A featured contribution from Leadership Perspectives, a curated forum for insurance leaders, nominated by our subscribers and vetted by the Insurance Business Review Editorial Board.

Topgolf International

Dan Bailey, Head of Enterprise Risk and Insurance Management

Moving Beyond Compliance Toward Strategic Risk Leadership

Dan Bailey

Dan Bailey

Dan Bailey, CERP, GRCP, FBCI, MBCP, is Head of Enterprise Risk and Insurance Management at Topgolf International, with expertise in enterprise risk, operational resilience, business continuity, and insurance strategy. He focuses on building risk frameworks that connect governance, financial performance, and long-term organizational growth.

Lessons Shaping a Risk Leadership Journey

“Integrity, analytical rigor, and consistent engagement with leadership are non-negotiable in this work.”

The most formative lesson I've carried throughout my career is that Risk Management is fundamentally a people discipline, not a technical one. Frameworks, controls, and assessments are only as effective as the relationships and trust you build around them. Early in my career I recognized that to be truly effective, a Risk leader has to be a genuine business partner (partner is both a verb and a noun), not a compliance gatekeeper. That insight shaped how I approached building programs from the ground up. The kind of foundational builds I’ve had throughout my career taught me quickly that the architecture only works if the people across the organization understand why it matters and feel ownership with it. Another lesson is the value of connecting Risk Management directly to financial performance. Delivering $2.8 million in premium savings in a single policy year and collaboratively contributing to an overall goal of $2 million in recurring run rate savings through operational efficiencies reinforced for me that Risk leaders who speak the language of business value earn a seat at the table that pure Compliancefocused leaders often don't.

Evolving Risk Management Into a Strategic Function

“Organizations that treat risk as a silo will be outpaced by those that treat it as an advantage.”

Risk Management is evolving from a largely reactive, Compliance-driven function into a truly strategic capability that sits at the center of organizational decision-making. The complexity organizations face today demands that Risk leaders think well beyond issue identification and mitigation. We have to be forward-looking business strategists who can also tell a clear story with data. That's part of why building robust Risk reporting and analytics infrastructure matters so much. The Risk Management Reporting Dashboard developed at Topgolf wasn't just a reporting tool, it was a way of making Risk visible and actionable for decision-makers across the business. I've also seen the Integrated Risk Model evolve significantly, where Enterprise Risk, Insurance, Claims, Operational Resilience, and Third-Party Risk Management are no longer managed in isolation but as a connected ecosystem. Organizations that treat these as separate functions will increasingly be at a disadvantage compared to those with a unified, analytically driven risk architecture.

Priorities for Building Organizational Resilience

“You can't build a resilient organization if your risk and insurance functions aren't speaking the same language."

Three priorities stand out for me.

First – true integration of the Risk and Insurance functions. Too many organizations still manage their ERM and Insurance programs as parallel tracks that rarely inform each other. A Total Cost of Risk (TCOR) lens forces a more honest and complete view of how Risk is being retained, mitigated, and transferred (financed), and it creates a much stronger foundation for Insurance strategy.

Risk management creates the greatest impact when it moves beyond compliance, connecting strategy, financial performance, and organizational resilience to help businesses make confident decisions.

Second – regulatory fluency and proactive relationship management. When I helped lead the Risk function through Gateway First Bank's three-year strategic acquisition plan, earning documented compliments from FDIC examiners was the result of building programs with genuine rigor and transparency from day one. This discipline translates across industries.

Third – talent, culture, and training. Resilience isn't a system or a policy. It's built through teams that operate with integrity, think critically, and are empowered to raise issues. The Risk training and awareness programs I build are designed to create that culture broadly across the organization, not just within the Risk function itself.

Balancing Risk With Business Growth

"The best risk leaders aren't in the room because they have to be…they're there because the business wants them there."

This is the central tension in our profession and I think it's often framed incorrectly. Proactive Risk Management and business growth aren't opposing forces…they're complementary when done well. The job of a Risk leader isn't to say no; it's to help the organization understand what it's taking on so it can say yes with confidence and with appropriate guardrails in place. The clearest way I try to demonstrate that balance is by tying Risk work directly to financial outcomes. Contributing to recurring run rate savings through efficiency improvements, or negotiating premium reductions makes it undeniable that risk management creates business value…it doesn't just protect against losses. That shifts the conversation entirely. Having Risk involved in acquisition and due diligence reinforces this as well. Supporting a multi-year strategic acquisition plan means being embedded in business strategy from the start, not reviewing deals after the fact. That approach helped enable growth (primarily organic in nature) from $3 billion to over $10 billion in assets over six years. Leaders who earn trust through demonstrated financial impact and sound strategic judgment get invited into growth conversations early, and that's where the real balance between innovation and Risk is struck.

Advice for Future Risk Professionals

"The assignments that scare you a little are usually the ones that define you."

Invest relentlessly in breadth, maintain a “learner mentality” in order to create depth, and don't underestimate the Insurance side of this profession. Early in many risk careers, there's a tendency to gravitate toward the ERM and governance frameworks and treat insurance management as a more transactional function. In reality, understanding how to strategically design, price, and manage an organization's Insurance program, and how it integrates with your broader Risk retention and transfer (finance) strategy is a significant differentiator. A TCOR framework is something far too few Risk professionals can build and explain fluently, and it's increasingly what CFOs and Boards of Directors want to see.

Beyond technical skills, build your reputation on trust and integrity. Risk Management is a relationship-intensive profession, and the advice you give is only as valuable as the credibility you've earned. Pursue your certifications, develop fluency across ERM, Operational Risk and Resilience, regulatory dynamics, claims management, and pair all of it with genuine curiosity about how businesses operate and grow.

Finally, raise your hand for the hard assignments

•The ground-up program builds

•The fast-growth environments

•The organizations where the risk infrastructure doesn't yet exist

Those experiences are what will define and differentiate your career. The complexity is what makes this work meaningful.

The articles from these contributors are based on their personal expertise and viewpoints, and do not necessarily reflect the opinions of their employers or affiliated organizations.