Nonprofits are keen to manage their reputational risks, but few have dedicated risk managers to ensure that their interests are protected.
U.S. nonprofit organizations often lack dedicated risk managers and appear to be under-buying insurance, according to a survey by an insurance brokerage firm. But boards of directors frequently pick up the slack by questioning limits, coverage amounts and vulnerabilities.
Entities also are thinking more strategically and, like their publicly traded partners, are investing in enterprise risk management.
The Nonprofit Risk Survey, released in June by insurance brokerage firm Crystal & Co., found that only 22 percent of nonprofit organizations, hampered by the economic downturn and tight budgets, have dedicated risk managers.
For the majority of organizations surveyed, responsibility for corporate risk and insurance was handled by the entity's finance team, human resources, operations or legal departments.
The study also found that organizations are buying the minimum coverage and may not be adequately protecting themselves. The majority of respondents noted that annually they spend less than 0.25 percent of revenue on corporate insurance. For adequate coverage, the percentage should be closer to 1 percent, the survey said.
Jason Tharpe, an Aon Affinity vice president in Washington, D.C., who works exclusively with nonprofits across the country, said that larger nonprofits, along the lines of the YMCA, are organizations that would be most likely to have a risk manager. Larger health-focused programs, such as nursing homes, he added, also typically employ risk managers.
The vast majority of nonprofits, however, are smaller than the $20 million threshold and "there's no doubt about it, none of them have [dedicated] risk managers," said Tharpe.
That puts boards of directors of nonprofits in a key role in insurance buying. CEOs and CFOs are often asked about insurance coverage by their boards, who want to know if the entity is insured to adequate limits.
"The board is pushing down on them to ask the proper questions in those smaller organizations without risk managers," he said.
Smaller organizations with more liability exposure, "are buying professional liability, which is usually wrapped up with their general liability insurance -- and that they are pretty cognizant of," Tharpe said.
He added that recent headlines, such as the Sandusky case at Penn State University, have caused organizations to look more carefully at what they may and may not be covered for.
Carol Fox, director of Strategic and Enterprise Risk Practice for the Risk and Insurance Management Society, said nonprofits are becoming more mindful of their reputations and are thinking strategically about their organizations.
"Enterprise risk management (ERM) is just beginning to 'get legs' at nonprofits," which are beginning to "play catch-up to publicly traded companies," she said.
Fox said that boards of larger organizations are also becoming more supportive of hiring risk professionals, "because they have more than just insurance to worry about."
"From those I've talked to," she said, "their reputation drives whether or not they will get funding from their donor base and whether they are able to reach out to the communities they are trying to serve."
September 15, 2013
Copyright 2013© LRP Publications