You might call it “the rise of the CROs.” And while it probably wouldn’t make for a great summer blockbuster, the story of the chief risk officer’s increasing clout in the insurance industry may have something important to say to associations.

[Insurers] are coming to terms with the presence of risk across their operations and seeking to define the right strategies and tactics to manage it properly.

A majority of chief risk officers in insurance companies are now directly reporting to their CEO or CFO, according to a recent survey [PDF] Ernst & Young. Additionally, half of those surveyed indicated that their risk management department has increased in size over the last year, and the same number say they expect to have more direct involvement with their boards in the next three to five years.

The emergence of social technologies and big data have added new risk exposures and placed new importance on the risk-officer role, Bill Spinard, executive director of financial services at Ernst & Young, recently told Insurance & Technology.

“Even marketing and branding efforts carry higher risks than previously, given that social media and consumer empowerment mean every interaction that goes awry can turn into a highly visible (and potentially costly) media event,” he said. “[Insurers] are coming to terms with the presence of risk across their operations and seeking to define the right strategies and tactics to manage it properly.”

Associations encounter a lot of the same questions, which could open up the door for chief risk officers to step in.

“With the changes that associations are facing, whether it be demographic changes or the way people want to interact and network through technology, there are a lot of emerging risks,” said Carol Fox, director of strategic and enterprise risk practice at RIMS, the Risk Management Society. “[CRO] is a role that associations could definitely embrace and have that person be the leader in developing the risk strategy and framework for the organization.”

Increasingly, CROs are being called on to help steer organizations strategically, working with staff executives at the board level.

“Boards want that higher visibility in the chief risk officer, and they want to work more directly with them,” she said. “The role has evolved to not only include things like risk transfer and loss prevention—which we’ve traditionally seen—but really integrating risk management into strategic planning, operational planning, and day-to-day operations.”

Associations can generate value by adopting that model, Fox said.

“Too often, I think, people think of risk management as being a better-compliance function,” she said. “Once associations look at [risk management] from the perspective of where the organization wants to be in 10 years, they’ll see how it can help them not only protect the value of the association, but also create that value. Every association has its own mission, and risk management is there to help deliver that mission and make it sustainable.”

How is your organization tackling risk management? Share your story in the comments.

(iStockphoto/Thinkstock)