Fostering resilience and advocating for risk managers in the C-suite are key themes of Jennifer Santiago’s yearlong presidency of the Risk & Insurance Management Society Inc. Santiago, director of risk management and safety at Wakefern Food Corp., a retailer-owned cooperative based in Keasbey, New Jersey, discussed RIMS support for the development of a federal cyber insurance backstop and how risk managers can navigate challenging market conditions with Business insurance Associate Editor Claire Wilkinson. Edited excerpts follow.
Q: How did you get your start in the industry?
A: There weren’t many risk management programs when I got out of school. I had an internship as a medical liability attorney for a medical malpractice organization and that really allowed me to get my first big job, which was at NYU Medical Center in New York. I came in at entry level and within two years I was promoted to Director, leading a team, reporting to the CFO and engaging with the captive insurance company. I was lucky enough to get that start and it led me down the path of risk management. I went to my first RIMS conference in 1999, and Colin Powell was the keynote speaker. And I remember thinking, wow, this is a pretty incredible organization. There were thousands of risk managers all waiting outside the auditorium to get in, and that really attracted me. It is the community that has always kept me engaged.
Q: You have worked in brokerage and risk management roles in various industries. How has it affected you?
A: I love the pivot and the challenge and change of learning a new business model, learning about the key critical risks of the business and then developing solutions. It really is the risk manager’s toolbox that goes with you. That’s what’s been exciting for me, constantly being out of my comfort zone and always challenging and pushing. I did the brokerage job for a little while and then decided that risk management was really my sweet spot. I spent significant time in risk management and insurance, enterprise risk, ethics and compliance, and risk assessment at Novartis Pharmaceutical Corp., Ingersoll Rand, Arthur J. Gallagher & Co., and was chief risk officer at Penn State University shortly before my current role. So I really diversified from an industry standpoint and that has kept it interesting.
Q: What are your goals for RIMS for the coming year?
A: RIMS has a long history of success and incredible leaders and risk management professionals who have been engaged in the community for decades. We have made it through the pandemic and the key word for me is resilience. The important thing about resilience is coming out the other side stronger and better and ready for the next challenge. My focus is on bringing our community back together – because COVID changed the way people interact – and to reconnect and strengthen the community we have. The pandemic really shined a light on risk management professionals. Everyone works in their silo and the risk professionals know what’s going on in the organization, so it made sense that they would be right at the table when the pandemic hit. There is momentum there, and we need to capture it and push forward. We also need to advocate for the risk professional to make sure we get into the C-suite in chief risk officer roles, sit on boards and provide expertise. The other thread is DEI, which creates more diverse, equitable, inclusive environments for people to succeed.
Q: RIMS advocates a federal cyber backstop. Why do risk managers want government support for cyber coverage?
A: RIMS issued a comment letter to the Federal Insurance Office last November. The dialogue is about creating a federal backstop to deal with large-scale cyber incidents. As risk managers, we know when we place cyber coverage that we see erosion of coverage, capacity and costs. It creates a very challenging environment for the professional risk management staff. There is a fear that coverage will evaporate, so there will be fewer markets willing to write cyber and more exclusions – sort of a Swiss cheese policy. I think that’s a real, legitimate fear. There are concerns about systemic cyber risk and a hit to the infrastructure causing a massive shutdown. That’s an important piece but there are also the day-to-day cyber risks where coverage erodes. We want to talk about how a government cyber backstop is not just limited to critical infrastructure and has a broader scope. Whether it is in any way connected to TRIA, the Terrorism Risk Insurance Act, or entirely separate, remains to be determined. So there are many parts to it, but it makes sense because as more insurance companies pull back the reins, the need for a federal backstop becomes more critical.
Q: What can risk managers do to leverage the best performance in a challenging insurance market?
A: It’s been a tough couple of years, and I don’t suspect it’s going to get much better, and for some lines of insurance, like cyber and property, we’re going to continue to be very challenged. So it’s important to help boards understand what the situation is and to understand the risk appetite and tolerance at the organizational level. How much risk can we tolerate internally? How much can we transfer? What do we want to pay for that risk transfer? There is a balance between retention and transfer. The number of prisoners is growing and people are looking for ways to self-insure. It’s really the three C’s of coverage, capacity and cost, and all three are being challenged. There was a time when, when you raised your deductible, your premium went down and you had premium savings, so that was a strategy. Now you raise the deductible, and your premiums are still 20%, 30%, 40% higher. What we hear as risk managers from the insurance industry is that it is really driven by the reinsurers. So there is a spillover effect from the reinsurance market to the insurance market to the risk manager.