Cyber attacks, production stoppages, crises with media explosive force: the threats to companies today are more complex, faster and more existential than ever before. Anyone who believes that a policy alone offers security is mistaken. Fabian Germann, Senior Consultant Group Insurance Department at Raiffeisen Switzerland and semi-independent risk manager for SMEs, is calling for a rethink: away from pure insurance cover and towards holistic risk management. In this interview, he talks about pragmatic approaches for small and medium-sized companies, his role between in-house brokerage and self-employment and his collaboration with riskAware. And he explains why good preparation doesn’t end when you sign a policy, but only begins there.
Find out why Fabian Germann is rethinking risk management and why insurance alone is not enough in the following interview with thebrokernews.
Fabian Germann, you have been working in the insurance world for over 15 years. Was there a specific moment that prompted you to also become self-employed?
Yes, there was one. When I entered the insurance industry, as a trained chimney sweep I was a classic career changer characterized by the core business: sales, underwriting, claims management. Everything revolved around policies, premiums and processes. But during my further training at the ZHAW in integrated risk management, a new world opened up for me. I began to understand that risks not only need to be insured, but actively managed.
With every year in the industry, it became clearer to me that insurance covers losses but does not prevent crises. Actual risk management is often left out of the equation. This realisation was the turning point. I no longer wanted to just react, I wanted to help companies to act proactively. I set myself precisely this goal when I became self-employed: To close the gap between insurance and risk management and offer SMEs a pragmatic, tangible approach.
What has personally bothered you most about the way risk is often treated in the traditional insurance world?
Have you ever wondered whether your insurance really protects you? We often look for solutions exclusively within the insurance world: we adapt GCIs, develop special conditions, tweak wordings so that your risk is insured. But the crucial questions usually remain unanswered: How can you avoid risks? What measures can reduce them sustainably?
When was the last time your consultant checked your contracts to uncover hidden liability risks? Do you know which Incoterms apply to you and what consequences this can have The truth is: there are numerous simple ways to make risks visible and derive effective measures. The key is not just to protect yourself, but to understand and act before damage occurs.
You work part-time at Raiffeisen and are self-employed at the same time. In your opinion, what conditions must be met for this model to work?
The foundation is trust. It doesn’t work without that. Employers and employees must deal with each other openly and without fear. The activities must not compete with each other, but complement each other. For this to succeed, clear rules and transparency are needed, especially towards the team.
I have experienced this myself: when I started my model, my first step was an open discussion with my line manager. We defined together which tasks have priority and how we can ensure that work doesn’t suffer. This clarity not only created trust, but also showed that both sides can benefit.
The goal is simple: work must not suffer. Open dialog and a clear distribution of roles are crucial. Those who create these conditions will win, because such models are not only possible, they are the future of the working world.
What are the biggest challenges of self-employment in the risk environment? Are they organizational, mental or cultural?
Self-employment in a risk environment is not an adventure, but a stress test for personality and network. The biggest challenge? Clearly: customer acquisition. It’s difficult without a strong network and sales experience. This is where my past in sales comes in handy and I consciously invest in relationships.
Organizationally, self-employment is surprisingly easy today: with the right tools and platforms, you can get to work quickly The real challenge lies in the mental and cultural aspects: You move between two working worlds, two cultures and your own goals. You have to endure this tension and still stay focused. This is precisely why personal development is not a luxury for me, but a duty and an integral part of my free time.
In your opinion, is partial self-employment a realistic future model for experienced professionals in the insurance industry?
Yes, absolutely, and I even believe that partial self-employment is the future for experienced professionals. Today, companies often waste potential because people have to do tasks that don’t match their strengths. This is not only inefficient, but frustrating.
If it is possible to align work more closely with the skills and passions of employees, both sides benefit. Partial self-employment opens up precisely this opportunity: skilled workers can contribute their expertise where they create the greatest added value and at the same time drive their own projects forward. Ultimately, it’s about self-reflection: How much time do I really have? What am I passionate about? Those who answer these questions honestly and have the courage to break new ground will not only be more productive, but also more satisfied at work.
You work on a contract basis with riskAware together. Why did you make a conscious decision not to have your own competing offer?
It was actually a coincidence and a conscious decision. I got talking to Marco La Bella through a good contact. It was clear from the very first exchange that we spoke the same language, shared the same ideas and the same values. Instead of putting energy into competition, we wanted to pull together. I don’t believe in competition at any price. Cooperation creates more value for customers and for us than going it alone. What’s more, a truly unique selling point is difficult to achieve in the risk environment anyway.
And last but not least: I also had to do my own risk management for self-employment. Working with riskAware was a risk mitigation measure for me. What I recommend to SMEs, I also consistently do for myself.
What does it actually mean to “speak the same language” when it comes to risk management?
Speaking the same language means understanding risks in the same way and setting the same priorities. In risk management, many people talk about “exposure” or “residual risk”, but they mean different things. This leads to dangerous gaps.
For me, this means We need to create a common basis with clear terms, transparent communication and an understanding of how risks work in everyday life. Only when everyone involved interprets the same concepts in the same way can we derive effective measures.
In the end, it’s not about technical jargon, but about understanding: When the CFO, the production manager and the managing director speak the same language, risk management goes from a theoretical concept to a lived practice.
What added value is created by combining your experience with the riskAware network and tools?
Over the past 15 years, I have supported numerous SMEs and learned how different their needs are. My time at Suva also showed me how important safety and prevention are in everyday life. Today, I combine this knowledge with a broad network in the industry and this is exactly where riskAware comes in.
Many SMEs work with insurance brokers, but they lack a simple, effective tool for low-threshold risk management. This is what makes riskAware so powerful: it dispenses with unnecessary complexity, is intuitive to use and provides reports that are understandable and relevant to decision-making, even for the board of directors. The highlight: the broker remains involved and benefits enormously because he understands his clients better and takes his advice to a new level. This creates triple added value for SMEs, brokers and the entire risk culture.
You talk about “low-threshold risk management” for SMEs. What does that mean in concrete terms and, above all, what does it not mean?
Low-threshold risk management means: simple, understandable and implementable, without consultantese and without expensive large-scale projects. For SMEs, this means that risks are made visible, prioritized and reduced with pragmatic measures, without complicated frameworks or 200-page reports. It is about tools and processes that fit into everyday life and do not create additional bureaucracy.
What it does not mean is that it is not “light” risk management that trivializes risks or treats them superficially. Low-threshold does not mean less quality, but fewer hurdles so that SMEs can take active action instead of ignoring risks. What counts in the end: Less theory, more practice.
Where do you see the biggest blind spots in SMEs when dealing with risks?
Structural risks are the biggest blind spot, even before cyber. Cyber risks are currently on everyone’s lips, and yes, they affect every SME. But even more dangerous are often the invisible dependencies in your own company: suppliers, key people, processes that only one person controls.
Many people underestimate how paralyzing the loss of a manager or expert can be. Who decides if the business owner is absent for six months? Who knows the customer contacts? Are there clear substitution rules? These questions are rarely asked, yet they can be assessed in a structured manner and mitigated with simple measures. This is where real risk management begins.
How do entrepreneurs react when you explain to them that insurance is only ever part of the solution?
The first reaction is usually surprise and sometimes skepticism. Many entrepreneurs rely blindly on their insurance because they only know the claims that have been settled: Machine breakage, vehicle fire, water damage.
In conversation, it quickly becomes clear: insurance is important, but it only covers part of the story. Risk management starts where policies end: with processes, structures and prevention. The “aha” moment often comes after a few specific questions: What happens if your key employee is absent? Who decides if you are absent for six months? Then most people realize that it’s worth taking a closer look.
You are a member of a crisis team and have in-depth training in crisis and emergency management. What is most often underestimated in practice?
In practice, people underestimate what happens outside their own plan. Many things are well regulated within the processes: In business continuity management (BCM), there are clear structures and processes that define the path back to normal operations.
However, the real challenge lies outside the company’s own sphere of influence: public dynamics, media interest, sudden appearances at company headquarters, hostility on social media and employee uncertainty. These factors are difficult to calculate, which is precisely why they are often overlooked. If you want to manage crises, you not only need to master processes, but also communication, psychology and dealing with public perception.
Many organizations practice crises once a year. Is that enough and if not, what would be realistic?
Practicing once a year is not enough and gives a false sense of security. Crisis management is like a muscle: if you only train it once a year, you won’t be able to perform in an emergency. For larger organizations, I consider 2-3 practical exercises per year to be realistic and recommend involving external experts. The key lies in realistic scenarios: Not just simulation games, but exercises under real pressure. If the house is on fire, nobody asks about the policy first.
My further training at the ZHAW showed me this impressively: live radio and TV interviews with only 60 minutes of preparation. It was intense, but that’s the reality. Only those who practise regularly and under stress can act confidently in an emergency.
You say: “If the house is on fire, nobody asks about the policy first.” What does this mean for risk management priorities?
This means that action and emergency plans must be designed in such a way that they function independently of the insurance company. They must serve the company, not the insurer. In risk management, this means that priorities are placed on reducing existential risks and on clear action procedures in the event of an emergency. Those who are prepared not only protect their company, but also fulfill their duty to minimize losses.
And a side effect: insurers are also grateful if a good emergency plan reduces the extent of damage. Anyone who secures property immediately in the event of a fire is not only acting wisely, but professionally.
Cyber risks are highly topical. In your experience, where is it not so much technology that fails, but rather communication, organization or culture?
Many companies are technically well positioned. The biggest weaknesses lie elsewhere: in a lack of communication, unclear responsibilities and a culture that does not embrace security. If employees don’t know how to react to a phishing email or if no one has defined who makes decisions in an emergency, even the best technology won’t help.
It is equally critical when managers dismiss cyber risks as an “IT issue” instead of understanding them as strategic corporate risks. Cybersecurity is not a tool, but a mindset. It requires clear processes, regular training and a culture in which everyone understands that security is a management and team matter.
The questions were asked by Binci Heeb.
Fabian Germann is an insurance expert, risk manager and founder of Germann Risk Consulting. Together with riskAware, he helps SMEs, entrepreneurs and brokers to not only insure risks, but to really understand them and make better decisions. His focus is on pragmatic risk management, clear communication and uncomfortable truths that create long-term stability. In his private life, he is a family man, lives in Winterthur and finds balance outdoors in endurance sports, nature and new perspectives.
Read also: “The broker becomes an entrepreneurial risk manager for SMEs”
Search:
Sponsors:
