In many manufacturing companies, risk management is still associated with insurance. Take out a policy, check once a year whether the coverage still fits, and then move on. According to Michel van Hoof, Industry Director for the manufacturing sector at Ecclesia, that picture is far too narrow these days. Because anyone who takes risks in manufacturing seriously must look beyond premiums and terms and conditions. It's about continuity, vulnerabilities in the chain, cyber threats, contracts, personnel, and the question of whether a company can even keep going after a crisis.
That is exactly how Ecclesia positions itself: not as a party that starts with the policy, but as a business partner that works together with an entrepreneur to map out which risks are at play, which you can prevent, and which you may need to transfer. In this story, insurance is not the beginning but rather the final piece.
In manufacturing, almost all risks come together
Why does Ecclesia focus so emphatically on manufacturing? According to Van Hoof, it's because in this sector almost the entire risk spectrum comes together. Where some sectors mainly have one dominant type of risk, such as liability or data security, in manufacturing he sees a much broader accumulation of threats: liability, fire, transport, cyber, supply chain, business interruption, and personnel issues all run through one another here.
It is precisely this combination that, in his view, makes the sector both complex and vulnerable. A manufacturing company cannot simply start up again from one day to the next when something goes wrong. In the event of a fire, a major breakdown, or a cyber incident, not only an office comes to a standstill, but often an entire production process, with machines, stock, deliveries, and people who all depend on one another.
A manufacturing company does not simply restart after an incident
This difference from other sectors comes up several times in the conversation. Van Hoof uses the example of an ICT company that can be operational again relatively quickly after an incident, if necessary from home or from another location. For a manufacturing company, the situation is different. There, machines, buildings, logistics, and production capacity are directly intertwined with business operations. If that chain is interrupted, recovery is often a much heavier undertaking.
And that is precisely why risk management here, according to Ecclesia, is not an administrative check but a strategic necessity.
Risk management starts with a negative mindset
One notably practical piece of advice from the conversation is that entrepreneurs should occasionally consciously put on their "negative hat." Not to become pessimistic, but to think through a scenario they would normally prefer to avoid. What happens if a cyber incident hits your production? What happens if a fire strikes your building? What happens if a recall is needed, or if a major customer contractually places too much liability on you?
According to Van Hoof, good risk management starts precisely there: by making explicit what can go wrong, instead of quietly hoping it will all be fine.
Insurance is not the core, but the final piece
Ecclesia is clear about its approach. The company does not want to start with the question of which policy someone has, but first with the question of what a company actually does, why it does things the way it does, and where the vulnerabilities lie. Only once it's clear what you can prevent, reduce, or accept does the question come into play of whether part of the risk should also be insured.
That is a fundamentally different approach from classic policy thinking. Not first cover and then think about it, but first understand and then determine what you really need to insure.
The real goal is that a company continues to exist
When asked whether risks are financial, legal, or strategic, Van Hoof clearly opts for the latter. Of course the outcomes can be expressed financially or legally, but ultimately, in his view, it comes down to one core question: does the company continue to exist after an incident?
This also makes clear why Ecclesia calls itself a business partner. Not because it sounds good, but because their role shifts from insurance broker to co-risk manager. Together with the client, it must be determined which risks exist, what their impact is, and which measures make sense within the context of the company.
A false sense of security arises faster than entrepreneurs think
One of the more uncomfortable themes in the conversation is false security. Many entrepreneurs think they have their risks under control because a scan was once done, because the policy was renewed last year, or because a particular topic has "already been looked at." According to Van Hoof, that is precisely the pitfall. Risk management is not a one-off exercise, but a continuous process.
New contracts, new markets, changing suppliers, digitalization, geopolitical tensions, and cyber threats mean that a risk profile is constantly shifting. What was logically insured or covered two years ago need not be so today.
Contracts are one of the places where many risks enter unseen
A concrete example of such an underestimated risk lies, according to Van Hoof, in commercial contracts. Companies are often happy to land a good deal and then casually send over the terms and conditions. Ecclesia wants to look along precisely at that moment. Not only warn in general terms about too much liability, but actually see and assess that contract.
A lot is hidden there. Because in practice, risks don't only creep in via fire or damage, but just as easily via legal obligations that unnoticed grow larger than the company can handle.
A policy is not yet a continuity plan
This ties in with a broader message from the conversation: having a policy is not the same as having control. An insurance policy covers certain risks, but does not automatically change the behavior, readiness, or resilience of an organization. For that, you have to keep continuously mirroring your coverage against the actual risks you face.
And that, according to Ecclesia, is precisely where things often go wrong. Companies think: we have coverage, so we're fine. Meanwhile, reality has already changed again.
Risk and benefit belong together
Also interesting is the way Van Hoof links risk and benefit together. Certainly in manufacturing, where capital-intensive environments come together with machine parks, buildings, and specialized production, the focus often lies strongly on the material side. But according to him, that is too limited. Because without people, nothing functions. Machines and buildings have no value if there are no people to operate them, maintain them, and keep the processes running.
That is why personnel risks, in his view, must be taken just as seriously as financial or material risks.
Cyber and supply chain make risk management more urgent than ever
The two biggest market developments that, according to Ecclesia, make the topic increasingly urgent are cyber and supply chain. Cyber has ranked high on risk lists for years, but a remarkably large proportion of companies still have that risk barely or not at all covered. At the same time, Van Hoof also understands why. Many companies first want their security in order before they look at insurance. He finds that logical in itself, but he does argue for thinking in parallel about what happens if it goes wrong anyway.
Supply chain is the other major factor. A lot of production has been moved abroad, chains have become longer, and dependencies greater. As a result, the chance has increased that a disruption outside your own view directly impacts your delivery reliability and continuity.
Entrepreneurs know their business well, but don't always see everything
Van Hoof also nuances a possible misunderstanding: it's not that entrepreneurs don't know their business. On the contrary. Many entrepreneurs know very well how their company works. But precisely because they are in the middle of it, they sometimes miss the open perspective from the outside. That, according to him, is where the added value of an external partner lies. Not to know better, but to make visible, with structure, distance, and probing questions, what goes unnoticed within the daily routine.
That, according to Ecclesia, is also why entrepreneurs often appreciate an external review. Not because they see nothing, but because someone else helps to systematically go through everything again.
The process starts with a blank sheet
What's striking in the conversation is how simply Van Hoof describes the start of a risk process. Not a thick model or standard questionnaire as a starting point, but a blank sheet of paper. Just tell me what you do. How does the company work? Why are things set up the way they are? What makes it exciting? From there, an organic conversation develops in which Ecclesia listens a lot, probes a lot, and thus arrives step by step at a risk profile.
That risk profile is then discussed, classified, and weighed together with the client. Not only by looking at probability and consequence, but also by having the client indicate how serious they consider a particular scenario. This makes clear where something immediately turns red, where a company still wants to bear something itself, and where additional measures are needed.
Risk management must become an integral part of business operations
Van Hoof's closing message is clear: risk management should not be a separate exercise, but an integral part of the company. Not only during an annual insurance round, but in everything a company does. This does not call for permanent fear, but it does call for an organization that is aware of risks, knows what the impact can be, and has thought in advance about what will, will not, or will partly be borne.
Conclusion
The story of Ecclesia shows that risk management in manufacturing goes much further than coverage and policy terms. According to Michel van Hoof, it ultimately comes down to continuity: knowing what your risks are, what the impact is if they materialize, and which measures are needed to keep the company standing even after an incident.
Insurance is important in this, but never the starting point. First, a company must understand where the real vulnerabilities lie — in contracts, in people, in cyber, in the supply chain, or in the way risks are assessed internally. Only then can you responsibly decide what you want to prevent, what you want to bear, and what you want to transfer. And that, according to Ecclesia, is precisely where modern risk management begins.
FAQ
What does Ecclesia do for manufacturing companies?
Ecclesia helps manufacturing companies with risk management, employment conditions, and insurance advice, with a specific focus on the broad risks within manufacturing.
Why is risk management in manufacturing more complex?
Because in manufacturing many types of risk come together, such as fire, cyber, liability, transport, supply chain, and business interruption.
Why is a policy alone not enough?
Because insurance only covers certain financial consequences and provides no guarantee of control, continuity, or an up-to-date view of the risk profile.
Which risks are often underestimated today?
Among others, cyber, supply chain disruptions, contractual liability, and personnel risks are, according to Ecclesia, still often not examined broadly enough.
What, according to Ecclesia, is the most important message?
Make risk management an integral part of your company and continuously think about what can happen, how you prevent it, and what you do if it goes wrong anyway.
