In June 2013, Crystal & Company, which is a large risk and insurance advisor, put out a “Survey of Nonprofit Risk Management.” The survey studied large nonprofits, with the smallest ones surveyed having revenues of $25 million to $50 million. For many nonprofits, that seems like a different world. Still, it highlighted some principles useful to all nonprofits.
Generally, smaller nonprofits exposed themselves to much higher deductibles than larger ones, presumably because of reluctance to pay for insurance. Many smaller organizations appeared to buy only basic insurance, and were underinsured on the coverage they needed. The report states that for adequate coverage, insurance should be close to 1% of annual revenue, rather than the 0.25% it actually is on the average.
Insurance is probably more important for smaller organizations, because they have less in reserves, and are thus more likely to be wiped out by a large claim. As the report concluded, “Smaller organizations could be one claim away from serious financial trouble.” In particular, not having excess liability protection could be very dangerous.
Organizations were not always clear on who was responsible for risk management, and often lacked sufficient involvement from their Board. Many nonprofits, even at the larger sizes, did not have a dedicated risk manager (only 22% had one), assigning risk management typically to Finance or other departments.
Top strategic challenges for organizations involved diversifying the revenue stream and other marketing and funding endeavors. This will probably involve technology and media. However, organizations were under-served on media liability and cyber risk insurance.
Organizations often used an insurance advisor, and the qualities they want in their broker include “insurance expertise” and “understanding of the Nonprofit sector at-large, and of our business in particular.” Without a professional risk manager, the insurance broker has an important default role.
The majority of these large organizations surveyed had conducted a review of their corporate risk and insurance program within the last three years. One wonders if this is true for the host of much smaller nonprofits. Organizations that have not done so would be well advised to do this review.
While this report is based on a survey of what most people consider the nonprofit “giants,” it contains helpful principles for smaller organizations to consider, and it is well worth reading.