Jim Satterfield Introduces the Risk Management Spotlight
The Team at the Insurance Research Letter is pleased to partner with Firestorm to bring to The Letter, a new feature, “the Risk Management Spotlight.”
The Risk Management Spotlight will feature a series of interviews conducted by Firestorm President and COO Jim Satterfield with Senior Risk Officers and other senior leaders in Risk Management roles.
We hope this column helps provide a window into current senior thought leadership, including the trends and points-of-view from top Risk industry experts.
Here’s a taste of our first feature interview in the August, 2016 issue. Please visit The Letter and register for free to receive this and much more each month
Insurance Research Letter: ‘Risk Management Spotlight’
By Jim Satterfield, COO and President, Firestorm
This month, our interview is with Ed Wydock, Chief Risk Officer, The Bank of the Ozarks, Corporate Risk Management Group
Mr. Edward J. Wydock, also known as Ed, has been Chief Risk Officer at Bank of the Ozarks, Inc., since June 2015. Prior to joining Bank of the Ozarks, he served as Head of Enterprise Risk Management and Chief Risk Officer for Susquehanna Bancshares, Inc. (NASDAQ: SUSQ) in Lititz, Pennsylvania from 2008 to May 2015 and as Chief Audit Executive from May 2002 to May 2007.
Prior to joining Susquehanna Bancshares, he held various positions in accounting and risk management, most notably with PricewaterhouseCoopers LLP as a Director of Audit and Risk Advisory Services in Baltimore, Maryland and Washington, D.C., from March 1997 to May 2002, serving clients in the financial services industry, and as Chief Audit Executive at CapitalOne Bank in Chevy Chase, Maryland. Mr. Wydock is a C.P.A. and holds a B.S. degree in Accounting from Bloomsburg University (Pennsylvania).
JS> How many years have you been in the Risk industry Ed? How long have you been focused on risk management?
EW>*Chuckles* Longer than I care to admit – more than thirty years in accounting, auditing and risk, and I’ve been at The Bank of the Ozarks for one year.
JS> Are you a member of any professional organizations?
EW> I am a CPA in the State of Maryland. I am also a member of the IIA (institute of Internal Auditors) from my time as a Chief Auditor Executive.
I am also a member of an informal professional group of risk managers; we’ve been getting together twice a year for about ten years – approximately 25 Chief Risk Officers and we discuss a wide variety of issues and leading practices. I always come away from those meetings having learned something.
JS> What is greatest change you have seen in the insurance industry?
EW> In my opinion, the biggest change in today’s environment is the proliferation and the use of data; on the commercial lines side there is now much more granular data around credit, operational metrics, and forward-looking information. On the personal lines side, the use of a policyholder’s data contained in credit reports is significant.
JS> How did you enter the Risk Management profession?
EW> I came into Risk Management through the Accounting route. I was early in the formation of the Risk Management discipline in the Banking industry through my work in public accounting, related to the internal control and consulting work I did for clients. I was also Chief Audit Executive at two banks. My focus had been internal controls: helping clients identify, manage and mitigate risks through the implementation of control frameworks. My focus has been on broader risk management for the past eight years.
JS> So Ed, what keeps you awake at night? What is your greatest challenge?
EW> I am focused on making sure that the risk organization has the data needed to determine and understand the risks facing the company, the root causes of risk, and our response to risk. I look at it as a chess match of sorts; we use historical data coupled with a view of what risks are emerging and plan response strategies. Risk Management is like that – the last recession showed us that no one can see every risk on the horizon, but as an event for reflection, it has made us wiser and better able to predict what may lie ahead.
The greatest challenge for most companies is data, and how to transform the data into information that will provide enough history to understand our risk-taking behavior and how we’ve responded to risk events in the past.
Plus, the rate of change is accelerating, and change and growth create both risk and opportunity. Managers need to be thoughtful about change. By way of example: in banking we have the ever-changing regulatory landscape; those that don’t adapt face risk and scrutiny; those with a more proactive approach face benefits with consumers and regulators alike, as well as a favorable reputation with stakeholders. Change and growth – in the banking business – is the achievement of certain asset thresholds. This creates new dimensions of regulatory risk that can be leveraged as an opportunity to make the company better.
JS> How is your Risk management department organized?
EW> The Risk Management Department consists of programs that measure and help guide the management of risks, and functions that monitor the success of those programs as well as assess the controls in place to manage and mitigate those risks. In our company, we are continually evolving all of the risk management programs – those that are reactive, or responsive disciplines like emergency response, disaster recovery, crisis management, also communicable illness which in and of itself can become a crisis. We have programs like information and cyber security, where we try to be as preemptive as possible. Other programs like enterprise and operational risk management are where we try to be as predictive as possible. The ability to predict is an evolutionary process.
JS> How do you partner with brokers & carriers for the long term and where does price play a role?
EW> Obviously insurance is a significant part of any company’s risk management strategy. We use, and have used for many years, a local broker who, along with the carriers, helps us formulate our risk transfer strategies.
Price is always a consideration, as it is within the insured’s ability to control through loss avoidance or the amount of risk a company is willing to retain. Insurance really doesn’t fall directly in the Risk Management group, however I do know that while price is a data point, the strength of the company and their reputation in the marketplace carries greater weight.
On programmatic cost and risk management controls, on my side, my areas are responsible for making sure we have the right controls in place to manage risks to keep insurable losses down.
When it comes to carriers, we have between seven and ten insurance insurers for our primary and excess coverages, and additional carriers for tail policies related to the institutions we’ve acquired. When considering a carrier, we look at AM BEST ratings, stability, reputation in the marketplace, strength of underwriting and claims teams, and the type of business mix they have related to what our needs.
JS> Do you meet regularly with your insurers, or does the broker do most of this?
EW> We meet with insurers at least once or twice a year to help coordinate underwriting calls at renewal. We do not have a captive.
As far as Brokers are concerned and when considering a broker, we look for one who really understands our business and our footprint, and the ability of their team and our team to work together effectively. We have worked with our present broker for ten years. It is a joint effort to conduct underwriting presentations to carriers.
JS> How have you, your legal counsel and your IT department conducted analysis of cyber security exposures, including HIPAA or HITECH or other regulatory issues?
EW> Legal certainly looks at all standard contracts, and our Information Security and Technology staffs are involved to collaboratively manage all cyber risks.
JS> How do you stay informed of market developments/changes? What channels do you use to stay informed?
EW> We use the usual regulatory channels to bring us up to speed on regulatory changes, and of course financial market intel tools to help us stay informed on market activity, bond and equity prices, and more.
JS> Ed, what is the greatest lesson learned in your career?
EW> Good question! Perhaps the greatest lessons that I have learned:
- Be thoughtful:
- Be inquisitive and ask as many questions as necessary until you understand, and
- Surround yourself with people who are smarter than you … [and call Firestorm!].
JS> What is your advice for someone coming into an existing risk function within an organization?
EW> Fortunately for me, I have had the opportunity to build a Risk Management activity twice in my career. The best advice I could give is to understand how your organization thinks about risk and how they deal with risk, as a way to understand the risk culture. The programs in place should reflect the risk culture of the company.
JS> What is your advice for someone starting a risk organization within a company?
EW> It takes a solid plan and people to build the function; there is no magic bullet, and no formula other than to understand the business and understand the industry: plan your risk organization to handle the compendium of risks that the company faces, then recruit the right subject matter experts who can get the job done.
Any risk organization is a great window into the company and one can learn everything about what the company does through the risk activity. It’s a great avenue into the company and I recommend it highly.
About Bank of the Ozarks
With an over 100-year banking history, Bank of the Ozarks has held true to the belief that customer relationships are the bank’s strongest asset. Everyone at Bank of the Ozarks takes pride in knowing the customer. Bank of the Ozarks understands that this is the best way to find the right financial solutions that meet a customer’s needs.
Expanding from their headquarters in Little Rock, Arkansas, to more than 100 locations throughout the Southeast, that personal commitment has only grown stronger. It’s the way Bank of the Ozarks does banking. This all-too-rare approach of putting the customer’s needs first is why Bank of the Ozarks is consistently ranked among the top-performing banks in America. But more importantly, it’s what keeps Bank of the Ozarks customers happy. You have a friend at Bank of the Ozarks. Learn more at bankozarks.com or call 1-800-274-4482.
Firestorm® is America’s Crisis Coach® Since 2005, Firestorm has assisted clients in transforming crisis into value. The Firestorm Predict.Plan.Perform.® methodology combines best-practice consulting with proven crisis management expertise, empowering clients to manage risk and crisis.
Firestorm assesses, audits, develops, trains and tests strategies and programs encompassing emergency response, business continuity, crisis management, and crisis communications/PR. Firestorm demonstrates thought leadership in workplace violence prevention, cyber-breach response, communicable illness/pandemic planning, predictive intelligence, and every preparedness initiative.
Firestorm has worked with hundreds of businesses, organizations and schools to keep tens of thousands of employees, customers and students safer. Firestorm provided crisis management and crisis communications services to Virginia Tech after the shootings, and more recently to Littleton, CO, Roswell, NM and Jefferson County School District in Colorado (location of Columbine) among others.
We are the Crisis Coach® | Learn more at Firestorm.com or call 1-800-321-2219.