Before Risk Becomes Reality, Check Your Risk Management Plan And How It Is Being Implemented

Wednesday, May 16, 2012 - 12:31

The Editor interviews Meghan Magruder, Senior Partner in King & Spalding’s Atlanta Office.

Editor: Please tell us about your professional background.

Magruder: I am a senior partner at King & Spalding in the business litigation group. I joined the firm in 2004.  Prior to that, I chaired the insurance coverage practice at Wilmer Hale in Washington D.C.  

For over 28 years, I’ve been handling business disputes, claims and litigation for clients. My insurance work is for policyholders, not for insurance companies. I help companies develop overall risk management strategies and counsel them on risk management issues. I assist clients with procuring appropriate insurance and assist with claims, litigation and arbitration, including international arbitration with European insurers on behalf of our clients.

We have had several cases where insurance companies denied valid claims, and we were able to reverse the denial and get insurance coverage for our clients. I get great personal satisfaction from working with policyholders to assure they are fairly treated.  

Editor: Describe the key components of an effective corporate risk management program. What are the latest trends?

Magruder: There are two primary elements of an effective risk management program. The first is senior management support and the second is communication at all levels of the organization.

Senior management support brings home to employees the importance of managing risk and the financial cost of improper risk management. Such support encourages everyone in an organization to assess risk and seek to mitigate it.

Effective communication of such support is essential.  It doesn’t have to be formal, but it must be done in a way that stimulates all essential functions within a company to identify risks and place them in such buckets as operational, financial, strategic and hazard risk. Regular discussions between risk management and operations are critical.

Other important elements of an effective program are the need to be sure that you’re evaluating all the costs associated with risk and determining whether it’s an insurable or non-insurable risk. If a risk is not insurable, you need other strategies to manage that risk.

Enterprise Risk Management, known as ERM, started because you needed effective internal communication about identifying threats to business, evaluating the level of priority of those risks and determining how to manage them. Insurance is one component of an effective risk management program. Risk assessment must include a cost/benefit analysis, and other controls can be established in a company for low-probability risks.

Another trend we see is bringing risk management more into the board room and making it a part of long-term economic planning.

Critical to such planning is where to locate key facilities. One aspect is assessing the likelihood of natural disasters in particular areas. The Fukushima incident in Japan interrupted supply chains for many U.S. companies. The Gulf Coast and other areas of our country have been hard hit in the last decade by hurricanes and tornadoes. The realization that exposure to very serious damage, property losses and business interruption is tied to location has focused U.S. companies on their locations and those of their direct and indirect suppliers. 

Considering how to keep your business up and running during a disaster is a key planning imperative. The most successful risk management plans we see identify and prioritize risks and then are very realistic about what they can really accomplish. They don’t try to tackle them all at once, but set up a plan for what they might realistically accomplish over time.

Editor: Would such a risk management plan be presented to the board of directors?

Magruder: Although the plan itself might not be distributed at a board meeting, the high-level conclusions from that plan are frequently discussed at board meetings. To an ever-increasing extent, the officers and directors of our clients want to be informed about how their companies are managing risk. A driver behind this is the proliferation of litigation against companies and their directors and officers growing out of recent major natural disasters. Shareholders are questioning why risks were not identified and how controls to prevent and manage risks failed.

Editor: Who should be included in a company’s team of internal and external advisors to establish and monitor risk management plans and related insurance matters?

Magruder: As to internal advisors, our clients are using their chief financial officers or their risk management departments or both. HR, legal and finance are also involved. External advisors include insurance brokers who have broad skill sets and can offer services on the claims side as well. It is best to hire a dedicated specialist for each risk or product line. Obviously outside counsel can be very helpful in reviewing contract language and assisting in developing manuscripted language that companies need and that’s customized to their risks. Coverage counsel are also very important in the handling of claims and claim advocacy.

Editor: What about reputational risk?

Magruder: Reputational risk is of great importance. Companies like Apple with great reputations have seen economic success. Financial institutions, on the other hand, have struggled because of public concerns, and the reputation of the companies is linked in the media to poorer financial performance.

Social media offer companies huge opportunities to build brand loyalty, talk to customers and manage reputational risks. However, when they are used improperly by employees, they can seriously undermine a company’s brand and reputation as well as create IT security risks.

As to social media, we counsel our clients to get out in front of the problems it might create. We advise them to develop policies with respect to its use, do training on those policies, document those policies and plan in advance for how to deal with any potential negative publicity. Retaining a PR firm that’s experienced in social media crisis management can be helpful.

As to social media exposure, there are still very few reported cases in this area.  But there are now some new cyber liability insurance products that are starting to come on the market.

Editor: How important is insurance in managing risk under various scenarios?

Magruder: Insurance is an important component in risk management. Existing insurance, including insurance provided to a company by its customers or suppliers, should be reviewed to assess its coverage of the risks your company may face. Proper assessment of insurance includes getting customized language to address specific company risks. Many brokers now have databases that enable them to provide advice with respect to all of the types of insurance policies available and the best language and endorsements to include in your policies. If clients don’t ask for that kind of information, they can end up with off-the-shelf policies that aren’t as favorable.

Outside counsel can frequently help you get better endorsements and manuscripted language. They can also advise with respect to the handling of claims by particular insurers. We do what we call stress testing, which involves going through your policies with your internal and external teams to review how they work under different hypotheticals and claim scenarios.

Editor: I would think that working with a variety of different clients and actively litigating claims provides you with valuable insights.  

Magruder: That’s right. The brokers that I have worked with want coverage counsel involved because we understand the litigation environment and the effect of regulatory changes.

Editor: How can companies mitigate risk when a breakdown occurs in their supply chain by reason of a natural catastrophe?

Magruder: Breakdowns in supply chains occur when a link in that chain is unable to continue in operation. This is a risk that can be reduced by obtaining contingent business interruption coverage. Companies need to look at their own business locations as well as those of their direct or indirect suppliers to be sure they’re not overly vulnerable, and if they are, to take steps to reduce the risk. After recent natural disasters caused serious business interruption losses for many companies, executives understood that proper planning could generate advantages over competitors who had not prepared for these risks.

Editor: Is coverage also available for exposure to crime or political risks?   

Magruder: Yes. There are some types of insurance products that cover certain special risks. There are even policies that can help companies cover ransom in the event of the kidnapping of executives. There is also a product that’s gaining traction called political risk insurance. It’s a relatively new  product that attempts to address some of the risks of political instability in countries where global companies operate.

Editor: You have had recent successes in an international arbitration in London as well as in a federal case.

Magruder: Yes, we got a terrific result for a client in an international arbitration that concluded at the end of last year and just got the award, which included attorneys’ fees for our client. In international arbitrations, the awards are confidential, so I cannot go into detail about the issues in the case.

The federal case involved a month-long trial. Our client sought reimbursement from the insurer for water damage to its entire inventory and for losses attributable to business interruption. It was unable to resume operation over a period of several months because the insurer delayed reimbursing it for the damaged inventory. This resulted in a substantial business interruption claim. Many executives don’t understand that their business income loss can be even greater than their property loss.

The insurance company denied the claim and defended the case by suggesting to the jury that there was some fraud in the claim. It also contended that it was really the recession that had caused the business loss and not the fact that it hadn’t paid the company to replace its inventory. The jury unanimously rejected that argument and, finding bad faith on the part of the insurer, awarded our client all its property loss and lost business income. This was the second-highest verdict in the state reported last year in the contract category.

We were very pleased with that result. We believed in our case and our client. It was a wonderful verdict for our client.

Please email the interviewee at mmagruder@kslaw.com with questions about the interview.