Editor’s Note: The following is an address presented by Harold H. Hines, Jr. when he was President of Ryan Insurance Group, Inc. to the Risk and Insurance Management Society (Chicago Chapter) Annual Meeting on February 19, 1981. What held true in 1981 is every bit as valid today and likely even more important than ever and has certainly passed the test of time. This is the first of a series with more pearls of risk management wisdom to follow
Risk managers are knowledge workers responsible for contributions that materially affect the performance of the organizations they serve. As knowledge workers, risk managers understand the diverse doctrines of finance, law and engineering. As effective managers, they deliver specific results and influence the impact of undesirable internal and extra-corporate events. Managing responses to the flow of events is crucial to corporate progress; in fact, failure to deal efficiently with the “unpredictables” germane to a risk manager’s concern can impair the assets and earnings of a corporation.
The risk manager is an essential member of key management, a person worthy of the respect most have earned an associate entitled to the personal satisfactions and financial rewards allocated to best corporate achievers. As in any management endeavor achievement requires authority commensurate with responsibility, a prerogative especially critical to a risk manager’s performance. Decisions about staff and source selection, design of risk prevention and control programs, implementation of claims adjusting techniques, and construction of risk transfer plans are controlled by risk managers in most progressive companies.
Because risk managers are credible performers, accountable for specific results, their duties have been enlarged to provide opportunities for more fulfilling work. Many companies involve risk managers in most major decisions. Acquisitions or divestitures are no longer made without interaction. New plant construction, new processes and some labor force change actions are implemented only after consultation with risk managers. Resource programming, production rearranging, transportation planning and sales organizing are also referred to risk managers for evaluation. Pervasive involvement confirms the awareness every facet of management has about the benefits of risk manager participation.
Of course, some companies do not delegate or communicate in the contemporary manner suggested here. Recalcitrants are exceptions to the movement of risk manage to greater responsibility. Recognition of this development causes insurance industry literature to consider the management process as well as technical, financial and actuarial issues. This paper's purpose is to add to the expanding body of knowledge about how effective risk manager’s function. Risk managers now have the same planning, organizing and controlling obligations other influential managers have to get right things done.
The importance of planning to risk management effectiveness is axiomatic; in fact, the risk manager's first and foremost duty is to understand and to prepare for the future. Understanding begins with a look at previous loss experience and its relevance to the risks of the years ahead. Available data from outside companies in similar businesses should also be studied. New facilities and new technologies need to be examined to determine how changes in production or other activities might create new }isk proclivities. Social and economic inflation must be factored into anticipated risk equations. Collecting such comprehensive information, arranging it in statistical tables, and interpreting the results is the starting place of all risk management plans.
The risk manager must construct a quantitative analysis of the expected patterns of risk his company will face. Probabilities are the guide of the risk manager’s professional life, and statistics are the foundation upon which probabilities are structured. Statistics are the records of past facts, all available facts, including facts that pertain to whole industries as well as to the particular history of an individual company.
Reliable and comprehensive statistics can be compared in usefulness to the materials for a house about to be built. If building supplies are piles of unrelated or inadequate materials, the house is likely to resemble a crazy quilt. It is only when the architect's plan is consulted that a sensible house is constructed. The same is true of statistical investigation and organization. Unless dependable, serviceable data – the building materials of risk management – are collected and correlated into a unified conception, the risk manager cannot create a coherent plan.
When useful statistics are assembled, they can be the architecture of forecasts the risk manager needs to read the future. By employing econometric models, forecasting techniques can predict risk potentials – possibilities that take into account all variables that can be discovered and ordered. Our era of volatile economic change requires sophisticated perceptions about tomorrow, perceptions that recognize the dynamics of internal and external economic conditions. These factors, put in juxtaposition, are the essence of corporate budgets.
Credible budgets for each internal operation and for a whole company demand inputs about risk probabilities. Suitable inputs consider a range of risk scenarios to hedge against unreliable expectations; however, the risk manager has a compelling obligation to identify those risk presumptions most likely to happen. He must explain risk ranges so that other decision makers can judge his perceptions and conclusions about how to shape the future favorably. Minute differences, so common to probability projections, have to be interpreted skillfully in order to build cost-benefit choices that attempt to overcome the vagaries of futures that always defy exact predictions.
The risk manager makes his contributions to choices about the future by employing actuarial methods in support of statistical verities and tested economic models developed during the planning process. Cost alternatives and appraisals of related effectiveness should be presented to fellow managers so that they understand the value of risk prevention and mitigation activities. When they see how important these efforts are, and when they share in the development of loss control, colleagues will be more enthusiastic advocates of safety programs, more certain to promote these crucial activities.
After loss prevention plans are established and expected loss outputs projected, risk managers work with their associates to determine how much risk their company can self-assume. Study of present and possible future balance sheets, examination of prospective earnings, and inquiries into capital formation plans are needed to determine what loss payouts corporate budgets can tolerate. Surprises that menace financial viability must be voided, so must less hazardous, but significant, distortions of corporate achievements.
The cost of insurance continuously influences decisions about how much risk to self-assume. Price fluctuations, a perennial reality of the insurance marketplace, can usually be predicted by sophisticated risk managers so that cost-benefit analyses can be ready to determine insurance attachment levels. When prices are cyclically low, smaller retentions may be appropriate; in times of high coverage costs, larger risk retentions may be necessary in spite of threats to earnings.
While risk management plans have almost infinite latitude for choices, there are two inviolable principles that remain in every thoughtful program: expected losses should never be insured, but catastrophe loss potentials should always be covered. The folly of trading money with insurance companies is universally recognized; however, there are too many risk management plans void of adequate protection against catastrophe exposures. The insurance press has been full of recent examples of failures to insure assets and earnings adequately. Sound risk management plans leave no survival questions.
There are, however, very complex planning problems concerning purchases of coverages between expected and catastrophe limits. Protection in this perplexing range of loss potential referred to as “working layer losses” because their impact is determined by the unpredictable financial “workings” of a business – is difficult to assimilate into precise risk management programs. Decisions about “working layer” risks depend upon too many unknown variables such as the effectiveness of loss prevention, the performance of service support functions, and actual corporate earnings. Linkages between these and infinite other factors are well understood. Risk management plans tend to err on the side of too much insurance, because the .cost of coverage is obviously the variable easiest to determine. The most creative plans dare to rationalize the inscrutable by finding ways to accommodate it to anticipated corporate results.
All risk management plans, daring or conventional, consider cash flow. Premium payment, loss payment, and loss reserving practices are universally specified in order to conserve cash. Attention is given to accounting rules and to insurance purchase methods to construct favorable flows; however, negotiation of premiums with carriers consider trade-offs that produce benefits for both transaction sides. If a carrier can gain more from a certain cash use pattern than a buyer, favorable premium adjustments can be anticipated to offset cash flow advantages the buyer loses.
When all their intentions are assembled, risk managers present business plans to top management for approval with relevant budget documents. Specific goals are articulated so there can be no questions about performance measurements. All managers respect the relationship between commitment, achievement and ultimate reward. They value this relationship, fostered by planning, because it inspires personal satisfaction and corporate progress.
After planning, the next most important function of the risk manager is organizing. He must identify and structure the capabilities needed to implement his approved risk management plan. The search for capabilities needed to make the plan work begins with assessments of duties which can cost-effectively be handled within the risk management department where direction and accountability are easiest to supervise. There are issues besides cost and effectiveness which limit recruitment of internal staff. Travel required to maintain contact with geographically spread operations plus the problem of creating enough variety of job satisfactions make building in-house departments difficult.
Risk managers accept the desirability of going outside their departments to find talents to implement plans. When there are concentrated duties concerning financial, legal or accounting tasks that can be executed in relatively short time, risk managers increasingly look for support outside their departments but inside their own companies. Viewpoints of financial people can provide insights about cash flow, insurance plan design and forecasting. Legal departments expertise can help resolve insurance contract issues, contribute to solution of claims difficulties, and avoid some impediments of government regulation. Accounting department staff can contribute tax and cost evaluations.
The advantages of using inter-departmental support should be tested to determine if brokers, consultants, carriers or independent service enterprises can do better work at lower cost. Comparisons of performance must separate service support from insurance placement to verify costs and to measure costs with achievements. The process of separation, euphemistically referred to in the trade as “unbundeling”, may or may not accomplish better staffing decisions. All services should be studied to ascertain which add fixed and which add variable expenses. When risk managers analyze expense structures, they can determine whether commissions or fees are appropriate arrangements. They can also understand the value added for the tasks assigned to outside organizations. All of these perspectives enhance the search for the best organizational system.
Salient tasks that need to be done to make the risk management plan work include loss prevention, claims management, and information retrieval. No plan will succeed unless these support services can be delivered competently. Loss prevention must include engineering plus behavioral science viewpoints to create environments where losses are less likely to happen.
Construction of internal staff and external service support is a most complicated loss control issue. There is little doubt that more attention will be directed to loss prevention structure and method in the 1980’s than to any other matter, not because of government mandates, but because of growing recognition that preventable losses are impairing investment returns more than any other risk management variable.
The search for the most cost-effective claims management and information retrieval are also matters of organizational concern. Risk managers want to be in constant touch with the most efficient claims adjusting, paying and reserving practices. By gathering pertinent data and by distributing it usefully, risk managers can build the foundation of excellent claims management procedures. They must be aware of the critical path that begins at the moment of claims incident and follows an intricate process to claims resolution.
Finding and arranging insurance capacity to cover risks is the final organization problem of concern to risk managers. Decisions about how best to accomplish risk transfer tasks require use of outside brokers who can reach all parts of the world insurance and reinsurance marketplace. Brokers can gather and spread capacity in the labyrinthian insurance market better than risk management departments or independent consulting organizations.
In his use of internal staff and outside services, the risk manager functions like a symphony orchestra conductor whose effort and vision make the noise ·of separate instrumental parts the whole of music. Unlike the conductor, who has the composer’s score and acts only as interpreter, the risk manager both composes and conducts. By bringing diverse inside and outside capabilities together to produce his plan, the risk manager orchestrates a most complex management assignment. Few managers blend such diverse and remote personnel into an organization charged with bringing about specific results.
Controls prove whether specific results happen. They are the last functions which the effective risk manager, like all his peers, must supervise. Progress must be confirmed and adjustments must be made to keep actual results in line with those planned. The real tests of managerial ability are performance relative to plan and reconciliation of the unexpected to previously prepared actions. If the future belongs to those organizations that prepare well, the ability to maximize the benefits of the future belongs to those organizations that possess proven controls.
The control process starts with the establishment of standards – standards that are realistic, measurable and understood by all internal staff and outside service people. Standards should balance short term and longer term considerations; they should be challenging; and they should fit the tasks to be done. When risk managers invite participation in the development of controls, as they do in the creation of plans, the process works best. When risk managers control the ends but not the means, the process invites creativity that invariably benefits execution.
Performance is measured against standards, and corrective action, designed to deal with deviations from standards, happens through traditional management by exception actions. In the words of a recent philosopher of justifiably limited renown: “if it ain’t broke, don’t fix it.” Controls should never be imposed when outcomes balance expectations. This principle of balanced achievement extends, of course, to risk management department budgets, the final arbiter of realized purpose
The budget is, indeed, the most important control mechanism. It should be constructed to measure all vital signs of interest to the risk manager, such as ratios of losses and premiums to sales, payrolls or profits, accident frequencies, average claims costs, expenses for internal department and external service functions. Departures from budget should be discovered, whenever possible, in advance of total expense payments. Tests should be initiated to defend against unnecessary expenses through the use of competitive bids, particularly when insurance or service support costs escalate rapidly or unexpectedly.
Effective risk managers are cautious in their use of competitive bids. Too much competition can be counter-productive by undermining the loyalty and professional commitment that fosters best performance. Risk managers guard against the unfruitful proclivity for too many or too frequent bidding games; risk managers understand how the efficiency of those invited to do constant battle is compromised.
The most appropriate times to test insurance prices are when the rate cycle turns abruptly, when a particular broker or market might not be alert to discrepancies between in-force prices and alternative available prices. Bids on support services should occur if there is dissatisfaction with performance or if costs rise faster than inflation or budget estimates. Evaluations of support service expenses should take into account the frequency and nature of inspections plus the speed and character of adjusting procedures. All changes of carriers, brokers or service organizations occasioned by competitive processes should consider the inherent cost of change. New relationships can require expensive adjustments to new people and new methods.
Another control device evident to persons knowledgeable about the insurance industry are trade meetings and business literature. They challenge the alert risk manager with provocative new information. At national, regional and local Risk and Insurance Management Society meetings, risk managers meet people with similar responsibilities who are eager to exchange ideas. These and other conferences bring people from all insurance industry disciplines together for “state of the art” reviews, for discussion about common problems for joint efforts to achieve interest group objectives, and for appropriate data sharing. Participants gain broad perspectives on every matter of concern to the contemporary professional.
Continuous study of abundant information offered in the ever improving insurance press gives risk managers similar benefits. In this age of instant communication, there are few matters of importance to those with risk management responsibilities that go unreported and unanalyzed. The conscientious risk manager spends considerable time controlling his own judgment through a thoughtful reading program. Necessary continuing education happens in these routines.
Controls are, indeed, a habit, a complex of practices to assure that risk managers get the right things done. And control practices end with periodic reports to top management about the comparison of accomplishments to expectations. Articulate progress reports are essential to communication; they should be written quarterly and supported by all facts that confirm results. Summaries of results achieved are to planning what criticism is to artistic expression – they challenge accomplishment to prove validity.
When the value of specific results is verified by higher management, the effectiveness of the risk manager will be apparent. His ability to plan, organize and control will be substantiated; his capacity for orderly, thoughtful conduct of defined responsibilities will be clear. In addition to performing the routine functions described in this paper, the risk manager must also meet deadlines, respond to emergencies, and act as spokesman for the public good. He must sometimes weigh the conflicting demands of his own company (a primary obligation) with the complex responsibilities of being a trusted member of the insurance community (a secondary concern). Failure to do all these functions makes effectiveness elusive, perhaps impossible.
Effectiveness, of course, contains a quality implicit throughout all the observations of this paper – a leadership. Because the risk manager must get things done through people, he must be able to lead. He must fit his style to each management situation, use persuasion, tolerance and judgment in all relationships. He must act like a leader by remaining somewhat aloof from his sources and even his own staff. This prescription for conduct includes a constant effort for professional growth, self control and a very supportive commitment to all the people and organizations with whom he works. Like all leaders, he must give loyalty to get loyalty.
And the effective risk manager needs economic rewards; inadequate rewards are a determent to performance. But economic advantage is not enough; the risk manager requires fulfillment and the opportunity to express personal values. By being an achieving knowledge worker, he obtains these satisfactions, as he enables the institution for which he works to harmonize its needs with his. The institution gains the discipline and foresight it wants, and the risk manager gains from his organization the values of professional expression and satisfying growth. Effectiveness becomes its own reward!