Risk Manager Focus

Meshing Distinct Viewpoints

Procurement and risk management must partner together to help their organization grow, but in some companies, they rarely even talk.
By: | June 1, 2015 • 12 min read

Marilyn Rivers, director of risk and safety, City of Saratoga Springs

Several years ago, Whirlpool decided it could save 75 cents per unit if it outsourced the production of dishwasher water seals to a Chinese supplier. The annual savings were projected at more than $2 million.

But soon after the arrangement was made, the Chinese manufacturer changed to a different rubber supplier, causing a failure rate of nearly 10 percent, according to “Managing Risk in the Global Supply Chain,” a study by the Supply Chain Management faculty at the University of Tennessee.

Advertisement




By the time Whirlpool discovered the problem, more than 2 million dishwashers had been produced with the leaky seals and about two months’ worth of supply was in transit. The oversight cost the company millions — destroying the realization of projected savings for more than three years.

The study listed the example as one of the multitude of risks that can occur in supply chain management. And it’s an example of how risk management could have helped avoid the problem altogether.

In the most effective companies, risk management and procurement work together to ensure both the cost and quality of supplies and vendors, as well as proper risk transfer.

When those functions do not align, the organization suffers. That suffering may take the form of safety violations, product recalls and reputational loss, among other exposures.

But it’s not possible for procurement and risk management — organizational functions with two distinct viewpoints — to always agree. In some organizations, they rarely even communicate. It is possible, however, to build a relationship that allows the organization to prosper without undue risk.

Underlying the relationship should be a common mission of focusing on the organization’s goals as a whole, experts said.

Brian Merkley, global director of corporate risk management, Huntsman Corp.

Brian Merkley, global director of corporate risk management, Huntsman Corp.

“Risk management and procurement are partners in helping to grow the business and at the same time, growing the balance sheet,” said Brian Merkley, global director of corporate risk management at Huntsman Corp., a Salt Lake City-based global chemical manufacturer.

When he first joined Huntsman about 10 years ago, he worked with procurement and legal to develop a contractual risk transfer strategy document, which was “my first introduction to the procurement team and the processes they used. I found a good working relationship with them and it continues today.

“Cultivating a strong relationship with procurement is critical,” he said, noting that there is a constant challenge to make smart risk/reward decisions — balancing price against the potential exposure.

“Risk management and procurement are partners in helping to grow the business and at the same time, growing the balance sheet.” — Brian Merkley, global director of corporate risk management, Huntsman Corp.

Over the years, his department has provided important guidance to refine standards and strategies for procurement that include performance expectations of contractors, indemnity language, and insurance requirements, among others. It also has helped to develop a process to qualify various contractors that meet risk management and procurement’s standards so operations can run smoothly.

Contracts and insurance provisions can’t be reviewed in a vacuum, Merkley said, but have to include scope of work, indemnity, and relationships or prior experience with the parties. “We are going to insist on certain levels of protection based on the type of work,” he said.

Stumbling Blocks

In many organizations, risk managers are not in a position to influence procurement or supply chain decisions. They either don’t have the buy-in of the senior leaders of the organization, don’t have effective channels to collaborate on such decisions, or they don’t have sufficient understanding of the organization’s strategies and goals to provide effective input into procurement activities.

Advertisement




Gary Lynch, CEO and founder, The Risk Project, and a former global practice leader for Marsh, said that over the years he has been “shocked at how little the risk management community knew about the operations of their business. They knew how they made money, but they didn’t know who contributed to bringing value to the market.

“The majority of risk managers that I have worked with don’t have the opportunity, don’t have the capability and don’t have the value to really support [procurement or supply chain decisions]. Those are the three stumbling blocks,” he said.

The same can also be said for many supply chain professionals. According to the University of Tennessee study, most of them have little expertise in insurance products. Nor do they understand many of the potential claims issues — or the insurance programs that are available to protect them.

In the study, insurance ranked dead last in a list of 10 risk mitigation strategies to protect supply chains — ranking 4.5 out of 10. The top strategy was “strong suppliers,” ranking 7.5 out of 10.

“I think there is a lot of disconnect with folks between procuring and supply chain, and the risk management function,” said Mark Robinson, vice president of global operations at UPS Capital, which offers supply chain finance and insurance services. “In my mind, they don’t talk very much.”

There are some risk managers, however, who are able to add value to the procurement process. The words that keep coming up in conversations with them are “relationship” and “partnership.” Risk management and procurement work best together, they said, when both functions keep the organization’s strategic goals top of mind.

Robinson said the visibility of catastrophic events, targeted thefts and the larger size of container ships has heightened awareness of cargo, trade disruption and cyber risk insurance. From 2011 to 2013, the global cargo insurance market increased from $17.2 billion to $18.2 billion, about a 6 percent increase. And the U.S. market is increasing faster than the global market, he said.

The City of Saratoga Springs, N.Y., operates under regimented bidding processes. But even as the city is required to take the lowest bidder, it must ensure that it hires the lowest “responsible” bidder.

“Sometimes, folks give outlandishly low-priced bids,” said Marilyn Rivers, Saratoga’s director of risk and safety. “We structure it so that when we send out a request for quotes or a request for proposal, we place in the language that anyone chosen has to meet all of the requirements and has to be qualified.”

That means vendors or suppliers have to submit a certificate of insurance, execute the city’s “risk and safety agreement” and a “vendor code of conduct” as well as have sufficient prior experience and the ability to complete a project within the set time frame, among other requirements.

“We are always cognizant of the cost, but we must ask, ‘What is the benefit to the public versus the cost, because tax dollars are being used for those projects,’ ” she said.

Plus, Rivers said, the city must “look at the totality of how it impacts the community. … We can’t just slice up a roadway.”

Building Bridges

At Sodexo Inc., which has 8,000 food suppliers and 25,000 non-food suppliers, Peter Rosiere, vice president, risk management, created a new position — supply risk analyst — to more fully bring the risk perspective to the supply chain team.

Peter Rosiere, vice president, risk management, Sodexo Inc.

Peter Rosiere, vice president, risk management, Sodexo Inc.

“One primary reason we created the new position was to develop that communication, linkage and a balance point between the two groups,” he said. “The groups tend to spin in different orbits. What we are trying to do is build a bridge. We have a good bridge. We want to make it even better.”

Evelyn Joe, who holds that new position, said her primary goals are communication, education and collaboration, trying to find the “best working relationship that meets the needs of the company and each team.”

It’s necessary, she said, to understand the other group’s needs and goals while sharing with them the needs of risk management “so we are not talking apples and oranges, so we understand the foundation. … We have worked extremely hard to become part of the supply management process.”

Advertisement




Sometimes, she said, procurement will seek approval of a supplier that does not comply with the department’s insurance requirements or standards. In such cases, procurement and risk management work together, along with legal, to research the organization and find a solution.

“That’s when I’ve been pleasantly surprised because of the constant relationship-building and education with supply management that they completely understand,” Joe said. “The supply manager understood why we couldn’t change our risk management requirements. It’s our job to help our client understand why we have the high standards we do, for both brand and customer protection.”

Opening the channels of communication is, obviously, the first step to creating or enhancing that relationship.

For Dwayne Eastwood, risk manager, McCoy’s Building Supply, it can mean walking around the office with a cup of coffee and asking, “What’s up? What’s the latest? Are you thinking about safety and risk management and contractual arrangements?

“It’s just getting in front of people for a couple of minutes and talking it up. You have to be involved early on. It’s critical.”

But it’s not just asking, he said. It’s also about following up on what is heard by “pointing out and illustrating what the risks are. …Credibility is paramount.”

Credibility matters because the ultimate decision is not within risk management’s control, he said.

“When you step into their world and you point out and illustrate what the risks are, they make the decision for the company that this risk is or is not acceptable. It’s everybody else who makes those decisions,” Eastwood said.

When he explains why a proposed plan “is not really a good idea, most of the time, they will go along with us. They don’t necessarily want to go against the grain. They take our advice most seriously,” he said. “That’s good, and I think credibility is where you get that from, and a proven track record.

“In the beginning, there were a lot of ‘a ha’ moments. It was really up to me and others to educate them that we needed to be involved on the front end. They didn’t ignore it; they just didn’t consider it. When they realized the risks and possible loss of life or big dollar amount lawsuits and what that could look like it was, ‘oh OK.’ ”

Using claims data in such conversations “speaks volumes,” he said. “I’m a huge fan of using loss history to evaluate the risk, frequency and severity, both.”

Eastwood’s colleague, Kevin Shute, director of merchandising-hardlines and merchandising operations, said that the partnership between his function and risk management has over the years “moved from a reactive to a proactive situation. … We like to think that the key to our interconnectedness or connectivity is we know each other personally.”

Shute said that when his team finds a new product from one of its 1,400 vendors, such as virgin sulfuric acid, which is “powerful, powerful stuff,” his team will work with risk management to review all of the processes, packaging, paperwork and safety training and product handling issues.

In another situation, when McCoy’s recently launched a propane tank exchange, the two teams “worked from cradle to implementation” through the contracts, insurance, permitting, vendor and store compliance, employee training, and all other aspects to eliminate any potential liability issues, Shute said.

“We typically don’t look at [risk mitigation efforts] as a problem,” he said. “We look at it as that’s what we have to do to protect our assets.”

Envisioning Risks

It can sometimes be difficult to clearly understand what protection is needed when a catastrophic exposure hasn’t yet occurred, said UPS Capital’s Robinson.

For example, he said, he knows one pharmaceutical company that used to ship $20 million worth of inventory from its location in one truck to an airport 30 miles away every day. From there, it would be divvied up to be transported by plane to various locations.

Advertisement




While the company had claims after the inventory had been brought to the airport and transported, it never had a catastrophic loss related to the 30-mile truck journey. “Can you envision the scenarios? An accident? Being hijacked? Some problem where you lose the whole load?” he asked.

The company had $1 million in coverage for that $20 million load, he said, noting that a conversation ensued with the company about the plausibility of such a loss and how it could protect itself.

A good time for risk managers to begin expanding their partnership with procurement is when contracts are annually reviewed and renewed.

Requiring suppliers or service providers to carry insurance may not adequately protect a company from substantial losses, Robinson said. A major incident could push a supplier into bankruptcy, or a policy’s terms and conditions may not be conducive to compensating the company for its loss -— at least not without a lengthy court battle.

“The groups tend to spin in different orbits. What we are trying to do is build a bridge. We have a good bridge. We want to make it even better.” — Peter Rosiere, vice president, risk management, Sodexo Inc.

It’s not just whether insurance coverage will adequately protect the company. Much of the work risk management must do deals with business continuity planning. Is there resilience in the supply chain for all tiers of suppliers, inventory, labor and transportation? Is there a worrisome geographic concentration? Is there the potential for natural disaster or political upheaval? Is there an acceptable tradeoff between risk and reward?

“The reality,” Sodexo’s Rosiere said, “is that an organization cannot operate without supplies, be it for raw materials or services. But a company cannot operate without good risk transfer. This is not the case with Sodexo, as strict supplier insurance/risk transfer requirements are in place. There has to be an understanding of where the functions rest within the priorities of the organization.

“Sodexo’s awareness of the risk and the partnership with our supply management teams is a key aspect of our growth and culture.”

A lot of it comes down to how decisions affect the company’s margins, said The Risk Project’s Lynch.

When risk managers seek to manage compliance issues or ensure additional capabilities, they are introducing cost into the equation, he said.

“It’s clear to me that these folks have to navigate risk, and not manage it. … You have to manage to the margins,” he said. “Risk management has to be done within the context of the operation’s margin.”

“It’s looking at the totality of the risk,” Saratoga Springs’ Rivers said. “It’s looking at the total risk the project entails and how that project impacts the community, the business or employees, and what an entity, whether public or private, needs to do so it can mitigate risk so it can be successful and the entity doesn’t lose money on it. … The procurement standard should be dovetailed to the project.

“The goal of all risk management is empowering people. It’s a partnership that allows that empowerment but gives the opportunity to know when to ask more questions. … It’s achieving goals cost-effectively but not endangering the health and welfare of employees or the community in the process.”

Regular education and training are crucial, Huntsman’s Merkley said.

“We are all trying to grow the business in an appropriate way and safeguard the balance sheet from making bad bets, and it’s crucial we partner together in doing that.

Advertisement




“The best starting place is to develop personal relationships with the procurement management team, and secondly, you have got to do a lot of work to prove yourself as a reliable subject matter expert. When they come to risk management and look for guidance around insurance language, you have got to back it up.”

Anne Freedman is managing editor of Risk & Insurance. She can be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

Risk Manager Focus

Better Together

Risk managers reveal what they value in their brokers.
By: | June 1, 2017 • 11 min read

Michael K. Sheehan, (left) Managing Director, Marsh and Grant Barkey, Director of Risk Management, Motivate International Inc.

Ask a broker what they can do for you and they will tell you. But let’s ask the risk manager.

What do risk managers really need in a broker? And what do the best brokers do to help risk managers succeed in their jobs?

Chet Porembski, system vice president and deputy general counsel, OhioHealth Corp.

Risk managers say it’s a broker who helps them look knowledgeable and prepared to their bosses. It’s someone who sweeps in like a superhero with an ingenious solution to a difficult problem.

Risk managers want to see brokers bring forth better products year after year. They want a broker who shows up at renewal time with new ideas, not just a rubber stamp.

Great brokers embed with the risk management team and learn everything they can about the company and its leaders. They help risk managers prepare and keep tabs throughout the year on changes at the organization with an eye towards planning the future.

“There’s the broker that sees themselves as just a hired ‘vendor,’ or I should say, somebody that basically just does the job at hand,” said Chet Porembski, system vice president and deputy general counsel at OhioHealth Corp.

“And then there’s the broker that views themselves very much as a business partner.  They truly bring added value to the relationship.”

These brokers look at the tough issues the risk manager is facing and bring in the resources to try to help their client in ways even the client might not have thought about yet. They also do advanced planning that makes the risk manager’s job easier when a problem arises.

“That’s the kind of broker I want.” Porembski said.

And that’s the kind of broker many risk managers need more than ever.

“The only way that the relationship is going to be successful is if you build a tremendous amount of trust.” — Frances Clark, director of risk management and insurance, Sentara Healthcare

That’s because risk managers are under increasing pressure these days. They carry more weight as corporations shrink their departments to cut costs.

Advertisement




Climate change, cyber threats and geopolitical shifts are turning what were once unthinkable losses into risks that are almost commonplace. And this is all happening in an under-insured risk environment, according a study by PwC entitled Broking 2020: Leading from the Front in a New Era of Risk.

Thankfully there are good brokers out there, risk managers say, who can bring more value to a client today than ever before and help ease that fear.

Brokers — the traditional intermediary in the risk transfer chain — do in fact have a tangible and growing role in developing viable and innovative solutions for the risk manager, according to PwC’s study.

They are the “global risk facilitation leaders.”

“[Whatever] organizations are doing in the short term — be this dealing with market instability or just going about day to-day business — they need to be looking at how to keep pace with the sweeping social, technological, economic, environmental and political (STEEP) developments that are transforming the world,” PwC said in the report.

Advisors That Are Getting It Done

Cyber risks are just one growing challenge that all organizations grapple with.

Frances Clark, director of risk management and insurance at Sentara Healthcare, remembers when her broker first suggested that she hold a leadership tabletop cyber drill.

Clark said her broker kept saying, “I know this is going to be a painful experience, but you are going to come out so much better in the long run.”

Frances Clark, director of risk management and insurance, Sentara Healthcare

Her broker was right, and went so far as to help arrange a system-wide drill that included representatives from the legal, finance, security, communications, marketing and medical teams.

They reviewed the many ways a cyber attack can happen and then practiced a response.

“We benefitted greatly from that exercise,” Clark said.

When Doctors on Demand developed a telemedicine app to offer mental health services through mobile devices, the company ran up against insurance limitations across state lines. All states require that the physician giving the advice be licensed in the same state where the patient is located.

The concern was for patient encounters where the patient actually crossed state boundaries during the encounter, due to the utilization of a mobile phone. The patient may have started with a properly licensed physician in the original state, but then crossed into a neighboring state where the physician was not licensed.

Larry Hansard, a regional managing director at Arthur J. Gallagher & Co., and a 2017 Power Broker®, worked to secure medical professional liability coverage without the traditional licensure exclusions placed on medical professionals by insurance carriers.

Advertisement




The initiative he helped develop actually changes how health care can be delivered to patients. It allows the emerging telemedicine sector to now offer services around the world.

Two-thirds of the risk managers in the PwC Broker 2020 survey labeled their brokers as “trusted advisors.” But the same survey found that some participants see their broker as more of a straightforward service provider rather than as a source for solutions.

The survey results indicate there is plenty of room for brokers to bring more value to clients.

OhioHealth’s brokers meet each year with OhioHealth’s risk management team to review insurance coverages.  And when the health system holds quarterly risk management retreats, the brokers attend. They bring with them education and insights on a broad range of topics, from property insurance markets to cyber solutions.

Porembski’s brokers also collaborate with the risk managers when there’s an upcoming presentation on risk issues to senior management. Sometimes the brokers help prepare the presentation, he said.

“We end up looking exceptionally good to our senior leaders and our board,” he said.

Involving the broker in interactions with leaders outside the traditional risk management team has benefits beyond selling products, he said. It extends the relationship circle.

Clark tries not to think of her brokers as outside vendors just providing a service. She wants them to be as committed and knowledgeable about the organization as she is.

“The only way that the relationship is going to be successful is if you build a tremendous amount of trust,” Clark said.

“You have to be completely open and honest about everything, no matter how bad it is, or how bad it may look to the market or underwriters.”

“Once you establish that trusting relationship, I think everything else falls into place,” she adds.

Sentara underwent significant growth recently, acquiring five hospitals in about six years. The expansion required a vast amount of integration on insurance programs and a merger of risk management departments and claims.

Clark said her brokers rolled up their sleeves and expertly navigated her through the consolidation.

“I can’t reiterate enough how most risk managers don’t know how to deal with an M&A unless you’ve gone through it.”

She said she wouldn’t have been able to manage the risk of the mergers without her broker’s counsel.

Grading the Broker

Mike Lubben, director of global risk management at Henry Crown & Co. in Chicago, sets standard expectations of his insurance brokers: know the exposures, understand how a risk manager has to sell ideas internally and understand the urgency of requests.

He lets his brokers know his expectations with regular report cards, complete with letter grades. And he isn’t shy about giving out Fs.

  • How did the broker service the EPLI coverage?
  • Did the broker provide expertise and coverage analysis?
  • Was there anything creative?
  • Did the broker recommend new endorsements based on the previous exposure?
  • Did the broker recommend any risk mitigation programs?
  • How well did he communicate and help with presentations?

“A good broker will think this is fantastic,” Lubben said.

This method starts the conversation. It helps Lubben establish long relationships with some stellar brokers.  But if the broker misses the mark, Lubben can have a talk with them about ways to do better in the future. Some brokers he has sent away.

Recently a broker failed on what Lubben calls “blocking and tackling,” the basics like returning phone calls within one day and responding promptly to emails.

Advertisement




Lubben gave him an “F” on those subjects and told him why. The broker still didn’t improve his game and was eventually replaced.

For many people, insurance can seem very routine from renewal to renewal. But a really good broker will break from routine and come back with some kind of enhancement or improvement.

If the renewal is flat with no change in premium, then Clark says she’ll ask, “What are you going to do for me this year?”

The best brokers are always striving for better, she said.

“Without the brokering community, you would be hard pressed to do your job. I really appreciate what the brokers do, they bring a level of expertise that we can’t possibly have on all lines of coverage.” — Mike Lubben, director of global risk management at Henry Crown & Co.

Motivate International Inc., which operates more than half of the bike share fleets in North America, went through a recent renewal.

Their broker, Marsh, explored more than 10 options with different strategies and programs. In the end, after all of that, they decided the expiring coverage was the best fit.

“Those exercises are very valuable for risk managers,” said Grant Barkey, Motivate’s director of risk management.

“As an innovative company committed to delivering best-in-class services, we believe thorough exploration leads to informed decision-making.”

A good broker understands that a company’s day-to-day operations and a highly effective risk management program have implications for what type of policy should be procured, he said.

Brokers need to partner with risk managers to figure out what those options are, and what the markets are saying and then succinctly relay the information to management.
They also need to have the tact and curiosity to inquire about future plans and figure out what resources might be needed to better serve their client.

When PwC surveyed risk managers, most put their insurance carriers and industry groups ahead of their brokers as the primary source of cyber and supply chain risk solutions; yet these areas are still cited as risk managers’ top concerns.

“Becoming the go-to partners for developing and coordinating innovative and effective solutions in these priority risk areas is at the heart of the commercial opportunity for brokers.” PwC said in its report.

“Yet, our survey suggests that these are important areas where brokers are falling short of the market’s demands and therefore need to adapt.

For example, less than a third of respondents are very satisfied with brokers’ analytical and modelling services across a range of areas.”

When participants were asked how their brokers could be more efficient, respondents put risk analysis at the top of PwC’s survey list. Significantly, more than a third also cited ‘big data’ analysis.

Finding the Right Fit

Paul Kim, Co-CBO of U.S. Retail at Aon Risk Solutions, helps match brokers to risk managers. He keeps in mind that insurance companies tend to sell product, while the clients are looking to manage risks. The right broker assists in mapping risks to existing products and also customizing broad solutions, he said.

“The risk manager’s job has become more complex in the current environment, but there are so many tools available for those individuals to make better informed decisions that truly help protect the overall risk profile of their companies,” Kim said.

Paul Kim, Co-CBO of U.S. Retail, Aon Risk Solutions

That’s why finding the right broker should be first and foremost, he said. Look for an individual with strong industry knowledge, product expertise and market relationships. A strong broker is able to effectively communicate what the risk manager’s goals are to the marketplace to be able to execute and achieve those goals.

“Not every broker can do that,” Kim said.

“Not every broker is the right broker.”

PwC said those brokers who quickly master the art and science of identifying ambiguous threats and then mobilize a broad private/public stakeholder pool to economically manage those risks over time will pull ahead of their competition.

“We’re really generalist,” Lubben said.

“Without the brokering community, you would be hard pressed to do your job. I really appreciate what the brokers do, they bring a level of expertise that we can’t possibly have on all lines of coverage.”

When selecting a broker, the risk manager should also take into account the entire organization behind the broker. Ask about the additional support systems that are available to the broker’s clients.

The company should have a deep bench so when the primary broker is out of the office there’s someone else to rely on who is almost as knowledgeable. The broker organization should also be able to assist you with your budgeting and forecasting from a financial risk perspective.

In PwC’s survey of risk managers, nearly three-quarters want analytics from their broker to help inform their decisionmaking, with concerns over new and emerging risks being a strong driver for this demand.

Clark also thinks it is vitally important for a broker to offer a claims advocate, somebody on the outside, when you are dealing with a carrier on a complicated claim.

“Otherwise you are vulnerable to what the carrier says,” Clark said.

Advertisement




To lead in this new era of risk, it’s also important that brokers forge close relationships with a broader set of stakeholders that includes governments, academia, specialist risk consultancies and even their industry peers, PwC said in the report.

It’s also going to be important to develop shared databases and research capabilities.

In turn, brokers need to assure this diverse stakeholder group that they are the right party to lead.

Clark, at Sentara Healthcare, said she knows what her risk exposures are today, but she’d like her brokers to anticipate her needs before she does.

“It’s kind of crazy, but amazingly some of them do it,” Clark said.

The broker will also use past experience and industry knowledge to anticipate where policy terms and conditions can be tweaked and improved upon.

“They will, say, advise us that we need to change this policy language, and then a year later you have a claim on that and you thank your lucky stars that they changed it,” Clark said.

“It is amazing to me every time it happens.”  &

Juliann Walsh is a staff writer at Risk & Insurance. She can be reached at [email protected]