The discipline of risk management has come a long way over the past 50 years.
In 1967, much of the job of risk managers related to insurance buying and interacting with insurers and brokers on loss prevention and claims.
While insurance remains a key tool of risk managers in 2017, changes in the market and technological developments have created a role that’s focused on managing risk in a more sophisticated way and looking beyond the hazard risks traditionally associated with insurance, experts say.
As a result, the role of risk managers within their organizations has taken on more significance as they are called on to assess more diverse exposures.
The hard market of the 1980s forced organizations to retain and manage risk more proactively, and technological developments — especially over the past 10 years — have enabled risk managers to access data and take a more forward-looking view of risk, experts say.
“When I first came out of the insurance business, I looked on risk management as a negative thing — you were trying to analyze the possibility of some future negative event occurring and respond intelligently to it,” said H. Felix Kloman, a retired risk management consultant. Mr. Kloman worked as an insurance broker in the 1960s and was an early contributor to Business Insurance before becoming a risk management consultant in the early 1970s. He retired from Towers Perrin in 1993.
Most companies turned to insurance as their primary response to risks, he said. “I realized that insurance should not only not be the primary response, it was a rather negative response … and one to be avoided if you possibly could,” Mr. Kloman said.
Risk managers should view adverse events as possibilities to improve things going forward rather than seek to restore operations to the way they were prior to an event, he said.
Today, risk managers have access to an immense amount of data that allows them to be more proactive in managing risks, he said.
Access to data has changed the discipline of risk management and risk managers’ interactions with insurers, said Carol A. Arendall, vice president of safety and risk management at US Foods Inc. in Rosemont, Illinois, who has worked in risk management for more than 30 years.
“Back in the day, underwriting meetings were so important, and you would go and meet with people and talk about the risk. Today, underwriters churn out a quote based on the data,” she said.
While the data may make the process more scientific, it can also have a negative effect, especially if a company changes its approach to risk management or brings in a new risk manager, Ms. Arendall said.
“The data is always historical, it’s only facing backward, and if you are going to base everything on a company based on what they did previously … that sometimes can hurt if you are not willing to see where the company is going forward,” she said.
The technology used to process the data has greatly changed the job of risk managers, said David North, president and CEO of Sedgwick Claims Management Services Inc. in Memphis, Tennessee.
“The pace of change is so fast now that the changes that have happened over the past 10 years eclipsed the previous 40,” he said. “The world has become so much more connected, and the ability to respond is so much faster.”
The speed of response is especially noticeable in the processing of documents, Ms. Arendall said.
“When I first started in risk management, if you were lucky you’d get your insurance policies delivered in 90 days. Then you’d get all the endorsements to correct the errors. And if you were getting a policy from London, sometimes you wouldn’t get a policy until it expired. Now, you receive most of the policies at binding,” Ms. Arendall said.
The development of risk management information systems has also sped up processes, said Mr. North.
“In the early days of RMIS, the focus was on gathering information — you spent 90% of the time gathering information and 10% of the time doing something with it. But today that’s been reversed,” he said.
But risk managers still need to manage their data collection, said Ms. Arendall.
“With a RMIS, you can slice and dice your data, but it’s only as good as the data that goes into the system. Risk managers need to understand what their data is,” she said.
RMIS systems themselves will be turning 50 next year, said Robert G. Petrie, president and CEO of Origami Risk L.L.C. in Chicago.
Guyon Saunders founded what became Corporate Systems, the company behind the first RMIS, in 1968. And, said Mr. Petrie, “what Corporate Systems introduced solved the problem of how you understand what your cost of risk is if you’ve got data with multiple insurance companies or third-party administrators. It took claims data from different insurance companies and put it in the same place on a mainframe system and let people analyze the data. But still it just consolidated the reporting process.”
In the 1980s, risk management information systems were developed to add more data about exposures, and different modules to help assess and manage risks were added in the early 2000s, Mr. Petrie said.
In the past few years, they have been developed further to push the risk management process throughout organizations, he said.
In addition to RMIS, other risk management tools have developed as risk managers have been called upon to look at enterprisewide risks, said George Haitsch, global client advocate at Willis Towers Watson P.L.C. in Philadelphia and former risk manager for SAP S.E. in Walldorf, Germany.
“The tools that professional risk managers have available over time have evolved — alternative forms of capital, alternatives to purchasing insurance have definitely evolved,” he said.