One of the best and most impactful ways to learn something is by example in my experience.
Previous articles like these two on the Texas winter blackout and school bus vendor fiasco provided great examples of the consequences of being reactive to risks and issues.
These two situations, and the one I’m about to describe, are what author Ken Poirot meant when he stated:
Reacting to a crisis once it’s happening rather than proactively preparing is probably one of the starkest differences between traditional risk management and ERM. A recent conversation about a software system provides a clear example of this principle in action.
First, let’s explore the facts about this case of being reactive instead of proactive.
Speaking with a risk manager at an insurance company recently, I was stunned to learn they still used a AS-400 system for its claim processing and related operations.
This particular system is over 40 years old. It has a black screen with green DOS text. If you’re under 30, you probably can’t even visualize what I’m talking about, which is why I’m including a screenshot below.
The AS-400 was becoming obsolete when I began my insurance career over 20 years ago! Upon hearing about a company using this antiquated system, I was immediately reminded of Southwest Air’s Christmas 2022 meltdown less than a year ago.
The AS-400 has significant limitations from both a functionality and usability perspective. It’s also increasingly difficult and costly to maintain a system this old.
From an operational and financial perspective, a system this old limits the company’s ability to see trends and produce reports that would be helpful for decision-making. For this specific insurance carrier, it also limited its ability to update product offerings and rates.
Management has been receiving some warning signs regarding the obsolescence of the AS-400, along with urgings to start taking steps to replace it. Like our Texas blackout example, company leaders chose to ignore the advice, perhaps because they were approaching the matter from a scarcity mindset.
Over time, claim volumes kept going up and up to the point where the company began experiencing higher and higher financial losses.
If the company had replaced the aging system, it would have had the insights and ability to proactively update its product offering and rates to either resolve this problem quicker, or better yet, avert it altogether.
The steep losses eventually got executives’ attention, and they came around to the idea that they needed to update their system, but here’s the kicker – this is typically a multi-year effort. Even if they fast-track the upgrade, it will still be at least 18-24 months before the insurer can realize any benefit from the changes it needs to improve its financial conditions.
Ignoring the warning signs and advice has proven to be very costly and gives teeth to the sage wisdom that “an ounce of prevention is worth a pound of cure.”
It’s also a clear example of passive risk acceptance, which (as discussed in our popular article on risk response strategies) means management chose to do nothing without fully understanding the consequences of doing so, or what we may refer to as a lack of “due diligence.”
More specifically, they didn’t investigate the money and effort it would take to replace the system and the benefits the company could realize with a system replacement, then compare that information to the financial consequence of continuing to use a system with the limitations of the AS-400.
It’s important to note that the consequences of being reactive instead of proactive can happen to any company regardless of size or industry.
We could extend this example to manufacturing processes and systems, or even people.
Let’s say a company wants to branch out into a new product. However, the existing equipment doesn’t support these changes. The new product can be done, but 20+ new people will need to be hired to handle all the manual workarounds.
Questions like…
- “How much are we paying for these new people?”
- “What kind of risks are we taking by hiring these people?”
- “How long will it take for them to do this work?”
- “Are we able to get a return on our investment? If so, how long will it take?”
- “What are the chances of something going wrong with all of the manual workarounds?”
…should hopefully come to mind. And in answering them, executives may decide that it’s wiser to go ahead and upgrade the equipment.
And in the context of today’s topic – asking questions like these that gets in front of a potential future problem is (gasp) proactive.
How does your company manage risks like the situations described above?
Please feel free to share your thoughts by leaving a comment below or join the conversation on LinkedIn.
If your company has experienced negative consequences due to being reactive instead of proactive and not quite sure how to change, please don’t hesitate to contact us to discuss your circumstances.