The Role Of Insurance In Risk Management

Risk is the uncertainty, possibility or chance of loss. A chance occurrence that results in monetary losses makes the profit predictions of an organization unreliable.

Taken a step further, such chance occurrences may expose the organization to a loss or series of losses of a magnitude that could compromise its financial stability and ability to survive.

Risk management is the active identification, evaluation and management of all potential hazards and exposures to loss that a risk may experience. It incorporates insurance in the process but also provides organized alternatives if insurance is not available, inappropriate or too expensive.

Risk management is a continuous process of identifying loss exposures, measuring them against the firm's ability to tolerate them and then handling them with the appropriate control, transfer or financing techniques.

Constant monitoring of exposures and attention to them affects risk management decisions. Exposures identified but not already addressed by a strategy must be reevaluated and decisions made about the best methods for handling them.

In a current, broader concept of Enterprise Risk Management, the goal includes using concepts that will allow a business to identify and assess additional business opportunities with the evaluation including how well that opportunity fits with the entity's risk appetite. So what is the role of insurance in risk management? - read on to learn more.

Risk is either speculative or pure.

Speculative Risk

Speculative risk has two possible outcomes: the chance of gain or the chance of loss. When a business commences operations, it will experience only two possible outcomes over a period of time. It may be successful and make money or it may lose money because income does not cover expenses.

Organizations deal with this type of risk by choice, actually seeking or exposing themselves to certain risks with the hope of taking advantage of opportunities. Speculative risk includes consideration of opportunity costs and what might be lost by not taking a chance on a potentially profitable venture.

Risk managers involved with this type of risk must be able to evaluate business, credit and commodity risks, hedging exposures and investment risks.

Pure Risk

The other type, pure risk, also offers two possible outcomes: loss or no loss. Examples of this type of risk include loss to property by fire, wind, or theft; third party liability claims for damages; or the interruption or reduction of income from loss of power, strikes or fire.

With pure risk, the most favorable outcome is to have no loss. The only other possibility is that a loss will occur. This is why exposures need to be identified and analyzed to determine the effect they may have on continuing business operations.

Whether identification and analysis takes place, the only two outcomes with pure risk situations are loss or no loss. Risk managers involved with this type of risk must be knowledgeable and experienced with insurance, various risk transfer clauses in operating contracts, loss control and safety and accident prevention.

Pure risk exposures involve a number of broad and diverse classes of risk. They include:

• Economic
• Legal
• Political
• Social
• Physical
• Juridical

Any or all of these can present significant exposures to any organization. Pure and speculative risks do not exist independent of one another. Both types exist and interact with one another in varying degrees in most organizations. This article is confined to pure risk exposures and the role of insurance in risk management.

The risk management process consists of activities organized into five sequential steps or phases:

1. Risk Identification
2. Risk Analysis
3. Risk Control
4. Risk Financing
5. Risk Administration

The first risk management step is identifying the existing exposures to loss as well as exposures that may exist in the future.

This is accomplished by gathering information by any number of methods, including survey forms, questionnaires, physical inspections, product and procedure flow charts and contracts, financial records and loss history reviews.

These approaches attempt to discover the exposures to loss faced by an organization. This phase is the foundation of risk management, since a risk not properly identified or addressed by the organization or an individual is retained.

Once the exposures are identified, they must be organized and quantified. This is accomplished in this phase. Organizing risk, also known as the qualitative portion of the analysis phase, requires reviewing and categorizing exposures into those sharing common elements.

One method is to place exposures into similar classes representing potential losses, such as:

• Property exposures
• Liability exposures
• Net income exposures
• Human resource exposures

This phase also includes quantifying the loss potential from the identified exposures. This is accomplished by estimating the dollar amount of future losses that may occur.

One method of projecting future losses is to review past loss experience, then use statistical probability and trend analysis to extrapolate that past experience into estimated future losses. Quantification also assists the risk manager in prioritizing the order or sequence in handling possible loss exposures.

This is the action phase. It includes any action taken, at the most optimal cost, to minimize or reduce losses that may occur. In these actions the role of insurance in risk management becomes apparent. The principal types of risk control methods most commonly used in this phase are:

1. Avoidance
2. Prevention
3. Reduction
4. Segregation
5. Contractual Transfer

Let's look at exactly what is meant by each of these terms:

Avoidance is a decision to not engage in a particular activity that creates an exposure to loss. It can also mean the elimination of an activity that creates an exposure to loss.

When a risk is avoided, loss probability is zero. Be aware that this method is not practical in all cases, since it could involve avoiding activities that might be positive and result in profits.

Prevention is any measure that reduces the probability or frequency of a particular loss occurring but which does not completely eliminate all possibility of that loss occurring. Prevention attempts to reduce the likelihood of an occurrence.

Reduction efforts attempt to reduce the severity of the losses that do occur. Wearing a motorcycle helmet when riding does not stop the accident from happening, but it should reduce injury to the rider if an accident does occur.

This approach recognizes that, since certain losses are inevitable and cannot be avoided or prevented, they should be acknowledged and steps taken to minimize their impact.

Segregation consists of two techniques.

The first is separation of loss exposure units and it is used in conjunction with the second technique, which is the duplication of loss exposure units. With separation, assets are divided into two or more separate units. If they are then further separated geographically, the likelihood of all assets being lost in a single event is greatly diminished.

Duplication, on the other hand, involves the reproduction of an asset to be a standby kept in reserve. A common example of risk control by segregation is in the use of computer backups. The backup disk becomes the duplication function and storing the backup disk in a separate location is an example of the separation function.

Contractual transfer is the shifting of a loss exposure in conjunction with an asset or activity, using a written contract or agreement, from one party to another.

In contractual transfers for risk control, there is no indemnity or compensation between the parties. The obligations for loss exposures resulting from the performance of certain activities that one party deems hazardous are transferred.

An example of risk control by contractual transfer is the outsourcing of a "risky" activity to an independent contractor.

The risk control phase is important but it only rarely eliminates risk unless avoidance is practiced. The undesirable event may still occur and if it does, the organization will need funds to pay for the damage caused by the loss. These funds are obtained through the function of risk financing.

Risk financing involves acquiring funds at the lowest cost from which losses will be paid - and here is where the role of insurance in risk management becomes clear.

There are only two answers to the question of who pays for damages caused by losses. In one case, the organization experiencing the loss pays for the damages (risk retention). In the other case, another person or a different organization pays for the damages (risk transfer).

There is a distinction between risk transfers made for risk control and risk transfers made for risk financing. Risk control transfers shift or transfer the acts or obligations to perform to another party.

Risk financing transfers shift the obligation to pay. It is possible to transfer the obligation to perform a given act or process without transferring the obligation to pay for losses as a result of the obligation to perform.

The reverse is also true and allows transfer of the obligation to pay without transfer of the obligation to act. It is normal to transfer both the obligation to act and the responsibility to pay losses arising from the transferred obligation but it is not necessarily done that way in every case.

Financial risk transfer is accomplished in one of two ways. One is to transfer it to a professional risk bearer (an insurance company) by purchasing an insurance policy - the role of insurance in risk management. The other is to transfer it to someone other than an insurance company.

The financial transfer of risk to an insurance company is well known and understood and was briefly discussed in the first part of this article. The financial transfer of risk to a non-insurance entity is not necessarily as well known but is still fairly common.

Hold harmless agreements, indemnification clauses and liquidated damages clauses are examples of frequently used risk financing transfer clauses. They are found in a number of different written operating contracts, such as lease agreements, customer sales agreements and agreements with independent contractors.

Other examples of financial risk transfers include the obligation of a tenant to pay for plate glass damage or for the repair/replacement of mechanical equipment damage to the landlord's building.

Persuading another entity to pay for losses may be desirable but the cost of actually doing so may be prohibitive or impractical. As mentioned above, any risk not transferred is retained. In many cases, it may be more cost-effective to retain certain risks and the resulting damages and pay them like operating expenses.

Losses that occur frequently and predictably but which have fairly low dollar amounts attached to them can usually be budgeted and efficiently financed internally through risk retention. Other methods of risk retention and financing include pre-loss funded and unfunded reserve accumulations and post-loss borrowing of funds.

Defining and coordinating financial risk transfer methods with financial risk retention methods is one of the most challenging tasks confronting the risk manager.

The ability to anticipate losses, making arrangements to prevent, reduce or control their impact and adequately arranging for funds availability to pay for them is the reason the position exists and is one of the measures of the worth of the risk manager to the organization.

Risk control and risk financing activities interact with each other. An effective risk management program must use at least one risk control technique and one risk financing technique for each identified exposure.

Risk administration is the implementation and monitoring of risk management policies and procedures. Risk administration covers a broad range of activities frequently assigned to the risk management department. Some examples are:

• Corporate planning
• Policy development
• Safety programs
• Contingency and catastrophe planning
• Crisis management

Other regular or frequent administration activities include claims administration, allocation of the costs of risk, litigation management, insurance acquisition, loss monitoring and incident (near-miss) investigations.

The risk manager's job is to identify and analyze risks and to make recommendations to management concerning how to control and finance them. To do this effectively and efficiently, the risk manager must be aware of all the activities, assets, locations, products and processes of the organization.

Risk managers must also have knowledge of business law, statistics, economics, safety and loss control, business finance and insurance. Most of all, the risk manager must be innovative in applying this knowledge in the performance of his duties.

The risk manager is responsible for anticipating losses, adequately preparing the organization for them and minimizing the costs of doing so.

The role of insurance in risk management is this: insurance is a component of risk management, not a substitute for it. In exchange for the payment of a known loss (the premium), insurance transfers the financial consequences of covered loss exposures from the insured to the insurance company.

This transfer of loss exposures by purchasing insurance to cover them is the most common and frequently used method of handling risk. However, some exposures are simply too trivial to justify the purchase of insurance and others are so monumental, uncertain or uninsurable that no insurance carrier will accept them.

In addition, worldwide exposures, certain unique types of risks and exposures created by government-enacted legislation are normally avoided by most insurance companies. To summarize, insurance is simply not available for many of the risks and exposures that organizations face.

If insurance for a given risk or exposure is not available, that risk or exposure becomes retained by the insured and must be financed with funds from within the organization if it causes a loss.

Insurance availability is not the only reason to seek alternatives to handling risk. Organizations monitor use of corporate funds closely because of the ever-present need to maximize profits.

If organizations do not use the most effective and efficient methods of financing identified risk or loss exposures, they jeopardize their competitive position in their marketplace and possibly their future survival. This is why The role of insurance in risk management is so important,