It may be the single greatest challenge risk managers face today: Getting the ear of the treasurer and the CFO as they struggle to manage skyrocketing insurance costs and a plethora of new concerns that threaten to sink bottom lines and destroy shareholder value. But the events that have made these executives' time more ious-beyond September 11, the collapse of Enron, the spate of major corporate bankruptcies and the implosion of the accounting industry-also hold the potential to awaken senior management to the importance of the long-somnolent risk management profession.
Today, risk managers can demonstrate, finally, that they are much more than the people who simply buy insurance. They can prove to senior management, boards, audit committees and institutional shareholders that they can be full partners in implementing effective enterprise risk management programs. They can prove that they are the rightful holders of that title-risk manager-at a time when almost every corporate manager, from auditors to information security executives, is glomming on to the name.
But this opportunity does not come without doubt and skeptics: Are risk managers willing to proactively-even aggressively-pursue these possibilities? Will they market themselves to the CFO, treasurer and others? How will they get these executives to sign off on their suggestions, particularly if senior management is doubtful of the risk manager's skills to accomplish the Job? In searching for that broader role, are risk managers willing to take the professional risks necessary to capture the executive attention they need?
These questions have no single answer, nor is there one agreed-upon approach to earning the regard and respect of upper management. For every theory on this subject, there is a counterpoint, for every opinion there is a dissenter. The only consenses in the risk management community is that this issue must be addressed.
Opening Doors "It's not so much that the door has been opened for risk managers," says Bradley Wood, senior director of insurance at Marriott International, Inc. in Bethesda, Maryland. "Rather, they have the opportunity themselves to open the door with the treasurer.
"Clearly treasurers and CFOs will be turning more to risk managers in the current environment," he says. "It's the risk manager's responsibility to educate the treasury leadership, to lead the discussion."
A simple assessment of the insurance market should have risk managers rushing to their bosses' doors, prepared with an understanding of the current conditions (and, hopefully, having given their bosses some previous forecasting of market directions). Although risk managers do not want to take on the responsibilities of the treasury staff, they want to be involved in company strategy. And now especially, senior executives need their help and their insurance industry relationships to get through costly premiums, the recession and new threats in terrorism and business interruption.
"With rates going up thirty to fifty percent in the past twelve months, and even more post-9/11, the CFOs and treasurers are working with their risk managers to optimize the financing of the risk," says James Swanke, Jr., a principal with Tillinghast-Towers Perrin in Minneapolis. "They know that the drivers here are the risk managers."
On the other hand, focusing just on insurance policy issues may not move the risk management discussion in the right direction.
"Post-9/11, the risk manager who is still worrying about premiums and coverage is missing a huge opportunity to show value to the company," says Richard Sarnie, director of risk management at Engelhard Corp. in Iselin, New Jersey. "So far, the focus continues to be far too much on insurance policies and language. [The risk manager] needs to stand up and say, 'I can help."'
According to Thomas Seuntjens, president of the risk consulting firm Seuntjens Associates in Wayzata, Minnesota and formerly a member of Honeywell's integrated risk program, the risk manager should be ready with solutions when the top executives give him or her the nod. "The cost of risk is putting pressure on the bottom line; it's that pressure that gives the risk managers the opportunity to take action because the CFOs and treasurers are already calling them on the carpet to do something," he says. "The fact is that the risk managers already have their attention; the opportunity's coming to the risk manager rather than the risk manager having to go after it." Overcoming Corporate Perceptions The environment might be ripe for an introduction of ideas with the CFO, and executives may be knocking on the risk manager's door, but many risk managers are still not taking advantage of the possibilities.
"There are those risk managers who know how to market themselves and those who don't," says Linda Laurel, former CEO of New Yorkbased Claims On Line, Inc., and currently a risk management consultant.
Another theory, from Seuntjens, is that risk managers are struggling with just the basics-to keep insurance costs down. To the extent that risk managers are being asked for advice from CFOs, "it's making them nervous," he says. "They're asking, `How can I manage this rising cost in the way that's expected of me?"' With the pressure rising, those who have not already created a team atmosphere find it difficult to find the time to do it now.
Another perspective, however, presents not reluctance on the part of the risk manager, but the barriers of corporate culture between the risk manager's office and that of the CFO. Although we keep hearing that corporate executives want to know more about risk management, it is possible that these same officers still hold biased views of the profession.
"Risk managers definitely have a problem," says Henry Good, director of insurance and travel at chemicals giant Rohm and Haas Co. in Philadelphia. "One of them is that nobody in the company has a clue about what insurance is all about. And a lot of corporate executives simply feel sorry for the poor guy in the insurance seat because this person has to deal with the insurance industry every day. And then there's the problem that probably half of senior management doesn't even know the insurance guy because he or she has only been there a couple of years." The reputation of the insurance market does not help the risk manager's profile either, some say. "As soon as companies file a claim, CFOs aren't sure it's going to be covered," says Good. "The CFO knows there are loopholes; so while the coverage is out there, the attitude of senior management is: `We hope we never have to use it because we don't really feel comfortable relying on it."'
Adding to the image problem are the frequent insurance contract renegotiations. 10 the CFO, this looks like the symptoms of a poor relationship between corporations and the insurance industry.
"Contrast that with some of the CFO's other relationships," says Good. "The CFO and treasurer have probably had a banking relationship that goes back thirty years. The other long-term relationship comes through the controller. The controller has probably dealt with the same external auditor for at least thirty years. Meanwhile, the risk manager is going in every year saying, `We have to put this out to bid to keep everybody honest."'
Good, for one, does not feel comfortable refuting that reputation entirely. "If I'm honest with myself," he says, "am I really going to approach the CFO and say, `The insurance industry can help you do more'? Why would I do that if I'm not sure the insurance industry won't let me down six months from now?"
To further confuse this issue, some risk managers, like Good, may not feel a true partnership with the insurance industry, while some corporate executives see an unhealthy relationship between the two.
"There are a lot of CFOs and CEOs who, even if aware of the risk management department, think that risk managers are 'bought' people," says Lamel. "That's because they see risk managers going back and forth, working not only for corporations but for the insurers and brokers themselves."
So what can a risk manager do about reversing these perceptions? Ideally, considering the preconceptions that CFOs bring to the position, risk managers are well advised to market their skills aggressively. If they do not, negative opinions about their role have a tendency to take root.
Risk managers should educate CFOs about how insurance coverage works. Let them know that coverage is available when events occur-and that because you know your job, you have put in place the best available protection for the company. Part of being persuasive in this explanation is knowing the broker's job. That way, risk managers can explain both sides of the claims process.
As for dealing with the reputation of the insurance industry-consider the fact that most generalizations are not based on individual business relationships. Many oppose the concept of putting risks out to bid each year, thus damaging individual relationships with brokers or carriers. If risk managers maintain an upstanding reputation among peers and industry partners, and work with similarly respectable brokers and insurers, they have the business relationships that their CFOs are looking for. Is It the Letters or the Language? If gaining access to upper management is a matter of reputation, getting respect might be a matter of getting the education that earns professionals those all-important letters following their name. But industry executives disagree on the need for risk managers to have an MBA.
According to Swanke's observations, many risk managers have or are pursuing an MBA. "Those that have nothing more than an insurance purchasing background are moving out of those positions because the corporation wants a broader skill set, including a broader-based financial background."
There are others who do not believe an MBA is crucial to winning the respect of others in the company. "Obviously, getting an MBA familiarizes you with finance and helps you think beyond an insurance-only mindset," says P. Jeffrey Hoke, who is about to finish an MBA program and is director of global risk management at Dayton, Ohio-based NCR. "With an MBA you can make purchasing decisions with more of a risk-financing mindset, but longer term, I don't know that it helps your career."
Wood, who does not have an MBA, is similarly skeptical. "More important is someone's overall expertise and the understanding that the risk manager has about the company's financial approach," he says.
Although the power of academic credentials is debated, few would argue against the importance of speaking the right language, i.e., the dialect of treasury management, which many risk managers lack the financial background and knowledge to speak.
"The challenge right now isn't so much about expanding the risk manager's current responsibilities but putting their existing responsibilities in the language of the CFO and treasurer," says Randy Nomes, managing director, strategic account management, at Aon Group, Inc. in Chicago. 3"Currently, risk managers think and speak primarily about cost minimization, what markets are doing and budgeting-with everything articulated in the arcane language of insurance," he says. "[They] need to start with what treasurers and CFOs think about: cash flow, liquidity, how to fund mergers and acquisitions. That's what's on their mind."
Specifically, Nornes says, risk managers must be able to see their jobs as managing volatility, and communicate their success in terms of cost minimization relative to volatility removed. "If you can't speak this new language you'll never be able to connect with the CFO and treasurer," he says.
Lamel agrees, particularly on the importance of delivering the right message, after you have finally been granted a valuable time slot in the CFO's schedule. "If you make a presentation, you must relate it to the corporation's bottom line and what the overall financial objectives of the corporation are, and how you can help make this happen," she says.
Key Issues to Discuss Let us presume, as the risk manager, you can hold your own in a financial conversation, the CFO knows you and now you have to explain to him or her the role that you can take to help protect the company and make it profitable. Choosing the essential points of discussion may be as important as getting the opportunity to discuss them. * Directors' and officers' (D&O) coverage. In late September 2001, Thomas Tizzio, senior vice chairman at AIG in New York, implied that insurers had not charged enough for DSO insurance. "The focus in 2002 will be on DSO in corporate America," Tizzio said. "This year could ultimately see a catastrophic loss in that sector." And that was before the Enron debacle. Obtaining insurance and managing this cost has become of paramount concern to senior executives and board members.
With this coverage becoming more costly and restricted, risk managers who take control of the issue have an extraordinary opportunity to make their presence known to the CFO, treasurer, senior management and board audit committee members, while making their bosses (the CFO and treasurer) look good.
Another advantage to grappling with this coverage is the potential to forge a working relationship with internal and external auditors. "Here you have an issue that falls somewhere between the risk manager and external auditor," says Laurel. "You can certainly say, `What if we have an accounting irregularity? This is something with which we have to deal and here's what we can do with damage control."' * Surety coverage. Bankruptcies and accounting irregularities are causing surety underwriters to more carefully analyze the balance sheet, particularly with respect to performance bonds.
"Sureties need to be considered in the corporation's decision-making process," says Wood. "They should be considered similar to investors: As a company, you need to provide sufficient and timely business results and outlooks to them." * Business interruption. While internal audit and information technology departments are struggling with protecting and auditing electronically communicated data, risk managers should have a role in explaining to insurers and brokers exactly what is being done to minimize hacking, cyberterrorism, loss of data and all the associated losses and potential impact on shareholder value.
This presents another opportunity to integrate risk management with audit and IT and to make them-as well as CFOs and treasurers-aware of the full capabilities of the field.
- Collateral requirements. Insurers and regulators are more closely evaluating the level of collateral required to support insurance programs. "[This] puts more pressure on risk managers to involve treasury early on," says Wood.
"There needs to be a discussion on how to minimize collateral costs and to look at alternatives."
Giving the Green Light to Risk Managers
While no CFO will deny the importance of these and other risks, the question is whether CFOs, treasurers and others will give risk executives the okay to participate in the management of these concerns.
If senior treasury executives appear reluctant to involve the risk manager in a broader role, he or she may want to go ahead and prepare alternatives for consideration anyway.
"Rather than going into the treasurer or CFO and saying: `Sorry, rates are going up,' look into solutions so you can go in and say: `We've got a hard market and here's what I did so I can hold increases to this,"' says Lamel.
Similarly, Hoke suggests that risk managers describe the current market conditions, set realistic coverage expectations from a price and term perspective, and explain what is being bought. "In terms of opportunity," he says, "I think this generates discussions that are important."
Collaborating with others-treasury, legal, auditing, human resources-may be another way to bring the CFO and treasurer around, perhaps with the ultimate result of formalizing shared responsibilities for risks.
For example, in the risk management department at Honeywell, Seuntjens was able to assume different responsibilities as a result of such teameffort approaches during the development of an integrated risk program. "When you work as teams you've got to work to understand different disciplines so you become a real partner."
In addition to insurance purchasing, Seuntjens picked up management of cash, ratings agencies and some currency risk as responsibilities-and the seeds for the integrated risk program were planted. "The traditional risk management function was made part of treasury, with positions rotating," he says. "I can't think of any better way of becoming equals than to participate and share functions."
A similar approach has worked for Hoke. For the past eighteen months, NCR has had a formal risk identification process involving senior managers throughout the company where specific owners are assigned to individual risks. "One of the goals of risk managers should be to create a risk mindset within the organization," he says. "This is valued very highly today by CFOs and others because if something goes wrong, it impacts the bottom line."
Whether you plan to implement an enterprise risk management program, or educate the company about the importance of risk management, attention and dedication from the CFO and other top executives is essential. "If not," says Hoke, "you won't have the urgency you need because it becomes just another thing you're dealing with."
Given the opportunities now available to grab that attention, risk managers must step out of their old roles, and fight against undeserved biases. The ideal risk manager should be a visionary who deals with the what-ifs, but this theory does not work without credibility within the organization.
"For years risk management has functioned as something of a black box," says Seuntjens. "Now CFOs are coming back and asking: `Do I have the right talent and expertise?"'
By whatever manner best fits you and your company, be prepared to say, "Yes."
How much do degrees and credentials really mean for risk management respect? Reader Forum at rmmag.com
Lawrence Richter Quinn is a Chicagobased freelance writer.
Lawrence Richter. Quinn ("Get Respect from Your GAO," p. 12) is a Chicago-- based freelance writer specializing in property/casualty insurance investment and rise management issues.