Skip to content.
Return to Department of Building and Housing home page.

Appendix A: Risk management framework8

A key factor in assessing the likely liability is the risk management practices of the building consent authority. In order to assess the total risk management package it is useful to consider a generic risk management methodology.

The risk management framework set out on the following pages is not intended to be comprehensive, or for all parts to be achievable. The framework is included as a guide so that the various possible mechanisms that might be used can be categorised and their effectiveness evaluated.

The onus is on applicants to undertake this work and present the documentation to the Department for assessment. It is likely that applicants would require legal and other professional advice to do this.

This work has to be based on realistic assumptions and to a standard that enables the Department to assess the likely liability with confidence. The required adequate means may, otherwise, have to default to the full value of all buildings consented or certified.

The diagram opposite sets out the framework. Comments follow on the specific application of the framework to a building consent authority.

Risk management framework.

Exposure to risk

The first consideration is the potential exposure to risk. This would depend on the number and value of building consents or code compliance certificates that have been issued. The risk extends for the period of 10 years from the time of certification. All buildings certified in the last 10 years as well as the planned activity over the next period (eg, year) need to be considered.

In addition to the specific civil liabilities resulting from performing the duties of a building consent authority, any other significant risks should be considered. These other risks should be considered to the extent that they would reduce the means available to cover the specific liabilities being considered by the Department.

Operational risk management procedures

The next step is to consider the operational risk management procedures. This information should largely be available from the accreditation process, and is likely to cover skills, experience, qualifications, procedures, scope of accreditation and any other relevant items.

Risk

A building consent authority is liable, for 10 years from the date the certificate is issued, for any civil liability claim for an act or omission by the building consent authority. The value of the risk under consideration is the value of future liability claims awarded against the building consent authority.

The most likely scenarios include:

  • a certificate being issued for a building that does not comply with the Building Code
  • failure in some aspect of the building
  • subsequent inspection revealing non-compliance with the Building Code
  • negligence in the process of inspecting the building and issuing the code compliance certificate.

There may be other likely scenarios where the building consent authority incurs a liability. All likely scenarios or risks should be considered, but it should not be necessary to consider every conceivable risk.

Joint and several liability adds an extra risk if any of the contributing parties have contributed to the liability, but are unable to pay their contribution.

Transferred risk

Risk can be transferred to a third party through a variety of mechanisms, including insurance.

While ultimately the risk to be considered under the Act is the public liability claim, any risk transfer that is based on the event that gives rise to the liability claim should be considered. As mentioned earlier in these guidelines, an example of this would be a contract with a builder guaranteeing that the builder rectifies any building defects. The contract may be backed up by building warranty insurance to cover any remaining risks, including the bankruptcy risk of the builder.

It would be expected that the building consent authority would also have professional indemnity insurance covering civil liabilities resulting from negligence.

Retained risk

The retained risks are defined as all risks that have not been transferred. Consideration should be given to all the details of risk transfer contracts and policies including:

  • the definition of risks transferred
  • the duration for which the risk has been transferred
  • exclusions
  • excesses or deductibles and maximums.

The retained risk should consider the full term of the liability and include allowance for:

  • non-renewal of risk-sharing contracts that do not cover the full term of the liability (eg, annual contracts)
  • default risk of counter-parties.

The retained risk is the basis for determining the likely liabilities for which adequate means must be shown. There are a variety of financial assets and instruments that can be used to provide the adequate means. However, all methods would involve capital or access to additional capital in some form.

Funded liabilities

The liability for the retained risk can either be funded or unfunded. The decision on whether to fund the liability would depend on the nature of the liability. In general small, frequent liabilities would tend to be funded, whereas larger, less frequent and more uncertain liabilities may not be funded. An insurance company is required to fund all of its liabilities. The insurance accounting standards would provide guidance on how much additional margin is required in addition to the best estimate.

A key distinction for funded risk is that the arrangements are put in place before the event or loss happens. In order to fund a liability, the expected value of the liability needs to be estimated in some way. This would necessitate the implementation of processes and methodology to estimate and then monitor the value of the expected liability.

There are a number of possible methods for funding the liability, some of which are discussed below.

Self-insurance
An internal insurance fund is established on insurance principles to cover the expected retained losses. The self-insurance fund might be pooled with other, similar companies.

Captives
Self-insurance may also be undertaken through a captive, which is a subsidiary company set up and managed as an insurance company. The cash-flows to the subsidiary would be initial capital, premiums and claims. If a captive is used, the assessment should be on a 'look through' basis, considering the capital of the captive as well. If the captive does not have sufficient capital, additional capital would be required elsewhere.

Contingent capital
This may take several forms, but one example would be an arrangement with a third party to provide debt capital on pre-defined terms, if a pre-defined event were to happen. The provider of the capital is likely to require a fee up front that would reflect the likelihood of the loan being taken up and the subsequent risk of default. The loan might, for example, be triggered if liability claims reached a certain threshold. Another example could be a letter of credit from a bank.

The difference from insurance is that the building consent authority would still have to repay the capital. The third party's risk is the risk of the building consent authority being unable to pay the loan rather than the original liability risk.

Unfunded liabilities

An unfunded risk is where no prior arrangement has been made for funding that risk. It is what remains after allowing for transferred risk and funded retained risk.

The default position, if no other procedures have been put in place, is for all the risk to be unfunded. A building consent authority may not be able to, or may choose not to, fund any of the liabilities. If this is the case, the remaining unfunded liabilities would be difficult to evaluate.

The unfunded liability would include the additional margins not already funded or transferred that are needed to provide the required level of sufficiency.

The unfunded liability has to be met from the remaining reserves and capital of the company, or from additional capital.

The capital reserves of the company would be evaluated from the net assets adjusted for any additional liabilities, or funded amounts already considered.

The additional capital could include borrowing capital from the bank, or a capital injection. This additional capital should only be counted towards the adequate means if there is some guarantee in place that it would be available. If there is a guarantee of availability, the amount and terms on which the capital is provided should be considered.

Sustainability

All the components discussed above have to be sustainable for the full 10-year responsibility period of the liability. If any of the components are not sustainable the risk would default down into the unfunded liability. The sustainability of this would depend on the continuing existence of the building consent authority for 10 years after it ceases operating as a building consent authority.

The risk management plan should address the arrangements for ensuring this capital continues to be available.

8 The content of this Appendix has been extracted from advice provided to the Department of Building and Housing by PricewaterhouseCoopers in August 2005.