A partnership in action;
Deborah Ritchie speaks to Graeme Watt, chief risk officer of Laird plc, a company with unique and complex challenges when it comes to risk. Prior to working for Laird, Graeme held a number of risk and audit roles at Alliance Unichem (latterly Alliance Boots), BAA, World Duty Free and Somerfield. Before this, he worked for the supply and secretariat branch of the Royal Navy.
What was the impetus for Laird’s transformation of its risk processes?
Two things happened in parallel. On the one hand I had an emerging sense that, in relation to our site risk controls (sprinklers and so on), all was not as rosy as our survey reports suggested. I was looking for a risk partner with deep engineering experience to tell me what exactly was missing. At the same time, the company took on a new CEO, who established a clear strategy for the business that would differentiate us as at the cutting edge of innovation, speed and reliable fulfilment.
Laird designs and manufactures products and systems that protect electronics and enable connectivity in mission critical systems. Our solutions are used by a wide range of industries, from protective heat systems in MRI machines within hospitals, to remote control systems for trains and cranes. Absolute reliability and continuity of our business is vital. Excellence in site protection is critical to achieving this.
With this transformation, we sought to set ourselves apart from the competition, and to make this work we needed the right partner. FM Global filled those shoes. I think it’s vital to work closely with your insurer to improve risk quality using evidence based on sound data and professional engineering expertise.
What were the main challenges you faced when seeking to implement such change?
The first challenge was around insurance partnering and common standards for auditing the sites. Our sites globally operated in full compliance with local rules, which of course are under different jurisdictions with different standards and enforcement for things like fire protection. To deal with this, we set out to establish what the real pressure points were. In looking for an insurance partner who could help us, FM Global, with whom we have now worked for several years, wouldn’t even quote before surveying our top seven or eight sites and they committed to carrying out risk engineering reviews for all operations locations in the first year. That’s 29 engineering or manufacturing locations across 18 countries.
Often there can be a number of cultural challenges to overcome. In the US and in Europe, for instance, there are long established safety regulation regimes, which precisely specify requirements such as sprinkler systems, where you can expect a certain level of implementation and quality. The same may not necessarily be the case in other parts of the world, where standards may not be consistently applied. You can be confident that the sprinkler heads that sites would typically obtain in the US will work, but in parts of Asia, say, there is culturally a huge focus on delivering the bottom line and inexpensive but potentially unreliable solutions may have crept in.
This is where working with an expert partner can really make a difference. The vast majority of our general managers have a technical background, so by speaking ‘engineering’ with them rather than ‘insurance’, FM Global were able to break down those cultural differences to get real buy in for control improvements. I see FM Global as a company of risk engineers that do insurance rather than an insurance company that does engineering!
I don’t have an engineering background, nor do I have an insurance background – which I view as a great blessing. This means I came to ask questions that may never have been asked – challenging the status quo. I do have a Services background, however, some of which was spent in damage control, when you train fighting real fires. It’s not the same as watching it on a video. In that sense, some of my early background was really relevant and drew me to this particular organisation, who set fire to things all the time at their research facility in Rhode Island, to test and make sure that their standards and advice are robust.
Beyond site risks, how do you ensure you stay ahead of the curve when it comes to other emerging risks?
In terms of review, we have a risk management framework which is based on a facilitative risk review approach with our seven business units and corporate functions. We are just about to embark on the next round of this having completed a restructure as part of our growth plans. Risk management governance is overseen by a risk governance group chaired by the CEO, and we also conduct a board level risk review periodically for a strategic overlay. All of these go into our risk picture which looks at and attempts to understand the probabilities and impacts of various risks; it also looks at what assurance mechanisms we have in place to mitigate them. Risk and incident monitoring is embedded into our monthly business performance review process, with a risk management report presented to every board meeting
Given the complexities of the supply chain within the electronics industry, how do ensure you adequately manage the risks that may emanate from it?
Within the supply chain, you’re really looking ideally for controls that you control yourself, such as your back door quality checks, supplier due diligence and “on the ground” audits. Encouraging supplier compliance on the things you cannot directly control is greatly aided by the threat of competition – so avoiding single source suppliers is a good idea, not just business interruption protection. We have a team of supply chain auditors, who carry out audits on our key suppliers, not just around resilience, business continuity, but also around other CSR aspects. The team is lean, so we prioritise and target their activities.
Supply chain is a most difficult area, as you are relying to a degree on what you are being told. But I am confident in our supply chain management capabilities. Following the 2011 tsunami and a couple of subsequent disasters, our business continuity plans kicked in and we didn’t let down a single customer; I would consider that as a successful performance. But you’re only as good as your last game, and we don’t rest on our laurels. In fact our business continuity plans are currently undergoing an update. Command and control and decision tools are the focus for us here. I actually prefer to think of them as toolkits rather than plans.
I should add that, of course, our partner FM Global has expertise in this area too. Recently they helped a sceptical site to prepare a tailored flood control section for their plan, since FM Global’s modelling identified a risk, though no flood had ever been experienced by the site. Fortunately it was in place when parts of Shanghai flooded last year. Our site was back in business within hours not days, and no customer was impacted. And, in my opinion, this is real partnership in action.
This article first appeared in CIR in March 2015.