Risk Frontiers Italy

18 Nov Risk Frontiers Italy

MAURIZIO CASTELLI SUI TEMI PIÙ ATTUALI DEL RISK MANAGEMENT, SU COMMERCIAL RISK EUROPE

Abbiamo riassunto in 5 punti il pensiero del nostro CEO Maurizio Castelli sulle sfide professionali che di fronte ai Risk Manager, così come raccolte nei seguenti articoli, insieme alle dichiarazioni rilasciate da altre figure di punta del Risk Management italiano, pubblicati su Commercial Risk Europe, che ringraziamo nuovamente per l’attenzione e la collaborazione:

1. Controlli e approccio commerciale: Castelli avverte contro l’allentamento dei controlli per fini commerciali, considerandolo una “trappola”. Sostiene invece l’importanza di mantenere il giusto livello e combinazione di controlli.
2. Ruolo del risk manager: secondo Castelli, il compito principale del risk manager non è adottare un approccio commerciale, ma garantire il massimo livello di controllo al minor costo possibile del rischio complessivo.
3. Creazione di valore: i Risk Manager creano valore aiutando le aziende a navigare attraverso complessità e crisi, non allentando i controlli, ma ottimizzandoli con un approccio multidisciplinare.
4. Gestione del sovraccarico: Castelli riconosce la realtà del sovraccarico nel Risk Management, ma crede che possa essere gestito attraverso tecnologia, gestione dei dati e migliore integrazione con altri dipartimenti.
5. Futuro della professione: Castelli vede il risk management come una carriera promettente per i giovani talenti, con alta sicurezza del lavoro e opportunità di diversificazione in vari settori.

As we near the end of this year’s Risk Frontiers Europe research, Ben Norris visited Italy to get the views of its leading risk and insurance managers on a range of hot topics – from how to manage the polycrisis to the state of the insurance market and whether they’d recommend their job to young professionals.

Controls vital so beware commercial trap 

Relaxing controls requires deep knowledge and comes with risks

There is obviously a push and pull between commercial activities and risk management at major corporations that has been going on since the emergence of capitalism. The winners over the years have been those that struck the right balance between being agile and with being safe enough to withstand the myriad shocks. The question for many organisations today, as it has always been really, is are they striking the right balance?

So as part of this year’s Risk Frontiers Europe survey, we have asked risk managers whether they think their profession needs to think more commercially and should consider relaxing some controls to create more value for their businesses.

Participants from Italy were clear that risk managers should only be prepared to relax controls in a bid to create more value if they have fully understood the threats and are confident that such moves are not going to put their organisations at undue risk.

“In my opinion, you can reduce control where the effects of risks are very well known, managed and are below or aligned with the risk profile, but to arrive at this point, your risk management process, structure and principle should be very well developed and the risk-based approach should be part of the company’s DNA,” said risk consultant and Anra vice-president Gianluigi Lucietto.

Marco Terzago, head of risk control for SKF Group, said that in today’s world, risk managers are forced to adopt a commercial mindset and should be prepared to selectively relax controls if and where appropriate.

“In this way, they can help their organisations seize opportunities and create more value while still maintaining a robust risk management framework,” he said.

“But this approach requires careful consideration, ongoing evaluation and a willingness to adapt to changing business landscapes,” stressed Terzago.

Carlo Cosimi, past Anra president and group risk and insurance management vice-president at MAIRE SpA, was a bit more circumspect than his colleagues. “It is not a question of thinking in a more commercial way, it is a matter of maintaining the internal control system of a company where risk management represents the second line of defence,” he said.

But Cosimi intimated risk managers shouldn’t go too far on controls and must always apply common sense while properly understanding the data that emerges from risk analysis. “The risk manager must act as a risk advisor to the CEO,” he said.

And Maurizio Castelli, CEO of consultancy Augustas Risk Services and president of Anra’s scientific-technical committee, goes even further. Risk managers shouldn’t relax controls in a bid to be more commercial, he said. “This seems to me to be a trap,” added Castelli.

“Taking a commercial approach is not, and should not become, the role of a risk manager. The point is not, in my opinion, about relaxing controls but rather having in place the right level and right combination of controls. Risk managers should never forget their basic mission of securing the highest possible level of control at the lowest possible level of overall cost of risk,” he said.

Castelli said sometimes risk managers forget the second part of the equation and only focus on the control side, which can be seen as lacking a practical approach.

“However, in the end, risk managers create value for their business by allowing their companies to navigate successfully through complexity, change and polycrisis; this cannot be done by relaxing controls, but maybe with a multi-disciplinary approach aiming at optimising controls,” he continued.

Annamaria Oliva, Anra vice-president and chief risk officer at Leonardo International, said it is essential that risk managers have a complete knowledge of their organisation’s core business to create real added value and fully deliver operational, compliance and commercial support to top management and the board.

“Only full awareness on the part of risk managers of the core businesses allows them to design and implement specific controls steps for enterprise and project risk management,” she said.

Risk management quality key in polycrisis 

Threat of overload also offers opportunity

The threat of risk management overload in the polycrisis is real but greatly depends on the quality of the risk team and how it works to ensure there is a focus on strategic objectives, facilitating organisational cooperation and making use of growing tech options to maintain vigilance, say Italians taking part in our Risk Frontiers Europe project.

They also stress that the polycrisis is an opportunity for risk managers to shine.

“The risk of overload for risk management departments of complex organisations without a doubt exists, and has grown exponentially in recent years,” said Annamaria Oliva, Anra vice-president and chief risk officer at Leonardo International.

She said this rising threat has been created by geopolitical changes, discontent with governance models, international crises, globalisation and reshoring, technological developments, cyber and advanced protectionism, as well as, of course, sustainability and the energy transition.

Oliva believes these risks have been aggravated by the development of complex public and private organisations that tend to focus on their short-term vision at the expense of medium and long-term guiderails.

“The overload of risk management functions is for sure a fact, considering the polycrisis environment and the increasing interdependency of risks,” agreed Maurizio Castelli, CEO of consultant Augustas Risk Services and president of Anra’s scientific-technical committee.

Past Ferma president Castelli believes the threat of overload can be managed through a combination of technology and data management, better integration with other “risk-related” departments and outsourcing to specialised consultants.

Carlo Cosimi, past Anra president and group risk and insurance management vice-president at MAIRE SpA, said managing risks in a polycrisis exposes companies to the threat of overload and process inefficiency.

“The added value of risk management, or its weakness, can be seen precisely in situations of complexity and criticality when the objectives of the strategic plan are most threatened. A robust risk management system is also able to support the strategic governance decisions of the CEO towards new business opportunities,” he added.

“This means having a dedicated team to support risk owners in the company to apply risk management process correctly or better support them to have a risk-based approach in all they do – to keep an eye firmly on the risks,” he said.

“Risk management is a dynamic activity… if after a good risk assessment and treatment, things are continuously monitored, the overload will be managed efficiently,” added Lucietto.

But to get to this point, everyone in the company should be educated about risk management and business managers must cooperate fully.

“This means that all managers, from the top to the bottom, must cooperate between themselves… If all of them work together they can do less and reach more,” Lucietto added. “The risk manager must act as a facilitator to ensure cooperation is taking place and decisions can be made.”

Marco Terzago, head of risk control for SKF Group, said risk management overload occurs when risk managers face an excessive number of risks, too much data and complex processes, which all make it extremely difficult to manage risk effectively.

He encouraged risk professionals to overcome this threat by aligning their efforts with an organisation’s key strategic objectives and sticking to a series of key roles. “Risk managers must focus on delegation, empowerment, effective communication and collaboration, enhanced data management and better use of the technology,” said Terzago.

He believes a comprehensive risk management information system is key to streamlining the risk management process, along with leveraging AI and machine learning to predict risks and provide data-driven insights.

Oliva said that avoiding risk management overload requires a bottom-up and top-down approach. “Only the continuous increase in the strategic, organisational and operational compactness of complex organisations can create a common front against the risk of risk management overload,” she concluded.

And Castelli was keen to point out that the increased pressure and focus on risk departments also represents an opportunity for the profession.

“There is increased visibility at all levels in the companies and increased consensus in respect of the value that risk management brings to the table. Therefore, overload is in my opinion more an opportunity than a threat,” he said.

“The upside is really significant, since now, more than ever, a holistic and dynamic approach to risk will be a key factor for the survival and the success of any company. So risk management departments are also likely to be allocated more resources in recognition of their critical role for the long-term success of the company,” added Castelli.

Big global issues dominate Italian risk landscape

 Climate change, geopolitical tensions, cyber, AI, and the battle for talent are the big risks currently facing Italian organisations, say Anra board members.

“The risk landscape is, to put it mildly, complicated. Anyone awake the last few years will have noticed we seem to be living through a never-ending spate of crises. Since the start of this decade, we have already lurched from a global pandemic to big state conflicts, followed by inflation and ensuing economic slowdown. All of these have had knock-on effects for, or been exacerbated by, other big risks, such as supply chain problems, cyber and the energy transition. And perhaps the biggest risk of all, climate change, is clearly going to complicate a whole host of other risks.

So just what are the biggest risks in the eyes of Italian risk managers, and do they differ from their peers across Europe?

It is perhaps not a surprise given the global nature of many of the risks today that the Italians paint a similar picture to those elsewhere.

Marco Terzago, head of risk control for SKF Group, pointed out that extreme weather was the top risk in this year’s Global Risk Report by the WEF, which surveys risk experts around the world. Next came AI-generated misinformation and disinformation, and then societal and/or political polarisation.

And Terzago thinks climate change is the number one risk for most firms.

“Most corporations would indicate extreme weather events as the top risk, generating natural catastrophes and business interruption – such as supply chain disruptions for critical goods and resources,” he said.

But he added that cyberattacks and the economic downturn would rate more highly than extreme weather for some corporations.

“The first big risk is geopolitical instability and associated risks of economic instability and severe supply chain disruptions. Second, I would say the extreme weather events associated with climate change and the possible associated risks of severe droughts and increased mass migrations. Third, I would mention the cyber area,” said Maurizio Castelli, CEO of consultant Augustas Risk Services and president of Anra’s scientific-technical committee.

He also flagged lack of talent and qualified resources as a big risk. “This is a reality most companies are facing in most industries and it needs to be addressed,” he said.

Annamaria Oliva, Anra vice-president and chief risk officer at Leonardo International, flagged three big risks facing industrial companies based on her risk management analysis.

The first is geopolitical instability, which is jeopardising globalisation and creating reshoring uncertainty. The second is cybersecurity and big developments in technology. The third is attracting talent.

Carlo Cosimi, past Anra president and group risk and insurance management vice-president at MAIRE SpA, covers similar ground to his fellow Anra board members with his risk list.

“International geopolitical tensions, the direct and indirect impacts – both social and economic – induced by climate change, as well as the risks associated with the implementation of generative AI are at the centre of risk managers’ impact analyses,” he said.

Meanwhile, Gianluigi Lucietto, vice-president at Anra and a risk management consultant, believes business interruption and cyber are the big risks facing his clients currently. He feels that a lack of talent is set to emerge as a third big risk in the near future.

Italians in love with risk profession

Another country and another set of risk managers that seem to thoroughly enjoy what they do and would encourage young people to enter the profession. This attitude has shone through during this year’s Risk Frontiers Europe research. It seems that risk and insurance managers have chosen their career path well or, in many cases, luckily stumbled into the correct role.

“I think risk management is the best job. I love it, and where possible I would encourage enthusiastic young talent to work in this field,” exclaimed Gianluigi Lucietto, vice-president at Anra and a risk management consultant.

He thanked his mother for inadvertently pushing him into risk management from a young age. “She always asked me before I did anything if I understood the risks, which exposed me to risk management, seeing whether I could manage the effects,” he explained.

Maurizio Castelli, CEO of consultancy Augustas Risk Services and president of Anra’s scientific-technical committee, also fell into risk management by accident, 35 years ago, and quickly fell in love with the profession.

“I’m still in love with it 35 years later,” he said. “It is one of the most multi-disciplinary and multitask jobs that I can think of and allows you to really see a company 360 degrees.”

And Castelli thinks it is an even better job now than when he started out. “Much more than 35 years ago, it is a fantastic career for young talents because risk management is more and more recognised as a key function within companies and still the number of good practitioners is below the demand, so job security is very high. On top of that, you can also move to side careers in consultancy, in insurance in ESG and so on,” added the former Ferma president.

Carlo Cosimi, past Anra president and group risk and insurance management vice-president at MAIRE SpA, said he found himself on a career path related to risk management over 30 years ago. Since then, he said, he has witnessed the role evolve and climb the organisational hierarchy, as external risks became increasingly complex and challenging.

“Risk management is a great career opportunity in the future, rich in skills and transversal, increasingly critical in companies and able to attract more and more young talents,” he said.

Annamaria Oliva, Anra vice-president and chief risk officer at Leonardo International, joined the risk management profession after holding operational and managerial roles for many years in various companies.

She firmly believes that to operate as “credible interlocutors” in complex organisations, risk managers must have proven experience in the sectors for which they work.

“With these paths, it becomes truly possible to design holistic risk management processes to best reduce organisations’ risk exposures. Otherwise, risk management risks being reduced to a purely academic and theoretical profession,” Oliva said.

“Risk management is the best job. I love it, and where possible I would encourage enthusiastic young talent to work in this field,” Gianluigi Lucietto, vice-president at Anra.

While most risk managers in the past tended to enter the profession by chance, today there are many university and master’s courses for young talent. Therefore, becoming a risk manager is no longer something that happens by chance but becomes a conscious career choice from the beginning of one’s professional life, said Cosimi.

“I strongly believe that it is, and will be, an excellent professional opportunity in the future,” he added.

Marco Terzago, head of risk control for SKF Group, said a career in risk management offers young professionals “a unique combination of skill development, dynamic environments, high demand and significant impact”.

“These factors make it an appealing and rewarding career choice,” he said.

 

Insurance market slowly improving but concerns over nat cat and ESG

Italian insurance buyers say they now enjoy slightly better market conditions, with room to negotiate in some areas. But they don’t feel they are out of the hard market woods just yet, and there remain real concerns over nat cat cover and support for ESG initiatives.

“After the hard market of recent years, the market has rebalanced in terms of available insurance capacity and coverage rates. On traditional insurance products, the quality-price ratio is reasonable and you have room for negotiation, especially if your claims statistics are good,” said Carlo Cosimi, group risk and insurance management vice-president at MAIRE SpA.

He added that increasingly widespread use of captives for self-insuring the first frequency layer of risk is giving buyers growing clout when negotiating terms and conditions.

Pressure remains

According to Marco Terzago, head of risk control for SKF Group, some segments are experiencing moderation but he stressed that the commercial market remains under pressure from economic, environmental and social factors.

He believes businesses should prepare for ongoing adjustments in their insurance costs and consider proactive risk management strategies to mitigate these impacts.

“Commercial property insurance is expected to see continued rate increases, albeit at a potentially slower pace, while general liability insurance premiums are projected to rise up to 10%, influenced by social inflation and increased litigation costs,” he said.

Maurizio Castelli, CEO of Augustas Risk Services and president of Anra’s scientific-technical committee, said there are signs that the market may see some softening in 2025. But he thinks this softening will probably be “slow”, with differences between carriers and industry segments.

Castelli said the question over whether insurers are offering value for money is tricky. “On one side, the hardening of the market was due and necessary to bring rates back to meaningful levels. On the other, insurers have missed the opportunity of a lifetime to be much more selective in their underwriting, depending on the level and quality of risk management at the insured,” he said.

As an example, he explained that Italian waste management companies couldn’t get cover at a decent price at all in the hard market, despite the fact that some had excellent risk engineering and risk management programmes with a great loss ratio. These firms deserved to get good terms and conditions but instead were treated in exactly the same way as other waste companies that had no risk management in place, continued Castelli. This has clearly impacted the value of insurance for companies on the receiving end of such treatment.

Both Terzago and Cosimi say nat cat remains the big problem area for insureds.

“Overall, the commercial property insurance sector, especially for nat-cat exposed properties, is under significant financial strain due to increasing natural disasters, rising costs and reinsurance challenges. This convergence of factors makes it the most worrying area in terms of financial capacity and pricing,” said Terzago.

Insurance coverages related to climatic and natural events will be increasingly stressed, with the probable introduction of sub-limits of exclusions. As with the Gulf of Mexico, there may be exclusions in other linked geographies for certain periods that could be bought back at very high coverage rates,” added Cosimi.

Castelli points to cyber and contingent business interruption (CBI) as the problem areas. “CBI exposures are huge and the available capacity is very limited and also the wordings available are mostly unsatisfactory,” he said.

Gianluigi Lucietto, vice-president at Anra and a risk management consultant, said cyber and product liability are the two areas of the market that concern his clients most.

Lack of ESG credit

And then there are concerns over a lack of credit from underwriters for work carried out to mitigate risks and tackle ESG issues, as well as complaints that cover to support new transition risks aren’t forthcoming.

“Currently, I see very few products or capacity with prices that are rewarding the achievement of ESG targets among companies,” said Terzago.

“What is evident… is the delay of the companies towards sustainable business models. As an example, there is talk of a push towards circular economy solutions for recovering and upcycling waste. Many firms research and invest in this area, banks finance them with dedicated lines but the [insurance] industry is reluctant to make specific products available. I believe there is a lack of vision, courage, innovation and true sensitivity of insurers towards sustainability targets,” he added.

“Many of my clients are receiving questionnaires on ESG, but now they do not see any real value from this information,” agreed Lucietto. He hopes this will soon change.

Castelli said there is much talk about insurers moving towards rewarding clients if they have a proper ESG framework in place, similar to banks, but so far he doesn’t see much action. He would like to see changes now but assumes it will only be a matter of time before things improve.

Terzago also thinks insurers need to change their approach and start rewarding ESG efforts.

“Things should evolve into a situation whereby after systematically documenting, quantifying and communicating your company’s ESG initiatives, and staying aligned with industry trends, you should be able to position yourself to receive credits and other benefits from the insurance market for your ESG efforts,” he said.

Beware the dark side of AI

Italian risk managers have been encouraged to think more about the risky, dark side of AI alongside the current focus on opportunities.

Italian participants in this year’s Risk Frontiers Europe survey all agree that AI offers huge possibilities for humankind and the business world.

“Artificial Intelligence undoubtedly represents one of the greatest development opportunities for humanity in this century and probably in the entire history of man,” effused Annamaria Oliva, Anra vice-president and chief risk officer at Leonardo International. But like every opportunity, AI hides some strategic and operational risks that must be continuously evaluated.

However, there is a feeling among some Anra board members that companies are focusing more on the opportunities than the risks. This could bring dangers. Anyone who has watched The Terminator films will understand this point of view.

“I believe the risks associated with AI are not well known today. We are focusing on the opportunity AI can give us without thinking of risks. All around, people are showing the good side of AI but no one is able to present the dark side… We need to lead AI, not let AI lead us,” said Gianluigi Lucietto, vice-president at Anra and a risk management consultant.

Others stressed the importance of risk management working hand in hand with exploiting AI opportunities.

“AI presents both opportunities and threats. While it offers significant potential for enhancing operational efficiency, product innovation and customer experience, it also introduces risks related to cybersecurity, technological dependence and increased competition. We must strategically manage these risks to fully capitalise on the benefits of AI while mitigating potential downsides,” said Marco Terzago, head of risk control for SKF Group.

Carlo Cosimi, past Anra president and group risk and insurance management vice-president at MAIRE SpA, said AI is already changing the internal processes of all business functions and all companies.

“The weight of such advanced information systems will always determine a greater dependence of companies on digital management and control systems, and this will be reflected in an increasingly critical exposure to risk. But in addition to the risks, AI can help develop new opportunities and competitive value for firms that will be able to make the best use of it,” he added.

Oliva believes AI has huge upside for both corporates and risk management. “There is, however, a blind side to keep in mind,” she continued.

“Rapid and incessant technological development demands companies make significant investments in both specific equipment and cybersecurity to be fully competitive. But not all companies will have the opportunity to proceed in this direction,” she said.