CFOs are increasingly being held accountable for losses arising from nat cat events. Their best defence? To team-up with their risk manager
When a business is hit by a natural catastrophe, the impacts can be severe – property loss, business interruption, supply chain failure, and reputational damage.
Nat cats in 2017 and 2018 are telling of the potential costs. In 2017, the total economic damage worldwide exceeded $337bn, of which $144bn represented insured losses. And 2018 offered little reprieve, with hurricanes Florence and Michael, costing an estimated $8.5bn to $13bn in potential losses.
But it is not only risk managers who bear the brunt. If a company suffers a serious loss, it is often the chief finance officer (CFO) who shoulders the responsibility of explaining to the market and investors what went wrong and why.
Xavier Mutzig, Ferma board member and group insurance and insurable risk director for Johnson Matthey – who has responsibility for natural catastrophes – says: “Increasingly, the CFO is responsible for disclosing the company’s exposure to nat cats and other impacts from climate change.
“A large enterprise will also need a governance and reporting system so that the board can provide rapid information to the market in case of natural disaster.”
Indeed, if a loss could have been prevented and sufficient steps taken to avoid a potential loss, it reflects poorly on the CFO.
But many executive managers tend to believe that so-called ‘one-hundred year’ events – which many deem nat cats to be – will ‘never happen to them’.
With risks ranging from loss in revenue, business interruption, and brand damage, CFOs ignore the threats at their own peril.
John Ludlow, chief executive at Airmic, warns of the risks: “Business interruption loss can be more significant than property damage when you factor in contingent BI exposure. Global supply chains can be very complex, so you need to have line of sight across your whole supply chain, particularly for key areas of your business. The loss of a critical component manufacturer can bring a whole supply chain to a standstill.”
Andrew Koegel, head of corporate insurance management at medical device manufacturer, Paul Hartmann, adds: “It’s a fundamental issue. Frankly, I can get money back on the claims side from the insurer, but the reputational risk of failing to deliver products to customer – that’s a risk that’s difficult to even quantify.
“If your company lost business because the clients view you as unreliable or think you can’t deliver the goods, that’s bad for your balance sheet.
“Typically, you can have coverage for two years after the loss, but the impact may be far longer. How much money does it take to re-establish yourself?”
Risk managers have a part to play in articulating the long-term return on investments of establishing an insurance programme that covers the whole scope of potential damages. In cash terms, and on the surface, this may appear as an expensive investment, but as Francois Malan, chief risk officer at Nexity, puts it: “It is hard to convince the CFO to pay for it. The truth appears when a claim occurs – but then it is too late.”
Risk managers will do well to emphasise the risk to the bottom line owing to inadequate prevention, mitigation and risk-transfer plans. And claims data analysis along with case studies of losses will help them better quantify the value of their plans.
Mutzig says: “The risk manager may be one member of the team involved in disaster mitigation planning and recovery, including requesting the necessary budget allocation from the CFO.
“The CFO will want to know that the data and methods that the risk manager uses in his or her analyses and calculations are robust.”
Malan concludes: “Risk managers must use insurer data to find the best solution for mitigation and risk transfer.
“They need to work with the CFO to estimate properly the business interruption and the non-direct financial consequences that should be insured. And, with broker’s and insurer’s help, estimate the impact of mitigation actions, for example, the installation of water walls, digging of trenches, reinforcement of walls etc on financial losses. They have to document it and to propose options to CFO and CEO.”
This level of detail means that risk or business continuity managers must identify critical dependencies and be clear about how a loss of each class of asset could impact the value chain.
Risk manager checklist
Airmic’s Ludlow says that a business continuity manager must identify the critical dependencies by being clear about the losses, including:
- Suppliers and your links – business interruption, reputation
- Markets and channels – linked to the strategy and business model
- People – liability for employees travel risk and key man dependencies
- IT and communication – vulnerabilities to internal capabilities and supply chain
- Facilities – especially where key processes and activities (including outsourced arrangements) vulnerabilities to internal and outsourced capabilities
- Have a clear BCP to manage major nat cat loss events