Tag Archives: Loren Nickel

Q&A With Google on Innovation, Risk

At first glance, innovation and risk management may seem diametrically opposed—the limitless possibilities of “what could be” being dragged down by worries about “what could go wrong.” This construct is far out of date, as leading risk managers have increasingly become vital partners in shaping their organization’s business strategy and enabling innovation. As director of business risk and insurance for one of the world’s most innovative companies, Loren Nickel of Google is charged with managing both the company’s everyday risks as well as an ever-evolving array of emerging ones. So how does he protect the company from risks in a fashion that still champions the innovation so vital to its long-term success?

Aon sat down with Nickel, the recipient of the Risk & Insurance Management Society’s 2017 Risk Manager of the Year, for a wide-ranging conversation on how he strikes the right balance between innovation and risk. He shared his insights on integrating data and analytics in risk management, enabling innovation and effectively engaging with the C-suite.

What is your philosophy of risk management?

Loren Nickel: Our approach is rooted in analytics and quantitative analysis. It helps that Google is a company full of engineers. My team likes to quantify things that people may sometimes assume can’t be quantified. This process involves many different elements of analytics, including quantitative and actuarial analysis. So we use those frameworks to set priorities and strategic direction and to make sure that our current approach supports where the company is going to be in the next few years.

Analytics helps us make the best possible decisions. I don’t think anyone could do the amount of risk management work that we’ve done without analytics. However, you do have to start from the ground up and build an analytics platform to make the changes that we’ve made to our organization. It’s about capturing information in new and different ways. With more accurate and timely information, products can evolve and improve over time.

See also: The Current State of Risk Management  

How do you position risk management to promote innovation?

Loren Nickel: We’re not the “no” team—we’re not here to tell our colleagues how not to do things. We’re trying to guide them in the best way possible to create their products. That’s really how I would want to be perceived—that we’re trying to enable innovation. Google is working on several different kinds of emerging risks, and our team is involved. Our job is to promote good behavior so that innovation can continue.

To make things better, you have to change, and that’s a constant process. If you’re just putting up barriers, you only see the result if someone tries to break through them. The problem is that you may be aware of just one out of 10 people who bumps up against these barriers; the other nine people might have given up because you’ve created too much process for them. They see the barriers and decide to focus on another area where there is less friction. It’s kind of the economics theory in the sense that all of these barriers to entry have a real influence on the company itself.

Something I always push back on with my team is prioritization. If programs aren’t extremely material to the organization, we shouldn’t set up processes that limit or restrict innovation, ability or speed. When the risk and potential damage aren’t material, these processes just serve to slow down the organization quite significantly. Our efforts are focused on making sure that we’re really adding value and not just creating process for process’ sake. We often have to test those boundaries, meaning that, if you just remove the process, what happens? If the sky doesn’t fall, then that process is probably not something you need.

How can you advise the C-suite more effectively?

Loren Nickel: With my [risk management] team, we focus on translating technical information in a way that makes it very palatable to the C-suite. Packaging analysis for senior leaders is a very different challenge, and it’s critical to do so in a way that’s theoretically correct and gives the right answer.

Building credibility and working to help senior leaders understand what is really critical to the business is a constant process. To establish credibility, you need to have knowledge and experience and be able to communicate that expertise in a nontechnical way. This task certainly sounds easy, but it is difficult. You often have to work internally on projects that maybe aren’t really risk-related, but someone needs your help. You do that to build credibility. Over time, as people gain a greater understanding of the value we deliver, they will seek out our opinions on different issues.

It’s also important for our team to take a longer-term view of risk. When a team seeks our guidance, we’re typically closer to laws and regulations so we can direct them in the best way possible. Often, regulations are unclear or evolving. Take self-driving cars: Clearly, regulations will change over time, and it’s important for us to work with our internal teams around those issues.

See also: 4 Steps to Integrate Risk Management  

What fuels your passion for risk management?

Loren Nickel: I believe that we are enabling changes in technology and in the world. For us the passion is basically enabling all of those technologies to happen more quickly and in a safer way. And the impact from a company like Google is just earth-shattering in terms of its magnitude. I think our team makes a disproportionate contribution compared with some other companies or places, just based on the size and scale of the organization and the amount of innovative work that’s coming out of the company.

Thought Leader in Action: At Starbucks

From the You Can’t Make This Stuff Up Department: Steve Legg took an important step on his path to becoming the director of risk management of Starbucks to avoid having what looked like a bad pun on his business card. He had earned his Associate in Risk Management designation, but that meant his name appeared as Legg-ARM. So, he says, he went on to earn his Chartered Property & Casualty Underwriter (CPCU) designation, because it is listed before ARM. His card now (safely) reads “Steve Legg, CPCU, ARM.”

But I’m jumping into the middle of the story, in this second in our series of Thought Leaders in Action. (The first, with Loren Nickel, director of risk management at Google, is here.)

To begin at the beginning, I’ll provide a summary of Legg’s background, then follow with the story of how he earned his prestigious position, some detail on Starbucks and how it manages risk and some insights from Legg for other risk managers.

legg
Steve Legg

His bio

Legg, who is 46 years old, has been at the Starbucks headquarters in Seattle since June 1997. His responsibilities include global corporate property and casualty insurance and risk financing for the company. Legg reports to the treasurer of Starbucks and heads a risk management team of 13 professionals, with two-thirds involved in claims management and the balance working in risk financing and risk transfer, its risk management information system (RMIS) , internal reporting and captive management. Starbucks has 22,519 stores in 66 countries, with a targeted growth rate of 1,650 net new stores during this fiscal year. Starbucks, the name inspired by Herman Melville’s novel Moby Dick, has one of the most recognized logos in the world. Its mission statement, developed by its founder Howard Schultz, is “to inspire and nurture the human spirit one person, one cup and one neighborhood at a time.”

Before joining Starbucks, Legg worked as an independent insurance broker, as well as in a claims capacity for Crawford & Co. Legg served on the board of the Washington state chapter of the Risk & Insurance Management Society (RIMS) for seven years, serving as president of the chapter during the 2005-2006 year. He has been an active participant within National RIMS and has served as a speaker to other insurance industry groups, such as the CPCU Society, the Professional Liability Underwriting Society (PLUS) and the Marine Insurance Association of Seattle. He has a degree in political economy of industrial societies from the University of California at Berkeley.

His story

Legg grew up in Kirkland, WA, on the east side of Lake Washington. Nicknamed “the little city that could,” Kirkland is the former headquarters for the Seattle Seahawks and Costco. Kirkland Signature is still Costco’s store brand.

“I grew up interested in a lot of different things, but I wouldn’t say with any degree of certainty that I knew what I wanted to do for a living,” Legg said. “I was intrigued with going somewhere else to study, so I attended UC Berkeley. I was interested in crisis management, and I just happened to be at Cal when the 6.9 Loma Prieta earthquake [1989] and devastating Oakland Hills firestorm [1991] hit. From those experiences, I thought I might pursue law school.

“As things turned out, my first job was back in Washington state working as a claims adjuster for the branch manager of Crawford & Co., hired by our mutual friend and industry colleague Katrina Zitnik, who was later director of workers’ comp for Costco, 2001-2013. We handled the huge Boeing workers’ comp self-insured account. There were around 100 employees in that office alone. My specialty was working with chemical-related claims, which was really fascinating, before I moved over to liability claims. By my second year there, I started to really understand what risk management was all about.”

From that experience, Legg went on to achieve his ARM designation. “It may sound corny, but I didn’t like the way it looked on my business card as Legg-ARM, so I went on to pursue my CPCU,” Legg said.

“With that formal insurance education, I went to work for a regional insurance brokerage in Kirkland where I learned a lot about insurance and other facets of risk management.” Legg said: “I came to this realization that I didn’t want to handle claims or broker insurance. I wanted to be on the buyer’s side of all this – tending to insurance and a whole lot of other things.”

In 1997, Legg was hired by his predecessor at Starbucks, which had gone public in 1992. At the time he joined Starbucks, the company had about 1,000 stores in the U.S. and Canada and just a few new locations in Japan. Legg describes his experience at that time in risk management as more of a buyer of insurance, but his job responsibilities quickly deepened and expanded with the global spread of Starbucks. He assumed the director of risk management position in 2006 when his boss and mentor retired and became active in the management of Starbucks’ Vermont captive.

The evolving company

Legg explained that the organizational structure is set up based on three key global regions: (1) the Americas; (2) EMEA, which is Europe, Middle East and Africa; and (3) CAP, which is China, Asia Pacific. “Our biggest push is in the CAP region, especially China, which presents a lot of opportunity,” he said. Although that region has a tea-drinking tradition, Legg pointed out that Starbucks owns the tea company Tazo and more recently bought Teavana and its 300-plus stores, providing a high-end, specialty tea product that has become popular at Starbucks locations. He said Starbucks’ specialty coffee and expresso beverages have also become very popular in tea-drinking cultures.

Starbucks has also expanded its offerings in premium pastries (it bought La Boulange), food and merchandise offerings, and it recently began providing beer and wine in selected areas of the country. “Evenings at Starbucks had been under-utilized,” Legg said, “so with the rollout of beer and wine we’re able to serve additional patrons.”

How Starbucks manages risk

Serving 66 countries with various laws and customs, Starbucks has a global quality assurance organization work with business units that are immersed in foreign locations. “Risk management and legal principles are practiced with our people that understand and are sensitive to local government, culture, customs and laws,” Legg said. “Starbucks wants to provide appropriate food and beverages, and we have a global safety security organization, as well, that makes sure that we are tending to the different types of risks these different and diverse cultures hold. Safety and security are fundamental components in the initial and on-going training of our partners.”

When asked about the challenge of identifying, evaluating and treating risk in far-flung global operations, Legg noted that there is a common thread regardless of demographics that relates to keeping stores well-managed, clean, secure and hazard-free. He added that a global design team works with individual markets to address issues that mitigate any unusual risk factors, which could include something as simple as adjusting counter and stool height. Store components are designed to provide for each locale’s needs while Starbucks maintains the quality and consistency that its customers expect.

As for dealing with its insurance and reinsurance markets, Legg noted that Starbucks collects a significant amount of data on all of its locations to enable its internal team and underwriters to have the geographic information they need for modeling. North American operations are mostly self-insured via large retentions and deductibles; Legg points out that first-dollar and low-deductible insurance policies are far more common, accessible and prevalent in other parts of the world. Compulsory insurance requirements differ across jurisdictions — in many parts of the world, for instance, workers’ compensation as we know it is not available, and injuries or illnesses among employees (which Starbucks calls “partners”) are addressed in different ways.

“Regardless of the transfer or retention of risk, Starbucks feels that no one could ever care as much about our partners and our brand as we do,” Legg said. He added, “We inspire and nurture our partners and customers… through providing good products, friendly service and by contributing to our communities. It’s an important part of our culture and what makes this brand so strong.”

All eligible full- and part-time Starbucks employees receive comprehensive health coverage and equity in their company, referred to as “bean stock.” In turn, employees typically volunteer more than one million hours each year in helping their local communities. Starbucks has also set up agronomy offices in different countries around the world to help origin farmers to better manage their crops and businesses. “It’s really important all up and down the chain from the front-line stores to the source of the company’s most precious commodity to have a seamless connection,” Legg said.

His suggestions

I asked Legg what coaching suggestions he has for people entering the field of risk management.

He said, “I think to be successful in risk management that it helps to have a good understanding of a number of different disciplines like accounting, finance, law, etc. Most importantly, you need to have the ability to think critically through things to make good decisions and to then have the ability to communicate well and to influence others. Knowledge without good communication skills won’t equip you for this career.

“I find myself guiding and teaching other people in the organization every day, helping them develop their own risk assessment philosophy in what they do day in and day out. We in risk management can’t be there all the time, so our job is to train others throughout the organization to make good, sound risk management decisions.

“Be open-minded and flexible. Risk management staff needs to identify and admit their mistakes, correct things and be able to change course as needed.”

Legg added with a laugh, “You think you know in detail how things are, then you find out you really don’t know how things are.”

Thought Leader in Action: At Google

Loren Nickel, who has a major role in our profession as the director of business risk and insurance at Google, got his start without even doing a job interview.

That story begins when his mother researched careers and suggested that in college he study to become an actuary. Nickel pursued statistics and actuarial science at the University of California, Santa Barbara (UCSB), and became president of the Actuary Club – with its maybe 10 members, he says.

He wanted to build interest, partly to get more prospective employers to come to UCSB, so he decided to set up a website – this was in 1994 and 1995, before Netscape exploded on the scene through its initial public offering and introduced the Internet to the public consciousness. Nickel wrote the software for the website himself and paid $35 of his own money to get the UC system to host the site. He then used his e-mail address to answer questions from students and others about the actuary program at UCSB.

The word got out, at least to one UCSB alumnus who played an important role in Nickel’s career. John Alltop, who was in charge of the actuarial services division of Fireman’s Fund, asked Nickel if he knew of anyone who would be interested in an internship. Nickel raised his hand. Alltop, who is now president of Actuarial & Risk Management at Bickmore Risk Services, asked him to visit. At his own expense, Nickel drove 365 miles up the coast to Novato, north of San Francisco, and paid for a night in a hotel. He says that the second he walked in the door he was given the internship even though “I told them I hadn’t even done anything for them yet.” Shortly thereafter, Fireman’s Fund hired Nickel full-time.

He worked on various national accounts, and Fireman’s Fund rotated Nickel every 18 to 24 months to different operating divisions, ranging from workers’ comp and property risks to general liability, enabling him to learn different facets of the insurance business. Nickel learned the “big picture” by seeing how Fireman’s Fund used the actuarial component in its underwriting of client risks. Then he became the underwriting manager.

In that capacity, Nickel was able to work with brokers and sales teams to see how actuarial projections fit in. He developed his communication, sales and people skills. That experience launched Nickel into his next career move, working for AON, a leading brokerage firm. This included an assignment in London to work with the operational risk team, designated as a center of expertise. Returning to the U.S., Nickel led AON’s actuarial division in the Western region, which included providing actuarial consulting services for Google for nearly three years.

He joined Google in the spring of 2015. Nickel, who is 41 years old, lives in Marin County, north of San Francisco, so he commutes perhaps an hour and a half each way on one of the famous Google buses, to his office a few minutes from headquarters well down the peninsula in Mountain View. The bus is comfortable enough and the Wi-Fi so good that the ride is basically an extension of his office.

Nickel says his consulting experience at AON is a good fit at Google, where his risk management responsibilities could be best described as “advisory work.” He works in consultation with various Google teams to help keep them more informed and able to make better decisions from a risk viewpoint. Perhaps the biggest change is that he’s now on the buyer’s side of transactions. This, of course, includes multiple brokers and insurers.

Google’s stated mission is to organize the world’s data and make it usable by everyone on the globe, and all new products or services relate to that vision, but Google’s renowned “moonshot program” searches for disruptive innovations – which, by changing how people do things, can change the nature of risk. Google has fewer boundaries than most business ventures, to stimulate innovative thinking, so a traditional risk management program, with all of its financial constraints, doesn’t fit the Google model of business development. (Nickel is quick to point out that Google does employ a vast number of risk management best practices to protect its employees, property, users and the general public.)

Nickel leads a risk management team of four direct reports, with an additional five Googlers who work within the risk management structure. He says Google is much less about the function where someone works (i.e., risk management) than about the right mix of individual skills. For instance, on his team, some have an insurance background while others have skills in legal, actuarial science, project management, accounting, etc. “It’s a very different mix of personnel than what you would find in a traditional corporate risk management department,” Nickel says.

Asked how he gets in tune with and integrates risk management concepts with Google’s diverse divisions around the world, he says that making strong relationships is No. 1 – knowing the right people. This ensures that Googlers are aware of the advisory and outreach team in risk management. Risk management does not serve as a policing authority but serves more as an information source. Other corporate teams, such as legal, partner with risk management as issues arise. Responsibilities are clearly assigned and managed exclusively by organizational silos, as in most organizations. Nickel says everyone is very receptive about the information that the risk management team shares – in previous jobs, he often saw posturing.

Nickel says a guiding principle at Google is that “Googlers take care of other Googlers,” so risk management is in the culture, and safety is paramount. Even the food choices are healthy. Google provides its more than 60,000 Googlers with free, very nutritional and delicious food and snacks as well as a wide variety of campus features that promote health and well-being. Google even provides onsite medical providers at its larger locations. Without sharing statistics, Nickel makes it clear that Google has “phenomenal” workers’ comp claim experience that is far better than companies of its size. He added that Googlers feel respected and appreciate how well they are treated.

Asked if Google has any official opinion about the ownership or operation of driverless cars, where its pioneering work has sparked extraordinary interest, he said the risk department does not provide opinions on the products that Google creates. He did say the department is focused on making any new Google technology safer, getting it to market faster and winning support from regulators. “We do not determine how autonomous vehicles are used,” he says. “Instead, the goal is to facilitate the creation of great technology that could improve the world.”

When asked what advice he would give to newcomers in risk management, Nickel suggests that they try to experience different roles from different perspectives – from both the insurance and user sides — with respect to the implications of risk in organizations.

“These diverse experiences provide a deeper context to the bigger picture of risk,” Loren says. “Risk managers have to have more than one style, approach or understanding of risk to truly be impactful.”

From an educational standpoint, Loren adds that a “good grounding and understanding of mathematics and statistics is extremely helpful….For me, risk management success is much less a factor of knowledge than it is to gain perspective and practical experience. You need to learn to take nebulous concepts and to organize information that can be put into a plan that other people can understand and act upon.”