Tag Archives: risk management

3 Key Themes for Check-ins With Clients

An agency partner in Ohio recently submitted a California-based residential plumbing contractor for underwriting consideration, needing expedited review to avoid project delays. Using virtual tools, a Nationwide loss control services expert in Texas quickly contacted the contractor in California for a virtual survey and jobsite assessment, helping us accurately price the account while also providing valuable risk management expertise from his extensive experience working with residential plumbing contractors.

Just two years ago, this scenario might have posed a challenge for many carriers as they tried to accurately understand and price the risks, but in today’s age of historic digital adoption, it was an opportunity to showcase Nationwide’s tech-driven, customer-focused protection, which allowed us to put the right associate on the right risk.

Today’s business owners are working hard to continue serving customers while navigating extended supply chain disruptions and labor shortages. When it comes to insurance, they need their carrier and agent to work just as hard for them to prepare and protect their business for risks that lie ahead.

Nationwide’s latest Agency Forward survey found many business owners are missing openings to use risk management planning to help defend their business from costly disruptions and accidents – presenting an opportunity for agents and carriers to advise commercial clients about the importance of understanding and mitigating their business’s risks and the considerable impacts these efforts can have on their company’s bottom line. 

The business owner survey revealed three key themes for agents to consider as they prepare for annual check-ins with clients: 

  1. Business owners want easy claims processes and industry expertise from their agents and carriers.
  2. Risk management planning can help prevent costly disruptions or claims.
  3. Agents can help clients mitigate risk and navigate claims.

Speed, ease and industry expertise top business owner needs when filing a claim

Eighty-five percent of the anonymous business owners surveyed who filed a claim in the past 12 months report being satisfied with their experience, yet some owners still struggle with navigating the claims process with their carriers. In fact, a quarter were dissatisfied with their claims experience, saying it was difficult (25%) or slow (24%), while another one in five say it was challenging to track the progress of their claim (22%) or that their insurance agent wasn’t helpful (21%). 

Carriers who lean into quick claims handling when possible, clear communication and strong industry-specific expertise in claims can deliver a smoother experience for business owners, giving them confidence they’ll be back up and running quickly. 

Nationwide has reduced average claim cycle times for business owners with easy filing online or by phone, digital payments and dedicated claims experts with deep knowledge in clients’ industries and the challenges they face. Customers also have access to solutions like the Nurse Triage Hotline to get qualified medical professional advice after an accident to help determine an effective course of action. 

See also: 5 Ways AI Helps on Client Service

Risk management planning can help prevent costly disruptions or claims

Across the board, business owners believe risk management plays a significant role in protecting their business, employees and customers. However, owners’ risk management actions greatly differ based on their business’ size.

More than a quarter (27%) of small business owners say they have no risk management practices in place at all for their company, compared with just 4% of middle market business owners who don’t have practices in place to mitigate risk. 

Further, middle market business owners are much more likely than their small business owner counterparts to be using carrier-offered risk management services. Business owners report using in-person/on-site services, safety program development and review and online resources most often. Just four in 10 middle market business owners, and about a quarter or less of small business owners, say they leverage digital risk management tools or virtual/teleconference services. 

As business owners reconsider the locations of their offices and how they will be doing business in the future, in-person or virtual safety resources such as Nationwide’s virtual risk management consultations offer industry experts to review client programs, identify potential risks and provide solutions to keep their businesses running smoothly – no matter where they’re located or how they’re doing business.

See also: What About Clients Who Don’t See Well?

Agents can help business owners mitigate risk and navigate claims

The survey found agents have opportunities to help clients better understand how adequate business planning and risk management programs can bolster their company’s performance, workforce retention and preparation for coming challenges. 

With a lot at stake, here are three key points for agents to emphasize with commercial clients leading into 2022: 

  1. Timely claims reporting is critical to getting your company back to work quickly. On average, commercial lines claims are reported 20 days after the event of loss, adding as much as 15% to the life cycle of a claim. 
  2. Many business disruptions are preventable. Taking time to ensure proper housekeeping, maintenance and business continuity planning is in place can reduce costly disturbances and decrease recovery time.  
  3. With the average cost of a fleet accident at approximately $70,000 and auto accidents being the leading cause of work-related fatalities in the U.S., for many organizations their fleet operations pose their greatest liability and workers’ compensation risk. It is important that organizations establish a formal fleet safety program to protect employees and reduce accident risk. 

Agents who are able to deliver this counsel in the moment, while understanding the carrier-supplied solutions to benefit their clients, can open doors to deeper relationships and smoother experiences for clients leading into the year ahead.

Creating a Process for Corporate Resilience

Typically, about 80% of small businesses in Canada will survive the first three years, but only half of the 100,000 new businesses that open their doors annually will still be around eight years later.

Consider the following statistics:

  • Canadian businesses lost $30.4 million to fraud in 2017.
  • 29% of cyber breach victims in 2019 were medium-sized businesses, while 18% were small businesses.
  • Almost one-third of small businesses fear they won’t survive 2021.

No matter their age, many organizations will struggle to survive this year. Whether an organization remains afloat or not depends on how resilient they are and how capable they are to prepare for, respond to and adapt to disruptive events.

In this pursuit, an organization needs to leverage all of the financial, technical and human resources at its disposal. It will need to develop skills and competencies in an efficient, flexible manner to manage the risks and challenges it faces.

While there is no single strategy or solution to make an organization resilient, an organization can enhance its resilience by:

  • Strengthening individual management disciplines of the organization that manage risk and doing so in an integrated and coordinated manner.
  • Building a culture that ensures the organization behaves in a healthy manner.
  • Increasing its adaptive capacity and ability to manage change.

The resilient company or organization uses its financial, technical and social resources to:

  • Develop long-term skills and competencies
  • Deploy resources in an efficient, reliable and flexible manner
  • Manage challenges and exploit opportunities

See also: Navigating the Future of Risk Management

Five Aspects of Risk Management

Strong risk management practices are an important aspect of resilience. Though risk management can be challenging, the importance of building a solid foundation and program to protect your people, property and profitability is vital. Enterprise security risk management (ESRM) is a strategic, all-hazards approach that provides a framework to identify, evaluate and mitigate threats to an organization’s resilience.

A comprehensive and effective risk management program incorporates the following elements and associated capabilities:

  1. Emergency Action Planning: Emergency action plans are intended to protect people and property and prevent further harm during an emergency. As defined by OSHA, an EAP facilitates and organizes employer and employee actions during workplace emergencies. When there are well-developed emergency plans and employees are trained properly, there are fewer and less severe injuries and less structural damage to property. Conversely, poorly designed plans and poor training leads to disorganized evacuation and emergency response, which could lead to avoidable injuries and property damage.
  2. Crisis Risk Management: When a crisis hits, a resilient organization will bounce back or even pivot, if necessary. Crisis risk management includes an organization’s ability to coordinate an effective response to protect people, operations, profitability and reputation. Planning may require gathering resources for outside support and partnerships to manage the issues, as well as a careful consideration of the vulnerabilities inside the organization.
  3. Business Continuity: Business continuity plans help keep a resilient organization operational. Key to this are processes that ensure critical activities keep going during a crisis. A formal written plan notifies team members of their responsibilities and allows them to take charge when the time comes, especially if they have already practiced those tasks during drills and exercises.
  4. Fraud Risk Management: Theft and fraud are two of the most complex risks to your organization. Indeed, they can be so costly that they threaten even the most resilient organizations. While external and insider threats are posing new and heightened risks, regulations and public scrutiny are demanding greater responsibility. Now, more than ever, organizations are looking for ways to manage the risk of fraud, especially within the ESRM context and in a way that takes industry-specific considerations into account.
  5. Cyber Security: Developing a resilient organization means taking into account even newer and ever-evolving risks like cyber security. In fact, cyber security may be one of the least understood areas of the risk picture. Adequately managing cyber risk does not require all participants and stakeholders to be technical subject matter experts. However, it does require comprehensive awareness of cyber risk issues and strategic and appropriate mitigation efforts, especially vendor risk management and privacy laws.

Risk management can be daunting for those at the very beginning, but planning and preparing for all areas of risk is vital to an organization’s survival today.

Navigating the Future of Risk Management

The pandemic and the economy are presenting various challenges for risk management teams across the nation, including difficulties within the insurance marketplace, emerging risks and the challenges associated with changing business operations. 

The recent virtual conference, Elevate, presented by Out Front Ideas with Kimberly and Mark, hosted a panel of risk management professionals discussing the array of issues they face. Guests were:

  • Melora Copeland – director of insurance, Compass Group USA
  • Kelly Oyler – senior director, insurance risk, Walgreens Boot Alliance
  • Jane Sandler – vice president, global Risk management, McKesson
  • Dawn Watkins – director, integrated disability management, LAUSD

Risk Transfer Programs and Renewals

The Los Angeles Unified School District is largely self-insured and represents the second-largest school district in the nation. LAUSD faced challenges before the pandemic began, with most of its students below the poverty line. For some students, the lunch they received during their school day might be their only meal of the day, creating a crisis when schools were shut down over the pandemic. LAUSD launched a feeding program, offering a meal to anyone in need, providing over 100 million meals in the process. Other parts of their program have provided school supplies, diapers and COVID-19 testing and vaccinations.

Mirroring most employers, LAUSD has been inundated with requests for reasonable accommodations for a disability, extended remote work opportunities and vaccine policies. However, the reduction of silos and encouragement of departmental integration helped address these requests, providing more timely resolutions. Their workers’ compensation program has also adapted quickly through telehealth, outreach to injured workers and increased efforts to resolve claims through settlements. 

Compass Group, a leading food and hospitality company, has felt the effects of the hard market on its insurance program while paying particular attention to cyber during this renewal season. Its strong relationships with technology partners and carriers have proved vital. Articulating to its brokers how it has specifically invested in technology has also been important during renewals.

Everyone is affected during a cyber event, and handling a breach correctly and communicating across your enterprise can make all the difference. You also want to get ahead of your renewal and make sure that you are not overbuying, as hard market trends will likely continue across 2022.

As a leading provider and distributor of products and services to the healthcare industry, McKesson has seen much of the same with a challenging market after 14 consecutive quarters of pricing increases. Successful management of various implications has come down to strengthening relationships and avoiding silos. It has partnered with brokers and carriers and invested in tools to manage the total cost of risks. Not expecting the return of a soft market anytime soon, it has focused on better positioning its risk management program, including:

  1. Network use – Work with your risk managers, rely on your market relationships and have various options to maximize your coverage.
  2. Analytics use – Using a risk finance optimization study can help visualize a risk profile and draw insight into the pricing for your particular risk. It can also help frame internal dialogue around limits, deductibles and self-insured layers. McKesson employs captives and has grown them through building out a portfolio of products that strengthen its ability to support the business, including funding high deductibles, quarter share layers with insurers and taking in its own layers where pricing was not right.
  3. Loss-control, risk-mitigation investments – These should be included in the overall strategy; risk managers must understand in detail how they can support the company’s critical mission.

Walgreens credits its successful program in part to its relationships with underwriters within its carriers. While price is certainly important during renewal season, trust in partnerships can provide an incredible impact. Analytics also play an important role in driving conversations with senior executives to uncover their views on risk appetite and ensure strategies are aligned when developing a program. 

See also: The Woes of Absence Management

Impacts of Social Inflation

Non-economic factors affecting premiums, like increased litigation and higher jury verdicts, can be associated with anti-corporate sentiments and racial inequity movements. This phenomenon is often referred to as social inflation. While insurance premiums continue to rise, there are a few ways to offset some of the losses due to social inflation:

  1. Safety and loss prevention – Technology can help determine the cause of accidents, thus handling claims accordingly and ultimately avoiding litigation. Training to prevent accidents can also help.
  2. Claims handling – Some general liability claims can be resolved through early settlements. Typically, leaving these claims to a jury results in a worse outcome. 
  3. Diversity, equity and inclusion initiatives – Embracing the community can help you understand the mindset of individuals, including clients and employees, and builds a better foundation. Hiring minority-owned law firms can also provide a different perspective that your organization may not have seen before.

Workers’ Compensation Programs

First and foremost, your workers’ compensation program should be worker-centric. It is a major tenet of managing risk within your program. Connect with injured workers early and often and advocate for your employees so they have a contact in the event of a claim. Successful programs also include a strong focus on medical management and holistic care for the individual and on ensuring individual business locations are not paying to bring an injured worker back to work. 

Using specialists, physical therapists and rehabilitation facilities can help get an injured worker back to work and potentially settle a claim. Settling those lifetime claims can prevent a high-dollar event from occurring. Presumptions are also changing what occupations have compensable claims, particularly involving COVID-19. The best way to manage claims cost, though, is to understand the data behind your program. Understand what departments are driving the losses and why.

View the archived recording of this session here.

AI and the Risk Management Pro

As the adoption of artificial intelligence (AI) continues at pace across industries, there is increasing awareness of the risks it can pose. Recent high-profile examples have highlighted the risk of unjust bias regarding race and gender, such as those found in some law enforcement or recruitment algorithms. Other examples have highlighted the reputational risk from poorly communicated AI use cases, such as an online insurer’s recent claims of using facial emotion recognition to detect fraud. Perhaps most damagingly, AI models seem to have failed to meet expectations when it comes to mitigating one of humanity’s biggest challenges, the COVID-19 epidemic. 

Not surprisingly, regulators have become increasingly vocal. Earlier this year, the European Commission published a draft of its proposed AI law, which prohibits certain uses of AI and defines several other high-risk AI use cases. The Cyberspace Administration of China has just proposed far-reaching rules on the use of algorithmic recommendation engines, including a requirement to ensure gig workers are not mistreated by AI “work schedulers.” In the U.S., federal banking regulators completed a comprehensive industry consultation exercise around AI risks in the sector earlier this year. The Securities and Exchange Commission has recently initiated a similar consultation on the use of behavioral algorithms and other digital engagement practices in retail investment (brokerage) platforms. And in April, the Federal Trade Commission warned companies to “hold yourself accountable – or be ready for the FTC to do it for you.”

Risk management professionals could claim that (a) these types of risks are highly technical and require specialist knowledge; and (b) AI/data science teams and their business stakeholders should have primary responsibility for managing them. They would be right on both counts. However, they should not underestimate their own enabling role in this space. 

Managing the risks from poor-quality AI is too important to leave purely to the specialists. Such risks must be viewed from a holistic, organization-wide perspective rather than a narrow technical lens. Risk management professionals should embrace this mandate — as a way of supporting the digital transformation of their employers but also as a means of continuing their own professional growth. 

So how can they go about it? 

First, they must invest in learning more about AI, its potential and limitations and the ways in which the latter can be addressed. Not everyone has to become a data scientist, but the ability to ask the right questions will be critical. In particular, they should keep in mind that

  • The workings of many AI models are far more opaque than traditional models. The most common type of AI algorithms (machine learning) creates models based on the data used to train them. As a result, the data scientist’s understanding of how the model actually arrives at its conclusions can be limited. This poses a challenge in convincing stakeholders – business line owners, risk and compliance teams, auditors, regulators and customers – about the algorithms’ suitability for large-scale use. 
  • AI models’ dependence on the training data can make them prone to particular weaknesses. Compared with traditional models, AI models are more likely to “overfit” or exaggerate historical trends. They may lose their predictive accuracy more easily in the face of changes in input data, such as those triggered by, for example, the pandemic. Finally, they can exacerbate existing biases present in the training data, such as biases regarding gender or race. 

Second, risk management professionals must connect the dots between these narrow data and algorithmic risks, and mainstream business risks. This requires a systematic and comprehensive mapping of AI risks to the broader risk landscape in the industry. For example, in banking, the most obvious risks related to large-scale AI use may already be covered as part of the specialist review of model risk and data risk. Model risk answers questions like, “Is the AI model reliable?” or “Is it working as intended?” Data risk answers questions like, “Is the data used to train the model accurate and representative of the target population?” or  “Is the AI model using or uncovering protected personal data elements inappropriately?” 

However, risk teams must go further and assess whether the use of AI accentuates one or more other existing risks, such as:

  • The risk of treating a customer or staff member unfairly — for example, by discriminating against certain groups when making lending or hiring decisions
  • The risk of causing market instability or collusion due to malfunctioning algorithms
  • The risk of “mis-selling” to a customer due to an algorithm that is not generating investment advice suited to the customer’s profile
  • Business continuity risk due to lack of fallback plans in case of AI failure
  • The risk of intellectual property theft or fraud due to adversarial attacks on the AI system

Third, and perhaps most importantly, risk management professionals must work with their business, data and technology colleagues to create mechanisms to manage such risks in a systematic manner. Left to themselves, individual data scientists and their business sponsors might well manage these risks in an ad hoc, case-by-case manner. Risk management professionals can help define risk appetites, standards and controls that enable such risks to be managed consistently and effectively.

See also: 3 Big Opportunities From AI and ML 

In this, they can call upon an increasing body of academic research and commercial tools to analyze AI models, explain the underlying drivers of the model outputs accurately and monitor and troubleshoot the model’s performance on a continuing basis. For example, such tools can allow organizations to: 

  • Create transparency around the key drivers of the model’s predictions/ decisions (“Why did this radiology report not flag cancer risk?”)
  • Assess any potential biases in model predictions and the root causes (“Do female applicants have a higher probability of getting short-listed for a particular job application than their male counterparts? If so, is that justified?”)
  • Monitor model and data stability over time, trigger alerts when they breach pre-defined thresholds and identify the root causes of such instability (“Is our supply chain management model causing a higher number of parts shortages this month?”)
  • Identify potential parts of the population for which the model is unreliable (“Are the model’s predictions for over-60 white collar workers based on too few data points?”)
  • Identify potential changes in data quality that may affect the predictive accuracy of the model (“Can the bank’s lending model survive the massive changes in the economy due to COVID-19?”)

***

Increased transparency and control over AI are allowing organizations to become more sophisticated about the manner in which they use AI. The ability to manage these risks effectively can become a source of competitive advantage in the future.

Perspective on the Pandemic

On March 2, the California Future of Work Commission released its final report. It includes the key findings and its recommendation for a new social compact for work and workers in California by 2030. When the commission began its work in 2019, the focus was on technological disruption of traditional employment. But, as the report notes, “The pandemic has amplified and accelerated existing trends and challenges, bringing many aspects of the future of work forward.” 

The report is must reading for all in the workers’ compensation community — even if the words “workers’ compensation” do not appear in it.

In its broadest sense, the report calls for specific steps to create a comprehensive, secure environment for workers. This environment includes material and physical security both at work and in society in general. As such, in the report’s 15 recommendations there are familiar themes of wage adequacy and, acknowledging the intervening COVID-19 pandemic, the need for a safe workplace. For example:

“Essential and front-line workers face both economic vulnerabilities and health and safety risks, and are disproportionately female and workers of color.”

“Front-line workers and workers who must be physically present to work must have support to enable them to stay home when sick, have access to appropriate protective equipment, and be ensured safe and sanitary workplaces.”

These, and the other recommendations in the report, are a catalogue of issues that have been confronting policymakers in city halls, state capitals and Washington, D.C., for the past decade. California is at the forefront of this debate, from local jurisdictions adopting hazard pay ordinances and challenging the “gig” economy, to the OSHA Standards Board implementing their COVID-19 Prevention Emergency Temporary Standard, to the many new employment-related state laws, including Assembly Bill 5 adopting the “ABC Test” for worker classification disputes. Much of what the commission identifies as a new social contract would seem to be resting on an existing – and expanding – foundation made in California.

We remain in the midst of the pandemic. While states and the federal government have eased many  restrictions on activities due to vaccinations and corresponding decreasing infection rates, the laws, regulations and executive orders emerging from this crisis create public policy issues extending well beyond reopening. One of the many challenges facing America in general, and California in particular, is defining what “normal” is to become. 

The infusion of massive amounts of public funds into businesses and to individuals makes a return to the status quo ante COVID virtually impossible. State and federal budgets contain trillions of dollars of expenditures to support economic recovery. It is unrealistic to expect individuals in low-paying essential critical infrastructure jobs to continue to participate fully in a “recovered” economy after losing supplemental paid sick leave and, in some cases, higher wages associated with working in a hazardous vocation. 

For employers and employees, the exigent circumstances that caused the creation of supplemental paid sick leave and hazard pay for essential workers should not be looked at in isolation. This is part of a bigger picture that began years ago with efforts to make a $15-per-hour minimum wage the law in all states and for the federal government and implicates the still highly unsettled world of worker classification. Yes, the long reach of the Dynamex decision extends to the post-COVID future of work. So, too, does the equally unsettled world of co-employment. And not just in California.

Whether Congress will pass the Protecting the Right to Organize (PRO) Act is certainly in doubt, at least as long as the filibuster exists in the Senate. But the president has said he will sign it if it gets to his desk. Among its many provisions is bringing the “ABC Test” of Dynamex to the entire country. 

What does this have to do with assessing the workers’ compensation long-term public policy effects of COVID-19? Quite a lot, actually. 

Policymakers cannot meet the objectives of the commission’s report, or the PRO Act, or any of  hundreds of other laws, regulations and ordinances if they reduce the discussion of workers’ compensation to a debate over what is presumed to be a work-related injury. Policymakers must identify how to integrate workers’ compensation programs into an overall commitment to worker security implicit in the commission’s work and similar endeavors across the country. While currently focused on COVID, this effort must extend well beyond the pandemic.

See also: Pandemic Reshapes Personal Lines Plans

Consider this excerpt from the pre-pandemic directive of the Obama administration, the Presidential Policy Directive — Critical Infrastructure Security and Resilience (PPD-21), released Feb. 12, 2013:

“Critical infrastructure must be secure and able to withstand and rapidly recover from all hazards. Achieving this will require integration with the national preparedness system across prevention, protection, mitigation, response and recovery.…The term ‘all hazards’ means a threat or an incident, natural or manmade, that warrants action to protect life, property, the environment and public health or safety, and to minimize disruptions of government, social or economic activities. It includes natural disasters, cyber incidents, industrial accidents, pandemics, acts of terrorism, sabotage and destructive criminal activity targeting critical infrastructure.”

For large businesses – including insurers – this process of prevention, protection, mitigation, response and recovery is the basis for enterprise risk management. For small businesses and entrepreneurs, developing a risk awareness and response program is more difficult. As COVID-19 has shown, when there is a threat to critical infrastructure, the risk to employees is not limited to the workplace. The commission report underscores that the scope of risk to workers during the pandemic is also more than to health, as employees in businesses, such as hospitality or restaurants, can attest given the high level of unemployment caused by stay-home orders and travel restrictions.

As we move forward, there needs to be a comprehensive effort to integrate the public and private institutional response to the next event placing critical infrastructure at risk. That effort involves all who will be expected to contribute to the resiliency and recovery of not only our essential critical infrastructure, but of the essential workers without whom no recovery can happen.