[Skip to content]

Sign up for our daily newsletter
The Actuary The magazine of the Institute & Faculty of Actuaries
.

ERM: Fit for purpose

It’s almost 18 months since the financial markets crisis took hold and there has been plenty of subsequent debate and commentary on the need for tighter and more effective regulations. While most of this commentary has focused on the banking industry, there has been an inevitable impact on the insurance sector. On a wider front, the economic climate has brought the concept of risk management to the fore, with an expectation that organisations will accelerate their further development of risk frameworks.

The insurance industry is also preparing to deal with the implementation of Solvency II and this includes explicit reference to risk management in both financial and procedural terms. Many qualified and part-qualified actuaries already make key contributions to the management of financial risk and, going forward, there is likely to be an opportunity for actuaries to take on wider roles in this area. I decided to ask three representatives closely involved with risk management within corporate and London market environments for some of their perspectives.

In addition to regulatory and compliance aspects, what is your view of the true value of risk management to an organisation and by what sort of criteria can it be judged to be successful?
Neil Dunn (ND):
Effective risk management should seek to eliminate loss-making events that are ‘surprises’. It should also facilitate an appreciation of risk versus return, together with the appetite that the firm has for risk-taking, to enable actions and plans to be set accordingly. Shareholder value is another key consideration and the generation of higher profit off the back of the available capital will drive greater shareholder value and improve the firm’s reputation in the market.

Budhi Singh (BS): All organisations need the right controls in place, from financial management of market and credit risks through to operational areas such as disaster recovery management. In broader terms, this may extend to diligent management of potential risks posed through external outsourcing arrangements, for example. If it is done properly, the value to an organisation is in avoiding pitfalls in all aspects of the business. This can save money, reputation, resource and is the hallmark of a well-run business.

Justin Skinner (JS): A truly successful risk management framework could be regarded as one where the individuals within the organisation are not explicitly aware that they are managing risk because it is an implicit part of their job. It is important to provide tangible items that can easily be identified with risk since not everything is measurable numerically.

The background and training of actuaries suggest ideal credentials as financial risk managers but which attributes are essential to make the transition into the broader risk management roles such as chief risk officer (CR0)?
ND: In a large organisation, the risk management role requires significant interaction with a wide range of professionals. Good communication skills across organisational structures are therefore critical and actuarial jargon will not generally be recognised. Strong influencing skills ‘outside the reporting line’ and an ability to challenge views and procedures and not to take things at face value are also key attributes.
BS: Yes. Actuaries have the financial acumen but often lack the vision necessary to get business ‘buy in’ to a course of action. This is a combination of needing to see the big picture and the ability to deliver the message. While the chief actuary has responsibility across financial areas such as reserving, pricing and capital modelling, the CRO can be a voice to the board on all risk aspects, has access to other key committees and must work effectively with the wider business community. Potential conflicts of interest across roles cannot be ignored.

JS: There are two camps of thought. One is that actuaries understand numbers and therefore make good risk managers, the other is that non-actuaries understand the ‘softer’ and non-financial elements and are hence better equipped for the wider role. The truth is that organisations need a happy medium and individuals who can provide the all-round experience will fill such roles. Actuaries have a tendency to put too many numbers into risk reporting while risk managers tend not to put in enough, which can make it difficult to compare and validate whether risk is being effectively managed.

With the onset of Solvency II, do we expect a growing risk management function within organisations or just a re-engineering of existing processes and techniques in terms of how risk is managed?
ND: Risk management is an ongoing journey and Solvency II implementation will bring degrees of change in the procedural and reporting mechanisms, just as Basel II did within the banking sector. For many firms, a number of suitable processes will already be in place and they will be individual to the company concerned, but for others, a significant amount of change will be required. For all firms, there will undoubtedly be a need to invest additional resources in the firm’s risk management capability.

BS: Certainly there will be larger risk management functions with multidiscipline individuals with access to the board. From the perspective of a newer company, it is easier to implement robust processes and techniques from the outset and embed them across the organisation and to ensure data integrity and quality. From this starting point it may also be an easier task to adapt the procedures and techniques to some of the newer requirements that will emerge.

JS: It depends a lot on the company. Many sensible practices will already be in place, for example through capital modelling, pricing, reserving and assessing aggregate exposure via realistic disaster scenario techniques. The development will be all about ‘aggregation’ and ‘use’, for instance, bringing those practices together into one place rather than re-engineering the processes. The larger and more disparate the organisation, the more difficult this will be.

Where is the greatest potential for improvement and refinement within risk management for the insurance sector in the light of the many challenges ahead?
ND: There will be a continuing evolution of how risk appetite is defined and of the appreciation of the risk/return relationship, which will help to optimise decisionmaking. It is important to remember that risk management is not just about solvency, it is also about profitability and shareholder value. Therefore, a wider range of risk metrics focusing on these broader objectives of the firm is a likely development.

BS: Insurance risk – the pricing of commercial insurance contracts is still lacking in that price does not truly reflect the underlying risks. There needs to be more use of better quality data and much improved management information capabilities within companies. Again, this will be more achievable for newer companies than for larger organisations with multiple legacy systems.

JS: In the past, risk management has been driven more by compliance and the high-level ‘soft’ factors. Over the next five years, there will be much more quantitative measurement of risks in relation to overall risk appetite, driven down to business-unit level with an objective to provide useful measurement that facilitates decision-making. Boards will look for increased assistance from the CRO and, given the likely increased quantitative focus, actuaries may be well placed in this regard. _________________________________________________________

Chris Cannon is a partner in the ARC recruitment company

Neil Dunn is head of pensions & funds risk at Lloyds Banking Group
Budhi Singh is chief actuary and chief risk officer at Arch Insurance
Justin Skinner is head of capital modelling at QBE