Retention of risk
Retention of risk is one of the strategy for managing an identified risk. This treatment strategy involves assuming the potential losses associated with a given risk and making plans to cover the financial consequences of such losses. The retention options open to health care organisations include the current expensing of losses, using an unfunded loss reserve (an accounting entry denoting a potential liability to pay for a loss), using a funded loss reserve (a reserve backed by set-aside funds within the organization), borrowing funds to pay for losses, and providing insurance through an affiliated captive insurer. Another (less thought of) form of risk retention occurs when the risk of exposure to loss is unknown and has not been identified by the organisation if risk management professional, and therefore the opportunity to evaluate appropriate risk financing strategies is lost. Failure to identify a risk will result in unwitting risk retention unless insurance coverage is available under an existing policy. Risk retention is most appropriate for managing[1]:
- risks that cannot be otherwise reduced, transferred, or avoided
- risks for which the probability of loss is not great and for which the potential consequences are within the institution's ability to self-fund
- losses that are quantifiable and predictable
- small risks (such as missing dentures and eyeglasses) for which the purchase of cost-effective insurance coverage might not be feasible.
Risk retention means accepting the consequences. Retention can be active(e.g. by developing a contingency plan for execution should the risk event occur) or passive, e.g. by accepting lower a profit if some activities overrun[2].
Subcategories of retention of risk
Risk retention involves intentionally or unintentionally retaining the responsibility or burden for a specified risk. Risk retention is made up of two subcategories[3]:
- risk retention with knowledge, which is often referred to as the self-insurance approach
- risk retention without knowledge, which is caused by inadequate hazard identification and risk assessment.
Risk retention with knowledge
Risk retention with knowledge or self-insurance occurs where an organisation consciously accepts and retains a risk and deals with it by establishing an internal insurance fund. Usually such a decision will be taken only by large organizations, which may already have qualified insurance personnel capable of administering an insurance fund. Only those losses that are predictable through probabilistic calculations should be retained within an organisation. This approach can be used effectively by larger organisations-in particular where the company has a large portfolio of risks. It is important, however, for companies to avoid those situations where a single large risk could result in the company ending in bankruptcy. It is also important that a company does establish an insurance fund as part of the self-insurance approach, in order to cover potential liabilities, rather than just hoping that the liability situation will not arise or can be dealt with if and when it occurs[4].
Risk retention without knowledge
Unidentified hazards and risks can arise from simple sources, such as inappropriate equipment and computer systems, ineffective permits to work and customer care procedures, and inadequate employee competence and training. It is essential, therefore, to keep organisational risks constantly under review, ensuring that any omissions identified are investigated and rectified. The second way in which risks can be retained, without knowledge, within an organisation is through inadequate risk assessment. Although hazards may have been identified, the level of the residual risk associated with the hazards can be underestimated. This problem is often encountered where[5]:
- employees without adequate experience of the hazards have carried out the risk assessment
- risk assessors have received inadequate training
- risk assessment and risk evaluation standards have not been defined within the company.
Examples of Retention of risk
-*Organizations may choose to retain a risk when the potential losses associated with it are small enough that the cost of transferring the risk (through insurance or another method) would be more expensive than the cost of the losses. For example, a small business may choose to retain the risk of a customer filing a small claim against it due to a faulty product, as the cost of filing a claim and legal fees may be higher than the cost of the claim itself.
-*Organizations may also choose to retain a risk if the risk is difficult to transfer or insure. For example, a business may choose to retain the risk associated with potential cyber-attacks, as insurance policies for such risks may be hard to come by.
-*Organizations may also choose to retain a risk if the potential losses associated with it are variable and/or unpredictable. For example, a business may choose to retain the risk associated with fluctuations in demand for its products, as it is difficult to estimate the potential losses associated with such an event.
Advantages of Retention of risk
- Retention of risk can help to reduce financial losses in the long-term, as organizations can take steps to limit their losses and spread the cost over time.
- Retention of risk also allows organizations to maintain control of the risk, as they can take steps to mitigate the risk or transfer it to a third party.
- Retention of risk can also help to provide a greater understanding of the risk and its potential impacts, as organizations can be more proactive in determining the scope of the risk and allocating appropriate resources to manage it.
- Retention of risk can also lead to cost savings, as organizations can choose to self-insure and use their own resources to cover any potential losses.
- Finally, retention of risk allows organizations to access new markets and opportunities, as they can explore ways to reduce the impact of certain risks and take on new projects or initiatives.
Limitations of Retention of risk
- Retention of risk is a costly strategy, as it requires the organisation to allocate funds for potential losses and any associated costs.
- Retention of risk does not provide the organisation with protection from catastrophic losses that exceed the amount set aside.
- This strategy does not provide the organisation with any leverage in negotiating with insurers for better terms or lower premiums.
- Retention of risk can be difficult to manage and monitor, as it relies on the organisation’s ability to accurately estimate potential losses.
- If the organisation fails to adequately identify risk, it can lead to unwitting risk retention and potential losses that could have been avoided.
- Risk Avoidance: This approach involves eliminating the risk altogether, by either avoiding or stopping activities that could result in the risk occurring. This can be done by avoiding certain activities, or by changing the way certain activities are carried out.
- Risk Transfer: This involves transferring the risk to a third party, such as an insurer, to cover any potential losses that may arise from the risk.
- Risk Reduction: This involves reducing the potential losses from a risk by taking steps to reduce the likelihood of the risk occurring or reducing the severity of the potential losses. This can be done through implementing preventive measures, such as training and processes, or through mitigating measures, such as insurance or other financial products.
- Risk Acceptance: This involves accepting the risk and taking no further action. This approach is usually only used when the potential losses are not significant enough to warrant taking further action.
In conclusion, Retention of risk is one of the strategies for managing an identified risk, and involves assuming the potential losses associated with a given risk. Other strategies related to Retention of risk include Risk Avoidance, Risk Transfer, Risk Reduction, and Risk Acceptance. Each approach has its own merits and drawbacks and should be considered carefully when choosing a strategy.
Footnotes
Retention of risk — recommended articles |
Risk management strategy — Residual risk — Risk treatment plan — Risk response — Self insured retention — Specific risk — Runoff Insurance — Indirect loss — Accident management |
References
- Fuller C., Vassie L.H., (2004). Health and Safety Management: Principles and Best Practice, Pearson Education, Harlow.
- Risk Management Handbook for Health Care Organizations , (2009), John Wiley & Sons, San Francisco.
- Hamilton A., (2010). Managing Projects for Success: A Trilogy , Thomas Telford, London.
Author: Dominika Grzyb