Take on a New Role
The increasing focus on data is driving chief risk officers to wear two hats, including that of chief data officer.
- Pat Saporito
- February 2020
Risk managers are increasingly becoming aware of the importance and value of data as a corporate asset and of analytics as a risk management tool both from an operational and overall enterprise risk perspective.
Granular risk and loss data not only allow organizations to individually assess risks but also to receive premium rates that reflect their actual exposures versus broader industry risk classifications. Loss experience reviews enable not only improved employee health and safety programs but also help risk managers set more appropriate deductibles or self-insured retentions.
Catastrophic and large losses can be more carefully managed via improved medical and vocational rehabilitation programs. Data can also identify emerging loss exposures and trends that may require revised or new safety or loss control procedures. Behavioral, sensor and IOT data can measure the effectiveness of such program changes.
Risk managers are becoming more aware of the need to own and manage their data and to leverage it during annual insurance program reviews.
While brokers advocate for them, risk managers realize that at the end of the day they need to manage and own their programs. As a result, we can expect to see risk managers develop a true risk management data and analytics strategy and a more sophisticated data management program working with chief information officers and chief information security officers. In fact, chief risk officers may also inherit the title of chief data officer.
CROs will improve their safety and loss control programs with continuous risk monitoring to evaluate and manage their exposures and modify their insurance programs to reflect those exposures. They'll also seek premiums rates and credits that reflect improved risk and data management.
Going beyond just internal data, chief risk officers will also seek industry and cross-data for comparative benchmarks, best practices and other external data to enrich and augment their own data.
This enhanced use of data, however, will also create a number of challenges, including dispersed and fragmented data across lines of business, countries and subsidiaries.
For instance switching to a new carrier or third-party administrator means claims data isn't in a single repository. Risk managers are becoming more aware of the need for a true enterprise risk management database—one that combines risk and finance data. Investments in data governance and stewardship will be required to ensure data quality, trust and understandability to feed increasingly sophisticated analytics.
Also, risk managers are becoming aware of the need for enhanced data privacy and security. Privacy of employee data will become increasingly important in light of the EU's General Data Protection Regulation, which went into effect in May 2018, and the recent California Consumer Privacy Act. Cyberrisk is increasing in importance as corporate priority as data breaches and ransomware demands proliferate.
Corporate risk managers will also face other issues, including culture and change management. They'll need to educate operational managers and employees to become more robust partners in risk management and identify negative risk trends and emerging exposures, as well as data quality, privacy and security. They should also include data and analytics programs as part of their overall risk management and safety and loss control programs.
Insurers, reinsurers and brokers have an important role to play, too. They need to be aware that as risk managers are assuming greater ownership for their data they will be demanding due consideration in exchange for it. In addition, they'll be increasing the scrutiny of their insurance needs, costs and programs using these assets. It's important that carriers and brokers offer new incentives and increased value for access to more robust enterprise risk data which benefits everyone.
Best’s Review columnist Pat Saporito is a consultant and author of Applied Insurance Analytics: A Framework for Driving More Value From Data Assets, Technologies and Tools. She can be reached at email@example.com.