By Michael J. Moody
The risk management landscape is changing rapidly. The hardening of the property/casualty insurance market has brought renewed interest in alternative risk financing options. It is clear that we are headed for significant affordability problems and, for some lines of coverage or industries, possible availability problems as well, as underwriters reintroduce "underwriting discipline" into the insurance process. Over and above these issues, a fundamental change is taking place in the area of risk. That change--a movement toward a more holistic view of risk--has evolved into a concept called "enterprise risk management," ERM for short.
The ERM evolutionary process took on a variety of names during the past five or six years, including "holistic risk management," "strategic risk management" and "integrated risk management," among others. Early attempts by brokers and insurers/reinsurers to introduce ERM consisted of multi-line, multi-year, aggregate programs. Several pioneering corporations purchased these programs. But, due to soft market conditions, they soon found that they could equal or, in many instances, beat the pricing with traditional insurance products. While these programs offered a variety of benefits to the insured, for the most part they were not cost effective compared to the soft market pricing that was available then. As a result, interest from the traditional risk management community soon cooled. In addition, these initial attempts focused on a wide range of "insurable" risks but did not normally include "uninsurable'" risks that could impact a company's bottom line.
As it has evolved, the central concept of Enterprise Risk Management is to provide balance sheet smoothing and thus reduce earnings volatility by applying a rigorous and coordinated method to assessing and responding to all risks that effect the achievement of an entity's strategic and financial objectives. This would include downside as well as upside risks. And no, that's not is not a misprint! ERM is designed to allow management to take advantage of upside risk potential as well as risk management's more traditional role of downside risks.
The factors that have led to a growing interest in ERM fall into two basic categories--internal and external.
1)Internal
Management has come to realize that one of its primary purposes and, thus, one of ERM's purposes is to increase the overall value of the enterprise to stockholders, as well as other stakeholders (i.e., employees, vendors, etc.). Increased value is obtained by:
Improving capital efficiency--ERM allows organizations an effective methodology for allocating resources. Additionally, ERM can assist a company in determining proper allocation of capital by identifying immaterial risk and utilizing natural risk hedges whenever possible.
Improving decision making--ERM can assist in determining areas of high-risk potential and assess the impact of these areas on the company.
Improving investor confidence--ERM provides a "best practice" approach to the management of risks that will demonstrate a proactive protection program for stockholders.
2) External
One of the obvious external factors that hastened the development of ERM was the convergence of the financial services industries. While results of the convergence movement are far from complete, one of the initial results has been that bankers and insurers have come to realize that they are both in the same business--the business of managing risks.
Another significant external factor was the huge loss potential shown by several high-profile cases that occurred during the mid-1990s. Among the most notable were:
Orange County (11/94)--This incident occurred when the Orange County's Investment Pool lost $1.7 billion from structured notes and leveraged repo positions. After the loss, the board of supervisors stated that it had never been supplied with critical information that would have indicated the "riskiness" of these investments.
Barings Bank (2/95)--This loss occurred when a rogue trader, based in Singapore, took unauthorized futures and options positions in several investments. The resulting loss was in the $1.5 billion range and, once again, management claimed that it was unaware of the activities.
Daiwa Bank (9/95)--Another bond trader was responsible for a $1.1 billion loss over a 10-year time frame. Attempts to hide the loss from U.S. regulators resulted in the bank being forced to cease its U.S. operations.
All three of these losses shared several things in common. First, the loss was caused by the actions of a single person and reached such catastrophic amounts because of improper internal controls. It became clear to many people, including government regulators, that management needed to have a better handle on the risks that were attached to its corporate activities. A number of governmental advisory agencies have since advanced recommendations to curb these types of losses and to put increased pressure on corporate governance. In Canada, the Dey report, which was written for the Toronto Stock Exchange, and in England, the Cadbury, Hampel and Turnbull committees all have noted that boards must establish a sound system of internal controls.
Company stockholders also were voicing their concerns about earnings uncertainty and pushing for effective ways to manage this risk. The lightning speed at which today's
stock markets react to company announcements can prove devastating for publicly traded companies and their stockholders. Miss a quarterly projection by one or two cents and your punishment is a 10% to 20% dive in the share price of your stock.
The Enterprise Risk Management process
As in the early days of traditional risk management, there does not appear to be agreement as to the specific number or make-up of the steps in the ERM process. Many people have taken the position that the process is not radically different from traditional risk management, except (and it is a big exception) that it covers an enterprise-wide view and includes both downside and upside risks. To begin the process, a risk manager needs to identify all risks, analyze and quantify those risks, and develop an optimal risk financing strategy. Finally, on-going monitoring is essential.
A more comprehensive approach to the ERM process has been advanced by Tillinghast-Towers Perrin's Jerry Miccolis and Samir Shah. They advanced their approach in a monograph titled "Enterprise Risk Management: An Analytic Approach." While entire books have been written on these topics, we would like to provide a brief overview of the conceptual framework, which consists of four elements:
1) Assessing Risk--While this element of the framework focuses on risk as a threat, it also emphasis the opportunistic nature of risk. Risk assessment is viewed from a number of vantage points in order to have a complete picture. This step involves the identification of those risk factors to which an organization is subjected. Initially, an all-encompassing list of risks is developed. This list is then refined down to a "priority list" that is made up of risk factors that are important enough to influence business plans or alter the day-to-day priorities of the business units. From this "priority list" the factors are further culled down to those that are either "manageable" or "strategic."
Manageable risk factors are those that are familiar to a company and for which the skills needed to resolve those factors are available within the organization. These are risks that, for one reason or another, have not been given the attention they deserve.
Strategic risk factors, on the other hand, are usually unfamiliar to a company (e.g., an acquisition) and the organization typically lacks the skills necessary to respond appropriately.
2) Shaping Risk--This element of the framework is centered on optimizing the treatment of risks. In that regard, Tillinghast suggests a four-step process. The first step is to quantify each of the risk sources that made it through the initial screening process and that are still on the priority list. Quantification occurs by applying appropriate analytical tools and methods for developing a probability distribution. After this, all of the risk sources are linked to a common metric. From here, a portfolio of strategies is developed to mitigate the risks. The final step is to select the optimal portfolio of strategies.
3) Exploiting Risk--One of the principle reasons that ERM is different from traditional risk management is ERM's recognition that risk has two faces. In addition to the possible threats posed by risks, they can also represent opportunities. Indeed, organizations routinely accept risk for the chance of increased reward. This element of the framework is directed at addressing the opportunities available from various risks. Tillinghast has observed that companies can achieve competitive advantages by correctly identifying which risks they can handle better than their competitors.
4) Keep Ahead--It must be recognized that ERM is a dynamic concept and, because of this, change is constant. Accordingly, continual monitoring of a company's risk environment is critical if an organization's ERM program is to remain relevant.
Converting any company's risk management program to an ERM program can be a daunting task. For that reason, experts typically suggest that the movement be completed in phases. How quickly the concept is introduced will depend largely on the culture and management style of the company involved. The most important thing is that the process does begin, rather than being put off due to the size of the task.
As corporations begin to implement ERM programs, they find that they need to retain a senior management official to oversee the work. Frequently this individual is given the title of "chief risk officer" (CRO). The CRO will be the architect of the enterprise risk management program and will ultimately have responsibility for its implementation.
Alternative risk transfer products
The ERM process, operating in an environment where the financial services business has converged, has resulted in the development of a number of new risk transfer products. Early efforts at product development centered around the multi-line, multi-year aggregate programs. For the most part, interest in these programs was short lived. These products proved to be not cost effective when compared to traditional insurance products.
A number of other products that have been introduced over the past few years are now beginning to catch on in the risk management community. These innovative alternatives are designed to reduce a company's earnings volatility. Early alternative risk transfer (ART) efforts centered on gaining access to capital markets for catastrophic exposures of insurance companies. However, as the market has become more comfortable with the ART concept, it is beginning to consider non-catastrophic risk of insurers as well as corporate risk managers.
Hardening insurance market conditions and continued concerns about finding viable methods of smoothing year-to-year financial results will assure further, rapid innovation. Clearly, the ART market holds strong potential for providing risk managers with efficient risk transfer as the risk management function evolves to the next level through enterprise risk management. Options that are available to risk managers today include:
CAT bonds--These were one of the first ART products and were designed to allow insurers/reinsurers the ability to finance catastrophic risks through the capital markets. Interest in CAT bonds followed the $15.5 billion loss from Hurricane Andrew. The insurance industry realized that it could not withstand a major catastrophic loss to a heavily populated area. CAT bonds now are being sold for non-cat loss exposures and can provide an alternative to traditional reinsurance.
Securitizations--These are insurance-linked products that are modeled after the success obtained from mortgage-backed receivables. A number of well-publicized securitized applications has occurred over the past 12 months or so. Toyota Motors' insurance securitization of the residual value of a pool of Lexus vehicle leases is one example. Other applications include Disneyland - Japan to cover earthquakes and Arby's restaurants' securitized franchise fees. Current hard market conditions will surely expand the scope of securitizations.
Derivatives--These have long been used in financial risk management and are just now beginning to be used in ERM. In addition to options being available at the Chicago Board of Trade, Internet-based exchanges are also in Bermuda and New York (CATEX). Interest was also generated by a swap last year between State Farm and Tokio Marine.
Finite risk transfer--New interest is also being observed for this alternative. These can be used in a variety of applications including such things as "cleaning up" financial statements and portfolio transfers where both parties to a merger want to finalize outstanding liabilities.
Weather-related exposures--These products represent one of the fastest growing areas in the ART market. Underwriters have realized that many industries have weather-dependent revenue, the most obvious being utilities that look for cold winters and hot summers to increase demand. Current estimates of weather-related products are $5 billion, with the estimated possible market placed at between $70 billion and $100 billion. Substantial growth is projected now that the Chicago Mercantile Exchange has begun trading weather futures and options.
Activity in all of these ART options is just beginning. With the advent of the hard market, these types of solutions will gain wide appeal.
Summary
We have provided an overview of the ERM concept and some of the reasons for the current interest. Additionally, we have pointed out a variety of ART products that are available to assist companies in taming their earnings volatility. It is our intent to keep you apprised of the movement in this evolving area. We will bring you details on a regular basis about new and/or improved products and services that support this market segment and will discuss ways that agents can use this emerging concept to help their commercial clients better manage their bottom-line results. *
The author
Michael J. Moody, ARM, is managing director of Strategic Risk Financing, Inc. (SuRF). SuRF is an independent consulting firm that has been established to advance the practice of enterprise risk management. The primary goal of SuRF is to actively promote the concept of enterprise risk management by providing current, objective information about the concept, the structures being used, and the players involved.