Risk Management

The Profession

Chris de Wolfe of Mars Inc. can take you to places where there are snakes as long as large swimming pools.
By: | March 1, 2016 • 15 min read

032016_10_profession_sidebar
R&I: What was your first job?

I was a marine cargo technician. I spent my time writing insurance slips for the Lloyd’s insurance market. That gave me a solid technical background. That was back in the day when an insurance policy or slip that was sent into the London market was done manually. We actually created them from scratch every time. What brokers would like to call manuscript forms were at that time very much built from scratch.

R&I: How did you come to work in risk management?

When I was working at Marsh, Mars was a client of ours. I had a good relationship with the Mars risk manager at the time and when I left Marsh to go to Aon they said “If you are leaving Marsh why don’t you come to work for us?” It took a while to integrate that. But the transition was quite interesting.

The best piece of advice that a broker gave me was to keep my feet on the ground. In making the transition from broker to risk manager at a large company like Mars it can be very easy to lose touch with reality because everyone suddenly becomes a “yes” man.

People who go from being a broker to a client don’t necessarily know all the answers. They still need advice and counsel.

Advertisement




But as an example of the change in how people treat you, the first time I went into the Marsh office in the UK. as a risk manager, the chairman of Marsh in the UK at that time took me to his office and gave me a soda from his refrigerator. That was the funniest thing because that was the holy refrigerator when I was at Marsh. Nobody ever went near the damn thing never mind being offered one by the chairman and he brought it to you.

The thing to remember is that everybody around you still knows a lot and your role as the risk manager is to make the right decisions for your company. That means taking the advice and counsel of those who will likely know more about the specific details than you will.

R&I: What is the risk management community doing right?

I am really happy that we have woken up to the fact that we need to create a better talent pipeline and that we are actually doing something about it. When I started in risk management it was still very much “What does that mean? You are probably the insurance guys.”

What we’re doing now is being much more effective at making sure that people understand that risk management is much more than insurance procurement. I think by calling ourselves risk managers it helps people understand that. It gives people an idea of what we do and how we add value to the business. You want to do more than just insure risk. Manage it too!

I see it at RIMS and everywhere; there is a lot of education going on. Universities have a number of risk management courses now, probably now more than ever. The network is very much focusing on the next generation of risk managers; that they are competent and qualified and not just coming in as insurance guys. So we are attracting some good talent into the marketplace. It’s great.

R&I: What could the risk management community do better?

I think it is more of the same. It is really focusing on getting away from just being buyers of insurance. Doing that is going to improve the talent pool and it is going to help risk management as a function be perceived better by the C-suites.

Risk management does make a difference to your enterprise and everything you do. I can stand in front of any size group and talk about that because I believe that. If people think you’re just buying insurance you’re not going to be perceived as adding much value.

Insurance is good but it won’t change the direction of your company’s boat. What you’re doing is looking at risk as a competitive advantage and an opportunity and that is where risk really adds value.

With the advent of things like ERM and business continuity plans and emergency response plans; it makes for something more impressive and is the right direction for our industry to be going in.

“Risk management does make a difference to your enterprise and everything you do. I can stand in front of any size group and talk about that because I believe that.”

R&I: What was your favorite location for the RIMS conference?

Hawaii. That’s because it was in Hawaii. It was my first speaking opportunity at RIMS, unfortunately, the conference wasn’t that well attended.

If you have been to RIMS often enough you know that everyone bugs out Wednesday afternoon and Wednesday evening. I think because it was in Hawaii everybody needed a reason to stay. I had the graveyard shift. I had a Thursday morning slot. So they all stayed the extra day and what should have been a 20-person session ended up being filled to capacity 130- people group.

I think they all left straight after that and went to the beaches and the waves.

R&I: What is the most prominent change you have seen in insurance or risk management?

Advertisement




In our market peaks and troughs are as normal. The interesting thing is that the soft market has been with us for a much longer time than anybody predicted; and appears to be here for some time to come. We’re departing from the trend of what used to be a 10-year cycle. It feels like we are a bit beyond that now.

One of the things that is interesting is the consolidation of market, capacity and brokers. The brokers have come together and they are huge.

Reputational risk is one example of a dangerous emerging risk. … But there is still nothing that can be done to protect a company like ours which has enormous assets in our brand.

R&I: What do you think are some of the more dangerous emerging commercial risks?

If it is an emerging risk then chances are we already know about it and chances are that we are already doing something about it. For me something that is emerging presents itself and then gradually becomes a problem. We can address those.

My concern continues to be over an acute problem that might occur that we don’t know about it. It sounds like an old chestnut but what I really worry about are the things that I don’t know about.

Something that is emerging is something that comes out gradually to the surface as opposed to something that comes blasting out and kicks you. What we try to do is see what might come next, because it’s not necessarily going to be an insurable solution for the business.

Reputational risk is one example of a dangerous emerging risk. There are some products in the market at the moment. But there is still nothing that can be done to protect a company like ours which has enormous assets in our brand. We could have an insurable event but the coverage wouldn’t go as far as our reputational damage would.

R&I: What insurance carrier do you have the highest opinion of?

We have just done a lot of RFPS with almost our entire portfolio of programs, so over the last three years we have done a complete review and reset of everything. We have been with a lot of our risk partners for a very long time.

We have been with FM Global, we did an RFP with them and they were successful again.

Liberty Mutual, AIG and ACE have always been with us as well. Those are the ones that have really stood by us. Even through difficult and challenging times, they have sustained programs with us.

But they have done that because we have long-term relationships with them. They appreciate it and we get a good quality of customer service in return for that longstanding relationship.

Mars has five principles and our middle one is mutuality, which is about relationships and how they can benefit both parties. We are really lucky in the risk management department at Mars to be able to use one of the company’s five core principles, and reinforce it in our business relationships.

I don’t think brokers were deliberately hiding what they were doing with regard to contingent income, they just weren’t necessarily disclosing it. People weren’t asking.

Insurance is a law of large numbers. If you stay with a carrier long enough what happens is we don’t ask for the lowest price, we ask for consistency of pricing, so effectively we can smooth out pricing volatility.

We in risk management may know the pricing of a program but our internal clients, the factories, don’t really care. What they are looking for is some consistency for their planning and budgetary purposes and to get claims paid.

Price volatility is quite difficult for companies like us to navigate through. We try to weather that by using that long-term relationship, saying, “When the market is low, we don’t need to be at the bottom, and when the market’s high, don’t come hit us with your top rates. Keep us in the middle.”

That gives us consistency, which is really important. That can only come with a long-term relationship.

R&I: How much business do you do direct versus going through a broker?

Advertisement




We do almost everything through brokers and we do that because of our markets. We have a mixture of insurers who will accept direct business and some who will not.

The reality is that in the placing of multiple insurance lines it is more efficient for us to have a broker to do that for us and add our market leverage to theirs. It makes the deal even sweeter.

R&I: Was the contingent commission controversy overblown?

I thought it was completely overblown. The reason for that is your risk management department should know how much you are paying for something.

I don’t think brokers were deliberately hiding what they were doing with regard to contingent income, they just weren’t necessarily disclosing it. People weren’t asking.

It was easy for me because I used to work as a broker, I knew how contingent commissions worked. When I signed up at Mars in 1999 — in the last century — I was asked to immediately talk to all of the brokers on the programs and say “I know you’ve got them — contingent commissions — because I set up a couple of programs where they existed.”

For me, if you’re open and aware of what’s going on with your broker and you’ve got a good enough relationship with them, you shouldn’t be surprised.

It was a mixed story back in the Spitzer days because two stories came out at the time. One was contingent commissions and one was that whole thing about “A” and “B” quotes. And it got transposed I felt. The large numbers that were mentioned as the difference between “A” and “B” quotes were sometimes being applied to the contingent commissions discussion, therefore, potentially exaggerating the profits that brokers were making.

They make a good crust, they make a good earning, but I think the reality is depending on the size of your business. Once you get your brokers on a fee, rather than a commission, then everything is much more transparent. But contingent commissions are creeping back. Now the difference is they tell you about it.

Brokers still get, I forget what they call it, claims support process fees from the market. They are still coming from insurers to brokers to provide administrative services. They are still there. They haven’t gone away. I think the important thing is that as long as people are informed about them, then they’re okay with it. You just manage other remuneration methods accordingly.

R&I: Are you optimistic or pessimistic about the U.S. economy?

The U.S. economy is enormous. It’s always been the place to go if you want some stability. Other economics are in decline, but the U.S. economy is relatively constant. It’s still up there whereas the others tend to duck and dive and weave and have a lot of volatility to them. Just look at China.

Because of its size and the way society is in the US, it is always going to be a resilient economy. Will it always necessarily be the biggest? Probably not. But it is always going to be consistent.

The concept of the super-rich giving large portions of their wealth to philanthropy is just fantastic.

R&I: Have you had mentors in this business?

I have had a lot of great advice throughout my career. I guess that guy who talked to me about keeping my feet on the ground as a risk manager was quite influential, I’ve always used that.Take advice from everybody you can. No one person has a brain big enough to know the answer to everything. So for me it’s never been just one person. I guess this is an opportunity to say thank you to all of them.

R&I: What in your career are you proudest of?

We put together an amazing team of people at Mars risk management. Three or four years ago we consolidated the risk management department when we bought the Wrigley Company. That’s when we pulled together our risk management functions.

We are now at a point today where we have put together a great group of people who are engaged about making a difference in this company and supporting its objectives. The thing that I am proud of how well we work together and we are ready for the next challenge.

R&I: How many e-mails do you get in a day?

On a good day, I get 50 or 60, which is interesting because I never got that many faxes or telexes back in the day.

R&I: Do you have a favorite movie?

The Highlander. In the film a guy is walking out of a church and he says to the protagonist,” I have something to say, it’s better to burn out than to fade away.” It is absolutely brilliant and if my wife would let me I’d get it tattooed on me somewhere.

R&I: What’s your favorite restaurant?

The most amazing restaurant I have ever been to is a restaurant called “Sirocco” in Bangkok. It is on the roof of the state tower building and the views and the food are absolutely incredible. It also has one of these big glass cantilevered bars that projects from the side of the building, which gives you great views when the smog lets you.

R&I: What’s your favorite drink?

English beer; has to be. I am quite keen on most of them but if I was going to choose a specific English beer I would go for I would say Spitfire. If I were going for a cocktail then it would be a Dark and Stormy. (Gosling’s rum, ginger beer and a twist of lime). It’s fantastic and when you are in Bermuda for the renewal meetings you can darker and stormier depending on how the evening goes.

R&I: What’s an interesting place you’ve traveled to?

It was a cocoa plantation in Brazil, not because we grow our own cocoa but Brazil has some challenges with its crop so we are working on finding a way to help. It is really isolated, like nowhere I have been at all. There are snakes there the length of decent-sized swimming pools. And there are mosquitos that would probably fly down and pick up small children. It’s like Jurassic Park only it’s in Brazil.

Given that it is in the middle of nowhere, it’s a scary drive to get there but once you get there it’s worth it. You do have to walk around there with big rubber boots on because of the snakes that are all over the place.

R&I: What’s the riskiest thing you have ever done?

Advertisement




That would have to be abseiling (rappelling) down a rock face, wearing a pair of my grandfather’s hobnail boots. Hobnail boots are things like the army used to have with studs on the bottoms of the boots so that you could go across soft surfaces. Imagine abseiling down the side of a flint rock face with a bunch of little nails on your boots. I can still see the sparks today if I close my eyes. Scared the absolute Beejazus out of me. Now with four children I will have to set a different example for them.

R&I: Does the world have a modern hero and who is it?

It’s people like Warren Buffett and not because of his success in business. It’s because of the giving pledge that he signed. The concept of the super-rich giving large portions of their wealth to philanthropy is just fantastic.
That he set something up that urged Bill Gates and Mark Zuckerberg to commit large portions of their wealth is just fantastic.

R&I: What is the most fulfilling about your work?

Part of it is the people I work with but it’s knowing that what we do makes a difference to the company. We facilitate the ability of the company to do things it wouldn’t consider doing unless we were engaged in that process. We are not exclusive but we support the growth and opportunities at Mars Inc.

R&I: What do your friends and family think you do?

Working in McLean, Va. we are close to Langley, the CIA headquarters which is about three miles from here. Because we work for a private company we’re pretty quiet about what we do. So I let people think that I am a British secret agent.
For those that know me, I tell people that I stop things from blowing up, burning down or hurting anybody and if they do make sure that we have a solution for it.

R&I: Anything that we didn’t ask you about, that you’d like to mention?

The thing we do really well here at Mars Risk Management is that we try very hard to make risk management interesting and engaging for people. That’s no mean feat because when you start talking about insurance and risk management people do tend to completely disengage.

The opportunity that we have and I feel that we do well is using promotional materials. We have a hashtag on Twitter called #WeGotThis. It’s a branding thing so that people know internally that “we’ve got this,” in risk management.

Driving a really solid program, educating people about what we do and making it interesting and engaging is something we concentrate on a lot. To make sure that we get our rocket pitch together to explain to people what it is we do quickly and help them understand how it works. That way they want to come talk to us rather than us just dragging things out.




Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

2017 RIMS

Resilience in Face of Cyber

New cyber model platforms will help insurers better manage aggregation risk within their books of business.
By: | April 26, 2017 • 3 min read

As insurers become increasingly concerned about the aggregation of cyber risk exposures in their portfolios, new tools are being developed to help them better assess and manage those exposures.

One of those tools, a comprehensive cyber risk modeling application for the insurance and reinsurance markets, was announced on April 24 by AIR Worldwide.

Advertisement




Last year at RIMS, AIR announced the release of the industry’s first open source deterministic cyber risk scenario, subsequently releasing a series of scenarios throughout the year, and offering the service to insurers on a consulting basis.

Its latest release, ARC– Analytics of Risk from Cyber — continues that work by offering the modeling platform for license to insurance clients for internal use rather than on a consulting basis. ARC is separate from AIR’s Touchstone platform, allowing for more flexibility in the rapidly changing cyber environment.

ARC allows insurers to get a better picture of their exposures across an entire book of business, with the help of a comprehensive industry exposure database that combines data from multiple public and commercial sources.

Scott Stransky, assistant vice president and principal scientist, AIR Worldwide

The recent attacks on Dyn and Amazon Web Services (AWS) provide perfect examples of how the ARC platform can be used to enhance the industry’s resilience, said Scott Stransky, assistant vice president and principal scientist for AIR Worldwide.

Stransky noted that insurers don’t necessarily have visibility into which of their insureds use Dyn, Amazon Web Services, Rackspace, or other common internet services providers.

In the Dyn and AWS events, there was little insured loss because the downtime fell largely just under policy waiting periods.

But,” said Stransky, “it got our clients thinking, well it happened for a few hours – could it happen for longer? And what does that do to us if it does? … This is really where our model can be very helpful.”

The purpose of having this model is to make the world more resilient … that’s really the goal.” Scott Stransky, assistant vice president and principal scientist, AIR Worldwide

AIR has run the Dyn incident through its model, with the parameters of a single day of downtime impacting the Fortune 1000. Then it did the same with the AWS event.

When we run Fortune 1000 for Dyn for one day, we get a half a billion dollars of loss,” said Stransky. “Taking it one step further – we’ve run the same exercise for AWS for one day, through the Fortune 1000 only, and the losses are about $3 billion.”

So once you expand it out to millions of businesses, the losses would be much higher,” he added.

The ARC platform allows insurers to assess cyber exposures including “silent cyber,” across the spectrum of business, be it D&O, E&O, general liability or property. There are 18 scenarios that can be modeled, with the capability to adjust variables broadly for a better handle on events of varying severity and scope.

Looking ahead, AIR is taking a closer look at what Stransky calls “silent silent cyber,” the complex indirect and difficult to assess or insure potential impacts of any given cyber event.

Stransky cites the 2014 hack of the National Weather Service website as an example. For several days after the hack, no satellite weather imagery was available to be fed into weather models.

Imagine there was a hurricane happening during the time there was no weather service imagery,” he said. “[So] the models wouldn’t have been as accurate; people wouldn’t have had as much advance warning; they wouldn’t have evacuated as quickly or boarded up their homes.”

It’s possible that the losses would be significantly higher in such a scenario, but there would be no way to quantify how much of it could be attributed to the cyber attack and how much was strictly the result of the hurricane itself.

It’s very, very indirect,” said Stransky, citing the recent hack of the Dallas tornado sirens as another example. Not only did the situation jam up the 911 system, potentially exacerbating any number of crisis events, but such a false alarm could lead to increased losses in the future.

The next time if there’s a real tornado, people make think, ‘Oh, its just some hack,’ ” he said. “So if there’s a real tornado, who knows what’s going to happen.”

Advertisement




Modeling for “silent silent cyber” remains elusive. But platforms like ARC are a step in the right direction for ensuring the continued health and strength of the insurance industry in the face of the ever-changing specter of cyber exposure.

Because we have this model, insurers are now able to manage the risks better, to be more resilient against cyber attacks, to really understand their portfolios,” said Stransky. “So when it does happen, they’ll be able to respond, they’ll be able to pay out the claims properly, they’ll be prepared.

The purpose of having this model is to make the world more resilient … that’s really the goal.”

Additional stories from RIMS 2017:

Blockchain Pros and Cons

If barriers to implementation are brought down, blockchain offers potential for financial institutions.

Embrace the Internet of Things

Risk managers can use IoT for data analytics and other risk mitigation needs, but connected devices also offer a multitude of exposures.

Feeling Unprepared to Deal With Risks

Damage to brand and reputation ranked as the top risk concern of risk managers throughout the world.

Reviewing Medical Marijuana Claims

Liberty Mutual appears to be the first carrier to create a workflow process for evaluating medical marijuana expense reimbursement requests.

Cyber Threat Will Get More Difficult

Companies should focus on response, resiliency and recovery when it comes to cyber risks.

RIMS Conference Held in Birthplace of Insurance in US

Carriers continue their vital role of helping insureds mitigate risks and promote safety.

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at [email protected]