July 10, 2017 | Author: athar | Category: Risk Management, Insurance, Risk, Financial Risk, Business
Share Embed Donate

Short Description

Download Risk_Management_in__Insurance.pdf...



Sr No


Page numbers 1 2 3 5

1. 2 3 4

Executive Summary What Is Risk? How Insurance Works? Introduction To Risk Management


Principles Of Risk Management



Risk Assessment Process And Guiding Principles



Steps In The Risk Management Process



Types Of Risks—Risk Exposures


9 10

Other Risks Potential Risk Treatments

19 21


Emerging Areas Of Risk Management





What Are The Benefits Of Risk Management To The Insurance Company? Enterprise Risk Management For Insurance Companies


Key Risks Faced By Insurance Sector Globally



Key Trends In Risk Management



Where Will The Indian Insurance Market Be In 2020?










EXECUTIVE SUMMARY Risk, in insurance terms, is the possibility of a loss or other adverse event that has the potential to interfere with an organization’s ability to fulfill its mandate, and for which an insurance claim may be submitted. Risk management ensures that an organization identifies and understands the risks to which it is exposed. Risk management also guarantees that the organization creates and implements an effective plan to prevent losses or reduce the impact if a loss occurs. A risk management plan includes strategies and techniques for recognizing and confronting these threats. Good risk management doesn’t have to be expensive or time consuming; it may be as uncomplicated as answering these three questions: 1. What can go wrong? 2. What will we do, both to prevent the harm from occurring and in response to the harm or loss? 3. If something happens, how will we pay for it? Risk management provides a clear and structured approach to identifying risks. Having a clear understanding of all risks allows an organization to measure and prioritize them and take the appropriate actions to reduce losses. Risk management has other benefits for an organization, including: • • • • • • • •

Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur. Protecting the reputation and public image of the organization. Preventing or reducing legal liability and increasing the stability of operations. Protecting people from harm. Protecting the environment. Enhancing the ability to prepare for various circumstances. Reducing liabilities. Assisting in clearly defining insurance needs.

An effective risk management practice does not eliminate risks. However, having an effective and operational risk management practice shows an insurer that your organization is committed to loss reduction or prevention. It makes your organization a better risk to insure




WHAT IS RISK? The Concise Oxford Dictionary defines risk as “hazard, a chance of bad consequences, loss or exposure to mischance”. In a discussion with students taking a course on financial risk management, ingredients which typically enter are events, decisions, consequences and uncertainty. Mostly only the downside is mentioned, rarely a possible upside. For financial risks, the subject of this book, we might arrive at a definition such as “any event or action that may adversely affect an organization’s ability to achieve its objectives and execute its strategies” or, alternatively, “the quantifiable likelihood of loss or less-than-expected returns”. But while these capture some of the elements of risk, no single one sentence definition is entirely satisfactory in all contexts. People seek security. A sense of security may be the next basic goal after food, clothing, and shelter. An individual with economic security is fairly certain that he can satisfy his needs (food, shelter, medical care, and so on) in the present and in the future. Economic risk (which we will refer to simply as risk) is the possibility of losing economic security. Most economic risk derives from variation from the expected outcome. One measure of risk, used in this study note, is the standard deviation of the possible outcomes. As an example, consider the cost of a car accident for two different cars, a Porsche and a Toyota. In the event of an accident the expected value of repairs for both cars is 2500. However, the standard deviation for the Porsche is 1000 and the standard deviation for the Toyota is 400. If the cost of repairs is normally distributed, then the probability that the repairs will cost more than 3000 is 31% for the Porsche but only 11% for the Toyota. Modern society provides many examples of risk. A homeowner faces a large potential for variation associated with the possibility of economic loss caused by a house fire. A driver faces a potential economic loss if his car is damaged. A larger possible economic risk exists with respect to potential damages a driver might have to pay if he injures a third party in a car accident for which he is responsible. Historically, economic risk was managed through informal agreements within a defined Community. If someone’s barn burned down and a herd of milking cows was destroyed, the community would pitch in to rebuild the barn and to provide the farmer with enough cows to replenish the milking stock. This cooperative (pooling) concept became formalized in the insurance industry. Under a formal insurance arrangement, each Page | 2 KISHINCHAND CHELLARAM COLLEGE


insurance policy purchaser (policyholder) still implicitly pools his risk with all other policyholders. However, it is no longer necessary for any individual policyholder to know or have any direct connection with any other policyholder.

HOW INSURANCE WORKS Insurance is an agreement where, for a stipulated payment called the premium, one party (the insurer) agrees to pay to the other (the policyholder or his designated beneficiary) a defined amount (the claim payment or benefit) upon the occurrence of a specific loss. This defined claim payment amount can be a fixed amount or can reimburse all or a part of the loss that occurred. The insurer considers the losses expected for the insurance pool and the potential for variation in order to charge premiums that, in total, will be sufficient to cover all of the projected claim payments for the insurance pool. The premium charged to each of the pool participants is that participant’s share of the total premium for the pool. Each premium may be adjusted to reflect any 3 special characteristics of the particular policy. As will be seen in the next section, the larger the policy pool, the more predictable its results. Normally, only a small percentage of policyholders suffer losses. Their losses are paid out of the premiums collected from the pool of policyholders. Thus, the entire pool compensates the unfortunate few. Each policyholder exchanges an unknown loss for the payment of a known premium. Under the formal arrangement, the party agreeing to make the claim payments is the insurance company or the insurer. The pool participant is the policyholder. The payments that the policyholder makes to the insurer are premiums. The insurance contract is the policy. The risk of any unanticipated losses is transferred from the policyholder to the insurer who has the right to specify the rules and conditions for participating in the insurance pool. The insurer may restrict the particular kinds of losses covered. For example, a peril is a potential cause of a loss. Perils may include fires, hurricanes, theft, and heart attack. The insurance policy may define specific perils that are covered, or it may cover all perils with certain named exclusions (for example, loss as a result of war or loss of life due to suicide). Hazards are conditions that increase the probability or expected magnitude of a loss. Examples include smoking when considering potential healthcare losses, poor wiring in a house when considering losses due to fires, or a California residence when considering earthquake damage. Page | 3 KISHINCHAND CHELLARAM COLLEGE


In summary, an insurance contract covers a policyholder for economic loss caused by a peril named in the policy. The policyholder pays a known premium to have the insurer guarantee payment for the unknown loss. In this manner, the policyholder transfers the economic risk to the insurance company. Risk, as discussed in Section I, is the variation in potential economic outcomes. It is measured by the variation between possible outcomes and the expected outcome: the greater the standard deviation, the greater the risk.



INTRODUCTION TO RISK MANAGEMENT Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. Risks can come from uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attacks from an adversary. Several risk management standards have been developed including the Project Management Institute, the National Institute of Science and Technology, actuarial societies, and ISO standards. Methods, definitions and goals vary widely according to whether the risk management method is in the context of project management, security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health and safety. The strategies to manage risk include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk. Certain aspects of many of the risk management standards have come under criticism for having no measurable improvement on risk even though the confidence in estimates and decisions increase. In ideal risk management, a prioritization process is followed whereby the risks with the greatest loss and the greatest probability of occurring are handled first, and risks with lower probability of occurrence and lower loss are handled in descending order. In practice the process can be very difficult, and balancing between risks with a high probability of occurrence but lower loss versus a risk with high loss but lower probability of occurrence can often be mishandled. Intangible risk management identifies a new type of a risk that has a 100% probability of occurring but is ignored by the organization due to a lack of identification ability. For example, when deficient knowledge is applied to a situation, a knowledge risk materializes. Relationship risk appears when ineffective collaboration occurs. Processengagement risk may be an issue when ineffective operational procedures are applied. These risks directly reduce the productivity of knowledge workers, decrease cost effectiveness, profitability, service, quality, reputation, brand value, and earnings quality. Intangible risk management allows risk management to create immediate value from the identification and reduction of risks that reduce productivity.



Risk management also faces difficulties in allocating resources. This is the idea of opportunity cost. Resources spent on risk management could have been spent on more profitable activities. Again, ideal risk management minimizes spending and minimizes the negative effects of risks. Principles of risk management The International Organization for Standardization (ISO) identifies the following principles of risk management: Risk management should: • • • • • • • • • • •

Create value Be an integral part of organizational processes Be part of decision making Explicitly address uncertainty Be systematic and structured Be based on the best available information Be tailored Take into account human factors Be transparent and inclusive Be dynamic, iterative and responsive to change Be capable of continual improvement and enhancement




Four Elements of the Management Process Risk Assessment

Risk Control

Risk Financing


Risk Guiding Principles 1. Identify total assets and resources of organizations. 2. Identify major exposures to loss. 3. Calculate values of assets and resources. 4. Measure current risk. 5. Project and communicate future losses and potential risk. 6. Support proactive risk and loss control programs. 7. Provide maximum incentive for participation in risk control program. 8. Monitor effectiveness of risk control activities. 9. Finance risk, taking advantage of all available financial resources. 10. Maintain appropriate catastrophe protection. 11. Create and sustain management commitment to risk management. 12. Adopt a clearly defined risk management structure. 13. Develop clearly targeted annual objectives. 14. Maintain sound communications with all affected levels of management.



STEPS IN THE RISK MANAGEMENT PROCESS According to C. Arthur Williams Jr. and Richard M. Heins in their book Risk Management and Insurance, the risk management process typically includes six steps. These steps are 1) Determining the objectives of the organization, 2) Identifying exposures to loss, 3) Measuring those same exposures, 4) Selecting alternatives, 5) Implementing a solution, and 6) Monitoring the results. The primary objective of an organization—growth, for example—will determine its strategy for managing various risks. Identification and measurement of risks are relatively straightforward concepts. Earthquake may be identified as a potential exposure to loss, for example, but if the exposed facility is in New York the probability of earthquake is slight and it will have a low priority as a risk to be managed. Businesses have several alternatives for the management of risk, including avoiding, assuming, reducing, or transferring the risks. Avoiding risks, or loss prevention, involves taking steps to prevent a loss from occurring, via such methods as employee safety training. As another example, a pharmaceutical company may decide not to market a drug because of the potential liability. Assuming risks simply means accepting the possibility that a loss may occur and being prepared to pay the consequences. Reducing risks, or loss reduction, involves taking steps to reduce the probability or the severity of a loss, for example by installing fire sprinklers. Transferring risk refers to the practice of placing responsibility for a loss on another party via a contract. The most common example of risk transference is insurance, which allows a company to pay a small monthly premium in exchange for protection against automobile accidents, theft or destruction of property, employee disability, or a variety of other risks. Because of its costs, the insurance option is usually chosen when the other options for managing risk do not provide sufficient protection. Awareness of, and familiarity with, various types of insurance policies is a necessary part of the risk management process. A final risk management tool is self-retention of risks—



sometimes referred to as "self-insurance." Companies that choose this option set up a special account or fund to be used in the event of a loss. Any combination of these risk management tools may be applied in the fifth step of the process, implementation. The final step, monitoring, involves a regular review of the company's risk management tools to determine if they have obtained the desired result or if they require modification. Nation's Business outlined some easy risk management tools for small businesses: maintain a high quality of work; train employees well and maintain equipment properly; install strong locks, smoke detectors, and fire extinguishers; keep the office clean and free of hazards; back up computer data often; and store records securely offsite.



Types of Risks—Risk Exposures

A) Pure versus Speculative Risk Exposures Some people say that Eskimos have a dozen or so words to name or describe snow. Likewise, professional people who study risk use several words to designate what others intuitively and popularly known as “risk.” Professionals note several different ideas for risk, depending on the particular aspect of the “consequences of uncertainty” that they wish to consider. Using different terminology to describe different aspects of risk allows risk professionals to reduce any confusion that might arise as they discuss risks.

As we noted in Table 1.2, “Examples of Pure versus Speculative Risk Exposures”, risk professionals often differentiate between pure risk that features some chance of loss and no chance of gain (e.g., fire risk, flood risk, etc.) and those they refer to as speculative risk. Speculative risks feature a chance to either gain or lose (including investment risk, reputational risk, strategic risk, etc.). This distinction fits well into Figure 1.3, “Roles (Objectives) Underlying the Definition of Risk”. The right-hand side focuses on speculative risk. The left-hand side represents pure risk. Risk professionals find this distinction useful to differentiate between types of risk.

Some risks can be transferred to a third party—like an insurance company. These third parties can provide a useful “risk management solution.” Some situations, on the other hand, require risk transfers that use capital markets, known as hedging or securitizations. Hedging refers to activities that are taken to reduce or eliminate risks. Securitization is the packaging and transferring of insurance risks to the capital markets through the issuance of a financial security. We explain such risk retention in Chapter 4, Evolving Risk Management: Fundamental Tools and Chapter 5, The Evolution of Risk Management: Enterprise Risk Management. Risk retention is when a firm retains its risk. In essence it is self-insuring against adverse contingencies out of its own cash flows. For example, firms might prefer to capture up-side return potential at the same time that they mitigate while mitigating the downside loss potential.

In the business environment, when evaluating the expected financial returns from the introduction of a new product (which represents speculative risk), other issues Page | 10 KISHINCHAND CHELLARAM COLLEGE


concerning product liability must be considered. Product liability refers to the possibility that a manufacturer may be liable for harm caused by use of its product, even if the manufacturer was reasonable in producing it. Table 1.2, “Examples of Pure versus Speculative Risk Exposures” provides examples of the pure versus speculative risks dichotomy as a way to cross classify risks. The examples provided in Table 1.2, “Examples of Pure versus Speculative Risk Exposures” are not always a perfect fit into the pure versus speculative risk dichotomy since each exposure might be regarded in alternative ways. Operational risks, for example, can be regarded as operations that can cause only loss or operations that can provide also gain. However, if it is more specifically defined, the risks can be more clearly categorized.

The simultaneous consideration of pure and speculative risks within the objectives continuum of Figure 1.3, “Roles (Objectives) Underlying the Definition of Risk” is an approach to managing risk, which is known as enterprise risk management (ERM). ERM is one of today’s key risk management approaches. It considers all risks simultaneously and manages risk in a holistic or enterprise-wide (and risk-wide) context. ERM was listed by the Harvard Business Review as one of the key breakthrough areas in their 2004 evaluation of strategic management approaches by top management.[9] In today’s environment, identifying, evaluating, and mitigating all risks confronted by the entity is a key focus. Firms that are evaluated by credit rating organizations such as Moody’s or Standard & Poor’s are required to show their activities in the areas of enterprise risk management. As you will see in later chapters, the risk manager in businesses is no longer buried in the tranches of the enterprise. Risk managers are part of the executive team and are essential to achieving the main objectives of the enterprise. A picture of the enterprise risk map of life insurers is shown later in Figure 1.5, “A Photo of Galveston Island after Hurricane Ike”.



Table 1.2. Examples of Pure versus Speculative Risk Exposures Speculative Risk—Possible Gains or Losses

Pure Risk—Loss or No Loss Only

Market risks: interest risk, Physical damage risk to property (at the enterprise level) foreign exchange risk, stock such as caused by fire, flood, weather damage market risk Liability risk exposure (such as products liability, premise Reputational risk liability, employment practice liability) Innovational or technical obsolescence risk

Brand risk

Operational risk: mistakes in process or procedure that Credit risk (at the individual cause losses enterprise level) Mortality and morbidity risk at the individual level

Product success risk

Intellectual property violation risks

Public relation risk

Environmental risks: water, air, hazardous-chemical, and other pollution; depletion of resources; irreversible Population changes destruction of food chains Natural disaster damage: floods, earthquakes, windstorms Market for the product risk Man-made destructive risks: nuclear risks, unemployment, population changes, political risks


Regulatory change risk

Mortality and morbidity risk at the societal and global level (as in pandemics, social security program exposure, Political risk nationalize health care systems, etc.) Accounting risk Longevity risk at the societal level Genetic testing and genetic engineering risk Page | 12 KISHINCHAND CHELLARAM COLLEGE


Pure Risk—Loss or No Loss Only

Speculative Risk—Possible Gains or Losses Investment risk Research risk



Within the class of pure risk exposures, it is common to further explore risks by use of the dichotomy of personal property versus liability exposure risk.

B) Personal Loss Exposures—Personal Pure Risk Because the financial consequences of all risk exposures are ultimately borne by people (as individuals, stakeholders in corporations, or as taxpayers), it could be said that all exposures are personal. Some risks, however, have a more direct impact on people’s individual lives. Exposure to premature death, sickness, disability, unemployment, and dependent old age are examples of personal loss exposures when considered at the individual/personal level. An organization may also experience loss from these events when such events affect employees. For example, social support programs and employer-sponsored health or pension plan costs can be affected by natural or man-made changes. The categorization is often a matter of perspective. These events may be catastrophic or accidental.

C) Property Loss Exposures—Property Pure Risk Property owners face the possibility of both direct and indirect (consequential) losses. If a car is damaged in a collision, the direct loss is the cost of repairs. If a firm experiences a fire in the warehouse, the direct cost is the cost of rebuilding and replacing inventory. Consequential or indirect losses are nonphysical losses such as loss of business. For example, a firm losing its clients because of street closure would be a consequential loss. Such losses include the time and effort required to arrange for repairs, the loss of use of the car or warehouse while repairs are being made, and the additional cost of replacement facilities or lost productivity. Property loss exposures are associated with both real property such as buildings and personal property such as automobiles and the contents of a building. A property is exposed to losses because of accidents or catastrophes such as floods or hurricanes.



D) Liability Loss Exposures—Liability Pure Risk The legal system is designed to mitigate risks and is not intended to create new risks. However, it has the power of transferring the risk from your shoulders to mine. Under most legal systems, a party can be held responsible for the financial consequences of causing damage to others. One is exposed to the possibility of liability loss (loss caused by a third party who is considered at fault) by having to defend against a lawsuit when he or she has in some way hurt other people. The responsible party may become legally obligated to pay for injury to persons or damage to property. Liability risk may occur because of catastrophic loss exposure or because of accidental loss exposure. Product liability is an illustrative example: a firm is responsible for compensating persons injured by supplying a defective product, which causes damage to an individual or another firm.

E) Catastrophic Loss Exposure and Fundamental or Systemic Pure Risk Catastrophic risk is a concentration of strong, positively correlated risk exposures, such as many homes in the same location. A loss that is catastrophic and includes a large number of exposures in a single location is considered a no accidental risk. All homes in the path will be damaged or destroyed when a flood occurs. As such the flood impacts a large number of exposures, and as such, all these exposures are subject to what is called a fundamental risk. Generally these types of risks are too pervasive to be undertaken by insurers and affect the whole economy as opposed to accidental risk for an individual. Too many people or properties may be hurt or damaged in one location at once (and the insurer needs to worry about its own solvency). Hurricanes in Florida and the southern and eastern shores of the United States, floods in the Midwestern states, earthquakes in the western states, and terrorism attacks are the types of loss exposures that are associated with fundamental risk. Fundamental risks are generally systemic and no diversifiable.



Figure 1.5. A Photo of Galveston Island after Hurricane Ike

Accidental Loss Exposure and Particular Pure Risk Many pure risks arise due to accidental causes of loss, not due to man-made or intentional ones (such as making a bad investment). As opposed to fundamental losses, non catastrophic accidental losses, such as those caused by fires, are considered particular risks. Often, when the potential losses are reasonably bounded, a risk-transfer mechanism, such as insurance, can be used to handle the financial consequences. In summary, exposures are units that are exposed to possible losses. They can be people, businesses, properties, and nations that are at risk of experiencing losses. The term “exposures” is used to include all units subject to some potential loss. Another possible categorization of exposures is as follows: Risks of nature Risks related to human nature (theft, burglary, embezzlement, fraud) Man-made risks Risks associated with data and knowledge Risks associated with the legal system (liability)—it does not create the risks but it may shift them to your arena Risks related to large systems: governments, armies, large business organizations, political groups



Intellectual property Pure and speculative risks are not the only way one might dichotomize risks. Another breakdown is between catastrophic risks, such as flood and hurricanes, as opposed to accidental losses such as those caused by accidents such as fires. Another differentiation is by systemic or non diversifiable risks, as opposed to idiosyncratic or diversifiable risks; this is explained below. F) Diversifiable and Non diversifiable Risks As noted above, another important dichotomy risk professionals use is between diversifiable and non diversifiable risk. Diversifiable risks are those that can have their adverse consequences mitigated simply by having a well-diversified portfolio of risk exposures. For example, having some factories located in non earthquake areas or hotels placed in numerous locations in the United States diversifies the risk. If one property is damaged, the others are not subject to the same geographical phenomenon causing the risks. A large number of relatively homogeneous independent exposure units pooled together in a portfolio can make the average, or per exposure, unit loss much more predictable, and since these exposure units are independent of each other, the per-unit consequences of the risk can then be significantly reduced, sometimes to the point of being ignorable. These will be further explored in a later chapter about the tools to mitigate risks. Diversification is the core of the modern portfolio theory in finance and in insurance. Risks, which are idiosyncratic (with particular characteristics that are not shared by all) in nature, are often viewed as being amenable to having their financial consequences reduced or eliminated by holding a well-diversified portfolio. Systemic risks that are shared by all, on the other hand, such as global warming, or movements of the entire economy such as that precipitated by the credit crisis of fall 2008, are considered non diversifiable. Every asset or exposure in the portfolio is affected. The negative effect does not go away by having more elements in the portfolio. This will be discussed in detail below and in later chapters. The field of risk management deals with both diversifiable and non diversifiable risks. As the events of September 2008 have shown, contrary to some interpretations of financial theory, the idiosyncratic risks of some banks could not always be diversified away. These risks have shown they have the ability to come back to bite (and poison) the entire enterprise and others associated with them. Table 1.3, “Examples of Risk Exposures by the Diversifiable and Non diversifiable Categories” provides examples of risk exposures by the categories of diversifiable and non diversifiable risk exposures. Many of them are self explanatory, but the most important distinction is whether the risk is unique or idiosyncratic to a firm or not. For example, the reputation of a firm is unique to the firm. Destroying one’s reputation is not Page | 16 KISHINCHAND CHELLARAM COLLEGE


a systemic risk in the economy or the market-place. On the other hand, market risk, such as devaluation of the dollar is systemic risk for all firms in the export or import businesses. In Table 1.3, “Examples of Risk Exposures by the Diversifiable and Non diversifiable Categories” we provide examples of risks by these categories. The examples are not complete and the student is invited to add as many examples as desired. Table 1.3. Examples of Risk Exposures by the Diversifiable and Non diversifiable Categories Diversifiable Risk—Idiosyncratic Risk

Non diversifiable Risks—Systemic Risk

• Reputational risk

• Market risk

• Brand risk

• Regulatory risk

• Credit risk (at the individual • Environmental risk enterprise level) • Product risk

• Political risk

• Legal risk

• Inflation and recession risk

• Physical damage risk (at the enterprise level) such as fire, flood, • Accounting risk weather damage • Liability risk (products liability, premise liability, employment • Longevity risk at the societal level practice liability) • Innovational obsolesce risk



• Mortality and morbidity risk at the societal and global level (pandemics, social security program exposure, nationalize health care systems, etc.)

• Operational risk • Strategic risk • Longevity risk at the individual level



Diversifiable Risk—Idiosyncratic Risk

Non diversifiable Risks—Systemic Risk

• Mortality and morbidity risk at the individual level

G) Enterprise Risks As discussed above, the opportunities in the risks and the fear of losses encompass the holistic risk or the enterprise risk of an entity. The following is an example of the enterprise risks of life insurers in a map in Figure 1.6, “Life Insurers’ Enterprise Risks” Since enterprise risk management is a key current concept today, the enterprise risk map of life insurers is offered here as an example. Operational risks include public relations risks, environmental risks, and several others not detailed in the map in Figure 1.4, “Risk Balls”. Because operational risks are so important, they usually include a long list of risks from employment risks to the operations of hardware and software for information systems. Figure 1.6. Life Insurers’ Enterprise Risks



Other Risks A) ASSET RISK Both life and general insurers hold investments to support their policy liabilities and capital and are subject to a range of asset risks. These risks include: • Concentration risk – arising from inadequate diversification (or excessive exposure to a particular asset or obligor); • Credit risk – the risk of default by obligors, counterparties or reinsurers; • Liquidity risk – the risk of insufficient liquidity to meet obligations when required; • Market risk – the risk of an adverse movement in the market value of assets not matched by an equal and offsetting reduction in the market value of liabilities; and • Realization risk – where asset values are dependent on the continuing operation of the business. These risks are common to other types of financial institution also. While each of these risks requires management, different sectors of the financial system need to focus on those risks that are most important for them. In banking, the most significant risk is the credit risk stemming from banks’ lending activities. The liquidity risk that flows from banks’ deposit-taking business is also important. In the insurance sector, the characteristic asset risk is market risk. This is because insurers can, and often do, choose to invest policyholders’ money in ways that do not match policy obligations. The extent of this mismatching behaviour differs across insurers. Some insurers do not mismatch at all, while others may mismatch on a large scale and in doing so introduce substantial market risk. The ‘resilience’ of an insurer in the face of market risk can be usefully examined with the help of a simple model .Of course, focusing only on those risks that are characteristic of a given industry is unwise. For this reason, the banking sector is now sharpening its focus on the risks involved in other areas such as trading. Similarly, as insurers become more involved in lending, and more exposed to counterparty risks in their use of derivatives for asset management, the insurance sector will need to improve its credit risk management practices.



B) Operational Risk Like any business, insurance companies face a number of other risks, mainly operational in nature (or else arising through the premium rating process which requires assumptions to be made about operational matters, such as the level of expenses or the rate of policy attrition). These risks include: • Mistakes in promotional material or poor sales practices; • Unsound product design; • Errors in premiums or unit prices; • Errors in effecting reinsurance; • High rates of policy attrition; • Unanticipated expense overruns; systems failure; • Ill-disciplined investment activity; and fraud. As with insurance and asset risks, both good management and capital are needed to cope with risks such as these.



POTENTIAL RISK TREATMENTS Once risks have been identified and assessed, all techniques to manage the risk fall into one or more of these four major categories • • • •

Avoidance (eliminate, withdraw from or not become involved) Reduction (optimize - mitigate) Sharing (transfer - outsource or insure) Retention (accept and budget)

Ideal use of these strategies may not be possible. Some of them may involve trade-offs that are not acceptable to the organization or person making the risk management decisions. Another source, from the US Department of Defense, Defense Acquisition University, calls these categories ACAT, for Avoid, Control, Accept, or Transfer. This use of the ACAT acronym is reminiscent of another ACAT (for Acquisition Category) used in US Defense industry procurements, in which Risk Management figures prominently in decision making and planning.

A) Risk avoidance This includes not performing an activity that could carry risk. An example would be not buying a property or business in order to not take on the legal liability that comes with it. Another would be not flying in order not to take the risk that the airplane were to be hijacked. Avoidance may seem the answer to all risks, but avoiding risks also means losing out on the potential gain that accepting (retaining) the risk may have allowed. Not entering a business to avoid the risk of loss also avoids the possibility of earning profits. Hazard Prevention - Hazard prevention refers to the prevention of risks in an emergency. The first and most effective stage of hazard prevention is the elimination of hazards. If this takes too long, is too costly, or is otherwise impractical, the second stage is mitigation. B) Risk reduction Risk reduction or "optimization" involves reducing the severity of the loss or the likelihood of the loss from occurring. For example, sprinklers are designed to put out a fire to reduce the risk of loss by fire. This method may cause a greater loss by water damage and therefore may not be suitable. Halon fire suppression systems may mitigate that risk, but the cost may be prohibitive as a strategy. Page | 21 KISHINCHAND CHELLARAM COLLEGE


Acknowledging that risks can be positive or negative, optimizing risks means finding a balance between negative risk and the benefit of the operation or activity; and between risk reduction and effort applied. By an offshore drilling contractor effectively applying HSE Management in its organisation, it can optimise risk to achieve levels of residual risk that are tolerable. Modern software development methodologies reduce risk by developing and delivering software incrementally. Early methodologies suffered from the fact that they only delivered software in the final phase of development; any problems encountered in earlier phases meant costly rework and often jeopardized the whole project. By developing in iterations, software projects can limit effort wasted to a single iteration. Outsourcing could be an example of risk reduction if the outsourcer can demonstrate higher capability at managing or reducing risks.[11] For example, a company may outsource only its software development, the manufacturing of hard goods, or customer support needs to another company, while handling the business management itself. This way, the company can concentrate more on business development without having to worry as much about the manufacturing process, managing the development team, or finding a physical location for a call center.

C) Risk sharing Briefly defined as "sharing with another party the burden of loss or the benefit of gain, from a risk, and the measures to reduce a risk." The term of 'risk transfer' is often used in place of risk sharing in the mistaken belief that you can transfer a risk to a third party through insurance or outsourcing. In practice if the insurance company or contractor go bankrupt or end up in court, the original risk is likely to still revert to the first party. As such in the terminology of practitioners and scholars alike, the purchase of an insurance contract is often described as a "transfer of risk." However, technically speaking, the buyer of the contract generally retains legal responsibility for the losses "transferred", meaning that insurance may be described more accurately as a post-event compensatory mechanism. For example, a personal injuries insurance policy does not transfer the risk of a car accident to the insurance company. The risk still lies with the policy holder namely the person who has been in the accident. The insurance policy simply provides that if an accident (the event) occurs involving the policy holder then some compensation may be payable to the policy holder that is commensurate to the suffering/damage. Some ways of managing risk fall into multiple categories. Risk retention pools are technically retaining the risk for the group, but spreading it over the whole group Page | 22 KISHINCHAND CHELLARAM COLLEGE


involves transfer among individual members of the group. This is different from traditional insurance, in that no premium is exchanged between members of the group up front, but instead losses are assessed to all members of the group. D) Risk retention Involves accepting the loss, or benefit of gain, from a risk when it occurs. True self insurance falls in this category. Risk retention is a viable strategy for small risks where the cost of insuring against the risk would be greater over time than the total losses sustained. All risks that are not avoided or transferred are retained by default. This includes risks that are so large or catastrophic that they either cannot be insured against or the premiums would be infeasible. War is an example since most property and risks are not insured against war, so the loss attributed by war is retained by the insured. Also any amounts of potential loss (risk) over the amount insured is retained risk. This may also be acceptable if the chance of a very large loss is small or if the cost to insure for greater coverage amounts is so great it would hinder the goals of the organization too much.




In the 1990s, new areas of risk management began to emerge that provide managers with more options to protect their companies against new kinds of exposures. According to the Risk and Insurance Management Society (RIMS), the main trade organization for the risk management profession, among the emerging areas for risk management were operations management, environmental risks, and ethics. As forecast by RIMS, risk managers of corporations started focusing more on verifying their companies' compliance with federal environmental regulations in the 1990s. According to Risk Management, risk managers began to assess environmental risk such as those arising from pollution, waste management, and environmental liability to help make their companies more profitable and competitive. Furthermore, tighter environmental regulations also goaded businesses to have risk managers check their compliance with environmental policies to prevent possible penalties for noncompliance. Companies also have the option of obtaining new kinds of insurance policies to control risks, which managers and risk managers can take into consideration when determining the best methods for covering potential risks. These nontraditional insurance policies provide coverage of financial risks associated with corporate profits and currency fluctuation. Hence, these policies in effect guarantee a minimum level of profits, even when a company experiences unforeseen losses from circumstances it cannot control (e.g., natural disasters or economic downturns). Moreover, these nontraditional policies ensure profits for companies doing business in international markets, and hence they help prevent losses from fluctuations in a currency's value. Risk managers can also help alleviate losses resulting from mergers. Stemming from the wave of mergers in the 1990s, risk managers became a more integral part of company merger and acquisition teams. Both parties in these transactions rely on risk management services to determine and control or prevent risks. On the buying side, risk managers examine a selling company's expenditures, loss history, insurance policies, and other areas that indicate a company's potential risks. Risk managers also suggest methods for preventing or controlling the risks they find. Finally, risk managers have been called upon to help businesses manage the risks associated with increased reliance on the Internet. The importance of online business activities in maintaining relationships with customers and suppliers, communicating with employees, and advertising products and services has offered companies many advantages, but also exposed them to new security risks and liability issues. Business Page | 24 KISHINCHAND CHELLARAM COLLEGE


managers need to be aware of the various risks involved in electronic communication and commerce and include Internet security among their risk management activities. What Are the Benefits of Risk Management to the Insurance Company? Insurance companies are in the business of managing risk. Insurance companies live and die by prudent risk management. The purpose of an insurance company is to determine the probabilities of risk and to design a premium structure ensuring that the company has a high chance of profiting in the future. The higher the risk, the larger the premium, and vice versa. In addition, insurance companies need to differentiate risks posed by different individuals, companies, asset classes, and other tasks. The more precise the risk model, the better an insurance company can serve its customers and derive profit. A) Fair Premium With solid risk management procedures, an insurance company can determine how high of a premium to certain customers charge during a particular period. For example, if the insurance company knows the probability that a male of a certain age who smokes has a certain likelihood of contracting a lethal cancer, that company knows it should charge a higher premium to the insured person. The charge reflects the risk of insurance. This protects the insurance company from insolvency, and increases the chances that healthier insurance customers can afford the premiums. B) Long Term Solvency The nature of the insurance business is such that small errors in a risk management model can lead to long-term insolvency. An insurance company builds its reputation on a long record of paying just claims. Insurance companies write contracts and uphold them. Miscalculations in risk management models can lead to severe losses at an insurance company over an extended period. It's important for companies to use accurate data to determine their models and assure they stay in business over the long run. C) Lower Costs When an insurance company has a more competitive risk management methodology relative to its competitors, it can afford to lower the costs of coverage. This increases the insurance pool, improving the level of capitalization for the firm. In general, the more people signed up for an insurance program, the lower the premiums. The virtuous cycle in the insurance business occurs when a risk management system is accurate, because the insurance company is likely to make a profit on the vast majority of customers. Page | 25 KISHINCHAND CHELLARAM COLLEGE


Enterprise Risk Management for Insurance Companies Risk in Non-life Insurance Underwriting Introduction This chapter addresses the risks inherent in non-life underwriting from the perspective of the Risk Officer. It covers risk issues such as mitigating unintended concentrations, evaluating correlations between risks, ensuring an adequate underwriting infrastructure to measure and manage exposures, and ensuring adequate data for quantifying risk accumulations and measuring diversification. The underwriting process itself is not addressed as that subject is amply covered in underwriting texts.

Risks in Underwriting Individual accounts A non-life insurance company is in the business of assuming risk from individuals and businesses. Underwriting is the discipline of understanding and evaluating which risks to intentionally assume. Minimizing unintended underwriting risk and the risk to the enterprise from unintended risk accumulations is generally a responsibility shared between Underwriting and Risk Management (“RM”); both disciplines are critical.

The underwriting function needs to ensure that a robust infrastructure is in place so when individual accounts are underwritten the underwriter has: adequate information on the risk, such that the exposures can be reasonably known and understood, the skills and experience required to analyze the risk, and the ability and incentive to design coverage and price the account properly. Underwriting authority needs to be granted based on skills and experience and not on managerial hierarchical level. Referral authorities need to be in place, as well as effective auditing to ensure compliance with delegated authorities, in order to minimize opportunities for “rogue” activities. The underwriting infrastructure also needs to provide training and oversight such that applicable laws, statutes, regulations, filings and so forth are rigorously followed. Adherence to filed rates, forms and similar measures is intended to reduce the opportunity for money laundering, terrorism funding, and so forth, and to ensure that customers are treated fairly.



An underwriting infrastructure also needs to be in place to allow for the meaningful capture of data on the risks underwritten. This is necessary to monitor concentrations, meet any regulatory reporting requirements and have the ability to manage the underwriting of individual accounts to remain within agreed limits on aggregate concentrations.

Concentration Risk from Insurance Activities The insurance and reinsurance mechanisms work most effectively when dealing with risks that are not correlated with one another. By this we mean that the likelihood of a claim occurring is not impacted by the fact that another claim has occurred. In cases where risks are correlated with one another, the (re)insurer must be cognizant of potential concentration risk. Concentration risk arises in multiple forms and is the area where RM generally has the greatest involvement. Concentration risk arises from systemic risks, stacking risk, and clash risks. A particular form of systemic risk comes from natural and man-made catastrophic exposure. Systemic risk is the accumulation of losses triggered by a single event or cause, affecting one or more industry segments rather than a single risk. Asbestos is the classic example of a systemic risk affecting multiple industries and policyholders, lines of business and policy years. RM and Underwriting need to ensure processes are in place to identify similar potential risks and to monitor and effectively control accumulations. A current risk with potential systemic impact is nanotechnology. Underwriting and RM need to determine the economic risks, which lines of business might be exposed to loss (i.e., products liability, workers compensation), the likely effectiveness of coverage restrictions in policy wordings, the probability of different economic risk outcomes and the aggregate limit to expose the enterprise. Stacking is another aspect of concentration risk. Stacking refers to the accumulation of net (after reinsurance) retentions within the same line of business on the same insured. Here the risk arises, for example, from multiple business units providing coverage for the same policyholder plus participation in a reinsurance program from a policyholder’s reinsurance captive. Procedures such as a name and location clearance system are typical ways to prevent such an unintended accumulation.



Clash is a similar concentration risk that occurs when one or more business units insure more than one line of business for the same policyholder which could be affected by the same claim or incident. This could lead to a higher than intended aggregate loss. Reasonable foresee ability and a large dose of common sense, together with an effective name clearance system and an agreed exposure limit are the keys for Underwriting and RM in managing these exposures. Exposure to systemic risk arises from both natural and man-made catastrophic events. Monitoring and managing risk accumulations requires detailed data (see below), models and an underwriting infrastructure that spans all lines of business and all business units that write policies in potentially exposed locations. Critical from a RM perspective is the ability to monitor accumulations across lines of business and locations and to intervene when aggregate limit boundaries are breached. Mitigation actions might include simply abstaining from additional underwriting commitments (or no renewing existing commitments upon expiry) or purchasing additional treaty or facultative reinsurance for peak exposures. The critical element is having the infrastructure to identify unintended accumulations across multiple business units and all lines of business. The concentration risk of natural catastrophes arises primarily from exposure to earthquakes, floods and windstorms. Property damage and business interruption accumulations are typically modeled by using sophisticated commercial modeling tools (RMS, AIR, EQECAT, etc.). Systemic risk also includes additional lines of business, such as workers compensation, employer’s liability, accident and health, group life, marine, and automobile physical damage. These exposures may not be coded to location in the same detail as property policies, nor be subject to the same modeling capability. As such, RM needs to be comfortable that processes are in place and effective to identify peak property exposures through name and location clearance systems in order to allow for identification of significant exposures to non-property lines of business at the same location. Man-made catastrophic events can similarly impact all lines of business. This category includes events ranging from terrorism, primarily, to a train accident involving toxic chemicals. Terrorism exposures are generally divided into two categories: conventional attacks (conventional bomb, aircraft used as a missile) and nonconventional (nuclear, chemical, biological, radiological “NCBR” e.g. a “dirty bomb”). Property and business interruption policies may or may not include coverage for a terrorist act or coverage for NCBR. Policies covering worker compensation or employers liability, by their nature, may provide coverage for all such events. From a RM perspective, it’s important that data be captured identifying policies with NCBR coverage. It is also vital that the same infrastructure and modeling capability for



monitoring and managing accumulations noted for natural catastrophes be in place for man-made catastrophic exposures.

Stress Scenarios Stress scenarios are especially necessary for determining aggregate limit boundaries for natural and man-made catastrophic events and guiding decisions on purchasing reinsurance protections. For example, in addition to considering the results generated from the modeling tools, the ERM framework for Lloyd’s includes consideration of specific Realistic Disaster Scenarios as a test of exposures under extraordinary circumstances. Further, RM is uniquely positioned in many insurance organizations to consider the interaction of risks from different organizational silos in stress scenarios. Very low probability events, like a 1 in 250 year windstorm or earthquake, a significant terrorism incident, or a pandemic will require RM to have considered not just the underwriting risk but to have incorporated the potential impact on the investment portfolio, liquidity, reinsurance recoverable, and business continuity both from a holding company and individual subsidiary legal entities level. Mitigation actions may then involve internal or commercial reinsurance, standby credit, and/or similar arrangements to balance the potential exposures and financial stress the organization faces.

Concentration Risk from Credit-Related Exposures Another aspect of concentration risk arises from multiple financial-related exposures to an individual policyholder. A significant event, such as a fraud or severe downturn in profitability, might lead to losses from a D&O policy, surety and fiduciary coverage’s, and/or financial guarantees, plus losses on any debt or equity investments, securities lending, reinsurance recoverable from a captive, and exposure as a counterparty to a derivative transaction. In addition, third-party liability and/or retrospectively rated insurance programs may generate exposure due to large deductibles, retrospective premium adjustments or other credit risk. From a RM perspective, tools to monitor and evaluate peak exposures bridging insurance commitments and financial holdings need to be in place, as well as assurance that assessments of the creditworthiness of the policyholder are effective and guiding collateral negotiations. Correlations between the various insurance and financial exposures under stress scenarios need to be determined with limits set reflecting both underwriting and credit rating considerations. Page | 29 KISHINCHAND CHELLARAM COLLEGE


Data Capture Accurate, thorough, relevant, detailed data capture is key to measuring, modeling and managing the risks of unintended exposure accumulations. RM needs to ensure that adequate auditing is in place to allow reliance on the data collected. Similarly, RM needs to be comfortable that underwriting has the processes in place to monitor and manage individual account underwriting across multiple business units, policyholders and lines of business to stay within agreed risk limits. Name clearance systems, allowing each underwriter participating on a policyholder’s program to see all the commitments to that policyholder, are an effective tool in this regard, as are systems to monitor accumulations by class and line of business. Detailed data capture is especially critical for monitoring property accumulations for catastrophic exposure to both natural and man-made events. Granular data including the policyholder’s type of business, number of employees, construction type and age, values insured, business interruption coverage and limits, and so forth, for each precise location (street address, latitude and longitude) are critical. Experience from many insurers examining losses from Katrina has shown that modeled catastrophic exposures were understated. One reason for this was incomplete data capture of insured locations. Risk needs to be comfortable that data capture is complete and audited as necessary for the modeled accumulations to be meaningful. RM must also be forward thinking about data capture. It is not sufficient to think about capturing data for risks that are current and obvious, but to also think about where the emerging risks are arising and what data is necessary to assess these risks.

Reinsurance Risk Reinsurance is a widely used and valuable tool for mitigating peak risks on both individual accounts and portfolios. Inherent in reinsurance are several risks of concern to the Risk Officer. First and foremost RM must be attentive that the reinsurance purchased is actually providing the appropriate coverage to mitigate the peak risks. In this regard, there needs to be strong communication between underwriting and the reinsurance buying function to ensure that underwriters are aware of the provisions of the reinsurance treaties being purchased. In particular, awareness of exclusions or special acceptance criteria is vital. On the facultative side, underwriters or facultative buyers must be Page | 30 KISHINCHAND CHELLARAM COLLEGE


trained to have coverage afforded by the facultative reinsurance be concurrent with the terms of the underlying policy.

The insurance enterprise is exposed to various risks when purchasing reinsurance. These include: Credit Risk, Regulatory Risk, Operational Risk (including NonConcurrency (mentioned above) Lack of Contract Certainty, and Accounting/Tax Risk) and potentially Reputational Risk. Credit risk has numerous aspects which must be managed. The starting point is the assessment of the credit worthiness of the reinsurer. This process generally leads to an “approved list” of acceptable reinsurers and a limit on the aggregate credit exposure to an individual reinsurer which is linked to its credit rating. Reinsurance may be purchased locally on a facultative basis by underwriters for individual accounts with peak exposures and also in multiple business offices on a portfolio, or treaty, basis. RM needs to ensure that adequate controls are in place so accumulations by reinsurer are monitored with actions taken to mitigate peak exposures. Accounting risk arises as accounting for reinsurance transactions can be complex. Reinsurance transactions need to have risk transfer characteristics in totality support insurance/reinsurance accounting (to be included in financial results as reinsurance) and these characteristics need to be appropriately analyzed and documented. In particular, the accounting must consider all aspects of the agreement, including any written or verbal side agreements Also of concern is ensuring that reinsurance transactions are not structured to obfuscate the true financial results of the company. Overly complex transactions and certain “circular” transactions can lead to accounting difficulties. For example, policyholders may have captive insurers or reinsurers involved in their risk management program. Sometimes the structure of these transaction becomes extremely complicated with the captive being the insurer, a reinsurer and/or a retrocessionaire. With many moving parts, it becomes difficult to assess the true nature of the transactions and to record all of the necessary accounting entries in an accurate and timely manner. This operational risk is one on which the Risk Officer’s organization must focus, ensuring that appropriate controls are in place to mitigate the risk. For both commercial reinsurance and captive arrangements, training and oversight need to be emphasized and sufficiently robust to ensure that there is a significant degree of risk transfer (underwriting and timing risk), any fees are reasonable, no side agreements, verbal or written, the financial records of both parties reflect the transaction the same way, and similar measures. The Risk Officer needs to be comfortable that Page | 31 KISHINCHAND CHELLARAM COLLEGE


procedures are in place so all such arrangements receive appropriate oversight and monitoring.

Facultative reinsurance purchased locally to protect individual policies and treaty reinsurance has significant measures of operational risk. These include delays in agreeing policy wording and a resulting lack of contract certainty, non-concurrent terms and a simple failure to execute as intended. The Risk Officer needs to ensure that the operational risk measures developed enterprise-wide extend to the placement of reinsurance.

Alternative Risk Transfer Large natural catastrophe losses in 2004 and 2005 and enhancements to catastrophe accumulation models have increased the demand for reinsurance and retrocessional protections. In turn, this demand has led to increased utilization of alternative risk transfer mechanisms to supplement the traditional reinsurance markets. In particular catastrophe bonds, industry loss warranty protections, hedge funds and so-called “sidecars” have grown in popularity. These facilities provide much needed fully collateralized capacity to insurers and reinsurers but may include basis risk which must be included in risk capital determinations. Catastrophe bonds typically involve a special purpose vehicle which provides protection to the insurer/reinsurer. This is done through traditional, indemnity reinsurance coverage based on the insurer’s ultimate net loss, or, more typically, a recovery is determined based on a derivative (or parametric) measure of the loss. For example, one based on the industry loss or the modeled loss from an event. The SPV, in turn, develops its capitalization through the issuance of bonds to investors. In the event the reinsurance is triggered, the bondholder will not receive all or any of their principle at maturity. The parametric coverage approach, while more attractive to the investor in the catastrophe bonds as the investor doesn’t have to underwrite the individual company, includes basis risk the Risk Officer needs to evaluate. That is, it is possible that the buyer could have a loss to which the coverage does not respond. Industry loss warranty protections are structured similarly but the protection triggers are typically based on relatively narrowly defined risks and regions and a resulting aggregate industry loss. Industry loss warranties are attractive to investors for simplicity but include considerable basis risk for the insurer which needs to be evaluated.



Another alternative source of reinsurance capacity is reinsurance provided by thinly capitalized reinsurers backed by hedge funds. These reinsurers provide reinsurance on a fully collateralized basis, meaning that the full limit of the reinsurance is collateralized at the inception of the contract. Risks with these vehicles include operational risks, risks pertaining to the collateral and failure to satisfy statutory requirements. The RM should also be aware that these vehicles typically do not include the reinstatement coverage available in traditional reinsurance. Finally, so-called “side cars” are special purpose reinsurance vehicles similar to those vehicles that facilitate Catastrophe Bonds. These vehicles are funded by both debt and equity and typically provide quota share reinsurance to the sponsor (re)insurer. The SPV has limited capital resources and this limitation acts to cap the quota share coverage provided by the facility. This structure has the potential of “tail risk”, which is the risk that the sidecar cannot meet its reinsurance obligations to the cedant in an extreme event. RM should consider and be aware that many alternative sources of reinsurance are transacted with capital that may be more opportunistic than traditional reinsurance. This capital may disappear if terms and conditions are not ideal.

Post –Event Large Loss Reviews Insight into the effectiveness of the myriad individual account underwriting processes, concentration monitoring and management, data collection and operational risk can be gained through a systematic review of large losses in a collaborative effort between underwriting and RM. Incidents that lead to insured losses happen. That’s why people and companies buy insurance. But insight into adherence to relevant guidelines when the risk was underwritten and the impact the risk has had on the various concentration management measures can provide Underwriting and RM with valuable information.

Emerging Risks Emerging risks are exposures which may develop or already exist. They are difficult to quantify, may have a high loss potential and are marked by a high degree of uncertainty. Risks involving emerging technologies or environmental changes require identification, assessment, monitoring and mitigation. Examples of such emerging risks would include nanotechnology, pandemics, genetically modified foods, changes in weather patterns, and so forth. RM needs to ensure that Underwriting identifies coverage triggers, lines of business potentially exposed, limits, accumulation potential Page | 33 KISHINCHAND CHELLARAM COLLEGE


across lines of business and policy years, reinsurance applicability and monitors developments broadly in the insurance, healthcare and legal arenas. Mitigation actions need to be agreed with Underwriting regarding coverage, limit and volume restrictions, reinsurance protection and monitoring of potential accumulations. RM is a key driver in determining the importance of identifying emerging risks, designing actions to contain unintended accumulations and monitoring that risk measures are effectively in place. Correlated Risk Assessing the degree of correlation between lines of business and for each line to other risk types is a critical requirement. It is necessary to determine risk capital and optimize the mix by line, limits exposed and volume in order to minimize required capital through diversification. Relevant experience may well be very limited for analyzing correlations, especially at the critical stress levels most important to risk capital determinations. Hence, RM generally needs to work closely with Underwriting to judgmentally assess and agree the degree of correlation.

As an example, property and business interruption coverage’s may generally be seen as having a very low correlation with casualty coverage’s. An incident causing a loss may not typically affect both coverage’s, exposure to inflation in loss costs in future years is far less in property, reinsurance costs tend to have different trends, and so forth. The actual situation is more subtle, however, for the more extreme scenarios. A large factory explosion may lead to losses to policies that protect workers and to liability if neighboring buildings are damaged. Potential for a D&O exposure also exists if the explosion was found to be the result of management negligence. Similarly, one would expect a higher degree of correlation between D&O exposure, surety, financial guarantees and the investment portfolio under stress scenarios. Operational risk might be seen as more strongly correlated with property exposures due to the complications with monitoring aggregate catastrophe accumulations and placing facultative reinsurance than casualty exposures. RM and Underwriting need to ensure that adequate consideration is given to stress scenarios intended to mirror the probabilities and correlations underlying the risk capital calculations, especially as respects individual subsidiary legal entities.



Risks in the Underwriting “Cycle” Price levels in non-life insurance tend to move in multi-year cycles as the result of varying levels of industry capital, economic outlook, competition and similar considerations (see diagram below). Theoretically, an actuarially correct price for each account can be consistently determined based on desired ROE and anticipated loss trends. Actual prices, terms and conditions will deviate from the actuarial price based on marketplace conditions. Increased risk results from a failure to systematically measure deviations from the actuarial price and to fully recognize such deviations in current financial results, particularly during times when marketplace pricing is less than the actuarial price. RM needs special attention that actual pricing, terms and conditions are monitored and that loss reserves and current financial results reflect deviations from actuarial pricing. Risk capital is required for uncertainty in this measurement due to the increased risk of understated loss reserves and added volatility as a consequence.

Actuarial price price Actual price





Key risks faced by insurance sector globally - 18 March 2010 (Speech by Ken Hogg, Director, Insurance Sector, FSA Insurance Sector Conference ) Last week we published our Financial Risk Outlook (FRO), outlining the main risks and issues present in our operating environment, affecting firms, markets and consumers. It includes chapters on the key prudential and conduct risks facing the financial sector, as well as macro-prudential analysis. Alongside this we also published Sector Digests, giving extra focus to the risks specific to each financial sector. These reports are important as they outline the key risks facing the FSA in our regulation of firms. Want I want to do this morning is highlight some of the key insurance risks from these reports, and outline what steps you can take to mitigate the risks. I’ve got half an hour to fill and, given the diversity between the risks facing the different parts of the insurance sector, I’m afraid to say I’m going to need it. But please be aware that what you hear today is only the edited highlights – to fully understand our focus and priorities this year, and the context in which we’ll be making decisions and taking action in the insurance space, there’s no substitute for adding the FRO and the Insurance Sector Digest to your reading list. Capital and solvency The first risks I want to highlight today relate to capital and solvency. Because although the economic environment is more benign than this time last year, there are still many short and longer-term prudential risks facing firms in this sector. While our central scenario is one of steady recovery, there is still uncertainty around the shape and pace of that recovery. I joined the FSA in July, and since then the FTSE has risen by about 34% and bond spreads are making their way back to pre-crisis levels. This has eased the immediate pressure, but we’re not necessarily out of the woods yet. As we travelled down the curve, the macroeconomic changes affected insurers in different ways. The most marked difference being between the impact on the life sector, where capital levels came under pressure and the non-life sector, where reserve releases continued to support results, cushioning the impact of investment and underwriting losses.



But this is only half of the story. And even though we are now recovering, this economic crisis has left behind a hangover for both parts of the sector, which will affect capital and solvency positions for some time to come. As Jon Pain highlighted in his earlier speech, when combined with the regulatory developments coming this way in the next few years, without a change in firms’ strategies and plans, many UK businesses will find it difficult to ever return to the levels of income and profitability enjoyed before the crisis. I will return to this longer term picture later. Life insurers In the life sector, the greatest challenges have been for those most exposed to falls in asset values, widening bond spreads and low interest rates. In other words – annuity providers and with-profits firms. Although some of these pressures have now eased, in the event of a further economic decline, some of these firms may find it difficult to take actions to further conserve or raise additional capital. So a key priority is to pay careful attention to capital management and planning, with a particular focus on the risk of a further downturn in the economy. And what might that look like? Firstly, it’s about monitoring your solvency position. Conditions can change very quickly and being slow to realise what’s happening and slow to respond could make a big difference to both the capital conserving options available and the opportunity cost – to shareholders and policyholders – of taking those actions. As Jon mentioned earlier, regular and on-going stress testing is an important part of planning ahead. Secondly, you need to exercise care in the valuation of assets and liabilities, and ensure they are appropriately matched by duration. Annuity providers in particular remain exposed to renewed widening of bond spreads. Under Solvency II, a key issue is the extent to which annuity writers are able to reflect the illiquid nature of their liabilities in their valuation. The recent industry/CEIOPS joint task-force report on this thorny question suggests it should be possible to find prudentially sound approaches to incorporating an allowance for illiquidity into the Solvency II framework. The report is a positive step and gives the European Commission a good basis on which to put forward proposals that will ensure future retirees receive a fair deal. And while not related to economic conditions, it is also important that annuity providers continue to keep pace with changes in life expectancy. Although most have already Page | 37 KISHINCHAND CHELLARAM COLLEGE


strengthened assumptions in this area, we expect that you will need to continue to do so. Thirdly, guarantees and options must be appropriately valued and your stress and scenario testing needs to show to what extent they remain affordable as economic conditions change. And finally, in raising additional capital, insurers considering innovative ways of leveraging capital need to ensure that there is genuine risk transfer and that Mergers and Acquisitions (M&A) transactions financed through debt don’t diminish the overall quality of capital. We’ve already seen examples in some insurers and intermediaries of how leveraged transactions have put pressure on cash flows, particularly in stressed conditions, and we do not want to see this replayed across the sector. So for the life sector as a whole, prudential challenges continue to loom large for 2010. Capital management and capital planning are key to restoring the sector’s strength and for preparation to withstand any further economic shocks. General insurers The impact of the financial crisis on the general insurance sector was less immediate and less significant, but the prolonged recession and the slow and uncertain recovery have increased the prudential risks in this sector. Firstly, the long-term structural changes to the economy arising from the financial crisis may fundamentally alter the characteristics of risks insured by the industry. Pressure on corporate clients to drive down costs and squeeze out margins could increase their risks, which could in turn lead to a pick-up in insurance claims across commercial lines, from business interruption to product and employers’ liability. Given that pricing decisions rely on backward-looking data, how are you going to take account of the changes to the trading environment in making future decisions on reserving, pricing and underwriting? Secondly, an economic downturn also tends to have an impact on people’s propensity to claim, with increases in the number, size and type of claims. This happens for a number of reasons: • • •

Increases in fraudulent claims by policyholders in financial difficulties; An increase in social crime leading to higher claims on property-related insurance; or Decisions by commercial customers to self-finance fewer insured events.



Firms should take care not to underplay this risk, they should ensure they are monitoring trends and building this into decisions on reserving. In this context then, the third risk I want to highlight is the re-emerging issue of reserving adequacy. Recent years have seen record reserve releases, but this is likely to be unsustainable in the claims environment I’ve just described coupled with lower investment returns and competitive pressures on price. A more limited scope for reserve releasing, combined with lower investment returns across the asset classes, will require firms to focus more on underwriting for profit. Any loss of pricing discipline in this kind of environment could quickly eat into capital, and firms need to be vigilant against the temptation to under price new business to remain competitive. And finally, further sizeable movements in exchange rates remain a risk to profitability and capital. Any firm with a significant currency mis-match either on its balance sheet or its P&L must continue to be prepared for the possibility of major shifts in either direction – especially given the uncertain macroeconomic conditions. So while the journey into recession was less risky for the General Insurance (GI) sector, some significant hangover effects remain. Solvency II But of course, as important as all these prudential risks are, the single biggest prudential challenge for all firms in the insurance sector is Solvency II. As Jon mentioned, Solvency II will radically alter the capital adequacy regime for the European insurance industry. The Individual Capital Adequacy Standards regime in the UK is a strong foundation on which to make the transition to Solvency II, but the new directive goes much further. The requirements for delivering and demonstrating the standards of risk management and governance will be challenging, and especially so for groups that operate in multiple countries. Solvency II will require greater disclosure and transparency, together with additional and more frequent reporting. Although there are some material technical issues that are not yet finalised, firms should not be waiting for these to be resolved. There are bigger risks associated with inadequate engagement than with managing through the uncertainty. That’s all I want to say on Solvency II for now, because after the coffee break there is a panel session on how far the UK has come in preparing for Solvency II and how much there is still left to do. This is a chance for us to discuss and debate what material challenges remain and what the FSA and you can do to ensure we manage this risk. Page | 39 KISHINCHAND CHELLARAM COLLEGE


Insurance intermediaries My final comments on risks to capital and solvency concern intermediaries operating in the insurance markets. There is a risk that some firms in this sector don’t have a realistic assessment of the amount of financial resources required to run their business and that as a result some firms are not meeting our threshold condition requirements. We published a Dear CEO letter about this risk last month and later today it will be the subject of a panel discussion. This is an ongoing issue in this sector, but one we are now more concerned about given the continuing challenges in the economic environment. Another source of risk in this sector, which is also exacerbated by market conditions, is the reliance of the broker business model on growth through acquisitions financed through debt. In the current environment increased risks abound: servicing debt or interest payments; the availability and cost of refinancing maturing debt; and goodwill write-downs, pose a real challenge to the future viability of this business model. Consumers The second set of risks I want to highlight today are to do with consumers. Across many parts of the life sector, the financial crisis and the following recession appear to have reduced consumer demand for insurance products. In the life sector, UK new business levels were down for the major groups in 2009 and cash outflows from the existing book continue to exceed new inflows. At the same time, the savings rate is up from -0.7% at the start of 2008 to 8.6% at the end of Q3 last year. So although people are saving more, there is not much evidence that savings are flowing into the insurance sector. In the non-life sector there is also evidence to show consumers are becoming more willing to drop incidental or non-compulsory insurance cover in order to save money. ABI data from research carried out in June 2009 suggested that 22% of consumers surveyed had stopped taking out home contents insurance and 17% had stopped taking out buildings insurance. And for intermediaries competing for commercial business, the drop in economic activity in areas like construction and shipping has left the same number of firms chasing less business. Page | 40 KISHINCHAND CHELLARAM COLLEGE


This is all bad news. Consumer behaviour is difficult to predict and it’s difficult to influence. When the economic environment does pick up, how are you going to attract them back and how are you going to get by in the meantime? Here’s my list of do’s and don’ts. One: Do review your strategies and plans for new business. Perhaps it was good fortune, but my years leading marketing and strategy were when consumer demand (and capital) was more bountiful. However, in the last couple of years in Chief Financial Officer (CFO) roles, I have worked closely with sales and marketing directors on getting the right new business mix and design in this new, challenging environment, so I appreciate how much of a challenge this is. Two: Do manage the temptation to adopt aggressive, high-growth strategies to compensate for business lost during the recession. Or at least where you diversify into new markets and new products, make sure you’ve sufficient understanding – at all levels in the business – of the risks inherent in these new activities. And where you grow by M&A, treat your new and existing customers fairly throughout the process, and in-line with what they were promised when they bought their policy. Ensure you keep a close eye on operational integrations to avoid adverse consequences for customer data and service. Three: Do focus on restoring consumer confidence by providing products that consumers want and reducing the risk of them buying products they don’t need. Your products must offer real benefits to customers and the risks and limitations must be made clear. They should be designed, targeted and marketed appropriately and in the panel session on our approach to conduct issues later today you’ll find out more about what the FSA intends to do to check that this is the case. Now on to the don’ts. And I’ve taken great care to ensure they’re only equal in length to my dos. One: Don’t be tempted to seek to bolster your margins by taking actions that could cause consumer detriment. Examples might include: unfairly rejecting legitimate claims; reducing claims payments; or applying unfair contract terms. This is the lose/lose/lose option. It’s an unsustainable way to run your business; you risk further damaging consumer confidence in your industry and you will attract unwanted attention from us. Two: Don’t take steps to conserve capital in a way that is unfair to policyholders. The risk of detriment to with-profits policyholders is a perennial issue, caused by a number of features inherent in the running of a with-profits fund. But this risk becomes more acute in recessionary or volatile market conditions – for example, if this exposes expensive guarantees that are not self-supporting. You have discretion to offset some of Page | 41 KISHINCHAND CHELLARAM COLLEGE


these costs by reducing bonuses, increasing charges to policies or increasing Market Value Reductions (MVRs), but if you have to take these actions you must do so in a way that strikes the right balance with treating policyholders fairly. This is crucial for a part of the sector that has, for many years, been perceived as not delivering fair outcomes for consumers. Three: As an insurance intermediary, don’t be tempted to take more risks with your assets and client money to counter the loss of investment income from your usual cash investments. The protection of client money and assets is a fundamental part of your obligations and it’s important that – at all times – you comply with the requirements set out in our Client Asset Sourcebook. I mentioned the lose/lose/lose outcome. But to finish this section on a positive note, I also have a win/win/win outcome – for consumers, industry and the regulator, plus broader public policy. This is one based on firms genuinely putting consumers at the heart of their business – so that customers’ needs are being met and firms grow profitably – while holding the right amount of capital based on a thorough understanding of their risks. That may be obvious, but I don’t think we say it often enough and it’s not delivered often enough. This leads me to the final comments I want to make today… 2012 and beyond The final risks I want to mention today are those associated with the level of change and uncertainty in the regulatory environment. Never is a discussion on risk complete without a section on regulatory risk, but these risks are particularly relevant today. On this occasion, last is most definitely not least. With a significant number of policy initiatives converging in 2012 – the Retail Distribution Review (RDR), pension reform under the guise of the government’s National Employment Savings Trust (NEST) and Solvency II – you could be forgiven for thinking the Mayan ‘end of an era’ predictions were made in relation to the UK life sector rather than the ending of an astrological cycle. And it doesn’t end there. As Jon outlined this morning, you’re also on the receiving end of intensive supervision, which means a number of changes, not least in terms of the kind of stress testing we expect of you. You can also look forward to taxation changes necessitated by Solvency II, a review of the Insurance Mediation Directive, and European Commission proposals on packaged retail investment products. Oh and there’s always the small matter of a potential change in government, which may bring Page | 42 KISHINCHAND CHELLARAM COLLEGE


with it a change in the UK’s regulatory approach. And whichever political party wins the day, a tougher taxation environment also appears inevitable. You don’t need me to tell you that the combination of all of these changes and all this uncertainty, together with the uncertainty in the macroeconomic outlook, make for extremely challenging times at the moment. But for the life sector in particular, they give rise to a significant question over the sustainability of certain business models. The agents of change are the 2012 trio of RDR, NEST and Solvency II. Both the RDR and NEST will change the deal between consumers and the industry. Potentially leading to changes in consumer behaviour and preferences, and changes in the kinds of products and markets attractive to firms. Solvency II invites a much closer relationship between the kind of business a firm does and how much capital it holds. And this will lead, in some cases, to certain types of business being more expensive to write than under the existing regime. Each of these initiatives has very good reasons for being and presents a wealth of opportunity as well as risk. But of course it is the risks that I am focused on today. In order to rise to these challenges and keep your business viable, you’ll need to undertake regular and challenging reassessments of your strategy and the adequacy of your resources to deliver that strategy. Ask yourself if your strategy remains fit for purpose among all this change. If not, re-evaluate. We’ll be doing some analysis of our own of what the world might look like for the life sector in 2012 and beyond. And if you’ve chosen to attend ‘The future of life insurance’ panel after lunch you will have the chance to share your views on the issue. Close So in summary, whether it’s capital, meeting the needs of consumers or keeping pace with the changing regulatory landscape, risks and challenges abound. As I said at the start, even though you’ve patiently listened to me for nearly half an hour, this was the edited highlights! I’d really encourage you to take the time to read our digest in full and think about the risks your business faces. After lunch there’ll be copies for everyone to take home. I look forward to maintaining a constructive and open dialogue with you as we work together to address these risks.



KEY TRENDS IN RISK MANAGEMENT The Risk and Insurance Management Society (RIMS), the primary trade group for risk managers, predicts that the key areas for risk management in the 21st century will be operations management, environmental risks, and ethics. RIMS also believes more small- and medium-size companies will focus on risk management and will hire risk managers or assign risk management tasks to treasurers or CFOs. As RIMS predicted, corporate risk managers began concentrating more on ensuring their companies' compliance with federal environmental regulations during the 1990s. According to Risk Management, risk managers started to assess environmental risks such as those associated with pollution, waste management, and environmental liability in order to help companies bolster profitability and competitiveness. In addition, stricter environmental regulations also prompted companies to have risk managers review their compliance with environmental policies to avoid any penalties for failing to comply. Furthermore, Risk Management indicated that there were five times as many natural disasters in the 1990s as the 1960s and that insurers paid 15 times what they paid in the 1960s. For instance, there were a record 600 catastrophes worldwide in 1996, which caused 12,000 deaths and $9 billion in losses from insurance. Some experts attribute the increase in natural disasters to global warming, which they believe will lead to more and fiercer crop damage, droughts, floods, and windstorms in the future. The trend towards mergers in the 1990s also affected risk management. More and more companies called on risk managers to assess the risks involved in these mergers and to join their merger and acquisition teams. Buyers and sellers both use risk managers to identify and control risks. Risk managers on the buying side, for instance, review a selling company's expenditures, insurance policies, loss experience, and other aspects that could result in losses. After that, they develop a plan for preventing or controlling the risks they identify.



A final trend in risk management has been the advent of nontraditional insurance policies, providing risk managers with a new tool for preventing and controlling risks. These insurance policies cover financial risks such as corporate profits and currency fluctuation. Consequently, such policies ensure a level of profit even if a company experiences unexpected losses from circumstances beyond its control, such as natural disasters or economic problems in other parts of the world. In addition, they guarantee profits for companies operating in international markets, preventing losses if a currency appreciates or depreciates. Article Risk management is our strength: Bajaj Allianz L.N. Revathy "We are concentrating on health insurance. We hope to achieve Rs 100 crore premium from the health segment this fiscal," says Mr Krishnamoorthy Rao. Coimbatore , Aug. 26 BAJAJ Allianz General Insurance Company says that risk management has been its greatest strength. The company, which has managed to book underwriting profits from first year of operation, attributes its success to initiation of adequate control measures and adoption of the right tools for managing the risks. Speaking to Business Line, Mr Krishnamoorthy Rao, Head (Underwriting), said the company introduced better claims control measures in every segment, be it motor, health or travel. "We are concentrating on health insurance. This is a growing market. About 8-10 per cent of our premium income is from health. We hope to achieve Rs 100 crore premium from the health segment this fiscal." The company has formed an in-house health assessment team comprising qualified medical professionals and paramedical staff. "We have until now been working with third party administrators (TPAs). For better controls, we formed this team, who can interact with the hospital and try and fix the unnecessary procedures, if any," Mr Krishnamoorthy said. He conceded that the premiums were high in the health segment because of low volumes and rising healthcare cost.



For motor, the company has gone to the extent of recruiting experienced service engineers for better claims control. "While the public sector general insurance companies leave it to the surveyors to assess the damage/loss, we have our own team of engineers. This has to a large extent helped in better claims control and in reducing the cost of servicing the policy," he said. The insured list includes fleet operators as well. "The problem with most fleet operators is more in third party claims than own damages. Further, the delay in settling the claims adds to the cost by way of interest. We try and clamp down on such expenses," he said. Conceding that both health and motor cover are high-risk segments, Mr Krishnamoorthy said the company restricted itself from greater exposure in Kerala market, where the third party claims were high. "You cannot avoid taking a risk, but better controls and management is essential. We are in the process of educating the people of Kerala," he said. "The cost of issuing a policy has fallen with the adoption of technology. It has also helped in bridging the time gap and has enabled the survey team upload the report directly into the system," he said in reply to a query. Yet another potential area for exposure is the travel segment, he said and added the company regularly rolled out products/package.



Where Will The Indian Insurance Market Be In 2020? Vision 2020 identified the following factors as the engines of economic growth in India: Rising education level, rates of technological innovation, cheaper and faster communication, availability of information, and globalization. It makes no mention of the financial sector. Economic growth does not take place in vacuum. There are two critical ingredients needed. First, there has to be a well-defined legal environment. Legal framework has big impact on the development of the financial sector. As a result, it also has a huge impact on economic growth (see La Porta et al., 1998). Second, there has to be a well functioning financial market (see Sinha, 2001). Vision 2020 document mentions “insurance” eight times in the 108 pages. On the other hand, it mentions banking only once! Given that services sector will become the largest in India, both insurance and banking will play a critical role along with the stock market. This document does, however, contain a paragraph about a particular area of insurance: health insurance. “Health insurance can play an invaluable role in improving the overall health care system. The insurable population in India has been assessed at 250 million and this number will increase rapidly in the coming two decades. This should be supplemented by innovative insurance products and programmes by panchayats with reinsurance backup by companies and government to extend coverage to much larger sections of the population.” (Planning Commission, 2003, page 55). At present, health insurance is not being discussed much. But, Indians spend close to 5% of their income out of pocket for health related issues. Thus, it is easy to see why this is an easy pick. So is the pension market. At present, private pension is its infancy in India. It will not remain so in the coming decades. Let us conduct the following thought experiment using Table 1 for getting an idea of where the Indian market might be in 2020. First, let us follow an extremely conservative projection: insurance demand goes exactly in line with income. In this case, we are assuming that in 2020, even in the face of rising income, the penetration of insurance (premium/GDP) stays exactly the same as in 2002. In that case, we will simply multiply the current premium volume figure four-fold. In Sigma 8/2003, such figures are available for 2002 for India. In such a case, the premium volume will be USD 67 billion. Of course, evidence from other countries show that rising income below certain threshold has a nonlinear impact on insurance demand (the so-called S curve of insurance demand). So, insurance penetration is not likely to stay at 3.2% for India (the figure for 2002) in 2020. If the penetration rises to 5% (more plausible if we believe in the S curve), then the premium volume will rise to USD 105 Page | 47 KISHINCHAND CHELLARAM COLLEGE


billion. If it rises to 6%, then the premium volume would rise to USD 121 billion. This thought experiment above does not even address the two future potential growth drivers: private pensions and health insurance. Given that Indians are already spending 5% of their income out of pocket for health care, this could easily add another USD 30 to 40 billion by 2020. This will raise the premium volume to USD 135 to USD 160 region by 2020.

The insurance business is at a critical stage in India. Over the next two decades we are likely to witness high growth in the insurance sector for three reasons. Financial deregulation always speeds up the development of the insurance sector. Growth in income also helps the insurance business to grow. In addition, increased longevity and aging population will also spur growth in health and pension segments.



Conclusion Insurance is a valuable risk-financing tool. Few organizations have the reserves or funds necessary to take on the risk themselves and pay the total costs following a loss. Purchasing insurance, however, is not risk management. A thorough and thoughtful risk management plan is the commitment to prevent harm. Risk management also addresses many risks that are not insurable, including brand integrity, potential loss of tax-exempt status for volunteer groups, public goodwill and continuing donor support.

An organization should have a risk management strategy because: • • • • • •

People are now more likely to sue. Taking the steps to reduce injuries could help in defending against a claim. Courts are often sympathetic to injured claimants and give them the benefit of the doubt. Organizations and individuals are held to very high standards of care. People are more aware of the level of service to expect, and the recourse they can take if they have been wronged. Organizations are being held liable for the actions of their employees/volunteers. Organizations are perceived as having a lot of assets and/or high insurance policy limits.




• • • • • • •

www.globalfinancialed.org/.../MFO_Risk%20Manage%20CN.pdf www.cholarisk.com/files/RiskManagementandInsurancePlanning.doc www.en.wikipedia.org/wiki/Risk_management www.en.wikipedia.org/wiki/Risk_management www.irmi.com/online/insurance-glossary/default.aspx www.bajajallianz.com www.apra.gov.au/RePEc/RePEcDocs/.../risk_insurance_sector.pdf


View more...


Copyright ©2017 KUPDF Inc.