“The role of the traditional risk manager is changing. The field is evolving and risk managers will need to remain flexible. This flexibility appears to be the key element that allows RIMS to succeed and stand apart. As the Risk and Insurance Management Society embarks upon its sixth decade of service, that flexibility will no doubt serve as the driving force in continuing to bring risk managers together and serve as their collective voice.”
Those are the words of Susan Meltzer, who is finishing her term as president of RIMS in the society's 50th year. Moreover, they are also the sentiments of Roger Andrews, who takes the helm following Ms Meltzer. “One of the most important things is that RIMS continues to be the leading association for risk management and, in order to do that, we must remain committed to risk managers' needs. We must be the risk management authority on a broad array of changing issues that pertain to the business of risk,” says Mr Andrews.
It is perhaps ironic that RIMS celebrates its 50th anniversary at this time. The organization worked for fifty years to move from a small society of “insurance buyers” dependent upon the vagaries of insurance industry cycles, to become one of a large group of “risk managers” able to compete successfully with that very same insurance industry via captives and other forms of self insurance. There were some turbulent years during that half decade. Yet it now faces a new, even more volatile world where all its acquired sophistication must be put further to the test. No time to rest on its laurels. That world consists of a new global economy with international exposures that only marginally existed before; it consists of a new financial services environment, with a breakdown in barriers that allows more competition in the insurance arena; and it consists of the untried and untested concept of e-commerce.
Both Ms Meltzer and Mr Andrews see the irony of the situation, but they also recognize that it is a test of the long-term effectiveness of RIMS and they believe that the society is up to the test. They agree that RIMS has achieved some significant accomplishments during its last decade and point to the history of the society as proof that it can and will adapt.
And its history is an interesting one. Just as Lloyd's of London began in a small coffee shop, RIMS had its beginnings when a small group of corporate insurance buyers gathered for dinner at the Governor Clinton Hotel and Restaurant in New York. The men around the table included Kenneth Bell of Chase National Bank, William Lund of the U.S. Rubber Co., J.A. Robinson of McKesson & Robbins, George E. Rogers of the Robert Gair Co., and A.M. Schmidt of Johns Manville. The year was 1932.
In December of that same year, the Insurance Buyers of New York was formed, with Mr Rogers as its president. It was then under the auspices of the American Management Association, but in 1935 the group decided to become independent and renamed itself the Risk Research Institute. By 1947, the group had proved that it was a force to be reckoned with. It had successfully worked to defeat a proposal that would have placed all workers' compensation in New York state under a state insurance fund; it pushed for New York regulations on physician fee schedules; it reworded essential sections of New York's standard fire policy, which would later be adopted by many other states; and it published a series of booklets on important risk topics. But the Institute's most important accomplishment was the Multiple Lines Underwriting Bill, which was signed into law by New York State Governor Thomas Dewey. The rest of the country would eventually follow.
However, it was fifty years ago that RIMS became national in scope. In a way, it sounds like a scenario similar to today. Business was expanding and so were the needs of Institute members. The Risk Research Institute became the National Insurance Buyers Association in 1950. The association's goals were set forth: foster a close relationship among buyers of insurance; make known the insurance needs of business and industry; work to secure simpler and more adequate policy forms, insurance protection for all insurable risks and adjustments in inequities in rates; provide members with an opportunity to exchange ideas; compile, publish and distribute data, periodicals or other literature dealing with insurance and loss prevention; and aid in maintaining a reasonably competitive insurance market in the public interest.
But the term “insurance buyer” was becoming obsolete by the mid-1970s. Members of the association, and the financial world began to see these corporate executives as more than just “buyers of insurance.” In their own eyes and in the public's they had become “managers of risk,” dealing with loss control, and on New Year's Day 1975, the society became known as the Risk and Insurance Management Society - RIMS.
When RIMS entered the 1990s, it was stronger than ever. It represented 4,000 industrial, non-profit, charitable and governmental entities and served close to 8,000 members with 92 chapters across the United States and Canada. But today, the numbers are slightly different and this is one of the challenges facing RIMS. As RIMS enters the 21st century, the number of industries represented remains stagnant at 4,000, but membership has dropped to 7,500 and the number of chapters is now 90 across the US and Canada.
“There are a number of reasons for this,” says Mr Andrews. “The fall off in membership is undoubtedly due, in part, to the merger and acquisition movement. But also, the face of the business community is changing rapidly. Companies are becoming more competitive globally. As they're doing so, they're doing everything possible to cut expenses and we're seeing risk managers downsized and the risk management function itself being outsourced. The risk management function is being given less priority.
“Also,” continues Mr Andrews, “risk managers, whatever industry they happen to be in, are being asked to perform with smaller staffs, and have less time to participate in volunteer association work. All associations are feeling the pinch, not just RIMS. What companies are forgetting is that professional development, which is what RIMS offers, is essential for doing the job.”
Ms Meltzer confirms that M&A activity coupled with the trend towards outsourcing have resulted in RIMS' membership falling off. “What we're doing now is looking towards smaller firms that employ part-time risk managers for new membership. Some of these firms cannot afford the expense of attending RIMS conferences, but we believe we can attract them as members if we set ourselves as providers of information for them,” says Ms Meltzer. “There are technical risk managers who need support, financial risk managers who don't understand operational risk. These are the areas in which we believe we can grow.”
Looking back over her year as president, Ms Meltzer says modestly that her accomplishments consisted primarily of building on what was given to her by past administrations. For example, it was last year, under RIMS past president Mark A. DeLillo, that RIMS finalized the Fellow in Risk Management (FRM) program and, at that time, Mr DeLillo said the event was the culmination of five years of research. The program builds on the core knowledge developed in the Associate in Risk Management (ARM) designation program. However, the FRM focuses on a foundation in law, accounting, finance, information systems and specialties in risk management. Also, last year, the Global Risk Management Institute, created to administer the new advanced global designation FRM, elected its first board of directors.
“These programs have been in the works for some time, but now they're up and running and I really feel good about them,” says Ms Meltzer. “I also feel good about the fact that the risk manager is growing in stature. Years ago, there was some confusion about what a risk manager really was. That's changing now. We've been represented in various prestigious publications, such as Dun's Review, Fortune Magazine, Time Magazine, Forbes Magazine, Business Week and The New York Times, among others, and we have been approached to participate in a Presidential Commission set up to examine the problems of fraud and theft at the nation's seaports.”
Even more prestigious is the fact that RIMS has been asked to participate in a move by the White House to bring the need for information security (IS) to the corporate board level. This is particularly significant in light of recent developments in the US regarding “hacking.” Just last February, electronic commerce sites in the US were sent reeling when a “hacker attack” over a period of two days crippled sites such as Yahoo.com, CNN, Buy.com, Amazon.com and others, sometimes for as long as hours. The attacks, whose origin is still unknown although the Federal Bureau of Investigation is looking seriously into the matter, proved the vulnerability of the internet. Executives from electronic commerce sites met with President Clinton shortly after the attacks and it was determined that there was no need for any new regulation of the internet, even though it was the very “openness” of the internet that allowed the attacks. For that reason, the White House is examining ways to force corporate boards to install or improve IS systems.
“With the onset of the enterprise risk manager, information security is becoming increasingly important in the risk management industry and the Presidential Commission on information security reflects this,” says Andy Steggles, director of information systems for RIMS.
The Presidential Commission has come about because of a “white paper” on information security completed by the Institute of International Auditors (IIA). RIMS was asked to do a review of the paper and, in his comments, Mr Steggles addressed some of the issues involved in the relationships between auditors, IT security people and board members.
Mr Steggles says the IIA is attempting to tackle an awareness issue, which is “potentially as important as the Y2K awareness issue.” Says the RIMS executive: “The task is huge, but as we have seen already with the Y2K, with the right people behind it, it is a hurdle which can be jumped. Having auditors ask IS professionals questions relating to their organization's information security policies and procedures is very political in nature. From experience, it has already been shown that the typical response of an IS professional is to ‘fob' the auditor off with the close to perfect answer, rather than giving truthful answers and potentially casting shadows over themselves.” Mr Steggles says that the IIA's white paper is a good start in terms of dealing with information security issues. However, he suggests that, rather than auditors asking IS professionals whether they have a “daily backup,” they should ask:
“Also, a request to see the backup log would be helpful,” adds Mr Steggles. “Part of the auditor's training should include an overview of the different types of backup software issues and schemes. The auditors should also be given training on how to measure and mitigate risk, which could then be presented to the corporate board on completion of the audit when referring to areas and levels of exposure.”
Finally, one other area in which Ms Meltzer sees an important role for RIMS is in promoting corporate quality improvement. This year, the Quality Insurance Congress was disbanded. Ms Meltzer says she was sorry to see the Congress go, but adds that its demise can be traced to “different corporate cultures.” However, she says: “I am encouraged to see that companies and insurers are adopting quality improvement programs on their own.” On the insurance side, she mentions Marsh, AON, AIG and Zurich in particular, but says that there are others that have taken up the cause.
As for Mr Andrews, he says that there are many challenges to be addressed in the coming year. “Risk managers will see the market turning a bit, with some hardening in the professional liability lines, for example. But I don't think we'll ever see the hard market we experienced in the mid-1980s. There is still a lot of capital out there and a strong alternative market.”