The Institute of Risk Management (IRM)

2nd floor Sackville House 143 - 149 Fenchurch Street London, EC3M 6BN
+44 (0)20 7709 9808
http://www.theirm.org
  • About IRM

    The Institute of Risk Management (IRM) is the world’s leading enterprise-wide risk education Institute. We are independent, well-respected advocates of the risk profession, owned by practising risk professionals. IRM passionately believes in the importance of risk management and that investment in education and continuing professional development leads to more effective risk management.  

    We provide qualifications, short courses and events at a range of levels from introductory to expert. IRM supports risk professionals by providing the skills and tools needed to put theory into practice in order to deal with the demands of a constantly changing, sophisticated and challenging business environment. We operate internationally, with members and students in over 90 countries, drawn from a variety of risk-related disciplines and a wide range of industries. 

    As a not-for-profit organisation, IRM reinvests any surplus from its activities in the development of international qualifications, membership, short courses and events. 

IRM retiring Technical Director Paul Hopkin reflects on 40 years working in the risk management profession

Paul-Hopkin-Technical-Director-IRM

The IRM’s retiring technical director Paul Hopkin reflects on over four decades of work and thought in the risk management profession

After a career in risk management of more than 40 years, retirement started to raise its increasingly grey head. However, before deciding to retire, I undertook a full risk assessment of the implications for my finances and future activities. I considered the threats and the opportunities and the outcome of the risk assessment was that it is time to retire.

Retirement is a great opportunity to reflect on the various stages of my career. These stages have occurred in parallel with significant developments in the practice of risk management. Those of you familiar with the textbook Fundamentals of Risk Management will be aware of my passion for acronyms. I use these in the textbook as a learning aid for students. I am using one of my acronyms to structure this article.

Fragmented / Organised / Influential / Leading (FOIL)

In the fourth edition of the textbook, I introduced a new acronym, FOIL. FOIL represents increasing risk management sophistication and is a roadmap for my career over the past 40 years. FOIL is an acronym that identifies how risk management can be implemented within a company. The approach can be fragmented, organised, influential or leading.

After a brief period teaching physics and mathematics in a secondary school in Bristol, I decided that I did not want a job where the main advantage is how often you didn’t have to do it (the holidays). It was time for a career change. At that time, the Health and Safety at Work Act had just come into force in Britain and government safety inspectors were being recruited. The work as a safety regulator was an opportunity to acquire basic legal knowledge and that required attention to detail, especially when undertaking prosecution of delinquent employers.

Fragmented approach and health and safety

As a government safety inspector, I specialised in health and safety in foundries in Birmingham – the industrial heartland of Britain. This specialism built on my degree qualification in metallurgy from Birmingham University. Although this regulatory approach was necessarily fragmented, many companies followed the same model of fragmenting their risk management systems to respond to the requirements of different regulators. Therefore, health and safety became a specialist area of risk, despite the potential for conflict with environmental, quality and production requirements.

After eight years as a safety inspector, I moved into the insurance industry at a time when a more combined approach to risk management was developing. This encouraged companies to better organise their risk management efforts. Often, the result was that health and safety and environmental departments combined, and closer working with the quality department was encouraged.

Organised approach to liability insurances

Combining risk management activities was encouraged by the insurance industry and underpinned the advice given to clients by insurance brokers. Property insurers developed policies that combined coverage for fire losses with security exposures and insurance for other causes of property damage. At the same time, liability insurance policies started to combine different classes of insurance, including employers, public and products liability.

The aim was not just to include the specialist areas of expertise in, for example, health and safety, environmental or quality, but also to have an overall combined or organised approach to risk management that would be mutually supportive and more effective. The ultimate objective was to undertake risk management in a way that it influenced the behaviour of senior management and thereby enhanced the success of the company.

Influential approach and loss control

Having spent some time as a safety regulator and as a consultant working for an insurance broker, the next role was working as a risk professional within a large plc. BET (now part of Rentokil Initial) was a substantial conglomerate of companies working in different sectors, including leisure, construction, transportation and security. Under the influence of a strong-minded CEO, a loss-control initiative was launched. This resulted in risk considerations influencing the way in which businesses operated.

The loss-control initiative placed requirements on the group companies to reduce risks and, in particular, reduce the potential for inefficiency and insurance claims. This led to reduced costs, increased efficiency and added to overall success. The requirement to develop measurable loss control programs was highly influential and reduced insurance losses by 25% over a two-year period.

The next stages in my career involved two very different organisations. As head of risk management at the BBC, the emphasis was on the overall coordination of risk management activities and the successful implementation of risk management initiatives. It was at this time that I encountered the risk register as a means of prioritising risk activities, thereby making a significant contribution to successful project management, including the reorganisation BBC that was being undertaken at that time.

Leading approach of enterprise risk management

My final in-house risk management role was working for The Rank Group. At that time, the company was a large conglomerate and operations included casinos, nightclubs, cinemas, Hard Rock Café and various holiday companies, including Butlins. In addition, the group provided support services to the film industry, including the Deluxe Film Laboratories –Color by Deluxe. It is worth noting that the outgoing group finance director who had just left the company when I joined was Nigel Turnbull.

His 1999 report on internal control and developing international risk management standards required a fully organised approach to risk management. This included the production of risk registers to act as risk action plans and provide risk assurance to stakeholders. At Rank, one of the ways of ensuring that the risk assessment workshops were influential was to undertake the workshops at the same time as the annual budget was being prepared. In this way, the board of each company took account of the risk profile of the company when deciding what could be achieved during the coming year, and what risks needed to be embraced and/or managed.

Recent risk management developments

Since leaving The Rank Group, I have seen the further development of risk management as Technical Director at Airmic and, more recently, at the Institute of Risk Management. Risk management is increasingly leading business decision making. Enhanced risk management practices are helping companies validate their business models in terms of the risks that the business model embraces.

I have seen the development of risk management from a fragmented approach whereby specialist professionals take pride in achieving good results in their area of expertise to an approach that acknowledges that other risk professionals need to be included to achieve an organised or combined approach. This reinforces the risk message to senior managers and influences their behaviour. It is at that point that consideration of strategic risk-taking enables companies to embrace the upside of risk and ensures that risk considerations lead the development of strategy.

Risk management is a great career

It has been an interesting journey, but the ultimate challenge for risk professionals still remains and that is to ensure that risk awareness guides decision-making at board level. A career in risk management offers the chance to make a difference and leave a legacy. Not many other in-house positions offer the same opportunity to explore every aspect of the business model of the company.

For my own part, I am proud of the contribution that risk professionals have made to the success of companies – and that contribution will continue into the future. I am also proud of the textbook ‘Fundamentals of Risk Management’ and hope that students currently using the textbook will become the future leaders in risk management.

Paul Hopkin is the outgoing technical director at IRM