Increasing sophistication and importance
Growing sophistication, leadership from senior management and increasing detachment from the insurance buying role, are the current characteristics of European risk management and managers today. These findings emerged from FERMA's biannual benchmarking survey of 269 European risk managers, conducted with the support of Ernst & Young and AXA Corporate Solutions.
The survey questions were based on the European risk management standard adopted by FERMA in 2003, and the results were released at the FERMA convention in Brussels on 5 October 2004.
The questions were designed to uncover trends in the six following areas: risk management policy and process, internal sponsorship and relationships, risk management function, risks and risk management objectives, internal and external communications and international comparisons between France, Germany and the UK.
Participants
Sample size: 269
By job title: Risk and/or insurance manager 60%; CEO or managing director 5%; CFO or related position 19%; other with responsibility for risk 16%
By country: French 44%; German 22%; UK 20%; others 14% (including Italy, Denmark and Netherlands)
Sector: Industrial 54%; commercial 20%; service 16%; others 10% (including banks and financial services)
Listed on at least one stock exchange: 35%
Turnover: Range: < Euros100m to > Euros10bn
Employees: Range < 500 to > 10,000
Company member of national risk management association: No 52%; yes 46%; not known 2%.
Key results and major trends
The vast majority of companies in the survey have a defined risk management policy (78%) or are planning one (16%). In 36%, the risk management process is documented and embedded. Risk mapping is the most commonly used initial step to initiate the process. Many risk managers (57%) deal with an enterprise-wide scope of risks, versus 32% and 12% whose responsibility is operations or insurable risks respectively.
Today, senior management is often the driving force for risk management.
The majority of risk managers report to the president, CEO or CFO, depending on the country. Of those companies that have a defined risk management policy, more than 60% have direct support of the executive committee, and 45% have contact between risk management and the board of directors or supervisory board at least once a year. Two-thirds of the companies in the sample have an audit committee and three-quarters of those audit committees have a direct relationship with the risk management function.
Partitioning the risk management and insurance buying functions is an emerging trend, varying with the country. Overall, 42% have organised these roles into separate departments, and the risk manager may or may not be involved in buying insurance. The primary role for the risk management department is to advise and suggest improvements in operational practices and to verify compliance with the defined risk management policy.
Where such legislation as the French financial security law (LSF) and UK's combined code applies, 60% of the risk managers surveyed are involved in the development of internal control policy.
Drivers
Apart from the express will of management, two-thirds of the risk managers surveyed listed catastrophic events and regulatory and legal requirements as driving the development of global risk management. More than half also mentioned the express will of the shareholders and a major increase in the cost of insurance. The main risk management objective is to avoid threats to the assets and reputation of the business. A smaller but significant number also mentioned optimising risks and improving decision making.
However, operations/production and commercial risks topped the list of risks that business are facing today, followed by legislation and regulation, catastrophes, data systems and financial risks. Looking ahead, risk managers believe corporate governance, data systems and the environment are the issues that will most increase in importance to their organisations.
Achieving these objectives, companies believe, will be done mainly through identifying and treating risks and embedding risk management by spreading its application through the organisation.
Further survey questions dealt with communication within organisations, particularly the disclosure of risk and insurance information, and explored country variations, especially between the UK and Germany and France.
Copies
Full copies of the results are available from FERMA and the survey sponsors.
For more information, contact:
- FERMA: Florence Bindelle - florence.bindelle@ferma-asso.org
- AXA Corporate Solutions: Florence Metairie - florence.metairie@axa-corporatesolutions.com
- Ernst & Young: Hanneke Villere - hanneke.villere@fr.ey.com