them to sleep in the area. He also adds that only around ten of the hotels and motels in the area are considered to be good quality, with prices ranging from $170 to $250.

Besides skiing, other winter related activities that can be enjoyed in the Cedars include snowshoeing, cross country skiing and snowmobiling ($30 for a 30 minute ride).

Standing at the slopes overlooking the Qadisha Valley and the Cedars Forest, one is struck by the sheer beauty of the area – and the very real potential that exists among its snow covered mountains.

The modern resort

Zaarour Club lies on 2.5 million square meters of privately owned land in the Metn area of Zaarour (just under Mount Sannine).

The company, which originally was mainly owned by Michel and Gabriel el-Murr, operated the ski resort until being forced to close down when it was badly damaged with the onset of the Lebanese Civil War in the late 1970s. While the resort reopened in the 1990s, it only had basic facilities and primarily attracted customers from the nearby community.

In 2012, Gabriel bought his brother’s shares in the resort and became the majority owner of Zaarour Club, the company that today owns and operates the ski facilities and related activities in the resort. New construction work began in 2013, and to date more than $40 million has been invested into turning Zaarour Club into a state of the art ski resort complete with modern amenities and conveniences, explains Carol el-Murr, chairperson and CEO of Zaarour Club.

The clubhouse itself – the building that skiers enter to access the slopes – gives off a modern and fresh vibe with elements ranging from the elevators and escalators that take skiers directly to the skiing area to the spacious food court that includes Classic Burger Joint and a snack booth serving healthy options such as salads and wraps.

The slopes themselves include four chairlifts which Murr describes as “detachable” (meaning they slow down enough for the skier to comfortably get on or off) and a rolling carpet that helps young skiers safely access the baby ski area.

Since the highest peak in Zaarour Club is at an altitude of 1,800 meters, Murr explains that they invested in the sole snow-making machine in Lebanon that produces artificial snow to supplement the natural snow when patches begin to show.

The resort also features a 16-room boutique hotel, Le Grand Chalet, which Murr says has been fully booked on weekends ever since they opened for the season, two fine dining restaurants – one in the hotel itself – and La Cabine Du Chef, a French restaurant.

The Zaarour Club also created an artificial lake surrounded by a promenade, where the Zaarour Summer Festival was held last year. Murr says it will be used for similar events this summer in an attempt to make the resort a year round destination and build up a sense of community.

A full day of skiing for adults on weekends in Zaarour Club costs $42, with children under 12 charged $30. As well as strapping on the skis, other snow related activities on offer include tubing and sledding. Murr describes this as their first full season and says it has been very successful with an average of 1,500 skiers on an average day.

Perhaps the biggest challenge for Zaarour Club is that the surrounding area is still largely underdeveloped. The land itself has some privately owned chalets from the 1990s on the lower half (which is not part of the club) and Murr says Zaarour Club is constructing 40 chalets – half of which have already been sold – but few properties or construction sites can be seen on the road leading up to Zaarour. Also, there are only around a dozen restaurants or cafes in proximity to the resort.

[pullquote]

To date, more than $40 million has been invested into turning Zaarour Club into a state-of-the-art ski resort

[/pullquote]

Murr explains that since the resort has only recently been renovated, it will take some time for the area to pick up when it comes to après ski, but that there are already investors developing such destinations.

“There is a future for the area seeing as the renovated resort has only been functioning for a year or two. This will slowly develop with time and there are already six to seven residential and hospitality projects being built around the resort area,” says Murr.

Murr sees Zaarour Club’s proximity to Beirut through the Metn highway as an advantage, making it an accessible option for those who don’t want to get stuck in traffic. “There is an opportunity or place for everyone, given the number of people who like to ski in Lebanon,” she concludes.

The larger than life resort

With more than 100 kilometers of ski runs and 20 chairlifts, Mzaar Ski Resort in Kfardebian is Lebanon’s largest and most developed ski resort. As such, it is also the busiest, with Nicole Wakim, marketing and development manager for the Mzaar Ski Resort operating company, saying they get up to 7,000 skiers on a sunny weekend (the resort can accommodate up to 8,000 skiers).

This year, the resort added another ski run, The Falcon, at an altitude of 2,111 meters above sea level. “Its purpose was to alleviate the whole domain so that if it doesn’t snow enough at the bottom slopes, we will compensate with the higher up slopes. But so far this season there was no need and we opened them all,” says Wakim.

Mzaar Resort is also the most expensive among the ski resorts Executive spoke to, with a weekend day of skiing costing $66 for adults and $52 for children. For those that don’t want to ski, snow mobiles are a popular activity, with prices starting at $40 for a 30 minute ride.

Some don’t indulge in any winter activities, but instead visit Kfardebian to enjoy the ambiance and play with the snow. This has added to the traffic flow problem, “I believe our biggest problem today is the heavy traffic leading to and from the resort on weekends and holidays, which is due to the many buses and minivans as well as cars unequipped to drive on snow or ice. This causes a lot of frustration for all visitors to Mzaar ski resort,” says Joost Komen, general manager of the InterContinental Mzaar.

This issue was also discussed by Josephine Zgheib, spokesperson for the municipality of Kfardebian, who says they are working with the municipal police and the Internal Security Forces to organize traffic and prevent large, ill-equipped busses from accessing the road.

[pullquote]

There is an opportunity or place for everyone, given the number of people who like to ski in Lebanon

[/pullquote]

The après ski life is also well developed in Kfardebian, with the resort itself including a five star hotel, The InterContinental Mzaar, which boasts 140 rooms (29 of which are suites) and a few restaurants including Olio Igloo, an Italian restaurant-lounge bar.

The resort aside, Kfardebian has around 50 hospitality outlets including hotels, restaurants and cafes, according to Zgheib. For those who wish to rent a chalet for the season instead, Zgheib says there are around 20 chalet complexes in the area.

To further develop the après ski life, Mzaar Resort has developed a full calendar of events that include their annual winter festival and a fashion show on the snow, explains Wakim. “The events help us keep the vibes strong continuously. We are working on Mzaar as a [tourist] destination and although winter is our champion horse, we are working toward making it a summer destination as well.” Wakim says that their summer festival has become a widely popular event that brings life to the area over a several days in August, but they are planning to organize more summer activities to have a sustainable season beyond these few days.

The ski season’s early start this year has benefitted the resort and Kfardebian itself, with Wakim saying that the resort’s hotel and many surrounding restaurants were fully booked on the days leading up to New Year’s Eve, despite the poor weather over the holiday period.

Although it is still too early to speak in terms of concrete tourist numbers, Wakim believes that more Arab Gulf nationals were on the slopes this year than last year. While Komen agrees, he is still holding out for even more tourists in February, when schools around the world take time off to go skiing. “I believe it is still too early to tell the percentage rate of foreign tourists compared to local tourists as the season has just started. Moreover, we have seen many Lebanese living abroad coming to visit their home country, and they are considered foreign tourists. But to give a first impression of foreigners compared to Lebanese nationals, I would say 15 percent of the visitors are foreigners and 85 percent are Lebanese or of Lebanese descent,” elaborates Komen.

Only time can tell whether this winter season will be able to enjoy the arrival of foreign tourists, or whether it will continue to be dependent on the local community. But one thing is for sure: the snowcapped Lebanese mountains are breathing much needed hope and positivity into the country’s ski resorts and surroundings.

February 26, 2017 0 comments