Harry Rosenthal, General Manager, Risk Management Services, Unimutual, imagines the RMIS of the future – a multi-faceted programme the leverages AI, Big Data and Natural Language Processing to manage an organisation’s risk in realtime

The date is 19 February 2025, and the Risk Manager of the University of Western Kalgoorlie (UWK) suddenly realises that it is time to purchase a risk management information system (RMIS) before the end of the fiscal year, or lose the allocated budget. The manager has been reviewing the wide-range of RMIS systems available, and is convinced that Riskiest 3000 is the right application for the University of Western Kalgoorlie. One of the drivers for the selection of Riskiest 3000, is the reality that the university may be on the edge of yet another reorganisation – caused by deteriorating financial conditions, decreased student numbers, and competition.

So why Riskiest 3000? Of course, it does everything its RMIS predecessors did. It can generate a comprehensive suite of colourful reports, and create multiple risk registers, that could win awards for aesthetic report formats. The real value of Riskiest 3000 is how it deals with actual risks. No longer requiring human data entry, it instead obtains incident and loss input from social media, marketing, UWK’s integrated business systems, and by accessing the cloud. Riskiest 3000 will, sleeplessly, scan the external and internal environment of the University to identify when situations become suddenly riskier or new risks emerge, and report these circumstances to the Risk Manager for response.

Big Binary Brain 

Riskiest 3000’s artificial intelligence (AI) can read data sources to create an overall picture of UWK’s health and risk profile. The software will be given permission to tap into the University’s integrated business systems, located in the cloud, and will be able to trawl through all transactions of HR, Payroll, Finance, Workers Comp, Student Services, etc. to establish expected losses. Riskiest 3000’s AI knows that losses cannot be reduced to zero. But it will establish a risk tolerance benchmark for all classes of loss that the Risk Manager requires it to, and report back in realtime when internal data indicates that losses have strayed outside the established levels of tolerance. For example, if an academic is injured on the job, the incident will automatically trigger an entry in their HR Personnel file and conversion of their payroll status will occur to the workers comp schedule. The system will then highlight this to the Risk Manager if this incident was unexpected, not forecasted, or more serious than the norm.

Secondly, the system will alert the Risk Manager of developing UWK strategic risks. Its AI can read and reduce every document, email, memo or letter to a few keywords and concepts, and use those keywords to identify how risky the senior executive’s initiatives have become. For example, it will have access to Council, Senate and Committee Reports, marketing initiatives, strategic acquisitions, due diligence results, audit reports, major and minor projects’ management, senior executive recruitment, banking credit statements, and even internal memos and emails.

Using UWK’s Risk Appetite Statement as a guide, it translates the statement into a series of metrics and will provide early warning when the calculated amount of risk taken or encountered approaches or exceeds the appetite level set by the Senate. This will not mean that UWK will discontinue an activity or suddenly stop in its tracks in the pursuit of a risky opportunity. However, it does mean that Riskiest 3000’s view of the world, as established by the Risk Appetite Statement, will notify the Risk Manager when strategic activities appear to be exceeding the boundaries set by the Senate or Council.

To complete its view of strategic risks, Riskiest 3000 includes an outward looking algorithm as well. The system releases web-crawling robots that constantly scan externally. They search for anything that might result in a situation that would exceed the parameters of the organisation’s risk appetite. This will indicate whether UWK is drifting in a newer, riskier direction, or is facing new external threats. For example, in 2025 all potential general staff hires have trillions of data points available in the cloud. These data points create a risk score and are ranked in light of the Risk Appetite Statement. For example, is an Accounting Manager that likes to collect Ferraris, takes expensive holidays, and owns designer jewellery, a higher risk to the university if hired? At the same time, Riskiest 3000 has an internal program that ensures its activities stay within employment, discrimination and privacy laws, according to the warranty.

A Happy Customer

Upon signing the contract for the purchase and maintenance of the 2025 version of Riskiest 3000, the Risk Manager casually asks about scheduled future upgrades to the system. The sales representative, holding the signed documents closely, is very excited to respond because there are significant new developments in the works for the program. Scheduled for release in 2027 is a Risk Response Module. This upgrade will allow Riskiest 3000 to not only flag changes in the university’s risk profile and report, but will be tied in to its HR management systems. When loss events become more significant, it will automatically analyse the possible mitigation actions needed to bring risk back into its expected parameters; consult the Finance Division’s general ledger for funding sources; and schedule the necessary  training, preventative maintenance, or other actions required to reduce the incidence of loss. Training schedules will be created automatically, with dates appearing on staff’s personal electronic calendars and work schedules. Failure to attend a scheduled risk training session will be flagged during the annual employee performance review. If sufficient funds are not available, the following year’s budget will be adjusted by Riskiest 3000, and an automatic cost/benefit case will be made to the CFO for the increased allocation, as a Committee Paper.

Initially, the Risk Manager is quite excited about these upgrades – but then notices that a lot of this sounded like their own current job at UWK. Maybe it’s time to be a little more worried about the future of Risk Managers, even as there is far less to worry about when it comes to future risks to the University.

We give mountains of personal data away for free every hour – what will happen when insurance providers begin to harness this to tailor risk profiles? To read more about how we see Big Data impacting the future of insurance and insurance business models, click here.