How ERM Can Help Restaurants Through a Complex and Volatile Risk Environment
By Kim Gore
By the time 2024 came to a close, Colorado’s restaurant industry had been battered for five years by various pressures – from the pandemic to rising costs across the board. Last year, over 200 restaurants closed, the vast majority in Denver.
The pain has largely continued in 2025, and the Rocky Mountain State isn’t alone in its suffering. From California to Florida and points between, higher costs – for food, labor, money itself, and more – combined with a challenging regulatory environment are forcing a search for solutions.
It’s hard to find a quick fix for the ultimate goal of sustainable, long-term growth. But a strategy that can make a difference is enterprise risk management (ERM). Done right, it’s invaluable for anticipating and better managing what’s become an increasingly complex risk environment.
Understanding ERM and its importance
Enterprise risk management is a holistic approach to identifying and managing risks, based on the interconnectedness of risks and their impacts across the organization. Some 37% of U.S. organizations say they have complete ERM processes in place, up from just 9% in 2009.
Many programs, however, fail to fully integrate ERM throughout the organization. Cyberattacks, for example, are only getting more costly and frequent in hospitality. Cybersecurity has thus become a core business function, yet neither it nor ERM itself are sufficiently integrated in business’ systems. In fact, a recent HUB International survey found that “critical” risks are only assessed by a fraction of respondents. Only 22% of U.S. companies, for example, include political risk.
Can an ERM strategy clear a path out of the restaurant industry’s current travails? Done right, it can certainly help, by providing a strong framework for identifying, assessing and mitigating risks, but, just as importantly, helping to identify and capitalize on potential opportunities.
Here’s what’s important to know.
ERM basics
ERM is more than just an inflated risk management initiative. It’s a proactive, ongoing approach to risk that goes beyond functional siloes to grow a comprehensive understanding of how risks are connected and thus can be practively managed.
Smaller concerns may feel hamstrung by lack of resources and too many other issues to worry about. But their own data and internal systems can be used to create a unified understanding of threats across the organization. Over time, the program can also uncover opportunities.
Another bonus? A comprehensive ERM program also can enhance an organization’s insurability. In positioning organizations more favorably with underwriters, it can lead to broader coverage, more competitive terms and a lower total cost of risk. It can also open the door to alternative risk financing options, such as captives, for organizations looking to self-insure.
A top-down commitment from leadership and general management is the essential starting point for an agile, organization-wide risk framework. Here’s teams should proceed from there:
- Define your ERM objectives and identify key stakeholders. It’s essential to ensure that diverse perspectives are represented and incorporated into the strategy. That requires the active contributions of leaders from every business function.
- Leverage existing tools and resources. Many companies are sitting on valuable data and existing risk protocols; they just need help organizing, analyzing and deploying that information. A streamlined methodology, such as HUB’s ERMand Supply Chain AI Risk Solutions, helps balance strategy with execution.
- Plan for consequences beyond specific events.How will your people respond to a disruption? What happens to your supply chain? Which critical systems need to stay online? Running through such scenarios in advance equips the organization with the “muscle memory” to enable a quick and effective response to disruptions.
- Conduct ongoing enterprise-level assessments. Partner with an insurance broker that has strong experience in hospitality and its particular risks for an invaluable assist in continuously evaluating all business risks. This ensures potential exposures are identified before they become a problem.
- Tap into other specialists, too, who understand dynamic and evolving risks. Other specialists also should be enlisted to contribute to the ERM program. Whether financial and legal/compliance experts or IT and cybersecurity resources, such guides are essential for their deep knowledge of specific threats and what tailor-designed solutions will fit with organization’s unique risk profile.
Done right, an ERM program should be imbedded into daily operations and supported with proactive risk strategies and continuity planning. That’s how to move from reactive to resilient in an increasingly complex environment for risk.
About the author
Kimberly Gore is the National Practice Leader of HUB International’s Hospitality Specialty Practice. She has over 30 years’ experience in the insurance industry with a specialization in hospitality and tourism clients. Kim is responsible for a strategic approach to carrier relationships, specialization and best in class service to benefit each client. Kim is an active member of the insurance community serving as president of IIABHGC and as a board member for IIABSC and was awarded the South Carolina Young Agent of the year in 2010.
Want to read more great articles you can use? Visit www.trnusa.com
Recent Comments