Ignore risk management at your peril! Implications of a hard market…

After the closure of the Solicitors Indemnity Fund many firms enjoyed significantly lower insurance premiums – but could the honeymoon period be coming to an end sooner than expected? John Verry, the risk management practice leader at St Paul International, assesses the importance of risk management following recent suggesting insurers are considering raising their indemnity rates by ‘30 to 40 per cent’ this year.

In September 2000, experienced commentators were convinced that the insurance market had artificially lowered the overall price of insuring the profession. The last year of SIF saw a total contribution of some £250 million, whereas the total premium paid to the commercial market in the first year was under £150 million.

Year two saw a further fall in real terms. Although law firms paid a total premium of £162 million, this increase was outstripped by an average 10 per cent rise in gross fee income across the profession.

At first, wide variations in pricing made it difficult to judge which insurers had got it right. Now it appears that those firms whose insurers quoted cheap prices to obtain market share may now be subjected to serious price volatility.

One would have to look as far back as 1987 to find a year when the cost of claims was as low as the premium being paid by the profession today. The actuaries and underwriters have not yet completed their rating reviews, so it is too early to guess the levels of increase that the profession is likely to face. What is accepted, however, is that there will be rate increases, and depending on reinsurance availability there may also be capacity problems.

There is only so much money in the pot to meet solicitors’ claims, and this sum may well reduce in the present market. This in turn means that when some insurers have filled their exposure to capacity, they will have no appetite for further business. If they are convinced to offer terms, then the price will be very much of their choosing, i.e. expensive.

What are the other implications of a hard market? In a nutshell, the situation changes from insurers chasing the business (a soft market) to the business chasing insurers (a hard market). This in turn means that firms need to make themselves as attractive as possible to the underwriters.

One very effective way of doing this is to demonstrate that you have a commitment to risk management. Yes, this is a topical phrase that is on everyone’s lips. But it is not mere ‘management speak’ or hype; it is very important and firms ignore it at their peril.

Risk management defined

So what is risk management? It is the process by which a firm assumes control of its internal affairs to ensure an effective service delivery to the client. The main objective of risk management can therefore best be summed up as ‘performing the client’s work as quickly and efficiently as possible with the minimum exposure to the risk of a mistake being made.’

There are three main areas of risk that firms need to address: strategic risk, disaster risk and operational risk.

Strategic risk covers the key decisions that a business leader has to make, including financial, credit, competition and personnel risks.

Disaster risks encompass, for example, major threats of business interruption, such as fire, flood, collapse of IT systems or terrorist activity.

However, the most important area of risk for professional indemnity underwriters is operational risk : the risk that arises from the very process of carrying out the client’s work. This, of course, is the source of professional indemnity claims.

Benefits to your firm

None of this is to suggest that risk management should be solely insurer-driven. There are many benefits to the firm from adopting sound risk management systems and procedures. First and foremost, they reduce exposure to the cost of claims, which can be a great deal higher than you might imagine. Consider:

Return of fees. In many cases the firm will have to return the fees paid by the client, either in whole or in part, depending on whether there has been a total or partial failure of consideration. These fees may be substantial,
Payment of excess. Some firms have taken substantial excesses to keep premiums down. This is sound practice, provided that you manage your excess effectively by minimising your exposure to claims,
Fee earning time wasted dealing with the claim. Many firms overlook this. Report forms need to be filled in, fee earners interviewed to find out what happened, correspondence entered into with your insurers. All of this takes up a lot of time for which you will not be paid. Every firm should cost its claim files, and that cost should be set off against the profits of the department responsible. This will help focus attention on the need for risk management at departmental level.
Loss of client. In some cases a claim will result in the loss of the client and future business. This particular cost will be more difficult to assess in some cases than in others, but damage to your reputation is always dangerous.
Increase in premium. A poor claims record will impact on your premium. The worse the record, the greater the premium until such time as underwriters decide that your risk cannot be written at any price. This in turn will mean the firm entering the Assigned Risks Pool, which is a place that you do not wish to visit even out of idle curiosity.

In addition to the cost, firms should be aware that there is an expectation on the part of clients that firms take positive steps to avoid errors. This is not unreasonable. Put yourself in the client’s shoes. How would you feel if a right to renew a tenancy, or a cause of action, had been lost simply because someone overlooked a time limit?

As a result of the Turnbull report, quoted companies are required to have systems in place to control their internal affairs and ensure that their customers receive an acceptable level of service with minimum risk exposure. Ever more, companies are expecting their service suppliers to achieve similar standards. To get on to their panel, or to stay on, firms may well have to show what risk management and practice management procedures they have in place. Negotiations no longer tend to take place only with in-house legal departments, on a lawyer to lawyer basis, but increasingly with hard-nosed procurement officers who want - wait for it - an efficient job carried out as quickly as possible with minimum exposure to the risk of a mistake being made. If you are unable to demonstrate that you have appropriate systems in place, you are on to a loser.

Structures to manage risk

Creating and implementing an effective risk management system is not something that can be done overnight.

You will need a structure to manage risk, the exact composition of which will depend on the size of the firm. You should endeavour to utilise your existing management structure. Key components of the structure could include:

A risk manager. Appoint an individual in the firm who is accountable for risk. While they may be allowed to delegate responsibility for risk, they should not delegate accountability. This is not a groundbreaking concept - every firm should already have a nominated partner accountable for handling complaints within the firm. This person will be the focal point for risk within the organisation, and could be the firm’s managing partner.
A risk committee. This committee will be responsible for creating risk policies, and monitoring effectiveness and adherence. This could be the firm’s executive or management committee.
Departmental risk managers. In the case of larger firms, each department should have a manager responsible for risk within the department. This could be the departmental head.

Once you have a structure in place, the next step is to identify the risks to which your firm is exposed. So how do you identify risk?

1. Start with the underlying causes of claims. Research has shown that that there are common themes running through claims, irrespective of the area of law from which they arise. These underlying causes are well rehearsed but worth repeating. They are:

Missed time limits,
Delay,
Communication failure with clients, within the firm, with other professionals,
Inadequate delegation,
Lack of supervision,
Undertakings,
Poor organisation,
Lack of knowledge of the law.

These are the core reasons why mistakes are made, i.e. why things go wrong. But you will also need to ascertain what goes wrong, i.e. the common mistakes that are made.

2. Common mistakes. These relate to distinct areas of work. It will be the task of the departments to identify common mistakes that are made in the conduct of their work. Create a table, showing the area of risk in one column and the action to be taken in another.

When analysing risk it is useful to examine past claim files. If you have never had a claim, analyse a ‘near miss’. Look at what went wrong, why it went wrong and what can be done to minimise the risk of it happening again. This in turn will enable you to create a system or procedure to reduce your exposure to such mistakes.

A further problem that needs to be addressed is the danger of over-regulation. It is a fine line between over-regulation and under-regulation. One of the problems of the former is that it can give employees a false sense of security: “I have followed all the procedures as set down so I must be all right”. The problem is that the fee earner fails to see an obvious danger looming because it falls outside of a particular procedure.

Two transactions are rarely the same, even in the same field of law, for the simple reason that all clients are different, and have different needs and perceptions that must be addressed. To meet these needs, solicitors must be entrepreneurial and able to adapt to the client’s requirements. This is why it is not possible to have standard systems and procedures that will fit every firm and every transaction. On the other hand, having no systems or inadequate systems is just as dangerous.

There are certain basic systems that every firm should have in place, which are adopted and adhered to firm wide. These systems would include, for example, diary systems, client vetting procedures, file review systems and accounting procedures.

The important objective is to create a system that works efficiently and effectively whilst achieving the risk management objective.

Another crucial element of risk management is that risk is constantly monitored, and effective systems will help you to achieve this. Your risk systems and procedures themselves also need to be under constant review, as there are always new and emerging risks to address. They may arise through new case law, statutes, regulations, or simply by reason of the fact that your firm starts dealing with a new area of law. Departmental heads should be alive to such new risks, taking steps to reduce any exposure of their department, and reporting to the firm’s risk manager and the risk committee. Effective communication is a must within the firm’s management structure.

In many firms, such radical changes will require a fundamental culture shift. This may well be the biggest obstacle that you face. All partners must commit to the change. They must also demonstrate such commitment to the staff. Remember, bad working practises at management level are inevitably reflected throughout the organisation.

No one can be outside the risk management loop. If they are, the system is doomed to failure. Some partners may find the principle of risk management just another bright idea to generate work for consultants and administrative chores for fee earners. In fact effective systems will make your task easier; instead of having to deal with four pieces of paper you will only have to deal with two.

Most of the errors made by solicitors relate to administrative matters. It is not the quality of the advice that is poor, it is the delivery of the advice. Adopt systems that will improve the service delivery, and let the lawyers get on with what they do best, and most profitably, advise clients.

Every organisation or company is more than a mere collection of individuals. If there are partners who will not co-operate with the creation and implementation of a risk strategy, their commitment to the firm must be questioned. They are exposing the firm to unnecessary risk, risk that is unacceptable to the other partners, the employees, and most importantly of all, the clients.

John Verry is risk management practice leader at St Paul International. He can be contacted at john.verry@stpaul.com