Business risk team update

Report: 10
Date: 16 March 2006
By: the Treasurer and Commissioner

Summary

This is a report on progress made by the MPS in the areas of corporate governance, business risk management and insurance management.

A. Recommendation

That

1. members note progress to end January 2006 on corporate governance, business risk management, and insurance management (Appendix 1);
2. note progress as captured by the Audit Commission / ALARM risk management Key Performance Indicator (Appendix 2); and
3. note the ‘rebranding’ of the two MPS risk management teams.

B. Supporting information

1. This report includes a report on activity since the previous update report (Appendix 1) and an update on progress made in relation to compliance with the Audit Commission/ALARM risk management KPI as at end January 2006.

2. Since the previous update report was submitted a rebranding of the two risk management teams within the MPS has taken place, primarily to clarify the nature of the two team’s roles and thus reduce the scope for confusion:

• Corporate Risk Management Group (CRMG) is now Business Risk Management Team (BRMT)
• Health and Safety Branch is now Safety and Health Risk Management Team

MPA internal audit high-risk recommendations

3. BRMT is currently monitoring the status of outstanding Internal Audit high-risk recommendations. This is an interim measure to plug a gap in the existing Inspection Liaison & Analysis Unit (ILAU) monitoring activity. Discussions are taking place with a view to progressing the transfer of responsibility for monitoring audit recommendations to ILAU. After the transfer, BRMT will exercise their MPS corporate risk oversight role in relation to issues raised by Internal Audit by accessing data via ILAU rather than by direct monitoring.

Corporate risk register

4. Management Board considered the refreshed Corporate Risk Register at its awayday on 31 January. MB noted the report and commented that the risk register did not yet seem to capture the right group of issues. The Director of Strategy, Modernisation and Performance has been tasked to undertake further work on the Corporate Risk Register to identify the key risks to the organisation. The Director of Risk Management has developed proposals for a new approach to maintaining the register that are currently under discussion by the MPS. Members will be briefed on developments in due course.

Audit commission/alarm key performance indicator

5. An update to the Audit Commission / ALARM risk management Key Performance Indicator (KPI) at end January 2006 is at Appendix.

6. From the commencement of the 2006/07 financial year it is proposed to replace the current Audit Commission / ALARM risk management KPI with an enhanced set of measures. The new measures will focus on the quality of the risk management process which the current measures do not.

7. The new measures are an element of a risk management model for the police service under development by the ALARM [1] Policing Sector Group. The Audit Commission will be consulted along with other key external stakeholders.

C. Race and equality impact

The MPS business risk management process requires diversity risks and impacts to be identified and managed, enhancing the ability of the MPS to respond to the diversity imperative.

D. Financial implications

All work undertaken by BRMT is funded from existing budgets. Interventions to reduce risk exposures identified as a result of the deployment of the business risk management process may have financial implications.

E. Background papers

None

F. Contact details

Report author: Nick Chown, Director of Risk Management, MPS.

For information contact:

MPA general: 020 7202 0202
Media enquiries: 020 7202 0217/18

Appendix 1

Progress report - October 2005

This report covers the three areas where the Business Risk Management Team (BRMT) provides the MPS with a professional lead i.e. corporate governance, business risk management and insurance management. It also includes sections on the Outsourcing Programme, where support is provided in relation to risk management and insurance, and the development of national risk management standards for the police service.

Business risk management

1) Statement of Internal Control (SIC) - BRMT hosted a 2005/6 SIC Working Group meeting on the 27 January 2006 to introduce the process for information gathering which will form the basis of this year’s SIC. Alterations to the template and key control areas were discussed but as the process worked reasonably smoothly last year, it was agreed that we would proceed on the same basis this year. Completed control templates (including comments on last year’s action plans) are to be submitted to BRMT by 31 March for assimilation into a first draft SIC for internal MPS approval and to go on to the MPA as a working draft by mid April 2006.

2) Corporate, Business Group and (B)OCU risk registers – A significant number of risk registers have now been developed at (Borough) Organisational Command Unit (B)OCU and Business Group level to complement the existing Corporate Risk Register. BRMT are in the midst of an extensive engagement programme seeking increased buy-in to the business risk management process across the Service. The programme began with sessions with Deputy Assistant Commissioner Territorial Policing (TP) and the Business Managers for the other Business Groups (a meeting with the TP Business Manager is scheduled shortly after this report was prepared). The next stage is to meet with all the OCU commanders and department heads. To date all Central Operations and Specialist Operations OCU commanders and HR department heads have been seen. The general response has been very positive. The team is now about to commence the Serious Crime Directorate (SCD) OCU visits. TP Borough visits will commence after the meeting with the Business Manager and a presentation to the Borough Commanders group. The remaining visits will be undertaken following the completion of visits to the Boroughs.

The refreshing of the Business Group and (B)OCU risk registers is being undertaken this year as an integral element of the MPS Integrated Planning Process. Sessions with OCU commanders and department heads have placed a particular focus on reviewing both the existing risk registers and the process in each area of the business for maintaining the registers. The deadlines for completing the risk registers this year are as follows:

• (B)OCU risk register deadline – end March 2006
• Business Group risk register deadline – end April 2006.

During the meetings with the Business Group Business Managers a thorough review of each Business Group risk register was undertaken (the TP risk register will be reviewed at the meeting referred to). This enabled the discussion of ‘emerging’ risks in each area of the business as well as the identification of risks where further activity was required. In addition, the corporate risks were reviewed with a particular focus on risks affecting each Business Group. This process was used to update the register of corporate risks. A report on the refreshed corporate risk register and emerging risks was considered by Management Board at their recent awayday. MB require further work to be done on the corporate risk register.

3) Business risk management awareness/training rollout – BRMT continue to deploy risk management training sessions. It has previously been reported that the addition of two risk professionals in support of the Director has enabled the team to bring training previously delivered by an external provider in-house achieving a substantial annual cost saving. It can now be reported that bringing the training in-house has also led to a substantial increase in the quality of the training delivery. Feedback is requested from delegates to all training courses. The headline Key Performance Indicator is that 81% of all delegates rate the courses as either “good” or “excellent”. This is a significant achievement and thanks are due in particular to the trainers: Supt Alan King and Jo Collins, Senior Risk Management Adviser. Training delivery is increasingly becoming demand led. Other training and awareness sessions have been developed from time to time to cover customers’ specific needs.

Going forward, the proposed inclusion of business risk competencies within the MPS deployment of the National Competency Framework must be adequately supported by training materials for officers and staff at all levels. This involves a ‘step change’ in risk management training delivery by the MPS and will require innovation to deploy the required training from existing resource (staffing and budgets). See also section 13) below.

BRMT assisted the Deputy Treasurer to develop a specification for risk management awareness sessions for delivery to Members. It is likely that these will be delivered jointly by an external consultant, yet to be chosen, and the BRMT trainers.

4) Business risk management Standard Operating Procedure – There have been no developments in this area since the previous report. The SOP is reviewed on a six monthly cycle, the next review being due in April 2006. Feedback from customers of the SOP and its associated MS Excel spreadsheet risk register tool has been positive.

Insurance management

5) Personal insurance invalidation indemnity policy – In January 2006 Finance Committee approved the indemnity for a further 12 months. Various enhancements to the policy were approved by the Committee and it was also noted that the formatting of the policy and its associated Standard Operating Procedure would be reviewed. Since the Committee met BRMT has redrafted the policy and SOP in conjunction with Accident Claims Branch. The revised documentation is currently out for consultation with interested parties.

It may be recalled that the MPA indemnity excludes ‘unaffordable events’ (events that involve mass claims that exceed the Authority’s self-insurance limits). This principle will apply to all other forces that introduce similar indemnities. The MPS is continuing to work with the London Fire Brigade, London Ambulance Service, British Transport Police, and City of London Police towards the submission of a request to Central Government for an indemnity in relation to events that are unaffordable to an individual police authority, brigade or ambulance service. In response to a letter from the MPS sponsor, DAC Peter Clarke, the President of ACPO, Sir Chris Fox, has taken the following actions:

• Written to all forces in England And Wales advocating the introduction of personal insurance indemnities on the MPA model;
• Written to the Ambulance Services Association and Chief Fire Officers Association requesting agreement to a joint request to Ministers for a Central Government indemnity in respect of ‘unaffordable events’;
• Written to the senior civil servant responsible for the Cabinet Office Civil Contingencies Secretariat seeking support for the initiative.

As previously advised, a report on the matter by the Director of Risk Management has been submitted to the Office of the Deputy Prime Minister at their request.

BRMT and Accident Claims Branch have received and responded to requests for advice and guidance on the personal insurance indemnity from various of the other forces.

6) Insurance programme renewal – The process for renewing the insurance programme commenced with an initial 2006 insurance strategy meeting in January 2006 involving the MPA, MPS and Willis Insurance Brokers. The purpose of this meeting was to agree the strategy and process to be adopted for this year’s renewal. All policies, limits and deductible levels were discussed. A further insurance strategy meeting will be arranged for June 2006. In the meantime, the necessary steps to achieve renewal are underway.

7) Business interruption (BI) and IT reviews – Both of these projects are in the process of being completed. Property Services Department are finalising the data that Willis require to complete the BI review and Directorate of lnformation are in the process of reviewing the IT sums insured at the top 20 MPS locations. The results from both these reviews will help inform the level of insurance cover that the MPA should purchase for this year’s renewal.

8) Self-insurance fund development – Further discussions are taking place within the MPS and MPA as regards version 2 of the risk funding report, which has been received from the external risk funding expert. Comparisons of varying methodologies, assumptions and scope between this report and the previous reports recommending reserves are to be completed. The objective of this activity is to ensure that current provisions for self-insured losses and claims are adequate using insurance industry standard analytical techniques.

9) MPS insurance and compensation claim budgets – Work is underway to develop a scheme of devolved insurance and compensation claim budgets. By ensuring that an element of costs is borne by the area of the business giving rise to the costs we aim to encourage preventative risk management. In line with insurance principles, the corporate centre will assume responsibility for costs above an agreed sum. It has been agreed to pilot the new scheme in five OCUs. The pilot exercise will involve running a ‘shadow’ devolved budget scheme alongside the existing budgeting process for 12 months.

10) Other insurance matters – The liability underwriters were recently taken on a tour of NSY and received a presentation from Commander Mick Messinger on crowd management (one of the key risks that the liability underwriters perceive the MPS faces as this could result in mass fatalities). The feedback received from the underwriters was that they were impressed by the MPS crowd management skills. Exposing insurers to areas of the business in this manner helps to further strengthen our relationship with the liability insurance market and ‘demystify’ areas of the business for underwriters. It is a technique we have used before and continues to prove a valuable marketing tool. A further visit is planned to a football match.

Outsourcing Programme Support (risk management and insurance)

11) Outsourcing programme – BRMT continue to support the Outsourcing Programme with advice and guidance on risk and insurance matters, subcontracting specialist insurance work to Willis. This ensures that contracts and specifications include robust insurance provisions.

Corporate governance

12) MPS Corporate Governance Framework – The Director of Risk Management has been tasked to develop a Corporate Governance Framework for the MPS based on personal accountabilities. An outline draft framework has received ‘in principle’ approval from the Deputy Commissioner and Director of Strategy, Modernisation and Performance. A period of consultation on the framework has commenced in tandem with the population of key controls within each strand of the framework by appointed leads. The framework was informed by an analysis of the Good Governance Standard for Public Services and other key documents. The Director of Internal Audit has been included in the consultation process.

Development of national risk management standards for the police service

13) HMIC risk management recommendation - HMIC have recommended that the National Centre for Policing Excellence (NCPE) consider the MPS risk management model for deployment across the forces emerging from the restructuring of the forces in England and Wales. The Policing Sector Group of the National Forum for Risk Management in the Public Sector (ALARM) are working on a potential national standard for risk management in the police service. The ALARM group is receiving valuable pro bono assistance from PriceWaterhouseCoopers. A workshop was held in November 2005 from which a first draft outline standard emerged. A second workshop in January 2006 further developed the outline standard. The ALARM group is liaising with both NCPE and ACPO.

14) Other work with National Centre for Policing Excellence – BRMT are assisting NCPE in relation to the development of an approach to managing risk in various areas where guidance is to be issued to the forces e.g. Safer Detention and Management of Police Information (MoPI). In each case, the team has reviewed draft guidance and submitted recommendations on risk content to NCPE. We are working particularly closely with NCPE and our own Directorate of Information in relation to MoPI risk management. A further contact has recently been made by the NCPE lead for Threat Assessment. In view of the number of separate contacts, BRMT has suggested a meeting with NCPE personnel involved in areas of work requiring risk management input. This is likely to take place in March 2006. An invitation to the meeting has been extended to the Chief Executive of ALARM.

Send an e-mail linking to this page

Feedback