Republished with the kind permission of Insurance Day.
There are many emerging risks on the horizon that are keeping c-suite executives and risk managers awake at night such as Climate Change, Cyber, and Artificial Intelligence. Many of these risks are either currently uninsurable to any great extent or risk becoming so as underwriters shy away from the increasingly unknown, and those risks which are outside their experience.
The big concern however, should not be the cause of the next great event to knock a hole in the balance sheet, but how organisations plan to deal with the consequences of such an event. The risks that are considered emerging are those most likely to be systemic in nature, whereby whole ecosystems are impacted as a result of one or a cascading series of events. These risks are ‘connected risks’ and it is the interconnected nature of today’s business environment that makes them so threatening.
However, by modelling and keeping abreast of their own connected ecosystem, organisations stand a good chance of being able to lessen the impact when such connected events materialise and can take steps to mitigate those risks.
Knowing who the actors are in your ecosystem, being able to understand the interrelationships between them, and therefore their interdependencies together with each parties strengths and weaknesses, allows for a myriad of scenarios to be played out and understood.
This all sounds well and good but, gathering and marshalling that information can be complex in itself.
First of all, a corporate risk manager needs to understand his own business and stay on top of the strategic direction of the company. In an operation that grows through regular M&A this can be a never-ending challenge, but it needs to be done. It also demands far more interplay between functions within the business, especially where risk management itself has been split into silos of enterprise, operational and insurance risk that may not be communicating with each other.
Secondly, the risk manager needs to gain an oversight of how the business interacts with the outside world to be able to model those risk-based scenarios. Much of this data is increasingly available either through data vendors or in the public domain, and although it tends to be related to major companies, major trade zones or at country level, it is at the macro-level that the balance sheet is likely to be most impacted.
Where to start? By way of an example, consider reputation which could be impacted by one or a number of the emerging risks and which is increasingly taking top rung on the corporate risk ladder. Rather than study the myriad likely causes and try to trace them all to their likely source, instead, consider the major consequence of a reputation event happening - a fall in share price and /or loss of revenue. Now consider what another company would want to know about your business if they were going to offer to transfer that risk onto their own balance sheet.
This is not so different to the thinking that must have gone through the minds of the businessmen gathered in Edward Lloyd’s coffee house in the 17th Century. A shipowner was sending his vessel on a trading voyage where it would experience a number of perils, but what he wanted was someone to insure the consequence or his ship failing to return safely. Despite the almost complete lack of information available at the time, there were underwriters willing to rise to the challenge. What they of course wanted to know was that the business was bona fide, the ship was sound, the captain was trustworthy and that the voyage had a clear plan. Not so very different from what an underwriter would expect from a business he or she was willing to cover from a reputational aspect. Now try the same exercise with the other risks in your corporate stack not forgetting to see where these risks also correlate and connect.
Many risk managers are now considering this approach and looking at data to help them model scenarios to provide an understanding of consequence. Those risk managers that have captive insurance companies are also looking to make more innovative use of these to move more strategic risks off the balance sheet, and into a vehicle that harbours the corporate risk appetite, supported by excess and aggregate layer coverages underwritten by (re)insurers and other financial markets. How successful this approach will be is dependent on the willingness of insurer management to provide the capacity required. Perhaps it needs another Edward Lloyd’s coffee shop moment, where the insurance community steps back from the complexity it has created over the past centuries, and looks again at what the underlying need is, and responds accordingly.