As risk management technology goes, the Risk Management Information System (RMIS) isn’t exactly the new kid on the block.
Quite the contrary. RMIS, in one form or another, have been employed by the risk management community for 35 years.
But the way risk managers use them — and the way they influence the practice of risk management — continues to evolve.
Mark Dorn, who perhaps could be called the godfather of RMIS, has been watching it all unfold since he launched RISKMASTER in 1982.
“Act 1 of the RMIS industry has been using technology to help enable and empower the risk manager to [take care of] their day to day needs,” said Dorn, president and CEO of DAVID Corp. “It was always about [total cost of risk] and about making decisions to manage the TCOR.”
Act 2, said Dorn, from around 2000 to the present, increased the focus on compliance. In 2017, however, “it’s Act 3, which is risk managers trying to get from defense to offense,” he said.
“Now the issue is what can these systems do, assuming they have unlimited data — which basically they do. The question is how do you mobilize those insights and leverage them.” DAVID Corp.’s NAVRISK VISION uses embedded key performance indicators and risk scoring to help users further drive improvement throughout their organizations.
Playing offense means spending more time looking ahead rather than behind, said Dorn. When you’re working retrospectively, “we call that dead data. Reporting on dead data doesn’t have a lot of value. The claim is closed. You need to be working on live data, real time.”
Risk managers say that’s spot-on. They’re looking at the broader picture of how RMIS can be used to transform their organizations.
“The question really — the sky’s the limit — what can we do with this system that would make us unique?” said Brian Van Allsburg, vice president, risk management at Compass Group. “What can we do with this system that would lend an enormous amount of transparency across a number of businesses that we have within our portfolio.”
Van Allsburg agreed that his company has actively shifted to offense, aligning its RMIS functionality to focus on leading rather than lagging loss indicators. As much as post-loss data can empower the TPA or the corporate claims team to mitigate a loss, he said, it’s far less than what the company stands to gain by preventing the claim from actually happening.
Being able to aggregate internal and external data across silos, seamlessly convert it into actionable information and then push it back out to stakeholders is key for Compass, which partners with Origami Risk.
“The question really — the sky’s the limit — what can we do with this system that would make us unique?” – Brian Van Allsburg, vice president, risk management, Compass Group
“I can see all of that [data] tied to my locations. That creates the transparency that I can kick back to the business owners and say, ‘Hey for this region and for these particular locations, your workplace safety scores are low, your fleet audit scores are low.’
Now you’re not talking about claims that have already happened. Now you’re talking about behaviors that need to change to prevent the claims from happening.”
The City of Clearwater, Fla., which partners with DAVID Corp., is also leveraging its RMIS platform to head off claims, by using data to feed safety initiatives and improve safety culture throughout the municipality. Reports are pushed out to all municipal departments to help identify training needs and trends.
“Our overall goal is to increase safety awareness and culture within the city’s departments,” said Rick Osorio, the city’s risk manager. We’re able to give the feedback they need to make positive changes. And DAVID does a good job of that.”
“You’re providing them with the direction they should be going in,” added Van Allsburg. “So if they’re going awry — say their loss patterns are worsening or their audit scores are worsening, offer those suggestions, show them the locations that are not performing well and then tell them what type of advice or support you plan on providing them to get them back on track.”
Making the Choice
The vast majority of risk managers have some kind of tool or system for managing their pertinent risk and claims data, whether homegrown or formal. But continued growth in the market suggests that an increasing number of organizations are coming to terms with the value that a true RMIS platform can provide.
Bob Petrie, president and CEO of Origami Risk, said that over the past several years, more than half of the company’s new business is coming from clients that were previously not using a formal RMIS system. “Maybe they had some kind of tool, they had spreadsheets, they had a homegrown Access database — or in some cases they really did have nothing,” he said. “The market is still expanding.”
Paul Major, vice president, risk management with Ameriprise Financial, said that even though his company has a sophisticated risk management program, it was using a somewhat informal information management system until just a few years ago when it decided to partner with Riskonnect.
“I was no longer interested in a RMIS system that was merely used as a data repository — something that we basically just stored policy information in,” said Major. “Because effectively what we were doing was taking policies off of our network, as it were, and dumping them into this system.”
Compass Group experienced a similar frustration even though they did have a prior partnership with a RMIS provider.
“The system was not being used to its full extent, or at all, really,” said Van Allsburg. “It was more or less used as kind of a claims aggregator. … I think unfortunately a lot of companies use it this way. And [only] one or two people were actually running any kind of report out of it. It really wasn’t adding a lot of value to our businesses, and we were paying a fair amount of money for this system.”
Both Major and Van Allsburg said their companies put a great deal of care and analysis into selecting the right RMIS partner. Flexibility and customization were must-haves for both.
Compass, with its strong focus on leading indicators, needed audit capability to be a piece of the puzzle. Origami didn’t have a large audit platform. But that wasn’t an issue, said Van Allsburg — they built one. Now Compass’ 22 safety professionals in the field can do self-assessments on the fly whenever necessary.
“Origami even built out a mobile application where any of my associates can log in and pull up a specific audit that reflects their particular business line, go through the audit, whether it’s OSHA questions, whether it’s fleet questions, and [the completed audit] gets loaded into the system and tied to that location.”
The unique benefit of a cloud-based software-as-a-service (SaaS) platform is that new functionality developed to meet one client’s needs is automatically available for every client.
“The cost of these RMIS systems for the most part are not that high. And I think they do pay for themselves over the long term.” – Paul Major, vice president, risk management, Ameriprise Financial
“The origin of the ideas for the new features and enhancements we’re putting into our product is coming from the clients themselves, so they have the leverage of all of the brainpower of all of our collective 300-plus clients that are contributing ideas — everybody else benefits from the best of those ideas,” said Origami’s Petrie.
Ameriprise’s Major, using Riskonnect, said that kind of collective power means he’s a lot less likely to have to ask his RMIS team to reinvent the wheel for him.
“There’s not much that we’re coming to them with that they haven’t done before, in one way or another, or that I can’t leverage off of what somebody else done within the firm to build it out.”
And while functionality, user interface, ease of use and other considerations were also weighed carefully, risk managers said the importance of the team and their level of service could not be overstated.
Questions to consider, said Van Allsburg, include: Do they understand not only the risk and insurance landscape, but have they taken the time to understand your business? Are they willing to take in a whole host of information, understand why you want them to take that information in, and how it should be tied to the measures you want them to be tied to?
Open communication is paramount, he said. With the company’s prior partner, “we weren’t being told how we could better leverage the system. We weren’t being told about their software updates, and about how [new software] releases could impact us — there really wasn’t an effort to understand our business.”
As for cost, risk managers said it was practically a non-issue. “It’s fairly miniscule,” said Van Allsburg. ”If a risk manager were to read this and think oh, the cost of a RMIS system is going to be astronomical — I don’t really think it is.”
“The cost of these RMIS systems for the most part are not that high,” agreed Major. “And I think they do pay for themselves over the long term.
“We have a very tight community as far as risk management groups, everybody really works well together and most people know each other, so that’s when you really can have an open dialogue.” – Paul Major, Ameriprise Financial
“I’m not sure you can ever quantify dollar for dollar when the payback happens because you’re really talking about a lot of soft costs,” he said.
“I’m more interested in, does it support what we need to do as a group and help us more effectively manage risk within the firm. And then does it have the flexibility to help out in other areas of the company or other projects we might be thinking about. You make your decision based on that.”
Major strongly recommended reaching out to peers as part of the decision-making process. He credited a strong and supportive risk management community in the Minneapolis-St. Paul region with helping his company make the best possible choice.
“We’re fortunate [that] in Minneapolis-St Paul, there are … a number of Fortune 500, Fortune 250 companies with sophisticated risk management groups that are using these types of systems. So it really helped to reach out to a variety of [companies] in our risk management network to figure out what people were using, what they were using it for, and get input on what works and what doesn’t work,” Major said.
“We have a very tight community as far as risk management groups, everybody really works well together and most people know each other, so that’s when you really can have an open dialogue. You’ve got people that’ve been using various systems hands-on and can give you the plusses and minuses of each. It really adds to your decision process as you go through.”
Major added that through that process, his company’s RMIS leader established a local user group that meets regularly “just to talk about the different things that are going on, what people are doing, how they’re using the system, new features that they have, etc.”
“That’s benefited everybody in that group, opening their eyes about different things that the system can do, or what we use it for, versus, say, what another large financial institution or a large retailer [might use it for].”
Develop a Roadmap
For risk managers looking to partner with a RMIS vendor or switch partners, users offered suggestions for ensuring a more effective outcome.
“I think one of the keys is to have a very defined outline of what you want and then develop a very defined implementation plan around that. You have to prioritize what you want … because if you try to do everything at once. It’s not going to work,” Major said.
Once you’ve made a decision, he said, plan to have a frank discussion about what your short-term and long-term goals are for the platform so that your account team has a firm grasp on where you want to go.
Also have a new project plan that you’re working towards each year, suggested Major. “Some smaller companies may say, ‘Hey, all I want is this functionality and that’s all I need.’ But speaking from a larger company, I think you constantly need to evolve and you need to have plans around making that happen.” &