Sharing Knowledge and Experience
While attending San Diego RIMS 2016, I met a lawyer who had been appointed risk manager for her company. I told her that involving myself with RIMS and professional risk management organizations was instrumental in my personal and professional development.
Risk managers who are new to the function or wish to develop their skills may see the same benefits I did.
I attended a chapter meeting and was hooked! I served on chapter committees. I applied to speak at RIMS national and Canadian conferences. I took advantage of RIMS’ new officer training.
I then served on RIMS national education and conference committees. This gave me a broad view of the spectrum of issues important to risk managers as well as some effective ways to respond.
I was invited to serve on RIMS executive council as treasurer (two terms), VP conference, first VP audit and investments, president and past president.
During this time, I received invaluable executive training on many topics that help me in my professional career, including media, nonprofit board operations, budgeting, public speaking, dispute resolution, and so much more.
I learned from the best – my risk management colleagues and expert RIMS staff.
I also had the pleasure of serving on the Spencer Education Foundation Board and the International Federation of Risk and Insurance Management Associations (IFRMA). Representing RIMS worldwide, I traveled to Britain, France, Tasmania, and Japan, and attended chapter meetings and conferences throughout Canada and the U.S.
Getting Company Support
Getting the support of my company was very important. I took great care to ensure the senior executives understood and supported my involvement. I completed a trip report for every meeting … detailing location, attendees and agenda. I sent it to my director, CFO and board chair. These reports helped demonstrate the value of participation and the lessons I learned.
I used vacation and overtime to offset time out of office.
I copied every magazine article that named my employer, highlighting the publication and reference, and sent it to my CFO, board chair and mayor of Kitchener, Ontario. I facilitated greetings between the mayor and officials in Japan, which helped substantiate the benefit of RIMS membership and participation.
My involvement with RIMS enabled me to meet many influential people including Gen. Colin Powell, Sen. Robert Kennedy Jr., Lord Peter Levene, former chairman of Lloyd’s, U.S. Rep. Newt Gingrich, and U.K. Prime Minister John Major … to name a few.
Some other highlights included:
- Socializing with some of the most senior insurance industry executives during a private, no-agenda breakfast at the Saint Regis Hotel in New York;
- Meeting New York Insurance Commissioner Greg Serio during the contingency fee controversy;
- Joined other risk managers for “RIMS on the Hill” in Washington to meet with U.S. senators and representatives;
- Dined with representatives of the (then) newly formed Department of Homeland Security; and
- Was the first woman and first risk manager to ever be invited to speak on a panel with Lord Levene.
These experiences gave me more insights and connections than I ever imagined. My advice for those entering risk management is to get involved with professional organizations. Get to know your risk management colleagues. Volunteer on a committee, or moderate or speak at a conference. Share experiences and put the best of them to use in your own organizations.
Manage Expectations, Manage Reputation
The art of managing reputation risk really comes down to shaping the expectations of shareholders, customers, vendors, creditors and investors.
“Not an easy thing to do,” said Nir Kossovsky, chief executive officer, Steel City Re, speaking at the annual RIMS conference in San Diego on April 12.
“Managing expectations involves behavioral economics – shaping what people expect from you and then meeting those expectations.”
He said expectations typically revolve around six key areas: safety, ethics, quality, security, sustainability and innovation. Failing to meet any of those expectations creates vulnerability for a company, opening up an opportunity for shareholders or special interest activists to come after the board of directors as the culpable party.
Increasingly, directors and officers are the true casualties of reputation damage.
Dissatisfied customers or partners know that “the court of public opinion is much more effective than the court of law,” Kossovsky said, so they will bring allegations against the board and force a public response.
“Managing expectations involves behavioral economics – shaping what people expect from you and then meeting those expectations.” – Nir Kossovsky, chief executive officer, Steel City Re
The best way to mitigate reputation risk, then, is to proactively communicate the board’s awareness of a company’s exposures, and acknowledge its duties to deliver on expectations related to the six key areas.
“Communication is critical,” said Todd Marumoto, director of risk management, Mattel, Inc. “There needs to be some sense of a plan for how the board will respond to a reputation event.”
Without a quick response, the silence is filled by the white noise of unsubstantiated opinion, Kossovsky said. That weakens the board’s credibility.
“Facts are available without much of a down payment. Allegations brought against the board don’t necessarily have to be true and can’t always be validated.”
Conflicting expectations make reputation risk management even harder.
Customers expect, for example, near impossible standards of quality and customer service, while shareholders expect strong profit and growth, and creditors expect swift payment.
While many believe that marketing and press coverage can be the tool for the messaging needed to mold expectations through public perception, the most effective way to mitigate reputation risk is through enterprise risk management that strives for excellence, the speakers said.
In other words, expectations should be set by a company’s performance.
Kossovsky offered the example of BP, which claimed to be “beyond petroleum.”
Despite impressive initiatives to use cleaner energy, BP was still, in fact, heavily reliant on petroleum. The Deepwater Horizon spill of 2010 sparked so much anger because people expected BP to be above such environmentally dangerous accidents.
ExxonMobil, on the other hand, acknowledged to its shareholders that a spill was always a real threat, but demonstrated the steps it was taking to minimize the risk. Shareholders thus had more realistic expectations of the company and are harder to disappoint.
Presenting to the C-Suite
Risk managers can bring the importance of reputation risk to the C-suites’ attention by demonstrating its financial impact.
“Expenses could come from having to replace a vendor, from a government penalty, litigation and class action lawsuits, or having to implement a new management process,” Marumoto said.
Overall, costs associated with remediating a reputational event can be two to seven times higher than costs related to the operational failure that caused the reputation damage in the first place.
“With reputation risk, it’s not always about right or wrong, but about getting the right outcome to satisfy shareholders and customers.” — Todd Marumoto, director of risk management, Mattel, Inc.
“It affects every line item of the P&L,” Kossovsky said.
The impact on D&O effectiveness will also certainly grab senior management’s attention.
“A typical board member makes about $250,000 per year to sit on the board for a term usually of about three years, and he’s usually sitting on three different boards,” Kossovsky said.
“He’s looking at a personal loss of over $2 million” if a reputational hit leads to him being asked to step down from those boards.
According to Marumoto, risk managers can influence outcomes of a reputational event by working internally with investor relations and marketing to ensure the company is sending a consistent message, and to develop a coordinated response plan.
“Ultimately, you have to be responsible for all things that pass in front of you,” he said. “Partner with vendors you trust, be transparent in your efforts to mitigate risks, and develop relationships with government agencies.
“With reputation risk, it’s not always about right or wrong, but about getting the right outcome to satisfy shareholders and customers.”
Your Workers’ Safety May Be at Risk, But Can You See the Threat?
Deadly violence at work is covered extensively by the media. We all know the stories.
Last year, ex-reporter Bryce Williams shot and killed two former colleagues while they conducted a live interview at a mall in Virginia. In February of this year, Cedric Larry Ford opened fire, killing three and injuring 12 at a Kansas lawn mower manufacturing company where he worked. Also in 2015, 14 people died and 22 were wounded by Syed Farook, a San Bernardino, California county health worker, and his wife, who had terroristic motives.
Active shooter scenarios, however, are just the tip of the iceberg when it comes to violence at work.
“Workplace violence is much broader and more pervasive than that. There are smaller acts of violence happening every day that directly impact organizations and their employees,” said Bertrand Spunberg, Executive Risks Practice Leader, Hiscox USA. “We just don’t hear about them.”
According to statistics compiled by the FBI, the chance that any business will experience an active shooter scenario is about 1 in 457,000, and the chance of death or injury by an active shooter at work is about 1 in 1.6 million.
The fact that deadly attacks — which are relatively rare — get the most media attention may lead employers to underestimate the risk and dismiss the issue of workplace violence as media hype. But any act that threatens the physical or psychological safety of an employee or that causes damage to business property or operations is serious and should not be taken lightly.
“One of the core responsibilities that any organization must fulfill is keeping employees safe, and honoring that duty is becoming more challenging than ever,” Spunberg said.
“Workplace violence is much broader and more pervasive than that. There are smaller acts of violence happening every day that directly impact organizations and their employees. We just don’t hear about them.”
— Bertrand Spunberg, Executive Risks Practice Leader, Hiscox USA
Desk Rage and Bullying: The Many Forms of Workplace Violence
Bullying, intimidation, and verbal abuse all have the potential to escalate into confrontations and a physical assault or damage to personal property. These violent acts don’t necessarily have to be perpetrated by a fellow employee; they could come from a friend, family member or even a complete stranger who wants to target a business or any of its workers.
Take for example the man who killed three workers at a Colorado Spring Planned Parenthood in April. He had no affiliation with the organization or any of its employees, but targeted the clinic out of his own sense of religious duty.
Companies are not required to report incidents of violence and many employees shy away from reporting warning signs or suspicious behavior because they don’t want to worsen a situation by inviting retaliation. It’s easy, after all, to attribute the occasional surly attitude to typical work-related stress, or an office argument to simple personality differences that are bound to emerge occasionally.
Sometimes, however, these are symptoms of “desk rage.”
According to a study by the Yale School of Management, nearly one quarter of the population feels at least somewhat angry at work most of the time; a condition they termed “chronic anger syndrome.” That anger can result from clashes with fellow coworkers, from the stress of heavy workloads, or it can overflow from family or financial problems at home.
Failure to recognize this anger as a harbinger of violence is one key reason organizations fail to prevent its escalation into full-blown attacks. Bryce Williams, for example, had a well-documented track record of volatile and aggressive behavior and had already been terminated for making coworkers uncomfortable. As he was escorted from the news station from which he was terminated, he reportedly threatened the station with retaliation.
Solving Inertia, Spurring Action
Many organizations lack the comprehensive training to teach employees and supervisors to recognize these warning signs and act on them.
“The most critical gap in any kind of workplace violence preparedness program is supervisory inertia, when people in positions of authority fail to act because they are scared of being wrong, don’t want to invade someone’s privacy, or fear for their own safety,” Spunberg said.
Failing to act can have serious consequences. Loss of life, injury, psychological harm, property damage, loss of productivity and business interruption can all result from acts of violence. The financial consequences can be significant. In the case of the San Bernardino shootings, for example, at least two claims were made against the county that employed the shooter seeking $58 million and $200 million.
Although all business owners have a workplace violence exposure, 70 percent of organizations have no plans in place to avoid or mitigate workplace violence incidents and no insurance coverage, according to the National Institute for Occupational Safety & Health.
“Most companies are vastly underprepared,” Spunberg said. “They don’t know what to do about it.”
Small- to medium-sized organizations in particular lack the resources to develop risk mitigation plans.
“They typically lack a risk management department or a security department,” Spunberg said. “They don’t have the internal structure that dictates who supervisors should report a problem to.”
With its workplace violence insurance solution, Hiscox aims to educate companies about the risk and provide a solution to help bridge the gap.
“The goal of this insurance product is not so much to make the organization whole again after an incident — which is the usual function of insurance — but to prevent the incident in the first place,” Spunberg said.
Hiscox’s partnership with Control Risks – a global leader in security risk management – provides clients with a 24/7 resource. The consultants can provide advice, come on-site to do their own assessment, and assist in defusing a situation before it escalates. Spunberg said that any carrier providing a workplace violence policy should be able to help mitigate the risk, not just provide coverage in response to the resultant damage.
“We urge our clients to call them at any time to report anything that seems out of ordinary, no matter how small. If they don’t know how to handle a situation, expertise is only a phone call away,” Spunberg said.
The Hiscox Workplace Violence coverage pays for the services of Control Risks and includes some indemnity for bodily injury as well as some supplemental coverage for business interruption, medical assistance and counseling. Subvention funds are also available to assist organizations in the proactive management of their workplace violence prevention program.
“Coverage matters, but more importantly we need employees and supervisors to act,” Spunberg said. “The consequences of doing nothing are too severe.”
To learn more about Hiscox’s coverage for small-to-medium sized businesses, visit http://www.hiscoxbroker.com/.
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Hiscox USA. The editorial staff of Risk & Insurance had no role in its preparation.