Effective risk management requires strategic collaboration with the board. But this remains easier for some than others. Risk must professionalise, says Typhaine Beaupérin, to be taken seriously.
For more than seven years, Typhaine Beaupérin has steered FERMA as its CEO through a rapidly evolving risk landscape.
This has been characterised by an explosion in cyber security attacks, heightened nat-cat incidents, increasingly interconnected supply chain exposures and, of course, COVID-19.
There’s no denying that we’re in a new era of polycrisis, but Beaupérin suggests that one bright spot is that organisations are now taking risk management far more seriously.
She explains: “Definitely the risk landscape has evolved, but for me what this has driven is more of a focus on these risks than there was seven years ago.”
“Since globalisation, there’s been an increase in dependencies and the level of interconnection between different risks. And people are more aware of all these risks, many of which are actually not new, but which are changing in frequency and in severity.”
“Companies know that they must be resilient, and they have to invest in all the elements that can support this aim, and risk management is one of them.”
“At board level, such risks are regularly on the agenda. There is more awareness by companies of the need to anticipate and be agile in response to unforeseen events that can severely impact parts of the organisation and result in significant financial loss.”
“They are experiencing it and they are willing to invest in new capabilities to enhance their overall ability to withstand adversity and bounce back, because for them it’s the licence to operate that is impacted.
“Companies know that they must be resilient, and they have to invest in all the elements that can support this aim, and risk management is one of them.”
Board scrutiny
This increase in respect for the role of risk management in managing uncertainty does mean that the profession is gathering increased C-suite attention.
This has been accelerated by recent crises in the financial sector, such as the Silicon Valley collapse, which demonstrated the importance of having a chief risk officer on board.
Beaupérin says this scrutiny at the board level means the risk management industry needs to ‘professionalise’, with risk managers taking the opportunity to demonstrate how they can add value to decision-making processes.
“Risk managers need to look at all the objectives of the company, and how to support their delivery”
Alongside FERMA’s motto for 2023 of “Be Risk Leaders”, this push for greater strategic interaction is a key theme of this year’s event.
Indeed, the seminar has several sessions that are specifically designed to help risk managers engage with boards successfully. For instance, there will be workshops on cooperation with functions to support business goals and how to move from a risk-centric to an objective-centric approach.
Beaupérin says: “Risk management will achieve this strategic step up through driving greater collaboration. You need to leverage the enterprise-wide view that the risk manager can bring.
“Risk managers need to look at all the objectives of the company, and how to support their delivery. Some risk managers are doing this already and that’s why we want to invite them to share their examples of good practices with others who are eager to learn and to develop their risk function.”
Professionalisation of risk
FERMA research shows that the profile of risk managers differs significantly from firm to firm. About a third of the sector is focused solely on insurance buying, a third is responsible for enterprise risk management (ERM), and a third does a mixture of the two.
For risk managers that are struggling to get the attention of the board and want to move into a more strategic ERM role, Beaupérin suggests learning from other CROs who’ve already made the jump.
In particular, she says finding small ways to show their worth is critical.
“If a risk manager has a willingness to do more and to be more strategic, the question is ‘where can I start?’ and it’s a long process. If you don’t have the mandate or the responsibility, you might want to begin by looking at those risk managers who have been successful.
“Look to demonstrate the value you bring on key projects of strategic importance for the company. Start small and then look to collaborate with other departments in order to develop relationships and show what you can bring.”
“And that’s why we are also partnering with other organisations like ECODA, the European Federation of Boards, and ECIIA, the European Federation of Internal Auditors.
“Look to demonstrate the value you bring on key projects of strategic importance for the company”
”This will help position the risk manager more strategically and make sure that the important role of the risk management function is recognised.”
Giving risk managers the tools and education required to successfully operate in a leadership setting is a core aim of FERMA, both historically and into the future.
One way in which the organisation is helping risk managers professionalise is through RIMAP, the European risk management certification, which has seen significant uptake over the past few years.
“The certification has definitely helped to elevate and harmonise the standard of risk management. It became fully operational in 2017, with an online exam and four sets of learning materials that have been developed with the support of all our member associations.
“Now, the number of certified risk professionals is growing, so I think that’s a big achievement.”
A bridge to the EU
RIMAP isn’t the only thing Beaupérin is proud of, and she points to the growing influence of FERMA in Brussels as another area of key success.
She holds up FERMA’s involvement in the European Commission’s climate resilience dialogue and the EIOPA pilot project around SME access to cyber insurance as two key examples of where the association is consulted.
“FERMA has become the bridge between the EU institutions and the national associations. We have increased our advocacy-related activities and conducted them in a more structured way, which has helped raise our visibility at EU level.”
“We have gained recognition of our expertise and our priority topics from EU institutions and EIOPA, who are now coming to us proactively for support and input.
“This is why we exist, to enhance a vibrant risk management community.”
“We have also started to be more vocal about the shortfalls of the insurance offering but also to cooperate with our partners in the insurance industry on the regulatory front.”
She’s also keen to stress FERMA’s growing role in enabling dialogue and the sharing of best practice between the risk manager community. In part, this has been driven by the FERMA Forum, which saw almost 2,000 attendees in October last year, something Beaupérin describes as a “monumental success”.
“It has really become the pan-European marketplace for risk and insurance management, as well as the platform for fostering constructive dialogue on emerging risks, innovative risk transfer solutions and the future of risk and insurance management functions.
There were a lot of 1-to-1 discussions and the feedback was that the quality was very high… This is why we exist, to enhance a vibrant risk management community.”
What lies ahead
Looking to the future, Beaupérin says that FERMA’s strategic priorities lie in four core areas: cyber risk, climate change, ensuring a stable insurance market, and risk management education.
From a cyber risk perspective, there are two clear goals: first, advancing cyber risk governance to identify and manage cyber risk effects from a business standpoint, and second to support risk transfer to financially mitigate the exposures.
Beaupérin says: “We have brought all the key actors on cyber insurance around the table to discuss the issues each is facing and to explore how we can support the development of cyber insurance in Europe.
“There are some concerns that risk managers are not getting what they want, either because of the price, the coverage or because there’s not enough capacity. So we need to address that.”
When it comes to climate, Beaupérin says the priority is raising awareness of the severity of climate change. This means educating on the need for businesses to reduce financial losses due to nat-cats and for the risk management profession to improve resilience in the face of increasing disaster risk.
“There are some concerns that risk managers are not getting what they want, either because of the price, the coverage or because there’s not enough capacity”
To help ensure a stable insurance market, FERMA is engaging with the EU institutions to promote insurance solutions covering risks, but also advising around regulation of captives at the EU level.
In particular, the association is focused on moves to harmonise proportionate measures across the EU member states, which Beaupérin is confident “will go in the right direction”.
“A new category within this new regulation being discussed is in insurance undertakings applying to become low risk,” she explains.
“There is a set of criteria they would have to comply with, and if they do, they get this stamp and benefit from proportionate measures across the different EU member states.
“So, that’s very important, particularly as captives are a key solution for companies looking to plug the gap for hard to insure or emerging risks.”
”Risk managers and HR personnel will have to work together and we will inevitably see the development of a stronger, more regular relationship”
The final focus will be to continue the work of RIMAP, enhancing the dialogue between risk managers and the quality of risk management at a pan-European level.
Looking longer-term, Beaupérin says that two key emerging risks are secondary perils and human-related risks, both of which are keeping risk managers up at night.
“There is no crystal ball, but what we hear from risk managers is that every primary cause has a secondary impact. To be more specific, we see growing concern about cyber attacks causing physical damage or bodily harm, for example, or how installing solar panels might alter the overall risk profile of a company or building.”
“Another key concern is the human resources component. During the pandemic we focused on the future of the working environment, and the increased focus on finding and retaining talent.
“That’s high on the agenda for companies at a strategic level. Risk managers and HR personnel will have to work together and we will inevitably see the development of a stronger, more regular relationship in place of an ad-hoc one.”
No comments yet