Promoting resilience and advocating for risk managers in the C-suite are major themes for Jennifer Santiago’s yearlong presidency of the Risk & Insurance Management Society Inc. Ms. Santiago, director, risk management & safety at Wakefern Food Corp., a retailer-owned cooperative based in Keasbey, New Jersey, discussed RIMS’ support for the development of a federal cyber insurance backstop and how risk managers can navigate challenging market conditions with Business Insurance Deputy Editor Claire Wilkinson. Edited excerpts follow.
Q: How did you get your start in the industry?
A: There weren’t a lot of programs for risk management when I came out of school. I had an internship as a medical liability representative for a medical malpractice organization and that really enabled me to get my first big job, which was at NYU Medical Center in New York. I came in at entry level and within two years was promoted to director, managing a team, reporting to the CFO and engaging with the captive insurance company. I was very fortunate to get that start and that led me down the path of risk management. I went to my first RIMS conference in 1999, and Colin Powell was the keynote speaker. And I remember thinking, wow, this is a pretty incredible organization. There were thousands of risk managers all waiting outside the auditorium to be able to get in, and that really drew me in. It’s the community that has always kept me engaged.
Q: You’ve served in broking and risk management roles across different industries. How has that influenced you?
A: I love the pivot and the challenge and the change of learning a new business model, learning about the key critical risks of the operation and then developing solutions. It’s really the toolkit of the risk manager that goes with you. That’s what’s been exciting for me, continuously being out of my comfort zone and always challenging and pushing. I did the broker stint for a little while and then decided risk management was really my sweet spot. I spent a lot of time in risk management and insurance, enterprise risk, ethics and compliance, and risk assessment at Novartis Pharmaceutical Corp., Ingersoll Rand, Arthur J. Gallagher & Co., and was chief risk officer at Penn State University right before my current role. So I really diversified from an industry standpoint and that’s kept it interesting.
Q: What are your goals for RIMS for the year ahead?
A: RIMS has a long history of success and incredible leaders and risk management professionals that have been committed to the society for decades. We’ve come through the pandemic and the key word for me is resilience. What’s important about resilience is coming out on the other side stronger and better and ready for the next challenge. My focus is on getting our community back together — because COVID did change the way people interact — and to reconnect and strengthen the community that we have. The pandemic really shone a light on risk management professionals. Everybody works in their silo and the risk professional knows what goes on across the organization, so it was logical that they would be right at the table when the pandemic hit. There’s momentum there, and we need to capture that and push forward. We also need to advocate for the risk professional to make sure that we’re getting into the C-suite in chief risk officer roles, that we’re sitting on boards and providing expertise. The other thread is DEI, creating more diverse, equitable, inclusive environments for people to be successful.
Q: RIMS is advocating for a federal cyber backstop. Why do risk managers want government support for cyber coverage?
A: RIMS issued a comment letter to the Federal Insurance Office last November. The dialogue is about creating a federal backstop to deal with large-scale cyber incidents. As risk managers, we know when we’re placing cyber coverage that we’re seeing erosion of coverage, capacity and cost. That creates a very challenging environment for the risk management professional. There’s a fear that coverage will evaporate, so there’ll be fewer markets willing to write cyber and more exclusions — sort of a Swiss cheese policy. I think that’s a real, legitimate fear. There are concerns about systemic cyber risk and a hit to infrastructure causing a massive shutdown. That’s an important piece but there’s also the day-to-day cyber risks where the coverage is eroding. We want to talk about a cyber backstop from the government not just being limited to critical infrastructure and having a broader scope. Whether it is somehow attached to TRIA, the Terrorism Risk Insurance Act, or completely stands alone, needs to be determined. So, there’s a lot of parts to it, but it makes sense because as more insurance companies pull back the reins, the need for a federal backstop becomes more critical.
Q: What can risk managers do to leverage the best outcome in a challenging insurance market?
A: It’s been a tough couple of years, and I don’t suspect that it’s going to get much better, and for certain lines of insurance, like cyber and property, we’re going to continue to be very challenged. So, helping boards understand what the situation is, and understanding the risk appetite and tolerance at an organizational level, is important. How much risk can we tolerate in-house? How much can we transfer? What do we want to pay for that risk transfer? There’s a balancing act between retain and transfer. The number of captives is growing and people are looking for ways to self-insure. It’s really the three C’s of coverage, capacity and cost, and all three are being challenged. There was a time when, as you raised your deductible, your premium went down and you had premium savings, so that was a strategy. Now you raise the deductible, and your premiums are still 20%, 30%, 40% higher. What we hear as risk managers from the insurance industry is that it’s really being driven by the reinsurers. So it’s a knock-on effect from the reinsurance market to the insurance market to the risk manager.