Category Archives: Enterprise Risk Management

ERM Seen as a Strategic Advantage by Global Insurers

Posted on by

Global insurers’ level of satisfaction with their enterprise risk management (ERM) performance grew by 10 percentage points over the last two years (63% compared to 53%). This was highlighted by a 16-percentage-point increase in Asia Pacific (51% compared to 35%) and less pronounced in North America and Europe (with a seven-point increase), according to Towers Watson’s Eighth Biennial Global Enterprise Risk Management Survey.

According to the survey, 74% of global insurers said their executives and board members view the risk management function of their enterprise as an important strategic partner that adds value to the business. Notably, carriers that share this view are almost twice as likely to say they’re satisfied (73% compared to 38%) with their company’s ERM performance compared to those that believe ERM is merely a provider of risk assurance (18%) or for regulatory compliance (8%).

Insurers’ opinions of their ERM program were determined by factors such as clear links to business goals. In fact, carriers with ERM functions that are well integrated into their business planning noted higher rates of satisfaction (82%) than those without an integrated strategic plan (53%). Similarly, those with a risk appetite framework linked to specific risk limits expressed higher rates of satisfaction (76%) than their peers with no framework in place (50%).

“Companies that strive for strategic value in their risk management function — as opposed to simply using ERM for regulatory compliance — typically differentiate themselves, in part, by integrating risk management into their strategic decision-making process from the beginning,” Martha Winslow, senior consultant of the Americas P&C practice with Towers Watson, said in a statement. “Too often, senior management incorporates risk management later in the process or even after it is complete, when there’s not much chance of it influencing critical decisions.”

Towers Watson survey findings:

 

10 Insurance Tips for Risk Managers

Posted on by

NEW ORLEANS—Most companies will at one time or another face coverage issues and lawsuits. In order to identify and avoid insurance-related issues and disputes before they arise, risk managers should take advantage of proven strategies for resolving difficult claims, advised Darin McMullen, attorney with Anderson Kill, P.C. at the RIMS 2015 Annual Conference & Exhibition here.

1. The purpose of insurance is to insure.

Don’t underestimate potential future problems and think of loss prevention and risk transfer rather than loss financing, he noted. Companies need to assess the types of risks they will face and make sure their program is tailored to meet these needs. Also important, he said, is making sure policies are designed to cover the losses the company will face on a day to day basis. For example, certain types of risks are seen in manufacturing and other risks are particular to an IT vendor. Risk managers need to examine any pitfalls or shortages that may exist in their current policies and seek legal opinions well in advance of renewal. They need to look at how exclusions might be interpreted as well, McMullen said.

Joshua Gold, also an attorney with Anderson Kill, added that risk managers’ jobs are more difficult than ever, with fragmentation in insurance programs existing, since many polices are purchased for a program. These may include directors and officers, product liability and cyber insurance. “There are products out there that try to assimilate them and make sure gaps in coverage are treated,” Gold said, adding that while the fine print in policies can be overwhelming, it can be key for proper coverage, especially when dealing with multiple lines, excess layers and towers of insurance.

2. Don’t limit insurance expertise to the risk management department.

All too often, “there are still going to be thorny claims and there still are going to be disputed claims, which are unavoidable,” McMullen said. He said that building expertise elsewhere within the company is critical to taking advantage of any and all available coverage. “We get the need for everybody to work together, but now, more than ever, this is important,” he said. Coverage should not just be delegated to risk or legal and collaboration is needed. For example, IT departments need to be included when planning for cyber coverage.

3. Lawyers and risk managers can be natural allies.

While there may be friction between departments in a company, legal generally recognizes the beneficial role risk managers play, McMullen said. He added that risk managers need to put any insurance-related communications in writing and assist in the analysis of policies and claims.

4. Insurance is an essential component of corporate resources and asset conservation plans.

Risk managers should purchase coverage with the intent of safeguarding the company’s own property and employees. They also need to recognize which mechanisms actually transfer risk and which do not.

5. Think insurance after a loss occurs.

This means looking to insurance coverage following all lawsuits, claim letters, product-related issues and financial losses. Risk professionals also need to analyze other sources of insurance that could possibly cover a claim.

6. Give notice of a claim or loss as soon as possible.

When faced with a claim or loss, McMullen advised risk managers not to hesitate to notify their broker, insurers and everyone in their tower of insurance as soon as possible.

7. When you make a claim, don’t accept “no” for an answer.

There is no downside to challenging an insurer’s denial of coverage. “You owe it to your company, you owe it to your organization to explore this and push back,” McMullen said, adding that determination and persistence often mean the difference between coverage and no coverage.

8. Find out where your company’s policies are.

Locate, collect and catalogue past insurance policies. Also acquire and keep policies of all entities related to your company.

9. Don’t panic if your insurer becomes insolvent.

If this is the case, McMullen advised risk professionals to file a proof of claim as a creditor and file a claim against the state guaranty fund in one or more possible jurisdictions. He recommended that they request the next layer of insurance companies to “drop down,” and also to consider litigation options.

10. Make sure your insurance team is conflict-free.

This means the team should be untainted–risk managers need to know where loyalty lies and if an attorney is representing both sides, McMullen said. “You want a conflict-free insurance team to take on the insurance company and to fight for the coverage that you are paying for,” he concluded.

 

Survey Finds Alliance with Organizations and Risk Reporting Structures

Posted on by

NEW ORLEANS—Seventy-nine percent of companies are aligned with their risk management reporting structure, however, only 27% of risk professionals believe that emerging risks will be a company priority in the coming year, according to the 12th annual “Excellence in Risk Management Survey” released here by Marsh and RIMS.

In the last five or six years, “We have seen significant narrowing of the gap, where there is better alignment of what risk managers and risk executives are providing their organization and what their C-suite and management is looking for and needing in this riskier world that we all live in,” said Brian Elowe, a managing director at Marsh and co-author of the report. Findings are based on more than 300 responses to an online survey and a series of focus groups with leading risk executives.

Elowe explained that the study focused on organizational alignment, risk management effectiveness, data analytics and technology and cyberrisk.

In their study of organizational dynamics, he said, “We looked at priority setting, organizational structure and performance measurement standards to understand effective execution of a risk management strategy.”

The first insight was in respect to structures risk management reports to inside an organization. “We also asked whether the people responding to the survey felt risk management was reporting to the correct area inside the organization. We found that 79% of the respondents said they felt risk management was reporting into the appropriate area inside their organization,” Elowe said.

Looking deeper, he said the survey found that 50% of executives report into the finance area. The other half reports into a wide number of areas inside the company–12% report to general counsel, 8% to other C-suite members, 5% to internal audit, 5% to operations, 2% to human resources and 11% to “other” functions.

“We found that while they are all in the risk management function, those that report to areas outside of finance tend to be involved in areas deemed to be more strategic in nature. So they are more likely to be involved with things like ERM strategies, IT, privacy and security.”

Elowe said, “We think that finance executives might be well-served to help facilitate greater connections inside their companies to help broaden the perspective that risk executives reporting into finance might be able to have inside their own companies.”

In addition, only 27% of risk professionals reporting to the CFO or treasurer said they expected an increase in spending for training risk management staff. This is compared to 46% in increases expected by those reporting to other areas.

The top-five programs reporting to risk management were insurance management (92%), claims management (88%), enterprise risk management (67%), captive operations (65%) and emergency response (63%).

Looking at functions that report into risk management, he said that while the traditional functions of insurance and claims were well aligned, there is a significant alignment with IT. This is compared to several years ago when IT “operated in and of itself in an organization. That is an outcome of the growing cyberrrisk and the need for organizations to have a multi-disciplinary approach to how cyber is affecting their organization.”

Discussion groups agreed that the “here and now” is most important to their companies and that more needs to be done to develop understanding of emerging risks. “Risk managers are concerned they are not looking far enough ahead,” Elowe said, adding that company focus is largely directed to regulations and compliance. Carol Fox, director of the strategic and enterprise risk practice at RIMS and co-author of the report observed that organizations focused on operations are generally not as involved in strategy. She said management understands risks, but fell off in actually planning for emerging risks.

Findings include:

  • Risk management departments that do not report into finance are generally better aligned with other strategic functions within their organizations — most notably in the areas of enterprise risk management, compliance, information technology (IT) risk management, privacy, and security.
  • Despite the importance placed on emerging risks by many board members, senior leaders, and risk executives, only 27% of survey respondents said that identifying emerging risks would be a priority in the coming year.
  • Over the next two years, 42% of organizations expect to increase the level of investment in risk analytics, according to our survey, with 57% saying it would remain flat.
  • Nearly 60% of respondents said their organization has no formal communications plan in anticipation of a cyber event.
  • Risk professionals who report into the CFO or treasurer are much less likely to expect an increase in spending for training risk management staff in the coming year compared to those reporting elsewhere.

 

To Sell ERM, Think Like a Salesperson

Posted on by

Selling Enterprise Risk Management

There have been many discussions around the value of enterprise risk management as of late. Some individuals may feel as if having a risk manager on board checks the box, meeting the company’s obligations. Others may feel that enterprise risk management is the start and end to all their challenges and, if things do not work out as expected, the risk manager is to blame. So where does that leave the risk manager?

In order to have a healthy enterprise risk management program, risk managers should think like salespeople.

online pharmacy doxycycline with best prices today in the USA

Risk management professionals tend to be very passionate about their vocation, but not everyone may be buying into the ERM process. The first step to selling your risk program is to find a champion.
buy antabuse online https://galenapharm.com/pharmacy/antabuse.html no prescription
This person should be on your executive team—preferably the CEO.  You need a strong voice in your organization that will support the change that an enterprise risk management program can bring. It is also a good idea to have support from the board of directors and, if applicable, the internal auditor. When building your risk team, keep in mind that the end goal is to have all employees of the organization support and apply risk management to their day-to-day challenges. The more risk champions you can find, the better your program will be advocated and supported.

Once you have completed your public relations campaign by finding your risk champion, the next step is finding a common language everyone can understand. It is particularly helpful to ensure that the risk terminology used within your organization is consistent and understood.

online pharmacy ocuflox with best prices today in the USA

Once people begin to speak the same language, conversations should begin to flow.

The third step is to make sure you have a sound product. Building a comprehensive risk framework and process that fits your culture is a valuable selling point. There are many frameworks to choose from such as the Australian model, COBIT and COSO. One size does not always fit all, however.

online pharmacy rifadin with best prices today in the USA

  Use the components from the models that best suit the culture of your company. Be sure that you gain approval from both the executive team and your board when you introduce your framework and process.

Finally, it is time to make the sale. Have a risk workshop with your executive, but be sure to come prepared. It is critical to have a thorough understanding of the company’s strategic objectives, as the risks identified through your process should align with the company’s overall goals.

Conducting risk scenarios can also help sell ERM, further embedding risk management practices into the organization. Creating a scenario that requires the application of the risk management process really helps bring the theory to life. It also allows the participants to learn together as they work together, building knowledge while strengthening the program and its support throughout the company.