Which strategy does a risk management department use when keeping a portion of the risk?
(a) Retention
(b) Transfer
(c) Spreading
(d) Avoidance
The correct answer and explanation is:
The correct answer is (a) Retention.
Risk retention is a strategy where an organization decides to keep a portion of the risk instead of transferring or avoiding it. This occurs when the company evaluates the potential risks and concludes that the costs of transferring or avoiding the risk are higher than the benefits or when it believes that the risk is manageable internally.
Risk retention can be done consciously, where a company understands the potential impacts of the risk and decides to absorb it, or it can occur inadvertently, where the company fails to take appropriate steps to address a particular risk. A company may choose to retain risk for a variety of reasons, such as:
- Cost considerations: Sometimes, purchasing insurance or using other risk mitigation strategies can be more expensive than simply absorbing the risk. If the potential financial loss is relatively small, retaining the risk might be more economical.
- Control: When a company retains risk, it retains full control over how to handle the situation if the risk materializes. For instance, if an organization has sufficient resources or a solid contingency plan, it may prefer to deal with the risk in-house rather than relying on external insurance providers or other parties.
- Low probability of occurrence: In some cases, companies may judge that the likelihood of the risk occurring is very low and, as a result, may decide that the risk is not worth transferring or avoiding.
Risk retention is particularly common in industries where the probability of a significant loss is low, and the company has the financial resources to absorb minor losses. However, if not properly managed, retaining too much risk can lead to financial difficulties. It is important to assess the potential consequences thoroughly before choosing this strategy.