Articles - Managing people risk effectively


People risk is becoming increasingly important to insurers. The great resignation, quiet quitting, and Brexit have all led to a tight labour market and a situation where insurers are finding it increasingly difficult to attract, retain, and get the best out of talented employees. As a result, people risk is moving up the agenda for HR teams and risk managers. People risk is often thought of as a subset of operational risk – ie the failure of people, processes and systems.

 By Ed Harrison, Senior Consultant, LCP
  
 Our ERM frameworks and approaches to risk management are also often aligned to this way of thinking and to the compartmentalised way that capital models evaluate risk.
  
 But this approach means we may overlook the role that people risk can play in causing other risks to occur. This, in turn, means we treat the symptoms of the headline risk but don’t diagnose and address the root “people risk” cause – as described in the examples below which you may be able to relate to.
  
 Three case studies of people risk
 Example 1: The lead underwriter on a key business line is promoted into a senior management position, and there is no succession plan is in place. Onboarding an external successor takes months and during that time premium volumes and mix drift off track, putting a big dent in profitability, and taking years to restore.
  
 Example 2: A junior accountant leaves the finance team of a large multinational. Nobody bats an eyelid until year-end when the process to consolidate the group accounts fails. That person was responsible for the code that consolidated legacy business that nobody else understands the peculiarities of. As a result, regulatory returns are submitted late and subsequently have to be withdrawn and corrected.
  
 Example 3: The claims team of a motor insurer has low morale and high staff turnover. As experienced staff are replaced with new recruits, the team can’t keep up with the workload and a claims backlog develops. This distorts the way claims develop, eventually leading to a material reserving deterioration.
  
 All three examples are examples of people risk. However, to a risk team: the lack of succession planning might show up as an underwriting risk when profitability deteriorates; the late delivery of regulatory reporting may appear to be a process failure under operational risk; and the impact of the claims backlog might first be identified as a reserving risk. In all cases, the risk team’s process identifies the symptoms but not the root cause.
  
 So how can we manage people risk more effectively?
 To me, managing people risk better means ensuring we have to tools available to identify people risk where it is a root cause.
  
 A good starting point is to commission a deep-dive into one aspect of people risk, for example considering key-person risk. This initial deep dive helps the risk team quickly develop their own knowledge of pinch-points within the business, understand the extent of exposure to key-person-risk and identify the departments where the exposure to people risk is greatest.
  
 A key person risk deep dive should be broad enough in its scope to cover the main sources of risk, including:
 • key external relationships
 • key business processes
 • areas of business requiring specialist (especially legacy) knowledge
  
 The goal should be to identify specific examples of these pinch points and then begin the process of mitigating them. However, the deep dive should also consider the overall approach to identifying and managing people risk.
  
 In addition to an initial deep dive, risk teams should consider incorporating people risk into aspects of the day-to-day risk management process, for example in the ORSA assessment, operational resilience, and business continuity, as well as in regular management and reporting dashboards.
  
 A key feature of both operational resilience and the ORSA process is stress testing to provide quantitative examples of key risks.
  
 Operational risk stresses are often set based on self-assessments and/or discussions between affected departments and the Risk team. People naturally feel more comfortable discussing process risks than people risks because it is difficult to acknowledge our own potential shortcomings. This can mean process risks are over-represented in operational risk scenarios, whilst people risks are under-represented or missing completely. Risk teams should be mindful of this potential bias and work to draw out the people risks from each department.
 
 Working hand-in-hand with HR
 Traditionally the management of people risk has mainly sat with the HR team. However, increasingly there is a need for Risk and HR teams to collaborate on this issue to join the dots between people risk and other business risks.
  
 HR teams are well placed to manage aspects of people risk such as succession planning, talent retention, skills gaps analysis and employee motivation. Risk teams are less directly concerned with the outcome of these assessments, but need to ensure that they are kept in the loop so they can see the big picture – in particular how people risks might contribute to or exacerbate other risks.
  
 Next steps
 The recruitment and retention challenges that exist across the most disciplines within the insurance market aren’t going away any time soon.
  
 Risk teams need to pivot to ensure that they have the process in place to address these more challenging risks. This likely means both enhancing risk management frameworks and collaborating more closely on deep-dives with HR. Insurers that put in place stronger processes are more likely to make intelligent decisions about where to retain talent and be better able to adapt their day to day processes to mitigate the people risks they identify.

Back to Index


Similar News to this Story

Murder on the LPI floor
DB schemes, by and large, are in a far healthier position than they have been for over a decade. This is good news, but it also changes the challenges
Pension scheme cyber attacks are you prepared
The cyber threat to pension schemes specifically is increasing. The Capita data breach in 2023 is set to cost the organisation an estimated £107 milli
Is AI the new ESG
Over the past few years, ESG was all the rage. Proponents, opponents, and everyone in between seemed to be talking about this topic on an endless loop

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.