Geoff Taylor: Risk managers often must sell management on their value

AIRMIC's outgoing chairman explains to Business Insurance Europe's Adrian Ladbury how risk managers can prove their worth to the board.

The concept of upside risk management is gaining in currency among the boards of European corporations. But risk managers still have a lot of selling to do before it becomes mainstream and helps bolster the influence of risk managers, according to Geoff Taylor, immediate past-chairman of the U.K. Assn. of Insurance & Risk Managers.

Mr. Taylor, who is the Hilversum, Netherlands-based Europe, Middle East and Africa region risk manager for U.S. sports goods manufacturer Nike Inc., embraced how to gain competitive advantage from risk management as his theme for his year in charge at London-based AIRMIC.

He is a strong believer in the idea that companies can use the disciplines and processes adopted by risk managers to help identify positive as well as negative influences on their business and thereby more efficiently decide how to allocate capital. But, he conceded, most companies in Europe still identify loss prevention, loss control and insurance management as the goals of risk management.

"The traditional things that risk managers do obviously add value. Clearly insurance risk management is valued. The board recognizes the value from negotiating with the insurance market to create programs, and where risk managers are involved in risk control engineering, they clearly add value in the way facilities are engineered, because it can minimize costs," said Mr. Taylor.

"Also, where risk managers are involved in business continuity planning, and particularly in companies where losses have occurred, they are valued. The challenge is the upside, because it seems that only when pretty bad things have happened, (risk management) is recognized," he added.

Mr. Taylor said one of the problems with upside risk management is that it is currently widely interpreted.

He said that the concept will vary from company to company depending upon its business, but, generally speaking, it can be defined as the practical application of risk management processes to identify and measure risks and opportunities to help with decision-making.

"When you go into any venture (such as an acquisition) as a business, you hope to realize gains. The success of the venture will be based on certain assumptions, some will be based upon fact and research. If you apply risk management principles, you can maximize the upside and avoid the pitfalls or use risk management techniques to decide which bring the most benefit. It is really all about helping companies to make good investments," he explained.

Mr. Taylor said Nike is fairly typical in that it understands the value of downside risk management but less so the upside concept. He said that he and other risk managers need to continue in their efforts to promote the idea.

"There is a lot more selling to be done. Risk management is more appreciated in more regulated industries such as banking, because they are managed by directives and risk managers have a mandate. In companies like my own that are more brand-driven it is more difficult. How many companies really do enterprisewide risk management? Most of the banks and utility companies (do), otherwise I can think of probably only one other," he said.

Mr. Taylor also pointed out that risk managers within industries that operate in higher-risk areas, such as pharmaceuticals, and perishable goods, such as food, naturally have a bigger say.

"In foodstuffs, the standards are high because if you produce one bad product, it can be very bad news. People can die as a result. If you are selling athletic shoes, it is difficult to kill someone. In our company, corporate responsibility takes a leading place ahead of risk management because it is what the customers are interested in," he said.

But while risk managers who work within highly regulated industries such as banking and pharmaceuticals may enjoy a higher profile than most, Mr. Taylor does not believe that more regulation is the answer.

He believes that risk managers in most other industries simply have to work harder to sell the message to top management.

"In the past, the chief executive officer did everything. Over time, the next person to arrive on the C-suite was the chief financial officer, because the chief executive officer realized he or she could not understand everything. Then came the legal officer and then human resources and information technology, which were seen as more important to the business and accepted in the C-suite. CEOs will ask, 'Why do I need risk management when I can do it?' but the same question was asked about HR," he noted.

"Risk management is not at the top table yet, but it is about consistent processes and can help the C-suite decide to do the right thing. We don't control processes. We are here to advise. Just like the legal counsel who does not tell the CEO what to do, they advise what is best on the basis of the law," said Mr. Taylor.

Not surprisingly, therefore, one of Mr. Taylor's main projects while at the helm at AIRMIC has been to initiate a research project into enterprisewide risk management to try and prove that it does add value.

This work is ongoing, but he said that it will remain a central part of his successor's work and that he is looking forward to seeing the results.

"The difficult thing when dealing with risk management is to show the value of it, because things did not happen because risk management was in place. There is certainly evidence out there and the research program is in progress. We believe clearly that enterprisewide risk management does add value and brings competitive advantage and we can show it," said Mr. Taylor.