Who really gets risk management?
A couple of friends have recently shared items they have seen. I think they are interesting enough to interrupt my vacation and share with you.
First, the disappointing.
The FERMA Forum 2015 is taking place right now in Europe. Strategic Risk sent along an article quoting three of this morning’s speakers. Here is what my friend read:
Thomas Hurlimann – Zurich
“The modern risk manager must manage many different complex country risks on a global scale. These risks are often interconnected and span the full spectrum, from property, liability and directors and officers liability (D&O) insurance to employee benefit risks. The risk manager’s role is thus a very challenging one.”
Alexander Mahnke – Siemens (insurance officer)
“Looking at the role from an evolutionary manner, some decades ago it was sufficient to be an expert in insurance technique. Now, depending on the size of the company, businesses need a good risk and insurance team, which encompasses resources in areas such as engineering, IT, law and, of course, insurance techniques. When I say team, this can also include support from external resources.
“In order to understand the risk, to make it underwritable and to understand where certain trends and claims come from, and then explain this to loss adjusters, you need the right expertise. “Companies need to combine insurance with the technical risk expertise. I keep telling my own team, we are not here because we need to be the best insurance experts in the world, but because we are the necessary link between our company’s risk exposures and whoever is underwriting and potentially taking the risk.”
“In insurance and risk management, we are competing with brokers and insurers to a certain degree. In the past, insurers and brokers educated talent for us. Traditionally, these professionals would consider a career in risk management after working as an insurer or broker for some years. But risk management should be among the first choices.”
Alexander Mahnke – Marsh
Mahnke describes the explosion of “cyber-risk” and the difficulty “risk managers” have in coping with it. That’s only natural as there is limited insurance available for cyber-risk and insurance seems to be the primary solution for this group.
Do these risk managers understand the effective management of risk? Are they leaders of the profession? Or are they hung up in the history of risk being something you insure against?
Now contrast that with what this Wharton professor has to say. I admit to being surprised as I am biased against academics: they tend to write unreadable and non-practical texts. But he is clear and I like much of what he has to say, especially towards the end of the piece.
Why getting directors on board with risk matters makes a couple of interesting points:
- Establishing a risk committee to provide oversight of the management of risk does not seem to have a positive effect on performance. Clearly, risk, strategy and performance need to be considered by the board as a whole – together, not in silos.
- It is only when the board considers both the positive and adverse potential effects of uncertainty that there is an improvement in performance! I was shocked and very pleased to hear this conclusion from the professor. An academic gets it when so many practitioners don’t.
Please listen to the video and let me know what you think.