ERM Shows Its Worth in Pandemic

Companies with sound ERM practices were better-positioned to deal with the pandemic than those with less sound or no ERM.

Although some say COVID-19 is a black swan event, it really is not. Pandemics have occurred in the recent as well as the remote past. A clearly articulated description of pandemic risk can be found in the World Economic Forum’s, The Global Risks Report 2019. “The spread of infectious disease” was among the top 10 risks listed, based on impact. There are estimates of the cost of a pandemic in one of the special chapters in the report, though these may look small compared with what COVID-19 might actually cost.

In the The Global Risk Report for 2020, “infectious diseases” is again among the top 10 risks. That report describes the readiness of countries to deal with epidemic or pandemic and cites a Nuclear Threat Initiative study that concluded that “no country is fully prepared to handle an epidemic or pandemic.”

The World Economic Forum’s (WEF) annual meeting in Davos, Switzerland is attended by government, business, scientific and other leaders from a plethora of countries. The ideas and data developed by its staff and contributors are widely distributed and well communicated. 

The WEF is not the only organization or individual to warn about pandemics. Bill Gates gave an excellent TED talk about pandemics in 2015 that has now gone viral on the internet. Heath organizations, think tanks focused on health and other types of organizations have put out the warning, as well. 

In the face of these warnings, it is puzzling as to why has there been the lack of preparation witnessed in some sectors. On the other hand, many major corporations reacted speedily and effectively to the challenges presented by the pandemic, even if they had not had it among their list of top risks. The reason they were able to do so rests, in large measure, on these companies’ adoption and implementation of enterprise risk management (ERM). 

ERM’s Premise

ERM is a process that addresses both operational and strategic risk across all facets of an organization by identifying, prioritizing, mitigating and monitoring risk to ensure that the mission and strategy of the organization can be assured. Below are the numerous ways ERM has proven its worth in ameliorating the potential adverse effects of the pandemic, whether the risk was fully recognized or not.

See also: How Risk Managers Must Adapt to COVID

How ERM Has Mitigated Pandemic Risk Among Practicing Companies 

A robust ERM implementation includes having both a business continuity and a disaster recovery plan. These plans enable companies to 1) assemble key decision makers immediately to approve responsive actions, 2) communicate to employees quickly and 3) move to “work at home” conditions without too many glitches. Many companies have indeed moved to a “digital only” environment with employees working at home. When this was not possible, companies rapidly put guidelines in place to create social distancing and other modes of worker protection.

ERM places a heavy emphasis on information technology security. Thus, as companies migrated to more work at home, employees already had cyber training. IT staff have implemented strong controls on aspects such as accessing systems and cloud security. Further, cyber insurance products have been purchased. 

ERM also includes having a solid handle on supply chain risks, meaning that supply chains are well-documented and diversified and that supply alternatives lined up. A number of ERM practitioners moderate the parameters of their just-in-time production and ordering to allow for a certain amount of inventory to be available in the event of a catastrophe. However, even a company following ERM best practices can experience supply difficulties and losses when a pandemic is truly global and lingering, but less so than others.

In addition, ERM-managed companies tend to have very solid financial underpinnings in terms of capital levels, credit lines, investment portfolio diversification, etc. The "however" in this case is that many small businesses are unable to have as substantial a financial foundation as larger ones, and even large companies with solid financials cannot sustain a severe drop in revenues for consecutive months. Nevertheless, to the extent that practicing ERM resulted in stronger financials, companies were better-positioned to withstand the financial impact of the pandemic.

Further, ERM fosters keen focus on reputation risk. Companies with dynamic ERM practices understand the need to aggressively protect corporate reputation. As such, many of such companies widely communicated what they were doing to protect all stakeholders from the effects of the pandemic, modified their advertising to take a more sober and caring tone and introduced a new level of caution in all they did.

See also: COVID: How Carriers Can Recover

An Example for Others

Governments and healthcare institutions could have benefited from ERM or more robust ERM. The list of mitigations that could have been in place is legion. For example, stockpiles of personal protective equipment and respirators could have greater, the number of ICU beds could have been higher, protocol for where to treat patients who contract the virus could have been drafted in advance and treaties among co-operating countries that address warnings and the closing of borders in the event of an outbreak could have been drawn in advance. 

It is hard to argue that companies with sound ERM practices were better-positioned to deal with the pandemic than those with less sound or no ERM. The benefit in dollars and cents may not be able to be determined accurately, but the benefit is real.

Donna Galer

Profile picture for user DonnaGaler

Donna Galer

Donna Galer is a consultant, author and lecturer. 

She has written three books on ERM: Enterprise Risk Management – Straight To The Point, Enterprise Risk Management – Straight To The Value and Enterprise Risk Management – Straight Talk For Nonprofits, with co-author Al Decker. She is an active contributor to the Insurance Thought Leadership website and other industry publications. In addition, she has given presentations at RIMS, CPCU, PCI (now APCIA) and university events.

Currently, she is an independent consultant on ERM, ESG and strategic planning. She was recently a senior adviser at Hanover Stone Solutions. She served as the chairwoman of the Spencer Educational Foundation from 2006-2010. From 1989 to 2006, she was with Zurich Insurance Group, where she held many positions both in the U.S. and in Switzerland, including: EVP corporate development, global head of investor relations, EVP compliance and governance and regional manager for North America. Her last position at Zurich was executive vice president and chief administrative officer for Zurich’s world-wide general insurance business ($36 Billion GWP), with responsibility for strategic planning and other areas. She began her insurance career at Crum & Forster Insurance.  

She has served on numerous industry and academic boards. Among these are: NC State’s Poole School of Business’ Enterprise Risk Management’s Advisory Board, Illinois State University’s Katie School of Insurance, Spencer Educational Foundation. She won “The Editor’s Choice Award” from the Society of Financial Examiners in 2017 for her co-written articles on KRIs/KPIs and related subjects. She was named among the “Top 100 Insurance Women” by Business Insurance in 2000.


Read More