risks. The latter can become complicated if there is compliance uncertainty, intensified regulator assertiveness or if regulatory change is possible. The best way to mitigate these operational risks is by improving internal processes, especially those risks caused by negligence. If unacceptable levels of risk remain after mitigation, then it is appropriate to purchase costeffective insurance. The third and most difficult task is to analyze strategic risk. The risk here may be desirable if there is opportunity involved, such as situations where the entity is considering aggressive corporate strategies. It is often very difficult and costly to purchase insurance for this type of risk, as it would cover any poor management decisions. “The three main ways to manage risk are through insurance, improved processes and outsourcing risk to a third party,” says William Hagaman, CPA, CGMA, managing partner of WithumSmith+Brown. “One of the benefits of insurance is that you know what the cost is upfront so there are no unpleasant surprises to your financials if a negative event occurs. In this way, we improve forecast accuracy.” Insurance has always been a risk/ reward, cost/benefit proposition. You don’t need insurance when cash, time, patience and good luck are unlimited. But if insurance is needed as part of an overall risk management strategy, then costs and benefits must be carefully weighed for each policy.
Other Policies of Note Hagaman notes his firm, and those in the professional services industry in general,
Sandy'' s Impact on NJ $30 billion Economic losses 2 million Homes that lost power 346,000 Homes damaged or destroyed 37 Fatalities
spends the biggest dollars on health insurance, followed by professional malpractice insurance. Professional liability insurance covers a firm for negligent or wrongful acts or omissions for which the firm is legally liable. Hagaman believes that cyber insurance is often needed today and will continue to increase in order to protect against misuse of client data and subsequent regulatory fines. He also mentions the importance of considering the purchase of an employment practice liability insurance policy that protects against employee lawsuits, also a growing trend. And he suggests using derivatives as insurance against unpleasant economic events. Derivatives can be useful in some circumstances and are commonly used to hedge interest rates for more efficient use of capital. Of course, derivatives carry their own risk factors, especially if you do not fully understand the contract.
People Skills There are tools in any comprehensive ERM system that can help manage risk. But any system is only as good as the people behind it. Here are some
noteworthy skills of effective risk managers: • Be a great communicator. • Identify all factors that influence risk. • Create an information-sharing network that involves all interested parties. • Share the mitigating factors. • Assign ownership to each risk. • Take the appropriate corrective action when necessary. If you can afford the insurance premium(s), lock in an affordable cost and prevent a downside risk, you should seriously consider purchasing a policy. The essence of sound strategic thinking is making decisions. Using insurance effectively as part of a robust risk management strategy requires serious decision making, but can add tremendous organizational value. Stephen F. McCarthy, CPA, is a lecturer in the Accounting and Finance Department at Kean University and is the principal at The Presidents Forum. He is a member of the New Jersey Society of CPAs. Contact him at stepmcca@kean.edu or 732-977-7233.
N E W J E R S E Y C P A • J a n u a ry • F e b r u a ry 2 0 1 4
15