In our previous post, we talked about the many risks facing insurers using social media. In today’s post, we’ll look at how insurers can take a holistic approach to identifying, assessing and managing those risks.
At Accenture, we focus on distinctive responses—policies, procedures, technologies and competencies—across the traditional risk management categories of governance, processes and information technology. We also recommend augmenting and supporting these activities with other actions relating to compliance, culture, leadership and performance management.
Establish a risk-aware culture
One of the first underpinnings of effective social media risk management is a commitment to creating and infusing a risk-aware culture—an awareness of how the company is being exposed to social media risks and what each individual must do to help manage those risks. Effective managers of social media risks emphasize the importance of making risk management part of everyone’s daily responsibilities. In a company with a risk-aware culture, people at all levels instinctively look for risks and their impacts when using social media.
To create this type of culture, employees must:
- Know the rules and guidelines.
- Adhere to those rules and guidelines.
- Be held accountable for their performance.
A second foundation of effective risk management is to ensure regulatory compliance. Many companies find it challenging to manage and comply with multiple regulatory agencies, differing interpretations of regulations and varying degrees of guidance on regulatory compliance. But the good news is that insurers can look at what they usually do to handle complaints, suspicious activity and inquiries from customers. In other words, an effective social media risk compliance program should not differ significantly from other compliance risk management programs.
A compliance risk framework must include:
- Proper governance and oversight.
- Policies and procedures.
- Risk assessments.
- Risk monitoring.
- Metrics and reporting.
Integrate performance management and measurement
A third base of support—integrated risk performance management—is essential for leadership at all levels for an end-to-end view of social media risks, their impacts and their ability to be mitigated or controlled.
A framework for measuring risk management performance includes:
- Identifying risks.
- Reporting on risks.
- Managing risks.
- Measuring performance of risk mitigation.
- Identifying opportunities to improve control effectiveness, reduce exposure and automate processes.
Advance risk management capabilities rapidly
To advance their social media risk management capabilities rapidly, insurers should focus on five key influence points:
- Assess vulnerabilities arising from social media use beyond just reputational risk.
- Expand existing risk governance structures and activities to include social media activity.
- Establish advanced social media monitoring tools and technologies.
- Enhance existing performance management capabilities to analyze and act on the metrics delivered from monitoring activities.
- Engage in enterprise-wide change management activities to create a more risk-aware culture.
To temper the risks of social media and to get more value from a social media strategy, insurers need to establish governance structures, processes and technologies that are unique to the special challenges that accompany this global phenomenon.
To learn more, read A Comprehensive Approach to Managing Social Media Risk and Compliance.