25 Risks HR, Risk Managers, and Business Leaders must Tackle Together
25 top risks that HR, risk managers, and business leaders must work as a team to address
People are an organisation’s most important strength, but can generate significant risk for a business if not properly managed. Never before has it been more vital for HR and risk management to break down silos and work in concert to protect, equip, and motivate this critical asset.
Throughout the COVID-19 pandemic, people risks featured heavily in C-suite and boardroom discussions. As the virus started to spread, many organizations rapidly re-evaluated their approach to supporting employees as it became even more clear how imperative they are to the overall health of a business.
The pandemic moved employer-sponsored health, risk protection, and well-being plans from a nice-to-have to being a central pillar of the employee value proposition. CEOs are recognizing the impact that well-being can have on business continuity, safety, the client experience, and even key person risk. In fact, according to our talent trends research, this is the top issue raised by people in the C-suite.
At Mercer Marsh Benefits (MMB), people risk is our business. We have categorized 25 people risks into five main categories so that organizations are able to identify, prioritize, and manage the threats that are most pertinent to them and take the appropriate action.
Health and Safety
1. Deteriorating mental health: Workforce mental health issues (e.g., anxiety, stress, depression, and addiction) can lead to suboptimal well-being, productivity, benefits spend, and employment value proposition/brand.
2. Workforce exhaustion: Overtiredness stemming from work-life balance issues, change fatigue, and too many priorities and distractions often lead to errors, high employee turnover, reduced productivity, and damaged reputation.
3. Non-communicable health conditions: Unmanaged chronic illnesses, including diabetes, lung disease, and cancer, impact business continuity, operational costs, and overall individual and organizational performance.
4. Communicable health conditions: The spread of infectious diseases (including future pandemics) will impact business continuity leading to high operational costs and poor performance, both individually and at the company level.
5. Work-related illness or injury: Accidents, unsafe exposures, and security incidents or aggravation of pre-existing conditions in a work environment (on-site, remote working) could lead to penalties, brand damage, and poor employee relations.
6. Talent attraction, retention, and engagement: The inability to create a strong talent pipeline, employment value proposition, and the growth opportunities needed to sustain and motivate the workforce.
7. Conduct and culture: Misconduct including bullying, harassment, dangerous behavior, and fraud. Or workplace cultures that foster behaviors that are misaligned to corporate values or illegal/unethical. This can severely damage reputation and even lead to expensive legal action.
8. Succession and key person risk: Lack of depth in succession bench and talent flight risks can result in a business being heavily reliant on key individual(s) and severe disruption if that person is unable to work.
9. Changing nature of work: Issues associated with flexible working, gig workers, technology adoption, and growth mindset that create new business challenges in areas like innovation and workforce management.
10. Travel and mobility: Business travel and international assignments create more risk issues like crisis/evacuation management, business/colleague dissatisfaction, and duty of care.
11. Misalignment of HR and business strategy: Workforce planning, organizational change management, and HR/benefit technologies and processes being inconsistent with strategic business vision leads to mixed messages, lower levels of confidence in the business, and skills gap and talent misalignment.
12. Skills obsolescence: Gaps in workforce skillsets due to rapid digitization and automation resulting in unmet business goals.
13. Cybersecurity: Increasingly sophisticated and frequent cybercrimes, including those that stem from people management processes and vendors, resulting in business interruption and brand damage.
14. Data privacy: Breaches that result in loss or misuse of personal information, including those that stem from people management processes and vendors.
15. Obsolescent HR technologies: Failure to capitalize on technology advances that will make HR activities, benefits, and healthcare more personalized, convenient, and secure resulting in a suboptimal employee experience.
Environment and Social
16. Diversity, equity, and inclusion: Lack of inclusive workplace that results in reputation risk amongst employees, customers, and other stakeholders.
17. Environment: Climate change and environmental degradation that leads to weakened employment brand, workplace impact (e.g., flood, fire), and workforce health issues (e.g., hunger/famine due to drought, allergies/asthma due to pollution, increases in water borne illnesses).
18. Labor and employee relations: High volume of labor grievances, perception of uncaring culture, or lack of desirable company purpose that leads to higher operational costs, suboptimal customer experience, and social responsibility issues.
19. Social unrest: Factors such as political instability, youth disillusionment, and increasing disparities that could lead to productivity losses and brand damage.
20. Catastrophic personal life events: Catastrophic personal events like death, critical illness, or disability highlighting organization gaps in employer-sponsored benefits protection measures and hence reputational issues.
Governance and Financial
21. Increasing health, risk protection, and well-being benefit costs: Increased spend due to factors like reduced insurer appetite for risk, medical inflation, increase in utilization, and claims duration and severity, which impacts employee benefit premiums and other costs.
22. Pension financial risks: Investment, inflationary, and longevity risks affecting the plan sponsor’s financial commitments to the retirement plans (balance sheet, cash, and expense) and individual retirement savings adequacy.
23. Administration and fiduciary: Inability to administer plans accurately, fairly, in accordance with promises made, or prudently manage employee benefit programs/investment funds resulting in errors and unmet obligations.
24. Legal and compliance: Misalignment of benefit and other HR practices/programs to regulatory requirements, tax, labor, human rights and employment law causing fines, penalties and litigation.
25. Benefit decision making and accountability: Inappropriate benefit plan design, financing, vendor selection/management, and communication and administration decisions due to lack of controls/expertise, resulting in suboptimal costs, liabilities, and commitments.
While businesses need to consider each and all of these 25 risks, each firm will have different priorities. For example, environment and social is very important right now in consumer goods, while accelerated digitization is critical in financial services. We are seeing manufacturing and automotive focused on governance and financial while talent practices are hot in technology, life sciences, and retail/wholesale sectors. No matter the industry, as a result of the pandemic, health and safety is top of mind for everyone!
The pandemic has thrown workers’ physical, mental, social, and financial health into the spotlight. As such, a company’s ability to apply an enterprise risk management approach to addressing these threats, and to provide a safe and conducive work environment, will be crucial for protecting business operations, revenue, reputation, and talent acquisition.
The 25-risk framework is a great way to think about the macro forces facing your business and to explore the risks. It can also help HR and risk management teams articulate with business leaders and in in board-level conversations the consequences of not acting now when it comes to these risks.