Plenty. And nothing at all. These days, holistic risk management is part of the corporate lexicon. Is it more buzzword than bailiwick? Insurance and financial markets are strutting their stuff, competing for partners. Choices, choices. Once, the risk manager was "insurance manager". Today, it is more like "chief risk information manager", writes Wolfgang Friedel.
1997 marked the 10th consecutive year the insurance industry was soft in the United States. The outlook this year remains the same. New capacity continued to come on the market, and more is on the way. With a mild hurricane season and no major earthquakes, catastrophic losses were minimal.
At the same time, the global economy has been developing rapidly. A record $1 trillion in mergers took place involving US companies in 1997. Fierce competition for market share was - and is - the raison d'être for the "-ings." Downsizing, rightsizing, outsourcing, streamlining, re-engineering. All have the potential to increase risk and cause losses.
Corporate managers have been squeezing operations in response to tightening profit margins, pursuing strategies that include just-in-time delivery, single-source supply contracts, higher performance expectations for equipment and people, plant consolidations and the like.
How does this affect risk management? In brief, the working environment is tougher. Sometimes, the very job of the risk manager must be justified, even though the core objective is the same today as it was 30 years ago, and as it will be 30 years from now. Protect the bottom line.
Peter Bernstein, author of Against the Gods, aptly concludes: "The essence of risk management lies in maximizing the areas where we have some control over the outcome while minimizing the areas where we have absolutely no control over the outcome and the linkage between effect and cause is hidden from us."
In today's quarterly-results-driven marketplace, the challenge for the risk manager is to adopt the strategic view Mr Bernstein discusses and dare to articulate the risks to the well-being of the corporation in compelling fashion. It is not an easy feat, and the stakes are very real.
Risk management affects shareholder value
Last year, at the Arkwright Global Symposium in Milan, Italy, Deborah J. Pretty, an independent consultant and research fellow at Templeton College, University of Oxford, presented a study of the long-term impact of crises and catastrophes on shareholder value. Her most critical finding: The management of crisis and catastrophe affected stock value. It mattered little whether a corporation had purchased insurance or had adequate limits on its coverage. In her follow-up report at this year's symposium in Boca Raton, Florida, Dr Pretty sums up her analysis this way: "Good crisis management is good financial management."
The marketplace has made little progress developing a financial model that readily illustrates the points in Dr Pretty's research. That means the voice of the experienced risk manager is of critical importance to the corporation.
For example, consider reliance on sole-source suppliers who deliver a product or service more efficiently than the corporation. Often, the supplier is cutting corners to be cost effective. As a result, reliability of delivery can become questionable. The supply chain can be in jeopardy. Why would a corporation that wants to remain competitive in the marketplace take such a risk? That is precisely what happens on a daily basis when companies sign contracts and purchase orders without knowing in detail the risks and the potential financial harm of an interruption of their business caused by a supplier unable to deliver.
One well-known illustration involves Honda of America Manufacturing. In the third quarter of 1994, the company was predicting its best year for car sales since 1990. Then, a fire destroyed an Ohio plastics plant, the sole supplier of air conditioning and heating hoses Honda used for its US division. A just-in-time supply system meant there was no inventory of hoses. The loss halted production of Accords and Civics in the United States. Honda was lucky it was able to import hoses from Japan that fit American-made cars. Otherwise, the interruption would have been far more severe. A smaller company could be ruined by such a loss.
The high-technology world has offered its own poignant examples of the risks in recent months. Fires damaged or destroyed four semiconductor manufacturing facilities in Taiwan, Thailand and Singapore in the second half of 1997. Some took months to recover and damage estimates are in the hundreds of millions of dollars in two instances.
These losses disrupted the global supply of semiconductors and related products and services. Such incidents shake investor confidence, not to mention consumer and public confidence. In some countries, there is serious consideration of completely changing local codes and standards to assure greater safety and reliability of semiconductor fabs.
It is appropriate - indeed, essential - that risk managers have a role in evaluating the corporate supply chain. Single-source suppliers should be audited carefully before contracts are signed. Their record of safety and reliability should be evaluated. These are the types of exposures that inspire the call for "holistic risk management".
Holistic risk management: good management and lots of common sense
Some call it "holistic". Others call it "alternative". A few call it "global". Whatever the moniker, it is nothing else but good management and lots of common sense.
Matthias Haller, a professor at the University of St. Gallen in Switzerland, makes the case for expanding the scope of risk management into every aspect of an organization. Leading companies will do so to strengthen financial safeguards and to protect against "opportunity costs". The changes in business today, accelerated by deregulation and globalization, require "an emphasis on integrated risk management," Dr Haller says.
For many in the field, the discussion is academic. Most risk managers have little time and few resources to devote to the strategic planning involved. Often, senior management does not have the inclination to listen to what they perceive to be doomsday scenarios.
For others, however, holistic risk management is an attitude put into practice. It is based on the recognition that all risks are related, just as all aspects of a corporate enterprise are: from financial and market analysis to regulatory and political issues; from public policy and the environment to security, personnel, health and safety.
Thomas Hendersen says that when he was first named risk manager at Texas Instruments in 1991, he spent 80% of his time on insurance transactions and 20% on "true" risk management. Today, through hard work and a lot of convincing, it is the other way around. He notes that the role of the risk manager has been questioned and re-examined throughout the 1990s.
" 'Where do we add value to the corporation?' people ask. Some wrestle with this more viscerally than others," Mr Henderson said in his keynote address at the Arkwright International Risk Management Symposium in Heidelburg, Germany, in 1995. "Some are losing their jobs because risk management is not perceived to be a value-added function. All of this gives us a clear message. It is incumbent on every risk manager to make an internal assessment of his or her role and to define that role to serve the corporation of the future."
The key is to evaluate and quantify threats to the organization, not to focus on risk-financing transactions, Mr Hendersen said. The future is good information management in all of its phases: identification, collection, interpretation and dissemination. "A corporation has many decision makers," remarked Mr Henderson. "I believe risk managers will add increasingly more value as agents of change. We do this by providing needed risk information to all levels of management and by providing good specialized counsel to those who are making decisions and enacting change."
Nearly two years ago, Louis Drapeau, manager of insurance and risk management for The Budd Co. of Troy, Mich., and then-president of the Risk & Insurance Management Society, described the working environment for the profession as "challenging times, exciting times, demanding times, frightening times". Uninsurable assets such as market share and corporate reputation can no longer be pushed "under the rug".
His advice at the time remains sound today.
"Risk managers need to tackle the issue of risk in a holistic way," Mr Drapeau said. "It simply means taking all risks - pure risk, speculative and portfolio risk, as well as negative risks long associated with risk management - and putting them in a single basket," he said. Senior management is becoming more aware of risk. "Over the long run," Mr Drapeau said, the holistic approach "will make (corporations) more comfortable with assuming more and more risk internally."
As corporate re-engineering affects risk management departments, risk managers will need to rely on people from varied disciplines throughout the organization.
"The business problems you encounter today and the projects you are now undertaking require the input and expertise of people from different areas," Mr Drapeau said. "The same blurring of boundaries is taking place in dealing with external, as well as internal, partners - your relationships with your brokers and insurers."
Risk managers can contribute to successful corporate re-engineering by embracing information technology.
As the understanding and financing of risk becomes more sophisticated, the use of technology becomes essential, Mr Drapeau said. "If we remain paper-based as the world moves to electronic storage and communication, we create more paper than ever, a paper overload, on the way to a paper-less society . . . We could be an awful lot more efficient and productive if we used available technology appropriately."
Information technology is changing our world. Companies that can manage it and turn it to the benefit of their customers and themselves will be the leaders. The same is true of risk management. There is a world of opportunity out there and we do not have to be computer geniuses to take advantage of it.
Financing risk: the easiest part of the job
Clearly, the risk manager who focuses on risk financing at the expense of strategic and contingency planning is missing the point. However, there is no doubt that one of the responsibilities of the risk manager remains arranging for the most cost effective risk financing for the corporation. Progress in the risk management realm has often been defined by the development of fancier, better, more exotic ways of financing losses.
The pressure is on. Reduce expenses now! Nothing easier than that in a soft market. Traditional insurance programs and alternative risk financing concepts, including integrated all lines programs, captives, cat bonds, etc, etc, offer plenty of opportunity to reduce expenses.
But then what? The key question remains: Finance what? What risk? What exposure? The one you can buy plenty of cheap coverage for - or the one you have just identified could cripple your company? In this writer's view, Tom Hendersen is right on. Spend time on risk analysis and oversee the purchase of risk financing vehicles.
Back to the future: successful risk management
The role of the risk manager is poised to evolve once again - into a senior officer and team player who understands many disciplines and co-ordinates the activities of specialists to manage the entire risk profile of the corporation. The most successful risk managers are outstanding analysts and even better communicators, enabling them to make risk management part of their corporate culture.
Take, for example, Cabot Corp., a Boston-based global leader in the manufacturing of carbon black. Risk management is broadly accepted, at all levels of the company. Cabot is renewing and repositioning its primary businesses while developing new products that respond to emerging business needs. "It is an exciting time to be at Cabot but, naturally, it also means we are subject to new exposures constantly. Because of risk management's broad acceptance at all levels of the organization, we can do a pretty good job of keeping up with change," says Anthony H. James, vice president, safety, health and environmental affairs.
To manage change, Cabot put together a risk management strategy team of people from different businesses and corporate functions. "This is now typical of most Cabot teams, but I think it is particularly appropriate to risk management, where there is a strong need to make loss prevention a company-wide objective," Mr James says.
Risk management strategy teams can enable corporations to define and unearth all risks, from the procurement of raw materials to product liability, and figure out how best to mitigate the risks, through insurance, contractual arrangements and other measures. This is a worthy and wise use of corporate resources that can help protect shareholder value.
Risk is at the heart of advancing ideas and discovering new horizons. Without the great risk takers in science, industry and exploration, we would not have the benefits of global communication, central heating and air conditioning, cars and other modern means of transportation - and space flight would not even be a dream.
The word "risk" has its origin in the Latin word "riscare," which means "to dare". Managing risk, then, is the art of managing how one dares. The challenge for risk managers is clear. Dare to be strategic. Dare to think globally. Dare to speak up. And, most of all, dare to instill risk management as a mainstream corporate value.
Wolfgang Friedel is senior vice president and chief operating officer of Arkwright Mutual Insurance Co, a global property insurer and risk management company. He oversees all of its core insurance and consulting operations, including three US operations centers and its London-based international operations. Mr Friedel is also president and chief executive officer of ALM Services Inc., a wholly owned subsidiary created to manage the property insurance portfolio of Arkwright Mutual's strategic partner, Liberty Mutual Insurance Co. He is also president of Arkwright Insurance Co and Arkwright International Ltd. and chairman of the board of Alternative Risk Solutions Inc.