Risk managers express desire to increase their involvement with the HR department


A board committed to addressing people risks and cooperation between the human resources and risk management departments are both essential to effectively manage people risks.

Most risk managers can depend on senior management support in dealing with people risks, StrategicRISK’s survey found. A vast majority of 87% of respondents rate their board’s commitment to addressing people risks as ‘average’ or ‘good’.

“I think boards are well aware that their companies are being asked to do more with fewer resources which makes the employees even more essential and crucial to the business,” says Lance Henderson, head of sales and relationship management at Zurich Global Employee Benefits Solutions.

When it comes to employee benefits, Zurich is seeing a fairly significant trend towards companies expanding their duty of care to not only include their globally mobile employees, but their entire workforce, including national employees.

“We’re also seeing that multinational companies want to have minimum benefit levels for their employees worldwide. This is very new. In the past benefits have been set according to local conditions, so what’s typical in the local market,” Henderson says.

The extension of a minimum level of benefits worldwide for group life and/or disability is something that a board can understand and relate to, he explains, adding that the board should also be made aware of other issues, such as whether the war for talent is affecting the employer.


For Anders Esbjörnsson, group risk manager for Swedish construction company NCC and a FERMA board member, the first step in managing people risk is to become aware that people risk is a risk and not only a matter for HR. “I think the tools and procedures in place for recruiting and retaining employees have not always been methodically managed, and for sure were not considered a risk.”

He says it is vital that the HR and risk management departments cooperate in managing people risk, but he believes that in most businesses people risk is only handled by the HR department.

“In most companies this risk is treated in a silo with no or limited involvement from risk managers. I think that to some extent cyber risks have been silo-treated in the same way by the companies’ IT departments, but risk managers are more and more involved nowadays. Risk managers must insist, and be clearer, that people risk is better handled by HR and risk management together.”

StrategicRISK’s survey shows most risk managers already have some involvement with the human resources department when it comes to managing people risks, but 58% of respondents said they would like to work more closely with HR to measure and mitigate people risk.

To make this happen, Henderson says risk managers need to remember that most heads of HR and employee benefits are not finance people. “They are not as interested in managing the financing of employee benefits as they are managing employee benefits, benefit levels and coverages. If the risk manager can assure the HR counterpart that they will retain full ownership for designing employee benefits, then I think there’s often plenty of room for the risk manager to become more involved in the financing of those employee benefits.”

He adds: “It’s important to involve the HR person right from the start, so that there is a level of trust and clarity around responsibility. Then it’s incumbent on the risk manager to design a financing mechanism that is a win-win for both areas of the business. What I mean by that is, perhaps because of the involvement of risk management, the cost of employee benefit insurance becomes more predictable. That would help HR in the budgeting for those employee benefits or perhaps the entity takes more responsibility for the financing and can provide benefits that are otherwise not available in the local market.”

However, risk managers seeking a closer relationship with their HR colleagues could run into a few barriers, most notably that HR may perceive risk management involvement as a threat to their responsibilities.

“They may be concerned about risk management wanting to decrease benefits to decrease the costs of benefits,” Henderson says. “In reality, risk management is interested in the most efficient financing mechanism that is available for employee benefits, especially using their experience around general insurance or property & casualty programmes. Global insurers are increasingly able to offer a centrally managed but globally implemented employee benefits plan that looks a lot like the international programmes on the general insurance side.

“The risk manager really has an opportunity to get involved, make the financing more efficient and reduce frictional costs for the organisation. It’s really incumbent on the risk manager to almost make a proposal to HR to look at the potential benefits of more strategic management of the financing of employee benefits,” Henderson says.

Esbjörnsson concludes that the main barrier to closer cooperation between the risk manager and HR is that people risk is not seen as a risk. “This is perhaps combined with the silo thinking and a bit of ‘fear’ about allowing someone else – a risk manager – to intrude.”

To read the full report on StrategicRISK’s people risks survey, click here


Amanda Cutajar, head of HR for the UK, and Karla Cruickshanks, risk and business continuity manager, from DLA Piper work closely together to manage and improve resilience for the firm in relation to crisis management and business continuity. They agree that the relationship between HR and the legal, risk and compliance team is an essential partnership.

The safety and welfare of all employees in a crisis is essential and how individuals will respond in a crisis can often be overlooked. Cruickshanks and Cutajar have ensured that this is factored into the planning and training stage of their business continuity and crisis management strategies and this has worked well any time a plan has been called into action.

“People are our most important asset and it’s critical that we involve our HR colleagues in not only our resilience strategies, but also other risks across the business,” says Cruickshanks. “They have the expertise and skills to ensure that we have a truly robust approach to managing people risks. For this relationship between our departments to work properly, we make the time to keep each other updated on key developments and changes, and to learn from one another. We communicate openly, with respect and honesty, which enables us to arrive at creative and practical solutions.”

Cutajar agrees: “It’s helpful to have experienced lawyers and risk managers to call upon for advice and to know that we are stronger as a business for being collaborative across the support areas of the firm.”

Both Cutajar and Cruickshanks believe that having a robust and flexible plan, which the business trusts, as well as communicating effectively with one another and their colleagues if there is an incident (like the terrorist attacks in Paris), means that people risks are able to be managed safely and effectively across the law firm.