RISK MANAGEMENT

INTRODUCTION
Risk management is not aimed at avoiding risks. Its focus is on identifying, evaluating, controlling
and "mastering" risks. Risk management also means taking advantage of opportunities and taking
risks based on an informed decision and analysis of the outcomes.

Risk management can be defined as the identification, measurement, analysis and control of those
risks that can cause losses to an enterprise. In the ideal situation, risk management involves a
prioritization process whereby risks are handled in a descending order, beginning with those risks
which could cause the biggest loss and has the highest chance of occurrence being handled first, and
those with least loss and the lowest chance of occurrence handled last.

The purpose of risk management is to eliminate or reduce as much as possible, the losses resulting
from a particular risk. The strategies used includes transferring the risk to another party, avoiding
the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a
particular risk.

Risk management is broader than insurance in that it deals with both insurable and uninsurable risks
as well as other appropriate non- insurance techniques of dealing with both types of risk. Risk
management therefore also involves techniques other than insurance.

BENEFITS OF RISK MANAGEMENT

There is certainly a strong case for implementing risk management due to the benefits that are
obtained from it. These include;
1. Achievement of organizational objectives.
The organization is better able to focus on business priorities. It also enables managers to focus
their resources on the primary objectives. Resources are not re-directed to deal with problems.
Taking action to prevent and reduce losses, rather than cleaning up after the losses have occurred is
in fact an effective risk strategy that results in increased confidence of shareholders and managers.

2. Risk management leads to a cultural change that supports open discussion about risks and
potentially damaging information. The new culture tolerates mistakes but does not tolerate hiding
errors. Also, the culture emphasizes learning from the mistakes which leads to improved financial
and operational management by ensuring that risks are adequately considered in the decision-
making process.

3. Improved operational management will result in more effective and efficient service delivery. By
anticipating problems, managers may have more opportunity to react and take action. The
organization will be able to deliver on its service promise by strengthening its planning process and
helping management identify opportunities.

4. Proper risk management enables a business to handle better its exposures to accidental losses in
the most economical and effective way.

5. It also enables a business to handle better its ordinary business risks. Freed from concern about
the accidental losses, a business can pursue more aggressively and effectively its regular activities.

6. If a business has successfully managed its pure risks, the peace of mind this brings about allows
the managers to undertake new attractive speculative risks that they would otherwise seek to avoid.
This peace of mind is made possible by sound management of pure risks may by itself be a valuable
non-economic asset because it improves the physical and mental health of the owners, managers
and the employees who would be affected by losses to the firm.
7. The quality of its decisions is improved by considering how these decisions would affect the
firm’s exposure to accidental losses. By alerting the managers to the risk aspects of ventures, risk
management improves the quality of the decisions regarding such ventures.

8. Proper risk management may make the difference between survival and failure. Some losses such
as the destruction of a company’s factory may so cripple the company that without proper advance
preparation for such an event, the firm may be forced to close down.

9. Proper risk management can contribute directly to business profits through preventing or
reducing accidental losses as a result of taking certain low cost measures to handle minor losses,
through transferring potentially serious losses to others at the lowest possible fee, through electing
to take a chance on small losses unless the transfer fee is a bargain, and through preparing the firm
to meet most economically those losses that it has decided to retain.

10. Proper risk management can reduce the fluctuation in profits and cash flows. Wild fluctuations
in cash flows can cause a big challenge in carrying out business activities. Stable profits make it
easy for a firm to raise capital as investors prefer a company with stable earnings record than one
whose earnings are unstable.

11. Through advance preparations, risk management can in many cases make it possible to continue
operations following a loss, thus enabling a firm to retain its customers and suppliers who might
otherwise turn to competitors.

12. Professional risk managers and insurers contribute significantly by stabilizing businesses
through the indemnities they provide, the accidents they either prevent or reduce in severity, the
long term projects which they invest in, and the security, they provide by reducing uncertainty.

WHY STUDY RISK MANAGEMENT

We can personally benefit from a study of risk management in the following ways:-
➢ Most people become risk managers at some point in their professional careers.
➢ Even if we don’t become a professional risk managers, our activities will affect the
organizations risk exposure and we will in turn be affected by the organizations risks.
➢ We can build professional careers in risk management consultancy.
➢ We all have exposures in our lives which we must learn to manage.

The Risk Management Department

Functions of the Risk Manager
a) To identify and quantify the organization’s exposures to accidental loss.
b) To adopt proper financial protection measures through risk transfer (to outside parties), risk
avoidance, and risk retention programs.
c) To develop and update a complete system for recording, monitoring, and communicating the
organization’s risk management program components and costs.
d) To design master insurance programs and self-insurance programs including the preparation of
underwriting specifications.
e) Securing and maintaining adequate insurance coverage cost effectively.
f) To determine the most cost-effective way to construct, refurbish, or improve the loss protection
system of any facility.
g) To develop and implement loss prevention/loss retention programs.
h) To actively participate on all contract negotiations involving insurance,
indemnity, or other pure risks assumptions or provisions prior to execution of the contracts.
i) To create and publish guidelines on the handling of all property and liability claims involving the
organization.
j) To comply with local insurance laws
k) To select and manage insurance brokerage representatives, insurance carriers and other necessary
risk management service providers.
l) To establish risk management policies and procedures.

The functions of the risk management department are:

a) Identification
b) Analysis
c) Control; (terminate, treat, tolerate, transfer).
d) Record Keeping
e) Managing Insurance Portfolios

Identification
The risk manager needs to understand the firm and it does, and to consult with as many stakeholders
as possible who can provide insights on issues relating to risk. The manager should clearly
understand both the internal and external environment of the organization.
This includes managers involved in but not limited to:
a) Health and safety programs in the work place
b) Crisis management
c) Internal audits
d) Financial management
e) Corporate security and executive protection
f) Motor fleet maintenance
g) Product quality control

Analysis
Analysis involves the assessment of;
a) The likelihood of a loss - the frequency with which it occurs;
b) The possible and probable consequences - the severity or magnitude of the loss.

Risk Control
The department has the responsibility of keeping up-to-date information on all the operations within
the company, and of ensuring that the risk control measures which have been decided upon are
implemented. There are two quite distinct tasks involved here.
a) Be aware, or make itself aware, of all the new developments in the company.
b) Implement risk control measures which are most appropriate for the new developments.

Linked to this is the continual need to keep abreast of new developments in the field of risk control.
This implies keeping up-to-date on safety technology and physical risk control methods.

Record Keeping
An important feature of any department’s work is keeping records. These records have to be
accurate and accessible, and they must be held in such a way that they can be updated easily. The
risk manager has different types of records and the computer is of great help in storing and
retrieving information.
The kind of information a risk manager should have on record includes:
a) Loss records; actual losses; near misses; costs of losses; reserves etc.
b) Details of insurance premiums;
c) Payroll figures;
d) Staff numbers;
e) Acquisitions and mergers;
f) All risk identification records;
g) Safety documents

Managing Insurance Portfolios

Insurance is still a major function in most risk management departments and while it is only one
aspect of risk control, it does occupy a great deal of the time of the risk manager. Managing the
insurance portfolio for a large corporation or company is almost a job in its own right.
It involves:
a) assessing the need for covers of different types;
b) selecting insurers and brokers;
c) evaluating premiums;
d) matching and dovetailing of covers;
e) negotiating on price;
f) drafting wordings;
g) dealing with claims;
h) keeping all insurance records

RISK MANAGEMENT OBJECTIVES AND POLICY STATEMENTS

Risk Management Objectives
Risk management objectives are formulated in line with the general management objectives and
should be done with the assistance of general management. Thus it is clear that risk management
objectives have to be responsive to and supportive of those objectives set by general management.
A firm’s objectives are influenced by the nature of its environment (clients, suppliers, and
government, etc.)

The specific company attributes that can affect risk management objectives include:-
(a) The company development and history.
(b) The personalities and experience of present managers.
(c) The nature and amount of company assets.
(d) The nature of the company’s operations.

General management objectives

General management objectives are directed towards specific goals. These objectives are:
1) Survival. Keeping costs below a threshold beyond which they could threaten the continued
survival of the firm.
2) Economy. Keeping total risk management costs to the lowest practical level.
3) Earning stability. Limiting unforeseen reduction in earnings or cash flows caused by losses to
‘acceptable’ limits.
4) Uninterrupted operations. Resuming normal business operations with minimum delay
following a loss especially for activities that are critical to the organization. This requires advance
planning for unexpected contingencies and possible commitment of resources prior to loss.
5) Continued growth. Continuing the firm’s growth. This may require commitment o resource
prior to any known loss.
6) Good citizenship or social responsibility. Limiting losses to employees, suppliers, customers
and members of the general public. The motivation of this objective maybe strictly humanitarian the
desire for good public image or some combination of these two motivations.
7) Satisfaction of externally imposed obligation. Complying with record keeping requirements
such as required filling of returns and reports by state authorities.
8) Acceptable level of worry and anxiety. Peace of mind.

These objectives can be classified according to whether they are likely to apply to a firm’s action:
1) Before loss
2) After loss
The pre-loss objectives include: economy, an acceptable level of worry and anxiety. The post loss
includes; survival, earnings stability and satisfaction of externally imposed obligations can be either
pre-loss or post-loss objectives. From these objectives, the risk management department could
formulate its own objectives in line with and supportive of these general objectives.

Examples of possible risk management objectives include:-

1. To promote an active loss prevention programs to eliminate or reduce as far as practicable
potential causes of losses.
2. To operate self-insurance in schemes where it is essentially justified.
3. To purchase commercial insurance in residual areas of risk exposures at the least possible cost.
4. To reduce as much as possible the cost of risks to the firm that may endanger its solvency.
5. To transfer to others the risk of loss to the firm which shall exceed Shs X and to assume any loss
less this amount
6. To employ the techniques of loss prevention to the maximum extent possible.

The Risk Policy Statement

The risk policy statement is prepared by the risk manager and approved by general management
preferably the board of directors. The risk policy statement defines the authority and responsibility
of risk manager. The policy statement is central to the risk management function since the risk
manager needs to know in specific terms the attitude of the top management to risk and therefore
participates in the task of drawing up the policy statement. A risk management policy should reflect
the corporate goals of the firm.

Risk management activities must get the support of the top management through the formulation of
a written risk policy statement. The risk policy statement will vary from firm to firm and is usually
worded in fairly general terms but may contain among other things the following:-
• Define the corporate philosophy of the firm towards risk management as decided by the
board of directors.
• Recognize the status and function of risk management as a separate and critical management
function in the organization.
• Make clear the position taken by the top management in such matters as safety, loss
prevention, and risk transfer as well as risk avoidance.
• Provide for all departments and all levels of management to co-operate in the performance
of risk management activities.
• Assign risk management responsibility to a specific department.
• Delegate appropriate authority to the risk manager to act for top management in maters
relating to risk.
• State the scope, authority and limitations placed upon the risk management department.
• Define the guidelines on the techniques and measures to be employed in dealing with the
potential losses.
• Define the types of losses to which the firm is exposed
• Define areas of risk where self-insurance schemes are to be operated
• Give guidelines for judicious purchase of commercial insurance.

BENEFITS OF POLICY STATEMENTS

1. They serve in a broad way as a set of rules to follow and lay constraints to action
2. The statement gives recognition to the importance of the risk management function.
3. It indicates support from the top management.
4. It ensures participation by all functional management in risk management activities
5. It helps the risk manager to perform his functions effectively as his authority and responsibility
are clearly defined
6. Top management is relieved of decision making in day-to-day affairs of risk management.

Disadvantages
1. If the statement is couched in broad terms it may offer no guidance at all; if it is too specific it
may pose constraints for effective risk management thereby inhibiting the use of initiative on the
part of risk manager.
2. Risk managers may lose their resourcefulness in order to be within the risk framework of the
policy.