VIEWPOINTS [ PEOPLE ] Sub-sea cable layer and industrial giant Prysmian’s group risk manager reveals all
RISKS [ THREATS ] In an increasingly divided world, global consensus is hard to come by. This poses problems for multinationals. What should risk managers do?
European risk and corporate governance solutions
www.strategic-risk.eu [ July 2011 ] Issue 71 €25
GOVERNANCE [ COMPLIANCE ] Global insurance programmes are a challenge for many risk managers. We explore the issues
THEORY & PRACTICE NEWS & ANALYSIS » War risk management » Apple’s worker rights » Al-Qaeda a er Osama » Forest fires
[ BEST PRACTICE ] Criminals do a lucrative trade in kidnap and ransom. Here’s our essential guide to help you avoid being kidnapped
RISKY WATERS Ship and cargo owners need to toughen up their defences – piracy is one industry that just keeps on growing Risk Atlas Bribery and corruption are hot topics. Our map shows where the risks are greatest Special Report Almost everything you need to know about forming a captive insurer StrategicRISK Awards The winners of this year’s risk management accolades
LEADER [ JULY 2011 ]
Issue 71 July 2011
Nathan Skinner, EDITOR, STRATEGIC RISK
www.strategic-risk.eu WELCOME
Editor Nathan Skinner Editor-in-chief Sue Copeman Reporter James Bray Market analyst Andrew Leslie Group production editor Áine Kelly Deputy chief sub-editor Laura Sharp Group sales director Tom Sinclair Business development manager Donna Penfold +44 (0)20 7618 3426 Production designer Nikki Easton Group production manager Tricia McBride Senior production controller Gareth Kime Head of events Debbie Kidman Events logistics manager Katherine Ball Publisher William Sanders +44 (0)20 7618 3452 Managing director Tim Whitehouse Cover image Sven Torfinn/Panos Pictures Email: firstname.surname@ newsquestspecialistmedia.com
Conflicting issues W
E LIKE TO COVER THE BIG ISSUES IN STRATEGICRISK. THIS ISSUE IS no exception. As companies struggle back to growth there’s one industry
that’s still booming – piracy. Attacks at sea hit an all-time high in the first three months of this year. There were 142 attacks worldwide, with 97 of these off the coast of Somalia. Hardly surprising, since Somalia has been a failed state for decades. It also has the largest coastline of any African country and it just so happens that the Gulf of Aden is the busiest shipping lane in the world. The honey pot is just too tempting. Of course, ship and cargo owners can always buy insurance to protect themselves against the risk. But as Catlin Asset Protection’s Peter Dobbs told me recently: “Insurance
ISSN 1470-8167
might protect your balance sheet but risk management is what saves people’s lives.” He
Published by Newsquest Specialist Media Ltd 30 Cannon Street, London EC4M 6YJ tel: +44 (0)20 7618 3456 fax: +44 (0)20 7618 3420 (editorial) +44 (0)20 7618 3400 (advertising) email: strategic.risk@newsquest specialistmedia.com
thinks ship owners (and their insurers) have a responsibility to ‘harden’ their ships’ defences
StrategicRISK is published eight times a year by Newsquest Specialist Media Ltd., and produced in association with Airmic (the Association of Insurance and Risk Managers). The mission of StrategicRISK is to deliver the latest risk and corporate governance solutions to key decision-takers in UK and European companies. StrategicRISK is BPA audited with a net average circulation of 10,046, June 2010.
with sophisticated weaponry to keep the pirates at bay (read the cover story on page 15). Another topic this issue tackles is the breakdown in global governance. President of risk analysts Eurasia Group Ian Bremmer told StrategicRISK: “2011 looks to be the year that our understanding of how the world works becomes out of date.” Bremmer uses the term ‘G-Zero’ to describe the inability of the G-20 group of nations to respond effectively to the economic chaos. In his view, it’s a recipe for political posturing at best and, at worst, more conflict (read the full feature starting on page 39). Speaking of conflict, we’ve highlighted some of the key business risks and opportunities stemming from the regime-changing revolution in Egypt. While the risks
For all subscription enquiries please contact: Newsquest Specialist Media, PO Box 6009, Thatcham, Berkshire, RG19 4TT, UK tel: +44 (0)1635 588868 email: customerservice@strategicrisk.eu Annual subscription (incl P&P) £249 €399 $499 Two-year subscription £449 €649 $849 Three-year subscription £427 €663 $821 Printed by Warners Midlands Plc © Newsquest Specialist Media Ltd 2011
are significant, not least down to economic stagnation, relative normality may not be too far away (read more from page 30). Also, see our online exclusive on what the death of Osama Bin Laden means for international terrorism. Read what the experts have to say here: goo.gl/6wJs0
SR
[CONTACT THE EDITOR] Email nathan.skinner@strategic-risk.eu or follow me at twitter.com/StrategicRISK
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
1
CONTENTS [ JULY 2011 ]
Nicolas Righetti/Panos Pictures
17
Prysmian’s Alessandro De Felice talks super cables and mega mergers
30
Expectations of the revolution in Egypt are running as high as emotions have been
News & Analysis
Risks
[ THE LATEST BUSINESS ROUND-UP ]
[ THREATS ][ OPPORTUNITIES ][ MANAGEMENT ]
4
27
6
8-12
14
The Best of the Web The biggest stories online, including al-Qaeda’s leadership battle, Spain’s earthquake and why Sony may have incited a cyber attack Risk Indicator The world a er Osama; radioactivity fears as forest fires sweep Europe; and the top five money-grabbing cyber criminals News Analysis What risk managers can learn from army generals; poor working conditions at Apple; Tepco’s compensation bill; and the lessons to be had from the BP disaster COVER STORY: A king’s ransom What can businesses do to protect their cargo, ships and staff from the growing risk of piracy attacks?
Viewpoints
30 32
Governance [ ETHICS ][ COMPLIANCE ][ REPORTING ]
39
42
[ PEOPLE ][ OPINION ][ COMMUNITY ] SPECIAL REPORT
Captives 35 The case for captives What can a captive do for your organisation?
36 Going for the hard cell When setting up a captive cell facility, ‘one size fits all’ won’t cut it
36 Location, location Onshore or offshore, that is the question when choosing your domicile
2
17
19 20
22
48
Well connected Cable manufacturer and layer Prysmian’s group risk manager Alessandro De Felice knows the value of good links It’s finally time to reap what we’ve sown John Hurrell is eager to announce the results of Airmic’s recent labours When the mighty fall … What hope for the meek? As Sony suffers a security breach, Sue Copeman asks how smaller companies can fight hackers Meet the winners Presenting the roll of honour from the StrategicRISK European Risk Management Awards Headspace What’s on John Hurrell’s mind? The Airmic chief executive talks heroes, embarrassing moments and the joy of a decent pint
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
Fault lines Economic woes, civil unrest and natural disasters are just some of the increasingly global risk factors threatening businesses Revolution solutions? How long until Egypt can get back to stability and a promising future? RISK FINANCING: Captives Little is beyond the remit of a captive when it comes to books of business – how are parents making them work harder?
Get it together A global risk programme can bring transparency of cover, consistency of approach and save you money RISK ATLAS: Corruption Nearly three-quarters of the world has a serious corruption problem. But large companies are cracking down
Theory & Practice [ INSIGHT ][ CASE STUDIES ][ BEST PRACTICE ]
44
45
46
Coping with kidnapping You don’t have to be rich or involved in criminal activities to be kidnapped. Here are five ways to protect your employees A career from start to finish We picked the brains of individuals on all rungs of the risk management career ladder. Here’s what they told us For better and worse: the tricky nature of collaboration Relationships between organisations can be complex. How do you prevent problems from slipping through the gaps?
Know more. Achieve more. Building the world’s largest passenger aircraft – the A380 – is a challenge that requires a trusted partner. That’s why Airbus, an EADS company, trusts in the expertise of Allianz Global Corporate & Specialty – covering the most complex business risks worldwide. www.agcs.allianz.com
© Allianz SE, Germany
With you from A-Z Ingo Zimmermann, Head of EADS Corporate Insurance Risk Management
NEWS MATRIX [ THE LATEST BUSINESS ROUND-UP ]
Top 10 essential online stories 09 08 10 01 TERRORISM
07
Al-Qaeda leadership battle to ensue
For the first time in this survey’s history, strategic risks such as failure to innovate and attract top talent ranked highly as a problem. web. goo.gl/KIynI
4
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
03 JAPAN
Tepco struggles with earthquake compensation bill Japanese power company Tokyo Electric Power Co (Tepco) is currently involved in a heated debate over how much in damages it is liable to pay for the nuclear accident at the Fukushima Daiichi power plant. The Japanese government has already ordered Tepco to pay the 48,000 families who live within the 30km exclusion zone approximately €12,000 each, marking the start of a huge compensation bill. Even a company of Tepco’s size will struggle to pay these losses, which means the Japanese government will have to intervene. Tepco is too integral to Japan’s electrical infrastructure to fail. Tepco has presented a formal written request to the Japanese government, asking for financial help to deal with the spiraling compensation costs. Since the earthquake, many of the key infrastructure problems in Japan have been caused by disruptions in the power grid and the knock-on effect this has had on the business supply chain. web. goo.gl/Z8nNC
Reuters
Economic slowdown Regulatory/legislative change Increasing competition Damage to brand Business interruption Failure to innovate/meet customer needs Failure to attract or retain top talent Commodity price risk Technology failures or system failures Cashflow or liquidity risk
Spain rocked by earthquake On 11 May, two earthquakes hit the Murica region of south-eastern Spain. The town of Lorca was the worst affected, with extensive damage to buildings, 120 people injured and eight people killed. It was the first earthquake to cause fatalities in Spain since 1997. Lorca has a population of approximately 92,000 people, most of whom spent the night out in the open due to fear of a ershocks. Spanish newspaper El Pais reports that a further 10,000 people were evacuated from their homes. Teams have begun to evaluate the damage caused by the quake, but an official statement has been issued confirming that the region’s transport network is not badly affected. web. goo.gl/OgDNG
Top 10 global risks
1 2 3 4 5 6 7 8 9 10
05
04 DISASTER
02 COMPANIES
Aon Risk Solutions surveyed 960 companies from 58 countries and found the top 10 risks to businesses today are:
04 01
Reuters
Members of the terrorist cell in Yemen are most likely to exploit the death of al-Qaeda leader Osama Bin Laden, according to experts. Following the killing of Bin Laden by the US military, a self-destructive battle for succession within al-Qaeda is likely, which al-Qaeda in the Arabian Peninsula (AQAP) in Yemen is best-placed to exploit, said the Global Jihad Analysis team at Exclusive Analysis. Since 2001, the death or capture of several senior figures associated with al-Qaeda has gradually reduced the core of older veterans in top leadership positions. Before his death, Bin Laden had slowly been sidelined as an operational commander, explained the analysts. His communiqués were frequently out of date and in some cases contradicted other senior al-Qaeda leaders. Exclusive Analysis believes that Yemen’s AQAP will take a greater role in planning al-Qaeda’s overseas attacks, following involvement in the deployment of a would-be bomber on a Detroit-bound passenger jet on Christmas Day 2009, which showed intent and capability for mass casualties. web. goo.gl/DbGeI
02
03
06
LINKS TO THE WEBSITE About goo.gl Type the goo.gl address into your web browser to access our recommended articles from strategic-risk.eu
Sony’s cyber woes Sony’s determined pursuit of a famous hacker last year may have incited a breach of the Playstation security systems that put the network offline for a week in April. The recent Playstation Network hack is one of the biggest cyber attacks of all time. As a result of the intrusion, Sony is now “rebuilding its security system from the ground up”, CAPITA information security manager Dave Whitelegg explained. Last year, Sony reportedly settled a legal battle with notorious hacker George Hotz, who gained fame a er hacking the iPhone. Whitelegg suggested that Sony’s aggressive pursuit of the case may have incited the April attack on its network. web. goo.gl/eXNCb 06 CIVIL UNREST
Reuters
Anti-austerity protests in Greece
Strict austerity measures implemented by the Greek government have sparked large protests in Athens. According to Reuters, on 11 May 3,000 people took to the streets, resulting in several violent clashes between protesters and riot police. The majority of the protest passed peacefully, but a minority broke away from the main group and began throwing stones at the police. According to Greek police reports, 17 demonstrators and two police officers were hurt as a result of these clashes. Three Greek policemen have since been suspended due to a police brutality investigation that began a er a video showing the violent altercations appeared on Youtube. web. goo.gl/4apjn
10 INSURANCE
Reuters
05 HACKING
D&O policies are ‘unwieldy beasts’
07 TORNADO
Up to $6bn for US storm damage Insured losses from the US tornado outbreak in April are estimated to be between $3.5bn ($2.46bn) and $6bn, according to Risk Management Solutions. The storms took place from 25 to 28 April, with the state of Alabama hit by the majority of the violent tornadoes, accounting for approximately 70% of the overall loss. Over 300 tornadoes touched down during April, breaking the previous April monthly record of 267. The April average is 161. Risk Management Solutions project manager Matthew Nielsen stated: “This tornado outbreak is set to become one of, if not the, costliest severe convective storm event in US history.” web. goo.gl/2wrNH 08 CORRUPTION
09 INSIDER TRADING
Campaigners slam the Bribery Act
Volcano threat to European airspace
A leading anti-bribery group has severely criticised the official guidance to the Bribery Act, published by the UK government in March. The organisation said that the guide undermines key features of the Act, which will come into force in July. According to Transparency International, parts of the guidance indicate that the UK government has surrendered to business lobbyists, which could allow corrupt practices to continue. web. goo.gl/ZeGtL
A volcano in Iceland began erupting on 20 May, sending large amounts of ash and steam into the atmosphere. According to Reuters, the country’s main airport just outside of Reykjavik has been closed due to fears that ash from the Grimsvötn volcano will interfere with engines. The eruption was more violent than that of the Eyjafjallajökull volcano in April of last year, which caused extended periods of chaos in European airports. web. goo.gl/1zLI9
For risk managers, D&O policies need to be clearer about what cover they offer and in what circumstances they will respond, according to Sedgwick Claims Management managing partner Edward Smerdon. D&O coverage can be problematic, said Smerdon. “D&O policies are unwieldy beasts, with lots of clauses and too many definitions.” He added that the lack of clarity in D&O policies increases the likelihood of disputes between policyholders and insurers, leaving directors stranded. Coverage issues stem from ‘dra ing problems’ in the policy itself. Directors’ and officers’ liability has become an increasingly important issue since the global financial crisis of 2008. web. goo.gl/q1dfk
Online Contents Most read stories Risk Management Award 2011 winners web. goo.gl/cP8fP VIDEO: Volcano threatens European airspace web. goo.gl/7QE9e Risk management career advice web. goo.gl/h9hLo StrategicRISK Report 2011 web. goo.gl/csbdi
Online analysis Al-Qaeda and other Islamist militants may seek to exploit the insecurity in Libya generated by current civil war. While Libyans show little sympathy towards such terrorist organisations, support for al-Qaeda could increase if the war proves to be protracted and bloody. web. goo.gl/KIil8 StrategicRISK spoke to two al-Qaeda experts to analyse the threat from international terrorists a er the killing of Osama Bin Laden. Both agreed that while al-Qaeda’s organisation has changed, it still represents a key threat. web. goo.gl/bCqI6
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
5
RISK INDICATOR [ VISUALISING DATA AND TRENDS ]
Madrid, Spain
London, UK
Sharm el-Sheikh,
Bali, Indonesia
July 2007, UK (London). Public transport bombing: 56 people killed.
July 2005, Eqypt (Sharm el-Sheikh). Ninety people killed, over 200 wounded.
October 2002, Bali (Kuta). 202 people killed.
March 2004, Spain (Madrid). Public transport bombing: 191 people killed/1,800 people wounded. A l-Qaeda are attributed with the attack but did not accept responsibility.
Ammam, Jordan
Manilla, Philippines
November 2005, Jordan (Ammam). Sixty people killed, 115 wounded.
February 2004, Philippines (Manilla Bay). Ferry bombing: 116 people killed.
London, UK – Jul 2007
Ammam, Jordan – Nov 2005
Madrid, Spain – Mar 2004 Manilla, Philippines – Feb 2004
Sharm el-Sheikh, Eqypt – Jul 2005
Bali, Indonesia – Oct 2002
TERRORISM
Al-Qaeda a er Osama Countries worldwide are on high alert following the death of the USA’s most wanted terrorist Key points 01: Osama Bin Laden was killed on the 2 May 2011 in Abottabad, Pakistan 02: There have been 51 terrorist attacks inspired by or suspected of al-Qaeda since 9/11
6
T
HE DEATH OF OSAMA BIN LADEN, WHO WAS KILLED BY NAVY Seals in a daring raid in Pakistan on 2 May 2011, could increase the likelihood of further international terrorist attacks. India, the Philippines, the UK and the USA are all on high alert and a global travel advisory has been put in place. The death of Bin Laden is a symbolic victory for the USA, but al-Qaeda’s cell structure means it is a highly decentralised organisation. As such, experts believe it won’t stop planning attacks even a er the death of its figurehead. Al-Qaeda confirmed the death of Bin Laden in a statement posted on various Jihadist websites, warning that his death would be avenged and the group would continue in their war against the USA and its allies.
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
In the statement, al-Qaeda also claimed that it would soon broadcast a recording of Bin Laden that was made one week before his death. This recording reportedly shows Bin Laden “sharing with the Islamic nation the joy caused by the Arab revolts” and giving advice to his followers. The US government said that a search of Bin Laden’s compound revealed evidence of the early stages of a planned attack on the US rail network. In the short term, analysts say, the risk of terror attacks has probably increased but the situation could change in the long term. For example, the recent political revolutions in North Africa could potentially offer a legitimate social and political alternative to terrorism, which could damage al-Qaeda’s credibility and its ability to recruit new members.
EUROPE
CYBER CRIME
Forest fires blazing across Europe could create radioactivity risk SERIES OF FIERCE WILDFIRES have blazed their way across Europe, causing damage to homes and businesses in the UK, Switzerland, the Netherlands and the Ukraine. Low rainfall, wind and high temperatures created the ideal conditions for the fires, which occurred at the end of April and beginning of May. Some of the regions affected are not accustomed to dealing with such large-scale forest fires and may struggle to protect property and infrastructure. In the Ukraine, forest fires were reported inside the exclusion zone that surrounds the site of the Chernobyl nuclear disaster. There have been over 1,000 forest fires in this area since 1992 and an international consortium of scientists are now warning that a high-intensity fire in the exclusion zone could result in the release of a significant amount of radioactive material. Last year, higher-than-usual temperatures in central Europe resulted in devastating wildfires that burned across Russia. Fires were blamed for the death of approximately 55,000 people due to the smog and increased temperatures.
[ MONEY-GRABBING CYBER CRIMINALS ]
1.
Rex
A
Top five
2. 3.
4.
5.
Valdir Paulo de Almeida – March 2005, €37m The ‘phishing kingpin’ accessed Brazilian bank accounts by sending a trojan horse virus to thousands of the bank’s clients via email. Alberto Gonzalez – April 2001, €7.9m Gonzalez, a serial Cuban-American hacker, stole the details of 130 million credit and debit card holders. Yevgeny Anikin and Viktor Pleshchuk – November 2008, €5m A Russian gang of hackers stole millions of payroll account details from RBS Worldpay. Ivan Biltse, Angelina Kitaeva and Yuriy Rakushchynets – January 2008, €2m The group hacked into the server controlling Citibank cash machines located across the USA. Unknown – January 2007, €670,000 Customers of Swedish bank Nordea lost a combined €670,000 when fake anti-virus so ware recorded their bank details. The hackers responsible were never found. Source: CNET.com
NATIONAL SECURITY
THE BIG NUMBERS
OVERHEARD
‘Europe and the UK is still an attractive target for al-Qaeda’
Japanese earthquake statistics
“Soundbites”
Exclusive Analysis head of Global Jihad Analysis Anna Murison explains that while al-Qaeda’s organisation and its capabilities have changed, it still represents a key threat. Following the death of Osama Bin Laden, al-Qaeda may attempt to mobilise an attack planned well before his death, but may not be able to execute a new plan in a short time. Transport networks have the highest risk of being affected. But Murison also says Bin Laden’s death “is likely to accelerate the fragmentation of al-Qaeda”.
Tohoku earthquake was the fi h-largest earthquake since 1900
5 *Figures confirmed by the Japanese National Police Agency
15,019 people killed
9,056 people missing
88,873 homes damaged/destroyed
3,970 71
‘Piracy is just another risk that needs to be managed and planned for. I wouldn’t want it overstated. There are dangers but also ways to be prepared’ Paul Taylor Morgan Crucible risk director >> see Cover story pages 15
‘My most embarrassing moment was arriving at an Airmic dinner about 15 years ago with my dinner jacket but no trousers’ John Hurrell Airmic chief executive >> see Headspace page 48
roads damaged/destroyed
bridges damaged/destroyed
‘In the long term, Egypt will be a hugely attractive market’ Lucy Jones Control Risks Middle East analyst >> see Risks page 30
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
7
NEWS ANALYSIS [ CONTEXT & INSIGHT ]
POLITICS
When to attack, when to defend The boardroom is a battleground, risk managers are generals and raw materials are the lives of soldiers; important risk management lessons can be learnt from history’s greatest wars ISK IS AS INSEPARABLE FROM warfare as it is from business. In war the stakes are high, for failure may mean the defeat and subjugation of a nation, while the principle raw material of warfare is the lives of the soldiers who must do the fighting. It is logical enough to therefore expect a successful general to be an expert in managing the risks he faces, and a glance through military history indeed shows that many of them, from Hannibal to Montgomery, knew how best to deal with the risks of their trade. What can business learn from them? The world of risks faced by business is remarkably similar to that faced by those in charge of an army. Familiar military concepts such as logistics, domination of ground, command and control, and strategic or tactical balance have their civilian equivalents in supply chain, market penetration, management hierarchies and resilience. Communication is of as much importance to the general as to the risk manager, and clarity of purpose is central to both. Take this from Montgomery, on assuming command of the eighth army in 1942: “I want to impose on everyone that the bad times are over, they are finished! Our mandate from the prime minister is to destroy the Axis forces in North Africa … It can be done, and it will be done!” Clear and to the point – there is no mention of ‘deliverables’ or ‘drilling down’.
History lessons Reputation is also important for the general, to give his troops confidence in his leadership and to strike fear into the enemy. The Duke of Wellington said of Napoleon that his presence on the battlefield was worth 40,000 men, and the same could be said of Rommel, whose reputation for aggressive risk-taking could induce paralysis in the British eighth army during the Second World War. Generals have always spent time cultivating their reputation – a lesson which should not be ignored by business.
8
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
Sun Tzu, author of The Art of War, wrote: ‘Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win.’ It is a maxim that anyone seeking to push their brand should take to heart.
Corbis
R
Cutting your losses It is in the field of risk appetite, however, that military history can bring most enlightenment to the risk manager. The UK Treasury’s guide ‘Managing your risk appetite’, says: “Risk appetite is about taking well thought through risks where the long-term rewards are expected to be greater than any short-term losses,” and since this is precisely the mindset of the general approaching battle, it is worth looking at how generals manage this risk. The obvious example of how not to do it is to be found in the sanguinary battles on the Western front during the First World War. In one offensive a er another, British and French generals took the ‘one more heave’ mentality, whereby the commitment of ever greater resources to a failing attack merely resulted in a massive increase in casualties rather than the anticipated breakthrough. The same failure to assess risk properly and to let risk appetite get out of control is to be found in many a corporate M&A battle. It is again to be found in Operation Citadel, Hitler’s last attempt to attack on the Russian front in 1943. “Whenever I think of this attack, my stomach turns over,” Hitler said, but the planning was too far advanced to be easily cancelled, and the attack was duly crushed. Here, loss of prestige became a factor in risk assessment, distorting the appetite for
Fly it up the flagpole and see who salutes: history’s great generals used clear, commanding rhetoric, not management speak
‘Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win’ Sun Tzu author of The Art of War
risk, with disastrous consequences. Napoleon, on the other hand, usually got it right. At Austerlitz, he gave up a defensive position and weakened his right wing to tempt the Russian and Austrian armies to attack (they could have forced a retreat just by waiting). The Russian general Kutuzov knew attack was the wrong option, but was overruled and the allied armies were duly smashed by Napoleon’s counter attack. Napoleon assessed the risk correctly and deliberately deceived his opponents into thinking their risk was much smaller than it was. In boardrooms, less may be at stake than on the battlefield, but many of the pressures that can distort a general’s view of risk are similar. It is the risk manager’s task to present the correct assessment, and looking at where military men get it right and wrong can be a useful guide. SR
Go
ahe ad a nd mak e th e
TOU DEC GH ISIO NS. D&O insurance that will be there for you. The risks faced by directors, officers and companies are constantly changing. That’s why we’ve enhanced our Directors and Officers liability insurance to safeguard individuals’ personal assets and protect the organisations they serve in today’s changing risk landscape. It’s market-leading coverage built on 40 years of D&O experience. Learn more and find out if your current insurance is doing enough. Europe: www.chartisinsurance.com/BusinessGuard UK: www.chartisinsurance.com/uk/d&o
All products are written by insurance company subsidiaries or affiliates of Chartis Inc. Coverage may not be available in all jurisdictions and is subject to actual policy language. For additional information, please visit our website at www.chartisinsurance.com.
Reuters
NEWS ANALYSIS [ CONTEXT & INSIGHT ]
HUMAN RIGHTS
Report undermines Apple’s code of conduct COMPENSATION
Despite a ‘rigorously’ enforced code of conduct, new research highlights the continuation of poor working conditions standards
A
Reuters
YEAR AGO, A SPATE OF SUICIDES AT Foxconn’s plants in China were followed by pledges by the company’s customers, notably Apple, HP and Dell, to work with Foxconn to help it achieve higher international labour standards. However, a report from Students & Scholars Against Corporate Misbehaviour (SACOM) claims that poor working conditions continue. SACOM researchers visited two Foxconn production facilities in Chengdu and Chongqing municipality in Western China, which manufacture Apple iPad 2 and HP laptops. They also revisited Foxconn’s flagship plants in industrial towns Longhua and Guanlan in the Shenzhen, where employees are still housed in dormitories surrounded with anti-suicide nets. The report states: “Workers always have excessive and forced overtime in order to gain a higher wage. Workers are exposed to dust from construction sites and shop floors without adequate protection. Even worse, they are threatened by potential harm of occupational diseases in various departments. Additionally, military-styled
10
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
management is still in practice, characterised by ‘military training’ for new workers.” The report’s findings contrast sharply with Apple’s own statement on supplier responsibility in its 2011 progress report: “Apple is committed to driving the highest standards of social responsibility throughout our supply base. We require that our suppliers provide safe working conditions, treat workers with dignity and respect, and use environmentally responsible manufacturing processes wherever Apple products are made. “Suppliers commit to the Apple Supplier Code of Conduct as a condition of doing business with us. Drawing on internationally recognised standards, our Code outlines expectations covering labor and human rights, health and safety, the environment, ethics, and management commitment. “Apple monitors compliance with the Code through a rigorous programme of onsite factory audits, followed by corrective action plans and verification measures … By making social responsibility fundamental to the way we do business, we ensure our suppliers take Apple’s Code as seriously as we do.” SR
Multibillion-dollar costs for Tepco Experts believe Tepco’s compensation bill will reach upwards of €17bn
R
EUTERS REPORTS THAT JAPAN’S GOVERNMENT plans to hold Tokyo Electric Power (Tepco) liable for unlimited damages resulting from its crippled nuclear power plant. Government officials, Tepco and creditor banks have been attempting to design a scheme to enable the company to cope with the massive bill for compensating displaced residents and still remain in business. Japanese law allows nuclear plant operators exemption from paying damages if an accident was caused by “a grave natural disaster of an exceptional character”. But chief cabinet secretary Yukio Edano does not believe that Tepco’s plant qualifies for that exemption since the earthquake, although large, was not on a previously unexperienced scale. On 10 May, Tepco’s president Masataka Shimizu met with cabinet ministers to ask for financial help from the government. He said that Tepco will try to finance compensation for victims of the accident by selling its stockholdings and property, as well as by streamlining its operations. Tepco has started making compensation payments to residents and local governments near the plant who were forced to evacuate. But it has yet to determine how much it will have to pay in total. J.P. Morgan has estimated that Tepco could face Y2,000bn (€17bn) in compensation claims, but some reports suggest that the figure could be double this. According to the Financial Times, Tepco raised Y2,000bn from its banks in March, but much of that is needed to decommission Fukushima’s damaged reactors and to buy natural gas, oil and coal to make up for lost nuclear capacity. The government rescue plan would keep Tepco out of bankruptcy and prevent shareholders from being wiped out. But the value of Tepco’s stock – already down by three-quarters since the crisis started – would likely remain depressed as operational profits would be diverted for years. SR
creating
choice through specialist
insight At JLT Specialty we provide our clients with specialist insurance broking, risk management and claims consulting services. By focusing on clearly defined industry and risk sectors we have become a strong global market performer with a distinctive culture and style of service that gives our clients the power of choice. Let us show you how choice creates the opportunities to help you make more profitable insurance and risk management decisions.
For further information please contact: Tony Tyler +44 (0)20 7528 4133 Tony_Tyler@jltgroup.com www.jltgroup.com
Our specialist service and expertise: SECTORS Aerospace; Communications, Technology & Media; Construction; Corporate Recovery Risks; Engineering & Manufacturing; Entertainment; Financial Institutions; Food & Drink; Leisure; Life Science & Chemicals; Marine; Oil & Gas; Ports & Terminals; Power & Utilities; Professional Services; Real Estate; Renewable Energy; Sport; Transport; PRODUCTS AND SERVICES Accident & Health; Business Continuity & Supply Chain Risk; Captives; Claims Consultants; Credit & Political Risk; Cyber & IT Risks; Directors' & Officers' Liability; Global Insurance Management; Kidnap & Ransom; Professional Indemnity; Risk Consultancy; Terrorism & Political Violence.
Birmingham • Leeds • Liverpool • London • Maidenhead • Manchester • Southampton
JLT Specialty Limited. Lloyd’s Broker. Authorised and Regulated by the Financial Services Authority. A member of the Jardine Lloyd Thompson Group. Registered Office: 6 Crutched Friars, London EC3N 2PH. Registered in England No. 01536540. VAT No. 244 2321 96. 263764
NEWS ANALYSIS [ CONTEXT & INSIGHT ]
DISASTER
One year on from Deepwater The scale of the environmental damage for the Deepwater Horizon disaster is yet to be fully realised and blame has not yet been formally attributed. The only certainties are the lessons that can be learnt from it
W
Reuters
HEN THE DRILLING STATION Deepwater Horizon exploded and sank last April, killing 11 workers and seriously injuring 16 others, the world looked on helplessly as thousands of gallons of crude oil gushed into the Gulf of Mexico. Numerous failed attempts by BP and the American government to stem the flow saw massive economic and ecological damage done to the area and, by the time the leak had been capped nearly three months later on 15 July, almost five million barrels (210 million gallons) had leaked. Fuelled by the one-year anniversary of the disaster, attention has refocused on the necessity of proper risk management and effective fallout mitigation. Yet the recent announcement that BP has issued $40bn (€28bn) worth of lawsuits against its contractors Halliburton, Cameron and Transocean, means that a comprehensive overhaul of risk prevention and mitigation systems is unlikely to occur any time soon. In an internal 193-page investigation into the incident published late last year, BP cited “a complex and interlinked series of mechanical failures, human judgments, engineering design, operational implementation and team interfaces” as the cause of the disaster. However, the lack of interaction and co-operation between the companies has seen ineffective mitigation and therefore a failure to remedy the situation.
Damaged blowout preventer on an oil rig
who responded in turn by dismissing the report as fundamentally flawed. This evasion of responsibility has seen a failure to adhere to risk mitigation practices that could have significantly limited the environmental and economic costs. In June 2010, the US House Committee on energy and commerce criticised BP for its failure to test cement at the well, which would have cost around $150,000 and taken around 8-12 hours.
What we know now Despite the prolonged and ongoing fallout, though, lessons have been learnt from the disaster. Institute of Risk Management head of thought leadership Carolyn Williams told StrategicRISK that “since the BP oil spill, many companies have been asking themselves: ‘What could be our Deepwater Horizon?’ and subsequently building this sort of reverse scenario planning into their risk management. “Whereas the BP situation underlined the need for a stronger emphasis on process
Start talking A January 2011 White House national commission report on the oil spill urged “better communication within and between BP and its contractors” and demanded “internal reinvention … and sweeping reforms that accomplish no less than a fundamental transformation of its safety culture”. Yet fallout from the disaster has been met with only a blame game from the companies involved: BP’s internal report laid significant blame on its contractors,
12
‘Since the BP oil spill, many companies have been asking themselves: “What could be our Deepwater Horizon?”
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
Carolyn Williams Institute of Risk Management
safety – as well as individual safety measures – it is also recognised that Black Swan-type accidents can still happen, even with industry-standard risk management in place. “This shi s the focus to resilience and recovery – ensuring that the organisation can recover quickly from an incident and that its impact – human, financial, environmental and reputational – is minimised.” The government has also taken steps to prevent such disasters in the future, splitting the agency that oversees offshore drilling by segregating the divisions responsible for safety regulations and the collection of industry royalties. The government also temporarily suspended deep-sea drilling to investigate and reinforce design and safety requirements. And, despite the impending legal furore, BP’s new chief executive, Bob Dudley, has hinted towards progress. In an op-ed in the Wall Street Journal he indicated that BP was “creating a central safety and operational-risk organisation reporting directly to me”. Dudley insisted that this organisation would have “the authority to intervene in our operations anywhere in the world … linking the management of employees’ performance and reward directly to safety and to compliance with BP’s standards”. Yet though measures have and are being implemented, the situation is still a long way from being resolved. A recent environmental report suggested that it could be decades rather than years before the full extent of the damage becomes clear, while the legal battle between BP and its contractors is set to obfuscate an already complex web of systematic problems underlying the economic and environmental fallout of the disaster. Lessons have been learnt from the Deepwater Horizon disaster: whether improvements will be fully and effectively implemented remains unclear. SR
Bravely exploring uncharted territory in the world of specialty insurance and reinsurance.
Specialty solutions. Worldwide.
awac.com
A world without a road map is a world full of opportunity. At Allied World, we aren’t afraid to journey off the beaten path to find new markets or explore new opportunities. Our skill at navigating uncharted terrain enables us to work closely with clients to find innovative ways to balance risk with reward. When it comes to specialty insurance and reinsurance solutions, sometimes the road less taken is the one well worth traveling.
INSUR ANCE | REINSUR ANCE | S Y NDIC ATE 2232
Insurance coverage is underwritten by member companies of Allied World. Coverage is subject to underwriting. Member companies may not be licensed in your state or jurisdiction. To find out if coverage is available, please contact your insurance broker.
NEWS FEATURE [ COVER STORY ]
Dutch battleship Hr Ms Evertsen can be seen in the background as a member of the Dutch Special Forces stands guard aboard the Fade I cargo ship, a World Food Programme vessel delivering 5,000 tonnes of food aid to Somalia
14
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
PIRACY
A king’s ransom Piracy exists outside the law and continues to grow every year. As political conflicts increase the situation is set to get worse, creating new and potentially dangerous risks to manage Key points 01: Piracy attacks are at a record high, with 70% taking place off the coast of Somalia 02: Average annual earnings in Somalia are around €350, making piracy an attractive option 03: The main driver of piracy is the increased ransoms being paid 04: There is limited political will to tackle piracy, which means private companies are le to take action 05: Businesses with interests in the region should consider ways to lessen the risk of piracy attacks
A
S BUSINESSES AROUND THE WORLD ASSESS THEIR prospects, one industry at least can be confident that 2011 will be another bumper year: piracy. Attacks at sea hit an all-time high in the first three months of this year. There were 142 attacks worldwide, with 97 of these off the coast of Somalia where, with no central government (see box, overleaf), pirates are free to operate at will. The country, which fronts onto some of the most valuable shipping lanes in the world, is rapidly becoming the world centre for piracy with at least 18 commercial vessels and around 500 hostages currently held by Somali pirates, according to Maritime & Underwater Security Consultants. “This is a problem that will definitely persist in the near-medium term,” says Control Risks global issues analyst Karlin Younger. “There will be no solution until the situation on the ground improves. Whatever the international community or mariners do to protect themselves, the pirates shift their tactics and find new ways to stay in business. They react. They read what people are writing about them in the media. Plus, the pirates now operate over such a huge area, it’s almost impossible to police it properly.” Even where naval forces do engage pirates, their hands are often tied. “The legal framework for the military is not helping,” says Global Risk Solutions’ Sean Woollerson. “They often have to operate a capture and release policy. Plus, it’s not a crime to be sailing around with a few guns. A lot of fishermen have guns – if only to protect themselves from pirates – and it can be hard to identify the aggressor. It’s a constant frustration for commanders when you talk to them; there’s no courts or jails to accommodate the pirates, no judicial infrastructure.” ECONOMICS
Sven Torfinn/Panos Pictures
A lucrative career path “Piracy is the only game in town,” says Control Risks analyst Karlin Younger. Somali pirates earn up to 150 times the national annual wage – $79,000 (€55,000) in a region where average earnings are $500 or less – according to a recent study by the political and economic intelligence consultancy Geopolicity. The study estimates that Somali piracy was worth $238m in 2010 and could hit $400m by 2015, while the costs of piracy to the international community could almost double, from $8.3bn in 2010 to more than $15bn by 2015.
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
15
NEWS FEATURE [ COVER STORY ]
»
“There is a lack of political will to do anything; a lack of appreciation for the importance of the issue. Unfortunately, I think there is a dim view of mariners: if we were talking about a couple of 747s being held hostage then the reaction would be, I think, quite different.” The pirates have been quick to take advantage of the situation. One recent tactical shift is the use of ‘mother ships’, large vessels that are used as a base to launch multiple attacks, re-supply and conduct hijackings. “These vessels – often hijacked themselves – greatly increase the amount of time pirates can stay at sea,” says Younger. “They are also less reliant on good weather.” manufacturing, where the In addition, the remarkable success of the shipping is outsourced, the big risk ‘For businesses it’s a triple pirates – and the reporting of high ransoms in is loss of merchandise, loss of sales the global media – has attracted more aggressive and any penalties for absent whammy with rising criminals from across the region, which some deliveries. analysts blame for a recent increase in violence premiums, longer transit “With retail increasingly towards crews. In 2011 hostages were executed sourcing huge amounts of goods times and the costs of for the first time, and released hostages are from Asia, whether it’s clothes increasingly reporting torture and mistreatment. additional security’ or iPods, the potential for But the main driver of piracy – the issue disruption could be considerable, Karlin Younger Control Risks no-one wants to talk about – is the increased especially if it were a Christmas ransoms being paid to free captive seafarers. supply,” notes Taylor. This is a hugely sensitive issue, and few involved will discuss “However, there is a lot of good information out there and risk figures, but according to Maritime & Underwater Security managers should very quickly be able to look at the risk to their Consultants, the average ransom has increased from $2.1m (€1.47m) companies, and then the task is to work out how to mitigate that in the first quarter of 2009 to $4.6m in the first quarter of 2011. risk. They should be asking what routes ships are taking and “The key issue is: should there be payments?” says potentially look at breaking up the cargo over different vessels to Maplecroft associate director Anthony Skinner. “No one is willing spread the risk. There are a lot of preventative measures you can to discuss this, but ultimately it is ransoms that are perpetuating take and good crisis prevention training available.” the problem.” In short, be prepared. Whether it’s by installing water cannon With so much money at stake, some see piracy spreading to the and razor wire, or scrutinising contracts and thinking tactically, all other side of the Gulf of Aden as the political situation in Yemen businesses with an interest in the Gulf of Aden need to realise that deteriorates and the country becomes increasingly lawless. “It bodes the Jolly Roger will be flying high for some time to come. SR ill for a potential solution,” Skinner says. “While the vast majority of PIRATE HAVEN pirates are from Somalia, Yemen is becoming an important factor. “Although the responsibility does really lie with the shipping companies to manage this, it is a matter of international concern. Although the pirates themselves are not ideological, there is Somalia is a classic ‘failed state’, one of the poorest and most violent places on Earth – and evidence that al-Shabab in Somalia are ‘taxing’ pirates for a safe the perfect berth for pirates who want to operate outside all law. berth and that money is effectively funding Islamic extremism, It has been without a central government since 1991, when president Siad Barre was which potentially has a global security dimension.” overthrown and the county descended into the war, famine, disease and anarchy that has But for the moment, industry is shouldering most of the characterised it ever since. burden. “For businesses it’s a triple whammy with rising Although there is an international recognised authority – the Transitional Federal premiums, longer transit times and the costs of additional Government – it only controls part of the capital, Mogadishu, while the al-Qaeda affiliated security,” Younger notes. al-Shabab rules much of the south. However, for all the dangers some argue that cool pragmatism The northwestern region, Somaliland, has declared itself autonomous, as has the will win the day: “Piracy is just another risk that needs to be northeastern region of Puntland. In much of the country, the only real authority is with managed and planned for,” says The Morgan Crucible Company’s localised clans and warlords. director of risk assurance, Paul Taylor. “I would not want to get it With easy access to weapons, desperate poverty and a generation who have only ever overstated. There are dangers but also ways to prepare. known war, it was only a matter of time before young Somalis turned their attention to the “When you’re talking about shipping firms, then it is wealth floating by offshore. potentially big; you’re talking about the potential loss of ships, people and goods under their care and custody. With
The politics of Somalia
16
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
Viewpoints
[ PEOPLE ] [ OPINION ] [ COMMUNITY ]
> Association The big reveal.... 19 Airmic has some significant announcements up its sleeve > In my opinion Hack attack...20 The Sony debacle shows that firms need to sharpen up their security
PROFILE
Well connected Manufacturing and laying sub-sea cables is a complex, big-money business. Luckily for group risk manager Alessandro De Felice, Prysmian takes its risk management very seriously
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
17
VIEWPOINTS [ PEOPLE ][ OPINION ][ COMMUNITY ]
I
T’S A WARM MAY MORNING as StrategicRISK arrives in Milan to meet Alessandro De Felice, group risk manager for Prysmian, the world’s largest manufacturer of industrial cables for energy and telecoms. We’re lucky to snatch some time with De Felice, who is in the midst of a major integration programme following Prysmian’s merger with Dutch cablemaker Draka. Buried in papers at his office on the fourth floor of Prysmian’s Milan HQ, he welcomes us with a friendly and firm Roman handshake and reclines comfortably behind his desk. Dotted on the rear wall are pictures showing De Felice enjoying one of his favourite pastimes, yacht sailing. Skiing is another passion. He’s also a family man with a wife and two young children. But we came to talk business. Following the recent merger, Prysmian has overall sales of some €7bn, with subsidiaries in 50 countries, 98 plants, 22 research and development centres and 22,000 employees. Its cable-laying ship Giulio Verne has also recently finished one of the most ambitious energy cable projects in the world, laying a 435km sub-sea energy cable between Sardinia and Italy. “Project risk management is very important to us,” De Felice explains. “Laying these cables is a complex operation and costs a huge amount of money.” The project to connect the cable from Sardinia to Italy was worth €480m, for example. The risks associated with the project were vast, being in a part of the world where the seas are both tempestuous and busy with commercial ships and fishing vessels. “It’s also a very deep water cable,” De Felice says. “In some places, the sea is 1,600 metres deep and in other places the cable had to be buried into the sea bed.” The project itself is also extremely complex owing to the nature of the machines used to perform the operation. With the range of potential risk so large and complicated, it’s no surprise that Prysmian takes risk management so seriously. Fortunately, the company had completed a number of these difficult installations before, including in San Francisco and Tasmania. “The cables are used a lot in large offshore wind platforms like in the North Sea,” De Felice explains. “We have a large project in the North Sea out of the Netherlands at the moment, which is one of the largest sea power projects ever realised. These projects allow our customers to transmit power so that it can be used where it’s needed and when it’s needed.” Prysmian’s energy cable division is a large and growing part of the business, says De Felice,. “The claims associated with these projects could be very large, and the underwriting is very technical and it goes into great detail.” Risk management is a vital part of this. And it is this that puts De Felice in an enviable position. The emphasis on risk management makes his job a little easier. “I don’t need to explain to my colleagues why we are doing risk
18
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
management activities and what the benefit of it is,” he says. “That is already well recognised.”
The early years But things weren’t always this simple. De Felice followed a traditional route into the risk management profession, via several years working in insurance. After graduating from the University of Rome with a degree in politics, he started professional life as a broker. “Most people with a degree in politics in Italy go on to something like law,” he says. Instead, as a student De Felice worked for an insurer in Rome doing mainly administration. His break came in 1994 when he had the opportunity to move to London as a broker in the Lloyd’s market. “I was involved in the underwriting process, preparing submissions for large commercial risks,” he remembers. “Then I moved back to Milan as an account handler, mainly helping large foreign clients arrange their local insurance programmes.” He spent most of the 1990s working as a broker and risk consultant, for a time working in aviation. “At that time, there were lots of small carriers operating from minor airports in Italy,” he says. “The aviation industry is historically one of the most developed in terms of risk management. There are a series of protocols, checks and balances to ensure safety.” In 1999, De Felice took the biggest step of his career, leaving the insurance broking world behind and joining huge Italian brand Pirelli. The tyre maker is famously a breeding ground for risk management talent in Italy. De Felice is personal friends with Pirelli’s group risk manager Jorge Luzzi (profiled in the October 2009 issue of StrategicRISK). “I had worked with them before because they were one of my clients,” De Felice says. “Moving from being a consultant to the perspective of a company risk manager was attractive to me. Pirelli was a great experience – I had the
John Hurrell,
CHIEF EXECUTIVE, AIRMIC
chance to travel a lot, as Pirelli’s subsidiaries were dotted all over the world. The activities in those days included tyres, cables and real estate, which was booming.”
Time for an upgrade De Felice was soon promoted to the position of risk manager for Europe, the Middle East and Africa. In 2005, Pirelli sold its industrial activities in the telecom and cables sector to Goldman Sachs, and De Felice was offered the group risk manager job for the new entity that was born out of the spin-off and took the name Prysmian. His priorities were setting up the risk management department, writing the company’s risk management procedures and standards, issuing loss prevention policies and reorganising the insurance programme. ‘I don’t need to explain to Prysmian became my colleagues why we are When a listed company in 2007, De Felice’s doing risk management department took on activities and what the more responsibilities and the emphasis on benefit of it is. That is risk management already well recognised’ increased even more. “There were a lot Alessandro De Felice Prysmian more reporting requirements,” he says. “We had to upgrade the insurance risk management to a more enterprise risk management approach, because we had to start reporting about risk management efforts in the annual reports, which were public and audited.” This increased workload led to the risk management team swelling to five people. Just three years after the spin-off from Pirelli, De Felice set up Prysmian’s very own reinsurance captive, domiciled in Dublin. “The captive deals with the major risk transfer programmes for the group. It has had a hugely positive effect on our dealings with the insurance market.”
The Draka merger Currently, De Felice is in the process of integrating his department with Draka’s risk management team. “It’s one of the biggest mergers in Europe in recent years,” he says. “Fortunately, the company cultures are not that different. Both companies have a similar emphasis on risk management.” “The merger won’t ultimately change the risk profile of Prysmian, because the product portfolio is the same,” De Felice adds. “The merger has increased the size of the portfolio, but not the risk exposure. We already know what the main business risks are. Our plants, for example, are similar. And our product liability is the same. “The main issue is to integrate the risk management procedures and the insurance programmes. We have to eliminate potential overlaps. They may be using different insurers, so we need to evaluate who has the better conditions and claims handling capacity. The best of both worlds is the motto for the merger. This activity will continue for the next couple of years – it’s a big challenge.” In that time Prysmian will continue to expand its energy cable network, helping to keep the lights on in Europe and elsewhere in the world – provided, that is, De Felice can keep up the good work. SR
IN MY OPINION
It’s finally time to reap what we’ve sown All the hard work of the past year is about to yield results as Airmic delivers a number of landmark changes at its annual conference
A
NYONE WHO HAS TENDED A VEGETABLE GARDEN WILL KNOW the feeling. You toil for months with little to show for it, then, if all goes to plan, you’re suddenly awash with the rewards of your labour. This is how it feels now at Airmic. We have been working hard for the past year on a range of projects, many of them quite ambitious, and they are starting to yield impressive results. Let’s begin with the issue of non-disclosure, because it’s so important to our members. A slight confession might be in order here. At the 2010 conference, we announced our intention to produce a model clause to get around shortcomings in the Marine Insurance Act 1906 by the end of last year. Well, making good the failings of a complex and entrenched 100-year-old piece of legislation has taken a bit longer than we originally hoped. Nonetheless, at our conference in Bournemouth expect us to unveil our new clause, which has been drawn up by Herbert Smith for insertion into insurance contracts. The intention is to help members overcome the draconian nature of UK insurance law, which makes it virtually impossible for commercial insurance buyers to fulfil their disclosure obligations. For those who use it, there will be a greater degree of certainty that legitimate claims will be paid. We believe it will also underpin the credibility of the UK insurance market. Airmic will also be publishing its disclosure best practice guide, drawn up by technical director Paul Hopkin. Another landmark at the conference will be publication of the first part of the Cass Business School study into ‘major risk events, their impact and implications’. This research has made tremendous progress over the past 12 months and contains valuable insights into the qualities that make firms resilient (or not) when events take a turn for the worse. Crucially, it is supported by 18 case histories, which will be published later this year. While there is no one way to guarantee success in adversity, we believe that this publication will be of tremendous value to risk managers. Returning to insurance, if you have attended our briefings you will appreciate what a headache the compliance of global insurance programmes can be. We are fortunate that our board member Helen Hayden is a recognised expert on global compliance and is helping us to produce a guide. It is a great example of Airmic and its members spreading knowledge to the benefit of our community. Anyone who has reached the top of their career will recall people who helped them at crucial times – more experienced colleagues who were happy to share their knowledge. Airmic will use the Bournemouth conference to launch a mentoring scheme that seeks to formalise this type of relationship. It involves senior risk managers partnering younger people from other organisations, and is being overseen by board member Elaine Heyworth, an experienced mentor, who says that the learning is very much a two-way process. Any volunteers please come forward. There are many other things I could discuss were there more space. Our latest property benchmarking survey for example, or StrategicRISK’s own work on careers in the industry, so it’s genuinely exciting to be able to show off the work of the association and the many, many people and organisations that support us. I hope you will agree that this year brings a good harvest. SR
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
19
VIEWPOINTS [ PEOPLE ][ OPINION ][ COMMUNITY ]
Sue Copeman, EDITOR-IN-CHIEF, STRATEGICRISK IN MY OPINION
When the mighty fall, what hope for the meek? StrategicRISK’s editor-in-chief Sue Copeman considers what it means when a global giant falls foul of increasingly adept hackers, despite there being seemingly rigorous protection in place
F
OLLOWING HACKERS OBTAINING SOME 70 million gamers’ personal details from its PlayStation Network recently, Sony’s chief executive apologised for the security breach and said that there was ‘no confirmed evidence’ that credit card details or other personal information had been misused. A later report suggested that hackers may have stolen the personal information of 24.6 million Sony Online Entertainment users, with more than 20,000 credit card and bank account numbers put at risk. The company has been criticised not only for its lack of security but also for failure to alert customers immediately. Apparently it now plans to cover each video games user with a $1m identity theft insurance policy. I wonder which insurance company is prepared to cover this risk? Could it be Sony Corporation’s own Bermuda-based captive PMG Assurance? The risk would hardly seem attractive to conventional commercial insurers.
immaterial. The crucial point is that they were able to do it in the first place. A number of technology security companies have responded to the news of the Sony debacle with comments suggesting that current corporate security defence strategies are no longer enough. They are clearly right. But do any of them actually have the definitive security answer? Sony is ranked among the world’s top 100 global companies. If a company that big can’t protect its online customers with the aid of the big bucks that they can pay consultants, what hope is there for smaller businesses? Unfortunately for them, the Sony story followed news that Epsilon Interactive, an email service provider with hundreds of clients such as Best Buy and JPMorgan Chase, suffered a data breach, potentially compromising millions of names and email addresses. I spoke to a self-confessed hacker, who said he
Where there’s a will, there’s a way Sony is blaming members of the ‘hacktivist’ group Anonymous for the episode, calling it retaliation for action that Sony took against a hacker in a US court in January this year. But that really isn’t good enough. Who did it and why they did it is
‘Who hacked Sony is immaterial. The crucial point is that they were able to do it in the first place’
does it “for fun”. He doesn’t steal, he doesn’t stage ‘denial of access’ attacks on websites, but he knows how to do it and he’s in touch with other people that do. He estimates that 90% of websites are easily hacked into. The exceptions are those belonging to governments and financial institutions, he says.
Ensuring cyber security So what are the risk management lessons here? As someone who is certainly no expert in technology, I would suggest some common-sense rules. First, talk to your IT people about passwords and security. For example, don’t let them accept the standard mother’s maiden name as a security check. Anyone who has access to a customer’s name and date of birth will be able to get that information with not too much digging at a genealogy site. Secondly, look at the kind of security measures that banks are employing. Card readers that issue a different access number every time a company card is inserted seem to be pretty failsafe. Your company may have to undertake some customer education. I talked with the risk manager of one large European store chain who said that customers were generally not concerned about data security when they entered credit card numbers
AWARDS
Industry leading lights shine at StrategicRISK awards I
WOULD LIKE TO EXPRESS huge congratulations to all of the winners of this year’s StrategicRISK European Risk Management Awards. We tend to say this every year, but it’s really true that the standard of entries just keeps on getting better. Against a backdrop of tough economic times and a tricky operating environment, we received a record number of entries this year, well over a hundred. This list was independently
20
whittled down to a shortlist of 50 – you can’t win an SR award by buttering up the editor, sadly! Next, our expert judging panel sat down together for a day to mull over the entries and decide on a winner in each of the 10 award categories: • Best Business Continuity Approach • Most Innovative Use of IT or Other Technology • Best Risk Communication of the Year
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
• • • • • • •
Enterprise Risk Management Programme of the Year Risk Management Team of the Year Risk Management Product of the Year Best Risk Training Programme Best Risk Management Approach in the Public Sector Risk Management Young Achiever of the Year European Risk Manager of the Year
Tough customers I sat in on the awards judging and I can testify that the judges were not easily impressed. To win an award, you have to demonstrate innovation and clearly show what benefits your
Defy the odds: you only bag a StrategicRISK Award if you show serious innovation
Community update online. If they wanted to buy something, they were happy to assume that the website was safe. This attitude is very likely to change in the next few years as more and more people learn a hard lesson. But in the meantime if something goes wrong, it’s your company that will get the blame and your business’s reputation that is on the line. There’s a need to balance ease of transaction for customers with providing them with a secure transaction platform. Don’t let your company be tight-fisted when it comes to proposals relating to protecting your customer base. Customers are the life blood of a business. Don’t ignore the threat from within. Discussions that I’ve had with risk managers suggest there is very little monitoring when it comes to joiners and leavers of the company. Could someone within your business be leaving with the details of your client base on a memory stick tucked in their back pocket? If that’s possible, you need to do something about it, fast. Finally, if something does go wrong, let your customers know as soon as possible. This gives them the chance to cancel credit cards and be alert to any possible identity theft. We can assume that Sony had all the firewalls and safety nets they believed they needed to protect their sites. That didn’t work. Hackers are proving far more intelligent and resourceful than the consultants that many businesses employ to safeguard against them, so precautions are vital. SR [READ MORE ON-LINE] For a profile with Jorge Luzzi, worldwide director of risk management for Italian tyre maker Pirelli, go to strategic-risk.eu or goo.gl/GcLTO
organisation has derived from the risk management initiative that has been undertaken. A full list of judging criteria is available at www.strategicrisk.co.uk/digital/srawards2011/ judging.asp. There is not always a clear winner and, in that instance, the judges were not afraid to eliminate the category from the competition rather than reward an entry that doesn’t quite live up to the strict standards. Having said that, there were plenty of entries that simply blew the judges away. These were the organisations that had defied the odds and demonstrated excellence in the face of a really tough business environment. Rentokil, Sonae Sierra, SAP, Sibur,
Trimble, Amlin and Woodleigh Outreach Support Service are all organisations that deserve to be commended for their tireless efforts. Meanwhile, Rachelle Banham from Hertfordshire Constabulary Group and Igor Mikhaylov of Russia’s Mobile Telesystems are individuals who shone through as exceptionally high achievers. Not to forget the special commendations that the panel felt compelled to dole out. These are awarded when the judges feel an entry is so good that it deserves to be recognised but it narrowly misses out on the top spot. The high number of these just goes to prove how many
On 17 May, French risk managers met in Paris for the annual CARM conference. The theme of the event was Web 2.0 – Threats and Opportunities. The event was overseen by Ferma director Michel Dennery and featured variety of speakers from the French risk management world. Issues highlighted at the conference included internet activism, identity fraud, internet security, changing business dynamics and web socialisation.
In May, 30 risk professionals from across Germany launched the German chapter of the Institute of Operational Risk (IOR). Risk expert Walter Dutschke will head the chapter. The IOR will promote the development of risk management and give support to risk managers. Dutschke, said: “In Germany, operational risk is increasingly regarded as a key management function. But there are still areas that need improvement.”
great entries we received this year. In recognition of their special achievements, plaudits must go to: the London borough of Lambeth , Aéroports de Paris, Maplecroft, London Underground, and John Ludlow from InterContinental Hotel Group.
Stand up and be counted Now in their eighth year, StrategicRISK’s European Risk Management Awards will continue to provide a platform for risk management professionals to showcase their talents and demonstrate excellence. We consider it our mission to support, promote and help to develop risk management talent around Europe,
On 26 and 27 May, risk managers from around the Netherlands met in the coastal town of Noordwijk aan Zee at the Hotel van Oranje for the annual Narim conference. The main theme of the event was branding, and keynote speeches were given by Sharepeople board member Paul Stamsnijder, Blogo Media chief executive Stephan Fellinger and Dutch television presenter Anita Witzier.
and the awards are a vital part of that programme. The awards platform will exist for as long as risk management achievers are willing to put themselves forward, to stand up and be recognised. It can be tough sometimes, and I understand that some risk managers prefer not to stick their heads up above the parapet in case something does go wrong and they’re left rather red-faced. But I encourage anyone in the risk management profession who has achieved something remarkable to enter next year’s StrategicRISK European Risk Management Awards and let the industry recognise and reward their achievements. SR
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
21
VIEWPOINTS [ PEOPLE ][ OPINION ][ COMMUNITY ]
AWARDS
Meet the winners In May, well over 200 risk management professionals joined StrategicRISK to pay tribute to the industry’s high achievers and reward some excellent work. Here is the 2011 roll of honour
Risk Management Team of the Year FINALISTS • Arcadia Group Ltd • Capital Shopping Centres Plc • Dixons Retail Plc • Tesco Plc • Tetra Laval WINNER Arcadia Group JUDGES’ REMARKS Team synergy and collaboration are the hallmarks of Arcadia’s risk management efforts, the
judges felt. They noted how Arcadia has addressed diversified risks under very tough financial circumstances in a merger environment.
Enterprise Risk Management Programme of the Year FINALISTS • Aéroports de Paris • Amlin Plc • Hoerbiger Holding AG • Sibur Holding • UK Power Networks
Colin Campbell, Arcadia Group
22
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
WINNER Sibur Holding JUDGES’ REMARKS The judges felt that Sibur’s ERM programme was very thorough. They noted particularly the attention paid to cultural aspects. “Embedding risk management into the culture of an organisation is how you make it work,” was one comment. Sibur uses a network of key risk administrators to help embed risk management throughout the organisation.
SPECIAL COMMENDATION Aéroports de Paris JUDGES’ REMARKS The judges appreciated the fact that the ERM programme at Aéroports de Paris had the full support of the chief executive. It is a comprehensive programme that includes financial risk as well as operational risk, the judges said.
SPONSORED BY
Best Risk Communication of the Year FINALISTS • Aviva • London Borough of Lambeth • SAP AG • Tesco Plc • Zurich Financial Services
Miriam Kraus, SAP
WINNER SAP JUDGES’ REMARKS The judges were impressed that senior management were clearly fully engaged in the risk communication programme, which helped to raise the profile of the initiative. SAP was commended for raising awareness about some unusual professional liability risks. They also demonstrated evidence of increased risk
awareness as a result of the communication. SPECIAL COMMENDATION London Borough of Lambeth JUDGES’ REMARKS Lambeth council has clearly done a good job with limited resources in a difficult environment, noted the judges. Lambeth increased risk awareness within the organisation using a range of media and communication channels.
FINALISTS • Lambeth Council • Science for Humanity • Sonae Sierra • Financial Information Systems • Aon Benfield Analytics
WINNER Igor Mikhaylov JUDGES’ REMARKS The judges were incredibly impressed with the thoroughness of Mikhaylov’s entry and his achievements in the realm of risk management. They noted his exceptional focus on the benefits that risk management derived for his organisation and how he won over senior management with his efforts.
technology is not new, w, the judges could see the clear benefits shown by this approach. SPECIAL NOTE The judges were also encouraged d by the efforts of Science for Humanity’s Global Risk isk Register, which they thought was a useful collaboration ation between the public and nd private sectors.
European Risk Manager of the Year FINALISTS • Annette Schutt Fiig, Novo Nordisk • Colin Campbell, Arcadia Group Plc • Elaine Heyworth, Everything Everywhere • John Ludlow, InterContinental Hotel Group • Igor V Mikhaylov, Mobile TeleSystems OJSC
Most Innovative Use of IT or Other Technology
WINNER Sonae Sierra JUDGES’ REMARKS This award is open to organisations that have introduced new technology (or applied existing technology in a different way) to produce demonstrable benefits to their risk management programme. Sonae Sierra combined its core IT systems with mobile technology, which sped up their processes on a crossborder basis. While the
John Ludlow, Intercontinental Hotel Group
Sandra Dias, Sonae Sierra
SPECIAL COMMENDATION John Ludlow, InterContinental Hotel Group JUDGES’ REMARKS The judges wished to hand Ludlow a very strong commendation for his overall achievements and the achievements of his team, who have met big challenges in 2010 with a robust framework.
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
23
VIEWPOINTS [ PEOPLE ][ OPINION ][ COMMUNITY ]
‘Banham has significantly progressed within risk management within Hertfordshire Constabulary’
Best Business Continuity Approach FINALISTS • London Borough of Newham • The Co-operative • Rentokil Initial Plc • SAP AG • Gategroup Iain Hovell, Rentokil
WINNER Rentokil Initial JUDGES’ REMARKS The judges found that Rentokil’s business continuity programme was comprehensive and solid. The web-based, multilingual platform was impressive, and
Risk Management Young Achiever of the Year
Rachelle Banham, Hertfordshire Constabulary
24
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
they applauded the way that the programme was implemented internationally, especially given that the organisation is so diverse. The judges also liked the way the programme had been piloted to identify problem areas early on.
Best Risk Training Programme
FINALISTS • Claire Bromley, John Wood Group Plc • Daniel Davies, Network Rail • Michael Szonyi, Zurich Insurance Company • Nicolas Vioix, Westfield • Rachelle Banham, Hertfordshire Constabulary Group
FINALISTS • Amlin Plc • BBC • Sibur Holding • Tesco Plc • Yorkshire Water Services Ltd
WINNER Rachelle Banham, Hertfordshire Constabulary JUDGES’ REMARKS Banham has significantly progressed risk management within Hertfordshire Constabulary. The judges noted that Banham grasped some unusual challenges in a
WINNER Amlin Plc JUDGES’ REMARKS The judges were blown away by the cross-functional co-operation that Amlin introduced through its risk training programme. The quality of the entry was also bolstered by an exceptionally strong demonstration of the benefits delivered by the programme, as well as some excellent testimonials from core participants.
focused and pragmatic way. Considering she does not have a background in risk management, “she has achieved a lot in a short period of time”, commended the judges.
SPONSORED BY
‘The judges were particularly taken with the way that Woodleigh Outreach Services recognised the link between risk and human behaviour’
Best Risk Management Approach in the Public Sector FINALISTS • Ealing Council • London Underground (Transport for London) • London Borough of Newham • London Borough of Lambeth • Woodleigh Outreach Support Service WINNER Woodleigh Outreach Support Service JUDGES’ REMARKS The judges felt the quality of entries from the public sector was very high. But they were particularly taken with the way that Woodleigh Outreach Service recognised the link between risk and human behaviour. The judges thought that Woodleigh Outreach Service had a risk programme
that delivered comprehensive benefits to the organisation and the people it serves. SPECIAL COMMENDATION London Underground (TfL) JUDGES’ REMARKS The complexity of London Underground as an organisation was recognised and the judges said the risk management programme was very comprehensive.
Risk Management Product of the Year
Janice Nicholson, Woodleigh Outreach Support Service
FINALISTS • Capital Shopping Centres Plc • Maplecro • The Royal Bank of Scotland Plc • Trimble • Wolters Kluwer Financial Services
Martin Otter, Trimble
WINNER Trimble JUDGES REMARKS Trimble’s telematic devices, which assist in fleet risk management, could be useful to a lot of risk managers. “Trimble has taken its product development to another level,” the judges said. They were impressed by its directly measurable results, which could help improve a
company’s environmental performance and save money. SPECIAL COMMENDATION Maplecro JUDGES’ REMARKS The judges liked the comprehensive nature of Maplecro ’s Risk Dashboard – an interactive platform that enables users to monitor risks.
[SEE MORE ONLINE] For more photographs of the event, go to www. strategic-risk.eu or goo.gl/ChmZX
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
25
istockphoto.com/mikeuk
Risks
[ THREATS ] [ OPPORTUNITIES ] [ MANAGEMENT ]
> View Inequality ......................29 ‘If in the decade of the strongest economic expansion inequality increased, what will happen now?’ Angel Gurría, secretary-general of the OECD
Showing the cracks: ‘Tiger iron’ haematite banded rock
ECONOMY
Fault lines Global disasters, growing inequality and a depletion of natural resources are catalysing tensions between nations. Are risk managers fully prepared for the consequences?
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
27
William Daniels/Polka Mag/Panos
RISKS [ THREATS ][ OPPORTUNITIES ][ MANAGEMENT ]
T
HE LAST THREE YEARS’ plethora of unforeseen disasters – financial, political, climatic – has given rise to a millenarian breed of prophets seeking out the next great unforeseen crisis that might shake the planet. Economist Raghuram Rajan led the way last year with his tome Fault Lines, in which he argues that the credit crunch evolved from structural flaws in the US economy, warning that a potentially more devastating crisis awaits us if they are not fixed. He claims America’s growing inequality and thin social safety net create dangerous pressures to encourage easy credit and keep job creation robust, highlighting that the US financial sector has become the critical but unstable link between an over-stimulated America and an under-consuming world. As the financial crisis still works itself out – and with critical sovereign debt issues hampering the European area – such theories gain traction. Risk analysts Eurasia Group president Ian Bremmer says that the In contrast to Eurasia Group’s slow creep back to growth fails to depiction of international relations being defined by squabbling, a compensate for the fact that we are consensus over intervening in living in the ‘G-Zero’ (see below) and support of Libyan rebels emerged “2011 looks to be the year that our at the UN relatively quickly understanding of how the world works becomes out of date”. A reference to the G20 group of nations – and their inability to respond TECHNOLOGY effectively to the crisis – the G-Zero is Bremmer’s name for a time in which “the key institutions that provide global governance [such as the International Monetary Fund (IMF) and World Bank] become arenas not for collaboration but for confrontation”. He believes that the result will be political posturing at best and, at worst, more conflict. Europe is showing the way, according China’s state capitalists – supported by Beijing’s indigenous to this theory. Rifts are developing despite its political maturity – innovation – are opening up a line of conflict between states witness the current tussle between Germany and Greece over the and corporations globally in cyberspace. potential default on Greek sovereign debt. As geopolitics takes on Indeed, offensive cyber capacity is a new way to project an increasingly geoeconomic hue, Bremmer believes “all the G20’s power in a world where direct military strikes are both pledges to ‘avoid the mistakes of the past’ will not prevent the domestically and internationally constrained. Ian Bremmer G-Zero from taking hold and sparking other forms of conflict”.
Evolving cyber terrorists mean new risks
Crisis on a global scale Europe is only one of a long list of regions where the next crisis could appear, however, G-Zero or otherwise. This year has spawned unforeseen revolutions in Tunisia and Egypt, continuing war in Libya, and violence in Syria and Yemen. The Israel-Palestine issue has taken a break from the front pages, but remains an unlanced boil. Should the Arab spring have been foreseen, however? According to Control Risks senior global issues analyst
28
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
says: “The almost-certainly state-sponsored Stuxnet attacks on Iran’s industrial infrastructure is a more likely avenue for future offensive efforts versus government antagonists, than large-scale conventional warfare as in Iraq and Afghanistan.” The greatest risk in cybersecurity, however, has shi ed from al-Qaeda and China to radicalised info-anarchists, inspired by Julian Assange, undertaking debilitating attacks against either critical infrastructure, a key government agency, or a pillar of the private financial system.
Jonathan Wood, the underlying features of these revolts give important clues and show where the pressure will lie in the future. “In these countries, there is a high demographic pressure, a large and growing younger male unskilled population and growth in economic demand.” He says that the intrinsic conservatism of these cultures – incapable of absorbing highly skilled female labour into the workforce – creates bottlenecks. These are feeding into “the biggest change since the collapse of the Ottoman Empire”. Demographics, whether of energy resources or particularly of labour, are key elements of predicting the next problem. OECD secretary-general Angel Gurría says that income and earnings inequality has been on the rise over the past two decades in most OECD countries and emerging economies. He warns: “If in the decade of the ‘2011 looks to be the year strongest economic expansion inequality increased, what will happen that our understanding now? What will we do with long-term unemployment and youth of how the world works unemployment? Halting the scary becomes out of date’ outlook of increasing inequality is Ian Bremmer Eurasia Group more urgent than ever.” Although political risks remain at the fore (see box, right) perhaps the greatest unknown, and the largest constellation of risks, relates to the Chinese pattern of export growth at twice the rate of economic growth, with resulting large current account surpluses. This will continue to be the object of international outcry as the world’s second largest exporter continues to pump out goods in a demand-constrained world economy. A wall of money, driven by expectations of higher long-term growth rates – chiefly in China – is headed into emerging markets and developing economies. This trend is generating upward currency pressure on those economies open to capital inflows, hurting domestic firms by making exports more expensive and intensifying import competition. In response, policymakers in many nations have turned toward currency management in the form of direct market interventions to protect local players. Governments have begun to look more seriously at capital controls as a way to counter appreciation. Brazil, South Korea and Taiwan have already signalled their intention to move in this direction. Other countries thought likely to enact capital controls should appreciation pressures continue are Colombia, Malaysia, Peru and Thailand. Another risk that looms over China – without being restricted to it – is the growing conflict between government-supported economic entities and multinational corporations in cyberspace (see box, left). However, the most intriguing and worrying risk unites the two most restive zones in the world: the Middle East and China. Control Risks research director Michael Denison points out that in the north of China, an aquifer supplying a large chunk of the country is rapidly depleting, and last year the chief water-supplying aquifer of Saudi Arabia dried up. “Saudi went from a net exporter of wheat last year to a net importer this year,” Denison says. As risks from cyber security and the politics of the G-Zero era become more complex, the next shock awaiting us is perhaps the most simple: our inability to feed and water the planet. SR
HOTSPOTS
Political power struggles still a concern The Korean peninsula is more fragile than usual. In the north, a faster-than-expected leadership transition in Pyongyang – as Kim Jong Il looks to entrench his son’s succession – has led to sporadic belligerence for reasons that no one fully understands. Meanwhile, the South Korean political landscape is polarised, and hard-liners are pulling the strings. Furthermore, North Korean escalation is likely to provoke a response. In this case, the USA and China have sharply different priorities in the region’s most serious security challenge. The US military would seek to pin down the north’s nuclear arsenal while the Chinese military look to restore order and to repel a wall of refugees. Nor have they discussed the issue, which, as Evasia Group president Ian Bremmer points out, is “not a recipe for crisis management”. Meanwhile, Pakistan is experiencing a near perfect storm of political, economic and social crises, all rising in the absence of an effective government, neatly showcased by the recent capture of Osama bin Laden in a compound yards from the country’s military academy. A 1999-type military coup is unlikely, but a failure of security and governance in Punjab and Sindh could encourage the army to intervene politically. President Asif Ali Zardari would resist efforts to remove his cronies and government, risking a damaging power struggle.
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
29
RISKS [ THREATS ][ OPPORTUNITIES ][ MANAGEMENT ]
EGYPT
Revolution solutions? Regime-changing revolutions in Egypt have altered a long-established landscape of illegal transactions and questionable deals, but in whose favour? And how long until business as usual returns to the country?
A
FTER THE DRAMATIC 18-DAY REVOLUTION THAT toppled the regime of Hosni Mubarak, former army hero turned dictator, the business world in Egypt remains in turmoil. Local businessmen are being hauled before the courts in their hundreds or even thousands and their assets frozen in a general campaign against corruption that is almost turning into a witch hunt, according to StrategicRISK sources. At least two businessmen from the Gulf region have been convicted in absentia. Some pre-revolution deals are being unwound, especially those involving formerly state-owned assets such as the privatisation of department store chain Omar Effendi, bought by Saudi investors at a knock-down price. The sale of large areas of re-zoned agricultural land at reduced prices could also be reversed unless it has already been developed into commercial or residential projects.
30
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
The once buoyant economy has taken a dive, partly because of unrest and violence. According to Maplecroft: “Companies face an increased risk of their property being damaged or stolen.” Some essential governmental functions have gone into slow motion or stopped dead. In late May, Seacom, an undersea cable company, was experiencing delays in the approval process for its new cable in the Red Sea running alongside Egypt. It is “a tough place to do business in right now”, complained Seacom head of business development Aidan Baigrie.
Proceeding with caution Transfers of capital abroad have slowed because of the central bank’s fears that illegal assets may flee the country. The bank requires volumes of documentation before approving requests. Politically, there’s a temporary military government that is reluctant to hold power past this year and has set a timetable, regarded as reasonably firm by most observers, for properly democratic elections. Parliamentary ones are due in September and presidential ones in December. The main concern is about what kind of democracy will replace it. Moderates worry that the Muslim Brotherhood, banned from previous elections, may dominate with the aid of militant
Ivor Prickett/Panos Pictures
Young protesters stand on top of a tank in Tahrir Square, Cairo, Eypt
Key points 01: Mubarak was forced out of office a er 30 years of presidency in Egypt, accused of corruption and abuse of power 02: Suspicions of illegal dealings throughout Egypt are now being thoroughly investigated 03: Companies in Egypt now face increased risk of property damage and the while the situation stabilises 04: A question mark hangs over the kind of new political landscape that will take shape 05: In the future businesses will have to work with a much larger constituency
fundamentalists. Mohamed ElBaradei, a Nobody expects Egypt’s opaque way of winner of the Nobel Peace Prize who has doing business to disappear overnight. ‘If dealt with properly, the Although the ringleaders among the civil declared himself a presidential candidate, describes the situation as a “political and have been targeted, smaller fry remain backlash over corruption service constitutional mess”. in place. “There will be a fall in corruption but And yet there’s hope. As Control Risks it won’t be a large one,” Abi Ali adds. could have a positive Middle East analyst Lucy Jones told It certainly won’t be a case of ‘back to the effect on the long-term StrategicRISK: “In the long-term Egypt will future’ for Western business. In the long run foreign companies will have to work with a be a hugely attractive market.” She cites its business climate’ large and increasingly aspirational market much bigger constituenc y than they did Lucy Jones Control Risks of 82 million people and its generally under Mubarak, say Egypt watchers. That pro-business environment. constituency will include not only local Maplecroft associate director Anthony Skinner adds: “The officials but more militant workers in the coming battle between a starting point with Egypt is that it has very strong economic relatively poor workforce and the economic elite. And while most foreign companies are expected to sit it out potential.” As he points out, despite its bureaucracy and until the elections, those plunging in now should be sure to do corruption, pre-revolutionary Egypt averaged GDP growth of their homework. “An acquisition of an existing company could be around 6%. dangerous,” warns Jones. “It’s a time for due diligence, especially of Even fears of the purge of corruption could be misplaced, at potential partners.” least among Western businesses. It is considered unlikely to reach By common consent, the big fear is that the return to stability foreigners apart from those, mainly from the Gulf, who struck could be ruined by a new government that dashes, as Maplecroft blatantly dishonest deals. puts it, “the high expectations of the revolution”. That question will “The government is not trying to target foreign businesspeople be answered in September. SR in any way,” Exclusive Analysis senior forecaster Firas Abi Ali explains. “Egyptians would rather compromise and settle [READ MORE ONLINE] For more political risk analysis and country risk [questionable deals] than expropriate foreign investment. If a profiles, go to www.strategic-risk.eu businessman has just invested in a factory, there’s no way it will be taken away.” However, most international companies operating in Egypt BLOOD AND THUNDER ON THE NILE – or planning to do so – are sitting on their plans until the dust of the revolution settles. “Investors are waiting for stability to return,” notes Maplecroft’s Skinner. With Mubarak’s feared interior ministry largely sidelined,
A changing climate First, the purge on corruption. The jailing of business leaders such as Ahmed Ezz, founder of the steel giant named after him, under corruption charges marked a dramatic change of commercial power. These investigations have almost paralysed some sectors of the economy, not only the firm concerned but its subsidiaries and suppliers. According to Control Risks, there’s only been two convictions so far but more are likely as scores are settled, albeit against indigenous businesspeople close to the dictatorship. However, looking ahead, relative normality may not be too far away. The new government is expected to support business, especially foreign business, because of the urgent need to create jobs and grow the economy. Foreign direct investment is considered vital in this. The European Bank for Reconstruction and Development wants to pump capital into Egypt in a show of support for democracy, a move that should kick-start a recovery. The stock exchange reopened in late March, albeit in a much attenuated form because of suspended share trading in suspect companies. And although corruption remains endemic, as Maplecroft points out in a May report about a nation that always appears well down Transparency International’s corruption league table, some observers like Control Risks’ Jones remain optimistic. “If dealt with properly, the backlash over corruption could have a positive effect on the long-term business climate.”
outbreaks of violence have flared up in Egypt.
RELIGION In May, 13 people died when hundreds of fundamentalists attacked Coptic Christians in a slum near Cairo with guns, knives and firebombs. StrategicRISK’s sources believe the atrocity may have been fomented by the remnants of the interior ministry to create doubt about the army’s ability to maintain control.
POLITICS In Alexandria, sporadic clashes between revolutionaries and anti-revolutionaries have become more frequent. Egyptwatchers say these could increase between now and the September parliamentary elections in a battle for power at the ballot box.
TERRORISM In late April an armed gang blew up a gas terminal near the town of El Arish, 30 miles from the Israeli border. It’s assumed the attack was by fundamentalists objecting to Egypt exporting energy to Israel as a warning of future demands to sever long-standing ties with Israel.
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
31
RISKS [ THREATS ][ OPPORTUNITIES ][ MANAGEMENT ]
RISK FINANCING CAPTIVES
W
ITH SOLVENCY II AROUND THE CORNER AND A SPATE of natural catastrophes suggesting an end to the so insurance market, the captive industry finds itself at a crossroads. Captive growth, in Europe and other parts of the world, has been relatively constrained since the beginning of the financial
19% General/third-party liability
32
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
Fin an cia lp ro du cts 5%
Hea lth/ med ical 5%
3% Crime/fidel
ity
Reinsurance lines underwritten by captives 2010
Li fe
As the financial squeeze continues and the market hardens, many parent companies will look to get more from their captives
2%
An exercise in parental control
crisis in 2007. The combination of a so general insurance market and regulatory uncertainty created a level of stagnancy in the market. Yet despite the slow rate of captive formations, there has been a move towards greater risk retention. Existing captives have been an obvious beneficiary of that greater retention. According to Marsh’s 2011 Captive Benchmarking Report: “In a period when the (re)insurance markets continued to so en, and when many organisations struggled just to keep afloat, the annual average GWP [gross written premium] for captives within our sample groups showed significant levels of increase.” These increases were, perhaps unsurprisingly, most pronounced for the class of business where capacity in the traditional market contracted and rates hardened, namely for financial institutions. But captives for retail and consumer products also showed big increases. Construction and transportation were the only sectors that did not follow this trend. ‘New generation’ captives in Continental Europe – those formed between 2002 and 2005 – have seen some of the most marked increases in premium. By looking at the ratio between GWP and owner’s equity as a measure of how effectively captives are working their capital, it is clear this group has the edge, notes Marsh. “Our expectation would be to see higher levels of premium income to capital for the younger group of captives.”
Multi-line approach
Many parent companies are putting their captives y t i to greater use. The l i iab l financial crisis has put t c du o pressure on corporate r P financial directors to cut costs 4% and gain greater efficiencies and captive insurers have not been immune from this enhanced scrutiny. As a result, many are arine now seeing their remit 4% M expanded. Manager of global insurance at Heineken Eric Bloem explains how the group has extended its product line, having initially begun with property. The organisation’s captive, Roeminck NV, underwrites property, liability, marine and motor fleet, and is looking to further extend its service to two or three more classes. The aim is to underwrite a multi-line programme within the EU consisting of five lines of business. 9% A uto l As well as typically iabil ity underwriting more risk on behalf of
20% Property
11% E mploy ers’ lia bility/ worke rs’ com pensa tion
2% Warranty
9%
Pr ofe ssi on al
in de m ni ty
the parent, the captives of many European corporates – such as Heineken – are writing more diverse books of business. Very little is beyond the remit of a captive, explains Willis Captive Practice’s chief marketing officer, Dominic Wheatley. Typically, it is only during very so markets – where a tactical decision is made to purchase from the commercial market, or where covers cannot be put through a captive for technical reasons – that a captive owner may look elsewhere. “The trend is towards a broader range of ’ ers risks being written by captives,” Wheatley says. ffic o “Traditionally, if you go back to the foundations of nd s’ a r the captive industry, it would have been writing o l ect deductibles on fairly conventional covers like Dir nta e % 2 liabilities, property and so on. Now the nm iro captive programmes are involved in a much v En more diverse range of risks.” 3% By underwriting a diverse book of business, captive insurers should be able to make better use of their capital. Because short-tail lines of business, such as property n insurance, are typically not correlated to longer-tail lines such as tio a i medical malpractice, they should create a diversifying effect by Av being grouped together. The better diversified a book of business – % 2 both in lines of business and geography – the more business a captive can underwrite without increasing its capital requirements. But part of the reason parent companies are more comfortable with greater risk retention is down to an increased capability in modelling and analytics, thinks Wheatley. “There is a wider trend insurance also provides whereby companies are looking strategically at their retentions greater long-term stability. across the whole of their business, using o en sophisticated And there are compelling analytics.” They then use their captive to co-ordinate and finance reasons for European captive owners. “The the retention on a global scale. issues with pensions over the last three years have One area that continues to be discussed is the use of captives really changed the focus on employee benefits and how they’re for employee benefits (such as pensions or health insurance). viewed in the organisation,” explains Kane Group director Clive While employee benefit captives have been a relatively slow James. “Rather than being a purely HR issue, it’s become more of burner, the concept is gaining traction. Onshore in the USA, the an insurance spend issue. As a consequence, I think over time use of a captive for third-party business such as employee benefits more and more employee benefits will move into captives. It’s not can bring tax advantages as well as offering the all-important going to be overnight but I’d expect the growth to be fairly diversifying effect. For a volatile area like healthcare, selfconsistent year on year.” SR
OUTLOOK FOR CAPTIVES LOOKING AHEAD, SOLVENCY II WILL CONTINUE TO shape the European captive scene over the next two years as parent companies reassess their self-insurance arrangements. Heineken’s Bloem does not think Solvency II will change the role of the captive as it is a “very efficient and powerful tool”. But regulatory capital requirements could increase three- or four-fold for EU-based captives and overall the situation is likely to favour larger, more diversified captive organisations. “Some parent companies will have to reassess their captives’ roles, consider innovative structures
such as protected cells, or ultimately plot their exit strategies,” predicts AM Best in a recent report. “In a few cases, where EU admissibility is not an issue, redomiciling to a third country may be a short-term option.” These regulatory challenges come at a time of change in the general insurance market. The Japanese earthquake together with other recent catastrophes should spell an end to the so ening market for property catastrophe reinsurance. This could reinvigorate captive formations despite Solvency II.
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
33
Special Report
INTRODUCTION
E
STABLISHING A CAPTIVE INSURANCE FACILITY IS NOT AN exercise to be taken lightly. Apart from the costs involved – and in Europe these could be considerably increased if those drafting the Solvency II insurance regulations do not take a lighter stance towards captives – a captive must add demonstrable value to its parent’s risk management strategy and corporate objectives. Having said that, companies that embark on the captive route can derive considerable benefits. Taxation issues are no longer the honey pot that they were in the past as most countries have now introduced legislation to ensure that captives cannot be used as a way of evading national taxes. But captives can be a very valuable risk management tool, particularly for those companies that take a global approach to insurance and risk management. One of the stumbling blocks for global insurance programmes is the problem of trying to find a ‘one size fits all’ solution when it comes to different operating entities throughout the world. Most notably, some subsidiaries are extremely unwilling to embrace the large insurance deductibles dictated by the corporate centre. A captive can accommodate this issue, ensuring global buy-in and that subsidiaries are not clouding the central risk management vision by making their own less than obvious reserves for risks they feel could materialise and bite them – and their management bonuses. As well as producing higher visibility of the risks and claims, the savvy parent will also use the captive as a way of encouraging good risk behaviour. With control over the premiums charged, deductibles and coverage, the parent company can administer some fairly short sharp shocks to subsidiaries that don’t appear to be taking risk management seriously enough. A captive can also be used to cover hitherto uninsurable risks and build up information on the frequency and cost of these. As well as taking these risks off the corporate balance sheet, a captive gives its parent the opportunity to develop greater understanding of these risks and their impact, which helps global risk management and the company’s negotiating position should it wish to try to place these risks on the conventional market in the future. This greater control over group risk management should ensure that the captive pays its way, costing less despite set-up and ongoing costs, than conventional insurance transfer. The usual cheaper alternative to a fully fledged captive insurer is a protected cell facility but large companies are unlikely to welcome the lack of full control that this demands. A comprehensive feasibility study from an appropriate professional organisation will provide
34
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
guidance on structure, as well as a view on where the captive should be located. Choosing an appropriate domicile can be difficult at a time when an increasing number of countries and US states are vying for captive insurance business. Cost does not enter into the equation as much as factors like good regulation and a high-quality supportive infrastructure of professional advisers. In the current and very long continuing ‘soft’ insurance market, characterised by relatively low insurance premiums, forming a captive may not have been at the top of many companies’ risk agendas. But the benefits can reach far beyond protection from insurance cycle volatilities.
Contents [ CAPTIVES ]
35 36 36
The case for captives What are the main incentives for an organisation setting up a captive? Going for the hard cell There is no single best way to own a captive or cell facility Location, location How do you decide which domicile is best to situate your captive?
SPONSORED BY
SPECIAL REPORT [ WHAT IT IS THIS MONTH ]
STRATEGY
The case for captives Ask not just what your captive can do for you in terms of avoiding higher premiums but also how it can work as a central mechanism for controlling risk across the whole organisation
H
ISTORICALLY, COMPANIES tended to consider forming a captive insurer when premiums were high in the conventional market. But increasingly they now view captives not simply as an answer to a hard insurance market but as part of their overall risk management strategy. “The captive is above all a risk management tool,” Adageo principal Chris Lajtha says. He explains: “The primary reason for having a captive is to provide a method for a company to recognise the different risk appetites of its various activities round the world and their varying abilities to retain risk.” It is quite common in global programmes for the parent company to wish to assume a high deductible in its insurance covers. However, its operational business units may not want to self-insure to the same extent. “Local management with responsibility for generating a certain level of profit, and with a bonus structure linked to that target, will often wish to buy insurance with a low retention to cover what they perceive as non-core risks that could have an impact on their operating result. If they are forced to take a large deductible and then suffer a significant loss, bonuses will be affected, with the possibility that key personnel will leave the business,” Lajtha says. “A captive provides a vehicle to allow subsidiary operations operating in different parts of the world and with different exposure profiles to protect themselves at a commercial price for the insurable risks, with the company clawing back insurance premium into the captive vehicle.” Hugh Rosenbaum, retired principal from Tillinghast-Towers Perrin, and acknowledged ‘guru’ on captive insurance, believes the primary reason for companies taking the captive route is the imbalance between the cost of external insurance and
the corporates’ perception of their risk management. “They believe that their risk management is better than that for which they’re being charged.”
Controlling from the centre Kane Middle East managing director Shaun Brook sees captives primarily as facilitating risk management in order to provide a central mechanism to control risk within the organisation. “It’s also about control of costs. Companies have a better handle on the risks in their organisation and the total cost of risk.” Brook explains that captives can be a mechanism for covering risks that are currently uninsured or uninsurable. “Risk managers transfer a certain amount of risk through conventional means but there may be other risks that they understand but do not transfer. A captive can provide a way of holding that risk off the balance sheet. “Captives provide the ability to retain risk that is already on balance sheet in a more formalised way, with subsidiaries paying appropriate premiums. It’s a way of managing and monitoring risks in the business that are currently uninsured. If required at a later stage, the company can go into the conventional market with a track record that demonstrates that it understands and manages these risks, and negotiate coverage and terms that might not have been available before.”
Lajtha also supports this view of increased visibility. “Companies within large complex groups can often find ways of ‘squirrelling away’ reserves in case of particular losses that aren’t insured. If that money is paid into a captive, the parent can see what is really going on,” he explains. Once a company has established its captive, it can use it to encourage behavioural change in respect of risk, encouraging and rewarding best practice, Lajtha adds. “It can remove or add coverage, raise or lower deductibles, charge more or less premium. All of these strategies can influence the behaviour of subsidiary operations.” He also stresses that captives can generate real operational efficiencies. “For many years, HR departments have been responsible for employee benefits programmes. But they have also been managing the financing of these benefits – and by and large they have not done this particularly well. The captive can be used to reinsure employee benefit pools, producing significant efficiencies,” Lajtha says. PricewaterhouseCoopers global actuarial leader Bryan Joseph believes companies must view captives as part of their risk management strategy. “When deciding whether or not to form a captive, they should ask how it will contribute to their risk management and provide real value in the long-term.” SR
WHAT’S IN IT FOR ME? • • •
• •
Reduction and stabilisation of premiums. Insuring the uninsurable. Controlling your own insurance programme (in other words stability of premiums). Positive impact on risk retention, risk management and loss control. Cashflow benefits.
• • • • •
Direct access to the reinsurance markets. Diversification into a profit centre. Potential tax benefits. Consolidation of deductibles. Reducing dependence on commercial insurers and insulating from market cycles.
Source: Royal Bank of Canada fact sheet ‘Understanding Captive Insurance Companies’
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
35
SPECIAL REPORT [ CAPTIVES ]
FACTORS
Going for the hard cell A captive insurance facility can add value to a risk management strategy, but there’s no ‘one size fits all’ solution. Issues of control and taxation must be considered before making an expensive decision
W
HEN A COMPANY BELIEVES that a captive insurance facility will add value to its corporate risk management strategy, a feasibility study is generally the next step. In order to be objective, this should cover not just the impact of the captive but also assess alternative risk funding solutions. Setting up a captive can be expensive, so it is important to justify the decision. According to the Royal Bank of Canada, the study can include: • a review of coverages and whether they are appropriate for captive inclusion; • an analysis of deductibles and loss trends, • the preparation of estimated pro forma financial statements relating to the proposed captive;
•
a review of possible captive domiciles; and/or • general commentary on the ‘fit’ of a captive in the parent’s risk management strategy/philosophy. Normally the company will appoint a professional adviser to conduct the study and it will have to supply them with a fairly comprehensive amount of information relating to its current insurance and self-insurance programme, claims data, and its strategic objectives and risk management philosophy. As well as ascertaining if a captive is the best option, the study should also give some guidance on the way that it should be structured. Generally, this involves a choice
between a fully fledged captive company dedicated to one enterprise or a protected cell captive insurance company. According to professional advisers Dixcart: “There is no single ideal means to own a standalone captive or cell within a captive; each proposition has its own specific characteristics and needs to be examined individually.” Factors that come into play here include control. The ownership of the captive vehicle and its share capital will determine the
‘There is no single ideal means to own a standalone captive or cell within a captive’ Dixcart
GEOGRAPHY
Location, location Choosing the right domicile and management for a captive can be crucial for its success and thus its ability to meet corporate strategic objectives. What are the main selection criteria?
36
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
P
RICEWATERHOUSECOOPERS global actuarial leader Bryan Joseph says that what companies want to do with their captive generally drives the choice of whether they locate on or offshore. “If the company intends writing any compulsory lines directly through its captive, it will probably look to have it located onshore. If it will be writing reinsurance or will not be covering any compulsory lines, offshore domiciles lend themselves. There are a number of jurisdictions which are onshore to the EU and which are favourable from a regulatory tax point of view, for example Luxembourg, Malta and Gibraltar,” he says. Consultant Hugh Rosenbaum believes the main criteria are regulation, accessibility and expertise. “Regulation is probably the number one and comes way before cost,” he says. Kane Middle East managing director Shaun Brook considers an important issue is the depth of expertise that exists in a potential domicile. “Generally, in most cases the significant consideration is the management of the captive by a third party. Companies usually prefer not to manage it
themselves but leave it to the experts. And they also need to consider the quality of the additional professional advice available in the location, such as accountancy and legal. “The flexibility and strength of the regulations – and the reputation of the domicile – are also key factors,” he adds. Brook, based in the Middle East, expands on the subject of domiciles in the region and why these are growing in importance. “It’s a matter of geography – the position that they have in relation to local markets – plus the fact that they are looking to create an attractive regulatory climate. “For example, Qatar is working hard to create legislation at a level on a par with the best in the world, implementing conducive capital and solvency requirements, as well as a framework to attract the professional firms needed to provide the right infrastructure.” As well as providing a natural location for the fast-growing companies in the region, Brook believes that a Middle East captive presence may also appeal to global companies that have expanded into this area and are considering a multi-domicile strategy.
Annual average GWP Asia Pacific 2007 Asia Pacific 2010 Continental Europe 2007 Continental Europe 2010
level of management control the owner can exercise over that captive vehicle, says Dixcart. Consultant Hugh Rosenbaum comments: “With a cell captive, a company can lose some of the control in the sense that it may not have its own board of directors and will be subject to the decisions of the underwriting committee, which considers every risk submitted to the cell. In terms of management and regulation, the costs may be less with a cell, but I think they are only really attractive for companies that have a low premium spend. Generally, big companies will look for ownership and control.” Dixcart also makes the point regarding businesses with a diverse shareholding: that the accumulated profits of the captive vehicle will be required to flow back directly to the insured business. “Shareholders of this insured business will consider the potential profits from the captive vehicle to be part of their total investment return. In such a situation, the shares in the captive vehicle would most effectively be held by the insured business.” Dixcart adds that owner-managed businesses also have an option where, rather than the insured business owning the
According to FiscalReps chief executive Mike Stalley, the lack of a uniform EU insurance premium tax code is a particular headache for captive insurers. “Insurance premium tax (IPT) is an often overlooked source of risk for captives and their parents. Now that the tax benefits of self-insuring through offshore parties are generally eroded, the captive industry is largely dependent for its success on a high level of risk transfer and risk management expertise. “The requirements of IPT payment in the EU complicate these processes and can be an unwelcome and time-consuming distraction for captives not adequately informed or prepared.” He explains that complying with EU IPT tax laws is an issue for all captives – and traditional insurers – that insure risks within the EU, regardless of where they are domiciled. This is because EU law determines liability for IPT according to location of risk – the specific country where the insured risk is situated. But there is no harmonised system of IPT settlement and collection within the EU itself. Individual countries are free to decide how and whether to tax insurance premiums. SR
UK and Ireland 2007 UK and Ireland 2010 USA and Canada 2007 USA and Canada 2010 $0
$12.5m
$25m
captive vehicle, the captive vehicle is owned by the various shareholders. “This enables an effective split between the ownership of the economic benefits of the business and the captive vehicle, with potentially differing initial capital contributions and ongoing investment returns.” Rosenbaum points out that group captives, jointly owned by a number of companies, can be very successful. However, he admits that they can be difficult to establish and that there can be friction, for example relating to the standards of risk management employed by the different owners. Companies also need to take taxation considerations into account. These are usually complex and are affected by the choice of domicile.
VALUE OF CAPTIVES IN A HARSH ECONOMIC ENVIRONMENT ONE OF THE CORE BENEFITS OF CAPTIVES – OVER TIME – has been their ability to allow organisations to manage their insurance risks and costs with more certainty and predictability, despite sometimes erratic insurance market cycles. This allows risk managers to be consistent in underwriting and risk retention, and permits them to adjust pricing internally to better support their business units and ensure these business units can focus on improving market position and profitability. The captive allows the risk manager to adjust to insurance market demands more efficiently, responsibly and proactively.
Captives have proven over time to be highly adaptable, with great survivability. Among all the economic gloom, there are other factors that encourage the use of captives. For example, in more than 50 domiciles worldwide – spanning nearly every continent – and in emerging domiciles like Qatar and Dubai, the economic recovery will definitely stimulate risk-taking and captive formation and usage.
“It’s a way of giving their local risk management – who may find it difficult to communicate with and understand a captive based in say, Bermuda or Europe – greater control over the significant risks in the region. They can also then organise their own reinsurance purchase with reinsurers that they feel completely understand the inherent risks in the Middle East,” he says. Wherever companies decide to locate their first, second or even third captive,
there seems to be fairly widespread concern about the impact of the forthcoming Solvency II insurance regulations. Brook believes existing and potential captive owners are concerned about a possibly onerous requirement that might be placed on captives and the cost associated with managing a captive within a Solvency II regulated environment. Joseph believes that Solvency II could encourage captive owners to go offshore
Source: Darwinism at Work? How the current economy and the market impacts captives and risk managers, by Carol A Frey and Linda Kane, December 2010, ACE Progress Report
because they will not want to provide capital to the level that is required by the solvency regulations. Rosenbaum is even more outspoken, referring to the “heavy-handed and negative influence of Solvency II”. “Captive insurance companies were always considered a means of do-it-yourself risk financing. Solvency II looks as though they will be regarded as true insurance companies, which was never the intention when they were established.” Adageo principal Chris Lajtha takes a different view. He does not believe that Solvency II will put people off from domiciling in Europe. “It’s too early to say because we have not heard enough about how captives are going to be treated in Europe. We need to see how the proportionality principle will be incorporated in the final guidelines,” he says. “Overall, Solvency II makes good sense and should encourage better practice.” Lajtha believes that Solvency II will not be fully implemented by January 2013 and that there may be a phase-in period. “Hopefully Solvency II regulations for captives will be supple and light enough to allay fears,” he says. SR
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
37
UÊ,>Ìi`Ê – for financial strength by Standard and Poor’s† UÊ"vwViÃÊ ÊÎnÊV Õ ÌÀ ià UÊ"ÛiÀÊ1-Êf£nÇÊL Ê Ê>ÃÃiÌà UÊ-Ì V `iÀÃÊiµÕ ÌÞÊ vÊ ÛiÀÊ1-ÊfÓÎÊL UÊ"ÛiÀÊ1-ÊfÓ ÊL Ê Ê«Ài Õ Ê V iI
Standing strong in an uncertain environment A spirit of trust
*,"* ,/9
|
/9
|
,
|
* ,-" Ê
/
www.tokiomarine.co.uk † Rating correct as at 25 March 2011 * Sum of net premiums written and life insurance premiums / Ê >À iÊ ÕÀ «iÊ ÃÕÀ> ViÊ Ìi`ÊÊ i LiÀÊ vÊÌ iÊ Ãà V >Ì Ê vÊ À Ì Ã Ê ÃÕÀiÀÃÊ ÕÌ À Ãi`Ê> `ÊÀi}Õ >Ìi`ÊLÞÊÌ iÊ > V > Ê-iÀÛ ViÃÊ ÕÌ À ÌÞÊ À Ê,iviÀi ViÊ Õ LiÀÊÓäÓxÇ{ÊÊ,i} ÃÌiÀi`Ê"vwVi\Ê£xäÊ i>`i > Ê-ÌÀiiÌ]Ê ` Ê Î6Ê{/ ÊÊ,i} ÃÌiÀi`Ê Õ LiÀ\Ê n {Ó£Ê } > ` / Ê >À iÊ À Õ«Ê v À >Ì ]ÊV ÀÀiVÌÊ>ÃÊ>ÌÊÎ£Ê >ÀV ÊÓä£ä
|
/, 6
> Compliance Global ............... 39 Getting local management buy-in for a global insurance programme
Jamie Sneddon
Governance
[ ETHICS ] [ COMPLIANCE ] [ REPORTING ]
> Risk Atlas Corruption ........... 42 Bribery and corruption are rife. Our risk map shows the hotspots
INSURANCE
Get it together A global risk management programme can help multinational companies win on cost-effectiveness and consistency while building risk awareness
Âť
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
39
GOVERNANCE [ ETHICS ][ COMPLIANCE ][ REPORTING ]
Key points 01: Any programme must start with in-depth knowledge of all the territories’ risk appetites 02: More awareness of global risks benefits the whole group 03: Premiums can be a tool to encourage best practice. Captives can help here 04: The bigger and more centralised the company, the more effective the programme 05: ‘Wriggle room’ to woo reluctant territories is essential
»
A
GLOBAL POLICY CAN PROVIDE SIGNIFICANT benefits for organisations with the appropriate risk management philosophy. How do you decide if a global programme is right for you – and what are you likely to gain from this approach? “One of the best ways is to start from the vantage point of what the company’s risk philosophy is around risk management,” says ACE Overseas General president Michael Furgueson. “It is very important to begin by thinking about how you buy insurance and what you are buying it for.” Structures, profit and loss requirements vary enormously between companies, he adds. For example, a property management business that manages property on behalf of investors will have a very different approach to insurance from that of a large globally integrated multinational. Considerations include the various locations of the company’s operations and the cost of risk, continues Furgueson. “What kind of risk appetite does the company have for local retentions or deductibles? What is its approach to the use of risk financing tools like captives?” he asks. Certainly, while some companies are keen exponents of the captive approach, the potential implications of the forthcoming insurance regulation, Solvency II, has given some European risk managers food for thought in terms of the types of risk they would place with a captive, and with associated governance and capital requirements. A company’s risk management philosophy may also be influenced by cultural differences, says Furgueson. He explains: “Some cultures around the world are very risk-averse. Companies in these regions tend to take very low deductibles, preferring to pay more premium to transfer the risk. Others have more appetite for risk.”
Why go global? An effective global insurance programme can produce substantial benefits. Karen Gorman, a partner in the Jardine Lloyd Thompson global support team based in London, summarises these as: • assisting with corporate governance; • maintaining greater control and consistency with comprehensive communication;
• • •
helping to control cost through economies of scale; providing a broader scope of cover on a global basis; enabling inclusion of non-standard covers that may not be available in some countries; and • enabling standardisation of insurance processes. Willis International’s global network practice leader, Claude Gallello, says that a group that has a fragmented insurance programme – in other words, allows its local businesses to make all the decisions – can be putting itself at a disadvantage compared to its competitors with global programmes. “Dealing with different underwriters is likely to produce non-competitive pricing and a lack of uniform coverage,” he explains. “There are some qualifications in certain countries but in general you are maximising your buying power when you have a global programme.” Gorman agrees, although she suggests that it’s a wise move to ensure that the costs associated with the global programme are benchmarked against what it would cost to purchase insurance in the various countries involved. Gallello also highlights the fact that a company can generally obtain broader coverages through a global programme than it can achieve individually, country by country. “Some countries like Germany may have broader coverage than is generally available, for example in the area of environmental insurance. But, as a rule of thumb, the coverage you can acquire locally by buying your policies individually are not as broad as they are if you buy centrally,” he says. Consistency is another major benefit of the global approach. Miller Insurance Services’ Matt Grimwade explains: “Companies that have a centralised approach to insurance will want to try to develop a system where there is as much consistency as possible between the different operations.” And he says that this is where rolling out best practice across the group can come in. “If they have very good quality systems and processes in place around risk identification and management in certain territories and other territories are more lax, one of the big benefits of the global programme is that they can use best practice to bring the lower standard locations up to the higher level,” he says.
LOCAL BUY-IN
It’s not for everyone … Balanced against the cost and consistency benefits are some considerations that might erode the effectiveness of the global approach for some organisations. Perhaps one of the greatest of these is the need for local management buy-in, which is not always easy to obtain. Gorman says that this is a common problem. She cites the example of a company that made an overseas acquisition whose risk appetite was very different from its new parent. “The parent’s risk management policy was to insure property against catastrophic losses, so it was taking a huge deductible. But the acquisition was historically very risk-averse and had been buying property cover with a zero deductible. When it came into the global programme,
40
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
it insisted on buying a deductible infill programme, effectively just pound-swapping with the insurer concerned.” Local entities are also likely to have established relationships in their national markets while their local brokers may tell them that their existing arrangements are cheaper than those provided by the global programme. This is clearly where Grimwade’s “wriggle room” in respect of premium allocation may help. Risk managers considering global programmes should also be aware that there may be considerable administrative work involved. And Gallello doubts that a company without central control will be able to make a global programme work.
Conversely, companies without a looking for a suitable loss adjusting firm to be centralised insurance approach are likely to nominated that can provide a global service.” ‘Master policies are experience greater inconsistency about the However, perhaps one of the greatest benefits designed to be flexible quality of risk management across their that a global programme offers is increased risk various locations. to meet multinationals’ awareness. Gallello says: “Companies need to Related to this is the consideration of know what the risks are around the world, different needs’ how a company can charge the cost of risk to particularly when they are considering Matt Grimwade Miller Insurance its individual subsidiaries in a way that reflects acquisitions in different territories. A global its risk management focus. “Captives can play approach creates more awareness so that a big role in that, helping to highlight the cost of risk and the companies can ensure they have appropriate practices in place.” benefit of good risk management practices,” Furgueson says.
Premium pressure Grimwade explains that risk managers with a global programme can use their premium allocation model to instil best practice. “Companies generally apply a number of criteria when deciding premium allocation. For example, these can include loss history, the physical protections that are in place and how many historic risk management recommendations have been completed. “All these criteria can be developed into a model to make the approach to premium allocation more sophisticated,” he continues. Ideally, risk managers should make their premium allocation model as objective as possible, so that there is less basis for local entities to take issue with why they are being charged certain amounts. However, Grimwade also stresses that risk managers and chief financial officers may also be looking for some flexibility in the model. “They may want some wriggle room to allow them to charge their operations in some territories more or less than the model suggests – for example, a preferential premium because they want to convince them of the benefit of embracing the global approach.” Agreeing that a multinational approach helps in implementing a global loss control programme, Gallello also points out that claims can be handled more efficiently through a global programme. In connection with this, Oval Insurance Broking director of global accounts Chris Leage says: “A global programme allows you central co-ordination from the country where it’s been issued, which is usually the domicile of the client’s head office. Generally, this means you have greater control of how claims are handled and you would be
Flexibility
The global master policy that sits above locally arranged covers is usually very flexible, says Grimwade. “It reflects the fact that global companies have very different characteristics and will want their insurance programmes to operate in different ways. “Some are very centralised and want to have their insurance programmes operate in the same way, with central control over coverage retention levels, risk management approaches and how premium is allocated across the territories. Other companies are far more regionalised or territorially decentralised. “So while company A may want a clear, consistent, rigid and regimented global programme, with every territory included, company B may want more flexibility to leave some operations to buy locally or to buy insurance at lower levels. Master policies are designed to be flexible to meet multinationals’ different needs,” Grimwade explains. Similarly, a global master policy can accommodate the needs of companies with their own captive insurers. The company may have the option of using its captive to underwrite risks directly in the territories where it is legally allowed, with the global master policy acting as reinsurance, or the global master policy can be the direct underwriting tool, reinsuring with the captive and then covering the balance of the risk that exceeds the captive’s desired retention. Generally, the bigger and more centralised the company, the more streamlined and consistent its global programme will be. And it will enjoy the maximum benefits from transparency of cover, consistency of approach and economies of scale. SR
[READ MORE ONLINE] For more information on global programmes, download StrategicRISK’s Executive Report at www.strategic-risk.eu or goo.gl/ijG0K
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
41
GOVERNANCE [ ETHICS ][ COMPLIANCE ][ REPORTING ]
RISK ATLAS CORRUPTION
Dodgy dealings Corruption is rife around the world, but larger companies are no longer turning a blind eye
C
RIME AND CORRUPTION IS STILL A HUGE PROBLEM IN many parts of the world, and corruption remains an obstacle to progress, claims Transparency International (TI), a leading anti-bribery lobby group. According to TI’s latest corruption perception index nearly three-quarters of the world has a serious corruption problem. “These results signal that significantly greater efforts must go into strengthening governance across the globe,” said TI chair Huguette Labelle. Despite this, most risk managers recently surveyed by StrategicRISK in the Risk Report 2011 said that corruption is becoming rarer in large companies because of the need to comply with legislation, coupled with fears of the damage to reputation and potential penalties that would almost certainly result from being found out. The USA’s Foreign Corrupt Practices Act has been ensnaring miscreant companies far beyond American shores for years. And now, with the UK’s even tougher new anti-bribery regime being enforced, companies have even fewer places to hide (for detailed information on the Bribery Act go to strategic-risk.eu). No international trading operation is immune from America’s main agent, the Securities and Exchange Commission (SEC), which is now much more powerful and better-funded than it was before the Madoff scandal of 2008 revealed its weaknesses. The SEC is also involving similar international authorities, such as the UK’s FSA, in its pursuit of offenders much more than it has done previously – as Italy’s energy giant ENI and Germany’s Daimler discovered. ENI and its former Dutch subsidiary Snamprogetti were fined $365m (€258m) last year for violations of the act a er bribing Nigerian officials. “This elaborate bribery scheme featured sham intermediaries, Swiss bank accounts and carloads of cash as everyone involved made a concerted effort to cover their tracks,” says SEC Division of Enforcement director Robert Khuzami. “But the billion-plus dollars in sanctions paid by these companies show that ultimately there is no hiding or profiting from bribery.” (The unseemly scramble for Nigeria’s oil and other assets has netted the SEC no less than $1.28bn in sanctions.) ENI, which used a UK solicitor among other go-betweens to pay Nigerian officials through secret bank accounts, did not respond to StrategicRISK’s request to explain how it had reformed its governance procedures in light of the fines. As for Daimler, its $91.4m disgorgement penalty – not counting $93.6m in fines on related charges – was for ‘a repeated and systematic practice’ of bribing government officials across half the world. NB: The CPI is a composite index, drawing on 13 different expert and business surveys. Source surveys for the 2010 CPI were conducted between January 2009 and September 2010. SR
42
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
22
Spain Europe’s biggest money
30 laundering operation
was found in Spain, where an international network was accused in 2005 of laundering €250m through real estate investments in the Costa del Sol. The money had been illegally obtained from drug trafficking, prostitution rings, international arms trading, kidnapping, blackmail and tax evasion.
USA
Romania
One member of 22 Lockheed Martin’s board of directors earned his position shortly a er retiring from the US government, where he served as under-secretary of defence for acquisition, technology, and logistics. During his time in this position, he approved the contract to purchase Lockheed Martin’s controversial F-22 fighter jets.
high-level government officials must disclose – on a website accessible to the public – their financial and property holdings, as well as any positions they hold in associations and businesses, any paid professional activities and their personal investments in companies.
Philippines
Solomon Islands
A 2005 survey of 701 134 companies in the Philippines asked managers if they had solicited a bribe in the past year. One-fi h of respondents had when dealing with government agencies, either to request a local government permit (36%), pay income taxes (30%), petition for a national government permit or licence (28%) or import goods (21%).
In Romania, the law
69 stipulates that all
Since the 1990s,
110 multinational
corporations have allegedly bribed key politicians in the Solomon Islands to create a favourable operating environment for logging and to weaken national-level timber management. This provides advantages such as a decrease in export taxes and postponement the logging export ban. Source: Transparency International
IN ASSOCIATION WITH
Key 9.0 – 10 8.0 – 8.9 7.0 – 7.9 6.0 – 6.9 5.0 – 5.9 4.0 – 4.9 3.0 – 3.9 2.0 – 2.9 1.0 – 1.9
69
0.0 – 0.9 No data
30
1 = first place (least corrupt), 178 = last place (most corrupt) Source: Transparency International
134
Top 10 most corrupt countries Rank Country
Clientelism An unequal system of exchanging resources and favours based on an exploitative relationship between a wealthier and/or more powerful ‘patron’ and a less wealthy and weaker ‘client’.
Debarment Procedure where companies and individuals are excluded from participating or tendering projects. Governments and multilateral agencies use this process to publicly punish businesses, NGOs, countries or individuals found guilty of unethical or unlawful behaviour.
Facilitation payments A small bribe – also called a ‘facilitating’, ‘speed’ or
Score
1
Somalia
1.1
2
Myanmar
1.4
‘grease’ payment – made to secure or expedite the performance of a routine or necessary action to which the payer has legal or other entitlement.
3
Afghanistan
1.4
4
Iraq
1.5
Grand corruption
5
Uzbekistan
1.6
Acts committed at a high level of government that distort policies or the central functioning of the state, enabling leaders to benefit at the expense of the public.
6
Turkmenistan
1.6
7
Sudan
1.6
8
Chad
1.7
9
Burundi
1.8
10
Equatorial Guinea 1.9
JARGON BUSTER
State capture A situation where powerful individuals, institutions, companies or groups within or outside a country use corruption to shape a nation’s policies, legal environment and economy to benefit their own private interests. Source: Transparency International
110
Source: Transparency International
www.strategic-risk.eu [ JULY 2011 ] StrategicRISK
43
Theory & Practice
[ INSIGHT ] [ CASE STUDIES ] [ BEST PRACTICE ]
SECURITY
Coping with kidnapping No longer reserved for movies and millionaires, kidnapping is a very real possibility for executives working and travelling in risky environments abroad. Make sure you know how to keep yourself, and your staff, safe
H
ISTORICALLY, LATIN AMERICA WAS the most likely place to be kidnapped, but the proportion of abductions there has decreased in recent years as other parts of the world have begun to see more cases, with some parts of Africa now seeing increases year-on-year. The precise nature of the risk varies from place to place, with opportunistic criminal gangs, militants and paramilitaries all having different modus operandi, which in turn demand different strategies to mitigate the threat. What all kidnappers have in common, however, is that they want a ransom payment in cash or kind (usually some kind of political concession). And while there is willingness to pay ransoms, the threat will be perpetuated. In addition, the rising price of
commodities is encouraging companies to work in increasingly risky environments as higher profits pay for the increasingly sophisticated – and expensive – risk mitigation strategies needed to keep staff safe. So, while context is always king in understanding the threat, what are the general rules for keeping staff safe in high-risk environments?
1
CONDUCT A FULL RISK ASSESSMENT The entire corporate approach to kidnapping should be risk-based and a full assessment is essential. From there it’s possible to move on and make sure that effort and resources are concentrated on the key areas, individuals and projects that are most in need.
2
ENSURE ALL STAFF ARE PROPERLY TRAINED As well as conducting regular briefings with staff to inform and guard against complacency, security managers should be making sure any staff that need it have up-to-date hostile environment and hostage survival training. This will help them to develop a ‘survivor mentality’ by teaching techniques to understand and limit the psychological impact of being kidnapped – such as how trauma affects the mind and body – as well as offering information about what will happen: the phases of a kidnap; what support their family will be getting; and what will be going on in the outside world.
3
EFFECTIVE JOURNEY MANAGEMENT Many kidnappers target individuals in transit and there is much that can be done to lower this risk by teaching staff how to travel. First, choosing the right vehicle is essential. “We advise a low-profile vehicle without corporate logos,” Control Risks’ Alex Martin says. “Something not too excessive or impressive – something that will blend in.” He also advises good vehicle maintenance and training for drivers: “They need to know where they are going and the safe havens en route. Nobody wants
Concealment versus deterrence in transit
T
Jonathan Edwards
HERE ARE TWO BROAD SCHOOLS OF thought about managing the security of important individuals (VIPs) in transit through the war-stricken environment of Iraq. One of the main proponents of the concealment approach is Control Risks, whose
44
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
non-offensive tactics rely instead upon anonymity, and at times, subterfuge. The security firm uses a mixture of personal and commercial vehicles to disguise VIPs. The vehicles are all local, second-hand and armoured discreetly, if at all. The downside of this approach is that contingency plans (such as battling your way out of a sticky situation) are harder to effect once discovered, and without the capacity to go off road, it is harder to manoeuvre out of the situation. The benefit is that this non-military approach can help avoid confrontation. In contrast, Blackwater Inc (now Xe) was best known for, but by no mean the only practitioner of, the opposite – the ‘all guns blazing’ approach to managing transit risk. Their conspicuously armed, armoured vehicles aggressively maintain an
‘exclusion zone’ around the vehicles. If another vehicle gets too close, they may immobilise it by firing at the engine block. While they can cope with off-road conditions and therefore accept riskier assignments than their competitors, they also have a much higher mortality rate.
to have to stop and ask directions in a dangerous area.” Security managers need to know who is in the vehicle, the route they are taking, when they leave and when they arrive.
4
PERSONAL RESPONSIBILITY While most new staff will be vigilant, with time even the best can become complacent. Personal vigilance of the environment is an essential defence against kidnapping. Is anyone acting strangely? Do staff know where the safe dangerous areas are? “This can change within a couple of blocks in many cities around the world,” Martin says. Wherever possible, routes and routines should be varied and drivers should be aware that most attacks happen near places of work or residences. “Simple things like where you park or approaching your car with your keys ready can be very effective,” Control Risks’ Hannah Clark says. Security managers can support staff in this by conducting regular reviews of popular hotels, and even restaurants and shopping centres, to ensure everyone is up to date.
5
ESTABLISH A CORPORATE CRISIS MANAGEMENT STRATEGY What happens when things go wrong? “Risks can be reduced, but not eliminated,” Martin says. “Every company needs to make sure the staff and training are in place to spring into action if a kidnapping happens.” It’s essential that companies have well-established crisis management plans that are reviewed and drilled regularly both internally and, if possible, using a outside organisation, to apply specialist rigour and stress testing. This process must be fully embedded into in-country management. SR
WORLD OF WORK
A career from start to finish W
ITH THE ASSISTANCE of Airmic and its members, StrategicRISK looked at the various rungs on the risk career ladder. Insights were drawn from candid interview with individuals across the career spectrum, highlighting several overarching themes:
1
RISK MANAGEMENTSPECIFIC TRAINING IS NOT ALWAYS THAT ROBUST Building skills and experience on the job is essential. You may have to study hard at the same time as working. It’s not unusual for a risk manager to study a law degree or a MBA while working.
2
RISK RECRUITERS DON’T UNDERSTAND THE CORPORATE WORLD Risk recruiters’ knowledge doesn’t usually stretch to corporate risk. In some ways, they can’t be blamed – risk management tends to take on a different hue in each company. There are also so many facets to it, it can be hard to know exactly what a company is looking for.
3
SWITCHING INDUSTRY IS NO PROBLEM While the risks might change between industries, in general
the way a company deals with those threats does not change. The core skills of risk assessment, quantification and treatment are highly transferable.
5
MENTORING CAN BE EXTREMELY VALUABLE, ESPECIALLY FOR JUNIOR MANAGERS It’s fairly common for senior risk managers to have a mentor of some description, but it’s not always that common for junior risk professionals to have the same opportunity. The best organisations today are bucking that trend. Junior risk management professionals benefit from having a mentor outside the risk department who they can discuss sensitive political issues with.
7
JUST BECAUSE YOU STARTED IN INSURANCE DOESN’T MEAN YOU HAVE TO STAY THERE The skills that insurance professionals develop are highly useful when applied to the realm of corporate risk management – particularly in
terms of risk assessment and quantification. But insurance risk managers should not be afraid to expand their horizons and grow their role to include enterprise risk management, strategic and business risks. Insurance will only ever be a niche within the business world. You don’t have to be stuck there forever.
8
BE BRAVE AND DON’T BE AFRAID TO MAKE A NUISANCE OF YOURSELF Part of the risk manager’s job is to ask tough questions of authority. A good organisation should recognise this rather than trying to silence the individual.
9
GETTING THE TOP JOB IS NOT EASY Risk managers who have reached the lo y heights of chief risk officer have had to walk a tightrope between managing the expectations of executive management and the realities at the business coal face. Communication is king. SR
[READ MORE ONLINE] For more insights into the risk management career path, download StrategicRISK’s Career horizons at www.strategic-risk.eu or goo.gl/jonym
ce the ake u u d q e h r t r o t a e How of an t c a p m i financial ‘ Seismic Matters’. Our Free White Paper outlines a new engineering-based approach to minimising risk and loss. Download it now at www.fmglobal.co.uk/touchpoints
Secure the value you create
THEORY & PRACTICE [ INSIGHT ][ CASE STUDIES ][ BEST PRACTICE ]
KNOWLEDGE Risk registers can build a culture of awareness The dangers inherent in business collaboration cannot be fully mitigated by one party. But that doesn’t mean that they can be ignored. Risk registers need to identify ‘relationship risks’ along with actions to mitigate them. This means getting boards to pay attention to these less obvious – but no less dangerous – risks and building a culture of openness and awareness.
RELATIONSHIPS
For better and worse: the tricky nature of collaboration P
46
Work together: problems can be avoided if all components in a business relationship keep communicating
4
Credit
EOPLE HAVE ALWAYS KNOWN that the greatest risks in any system are at the boundaries – and that’s never been more true than in today’s interconnected business environment. Twelve months on from the BP Deepwater Horizon disaster, there are still many lessons to be learned. Reports from the Presidential Oil Spill Commission identified the causes as systematic failures of management rather than one-off technical problems, and at the heart was a failure of the “many ambiguous dotted line relationships with and between the companies involved”. It’s not just the oil sector that has this problem – consider the recent Railway Safety and Standards Board report on the UK’s Network Rail, which concluded “there is no open culture” between Network Rail and its contractors, leading to the underreporting of some 500-600 workrelated injuries leading to lost man hours over five years. Clearly the nature and quality of relationships between organisations can be a source of significant unquantified and unmanaged risk for many businesses that now have to work collaboratively. There are many reasons why these relationship risks are not identified and actively managed. Principally it’s because the risks are not under the control of a single organisation and therefore slip between the gaps. Relationship risks are complex and dependent on the nature, governance and operation of the
Reuters
Monitoring and nurturing relationships between collaborative businesses is no easy task, meaning vital – and beneficial – components can slip through the net
collaboration – and crucially the behaviour of the leaders involved. Here are five things you can do to manage relationship-driven risks. Some of the solutions are structural, some procedural and others are attitudinal.
1
SET UP AN EARLY WARNING SYSTEM The key to any safety system is monitoring the precursors as advance warning signs of a major incident. But when a system involves several different organisations, like the rail industry or the Deepwater Horizon well, it’s much harder to identify cross-organisational warning signs. Experienced managers pick up signs intuitively within their own organisations, but between organisations these feelings are o en dismissed. Indicators of problems ahead might include difficult collective decision making, communication breakdowns,
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
should be periodically reviewed by the board, but o en these don’t focus on the real worries and fears of the directors. Issues as complex as the relationship between organisations are rarely identified in these documents so the whole board doesn’t get the chance to scrutinise this area of risk. If the future success of the business depends on building strong partnerships, then the UK Corporate Governance Code provides a vehicle for boards, during their annual board evaluation process, to check that the risk register reflects the need to manage relationship risks inherent in the business’s strategy.
non-attendance at critical meetings, or public arguments between leaders.
2
CREATE THE RIGHT SET OF INCENTIVES AND SANCTIONS In a complex system like rail transport or oil exploration, things will go wrong. Equipment will fail, people will make mistakes. A robust strategic risk system will incentivise partners to identify these small failures and communicate them early to others, and also have a sanctions regime that notices when something is out of expected bounds and acts quickly to highlight it via a proportionate penalty.
INCREASE THE ABILITY OF LEADERS TO WORK COLLABORATIVELY The Presidential Commission mentioned earlier said that ‘a culture of leadership responsibility’ was lacking on the Deepwater Horizon. They identified the need for a culture in which ”individuals take personal ownership of safety issues with a single-minded determination to ask questions and pursue advice until they are certain they get it right”. These cultures need leaders who build open relationships, encourage upwards communication of bad news and ensure that this communication happens with partners too.
REVIEW AND ACTIVELY BUILD PARTNERSHIPS Like any marriage, strong enduring relationships don’t happen by accident and they have their ups and downs. Relationships between businesses need tending carefully. This means: clear governance that identifies how the parties will work together (and resolve their differences); a single, agreed dataset to avoid much of the arguments about joint performance; and collaborative leaders who recognise the need to invest time and resources in making the partnership work. SR
3
David Archer and Alex Cameron are both directors of business partnership consultancy Socia and authors of Collaborative Leadership – how to succeed in an interconnected world.
MAKE SURE YOU HAVE BOARD SCRUTINY OF RELATIONSHIP RISKS All businesses have risk registers that
5
VIEWPOINTS [ PEOPLE ][ OPINION ][ COMMUNITY ]
WHAT’S INSIDE YOUR HEAD?
Headspace Airmic chief John Hurrell couldn’t be happier with a nice car, a good pint and his iPhone – but getting this year’s annual conference right would make his summer
Who is your greatest hero? It’s got to be Winston Churchill – surely the best risk manager who ever lived.
What is your greatest achievement? Managing to stay a part of our great industry for more than 40 years. I have tried to add value wherever I can and to help the younger people coming through – they will pay my pension long into the future, I hope. What is the most important lesson you’ve learned? In this industry, reputation and integrity is everything. Any other development requirement can be fixed. I think it’s amazing how many times in a career individual paths cross and re-cross each other. People always remember the good things – and, therefore, the not-so-good things – from the last time.
What is your greatest fear? A sustained economic downturn, possibly leading to further cuts in resources for risk managers. Many of our members are having to run faster to do more with smaller teams or fewer resources than they had four or five years ago . This means that the urgent tasks take precedence over the important tasks, and some things just do not get done. Any further threats to resourcing levels would have potentially very negative results for those companies concerned.
StrategicRISK [ JULY 2011 ] www.strategic-risk.eu
What makes you unhappy? Charlton losing again! But I’m learning to live with it.
What is the worst job you’ve ever done? Settling household comprehensive insurance claims for the Royal Insurance Company in Brixton, New Cross and Lewisham in south London during the early 1970s. I learned a lot about the real world, dealing with customers and human nature.
learned a lot about the real world’
48
What makes you happy? Spring in the English countryside, a pint of bitter and good company – hopefully all at the same time.
What’s the biggest risk you’ve ever taken? Coming to Airmic. But big risks can deliver big rewards – I’m having a great time working with an excellent secretariat and board and with our terrific members.
What are you thinking about right now? Identifying what the most important issues are for our members at the moment and how we ensure we address these at Airmic’s annual conference in Bournemouth in June. We’ll have some valuable stuff for members at the conference this time around, on non-disclosure risks, career management, reputational ‘In Brixton, risks and property insurance benchmarking. New Cross At the other end of the scale, we are also looking at all the final and Lewisham details of how the conference will in south run, down to the choice of lunchtime food, the timing London during of announcements and so on. the early 1970s, I These details are important.
What was your most embarrassing moment? Arriving at an Airmic dinner about 15 years ago wearing my dinner jacket but no matching trousers. My blue pinstriped trousers created quite a fashion statement – not one I’d care to repeat. Luckily, that didn’t come up in my interview for my current job.
What is your most treasured possession? My Mercedes SL – now closely followed by my iPhone.
Tell us a secret. Sorry, I did know one once but I blabbed it. SR
Illustration by Richard Phipps
John Hurrell is chief executive of Airmic
Photos: Creatas, Photodisc, Enrique Algarra/PIXTAL, DigitalVision, Juliet White/Gettyimages -
a redeďŹ ned vision of service
a reliable company available teams attentive advice
Visit us at stand 68&69 to see how we can help you! www.axa-corporatesolutions.com
www.ferma-forum.eu