Temple ERM Conference Focuses on the Importance of Reputation in Enterprise Risk Management
In a world becoming increasingly swept up in a myriad of complex, interconnected risks, enterprise risk management (ERM) is becoming more important than ever.
To help both risk management professionals and students become better acquainted with the discipline, Temple University hosted the second part of its two part Enterprise Risk Management Conference on December 3.
In the sessions presented by a set of speakers, not only was the importance of ERM in a risk-filled world discussed, but also how it has shaped it.
While the first day of the conference focused on giving attendees an intro to ERM and sharing how risk professionals have incorporated it into their business, the second day turned its attention to risks happening in real time, including perhaps the biggest risk faced this year: the COVID-19 pandemic.
Featuring speakers from AmerisourceBergen, the Spencer Educational Foundation, Humana and Steel City Re, here’s the key lessons learned about ERM.
The Dawn of ERM
Kossovsky focused his presentation on the connectivity between enterprise risk management and reputational risk, a component he said is vital for companies to maintain.
“We are at the dawn of the era of enterprise risk management,” Kossovsky said, explaining that companies have just scratched the surface on the risks that ERM can impact — reputational risk being just one example.
Kossovsky continued by saying the importance of focusing on reputational risk has been affirmed by the onset of COVID-19.
As with the first day of sessions, the connection between ESG and ERM played into the talks. In his discussion, Kossovsky said that only recently has the industry seen more incorporation of ESG practices into risk management.
There have been various trends that altered the way reputation value was captured and lost throughout history, Kossovsky said. One recent trend is the presence of more emotional, angry stakeholders, which perhaps reflects a more imbalanced, divided culture in general. Additionally, the pandemic expectedly exposed multiple vulnerabilities for companies and insurers.
Looking forward, Kossovsky sees that reputation risk is remaining relevant within the industry, and referenced Lloyd’s and KPMG’s report “Safeguarding reputation.”
The report states that a company’s reputation is at risk any time a monumental event occurs, stressing the importance of investing in reputational risk management.
Finding Compliance and Ethics in Risk Management
Reputational risk is often closely bound to a company’s ethics, and as such the role of compliance and ethics in ERM was touched upon by speakers Jon Smollen and Jonathan Lipson.
Smollen, also the executive director for Temple’s Center for Compliance and Ethics, shared the origins of the compliance discipline in the U.S., which really began to hit its stride in the 1990’s.
“What strikes me is that both ERM and compliance and ethics are relatively young,” Smollen said.
Looking at both fields, Smollen identified obvious commonalities. Both call for board oversight, management accountably, robust risk assessment processes and the idea of continuous improvement. Distinctly, Smollen believes ERM is much broader discipline in the quest to identify risk.
Lipson, a business law professor, studies how “contracts as a legal mechanism” can help to address challenges in an ERM approach. As companies engage in contracts with members of their supply chain, they risk taking an substantial liabilities should a provider engage in dishonest or controversial activity.
Lipson used the example of Nike being outed for purchasing shoes from manufacturers with unjust worker conditions. Ethical breeches such as these can foment a great deal of reputational risk for the involved parties.
These types of instances have shaped the way companies and manufacturers respond to compliance & ethics issues. Many now partake in supply chain agreements that include commitments to protecting basic workers rights, environmental protections and so on. It is now common for these types of agreements to be placed into large scale contracts.
Humana’s Risk Management Response to COVID-19
The conference then shifted to company executives discussing their responses to the novel coronavirus pandemic. John Littig, vice president of operational risk management for health insurer Humana, discussed the insurer’s pandemic response in its most dire moments and its plans for continuation.
As the pandemic began to force shutdowns and stay-at-home orders, Humana focused on three key principles that would stay at the heart of their decision making; remaining calm, managing proactively and minimizing impact.
During the initial quarantining phases in March, the timeline for the longevity and severity of the pandemic was largely unknown. Humana understood this and developed a long term COVID-19 timeline with a goal to provide a clear understanding of the risk COVID presented.
Different groups working within Humana needed different resources to accommodate pandemic-driven setbacks. For members and associates, Humana waived member costs and expanded access to telehealth, now a staple component of health care.
Humana employers were given an extension on their premium payment grace periods as well as a waiver on active work requirements for employees on company health insurance. While this is typically a state requirement, it’s been waived to focus on the health of workers. Littig commented that “this was the right thing to do during COVID.”
Additionally, small businesses received a resource guide from Humana to help navigate the CARES act and the Paycheck Protection Program. Providers were able to lessen the strictness of their clinical authorization requirements to minimize administrative work and instead focus more on patient care.
We’ve now entered a phase of the pandemic that differs the phase we found ourselves in March. Working from home, once a novelty and uncharted territory, has become a part of a productive routine.
“We’ve proven how well this can work,” Littig said. Remote employees could fundamentally change the hiring process for companies; expansion in hiring the best quality employees is just one example.
AmeriSourceBergen Weighs in on Company’s ERM Plan and the Pandemic
As COVID-19 has shown us, risk is imminent in our world. Some risks can be readily prepared for, but other instances are simply unprecedented.
That’s a lesson the AmeriSourceBergen Corporation took to heart during a painful moment in our nation’s history.
During the final talk of the day, James Callahan, now vice president of enterprise risk and resilience at AmeriSourceBergen, shared how the company learned that lesson on 9/11. That morning, the newly formed company was set to ring the stock exchange bell in New York City, but they were never given the chance to.
“It showed that bad things can happen at any time,” Callahan said.
And while the pandemic has delivered a great amount of risk, Callahan noted that the world didn’t stop because of COVID. Other risks and crises, including record numbers of wildfires and hurricanes, were still present throughout 2020.
Callahan dove into AmeriSourceBergen’s history with ERM and its developments to perfect its risk response plan. Several factors throughout recent years have contributed to AmeriSource’s risk management framework.
After being named a Fortune 10 company, AmeriSource underwent a period of rapid growth, which included a centralization of its ERM department. It then consulted an outside source to evaluate the department in 2019. Just how risk is always evolving, so is AmeriSource’s response to it.
No one has been spared from the impacts of the pandemic, and AmeriSource focused on three specific risks:
1) Protecting the health of AmeriSource employees, especially frontline workers who do not have the option of working remotely.
2. Preparing for the threat of cyber attacks, a risk that intensified as working from home became the norm.
3. Ensuring the vitality of domestic and international supply chains, as AmeriSource plays a key role in pharmaceutical supply chains with this role increasing throughout the pandemic.
What has AmeriSource learned about risk from COVID-19? Callahan said having a risk framework wasn’t just about responding to the pandemic. Rather, it forced the company to reevaluate all planned responses to hazards and risk, should they ever need to use them.
Callahan did stress one important note; extensive amounts of preparation won’t completely ready you for when the risk arrives. This reigns truer for a rapidly developing pandemic.
But, Callahan remained determined, saying “We have to be a part of the solution.” &