Based in Belgium, Katoen Natie is a privately owned logistics company with activities worldwide. Carl Leeman, chief risk officer, shares his candid thoughts on the profession, its limitations and what needs to change

Can you describe some of the biggest risks that you are currently focused on and how you are dealing with them?

One of my biggest concerns today is the increasing speed at which business is conducted versus the growing complexity of commercial deals. The internet and exchange of electronic data enable us to work more quickly, but everybody wants to cover more ground than ever before.

Everybody has become risk averse, and so people hide behind shields of compliance, lawyers, consultants and company policies. In this hostile environment the notion of business partners might quickly disappear.

Also globalisation is causing a lot of emerging risks. With the amount of travelling that's going on these days, pandemics can easily spread all over the world. This was much less the case 30 years ago.

The biggest advantage we have as a company is that we are well diversified, not only by location but also geographically. We have a few locations where we have big concentrations of people – like here in Antwerp – but it's unlikely we'll be hit heavily in one business area because we have this diversification.

Was that diversification a conscious decision to mitigate some of the risks or was it part of the natural growth of the company?

It's really a mix of the two. It's a decision that our board and our owner [Fernand Huts, president of the Katoen Natie group] makes. We've been having discussions about expanding into China for a number of years now. The commercial people want to go but our owner has always stopped it. You only hear the success stories about moving into China; most of the time you won't hear about failed operations in the media.

We have a very simple mix that we use to asses any move. We weigh the risks and resources we require for going in against the revenue that comes out. In today's heated economy, it is important that you try and keep your head cool and sometimes say no.

Your company has operations in 32 countries worldwide. How do you control the risks associated with moving into different markets?

“We have a very simple mix that we use to asses any move. We weigh the risks and resources we require for going in against the revenue that comes out. In today's heated economy, it is important that you try and keep your head cool and sometimes say no.

Carl Leeman, chief risk officer, Katoen Natie

The basic parts of the business, – logistics or supply chain – are the same all over the world. But we still have to keep ourselves informed in each country. For example, in Brazil the provinces have different import taxes. It could be that one province has a tax that doesn't exist in another one. If you choose a location to do business and you don't take into account those local differences then you could be at a disadvantage.

There's also a risk associated with finding the right people. Today in Belgium finding people is a nightmare. We still have a lot of unemployment, but we can't find enough people for the business. We work with a lot of low skilled people in the order packing activities and it's nearly impossible to find workers. One of the reasons for that is our social security system in Belgium. The problem is that the difference between working for the lowest wage and living at home and getting social security is much too small.

What other risk areas are you concentrating on?

Today, a lot of companies are struggling with reputational risks. But we don't really have a brand name that is well known to the public; we work for the industry. Of course we have a reputation, but the reputational risks are not the same as for consumer facing brands.

Another thing that you can't get around is the changing weather patterns. We are starting to make alterations in our building plans to meet the demands from heavier rainfall or increased wind strength.

That's just coping with the effects of the weather, but we also have to prevent things getting worse. We are not really a big energy consuming company, but we are working on coping with the consequences.

Do you think there is more that could be done?

We are considering plans to gather rain water, because we have huge volumes of roofs. We are also looking at installing solar energy panels. Windmills are another thing we're considering, but it's not easy to get the building permits.

What else is high on the agenda?

“We are considering plans to gather rain water, because we have huge volumes of roofs. We are also looking at installing solar energy panels. Windmills are another thing we're considering, but it's not easy to get the building permits.

Carl Leeman, chief risk officer, Katoen Natie

Something I'd like to touch on is the risks posed by new products and nanotechnology. It's not really something affecting our company directly, but it's an area that nobody really knows where it will end. One question is how will the new materials be disposed of?

Another risk is the long-term consequences on our bodies of electronic smog or the increasing radiation from the whole mix of mobile phones, microwaves, wireless communications, mobile phone masts, alarm systems, and Bluetooth. We have had locations where we refused to put an antenna mast because of the potential effect on our employees. You have to ask yourself if it's all worth it.

How can people prepare for those sorts of emerging risks?

I think the best way is to stay alert. We don't have to go back that far. Look at asbestos. Not so very long ago even insurance companies obliged us to use asbestos for fire protection, it was a 'wonder' product. Today, we all have a quite different view of asbestos.

What will the evolution of the wireless radiation be? We should stay alert, keep on asking questions and see where it goes. To follow blindly is not the correct way to deal with it.

Any other risks you're concerned about?

Another point is the perception of risks – where the perception is greater than the reality. Terrorism is the big one. If you consider how many people are killed on the roads compared with how many die in a terrorist attack, it is obvious which claims the most lives. Yet people are still more scared of the terrorists.

These days, when something happens on the other side of the world the next minute everyone knows about it. The mass media has a big responsibility. The combination of the risk perception and the global power of the media can be a killing combination to any company.

One risk that is causing us big problems, mainly in the US, is that of legal issues. The problem of punitive damages and people suing each other has slowly crept into the UK and now it's creeping into Europe. I don't think it's a good development; the only people who benefit from it are lawyers. Everyone else will lose in the long run.

“What will the evolution of the wireless radiation be? We should stay alert, keep on asking questions and see where it goes. To follow blindly is not the correct way to deal with it.

Carl Leeman, chief risk officer, Katoen Natie

What can organisations do to protect themselves?

There are two phases. In the first phase you can try to avoid the legislation changes. But lobbying takes time. In the second phase, when the legislation has changed you have to take measures.

Everyone wants to protect themselves by saying they took safety advice from a specialist consultant. The consultant doesn't know anything about your business. But at least you can say: 'these people are specialists in the field; they have advised me to do it this way and so has my lawyer, so don't shoot me.'

Which regulatory obstacles are giving you the biggest headache?

We have been looking at the Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH) regulation a lot. At first we thought it was only for our clients but we quickly saw that we were also implicated because of our activities in the petrochemicals sector. I don't know that it will add value, because we already have material safety datasheets that have a long history. REACH is very well lobbied by a lot of companies because there is a huge amount of work to investigate every product within the European market.

We don't have to cope with all of the regulations, due to the fact that we are privately owned. But we have to follow some procedures, such as those laid down by the International Organisation for Standardisation (ISO), because the clients oblige us to. There is no way around it. You have to follow those standards or you can't do any business.

The initial ISO procedures had a lot of added value; even the operational people really believed in them. Now I think it's just for the sake of making money. There is a big discussion going on in the risk management community about ISO. Will there be an ISO for risk management or not? The solution that is on the table today is that there will be guidelines but no real procedures and no audit. I think it's just a way to get the ball rolling. Instead of implementing the whole thing at once it's being done in steps.

What's the biggest problem you see from over-regulation?

If you are regulating and standardising everything, how can one company differentiate itself from another? Being able to develop new ideas is sometimes not compatible with all these standards. I don't mean that there shouldn't be any standards, because in some fields they are essential. But in others, like risk management I don't see any real need or added value – aside from for the audit companies who can make more money from it.

“These days, when something happens on the other side of the world the next minute everyone knows about it. The mass media has a big responsibility.

Carl Leeman, chief risk officer, Katoen Natie

It is also possible that some risk managers are standing behind an ISO procedure for risk management just for the sake of promoting their own careers. If in the ISO procedures there is a requirement for a risk management committee, or for the risk manager to be part of the board of directors, a lot of people might see that as a ticket to the top. I wouldn't say this is wrong, only that it's a pity they can't make it based on real added value and know-how.

How does enterprise risk management work within your company?

Within our company we support the various business units to act as risk managers themselves. Everybody is a risk manager in their own business. My team informs them, provides them with tools, and assists them with the solutions.

Every site has a safety manager on the floor. If there is a problem on site it's their problem. We strongly believe in decentralisation. What I do is keep the site managers motivated and give them tools and share information between units.

We know the risks in our business better than anyone. There is no law firm that knows them better than us. On the other hand, if I receive a contract from another country, I always contact a local law firm to check it. The specific regulations and laws that apply to that contract are important details that have to be checked locally.

How does insurance fit in?

On the insurance side we have two global plans – property and liability. Those are dealt with directly between myself and the insurers. We support those with local programmes and policies. We select a local broker in every country. It's a good situation, because if one of those brokers does not perform well we kick them out and choose another one.

If you work with one global broker then you're not always in the driving seat. There are a lot of good brokers; the art is to find the best of them in every country. In some countries we may choose to work with Marsh, Willis or Aon. We select brokers country by country, and keep the global overview ourselves.

Learning from experience

On 1 September 1996 there was a massive fire at one of Katoen Natie's petro-chemical facilities in Antwerp. 120 silo buildings were destroyed causing €40m worth of damage. Soot deposits from the fire were found 30km away on the outskirts of Brussels. In the aftermath of the fire, Katoen Natie received 1600 claims from third parties and it paid out €1m in compensation. Product was loaded the next day and by January 1997 the site had been completely rebuilt.

Topics