CBIZ & MHM Executive Education Series™ Risk Management & Risk Transfer - A Multi-Pronged

Approach for Management and Boards

Presented by Remonde Brangman and Anthony Consoli

March 12, 2015

2 #CBIZMHMwebinar

To view this webinar in full screen mode, click on view options in the upper right hand corner.

Click the Support tab for technical assistance.

If you have a question during the presentation, please use the Q&A feature at the bottom of your screen.

Before We Get Started…

3 #CBIZMHMwebinar

This webinar is eligible for CPE credit. To receive credit, you will need to answer periodic participation markers throughout the webinar.

External participants will receive their CPE certificate via email immediately following the webinar.

CPE Credit

4 #CBIZMHMwebinar

The information in this Executive Education Series course is a brief summary and may not include all

the details relevant to your situation.

Please contact your service provider to further discuss the impact on your business.

Disclaimer

5 #CBIZMHMwebinar

Today’s Presenters

Remonde Brangman, CPA, CRMA Director, CBIZ MHM, LLC 301.951.3636 | rbrangman@cbiz.com

Remonde Brangman is the CBIZ National Vendor Risk Management Practice Leader and heads the Mid-Atlantic Risk Advisory Services practice. With over 30 years of experience, he has extensive knowledge of best practices in risk assessment, vendor risk management, compliance programs, operational reviews, corporate and nonprofit governance, and business improvement. Remonde has served a broad range of clients including fortune 100 companies, local and foreign governments, and the financial industry.

Anthony Consoli President, CBIZ Insurance Services, Mid-Atlantic Region 877.251.5345 | aconsoli@cbiz.com

Tony Consoli is President of CBIZ’s Risk Management and Insurance Services division in the Mid Atlantic region. He also serves as the firm’s National Healthcare Practice Leader. Tony’s career includes over 25 years of executive leadership and portfolio account management in risk, insurance, business solutions and strategy, with extensive service to the health care, life sciences, real estate, manufacturing and financial industries.

6 #CBIZMHMwebinar

Today’s Agenda

1

2

Overview and Background

Risk Management Techniques

Enterprise Risk Management 3

4 Risk Assessment Process

5 Benefits of Risk Management

6 Questions

OVERVIEW AND BACKGROUND

8 #CBIZMHMwebinar

RISK – You KNOW it’s out there . . .

9 #CBIZMHMwebinar

. . . and you may not see it coming . . .

. . . but you can (must) still plan for it.

10 #CBIZMHMwebinar

Definitions – in Business Terms

A Risk Factor is something that can cause harm. It is a poor business condition or practice that can negatively impact a company.

Risk (traditional) is the likelihood of harm. The likelihood that profitability and shareholder value will be negatively impacted.

11 #CBIZMHMwebinar

Definitions – ISO 31000

Risk is the effect of uncertainty on objectives.

• Note 1 - An effect is a deviation from the expected — positive and/or negative.

• Note 2 - Objectives can have different aspects (such as financial, health and safety, and environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process).

• Note 3 - Risk is often characterized by reference to potential events and consequences, or a combination of these.

• Note 4 - Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood of occurrence.

• Note 5 - Uncertainty is the state, even partial, of deficiency of information related to, understanding or knowledge of an event, its consequence, or likelihood.

12 #CBIZMHMwebinar

Categories of Risk

Strategic

Hazard Financial

Operational

13 #CBIZMHMwebinar

Categories of Risk

Specific risks within each category will vary according to entity type, industry, demographics and other factors. Two examples:

For Profit

Not-For Profit

RISK MANAGEMENT TECHNIQUES

15 #CBIZMHMwebinar

Risk Retention Risk Management Risk Transfer

o Contractual non-insurance o Insurance

Risk Avoidance Financial Tools

Risk Techniques

16 #CBIZMHMwebinar

Definition: A form of self-insurance employed by organizations which have determined that the cost of transferring a risk to an insurance company is greater over time than the cost of retaining the risk and paying for losses out of their own reserve fund.

Risk Retention

17 #CBIZMHMwebinar

Definition: Coordinated activities to direct and control an organization with regard to risk.

Risk Management

Risk Management Framework will include:

• Policy, objectives, mandate • Plans, relationships, accountabilities,

resources, processes • Framework embedded within overall

strategic and operational policies and practices.

18 #CBIZMHMwebinar

Definition: A risk management technique whereby risk of loss is transferred to another party through a contract (e.g., a hold harmless clause) or to a professional risk bearer (i.e., an insurance company).*

Risk Transfer

* International Risk Management Institute (IRMI)

19 #CBIZMHMwebinar

Risk Avoidance

Definition: A risk management technique that seeks to eliminate any possibility of risk through hazard prevention, or the discontinuation of activities determined to entail any level of risk.

Often used in extreme situations where the risk exposure creates an extraordinary liability potential.

20 #CBIZMHMwebinar

Financial Tools

Insurance Risk

Transfer Loss

Sensitive Programs

Self-Insurance

Captives

ENTERPRISE RISK MANAGEMENT

22 #CBIZMHMwebinar

Risk Management Continuum

Risk Profile Risk Aware

RiskAware

RiskAttentive

RiskAttentive

RiskEnabled

RiskEnabled

DescriptionManagement is aware of thebenefits of implementing riskmanagement principlesorganization wide

Management is ready toembrace risk management ineveryday processes andpractices. It is attentive tosome, if not all, of its risks.

Management recognizes riskmanagement as a corecompetence and is successfullyusing it as a competitiveadvantage in chosen markets.

§ Risks managed in silos§ Management holds decision

power§ Financial risk focus only§ No risk management training

Risks managed in silosManagement holds decision

power Financial risk focus only No risk management training

§ Risk management committees § Decision power devolved§ Operational risk focus§ Balanced scorecard in place

Risk management committees

Decision power devolved

Operational risk focus

Balanced scorecard in place

§ Self sufficient committees in place§ All involved in decision making§ Business risk focus§ Risk management is core

competence

Self suf f icient committees in place

All involved in decision making

Business risk focus

Risk management is core competence

Characteristics

Reactive Financial focusCareer internal auditors Low profile

Role of Internal Audit

ProactiveOperational focusRole rotation

Higher profile

Change agents

Business focus

Integrated risk managementRisk & control educators

23 #CBIZMHMwebinar

Industries that have adopted ERM

65% of Public Firms

Financial Services

Energy Sector

Health Care

Transportation

Education

Newcomers: Construction

& Mining

Source: Excellence in Risk Management VI, Marsh | RIMS

24 #CBIZMHMwebinar

ERM: Both Negative and Positive Mindsets

Controlled Risk Maximum Performance

vs.

Uncontrolled Risk Under Performance

25 #CBIZMHMwebinar

Risk Management Heat Map

321

3

2

1 O - 8

12

R - 3

3

3

2

1

Opportunities RisksLikelihood Likelihood

Impa

ct o

n O

bjec

tives

Impa

ct o

n O

bjec

tives

Management addresses these key risks andopportunities in its plans and prioritiesNote: Some adjustment to current priorities may be required

O - 14 R - 34

R - 72

O - 21 R - 11

Developed byJay Mattingly

26 #CBIZMHMwebinar

Characteristics of Risk Factors

Factors vary by industry and importance.

27 #CBIZMHMwebinar

ERM Implementation Drivers

Transparency

Technology Competition

Compliance

Public Companies

Public and Private Companies

RISK ASSESSMENT PROCESS

29 #CBIZMHMwebinar

Q: How do leaders determine which techniques or approaches to risk management are the most appropriate for their organization?

A: Risk Assessment Process

Key Question

30 #CBIZMHMwebinar

The ERM Process

Risk Analysis Analyze presence of risk - Assess the level of risk - Quantify the results - Report the findings - Recommend action

Risk Response Develop an action plan; determine what risks to control and assign responsible individuals

Risk Control Implement a solution to reduce or transfer the risk

Risk Monitoring Observe the completed implementation and report the results

Risk Factor Identification Identify all potential risk exposures

31 #CBIZMHMwebinar

Top-Down Bottom-Up Risk Based Approach

High Risk Processes

Moderate Risk Processes

Low Risk Processes

RiskGovernance

RiskOversight

Risk Management

Board of Directors

Executive Management

Process Owner

Executive Management

Management

Process Owner

Design

Implementation

Top-

Dow

nB

otto

m-U

p

32 #CBIZMHMwebinar

Risk Management Evolution

Modern Risk Management

ISO 31000 Methodology

Principles

Framework

Process

Compliance oriented Financial focus Negative risk events Driven from credit and market risk modeling

Top down approach Complex methodologies Lacking front line involvement and buy-in

Not seen as a model for small businesses

Management oriented

Broad organizational focused

Positive and negative risk events

Driven from strategic and organizational objectives

Both top down and bottom up

Simplified methodologies

Organizational buy-in

Excepted model for all businesses

Traditional Risk Management

33 #CBIZMHMwebinar

Risk Management Techniques

Knowledge, understanding and development of a plan for continuous improvement.

Safety programs Security systems Fire suppression Construction Materials Driver Training Pre-employment screening

34 #CBIZMHMwebinar

Insurance

Insurance Policy

SafetyLoss

Control

Claims ManagementFinancia

l Analys

is

Insurance Policy

SafetyLoss

Control

Claims ManagementFinancia

l Analys

is

35 #CBIZMHMwebinar

Continuum of Insurance Arrangements

36 #CBIZMHMwebinar

Consultative Risk Management Process

SOLUTIONS

Risk Identification− Property &

Liability− Workplace

Safety− Executive &

Professional− Contractual

Cost Containment Efforts− Safety Program− Claims Mgt.− Risk Transfer

Current Coverage Review & Gap Analysis

Loss Analysis & Trending

Total Cost of Risk Calculation

Cost Allocation

Coverage Recsand Brokerage Strategy

Risk Transfer Options− Fully Insured− Large

Deductible− Self Insurance− Captive

Placements

Client Organization− Executive Team

(CEO, CFO, RM, HR)

− Managers− Employees

CBIZ− Risk

Management Services

− Brokerage Services

− Actuarial Services

Identify Quantify Fund Manage

BENEFITS OF RISK MANAGEMENT

38 #CBIZMHMwebinar

Benefits of Controlling Strategic Risk

!?

Ensures sound decision making by adjusting managerial business approach and policies

39 #CBIZMHMwebinar

Risk Management Evolution

Improves operational efficiencies by installing more cost-effective and accurate internal systems

40 #CBIZMHMwebinar

Benefits of Controlling Financial Risks

Maintains availability of credit and manages costs of funds by improving outside relationships and considering all “what if” scenarios

41 #CBIZMHMwebinar

Benefits of Controlling Hazard Risks

Reduces the consequences of uncontrollable losses by increasing safety and obtaining adequate coverage for potential losses

42 #CBIZMHMwebinar

ERM Maximizes Profitability . . .

By removing business conditions that can have a negative financial impact

By installing business practices that can have a positive financial impact

. . . and Shareholder Value

43 #CBIZMHMwebinar

Improve mandatory and voluntary reporting

Improve governance

Improve stakeholder confidence and trust

Establish a reliable basis for decision making and planning

Improve controls

Effectively allocate and use resources for risk treatment

Why Implement Risk Management?

44 #CBIZMHMwebinar

Improve operational effectiveness and efficiency Enhance health and safety performance, as well as

environmental protection Improve loss prevention and incident management Minimize losses Improve organizational learning Improve organizational resilience

Why Implement Risk Management?

45 #CBIZMHMwebinar

Risk Management Case #1 – Lesson Learned

Organization A was a Nonprofit organization with a large source of Government Grant funding. The organization believed that it had a good handle on risk and had recently updated its Governance structures.

During a review of the organization we noted that the governance structure did not include a structure for risk management.

After performing a one day review of risk exposures it was noted that the organization’s compliance program did not cover all relevant compliance requirements.

Further tests revealed that it was not in compliance with a Government regulation and had utilized the Grant inappropriately.

The amount of the misappropriation was significant to the survival of the organization. A simple Risk Management infrastructure would have prevented this loss from occurring.

46 #CBIZMHMwebinar

Risk Management Case 2 – Performance Improved

Company B had a database with over 2500 outside contractors for various levels of technical support. They realized that they were vulnerable to significant operational risk if their contractors did not adequately fulfill their contracts but were struggling to manage such a vast contractor base.

A risk based framework was developed to determine which contractors presented the greatest risk to the organization and procedures were developed to monitor the specific risks identified.

Of the 2500 contractors, only 15 were critical to Company B requiring extensive oversight, an additional 35 vendors were moderate risks and required a minimum level of oversight and 300 low risk contractors. The remainder represented inactive vendors.

Company B was able to develop a more efficient oversight program utilizing fewer resources with increased risk coverage than provided by their previous business model.

The organization also ended up with a risk profile that allowed them to reduce the number of supporting contractors without impacting the level of service being provided.

47 #CBIZMHMwebinar

Questions?

48 #CBIZMHMwebinar

Join us for these courses: o March 24 & April 2: First Quarter Accounting and Financial Reporting

Issues Update o April 29 & May 7: Not-for-Profit Update – Internal Controls, Accounting

Standards and Federal Grant Reform

Read these related publications: o Implementing the Uniform Grant Reform Guidance o Competing for Talent as a Not-for-Profit Organization

Sign up for our Not-for-Profit Viewpoint newsletter

If You Enjoyed This Webinar…

49 #CBIZMHMwebinar

Connect with Us

linkedin.com/company/ mayer-hoffman-mccann-p.c.

@mhm_pc

youtube.com/ mayerhoffmanmccann

slideshare.net/mhmpc

linkedin.com/company/ cbiz-mhm-llc

@cbizmhm

youtube.com/user/BizTipsVideos

slideshare.net/CBIZInc

MHM CBIZ