2222222222

Risk Insider: Elizabeth Carmichael

Risk Management Is the Natural Owner of Compliance

By: | August 20, 2014 • 2 min read
Elizabeth Carmichael is president of Carmichael Associates LLC. She formerly was director of compliance and risk management for Five Colleges Inc. She can be reached at [email protected]

With the adoption of Enterprise Risk Management (ERM), many organizations have already begun to include compliance risks as part of their organization’s risk management portfolio. However, even if the organization has not yet climbed aboard the ERM bandwagon, risk managers should be actively supporting, if not directing, their organization’s compliance efforts in several key areas, namely, interdepartmental risks.

After all, the compliance challenges in most organizations will not be those that land neatly in one department. Dining services managers will be on top of sanitation regulations; comptrollers will file their taxes.

No, the greatest compliance challenges are those that cross division and department lines.

Take a look at some of the compliance requirements that prove challenging to institutions of higher education.

Title IX: Which prohibits discrimination on the basis of sex, covers not only equity in sports but also sexual assault and misconduct. Consequently, this impacts nearly every division of the institution.

Americans with Disabilities Act (ADA): Its related laws and regulations impact academics, student life, facilities, IT, human resources, admissions, athletics  and a multitude of other departments.

Export Controls: A mishmash of laws that similarly effects any department involved with academics, research, technology, and travel.

Records Retention Policy: Required under the tax form 990, covers every division and department and has additional privacy and security implications.

“…the compliance challenges in most organizations will not be those that land neatly in one department.”

Institutions traditionally find it difficult to manage compliance requirements such as these because there is no natural “owner” of the requirement. It is here that risk managers are ideally situated to help their institutions by gathering together individuals from the affected departments into a committee or task force.

Together, they can begin to create a shared management process for the institution. In the absence of hierarchical authority, committees and task forces can wield significant influence, especially if appointed by the president or board.

Furthermore, many compliance requirements are a natural fit within a risk management portfolio because they address insured risks. Compliance with anti-discrimination laws (like Title IX and ADA) is a perfect example, as acts of discrimination may be insured through educators’ or employers’ legal liability policies.

Other compliance matters may directly affect the essential identity of the institution. For instance, if an institution violates the regulations on political speech, it could lose its non-profit status and suffer reputational damages.

While it is impractical for a risk manager to be on top of every regulation that an institution is required to be in compliance with (they number in the hundreds) it is important that the risk manager be a leader in compliance matters that, when not addressed, can directly impact insurance and claims.

Offer to help organize a compliance effort. Make sure to (successfully) follow though.

You don’t have to be a subject expert to do this! Your results can showcase risk management services in the institution, reduce risk, and create a template for your next compliance project.

More from Risk & Insurance

More from Risk & Insurance

2018 Risk All Stars

Stop Mitigating Risk. Start Conquering It Like These 2018 Risk All Stars

The concept of risk mastery and ownership, as displayed by the 2018 Risk All Stars, includes not simply seeking to control outcomes but taking full responsibility for them.
By: | September 14, 2018 • 3 min read

People talk a lot about how risk managers can get a seat at the table. The discussion implies that the risk manager is an outsider, striving to get the ear or the attention of an insider, the CEO or CFO.

Advertisement




But there are risk managers who go about things in a different way. And the 2018 Risk All Stars are prime examples of that.

These risk managers put in gear their passion, creativity and perseverance to become masters of a situation, pushing aside any notion that they are anything other than key players.

Goodyear’s Craig Melnick had only been with the global tire maker a few months when Hurricane Harvey dumped a record amount of rainfall on Houston.

Brilliant communication between Melnick and his new teammates gave him timely and valuable updates on the condition of manufacturing locations. Melnick remained in Akron, mastering the situation by moving inventory out of the storm’s path and making sure remediation crews were lined up ahead of time to give Goodyear its best leg up once the storm passed and the flood waters receded.

Goodyear’s resiliency in the face of the storm gave it credibility when it went to the insurance markets later that year for renewals. And here is where we hear a key phrase, produced by Kevin Garvey, one of Goodyear’s brokers at Aon.

“The markets always appreciate a risk manager who demonstrates ownership,” Garvey said, in what may be something of an understatement.

These risk managers put in gear their passion, creativity and perseverance to become masters of a situation, pushing aside any notion that they are anything other than key players.

Dianne Howard, a 2018 Risk All Star and the director of benefits and risk management for the Palm Beach County School District, achieved ownership of $50 million in property storm exposures for the district.

With FEMA saying it wouldn’t pay again for district storm losses it had already paid for, Howard went to the London markets and was successful in getting coverage. She also hammered out a deal in London that would partially reimburse the district if it suffered a mass shooting and needed to demolish a building, like what happened at Sandy Hook in Connecticut.

2018 Risk All Star Jim Cunningham was well-versed enough to know what traditional risk management theories would say when hospitality workers were suffering too many kitchen cuts. “Put a cut-prevention plan in place,” is the traditional wisdom.

But Cunningham, the vice president of risk management for the gaming company Pinnacle Entertainment, wasn’t satisfied with what looked to him like a Band-Aid approach.

Advertisement




Instead, he used predictive analytics, depending on his own team to assemble company-specific data, to determine which safety measures should be used company wide. The result? Claims frequency at the company dropped 60 percent in the first year of his program.

Alumine Bellone, a 2018 Risk All Star and the vice president of risk management for Ardent Health Services, faced an overwhelming task: Create a uniform risk management program when her hospital group grew from 14 hospitals in three states to 31 hospitals in seven.

Bellone owned the situation by visiting each facility right before the acquisition and again right after, to make sure each caregiving population was ready to integrate into a standardized risk management system.

After consolidating insurance policies, Bellone achieved $893,000 in synergies.

In each of these cases, and in more on the following pages, we see examples of risk managers who weren’t just knocking on the door; they were owning the room. &

_________________________________________________________________

Risk All Stars stand out from their peers by overcoming challenges through exceptional problem solving, creativity, clarity of vision and passion.

See the complete list of 2018 Risk All Stars.

Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at [email protected]