Where will the next few years take risk managers? It probably depends on the size of the organization involved. With smaller firms, it may be business as usual with a slightly higher employment practice exposures as layoffs increase. In larger financial firms, expect a move toward less complicated financial products. In the wake of the financial crash, increased regulatory agency oversight is a certainty. In a recent OpenPages survey, fully 90 percent of those Fortune 1000 risk professionals believed that increased regulation was a certainty.
Expect increased violence abroad due to economic instability, according to Strategic Risk, a UK-based publication. It cited Iceland as one example. Based on economic strife, Iceland went from the most peaceful nation to the fourth, according to the Global Peace Index. Clearly, this international trend will compel risk managers to brush up on their kidnapping and ransom coverage understanding as well as implement better travel and security policies for their employees both at home and abroad.
A trend toward licensed risk managers who purchase coverage for their companies will increase, according to one commercial underwriter at a national carrier. “This will enable them to have greater control over the risk transfer and selection process and control costs by absorbing commissions that would be paid to the broker.” He foresees risk managers forming “insurance clusters to gain access to multiple markets for coverage.” This model has worked for small independent insurance agencies, so why not for risk managers?
According to one risk management specialist, the sustainability movement will impact risk management. Green supply chains, additional costs to implement green technology, radical social movements that threaten developers, researchers and others all pose risk that is difficult to quantity and even more difficult to prevent. Privacy concerns will also continue to force companies to invest in more technology.
As enterprise risk management gains acceptance, risk managers will often become Chief Risk Officers and must be able to “speak CFO,” according to one risk management consultant. An “MBA in finance will be the minimum education requirement,” according to one health care director.
The need for management of reputational risk for companies will increase as social networking can quickly damage a company’s reputation. While it used to take months or years for a company’s misdeeds to penetrate the media, today one misstep can be spread virally in virtually minutes. YouTube and social networking sites can literally engulf a company’s reputation in minutes. In addition, key employees’ postings and on-line behavior can expose a company to risk, as well. Human resource managers are currently grappling with this reality, according to a Deloitte LLP-commissioned April 2009 study.
While greater financial skills will be required for risk managers working in larger corporations and especially in any financial firms, the bedrock skill of a sound risk management program is still strong communication skills. That will never change. Unfortunately, in the Fortune 1000 survey noted above, over 70 percent of the respondents described their governance, risk and compliance as “siloed,” which is problematic for the very companies that should be implementing enterprise risk management.
One thing is certain — the next years will be challenging for risk managers as they strive to balance profits with managing risk.