Getting a big-picture view of risk

With complex global companies operating tortuously long supply chains featuring suppliers and sub-contractors spread across a world that seems increasingly unstable, it’s essential to ensure that everyone in the network is feeding into a formal risk strategy - and this is where risk engineering comes into its own.

Risk engineering is about establishing clarity - taking the global view and turning technical data into terms that can be easily understood by everyone in the business, even non-specialists. It’s a process of listening, intelligence gathering, technical analysis and planning.

“We have found risk engineering to be a helpful way to get a clear view of the risks and threats we are exposed to and then to adapt and reduce consequences,” says Patrick Leroy, risk manager at French firm Roquette and head of casualty group at AMRAE, the French risk managers association.

“If necessary, it can also help you take informed action against a risk and seek protection. In fact, I would say insurance is not the real solution to risk. The first solution is risk engineering.

Looking at specific risks
“If you only have insurance and not a proper understanding of your suppliers and supply chain through risk engineering, you can’t have a clear view of your business and cannot understand its exposure properly. You can’t protect yourself.”

Once, engineering departments used systematic tools to assess their maximum possible losses, for example, those linked to property damage. But with risk engineering, companies are able to look at specific risks - such as their exposures to Asian markets or liabilities in Brazil - and understand these risks in totality, taking in not only, for example, property damage and labour disputes, but also how these could affect other aspects of the business, such as brand and reputation, or environmental issues.

Roquette is a manufacturer of starch and starch-derived products, as well as a world leader in polyols, commonly used as low-calorie food sweeteners. With such an extensive global operation, Leroy believes that risk engineering is “the only way for us to approach risk”.

Third party advantages
To do this the group contracts out the risk engineering process to French global insurance group AXA, whose risk consultancy division delivers prevention processes for everything from property to casualty, liability, occupational health and safety and other aspects.

Finding a third party to mesh with its own risk management function has advantages for Roquette.

Leroy says: “When undertaking risk engineering it is essential to get an outside consultant such as AXA. This is the only way that you can guarantee to get a clear view of your business.

“It’s also critical that this consultant has a truly global view and can understand how operations are undertaken around the world and how the business environment varies from country to country.”

Typically, external risk engineering consultants work with existing risk management teams, either at a single HQ or across global locations, employing a cyclical process of data collection, analysis advice and communication. This is provided as an advice-only service.

“For example, when we look at our properties, AXA risk engineering doesn’t just look at a single issue, say, fire risk, and develop the strategies needed to mitigate that,” says Patrick.

“It looks at the big picture - not only the physical things, the sprinklers and fire-proof partition walls, but also associated issues of product safety and our liabilities to clients. It takes in all aspects of the business.”

With many risk engineering consultants offering services, it is essential to chose the best one for your business.

For example, when looking for a consultant it is important to find one that can demonstrate it has the sophisticated technical tools necessary for data collection and analysis, but also the project leadership and communication skills to make sense of it all.

A consultant should be abreast of all major international industrial standards and requirements as only then can they advise on local business culture and industrial climate.

Communicating strategy
Good consultants will become facilitators, using expert data collection and analysis to get abreast of operations, and then present this in a way that communicates risk strategy to the external insurance marketplace and senior management in a clear and concise manner.

Leroy says: “One of the most valuable aspects of risk engineering is that it can translate technical issues into financial terms.

“This is essential if risk is to be understood at the corporate level and outside the confines of specific areas of the business. This financial approach is important when communicating risk priorities across the management structure and allows the board to get a clear sense of risk.”

All of which is becoming of increasing importance as, from the Japanese Tsunami to Superstorm Sandy, all business are learning just how extensively they are exposed.

Adapting to change
Leroy says: “There have been a lot of changes in recent years. Natural disaster events are occurring with greater frequency and their impact has become more extensive.”

Around the world the insurance industry has been working to adapt to this new normal, and as a consequence there has been a lot of work to establish probability as a basis for insurance.

“In part this is due to the maturity of the market and the liabilities environment,” Leroy says. “But it also reflects the complexity of supply chains and how exposed companies can be to disasters on the other side of the world.

“When looking at your supply chain it can be hard to identify exactly how that exposure manifests itself, but risk engineering provides an excellent way of working through suppliers and contractors from producers to logistics.”

Better understanding
Risk engineering is another reflection of this adaptation to the new normal and it has arisen in tandem with changes in the insurance industry. “More and more companies are using risk engineering,” Leroy says.

“Through it they are gaining a more rounded understanding of their business and bringing the complexities of the modern world into sharp focus, making risk management a more certain - and manageable - profession.”

 

How risk engineers can help

Risk engineering may not be a new strategy, but it is one that is proving its value in the modern business environment. Risk engineers have been involved in the study of property risk for around 100 years, but the techniques they have developed are now being employed across health and safety, product safety, cybercrime, environmental compliance and more - in fact, anywhere where insurance can be complex and hard to obtain.

Historically, property - principally factories and other industrial buildings - was inspected by agents of insurers to check clients had the protection in place that they claimed they did.

But over the years this changed. Firms began to see the value of having a third party inspect their property. While most employees would have spent their working lives in one, perhaps two, factories, consultant risk engineers would have seen many factories across a sector - often including the competition.

These outsiders were perfectly placed to identify deficiencies in risk management and make recommendations on how a business could better manage risk.
There began to be a degree of symbiosis between clients, the insurer and the risk engineering consultant who could offer not only new knowledge but also financial benefits to both insurer and insured. They could help reduce the risk of an insurable event occurring and the resulting losses for both parties.

Even brokers found they stood to benefit as they could use a risk engineering report to negotiate lower premiums and lessen deductibles or stop price increases.
In times of economic crisis the role of a risk engineer is even more critical and businesses recognise the value of a third party inspection to ensure that budget pressures are not leading to corners being cut on safety or that unnecessary risks are being taken.

Risk engineers work in two ways. When looking at site-specific risks, such as fire and explosion, environmental compliance and safety or occupational health and safety, they physically inspect premises.

When looking at more complex risks, such as product safety, where more than one factory is involved and locations are most likely spread across the globe, the investigation takes a workshop approach.

The risk engineer gathers together those involved in the value chain and asks questions and recovers data about their approach and how they document their work. This is then compared against a benchmark of best practice.

It is essential that risk engineers are specialists with relevant, industry-specific experience so that they understand the value chain.

Once the inspections or workshops have been completed, data is gathered, synthesised and analysed, and presented to the client as a document, a powerpoint presentation or a conversation - or a mix of all three.

It’s important that the research is available in whatever form the client will find most useful as the results will need to be communicated to a large number of people, possibly at sites with different first languages.

A good consultant will also offer an end-of-year survey when the whole process is complete.

This summarises the results into a short piece of prose and analysis either based on statistics - if there are lots of locations and data involved - or, more frequently, a quantitative approach. Critically, it will look for trends in the data - for example, is there a repeated problem with housekeeping or documentation across
different sites? Is communication poor? What are the systemic corporate issues that need addressing to minimise risk?

While detail is key, the end-of-year study should be brief and something that can be used to rapidly bring senior management up to speed with issues using non-specialist language and financial detail.

Risk engineering has a lot to offer companies with complex risk, particularly in the current climate where insurance can be hard to obtain for certain issues.
But more than that, it offers a proactive approach to risk mitigation, a closer understanding of corporate functionality and a way of saving money, leading to safer, more stable and efficient businesses.