Globalization is affecting just about every business these days. Even if a company operates only in the U.S., its customers, suppliers and traveling employees may very well be in another country. That means the laws, regulations and cultural differences in those areas are likely affecting the organization.
This increased globalization of businesses means risk managers must have more of a global focus. Managing risk on a multinational basis was one of our “Issues to Watch” for 2019, as many risk managers are looking for ideas and resources. To help us better understand the issue, we had four distinguished experts join us for our most recent Out Front Ideas with Kimberly and Mark webinar:
- Maggie Biggs, VP of insurance and risk management for VF Corporation
- Kevin Hoskinson, client executive of global risk management for Marsh
- Mary Roth, CEO of the Risk & Insurance Management Society
- David Stills, VP of global risk management for Walmart
Why It Matters
Companies with no physical presence outside the U.S. are nevertheless affected by international regulations around issues such as data privacy. For example, the General Data Protection Regulation (GDPR), a law that regulates how companies protect the personal data of citizens in the European Union, caries stiff penalties for noncompliance. Businesses must be aware of the tenets of the law and adhere to them.
Issues such as the expansion of the GDPR prompted RIMS to address the idea of globalization several years ago. With members in more than 60 countries, the organization was hearing that the risk management culture present in the U.S. was just not the same in other areas of the world.
RIMS identified the Asia Pacific region as the area where it could truly make an impact by bringing in its resources. After surveying its members, the organization set up advisory groups that include people in risk management in the affected markets and is building programs there.
Setting up a risk management program in another part of the world depends on several factors, such as the country and its laws and regulations and the organization. While centralized and decentralized are the two basic models, many companies instead have a hybrid.
A totally centralized model means all decisions are made at the corporate office. These decisions could include factors like the risks to retain in addition to which brokers and other partners to use. The other extreme is all decisions made within each country. Going completely one way or the other may be a mistake. Instead, our panelists said the process should be fluid and allow for changes in leadership.
See also: Why Risk Management Is a Leadership Issue
A centralized decision-making model may be more balanced and less expensive. On the other hand, local regulations can complicate things.
Communication barriers can also present problems, as one panelist explained. A simple question from a team member in Asia would not reach her desk for 12 hours; then it would go to the broker team and others. It could take a week before there was an answer.
Program enhancements to address such hurdles that our panelists have tried include consolidating broker relationships into a single hub and ensuring the broker has local input to help place insurance with capable companies that meet the business’ needs.
An important consideration in a program’s structure is premium allocations. Regulators and taxing authorities are finding that premium taxes can be a new revenue source. Regulatory officials are looking at what a company has in terms of exposures and requiring the business to justify that the premium is commensurate with the risk.
For example, one panelist noted a situation with a client who sustained a large property loss in France but had not allocated any premiums specifically to that country. While the insurer was happy to pay the claim, it was difficult to determine whether shifting the money paid in the U.S. to a local French subsidiary constituted income or a gift, both of which were taxable.
The issue can be complicated and expensive. Businesses should at least have an idea of how they might handle such a situation.
Addressing cultural differences is one of the most important things a risk manager can do, our panelists said. It’s critical to understand these differences and learn how to work within various cultures. For example, employees in some Asian countries may feel embarrassed or even ashamed to admit, let alone report, their injuries. Implementing safety strategies and incident reporting processes would need to be done in a way that respects that cultural difference.
The typical challenges encountered by any business are that much more complicated because of language barriers, time differences, regulatory disparities and cultural variances. The key to overcoming these hurdles is solid communication and strong relationships with the company’s international partners.
It is important to dispel the idea that the world revolves around the U.S. and how we do things here. That perception creates obstacles for businesses trying to work effectively in other countries. The theme of “Think globally, act locally” was endorsed by several of our panelists. It means adapting to local nuances and practices. Risk tolerance levels, for example, may be different in another country. Instead of dictating how things should work, it is better to get local input.
There are also different applications of law in other countries. Negligence or leases, for example, may not have the same elements as in the U.S. It behooves a company to discover the local laws and how they are applied.
Something as simple as communicating with international partners can be complex. Instead of email, for example, WhatsApp or WeChat may be the more popular mode of messaging.
Risk Management Differences
Companies need to be aware of risk management differences in countries outside of the U.S. Our speakers outlined several examples:
- Court system differences. There may or may not be a jury system. The class action mechanism may not be available in certain countries, creating a difficult environment for mass claims. The speed of the legal system may be incredibly slow, compared with the U.S.
- Adequacy of damages. Other countries have different perspectives on what is considered adequate. Some jurisdictions lean toward inflated awards that make no sense to us. Or, a company might not need the level of general liability coverage, for example, that it would need in the U.S.
- Deductible levels. In some countries, there is a strong preference to have first-dollar insurance. While that may not seem cost-effective, teams in some countries are responsible for their own profits and losses and can be severely affected by a large hit. In some cases, international policies for general liability will have zero-dollar deductibles, while other lines – such as property/casualty and directors and officers liability – have large deductibles globally.
Risk managers are used to reviewing contracts to ensure their company is protected from risks associated with a business arrangement. However, internationally there is a tendency to deal with those risks on a business basis rather than through insurance. Because of this, there may not be adequate insurance in place to cover risks.
As an example, consider a manufacturer and supplier in China that does not buy the product liability coverage limits typically seen in U.S. contracts, but the part it makes is entering the U.S. market. There are situations where there was a large loss on a product in the U.S., and it basically shut down the Chinese company because the insurance coverage was inadequate.
Political risk and supply chain are two issues that can have a significant impact on global risk management programs. U.S./China relations of late have generated the risk of tariffs on Chinese-made products imported into the U.S. Likewise, there can be a backlash on U.S. brands sold elsewhere.
A regulatory change could spark political unrest that causes damage or looting to a business. There is also the risk of local governments confiscating properly.
See also: How to Improve ‘Model Risk Management’
A political uprising or natural disaster could devastate a company. The panel advised businesses to consider, for example, whether remote operations are warranted, or whether backup stock of products is necessary.
Supply chain challenges related to theft can be a major concern for multinational companies, especially products traveling through Mexico and South America. There’s also potential risk to the security of the people moving the products.
Monitoring the political climate of other countries, and lobbying where possible, is invaluable. Some companies do an annual deep dive evaluation of the risks in specific countries. While it may not be possible to manage all the risks, understanding what is happening can go a long way to protecting property and people.
Organizations looking for help to better understand and address global risk management issues can turn to RIMS for help. Since the organization embarked on its globalization efforts several years ago, it has developed a plethora of resources for risk managers. Under the Community section of the RIMS web page, you will find all their global resources. The link is HERE.
To listen to the full Out Front Ideas webinar on Globalization of Risk Management, please click HERE.