Insurance is arguably the oldest and simplest risk management strategy for non-core business risks.
Yet while traditional insurance staples—e.g., property & casualty (P&C), director and officers (D&O)—remain relevant, in recent years policies have begun to evolve in ways designed to address more complex risks that threaten business results and a new suite of bespoke policies has emerged to meet the growing demand from corporates wishing to lower exposure.
Insurance companies now offer terrorism and “single-shooter” policies, for example, which covers physical risks for attacks on soft targets such as shopping malls, city centers, and other popular retail and leisure destinations. And then there are policies designed to protect retailers and manufacturers from a climate event, storm, or even volcano eruption that disrupts often delicate, just-in-time supply chains as well as the ever-burgeoning panoply of costly cyber threats which are among biggest risks facing those operating in the U.S. economy—especially considering some online criminals are today sponsored by rogue states.
Here's what’s new and revolutionary about this: Not only do these policies cover physical (i.e. human and building) risks, but also extend to business interruption coverage. Single events can also lead to event cancellation and insurers can underwrite financial costs associated with postponement or cancellation of large-scale events.
The emergence of risk as a standalone corporate issue very well may be the biggest change in corporate finance in the past 20 years.
The concept of risk management emerged in the financial services industry. The growth of increasingly complex financial products—specifically, derivatives—was designed to mitigate the scale of financial risk.
However, spectacular blow-ups such as the collapse of Long-Term Capital Management in 1998 and the financial crisis a decade later demonstrated all too well that unintended, explosive new risks had arisen from these best-laid plans.
As U.S. companies become more increasingly complex—and as globalization further integrates the world’s companies into diverse global supply and demand chains—risk management has quickly taken hold in the corporate world.
The Chief Risk Officer as a standalone C-suite role is now common among the larger companies and SMEs also articulate this same function for CFOs and treasury teams: namely the identification, quantification, and management of those risks that can have a material impact on the business.
As companies become accustomed to managing financial risks the largely accepted premise is that businesses should only be exposed to risk in its areas of core competency.
A clothes retailer, for example, likely has foreign exchange (FX) risk within the business—revenues in dollars, supplier payments in other currencies. It is now commonplace for such companies to use FX derivatives or forwards contracts to minimize FX risk—reducing volatility and minimizing earnings impact.
Risk Management Today
Though the proliferation of insurance to mitigate new risks is effective, it can be expensive. A raft of single risk policies quickly adds up to serious policy dollars.
And so companies of all sizes are seeking to aggregate insurance risks through the lens of an efficiency frontier.
Risk officers increasingly need to ask themselves:
- What are these aggregated risks?
- Which risks are correlated and uncorrelated?
- Which (if any) of those risks would be more efficiently run by the company itself, either through high claim thresholds, captive or multinational pools or simply by accepting the risk and, in effect, "self-insuring?"
A portfolio approach to insurance risk ensures that companies better understand aggregated corporate risk and more efficiently manage the balance between risk transfer—through insurance or other products—and retention of risks.
Such an approach optimizes risk strategy rather than simply attempting to minimize all non-core risks that the business faces—an expensive proposition that potentially locks companies into an uncompetitive cost structure. It also exposes where there may be a ‘layering’ of insurance coverage between multiple policies, with coverage overlaps often discovered between provision from different insurers (be it related to overlaps between businesses, insurance products or by geographical area). Such overlaps are an easy win to optimization by stripping out such inefficiencies in coverage.
Brokers have developed tools and models available to help U.S. companies map this frontier and identify inefficiencies. And the process itself helps brokers price for either individual or bundled policies. It also can generate premium savings by identifying where improved corporate practices could encourage insurers to look more favorably on the corporate risks being transferred to them. Improving data weakness on employee benefits programs, for example, can materially lower premiums because insurers don’t need to then create cushions to compensate for lack of transparency on the exact nature of the risks they are underwriting.
The Risk Transfer Sweet Spot
No doubt, it is an increasingly complex challenge to optimize risk transfer through insurance policies. The dollar savings available through efficient frontier approach, however, is material—both in terms of lower costs as well as in mitigating earnings volatility through unmanaged risk events.