Risk Management News & Reports

Below is a collection of important news and reports vital to protecting your company from risk.
Please check back frequently to stay abreast of all the current industry news..

Consistently saving money by managing the insurance process

Premium Audits don’t sound exciting; but consistently saving by managing the process — $30,000 here, 50,000 there – is exciting.

A workers compensation audit is a mysterious process: the auditor comes in, settles down in a conference room with a lap top, and you offer her W2’s and coffee.  She leaves with piles of data, and a few weeks later you get a bill (maybe a credit occasionally).  You probably don’t have time to figure out if all the numbers are correct, or what they should be.

Two examples show how managing the process saves money:

A client’s payroll for the year was higher than projected, and we suggested that the client budget about $5,000 additional for the audit.  The bill came in for $38,000.  The client had been tipped off by us and knew that was wrong.  We got to work.

We reviewed the auditor’s notes, and the client’s books, and found the mistake.  It was time consuming work.  By digging back into source documents we were able to find $2,000,000 in payroll which should have been counted as $52,000.  We were able to prepare a case to present to the insurance company, and they corrected the audit.  Our efforts resulted in a $30,000 reduction in the audit premium.

The problem was obvious; but we had the tools to fix it.  Our ongoing relationship with this client had set the stage for managing the audit.


A second client had a complicated audit.  Much of their work is done by independent contractor drivers.  The workers compensation manual states that such drivers need only count in the premium at 1/3 of the compensation paid to them.

The auditor disagreed.  We sent her the excerpt from the manual illustrating this rule.  She continued to disagree, stating that the rule provided “did not apply in this case”, and presented weak reasons why.

We had to appeal within the insurance company, but did succeed in finding the person who would respect the manual – the audit resulted in $22,000 less premium than if this rule had not been applied.

Managing your insurance is much like managing anything else.  Knowing what to expect, working to get to that expectation, monitoring to see if the expectation is met, and responding quickly and effectively when it is not.  This function requires expertise and attention; LicataRisk can offer both.

Risk Intelligence Blog

Shining a bright light on insurance policy terms and conditions you never knew were in your policy, and would only find out about after a claim, and various other insurance traps.   Insurance coverage certainty needs to be nailed down BEFORE a loss!




Your Financial Statements Are Hiding Risk.

Companies that manage risk are safer and more secure, and their financial statements can be relied on.  Companies that don’t manage risk are vulnerable and their financials are misleading.


You, as CEO, owe it to yourself to know if your financials are misleading.  Your lenders will also be very interested, as well.


You’re showing assets on your balance sheet and the silent promise is that those assets will continue to be there even following a disaster.  Also liabilities are shown and, subject to uncontrollable events, those liabilities should not dramatically, suddenly increase, or at least that is the wish of those reviewing your financial statements, and it is your wish as CEO as well.  There is no assurance achieved by the audit process that either of these conditions are the case.  In fact, companies that do not manage risk may look more profitable in the very short run, because they have reduced short run expenses by ignoring risk management.


Here’s a way to conceptually quantify what we’re talking about:




A firm needs capital to finance its daily operations – to cover payroll, rent, materials and all the other corporate activities.  Call this Operational Capital.  This is measured by traditional financial statements.


A firm also needs capital to finance risk — to pay for things that unexpectedly go wrong like fire, flood and lawsuits.  This is called Risk Capital, and is not measured by traditional financial statements.


There are three sources of risk capital:


1.  Cash that the firm has on hand.  To be sufficient, it would have to be an awfully significant amount, and it would probably not survive because of competing demands for its use.


2. Off-balance sheet capital such as a credit line which would be tapped in the event of a loss which had to be financed.  The loan would have to be paid back, however.


3. Insurance.  With insurance the financial consequences of loss are transferred to an insurer in return for the premium.


Additionally, risk management is broader than just insurance.  Losses can be prevented by safety or quality control efforts, and risk can be transferred to customers, business partners, subcontractors, etc. via contract.  This reduces the need for risk capital.


The risks to which the firm are subject are potentially catastrophic.  The entire facility could be destroyed, or the company could owe $50 million to a plaintiff at the whim of a jury.  How is management of these risks reflected in financial statements?  Not at all!


Financial statements do not consider the need for risk capital.  A cursory look at an insurance schedule comprises the due diligence.  Whether limits are adequate in relation to actual exposure and whether terms and conditions (the actual policy language — all 1000’s of pages) are adequate is a crap shoot.   The other elements of a risk management program — the loss control and contractual transfer — would not be factored in at all either.  Bottom line: risk is not even considered on a qualitative basis – not to mention quantitative.


When the convention of risk capital is not used to make comparisons between firms, they all look alike — the financials do not reflect the difference.  As the saying goes: “All boats float alike when the weather is calm.”  Risk always uses capital.  If it is not funded it creates a deficit.  Only after a disaster does the deficit finally surface – a metaphoric contrast to the company itself which is under water.




Consider two companies that generate a 15% return on equity.  One manages risk completely, while the other is subject to the mercy of the gods.  Until something happens they appear to be equal according to the financial statements.  Mysteriously, there is an abundance of notes to the financials, but nothing substantive on risk management or the lack thereof.


The true measure is return on “economic capital” the total of operational capital plus risk capital.


Firm activities will generate risk and a certain amount of capital is required to handle that risk.  To the extent risk is prevented or transferred to other parties, less risk capital is required.  If risk is financed via insurance, that is utilizing off-balance sheet capital and that reduces the need for on-balance sheet capital. (The premium is reflected as an expense on the income statement).


If both firms generate $.15 for every dollar of capital that is measured by the financials, then the return on equity is 15% (.15/1.00) for each.  If Company A manages risk completely via loss control and insurance, then risk capital required is zero.  The risk adjusted rate of return for Company A is truly 15%.  Company B, though, doesn’t even attempt to manage risk.  By default loss will have to be paid out of cash or loans.  Assume risk capital of $.75 is required for every dollar of operational capital.  The risk adjusted rate of return for Company B, then, is .15/(1+.75) = 8.5%.


So traditional financial statements show the two companies to have the same ROE.  The risk adjusted financials, though, show the big difference between the two.


The SEC sporadically validates this concept by reacting to crises and advising public companies that they need to disclose how they are managing certain risks – terrorism and cyber risk being two recent examples.  The SEC might not realize that just noticing and reacting to the risk of the event that just happened is not actual risk management.  Two principles of risk management are that a) historic losses need a very long experience period to be valid predictors, the more severe and remote the loss, the longer it needs to be; and b) recency bias (the tendency to focus on what just happened) is a psychological phenomenon you should not be fooled by.  But, again, we thank the SEC for illustrating financials are not complete without incorporating the risk component.


We are not necessarily advocating for a change in the way financial statements are produced – that is for the CPA world to decide.  We are saying that the financials do not stand alone, and if your CFO is not reporting on risk management, you’re not getting the whole story.


Managing profits can’t be separated from managing “losses” – ( not losses in the accounting sense).  Ignoring risk is to make profits and net worth dependent on luck.  We know we can’t really rely on quarterly profits because numbers can be manipulated in such a short time frame.  Even years of continuous profit and growth can be unreliable if risk is not managed.  A truly robust firm is one that manages risk while at the same time producing the consistent financial numbers the CFO is so proud about.


CEO, don’t be lulled into complacency by misleading financials

[return to top]

Risk Management News & Reports Archives

[return to top]