Risk Management Solutions

🔥 Climate risks are no longer abstract—they’re disrupting businesses, communities, and economies right now. The World Economic Forum’s 2024 report, "The Cost of Inaction: A CEO Guide to Navigating Climate Risk", delivers a sobering message: ignoring climate risks isn’t just irresponsible—it’s economically devastating. 🌡️ Key insights from the report: 💥 Climate-related disasters have caused $3.6 trillion in damages since 2000, exposing critical vulnerabilities in supply chains and infrastructure. 📉 Physical risks could put 5-25% of EBITDA at risk for some sectors by 2050 under a 3°C warming trajectory. 💸 Transition risks, like carbon pricing and changing regulations, could impact 50% of EBITDA in energy-intensive industries by 2030. 🌱 Every $1 invested in climate adaptation yields $2-$19 in avoided costs, while green markets are projected to grow from $5 trillion in 2024 to $14 trillion by 2030. 💡 My reflections: 🔄 Resilience isn’t enough anymore. Too often, we focus on simply "weathering the storm" of climate risk. But true leadership is about rebuilding something better—rethinking markets, redesigning business models, and creating solutions that lead entire industries forward. 🌍 Supply chain fragility is the Achilles’ heel of the global economy. A single extreme weather event can cascade across operations, grinding everything to a halt. Climate-resilient supply chains can’t just be about survival—they must be radically adaptive, decentralized, and built to thrive under disruption. 📊 Climate risk is fundamentally redefining the concept of value. Businesses stuck chasing quarterly earnings are missing the bigger picture. In a world of rising costs and irreversible climate impacts, long-term value will belong to those who embed sustainability, resilience, and equity into their strategies. The time for cautious, incremental steps has passed. How are we using this moment to transform the way we work, innovate, and lead? #ClimateAction #Sustainability #Resilience #Leadership #Innovation

𝗜𝗻𝘀𝘂𝗿𝗮𝗻𝗰𝗲 𝘄𝗶𝗹𝗹 𝗯𝗲 𝘁𝗵𝗲 𝗳𝗶𝗿𝘀𝘁 𝘀𝘆𝘀𝘁𝗲𝗺 𝘁𝗼 𝗰𝗿𝗮𝗰𝗸 𝘂𝗻𝗱𝗲𝗿 𝗰𝗹𝗶𝗺𝗮𝘁𝗲 𝗿𝗶𝘀𝗸 — 𝗮𝗻𝗱 𝗶𝘁 𝘀𝗵𝗼𝘂𝗹𝗱 𝗰𝗼𝗻𝗰𝗲𝗿𝗻 𝘂𝘀 𝗮𝗹𝗹. Natural disasters caused $𝟯𝟲𝟴 𝗯𝗶𝗹𝗹𝗶𝗼𝗻 in global economic losses last year, according to Aon — the ninth year in a row losses topped $300 billion. Only 𝟰𝟬% of those losses were insured. The protection gap is widening. As insurers retreat from high-risk regions, public safety nets — often overstretched — are stepping in. More households, businesses, and governments are being left to absorb risks they cannot afford. This isn’t just about insurance anymore. When insurance breaks down, so does credit. When credit dries up, property values fall, costs rise, and resilience weakens — just when it’s needed most. @Günther Thallinger 𝗳𝗿𝗼𝗺 𝗔𝗹𝗹𝗶𝗮𝗻𝘇 put it starkly: “𝘛𝘩𝘦𝘳𝘦 𝘪𝘴 𝘯𝘰 𝘤𝘢𝘱𝘪𝘵𝘢𝘭𝘪𝘴𝘮 𝘸𝘪𝘵𝘩𝘰𝘶𝘵 𝘧𝘶𝘯𝘤𝘵𝘪𝘰𝘯𝘪𝘯𝘨 𝘧𝘪𝘯𝘢𝘯𝘤𝘪𝘢𝘭 𝘴𝘦𝘳𝘷𝘪𝘤𝘦𝘴. 𝘈𝘯𝘥 𝘵𝘩𝘦𝘳𝘦 𝘢𝘳𝘦 𝘯𝘰 𝘧𝘪𝘯𝘢𝘯𝘤𝘪𝘢𝘭 𝘴𝘦𝘳𝘷𝘪𝘤𝘦𝘴 𝘸𝘪𝘵𝘩𝘰𝘶𝘵 𝘵𝘩𝘦 𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘵𝘰 𝘱𝘳𝘪𝘤𝘦 𝘢𝘯𝘥 𝘮𝘢𝘯𝘢𝘨𝘦 𝘤𝘭𝘪𝘮𝘢𝘵𝘦 𝘳𝘪𝘴𝘬.” The Institute and Faculty of Actuaries (IFoA) project a 𝟱𝟬% 𝗰𝗼𝗹𝗹𝗮𝗽𝘀𝗲 𝗶𝗻 𝗴𝗹𝗼𝗯𝗮𝗹 𝗚𝗗𝗣 𝘄𝗶𝘁𝗵𝗶𝗻 𝗱𝗲𝗰𝗮𝗱𝗲𝘀 if climate risk is not properly managed. Climate risk is no longer a future scenario. It is here. It is compounding. And it is reshaping our economy in real time. There are positive signs: ➤ Hannover Re and Swiss Re are restricting fossil fuel underwriting. ➤ Parametric insurance models are speeding up disaster recovery. ➤ EIOPA and the European Central Bank are pushing for public-private risk sharing. These are encouraging — but early signs. 𝗠𝘆 𝘁𝗮𝗸𝗲: Climate risk is already disrupting the systems we rely on: insurance, credit, asset valuation, and public finances. Systems change is needed. The insurance sector holds a unique vantage point — but leadership now demands rethinking long-held assumptions about risk, resilience, and responsibility. The sector has an opportunity to lead: ➤ Embed forward-looking climate risk into underwriting ➤ Signal future exposures more transparently ➤ Drive transition finance to accelerate decarbonisation ➤ Redirect investment into adaptation ➤ Co-design shared risk pools and resilience bonds Collaboration between insurers, financiers, and governments is no longer optional — it is the foundation for economic stability in a climate-disrupted world. The sooner we align risk pricing with physical reality, the stronger our chances of building a more resilient economy for the future. #climaterisk #insurance #resilience #finance #sustainability #systemicrisk #adaptation –––––––––– For updates on sustainability, climate, and innovation, follow me on LinkedIn: @Scott Kelly

𝐓𝐡𝐞 𝐦𝐨𝐬𝐭 𝐞𝐱𝐩𝐞𝐧𝐬𝐢𝐯𝐞 𝐩𝐫𝐨𝐜𝐮𝐫𝐞𝐦𝐞𝐧𝐭 𝐝𝐞𝐜𝐢𝐬𝐢𝐨𝐧𝐬 𝐚𝐫𝐞 𝐨𝐟𝐭𝐞𝐧 𝐭𝐡𝐞 𝐨𝐧𝐞𝐬 𝐭𝐡𝐚𝐭 𝐥𝐨𝐨𝐤𝐞𝐝 𝐜𝐡𝐞𝐚𝐩𝐞𝐬𝐭 𝐰𝐡𝐞𝐧 𝐬𝐢𝐠𝐧𝐞𝐝. Early in my career, I measured success through savings. Clear numbers, immediate impact, easy to justify. Over time, I realised those numbers were often answering the wrong question. What happens when conditions change? I have seen decisions deliver strong savings and still create fragility. Suppliers operating at their limits. Contracts optimised for cost but not for continuity. The negotiation was not the problem. What the decision failed to protect was. Procurement does not operate in stable environments. Supply networks shift, risks surface, and pressure arrives without notice. In that reality, 𝐭𝐡𝐞 𝐯𝐚𝐥𝐮𝐞 𝐨𝐟 𝐚 𝐝𝐞𝐜𝐢𝐬𝐢𝐨𝐧 𝐢𝐬 𝐧𝐨𝐭 𝐰𝐡𝐚𝐭 𝐢𝐭 𝐬𝐚𝐯𝐞𝐬 𝐭𝐨𝐝𝐚𝐲, 𝐛𝐮𝐭 𝐡𝐨𝐰 𝐢𝐭 𝐩𝐞𝐫𝐟𝐨𝐫𝐦𝐬 𝐭𝐨𝐦𝐨𝐫𝐫𝐨𝐰. This is where the role changes. 𝐅𝐫𝐨𝐦 𝐧𝐞𝐠𝐨𝐭𝐢𝐚𝐭𝐢𝐧𝐠 𝐩𝐫𝐢𝐜𝐞 𝐭𝐨 𝐦𝐚𝐧𝐚𝐠𝐢𝐧𝐠 𝐞𝐱𝐩𝐨𝐬𝐮𝐫𝐞. 𝐅𝐫𝐨𝐦 𝐞𝐟𝐟𝐢𝐜𝐢𝐞𝐧𝐜𝐲 𝐭𝐨 𝐜𝐨𝐧𝐭𝐢𝐧𝐮𝐢𝐭𝐲. 𝐅𝐫𝐨𝐦 𝐜𝐨𝐬𝐭 𝐜𝐨𝐧𝐭𝐫𝐨𝐥 𝐭𝐨 𝐝𝐞𝐜𝐢𝐬𝐢𝐨𝐧 𝐚𝐜𝐜𝐨𝐮𝐧𝐭𝐚𝐛𝐢𝐥𝐢𝐭𝐲. I have seen suppliers meet every clause and still leave the business exposed. I have also seen higher-cost decisions protect operations when disruption arrived. Both were compliant. Only one was resilient. Savings without protection create hidden risk. Efficiency without resilience creates future cost. The question I continue to challenge myself with is simple. Are our decisions built for performance, or for survival when conditions shift? “𝐒𝐚𝐯𝐢𝐧𝐠𝐬 𝐬𝐡𝐨𝐰 𝐰𝐡𝐚𝐭 𝐲𝐨𝐮 𝐚𝐜𝐡𝐢𝐞𝐯𝐞𝐝. 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐬𝐡𝐨𝐰𝐬 𝐰𝐡𝐚𝐭 𝐲𝐨𝐮 𝐮𝐧𝐝𝐞𝐫𝐬𝐭𝐨𝐨𝐝.” LinkedIn LinkedIn News #Procurement #Leadership #SupplyChain #RiskManagement #LinkedInNews

6-Step Methodology for Climate Risk Assessment 🌎 Addressing climate-related risks is increasingly essential as extreme weather events, resource scarcity, and ecosystem disruptions become more frequent and severe. Effective Climate Risk Management (CRM) equips governments, organizations, and communities with the tools to anticipate, prepare for, and mitigate these impacts. A structured approach to climate risk assessment not only identifies vulnerabilities but also informs proactive measures that protect lives, livelihoods, and essential infrastructure. The GP L&D’s 6-step methodology offers a practical, systematic framework for understanding and addressing climate risks, integrating these insights into public policies and investment decisions to build resilience and promote sustainable development. The first step in this methodology is to analyze the current status to determine information needs and set specific objectives. Establishing a clear baseline of vulnerabilities helps ensure that the entire process remains aligned with the climate resilience goals set out from the start. From here, a hotspot and capacity analysis is conducted, identifying regions and systems most exposed to climate risks—such as droughts or floods—and evaluating the local capacity to respond. This targeted analysis allows for efficient resource allocation by pinpointing areas of highest priority. The methodology then adapts to local contexts by developing a tailored approach that reflects unique socio-economic and environmental factors. This customization enhances the relevance and accuracy of the risk assessment, making it more actionable and specific to each setting. Following this, a comprehensive risk assessment is conducted, using both qualitative and quantitative measures to capture the full range of potential impacts. This dual assessment provides a complete understanding of direct impacts, such as infrastructure damage, and indirect consequences, like disruptions to livelihoods. An evaluation of risk tolerance follows, defining acceptable levels of risk and helping prioritize the most urgent interventions. This clarity on risk thresholds ensures that resources are directed to where they are most needed. Finally, the methodology identifies feasible, cost-effective measures to mitigate, adapt to, or prevent potential losses and damages. This step aligns recommended actions with budget and policy constraints, ensuring that interventions are practical and impactful. By adopting this structured approach, decision-makers can better manage climate risks, develop adaptive strategies, and enhance resilience tailored to local needs and resources. Source: Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) #sustainability #sustainable #business #esg #climatechange #climateaction

👉 Are we using the wrong tools to assess climate risk? A new expert-led assessment, drawing on the judgment of 60+ climate scientists, says that #climatechange introduces forms of risk that exceed the design assumptions of existing economic and financial frameworks. Here’s what that means in practice ⬇️ 🔹 Climate damages are structural, they reshape economies: where people live, what can be produced, how infrastructure functions, and which regions remain viable. 🔹 Extremes drive real-world risk: what actually destabilises societies and markets are heatwaves, floods, droughts, grid failures, food shocks. It’s the tails of the distribution that matter. 🔹 GDP misses mortality, inequality, displacement, ecosystem loss, and can even rise after disasters due to reconstruction. This creates a dangerous illusion of resilience. 🔹 Repeated shocks erode recovery capacity and propagate across supply chains, finance, migration, and geopolitics. 🔹 Beyond ~2°C, uncertainty widens sharply. Confidence in precise damage estimates falls even as consequences grow. 🔹 Tipping points expose the limits of economic modelling: At higher warming levels, model outputs can appear precise while resting on assumptions that no longer hold. At the same time, many models also underestimate positive tipping points in clean energy and innovation. The goal is to build resilience under deep uncertainty. For treasuries, central banks, regulators, and long-horizon investors, this means recalibrating governance toward: ➡️ precaution ➡️ robustness ➡️ transparency Because avoiding irreversible outcomes is always cheaper than trying to price them after the fact. read the report "Recalibrating Climate Risk" here 👇 https://lnkd.in/dx8wmRZ4 Green Futures Solutions (University of Exeter) Carbon Tracker @aurora trust

𝐑𝐞𝐟𝐥𝐞𝐜𝐭𝐢𝐧𝐠 𝐨𝐧 𝐚𝐥𝐥 𝐭𝐡𝐞 𝐬𝐮𝐩𝐩𝐥𝐢𝐞𝐫𝐬 𝐈’𝐯𝐞 𝐬𝐨𝐮𝐫𝐜𝐞𝐝, 𝐨𝐧𝐞 𝐭𝐡𝐢𝐧𝐠 𝐢𝐬 𝐜𝐥𝐞𝐚𝐫: 𝐩𝐫𝐨𝐜𝐞𝐬𝐬 𝐦𝐚𝐭𝐭𝐞𝐫𝐬. Taking shortcuts can lead to wasted money and a world of headaches downstream. (𝘙𝘢𝘪𝘴𝘦 𝘺𝘰𝘶𝘳 𝘩𝘢𝘯𝘥 𝘪𝘧 𝘺𝘰𝘶'𝘷𝘦 𝘦𝘷𝘦𝘳 𝘣𝘦𝘦𝘯 𝘢𝘴𝘬𝘦𝘥 𝘵𝘰 𝘧𝘢𝘴𝘵-𝘵𝘳𝘢𝘤𝘬 𝘙𝘍𝘗 𝘳𝘦𝘲𝘶𝘪𝘳𝘦𝘮𝘦𝘯𝘵𝘴, 𝘰𝘳 𝘩𝘢𝘥 𝘭𝘦𝘢𝘥𝘦𝘳𝘴 𝘱𝘶𝘴𝘩 𝘧𝘰𝘳 𝘤𝘦𝘳𝘵𝘢𝘪𝘯 𝘴𝘶𝘱𝘱𝘭𝘪𝘦𝘳𝘴, 𝘪𝘨𝘯𝘰𝘳𝘪𝘯𝘨 𝘮𝘢𝘵𝘦𝘳𝘪𝘢𝘭 𝘳𝘪𝘴𝘬𝘴?!) 𝐖𝐡𝐚𝐭 𝐈'𝐯𝐞 𝐥𝐞𝐚𝐫𝐧𝐞𝐝: 💡 𝙁𝙤𝙘𝙪𝙨 𝙛𝙞𝙧𝙨𝙩: Be specific about your needs in RFx docs. If you’re unclear, suppliers will be, too. Before going to RFP, always have quantifiable evaluation criteria finalized and approved by the Spend Owner. 💡 𝙄𝙩’𝙨 𝙣𝙤𝙩 𝙟𝙪𝙨𝙩 𝙥𝙧𝙞𝙘𝙚: The cheapest option often costs the most in the long run. Prioritize value over price. Suppliers who price things materially lower than benchmark norms usually cut corners somewhere to meet margins. 💡 𝘾𝙝𝙚𝙘𝙠 𝙧𝙚𝙛𝙚𝙧𝙚𝙣𝙘𝙚𝙨 𝙩𝙝𝙤𝙧𝙤𝙪𝙜𝙝𝙡𝙮: Source independent references via your network. Past performance tells the real story. Ask the right questions and listen closely to the answers.  💡 𝙏𝙝𝙞𝙣𝙠 𝙖𝙝𝙚𝙖𝙙: Can the supplier grow and evolve with your business? Are they innovative and flexible? Does their company culture and ways of working align with yours?  💡 𝙆𝙣𝙤𝙬 𝙩𝙝𝙚 𝙧𝙞𝙨𝙠𝙨: Most suppliers come with some level of risk, the key is understanding and managing it. Conduct due diligence on short-listed suppliers. Outputs should inform the down-selection process, with material deficiency action items included in the contract. 💡 𝘾𝙝𝙤𝙤𝙨𝙚 𝙥𝙖𝙧𝙩𝙣𝙚𝙧𝙨, 𝙣𝙤𝙩 𝙫𝙚𝙣𝙙𝙤𝙧𝙨: The best suppliers care about your long-term success and aligning with your goals.  Look at proposals holistically, thinking beyond the transaction and into value creation. 𝐇𝐞𝐫𝐞’𝐬 𝐭𝐡𝐞 𝐭𝐡𝐢𝐧𝐠: Looking back, I’ve been at firms in seasons where costs were prioritized over total value, often leading to short-term gains but long-term challenges. There were times I should’ve taken a firmer stance about material supplier risks identified and bias in the selection process.  As procurement peeps, we provide recommendations based on long-term value, risk management, and partnership potential. This includes having the courage to speak up with informed and actionable guidance when things don't pass muster. The goal is to ensure sourcing outcomes build a foundation for success, not just a quick win. 📢 𝙋.𝙎. 𝙒𝙝𝙖𝙩 “𝙨𝙘𝙝𝙤𝙤𝙡 𝙤𝙛 𝙝𝙖𝙧𝙙 𝙠𝙣𝙤𝙘𝙠𝙨” 𝙨𝙤𝙪𝙧𝙘𝙞𝙣𝙜 𝙡𝙚𝙨𝙨𝙤𝙣𝙨 𝙬𝙤𝙪𝙡𝙙 𝙮𝙤𝙪 𝙨𝙝𝙖𝙧𝙚 𝙬𝙞𝙩𝙝 𝙮𝙤𝙪𝙧 𝙮𝙤𝙪𝙣𝙜𝙚𝙧 𝙥𝙧𝙤𝙘𝙪𝙧𝙚𝙢𝙚𝙣𝙩 𝙨𝙚𝙡𝙛?

I have recently been asked to share my learnings about Business Continuity (BC) with the IIRSM emerging risk leaders group. I decided to start with some of the common misunderstandings about BC that I have come across in the past year. 1. BC is just a disaster recovery plan Reality: Disaster recovery is a specific term used for IT systems and data recovery after an event but it is often used in error for the recovery of facilities too. While disaster recovery focuses on restoring technology, BC ensures that essential processes, people, suppliers, facilities, and communications can continue during disruption. Why it matters: Focusing on IT means other operations may be missed. BC focuses on the recovery of critical processes and disaster recovery focuses on 'reconstruction' to resume normal operations. 2. BC can sit with our risk management function Reality: Risk management aims to reduce the likelihood of threats. BC assumes that threats will still materialise and focuses on how to operate despite them. When BC sits in the risk management function, less resource may be allocated to the discipline. Why it matters: Risk management without BC is like having fire prevention measures without a fire evacuation plan. 3. A Crisis management team and BC management team are the same Reality: Crisis management is about leading the organisation and making board decisions during an unexpected event. If you have a good BC management team, then an event is less likely to become a reputational crisis! In smaller organisations they may be the same team. Why it matters: Crisis management is the captain steering the ship; BC is the crew keeping the engines running. I see crisis management as the Gold (strategic) level and BC teams as the Silver (tactical) level. 4. BC is just making sure you have contingency plans in place Reality: A contingency plan focuses on specific scenarios, where BC is broader and more strategic, focusing on continuing operations, regardless of the cause of disruption. Why it matters: A contingency plan is an immediate and short term response to a specific problem or risk identified, where a BC plan covers the full timeline - before, during and after a disruption - to minimise operational downtime and maintain essential processes over a longer duration. 5. Resilience and BC are interchangeable terms Reality: BC is the capability to keep essential functions running during disruption whilst Resilience is the capacity to adapt and emerge stronger over time. BC is a tool within resilience-building, but resilience also involves culture, adaptability, and long-term strategy. Why it matters: A resilient organisation can adapt to unknown threats. BC alone may be too narrow. How They Fit Together Risk Management, Crisis Management, Disaster Recovery and Business Continuity are all very different, but interconnected, parts of Organisational Resilience. No one is more or less important than the other to keep a business, in business.

𝗖𝗹𝗶𝗺𝗮𝘁𝗲 𝗿𝗶𝘀𝗸 𝗶𝘀 𝗻𝗼𝘄 𝘀𝗵𝗼𝘄𝗶𝗻𝗴 𝘂𝗽 𝗶𝗻 𝗗𝗖 𝗱𝗲𝗳𝗮𝘂𝗹𝘁𝘀, 𝘄𝗵𝗲𝘁𝗵𝗲𝗿 𝘄𝗲 𝗺𝗼𝗱𝗲𝗹 𝗶𝘁 𝗼𝗿 𝗻𝗼𝘁. For DC trustees, climate and Nature risk is often discussed at a system level. But the impacts that matter most to members are physical and local. 𝗙𝗹𝗼𝗼𝗱𝗶𝗻𝗴, 𝘄𝗮𝘁𝗲𝗿 𝘀𝘁𝗿𝗲𝘀𝘀, 𝗮𝗻𝗱 𝗱𝗲𝗴𝗿𝗮𝗱𝗲𝗱 𝗹𝗮𝗻𝗱 𝗮𝗹𝗿𝗲𝗮𝗱𝘆 𝗮𝗳𝗳𝗲𝗰𝘁: • house prices and insurance availability • employer locations and job security • infrastructure, utilities, and food costs These risks are unevenly distributed by place, yet still largely unpriced in portfolios. Last year, at the SG Pensions Enterprise Climate & Nature Masterclass, I explored what this means for DC schemes and why place-based physical risk is becoming a default-fund issue rather than an “impact” add-on. DC members will retire into the places most shaped by these physical outcomes. Managing that reality is increasingly part of good default design. 𝗠𝘆 𝗳𝗶𝘃𝗲 𝗸𝗲𝘆 𝘁𝗮𝗸𝗲𝗮𝘄𝗮𝘆𝘀: 1️⃣ 𝗧𝗵𝗲 𝗳𝘂𝘁𝘂𝗿𝗲 𝘄𝗼𝗻’𝘁 𝗹𝗼𝗼𝗸 𝗹𝗶𝗸𝗲 𝘁𝗵𝗲 𝗽𝗮𝘀𝘁 As climate pressures increase, physical risks rise non-linearly, particularly around water: too much, too little, too dirty. 2️⃣ 𝗧𝗵𝗲𝘀𝗲 𝗿𝗶𝘀𝗸𝘀 𝗮𝗿𝗲 𝗮𝗹𝗿𝗲𝗮𝗱𝘆 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹𝗹𝘆 𝗺𝗮𝘁𝗲𝗿𝗶𝗮𝗹 They affect listed equities, real assets, infrastructure, and supply chains, and therefore long-term DC outcomes. 3️⃣ 𝗟𝗮𝗻𝗱 𝗮𝗻𝗱 𝘄𝗮𝘁𝗲𝗿 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗮𝗺𝗽𝗹𝗶𝗳𝘆 𝗼𝗿 𝗿𝗲𝗱𝘂𝗰𝗲 𝗿𝗶𝘀𝗸 Degraded landscapes worsen floods and droughts. Restored landscapes slow water, improve resilience, and reduce costs. 4️⃣ 𝗡𝗮𝘁𝘂𝗿𝗲 𝗰𝗮𝗻 𝗳𝘂𝗻𝗰𝘁𝗶𝗼𝗻 𝗮𝘀 𝗶𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 Healthy rivers, wetlands, and coastal systems provide services such as flood protection, water regulation, and water quality that can be contracted and paid for. 5️⃣ 𝗪𝗵𝘆 𝘁𝗵𝗶𝘀 𝗺𝗮𝘁𝘁𝗲𝗿𝘀 𝗳𝗼𝗿 𝗗𝗖 𝗱𝗲𝗳𝗮𝘂𝗹𝘁𝘀 This isn’t about complexity or niche assets. Small, well-governed allocations alongside infrastructure and real assets can help reduce physical risk across the wider default portfolio, strengthening long-term member outcomes. This framing fits naturally within existing default-fund governance and climate-risk management processes, and aligns with growing regulatory expectations on managing financially material climate risk for DC members and their assets. For trustees and IGCs, it’s increasingly a question worth putting to advisers when reviewing default resilience: How exposed are our portfolios to place-based physical risk? 📎 Slides attached: 𝘚𝘎𝘗𝘌 𝘊𝘭𝘪𝘮𝘢𝘵𝘦 & 𝘕𝘢𝘵𝘶𝘳𝘦 𝘔𝘢𝘴𝘵𝘦𝘳𝘤𝘭𝘢𝘴𝘴 – “𝘛𝘩𝘦 𝘙𝘪𝘴𝘪𝘯𝘨 𝘐𝘮𝘱𝘰𝘳𝘵𝘢𝘯𝘤𝘦 𝘰𝘧 𝘗𝘭𝘢𝘤𝘦-𝘉𝘢𝘴𝘦𝘥 𝘐𝘯𝘷𝘦𝘴𝘵𝘪𝘯𝘨” #DCTrustees #DefaultFunds #MemberOutcomes #ClimateRisk #PortfolioResilience #UKPensions #NatureAsInfrastructure #SGPE

5 Operational Metrics to Check if Your GRC Program isn't Compliance Theatre Everyone has a GRC program that looks great 3 weeks per year. That works for some time but once your program is out of the honeymoon phase, you need to do something about it. Here are 5 hard metrics to help you separate real GRC programs from compliance theatre: 1. Mean Time to Remediation (MTTR) 📉 Not just how many findings you have, but how fast they get FIXED. If your average remediation time is measured in geological eras instead of days, you've built a museum of vulnerabilities, not a security program. "We'll fix it after this sprint" shouldn't mean "after the heat death of the universe." 2. Cross-Team NPS Score 📊 Ask engineering, product and sales teams: "On a scale of 1-10, how much does GRC help vs. hinder your work?" If your score is close to Arctic temperatures, congratulations – you've created a program that engineers actively avoid like security awareness training from 2023. 3. Evidence Collection Automation Percentage 🤖 What percentage of your evidence is collected through APIs vs. screenshots? If you're still sending "friendly reminders" for screenshots in 2025, you're operating a digital paperwork sweatshop with slightly better coffee. 4. Risk-to-Remediation Ratio 📈 How many risks in your register have actually resulted in implemented fixes vs. eternal "monitoring until next review"? If your risk acceptance rate matches your deployment frequency, you're running an expensive vulnerability documentation service. 5. Random Audit Readiness Score 🎯 Give yourself 24 hours to produce evidence for 10 random controls without warning. Score from 0-100%. If your score is perfect during scheduled audits but drops faster than the stock market today after a random check, you've mastered compliance theatre, not security. A GRC program can have perfect documentation and still provide very limited security value. What must-have GRC metrics do YOU use to ensure your program delivers more than just paperwork? Let me know! #GRCEngineering #SecurityCompliance #MetricsThatMatter

AI Risk Is Becoming Uninsurable. Contracts Are Taking the Hit. Insurance has been quietly stepping away from meaningful AI coverage. Exclusions are expanding, sublimits are shrinking, and underwriting is getting tighter. Companies are still deploying AI at full speed, and the gap has to land somewhere. It is landing in contracts. Read the full article: https://lnkd.in/gRHtVEmp I wrote about this for Corporate Counsel because the shift is real and accelerating. We are watching contracts absorb functions that insurance used to perform. That change reshapes how indemnities work, how governance is drafted, and how responsibility is allocated across the AI lifecycle. Indemnities are narrowing. Broad, catch-all promises are being replaced by precise and limited obligations. The protection that many clients think they are getting often does not exist anymore. Governance obligations are expanding. They are moving upstream into how the system is built, validated, monitored, and supervised. Documentation and controls now influence liability in a way many teams have not expected. And, shared responsibility frameworks are becoming the norm because AI risk sits at the intersection of model behavior and human decisions. This is a structural shift. Contracts are functioning as underwriting instruments because the traditional backstop is pulling away. When the safety net is gone, the contract becomes the risk architecture. If you support procurement, sales, data partnerships, or AI deployments, this matters. Boilerplate AI language is no longer neutral. Internal processes now influence exposure. Many executives still assume their insurance covers AI-related risk when it does not. That disconnect shows up in negotiations every day. The article goes deeper into how these trends are playing out in real agreements and what in-house teams can do to respond with clarity and control. For more insights, check out the Contract Trust Report: https://lnkd.in/gJdXkUpJ — Olga V. Mack I build legal systems for real life.