Read below to learn about the experiences of our first ever cohort in the Risk Leadership Certificate Program!

Update #1        Update #2        Update #3

 

Get to know the RLCP cohort:

Meet our first cohort of risk management professionals.

Read a detailed bio of each participant.

 

Program Updates

Update #1

Our pilot Risk Leadership Certificate Program (RLCP) is underway. The NRMC team and our participants have enjoyed productive generative discussions about core competencies for risk professionals, including risk assessment, risk culture, risk function design, and insurance program oversight.

Prior to each RLCP session, the NRMC team has shared thought-provoking pre-reads with our cohort to get everyone revved up for dialogue. Thirsty for risk management knowledge, the risk leaders in the first cohort have absorbed and analyzed the content of the pre-reads, journeying to the NRMC office in Leesburg, VA, primed to articulate how what they have read applies to their own organizations—and the nonprofit sector in general. One of our favorite pre-reads thus far is ‘Managing Risks: A New Framework,’ an oldie-but-goodie article by Robert Kaplan and Anette Mikes, published in the June 2012 issue of Harvard Business Review. Spoiler alert: I guarantee you’ll experience at least one a-ha moment while reading the article. One of our team’s a-ha moments related to Kaplan and Mikes’ recommendation for categorizing risks.

At NRMC, we often segment risks into many categories such as existential, strategic, cultural, and an array of other buckets related to specific business functions or departments (e.g., finance, employment practices, legal, etc.). This categorization partly stems from our clients’ desires to group risks in familiar and understandable ways, and in ways that suggest risk ‘owners’ or parties with management and oversight responsibility (i.e., specific departments or functional teams). It also stems from our past experience and the fact that we’ve been doing it this way for some time… and it’s always worked well in the past. But this HBR article helped our team rethink our perspective on risk categorization.

Kaplan and Mikes argue that risk management is often prescribed through a compliance lens, and focuses too much on a “rules-based control model,” when in reality only some risks can be managed this way and others “require alternative approaches.” Preventable risks are those that offer no returns or upside, and “ought to be eliminated or avoided” through policy and compliance efforts. The authors acknowledge, however, that in all organizations there are some errors or downside risks for which “complete avoidance would be too costly.”

With respect to strategy risks, Kaplan and Mikes believe that the focus of risk management should be activities that empower the organization to take on “higher-risk, higher-reward ventures” than is possible in an organization with ineffective or less effective risk practices. During an exercise in which RLCP leaders paired up to design a new risk function for a hypothetical nonprofit, one group’s design was based on the potential for risk management to help a nonprofit grow. The team’s proposed design and approach were a refreshing contrast to the far more typical motivation of reducing the likelihood of accidents and financial losses.

Kaplan and Mikes describe external risks as those that are beyond an organization’s “influence or control.” Recognizing these risks as unpreventable by the organization should help leaders focus their attention where it counts: on activities that will lessen the downside impacts and leverage the upsides. During another RLCP exercise our cohort discussed the fact that there are likely to be silver linings during an organization’s darkest hour. Resilient and effective nonprofit teams engage in thoughtful planning, which helps them mobilize support in the midst and aftermath of an unavoidable event or set of circumstances.

The authors’ guidance mirrors our oft-quoted favorite, The Prediction Trap, by Randy Park (a past Risk Summit keynote speaker), who urges organizational teams to develop the capacity to anticipate (but not attempt to predict) multiple possible outcomes or “alternate futures” in order to develop an adaptive capacity—no matter what the world throws at you.

Kaplan and Mikes support their approach to risk categorization by describing a handful of cognitive biases that cause people to perform poorly when anticipating future events, and even more poorly when productively discussing risks and organizational failures. They explain a related failure that our team has observed many times: the tendency to categorize risks based on functional silos within an organization, causing risk information and risk management responsibility to disperse and to lose potency. The RLCP group agreed that in order to truly develop Enterprise Risk Management capabilities, risk leaders need to view the organization and its risks from a bird’s eye perspective; only this holistic approach will enable risk leaders to understand how various risks intersect and influence the many functions in their organizations.

At NRMC we recognize that a key quality of any effective Risk Champion is the capacity to unlearn what you know and change your mind. No discipline could evolve if we continued to preach and practice the same sentiments year after year. Our perspectives on risk management transform with every moment of dialogue during our RLCP program, and we hope this will inspire you to look upon your own risk management program and your approach to risk classification with fresh eyes as well.

Return to this webpage for more RLCP updates. Contact the NRMC team directly to inquire about future RLCP programs and Risk Champion coaching: 703.777.3504. Or attend our 2017 Risk Summit–the only conference for nonprofit risk management professionals–where our RLCP participants will present breakout workshops to share their insights!

 

Update #2

The inaugural Risk Leadership Certificate Program (RLCP) is complete and the NRMC team plans to continue sharing updates and insights from this intensive risk leadership training program in the weeks ahead.

One topic that our cohort explored during our final weekend together was risk appetite. As a UK-based financial institution defined it in the RIMS Executive Report ‘Exploring Risk Appetite and Risk Tolerance,’ risk appetite is “…the amount and type of risk that [an organization] regards as appropriate for it to accept in order to execute its strategy.”

Setting an organization’s risk appetite is a key goal of many nonprofit boards engaged in risk oversight. Defining risk appetite can provide guidance to nonprofit staff members who need to make decisions and judgment calls each day. If risk appetite is not well defined at an organization, then individual team members must infer it each time they make decisions. Joe in accounting might be averse to risk-taking, whereas Jen in programs might be very willing to risk financial assets in order to explore a new program or service that could potentially benefit the local community. With every staff member taking risks (or not taking risks) based on their own personal perception, you can see how the inconsistency could spell trouble for a nonprofit.

Risk appetite, typically set by a board of directors, conveys an appropriate approach for risk-taking, or an appropriate level of risk-taking—often based on thematic areas of risk (e.g., financial, reputational, safety, etc.). Risk appetite is really focused on how the organization takes risks; this means that a well-crafted risk appetite statement can empower staff to take informed risks that offer opportunities to advance the organization’s mission and goals.

While the RLCP cohort pondered the value of a defined risk appetite, we also considered the barriers that nonprofit leaders might face when determining their organization’s risk appetite. What makes risk appetite so challenging?

  • Every board member has a unique perspective on the type of risks the nonprofit team should take or avoid. Boards need to engage in productive dialogue to discern the gaps between their own perspectives and the appropriate risk appetite for the organization.
  • Risk appetite is defined a bit differently depending on the source you use, and similarly, organizations use varied approaches to determine their risk appetites. There’s no single approach that could be effectively applied at all nonprofits.
  • Nonprofit leaders may worry that by defining risk appetite, they are actually giving permission for staff to take unfounded risks. At NRMC, we believe that knowledge is power and any information about risk appetite could only help staff live out the risk-taking approach set by the board. Of course education is key to enabling staff to understand and implement the risk appetite statement—as is thoughtful reflection after decisions are made (e.g., “What made that an appropriate or inappropriate decision?” “Was that decision aligned with our risk appetite?”)

We tasked the RLCP team with determining the risk appetite for an impressive—if hypothetical—international nonprofit that provides material aid to communities affected by conflict and disasters. Prior to the exercise, the NRMC team identified 12 distinct risks that the RLCP cohort would reflect on. We also gave each RLCP participant a fictional role to play in the organization, expecting that each individual’s vantage point would influence the appetite for taking specific risks.

We asked the RLCP participants to complete these steps:

  • Consider the 12 risks the organization faces. Work quietly on your own to plot each risk on a risk appetite spectrum (below). Do you have a high appetite or low appetite for taking on each risk?

  • Once you plotted your risks on the appetite spectrum, prepare to validate your choices during a dialogue with the whole team.
  • As a team, come to agreement on the appropriate risk appetite for the organization, based on each of the 12 identified risks.
RLCP team members during the risk appetite exercise: (from left to right) Mitch Mouchabeck of YMCA Metro Atlanta, Martin Kraus of Unbound, Barrett Leahy of Great American Insurance Group
RLCP team members during the risk appetite exercise: (from left to right) Miranda Hora of Helen Keller International, Ramona Chapman of Virginia Department of Housing and Community Development, Aaron Acharya of American Jewish World Service, Joseph Budzynski of Volunteers of America

The RLCP team (slash fake executive team of this impressive hypothetical NGO) then compared their individual appetite rankings and engaged in a healthy dialogue to define an appetite for the organization. Only a couple risks were plotted quickly—most risks remained topics of disagreement across the team. In fact, a handful of the 12 risks were plotted near the center of the appetite spectrum—the key reason being that the team could not come to agreement, and the midpoint of the spectrum could satisfy team members who favored either extreme (high or low). If undertaken in reality, this risk appetite exercise would warrant considerable discussion and reflection in order to achieve an appetite that truly reflected the organization’s needs and goals—not just the desire to achieve consensus.

Risks 1-12 plotted on the risk appetite spectrum by the RLCP team. Note the risks in the center of the spectrum: most were plotted there to achieve consensus since it was challenging to reconcile the perspectives of individual team members who ranked their appetites at either extreme (high or low).

To learn firsthand from our RLCP team, attend the 2017 Risk Summit, where most of the RLCP cohort will present breakout sessions and share their insights on managing risk in the nonprofit world.

To join the RLCP community and network with an intimate peer group of nonprofit Risk Champions, apply to join our Fall 2017 RLCP cohort.

Contact Erin Gloeckner, NRMC’s director of consulting services, to inquire about a custom risk appetite training session or webinar for your nonprofit team (Erin@nonprofitrisk.org or 703.777.3504).

 

Update #3

The inaugural Risk Leadership Certificate Program (RLCP) is complete and the NRMC team looks forward to inviting a new cohort of nonprofit risk professionals to join RLCP for our Fall 2017 program. Apply now or read on to share in the learning from our first RLCP cohort.

During our second weekend together, the RLCP family honed in on insurance program management as a core competency for risk management professionals. Though not all Risk Champions wear the insurance hat, many do, and taking up the insurance mantle can be an incredibly daunting task. To manage our insurance portfolios effectively, most of us rely on the partnership and expert advice of trusted insurance industry professionals. Not surprisingly, insurance broker relationships were a hot subtopic in our broader insurance discussion.

Broker in the Hot Seat

The RLCP team had the opportunity to pose thoughtful questions to a broker and neighbor of NRMC here in Leesburg, VA: Derek Symer, Principal and Director of the Nonprofit Practice at AHT Insurance. We put Derek in the hot seat to glean industry insights to some of the most pressing questions nonprofit leaders have about their insurance portfolios and the mysteries of coverage shopping, such as:

  • In your experience, what are a couple of the most common mistakes nonprofit leaders make in managing their P&C coverage portfolios?
  • I’m hoping to make an insurance presentation to my board next month. What are a couple of things about our insurance portfolio that our board probably doesn’t know, but should?
  • I understand that broker commissions vary by coverage, by carrier, and by status with a carrier. Is your compensation higher with our incumbent carrier than the others that you ‘shopped’ our account with?
  • Last year you indicated that you ‘took our program to market,’ but then you recommended that we stay with the same carriers. The chair of my audit committee mentioned that some brokers aren’t vey ethical and instead of submitting applications, simply ask carriers to ‘decline’ to quote. What did you mean by ‘taking our program to market?’

Derek shared helpful advice and encouraged nonprofit leaders to beseech their brokers for transparency. Derek also demystified some common mistakes that Risk Champions make in managing an insurance portfolio:

  • Failing to meet with your insurance carriers
  • Failing to meet off-cycle (e.g., only meeting when policies are up for renewal)
  • Failing to ask about the broker’s claims handling capabilities
  • Failing to ask about the brokerage team’s longevity at their company and with their clients/accounts
  • Failing to ask about the broker’s experience with similar nonprofits
  • Failing to ask for transparent answers to how the broker approaches the marketplace, and how the broker is compensated by various carriers
  • Failing to provide a high-level overview of current coverages to your governing board

Indicators of a Healthy Broker Relationship

After our invigorating chat with Derek, the RLCP team also explored indicators of a healthy broker-nonprofit relationship. We began this conversation by asking, “what services and value should I expect from my insurance broker?” Answers included:

  • Advocacy for our nonprofit: to find us the best coverage, our broker must understand the underwriting and claims functions of carriers in order to evaluate those carriers and their policy forms
  • Tailored recommendations for the structure of our insurance program and for opportunities to enhance our coverage if needed, or to resolve duplicative coverages
  • Sharing of insights gleaned from all accounts served by the brokerage firm, and significant expertise in the nonprofit sector
  • Personal and professional qualities such as integrity, trust, transparency, resourcefulness, and a sense of proactivity and timeliness

Hopefully your insurance broker embodies the qualities and capabilities described above. On the flipside, indicators of a fruitless or waning broker relationship include:

  • Lack of transparency about shopping the organization’s coverages with multiple carriers. Underwriters—who assess a client’s risk and present terms, conditions and pricing for coverage—might know if a broker isn’t serious about getting a quote for coverage. An underwriter might receive a standard cover email missing the ‘highlights.’ This could be a signal from the broker that the underwriter shouldn’t work too hard, as the broker is simply shopping coverage to satisfy the client—not to genuinely compare quotes.
  • Telling a policyholder that no carriers will be interested in the account. It’s your broker’s job to find multiple carriers that will offer policies that suit your risk profile.
  • Making the client rush to do anything, but failing to respond to the client in a timely manner.
  • Not telling a client that its claim is covered or might be covered.
  • Failing to build an active and long-term relationship with carriers or clients.

Putting Broker Services Out to Bid

If your relationship with your broker isn’t as productive as you hoped it would be, then maybe it’s time to conduct a broker bidding or broker selection process. A nonprofit leader’s primary motivation for initiating this process is to ensure that the nonprofit has engaged the best possible insurance advisor—an advisor who can meet the needs of the nonprofit as it stands today, and as it will evolve during the near future.

A common failing in insurance broker bidding processes is when a nonprofit team isn’t serious about considering alternatives to the existing broker. The most effective broker bidding process fairly considers all bidders. If the process is fair and transparent, then the nonprofit team is more likely to find the best possible broker partner as a result of the process.

The NRMC team is often asked to facilitate broker bidding processes for nonprofit organizations, and we can share a few more tips from our experiences:

  • Determine as early as possible who the final decision-maker(s) will be. If you invite a team of staff to sit in on interviews with broker finalists, be sure that it’s clear who will choose the winning bidder.
  • Pre-qualify possible bidders to avoid sending your RFP to a list of potentially disinterested brokerage firms.
  • Insist on minimal boilerplate in responses to your RFP (e.g., convey that bidders will lose points if they include boilerplate language).
  • Check references before you interview brokers. It’s critical to get third party input from references before you enter the interview phase.
  • Make broker interviews fun and interesting; consider sharing a short list of thoughtful discussion topics or questions prior to the interview. Avoid setting the bidders up to read their proposals to you during the interviews.
  • Ask finalists who are participating in interviews to only bring representatives who will work on your account.
  • Prepare a broker scorecard that will help you and your team members fairly compare all broker finalists regarding their proposals and their performance during interviews.

Insurance is a critical component of an effective risk management program, so it’s well worth your while to invest in finding the best possible insurance advisors to help you safeguard your mission and assets.

For more hands-on help, contact the NRMC team at 703.777.3504 or info@nonprofitrisk.org if you need a partner to facilitate a broker bidding process. Or take the self-help route and read our recent release, Covered: An Insurance Handbook for Nonprofits.