Municipal insurance pools are an excellent example of local governments working together to create efficiencies, preserve resources, and create value.

As a manager for a municipal pool, I offer my Top 10 Trending Issues for Pools:

1. Coverages. Pools seek to provide the best coverages at the best price. To meet the needs of members, pools are examining additional coverages and how to price them. Two non-traditional coverages trending among pools are cyber-liability coverage and drone coverage.
2. Products. Pools are leaders in introducing loss control and risk management products to members. Currently, a few pools have mobile loss control apps. Such apps provide inspection tools, in-field related safety information and resources, root cause information and analysis, and claims assistance. Pools also offer comprehensive learning management systems with online courses and videos.
3. Services. Pools offer services in the areas of risk management and loss control. Public officials training is now trending with pools. Another service many pools offer is emergency preparedness and response. Pools are monitoring the services needed by members and are working on meeting those needs comprehensively and cost-efficiently.
4. Best Practices. A current trend of pools is providing best practices to members in the areas of employment, risk management, finance, technology, training, and many others. School pools are leaders in head injury prevention and gender identity best practices. Many pools offer incentives, bonuses, or reduced contribution for implementing best practices.
5. Surplus Capital. Pool directors and administrators are always thinking about how to determine the right amount of surplus capital to maintain. A popular trend now is to model surplus capital needs using enterprise risk management. Other popular techniques to model capital needs include ratios such as the IRIS or Risk-based capital (RBC) that are common in the insurance industry.
6. Data Analytics. Pools have a large amount of claims and exposure data. Several pools are combining data to improve analytics. Using cloud technology, advanced data mining tools, and algorithms, pools are able to do more analytics and predictive modeling than ever before. The latest trend is to employ staff or consultants to provide advanced analytics to members.
7. Enterprise Risk Management (ERM). A current trend with pools is how to use ERM in their own operations — and how to push it out to members. ERM examines uncertainties, good and bad, and aligns uncertainties with the strategies of the organization. Many pools see the valuable management features of ERM and are studying ways to implement it.
8. Succession Planning. Pool administrators are being asked by boards to plan for their aging workforce. Pool administrators are identifying those in the organization to train as the next generation of pool administrators.
9. Competition. When pools were formed, there was far less competition than now. Commercial insurance — and other municipal pools — compete for the limited supply of local government agencies. Pools must be different and better to attract and retain membership.
10. Problem Claims. Pools are being hammered by large claims: employment, law enforcement, firefighters, concussion, gender identity, Title 9, etc. Federal lawsuits that come with very high legal costs now outpace state claims. Also, the aging workforce is increasing the cost of workers’ compensation. State legislatures are giving away benefits to public safety, while juries are giving away local government dollars via large verdicts. And, in the meantime, immunities are eroding.

The exciting part of being a manager for a pool is the ever-present opportunity to handle change. Ironically, change is the trend that never changes.

Virtually all public entities have an elected board of directors, council or commissioners who enact the policies that the agency uses daily. Unfortunately, only a few elected officials think of risk management when making decisions. And when they do, it is usually after there has been a loss or when they have to pay their insurance premium. In fact, many think that their decisions only apply to a single department, not the entire organization.

When elected officials truly incorporate risk management as a way of conducting business, property claims are reduced, lawsuits don’t get filed against the agency, and employees are safer. When risk management is not a component of every decision, bad things can happen.

Public entities are vulnerable to many risks beyond the common, insurable losses such as property damage from fires, natural hazards, auto accidents, lawsuits, and workers’ compensation. Some of the non-tradtional risks are:

• Loss of tax revenue
• Responding to public records requests
• Reduction in bond rating
• Major employer leaving your municipality
• Aging workforce
• Replacement of specialized vehicles
• Changes in weather and climate
• Computer hacking or ransomware attack
• Violation of the open public meetings act
• Changes in statutes, and regulations

Do the elected understand these risks? Have they even identified with many of them? Probably not. Risk management is more than buying insurance.

So what can you do to help your elected officials transition into policymaking risk managers? Here are some suggestions:

1. Incorporate risk management concepts into your staff reports. Here’s an example. Your entity is sponsoring an event that will include a bounce house. Your staff report could include something like, “Board, although many citizens consider bounce houses as safe activities, annually there are over 37,000 emergency room visits related to bounce houses. We can transfer the risk from the ABC agency, by hiring a vendor who will operate the bounce house and meet our insurance requirements.”
2. Use facts. Elected officials make fact-based decisions.
3. Provide training for elected officials on their roles and responsibilities, budget process, and employment practices. All are probably different than what the elected are used to in the private sector.
4. When the council, board or commission proposes a course of action, ask, “What are the risks?” and then lead them through a quick risk identification discussion; or “How can we reduce the risks?” which gives you the opportunity to talk about loss prevention. Always try to phrase things in a positive tone that the elected will relate to. In the bounce house example, you could say, “Council, this is about the kids having a fun and safe activity” which will resonate well with the elected. Remember they are always seeking public approval.
5. For staff reports where action is requested, attach the risk management matrix. The report should identify those high risk/low frequency, high risk/high frequency events. And offer solutions, other than “No we can’t do that.”
6. Finally, and this is critical, treat all elected with respect and don’t play favorites.

With tragedies striking almost daily, it is important to think about how your community would respond. Who would help you manage a major disaster? How could something of that magnitude affect your entity’s bottom line? What insurance policies, protocols, and plans will you need to respond effectively? For risk management professionals, these are pertinent questions on how their public entity would react in the event of a crisis.

As insurance professionals, we often receive questions about how our clients' policies would respond in the event of a terroristic attack. Insureds may think that if a policy references ‘terrorism’ it means that any type of terrorist event would be covered, but that is seldom the case. The Terrorism Risk Insurance Act (TRIA) coverage is very specific; however there are policies available that provide broader coverage. For example, Lloyd’s of London offers such policies that do not rely on the Federal Government certification process. If there is a religious, political, or ideological motivation behind it, standalone terrorism policies will cover the financial impact of the attack. However, if the motive for the attack is unclear such as the theater shooting in Lafayette, LA, then a standalone policy may not provide enough coverage. Fortunately, there are policies that will respond and we recommend that you ask your broker or agent for specific options.

More often than not, an emergency situation arises outside of an entity’s owned locations. Whether the tragedy happens at a shopping mall, a movie theater, or even a local restaurant, the municipality and/or county must be involved when it comes to crisis response. This can lead to lots of unbudgeted overtime and internal resources. Generally, the financial impact is not covered by your insurance policies as your owned buildings are not directly impacted. We know that previous terrorist attacks have cost public entities many millions of dollars in loss of tax revenue and expenses – and they did not even occur at the entity’s owned buildings.

The financial impact of these attacks can be extensive, but often the most neglected part in major catastrophes is the human element. Who is going to take care of the families of the victims, the traumatized employees and first responders, the surviving victims themselves? When the media is swarming and the public information requests are coming in by the hundreds, it can be difficult at best to stay on top of the situation especially when you still have your day job to do. Planning for such eventualities is crucial. Having additional resources to call upon when needed can help tremendously. We’ve seen it time and again: how you respond, how you treat the families, and how you handle the media can have long lasting consequences for your reputation as an entity.

The recent tragedy in Orlando serves as a harsh reminder that we are all vulnerable to acts of terror. With news from just about every major news source that ISIS is encouraging more attacks on the West, we as insurance and risk management professionals need to consider how we will respond to such events. Insurers and brokers have solutions to help manage the unthinkable.

I am fairly new to risk management – just started in this position 2 ½ years ago – but I am not new to the public sector. I have been working for the City & Borough of Juneau, Alaska for most of my adult life, more than 25 years. My previous experience with our risk manager was limited to review of contract insurance terms. I felt very confident in that area, so how much more could there be?

Then came the realization that I didn’t know all that I needed to. That’s a scary place to be, and it translates to a really steep learning curve! Juneau is a community of about 33,000 residents, and because of our geographic isolation (you cannot drive to Juneau – you must fly or take a ferry), our community and local government need to be self-sustaining. What this means is that risk management is involved in a broad range of operations, including the city government, hospital, school district, airport, port/harbors, and the ski area. In a small organization like ours, my duties range from claims adjusting to contract insurance review to advocating for risk and safety engagement at all levels, just to name a few. I have learned so much in a relatively short time, so I wanted to share some insights – from a newbie’s perspective.

• Risk management and safety management are dependent on each other. You cannot focus on just one. While we work towards implementing an enterprise risk management framework, I see enterprise safety management as an integral piece of that.
• The law department is my friend! Communicating with our attorneys early and often when dealing with a challenging claim is a really great way to go.
• Change can’t happen overnight. We have a lot of employees who have worked here for a long time. With that comes great institutional knowledge, but it sometimes means resistance to change. The burden is on risk management to identify areas that need improvement and then work hard to make the case for that change – sell it to those who like “the way it’s always been done”.
• Visit worksites as frequently as possible. I know I don’t get out in the field enough, but when I do, there is a genuine appreciation from work groups. It is one thing to express an interest over email or by phone, but showing up in person demonstrates a commitment to learning about operations, and it builds relationships in the process. I must give credit to Marilyn Rivers for emphasizing this at my first PRIMA Institute when I was in my first week on the job!
• PRIMA Talk is our friend! I know I said the law department is our friend, but, really, the more friends the better. Learning how others do things and finding common practices is extremely helpful. Also it’s a good way to find out new, better ways of doing things. It is a great support for our efforts to change and improve our approach to risk and safety.
• Finally, what I’ve realized over and over is that just when I think I know how to handle a certain situation, something comes up that is different and new and unlike anything I’ve ever had to deal with. It keeps my days interesting, and I continue to learn new things all the time!

Looking forward to learning more from everyone at the PRIMA Conference!

According to the National Safety Council’s Injury Facts 2016, the top three causes of fatalities on the road are drunk driving, speeding and distracted driving. It is estimated that distracted driving accounts for approximately 26% of those deaths, while drunk driving is the top cause and accounts for roughly 31% of road fatalities. It is certainly reasonable to think that distracted driving could be higher. As the stigma on distracted driving (especially cell phone usage) has changed over the years, fewer people are admitting to police officers that they were, in fact, distracted. As a result, it has become challenging to record accurate numbers.

Public entities have a high volume of drivers on the road. This exposure is greatly amplified by emergency response personnel who, when on a call, can easily fit the definition of “distracted”. Not only do we have to guard against employees driving distracted, but we also have to consider that the general public could be distracted when driving through our work areas.

Distractions come in all forms, ranging from the unavoidable (school zones, construction, accident scenes, road conditions) to the avoidable (cell phone usage, eating, drinking, talking to passengers, operating internal equipment). Whether labeled as avoidable or unavoidable, all of these instances amount to valid distractions that impair drivers, and this is important for our employees to understand.

Distractions can be categorized into three main areas:

1. Manual – Anything that requires us to remove our hands from the steering wheel.
2. Visual – Anything that requires us to take our eyes off of the road.
3. Cognitive – Anything that requires us to take our mind off the task of driving.

Meeting any one of these three criteria constitutes a distracted driver. Can you think of a scenario that meets all three? The most common answer here is cell phone usage because cell phones require manual, visual and cognitive application. Studies have shown the impairments by talking on a cell phone (hands-free or handheld) while driving can be as profound as those associated with driving while intoxicated. These studies found that drivers talking on cell phones were:

1. More oblivious to changing conditions.
2. Unable to stay in the center lane.
3. More likely to miss exits.

Researchers also noted a decrease in brain activity in both the parietal and occipital lobes. Operating a vehicle while distracted can lead to a condition called “inattention blindness”, which is essentially when you “look but do not see”. This is largely due to the fact that your brain has dedicated too many resources elsewhere and cannot fully process the pertinent information at hand.

There are many things we can do to reduce our exposure to distracted driving, but it all starts with a strong written policy, employee training and management commitment. The National Safety Council has some good materials on distracted driving. You can also check with your insurance partners on resources that they have available.

6. Encourage Active Participation – Most workshops have one or two people that are hesitant to be involved because they are uncomfortable expressing themselves in a group setting. However, history has shown that many major discoveries and advances in human knowledge have come from introverts, so make every effort to help them join the discussion. Be careful that your efforts do not lead to embarrassment; kindly and respectfully invite participation and warmly commend responsiveness.
7. Ask Questions – Effective questions stimulate discussion, provide valuable feedback to the facilitator, encourage innovative thinking, and lead to important risk and opportunity discoveries. Use them often and judiciously.
8. Foster Communication – One of the major benefits of effective implementation of ERM using ISO 31000 is the enhancement of intradepartmental and interdepartmental communication. Such communication breaks down silos and leads to enterprise efficiencies and cooperation. Highlight this point emphatically and regularly.
9. Keep Focused – The great thing about an effective workshop is that it gets creative juices flowing. However, if creativity is not properly focused it will become an obstacle by bogging down the workshop with too much extraneous discussion. Your job as the facilitator is to encourage creative discussion but also to redirect the discussion if it veers too far off course.
10. Emphasize ISO 31000 Principles – If you are conducting an ISO 31000 risk workshop, consider yourself a pioneer in the field of risk management! Be proud of your passion for and knowledge of the standard and direct your participants’ attention to it as often as possible!

Do you host risk workshops at your entity? If so, what are some of the techniques you employ to make sure that they are successful?

Do you have integrity? Of course you do. Everyone has integrity. Have you ever met anyone who doesn’t believe he or she “has integrity”?

So, here’s the question: if everyone possesses integrity, why do we see all around us evidence of integrity breaches – in business, sports, academia, even in the clergy and certainly in our world of government?

This is hardly a purely academic question to professional risk managers. Your life depends on making tough decisions affecting the lives of many. So, even if you are sure that you “have integrity”, wouldn’t it be worthwhile to question whether there might be ways to “practice” integrity better?

You might wonder what it means to practice integrity. Most people don’t view integrity as a practice, the way someone practices law or medicine. In fact, most people believe that integrity is something you have or you don’t; it can’t be learned. If that were the case, the outlook would be pretty dismal for the state of our institutions and our nation because there would be no way to teach people how to make decisions with integrity.

The belief that integrity can’t be taught is just one of many common beliefs about integrity that simply aren’t accurate. Here are some others:

• Integrity is the bold assertion of conviction
• Integrity is built on a strong belief system
• The right thing is obvious and something you just do
• Integrity is a matter of instinct and will, not practice and habit
• Breaches of integrity are usually the product of corrupt intent
• Integrity is synonymous with ethics

Integrity is not a state of being, or a permanent achievement of character. Decision making is not based on innate and unerring judgment, but developed as a “practice” by working on it over and over again until habit displaces instinct. That’s integrity.

One of the reasons why everyone believes they “have it” but others lack it, is because they trust their instincts. Instinct is just another word for self-interest and self-interest is often invisible. For instance, 98 percent of people polled believe they are above average judges of character. Corporate presidents believe they are the source of all positive developments yet blame all bad ones on the economy. Political parties really believe they are the exclusive guardians of virtue.

As individuals we believe we “have integrity” even though we tell white lies, fail to get back to people timely, accepts dinners on our friends’ company expense accounts, breach copyright protections, gossip, shade the truth on taxes, own stock in corporations committing illegal acts and buy hot goods on big city street corners, to name just a few.

Our task as committed risk managers is to start looking at integrity as a body of skills, the same way we manage our finances with a budget and navigate using a GPS, so we can maximize the effectiveness of our decision making and reduce risk to the public.

------

In an upcoming series sponsored by PRIMA, Stuart Brody, a teacher and consultant who speaks nationwide on this subject of integrity and decision-making, will challenge common assumptions that impair our effectiveness as risk managers.

In order for a police officer to arrive safely at a call, he or she must be able to drive without obstructions and distractions, which can be very difficult in today’s environment. When driving, police officers often need to use radios and Mobile Data Terminals (MDTs) or computers while operating emergency lights and sirens, not to mention the simultaneous use of cell phones. Distracted driving is a growing trend among police officers in the United States and the impairments associated with completing their job duties while driving can be as profound as those associated with driving while drunk.

Recent studies have found that distracted driving by officers is on the rise and in more than half of all police crashes the officer was distracted by something inside the squad car, such as a cell phone or computer. Looking at the computer while the vehicle is in motion or worse yet, typing while the vehicle is in motion is a major distraction that can have serious consequences. Looking at the computer causes an officer to take his or her eyes off the road for a minimum of five seconds. If driving at 50 MPH, the vehicle will travel over the length of a football field. A simple solution to this distraction is to enforce a strict policy prohibiting computer use and requiring computer lids to be closed when the vehicle is in motion. Additionally, law enforcement agencies might want to consider investing in a software program that deactivates the computer screen when the car is in motion or while the car is moving in excess of certain speeds.

Another driving concern is obstructed vision, wherein an officer doesn’t have good line of sight. Considerable advances have been made in squad car technology, much of which assists with quickly gathering information, but may also limit driver visibility if not installed correctly. Today, many squad cars have MDTs, radar guns, global positioning system equipment, video cameras, suspect detainment cages, and rifle or shotgun racks, all of which may limit an officer’s view of hazards on the road. Many crashes occur at controlled intersections where officers indicated they had difficulty seeing vehicles approaching from the right. The placement of squad car camera and computers that are mounted too high are considered a strong contributing factor to these crashes. Cameras and license plate readers are often mounted to the right side of the rear view mirror, which greatly diminishes the visibility of vehicles approaching from the right. In addition, MDTs can be mounted in several different positions, some of which limit the field of view of the officer. Addressing whether or not the equipment is placed in the officer’s field of view and adjusting the equipment so that it is less likely to affect the officer’s ability to see and drive safely is highly recommended. In order to place equipment in the most effective and safest manner possible, consideration should be given to the design of the squad car and input from officers who utilize them daily.

The risks associated with distracted driving by law enforcement cannot be ignored and police administrators should consider that the liability related to those risks can negatively impact a department and community. Implementing policies and procedures that address distracted driving with the objective of mitigating the risks associated is paramount. Prior to being enforced, policies and procedures should be verifiable and consistent with current laws. Furthermore, they should be reviewed by legal counsel and included in training, as well as the employee handbook or personnel manual.

As an administrator, it is critical to focus on officer and public safety. Police officers have a difficult job that is often made more difficult by the multitasking they are required to do on a daily basis. Help them by minimizing or removing in-vehicle distractions and obstructions.

Local governments often benefit from private and public partnerships formed around special projects and routine services. For example, public entities often work with national organizations such as the Nature Conservancy or a local conservation trust to obtain land for parks or nature preserves. Additionally, many local governments entrust the operations of wastewater treatment and refuse collection to private sector service providers. These partnerships are mutually beneficial and we expect more initiatives among public entities and both private for-profit and non-profit entities in the future.

The insurance and risk management needs that arise from these routine services or special projects are not so different from the requirements that were in place before the public/private initiatives started. After all, most local governments continue to directly purchase land, treat water and collect refuse. While not necessarily in direct competition with local governments, private individuals and companies also continue to perform similar activities and services.

There is an emerging trend to consider joint public/private operation of services traditionally viewed as exclusive governmental functions. Examples include traffic violation cameras installed and operated by a private contractor, probation services delegated to a third party, and in at least one instance so far, an initiative to assign most of the daily administration and oversight of a local government to a not-for-profit outside service provider. The former public sector employees are actually transferred to private sector employment status but continue to perform the same governmental duties. For local government agencies dedicated to providing public transit, there are also examples of joint public and private operation when an outside private sector management firm is hired to assume oversight of staffing, scheduling, and maintenance.

Unlike many of the routine services or special projects, these new hybrid public sector/private sector initiatives to jointly administer services once exclusively governmental, do prompt numerous insurance and risk management questions.

Is the local government authorized to hire an outside entity to perform traditional governmental functions? Are law enforcement duties for traffic control delegable to an outside contractor? Can the local government delegate judicial administration, remittance of fines or penalties, to a private vendor? Does a local government actually exist if its operations are delegated 100% to the private sector? Or, does that local government begin to resemble a property owners association?

The practical insurance and risk management issues that quickly surface contrast the differences between local governments and the private sector, profit or not-for-profit. Dependent upon individual state jurisdiction, local governments enjoy specific legal immunities, unique defenses and often maximum limits of liability. None of these features typically apply to private entities performing governmental work. There are exceptions for private entities regulated as public utilities, but such entities are not joint public/private initiatives.

We expect that economic considerations will continue the trend to increased joint public/private administration. “Tread lightly due to unknown territory” is the preferred risk management approach. Service agreements with vendors should indemnify the local governments. The private sector partner should not be permitted to transfer responsibility for poorly performed services to the local government. Never accept a private sector proposal to assume a local government responsibility at no cost to the local government. Such an agreement is unlikely to require the needed protection to the local government.

So, while there are cases of local governments beginning to privatize, the trend will likely proceed slowly as cautious risk managers try to weigh the risks – those that are insurance related and beyond.

A CEO I once worked for used to say quite regularly, “tell me what I don’t know.” His view was he could read the Wall Street Journal or any number of other typical sources of intelligence and information about running organizations, just like me as his senior risk leader. What he was most concerned about, as are most CEOs, board members and other key risk stakeholders, were the things once described by Donald Rumsfeld in 2002 (Secretary of Defense from 2001 to 2006) right after 911. That is:

“There are known knowns. These are things that we know that we know. There are known unknowns. That is to say, there are things we know we don’t know, but there are also unknown unknowns. These are things we don’t know we don’t know.”

For many, myself included, this was a bit of a mind-bender. Yet the essence of his ruminating is really quite simple. He’s alluding to emerging risks, those things that are by one definition, articulated as:

“Those issues that have not manifested themselves sufficiently to be managed using the tools commonly applied to more developed exposures. They are “those risks an organization has not yet recognized or those which are known to exist, but are not well understood.”1

For leaders of all kinds, but especially for risk leaders, this area of the discipline is a black hole of possibilities, about which it is rarely immediately clear whether or not they require attention, let alone well-defined action. Some view these risks as “black swans” which by definition are things which didn’t exist, until they were discovered to exist. The unknown unknowns. But it is important not to ignore those risks we have some information and perhaps understanding about, even if they are remote or highly unlikely. This is true because they are often very destructive.

To understand these risks, let’s look at their common characteristics. First and logically, they are highly uncertain. As mentioned, their frequency is low but their impact is often very significant. They also have the potential to change quickly, even metastasize. They are risks that are difficult to drive a consensus about among subject matter experts. Because they may be completely unknown, they are typically not on anyone’s radar. Their qualitative characteristics are fuzzy at best. The ability to quantify them is usually non-existent. The relevance to the business, its strategy and objectives is also typically unclear at best. Most observers would say they are too futuristic to matter.

These risks are also hard to communicate. Because they are perceived as unlikely, possibly even irrelevant, they are viewed as deserving none of the limited time most executives have to address anything but the most pressing issues. Even so they may be embedded in existing practices and procedures, thus right in front of many, but not recognized as a serious threat to success. Finally and not surprisingly, these risks are difficult to find owners for, since accountability for addressing raises personal risks. Acting on these often complex exposures, implies redirecting time, resources and even priorities and thus can be expected to be met with substantial resistance.

In this increasingly VUCA (volatile, uncertain, complex and ambiguous) world we operate in, we are required to be better at anticipating, adapting, maneuvering, preparing for, and responding to even (and especially) these unlikely but value-destroying risks that simply should not be ignored.

So what should risk leaders do in order to get ahead of emerging risks? Well here’s a simple four step plan for moving forward.

• Build an emerging risk strategy and process into your overall risk management strategy
• Enhance your risk identification process to include low probability, high severity possibilities as they relate to strategic goals and objectives
• Assess risk interconnectedness of these compared to other identified risks in order to understand how they relate to and possibly exacerbate other key risks
• Answer the key questions for these risks regarding their: importance; relevance; likelihood; impact; immediacy; and necessary response

Enhance your risk monitoring and reporting processes to include specific key risk indicators tied directly to key performance indicators.

You may feel you don’t have the time or resources to take on these tasks, but I think we can agree that you don’t want to be left flat-footed when your CEO asks “tell me what I don’t know.”

1 Source: Risk Management Society