Geplaatst op Door Jack P. Kruf

Public Sector Report 2009

The effects of the downturn

Philippe Auzimour, Sabrina Boshuizen en Jack Kruf | July 2009

In mid-2009, Alarm, Marsh, and PRIMO Europe joined forces by presenting the results of different surveys and round tables, which focused on the public risks companies and governments faced due to the downturn. This article combines this report’s highlights (selected by the editor). The extended survey gave an in-depth look at perceptions and actual risks directly after a massive financial crisis emerged.

The survey shows that the complexity of risks has increased: over 75% of the participants responded that the volume and the complexity of the risks within their organisation have increased over the last 5 years. 700 Organisations were interviewed, spanning twelve countries and seven industry sectors. Of these organisations, 101 were in public entities. PRIMO Europe interviewed several people from public entity organisations and sent out a survey to public entities, to which 112 people responded. Also, two round tables were held, one in Amsterdam and one in Bournemouth. The results of all the interviews, survey responses, and round tables are included in this report.

Findings and headlines

There is a huge increase in technological complexity which increases the complexity of our risks, but on the other hand, this technology also helps us in controlling our risks. In case of a default in technology, a high number of our processes will be down. Take for example the internet; if the internet is down, most of our communication is blocked. If electricity is down for an hour, communities panic as they are so heavily dependent on technology.

51% of respondents had experienced a significant disaster in the last 5 years. Disasters that were mentioned were environmental calamity, transport and infrastructure major disruption and general disasters like fires and aircraft accident. 50% of the respondents had experienced some to many major operational surprises in the last 5 years, from key employees leaving the organisation to major budget overruns on large projects.

Another driver of risk management is the pressure of external parties. over half the respondents said that external stakeholders such as members of the public, corporates and local government officials had put pressure on organisations to provide more information about risk in the fields of finance, political reputation, risk management and legislation affecting their organisation. 

Asked which risks they regarded as likely to be most significant over the next 18 months, participants identified environmental risk (73%), public liability (65%), business continuity (63%) and partnership risks (59%). In addition, half of respondents expressed concern about PPP and PFI associates or contractors.

Philippe Auzimour, head of Marsh’s public sector practice in Europe, the middle east and Africa, said: “the recession has had a clear impact on the way public sector bodies approach risk. over half the participants to the survey say that, because of the downturn, risk management is now seen as more important at senior levels in their organisation. a similar proportion say that the downturn has prompted their organisation to review its approach to risk management and 22% say their board’s appetite for risk has grown. In addition to planning for a major disaster, public sectors organisations’ risk management is under scrutiny from a growing list of stakeholders.”

Lynn Drennan, CEO of ALARM, the UK public risk management body, commented that the recession was putting pressure on budgets in public sector organisations: “The financial crisis means reduced budgets, less grants and fewer projects. an increase in social assistance and unemployment are also seen as risks by public sector bodies. Forward thinking bodies are now reviewing investments and budgets and are looking at what projects could be postponed. all of this means that the need to manage risk more proactively has never been more acute.”

Jack Kruf, president of PRIMO Europe, added: “Almost three-quarters of the participants say that a sector-wide standard for risk management either would or already does benefit their organisation. Of those already covered by a sector-wide standard, 89% say it is of benefit to them. Embedding best practice risk management is clearly having benefits for organisations prepared to make the necessary investments.”

Have views of senior management changed? The economic downturn has raised the importance of risk management at the most senior levels?

The impact of the downturn

To find out how organisations have responded to the downturn, the survey examined attitudes to risk management in the current economic downturn, including risk priorities, strategy, management.

A split in attitudes towards risk management

There is evidence for a split between those who are adopting and those who are ignoring risk management, can be seen in the response to a question about whether the downturn has raised the importance of risk management at the most senior levels. 

Overall, 56% say it has, but there is a marked disparity between the UK, where local authorities have dedicated risk managers, and the countries where this is not the case, as Figure below shows. 19% of the people are convinced that the downturn has not raised the importance of risk management. 25% do not know. Quite astonishing related to the fact that the economic downturn has such a large impact on business, economic development and society.

Public entities will be less impacted by the economic downturn than other industries.

Increasing demands, diminishing resources

Every single public entity has been affected by the downturn. According to the participants their organisations will be hit mostly in means and budget, less grants and projects. Public entities have had severe losses and will need to make budget costs. Also an increase in social assistance and unemployment are seen as big risks coming from the crisis. But when asked if they will be affected less than other sectors, more than half participants in our survey agree, as figure under shows.

Although they will not be affected as directly as some other sectors, the demands made on them will increase as the downturn continues – those unable to keep up with their mortgage payments may need public housing, for example. Meanwhile revenues are likely to decrease as business rates bring in less, tourism declines and more people default on local taxes.

If the effects of the downturn on public entities will not be so direct as they are on other sectors, they may well be longer lasting. Some areas of public spending will increase in the short term as government stimulus packages are disbursed. Stimulating sustainability; speeding up of investments and nationalisation of banks are some of the current risk management policies driven by central governments. But this spending will be followed by cuts as governments try to restore their financial positions.

This lack of direct and immediate impact may be the reason that, of all the seven sectors we surveyed, public entities are the least likely to say that the downturn has prompted them to review their approach to risk. Nonetheless, 54% of respondents have done just that. It is the lowest rate related to other sectors.

The credit crisis has ensured that managers are more likely to discuss risk management. Risk management has unfortunately not always been a hot topic for politicians and chief executives officers (CEO). CEOs are there for strategic decisions, and are not accustomed to thinking about a hole in the road, for example. A wider area should be drawn. Issues like health, housing and infrastructure need structural and strategic attention. The credit crisis forces managers now to think better about things. They have to think about budgets, dismissals and other macroeconomic drivers. This is the time for getting the attention on risk management.

Asked how the downturn will affect risk management, 13% of participants say that more attention will be paid to budgets – especially, it seems, for insurance. The most common response, voiced by 30% of participants, is that the downturn will have no effect on risk management. This is the first sign in the survey of a group of about a third of participants that seem not to be engaging with risk management.

The existence of this group seems to be confirmed when we ask in which areas the downturn has prompted them to review their approach to risk. Many participants answer this question as though they had been asked about insurance, rather than risk more broadly, as this response shows: “This economic slowdown doesn’t currently influence our decisions regarding insurance”.

This speaks to the lack of dedicated risk managers in public entities, except in the UK and the Benelux countries. As a result, risk tends to be dealt with in rather a piecemeal way, with aspects of it covered by insurance, legal or health and safety departments. However, the downturn is likely to change attitudes to risk management. CEOs of local authorities have seen their tenants bankrupted and understands that major players in public finance, such as Dexia and Fortis, can also get into deep trouble. There are municipalities in France that could be exposed to rate increases of 18% because of structured finance issues. As a result, elected representatives and civil servants are more likely to understand that there is a return on the money invested in risk management, and that the discipline must be taken seriously.

Philippe Auzimour “the recession has had a clear impact on the way public sector bodies approach risk. Over half the participants to the survey say that, because of the downturn, risk management is now seen as more important at senior levels in their organisation. A similar proportion say that the downturn has prompted their organisation to review its approach to risk management and 22% say their board’s appetite for risk has grown. In addition to planning for a major disaster, public sectors organisations’ risk management is under scrutiny from a growing list of stakeholders.”

The downturn in the global economy has been swift and severe. It raises important questions about how organisations conduct their business – and particularly about how they assess and manage risk. Lynn Drennan, ceo of alarm, the UK public risk management body, commented that the recession was putting pressure on budgets in public sector organisations: “the financial crisis means reduced budgets, less grants and fewer projects. an increase in social assistance and unemployment are also seen as risks by public. 

Would you say that the board’s appetite for risk has increased or decreased in the light of the current economic situation, or has it had no impact?

The results illustrate how the downturn – combined with court rulings and regulations such as the EU Environmental Liability Directive – are adding to public entities’ long- term liabilities and making it increasingly difficult for them to genuinely share risks with the private sector.

Over half the participants (56%) say that, because of the downturn, risk management is now seen as more important at senior levels in their organisation. A similar proportion say that the downturn has prompted their organisation to review its approach to risk management. 22% say their board’s appetite for risk has grown. The proportion of participants who say that their appetite for risk has diminished (25%) is the smallest proportion seen in any of the seven sectors in our survey.

Risk appetite is very different than in other sectors

If awareness of risk is beginning to increase, what effect is that having on boards’ appetite for risk? Here again there are large regional differences. Overall, around half of our participants say that the board’s risk appetite has not been affected by the downturn, with the rest fairly evenly split between increasing and decreasing appetite, as figure shows. 

The public sector has the lowest percentage reporting a decrease in appetite for risk – among financial institutions the figure is 52%, with other sectors ranging between 33% and 43%. When we break the responses down geographically, we see that the UK gives very different responses than other participants. In this country, where risk management has been embraced far more than elsewhere in Europe, only a third say the downturn has not affected appetite. Meanwhile a quarter say it has lessened their appetite for risk – and a third say it has increased it.

The explanation for this is that public entities have no choice but to take on more risk, as new regulations and failing companies increasingly push liability onto them (see Section 2). The realisation of this is greatest in the UK where public-sector risk management is best developed and where PPP has been most in evidence.

Elsewhere in the world there are attempts to change this growth in public entities’ liabilities – in the United States some cities are suing banks for lending decisions that have left city authorities with thousands of extra people to re-house – but in Europe the trend is clear. With risks increasingly devolving to public entities, better risk analysis is the only option.

A large group plans to retain more risk

This explanation is reinforced by the fact that 22% of participants – the highest figure for any sector is 23% – plan to retain more risk, while only 12% expect to transfer more. When asked in which areas they would retain more risk, 23% of participants mention insurance and 18% mention liability. This seems to indicate a move among the more sophisticated public entities towards self-insurance.

The retention of risk makes it necessary to put in place reserves that are appropriate for a local authority’s budgetary procedures. It is imperative to monitor fund balances and to forecast future claims to ensure that the fund is adequate to meet claims settlements.

It is most likely that organisations which have performed risk analyses are moving to self-insure frequent claims, such as injuries among waste-management staff. In Paris on any given day 16% of dustbin collectors are absent from work because of minor injuries, generally caused by poor lifting techniques. The money spent on insuring these frequent claims can be ring-fenced for use in paying compensation, providing healthcare and – most importantly – improving training and awareness so as to avoid injuries. Retaining risks such as these can save money which may then be used to increase limits on low-frequency, high-impact events such as earthquakes, pandemics and floods – the very areas in which the changes in liability are most likely to affect public entities. By moving towards higher deductibles and much higher limits on insurance policies, public entities can trade an increased likelihood of affordable losses against a much decreased likelihood of a catastrophically large loss.

A feasibility study carried out at the end of 2005, and participated in by 28 authorities, established that a mutual owned by London authorities could generate significant premiums savings and, in the medium term, generates a substantial operating surplus for its members.

Comparing performance among organisations

Strategies such as the one outlined above can only spread if organisations have some means of evaluating their risk management practices against those of their peers. Of the participants in our survey, 40% say they have initiatives in place for doing so. Most commonly, these initiatives include peer review (28%) and setting up a risk management group (also 28%).

When asked if there is a sector-wide standard in their country for evaluating public entities’ risk management practices, most participants answered correctly. Discrepancies are mostly accounted for by differing interpretations of what a sector-wide standard is. For example, there are standards in several countries governing health and safety and BCM, which are aspects of risk management, but there is nothing explicitly covering risk management as a whole. The UK also has Alarm, the public risk management association. There is no sizeable equivalent of this in other European countries. However, 71% of our participants say that a sector-wide standard either does or would benefit them. And of those who believe a sector-wide standard exists, 89% say it benefits their organisation.

Alarm came into being under its current name in the early ’90s the year before Municipal Mutual Insurance (MMI), which had provided insurance to all UK local authorities, went bust after unsuccessful attempts to address solvency problems. Having tried successive year on year premium hikes to the order of 40 – 60%, MMI imposed significant (> £100K) deductibles upon their larger (County / Metropolitan) clients in 1992. It was, however, too late and after both the public entity members, and the UK government at the time, declining to inject further cash, MMI ceased trading and went into run-off in 1993. The market changed forever with ensuing private- sector insurers maintaining the high-deductible approach, which in turn forced public entities in the UK to move away from reliance on ground-up insurance and having to invest in risk management. The downturn is now exerting similar pressures across Europe.

How significant will each of these risks be for your organisation in the next 18 months? (in %)

The other factor in developing risk management in the UK was the introduction of the CPA (Comprehensive Performance Assessments) – performance in which is directly linked to government grants. The focus of these assessments was not only on audit but also on how risk management could be used to enhance the delivery of services. Now is a good time for a Europe-wide equivalent.

Public entities are realising they have to evaluate their risk management

Almost three-quarters (71%) of participants say that a sector-wide standard for risk management either would or already does benefit their organisation. Of those already covered by a sector-wide standard, 89% say it is of benefit to them. However, only 40% of participants say they have initiatives for evaluating their risk management practices against those of their peers. embedding best practice risk management is clearly having benefits for organisations prepared to make the necessary investments.”

Financial crisis puts pressure on public spending efficiency

According to the participants, the financial crisis will hit their organisations mostly in means and budget, less in grants and projects. Also an increase in social assistance and unemployment are seen as risks as a result of the crisis. 43% of the participants say they have a special (financial and economic) crisis alert team. The most important actions that their organisations or these special teams have brought forward are earlier investments, budget reviews and postponement of projects.

Over 75% of the participants responded that the volume and the complexity of the risks within their organisation over the last 5 years have increased. 51% had experienced a significant disaster in the last 5 years. Some of the disasters that were mentioned were; significant budget overruns in large projects, environmental calamity, transport/ Infrastructure major disruption and general disasters like fires or aircraft accidents. Another driver of risk management is the pressure of external parties. Over half the respondents said that external stakeholders such as members of the public, corporates and local government officials had put pressure on organisations to provide more information about risk in the fields of finance, political reputation, risk management and legislation affecting their organisation.

Manifestations of risk

Asked which risks they regarded as likely to be most significant over the next 18 months, participants identified environmental risk (73%), public liability (65%), business continuity (63%) and partnership risks (59%). In addition, almost as many participants are concerned about PPP and PFI associates or contractors (51%) as are concerned about citizens (54%). 

Environmental risks

Governments phase a broad range of environmental risks, from local pollution to climate change. Extreme weather conditions are predicted to become more common, the sea level is rising and the risk of floods is increasing. The impact of nature on humans is a concrete threat. There is the risk of shortage of commodities, which can have an increasing migration of the population as a result. Also public health related risks, linked to pandemics, use of radio wave or nanotechnologies are to be managed more cautiously by local authorities.

Another reason for the growing concern about environmental risks is the EU’s Environmental Liability Directive 2004, which established the “polluter pays” principle. As local authorities are responsible for the water, air, and endangered species within their territory, courts usually rule that they bear the ultimate liability for pollution. An example is a case brought by consumers against a company that provides water in France because of the amount of nitrates in the drinking water. Having lost the case, the water company sued the government on the basis that the nitrates were the result of local farmers using too much fertiliser, and that the government had failed in its responsibility to enforce restrictions on fertiliser use. The water company won this case, and the government duly paid the compensation that the company owed its customers.

Public liability

Heightened public awareness of environmental issues enhances the potential for regulatory action and claims. This mechanism is one of the reasons that participants in the survey identify public liability as a significant risk. It is rated significant by the second highest proportion overall (65%), and it is identified as “very significant” by the largest proportion of participants (28%). In fact, public entities are liable for everything within their area, not merely environmental risks.

Public liability fosters need to build resilient communities and mitigate partnership risks. Partnership risks (59%), PPP and PFI associates or contractors risk (51%) and concerns about citizens (54%) illustrate how the downturn – combined with court rulings and regulations such as the EU Environmental Liability Directive1 – are adding to public entities’ long- term liabilities and making it increasingly difficult for them to genuinely share risks with the private sector. 

The mayor of Chamonix, Michel Charlet, was given a six-month suspended sentence – despite an appeal – as a result of the 1999 fire in the Mont Blanc tunnel. The judge ruled that because the tunnel was in the mayor’s territory, he bore responsibility for not having identified the danger and taken steps to avoid it, even though he had no direct authority over the tunnel.

The “precautionary principle”, adopted by the EU and enshrined in law in many European countries, extends the potential liabilities. Two city governments in the EU have compelled a mobile telephone provider to remove mobile-phone relay stations for this reason, despite the lack of compelling evidence that they cause harm.

Business Continuity

Business continuity risks, the third risk on the list (rated significant by 63%), is also closely related to the first two. For local authorities, business continuity means restoring normality as soon as possible. That includes clean water, security, and other basic public services such as work management and transport. Authorities may lay themselves open to legal action if they fail to keep public services running, even in the midst of a pandemic, earthquake or flood – forces that respect no boundaries or borders. To do this, they will have to stress-test plans in order to improve resilience and be able to cope with any emerging risks.

During the PRIMO Europe roundtable “the art of risk management” insufficient connection between everything that is happening around us was seen as a major risk, other major risks were considered as current high risks for the society; for example changing demographics in society, like widespread legal immigration which has a severe impact on the provision of health care, education and housing. But also the longer life expectancy of people nowadays, which causes a higher demand of public services and social health care. Another risk that was mentioned is cybercrime. Cyber crime is a continuous threat where the police and several organisations work together. 

‘Resilient communities’ as concept of thinking emerges, because of the multitude and cohesion of risks.

Partnership

Because some risks cannot be efficiently transferred, partnership becomes less attractive for both public and private bodies. In France many utilities are being renationalised: Paris is taking its water back into public control. The survey shows that 59% of participants rate partnership risks as significant – a similar amount as for public liability and business continuity risks.

Another indication of the problems with partnership is the fact that 51% of participants say that they are concerned about contractors, including partners under programmes such as public-private partnerships (PPP) or the Private Finance Initiative (PFI). Of these 10% are “very concerned”. The level of concern correlates with the amount of PPP or PFI activity there is in a country, reaching a peak in the UK and France, where 62% of participants are concerned, as Figure 5 shows. It is significant that the degree of concern over contractors is so close to concern about citizens – just three percentage points away, at 54%. Citizens are the people to and for whom public entities are ultimately responsible. As such, almost all risks ultimately emanate from citizens – in the form of votes, political pressure and lawsuits. For these reasons, it is difficult to imagine a set of circumstances in which citizens would not be the greatest source of concern.

This concern about partnership is relatively new. We believe that if the survey had been conducted 18 months ago the percentages expressing concern would have been around half what we find today. The reason for this is public entities’ experience of PPP, especially in the UK. There, private companies have been removed from projects to modernise London’s underground railway, for example.

In August 2008 Alarm has published a report on ‘Partnership risks: issues solutions and examples of good practice’. Based on the outcomes of a workshop which took place on the 16th of May and was attended by 45 representatives from local authorities, housing associations and central government, One of the conclusions that came from that workshop was the importance of dealing with the issue of culture risk between the different partners in a contract. The culture of a local government organisation being different from the culture of an engineering organisation or for example a community group. For that reason communication between the partners is essential. It’s not only important to get the contract right, their must also be a common understanding of what is required and how this will be delivered. All over Europe, problems with PPPs have increased by the downturn. The companies bidding for projects now find it difficult to raise the capital and finance to carry them out, and public entities have their own problems in this regard, as the institutions funding their debt are running into trouble. All this increases partnership risk.

Construction/Infrastructure

Infrastructural projects are often complex and long term projects where high levels of investment are involved. The risks inherent in this sector can have far reaching consequences for every stakeholder throughout the asset lifecycle. 

A high percentage of infrastructural projects experience high budget overruns and long delays. During the roundtable on infrastructural projects during PRIMO Europe’s The Art of Risk Management conference in Amsterdam the risks involved in infrastructural projects and possible solutions to these risks were being discussed.

One of the main conclusions of the roundtable was that most projects face large political and managerial risks, rather than just technical risks. Most Infrastructural projects are long term projects, management of these projects often changes, which results in different project managers throughout the project which has a huge impact on the efficiency of the project. Another managerial and political risk is that the project teams often have no mandate. For every small change the project team has to go back to the government to get approval, this causes long delays and therefore extra costs. By giving the project team a mandate, in order to be able to make decisions within a certain framework, this risk can be solved. The project team needs to have one project manager who has overall responsibility. It’s not always clear who has overall responsibility for the project. Is it the council or is it the project manager? Who leads the team? Make contracts and covenants and document them well, do not change the contract or requirements.

Often politicians change their opinions and therefore keep making adjustments in the contract; contractors will make use of this. E.g. they charge high prices for minor adjustments. This risk could be managed by not changing the specifications of the project. Rather spend more time in the preparation phase to be able to get contracts right, than keep changing the specifications in the contract during the project. Be realistic; make financial prognoses from the start till the very end of the project.

Another essential part of an Infrastructure project is communication. Within the team, it should be clear of what is required and how it should be delivered. But also to the public, get them accustomed to the project., tell them what can be expected and be honest. The visualisation of the project to the surroundings, to the people around the project is essential.

Striking a balance between internal and external risks

Asked to spontaneously name two or three risks that will be priorities for their organisations over the next 18 months, participants’ responses are relatively evenly split between internal risks – strategic and operational things such as health and safety or business continuity – and external ones, financial and macroeconomic considerations such as credit risk or the volatility of financial markets: 47% of responses fall into the first category and 48% into the second. Hazard risks, such as natural disasters, account for only 10% of responses, presumably because these are long-standing risks and are covered mainly by regional catastrophe risk insurance pools, funded by tax on property insurance. 

External risks are credit risk (10%), financial market volatility (8%) and financial risk (general, 8%). Internal risks are health and safety (9%), business continuity (8%) and employee (8%). The prevalence of external risks is undoubtedly a result of the downturn, and this will change the way public entities manage their finances. Sliding into history are the days when a public entity could have a rate on a lending agreement that is a function of the difference between Euribor and the dollar. As a result of such arrangements public finance has been affected by factors that are beyond the control of public governance – as is shown by the 8% of participants who say that financial market volatility will be one of their risk priorities.

Internal risks are particularly interesting, confirming the importance of business continuity and pointing to two important sources of long-term liability: employee risks and health and safety. As we will see in the next section, these two risks – taken in conjunction with other findings – point to Economic risks.

Bibliography

The report is disseminated to members of PRIMO Europe and ALARM.