A National CRO: Risk Management for the American Enterprise
Last week the President signed the reauthorization of the Terrorism Risk Insurance Act (TRIA) of 2002, it begs the question whether a siloed risk transfer approach is the most effective strategy for national risks borne by taxpayers. TRIA was first designed to shore up the insurance industry, which suffered large property, casualty and life losses due to the terrorist attack on 9/11. Additional losses were borne by the airline industry and many other sectors, which never anticipated such a large scale event. Thus, without the Federal backstop, which is ultimately borne by taxpayers, risk appetite for these exposures would have dwindled, especially in light of the massive litigation that followed 9/11 and continues to this day.
There is an inherent strength and weakness in a federated system like the United States. In part, strength is gained through the principle that the whole is greater than the sum of its parts. At the same time when the “whole” cannot operate as one because of disagreement among its constituent parts, cracks begin to emerge in the edifice. Such cracks are revealed by the absence of a national enterprise risk management strategy. A “we’ll deal with it when it happens” approach does not make for sound policy or preparedness in the face of countless risks, from cyber warfare to terrorism and natural catastrophes. For one, there is no cabinet-level Chief Risk Officer (CRO) – with the occupant of the Oval Office being the closest proxy. The national CRO would be the person who bears overall accountability for the financial wellbeing and resilience of the nation following acute or attritional losses, wherever they arise, regardless of the cause. Critically, this function would serve as the risk champion of the Federal Government coordinating and aggregating existing risk resources, such as TRIA, FEMA, natural catastrophe pools (e.g. flood insurance) among others. In effect, the CRO would have oversight over a national risk-bearing pool cutting across all risk domains that are ultimately paid for by tax payers reducing the average cost.
The vital role of coordination among response agencies, such as DHS, oversight agencies such as the GAO and OMB, and financial agencies, like the Treasury and FDIC, would lead to better alignment and stewardship of taxpayer risk-bearing. The premise is that rather than dealing with national risks ad hoc, like TRIA does, long term risk-bearing capabilities would be established. Removing this national risk strategy from electoral politics, which held TRIA’s reauthorization hostage and saw special interests being baked into the legislation, would create a more robust and lower cost risk financing solution. Over time, coaxing the participation of the capital markets through insurance-linked securities and government backed catastrophe bonds covering manmade and natural perils will improve overall resilience and liquidity. Institutional investors are attracted to catastrophe bonds as their returns are uncorrelated to the business cycle. A U.S. Government backed program of this nature would not only have the allure of a ‘flight to quality,’ it would benefit from the implied backstop afforded by the Treasury across systemic institutions and programs.
Following large-scale losses or economic duress, the U.S. has traditionally followed the Keynesian school of thought, whereby deficit or reconstruction spending helps fill the economic void and restart the engine. Thus far the record has favored Keynes, however, largely at the expense of the nation’s debt, which has reached perilously high levels – stoking a sovereign debt crisis and the loss the coveted AAA credit rating. An aggregate national risk pool, by contrast, will lower the average cost of risk to the taxpayer and break the pattern of treating risk-financing like a surprise event. Risk by definition is a surprise event, that the U.S. (like all other nations) will have deal with the economic consequences of large-scale losses should not be. Therefore a national risk pool that cuts across all risk domains and shores up private sector risk appetite will enhance national security.
In the wake of TRIA’s reauthorization, which carries this important Act to the year 2020, it begs the question whether the nation’s terrorism risk will somehow diminish by that date? Given that the risk of terrorism, which is now successfully targeting our information infrastructure and firms, is perennial, our financial solutions to absorb these risks should have similar staying power and adaptability. Under the oversight of a cabinet-level CRO who can harness the power of the capital markets to absorb risk and coordinate a whole of government response, the U.S. will be better prepared to absorb unforeseen shocks.
Dante Disparte is the founder and CEO of Risk Cooperative a specialized strategy, risk and capital management firm located in Washington, DC. He is the resident expert on risk and economic competitiveness at the American Security Project, a member of the influential Consensus for American Security and a founding member of the Business Council for American Security.