Skip to main content
The Actuary: The magazine of the Institute and Faculty of Actuaries - return to the homepage Logo of The Actuary website
  • Search
  • Visit The Actuary Magazine on Facebook
  • Visit The Actuary Magazine on LinkedIn
  • Visit @TheActuaryMag on Twitter
Visit the website of the Institute and Faculty of Actuaries Logo of the Institute and Faculty of Actuaries

Main navigation

  • News
  • Features
    • General Features
    • Interviews
    • Students
    • Opinion
  • Topics
  • Knowledge
    • Business Skills
    • Careers
    • Events
    • Predictions by The Actuary
    • Whitepapers
    • Webinars
    • Podcasts
  • Jobs
  • IFoA
    • CEO Comment
    • IFoA News
    • People & Social News
    • President Comment
  • Archive
Quick links:
  • Home
  • The Actuary Issues
  • October 2013
10

Risk: Talking the same language

Open-access content Wednesday 2nd October 2013 — updated 11.14am, Tuesday 5th May 2020

Good enterprise risk management needs everyone in an organisation to have a consensus on the subject. This is about much more than producing a risk glossary. It’s about developing a framework that improves the overall management of the business and then linking this with the business model, says John Bielski


3 OCTOBER 2013 | JOHN BIELSKI 



Integrating risk into business decisions isn't easy. The first challenge is often to establish a common language, as there is no standard risk terminology and different stakeholders have different perspectives. Actuaries often focus upon a detailed categorisation of financial, insurance and other quantifiable risks. Decision-makers, however, also spend a lot of time considering strategic and emerging risks, and the organisation's risk appetite and strategy. So what is needed is a framework that captures and distinguishes between these different types of 'risk'. To be really effective, the risk framework needs to link to the way the business operates in practice. 


Risk profile

An organisation's risk profile can be defined as all the events that might result in losses now or in the future. Given the wide range of potential risks it helps to split these into three groups:

Risk October

Immediate risks are usually set out in a risk categorisation document with a two- or three-level hierarchy, corresponding to the risk capital model. For example, financial markets risk may be broken into equity, property and interest rate risks, each of which is then further broken down depending upon the materiality of the risk. This should also include risks that are not always easily quantifiable, such as operational or liquidity risks.


Strategic risks might include the impact of competitor activity, changes to regulation, or the wider economy. Emerging risks might include events such as a cure for cancer or technological developments, which then become strategic or immediate risks if they were to materialise. Due to their uncertainty and longer-term nature, strategic and emerging risks are often captured individually and crudely ranked rather than being quantified in a risk capital model. 



Risk appetite and strategy

Risk appetite is commonly used to define the acceptable amount of risk to key measures of success such as solvency, earnings and reputation. For example, solvency risk appetite is often defined in terms of a target credit rating or maintaining solvency under a certain level of stress.

Risk October

The term 'risk appetite' can also be used in the other ways such as setting out desired types of risks, rather than the amount of risk as above. Furthermore, risk appetite might be defined at lower levels of an organisation, for example, the number of system errors an IT department is comfortable with. Allowing risk appetite to be used in all these ways can lead to confusion and can be avoided through restricting the term to the core board-level statements. 

Replacing these other uses of 'risk appetite' with their own distinct terms provides useful clarity. This is particularly true for statements relating to the desired types of risks, which we will call 'risk strategy'. This is developed allowing for factors including perceived core risks, diversification, expertise and competition. It may take the form of a target risk profile or a number of statements on which risks the organisation wishes to increase, accept or reduce exposure to.

Risk October

Business model 

Just as risk management starts with understanding the organisation's risk profile, management of an organisation requires understanding of business opportunities. While 'upside risk' is a term found in risk management, 'opportunities' has wider connotations and is more commonly used. Business opportunities are often articulated within a SWOT (strengths, weaknesses, opportunities and threats) analysis.

Risk October

As with risk appetite, the term 'business model' can have as many interpretations but at a high level can be thought of as containing two key elements:

Risk October

Bringing it all together

An organisation's risk profile, risk strategy and risk appetite are central elements of a wider risk framework. The risk profile could be thought of as capturing input risks, risk appetite as capturing output risks, 

and the risk strategy as the process that converts one into the other. This approach can also be applied to the business model elements, 

to produce the following:

Risk October

This approach enables the business model and the risk framework to be developed and updated together. Indeed, developing a risk framework may help to articulate the business model more clearly. Each element of the business model relates to that of the risk framework: 

? Identified business opportunities and threats should be consistent with immediate, strategic and emerging risks

? The business strategy and risk strategy should be developed together to ensure that the mix of risks arising from the products sold are acceptable

? The risk appetite should be framed in terms of key business objectives

Of course, the flow is never purely left-to-right. An organisation can adjust its risk profile through reinsurance, hedging, adjusting product-mix or other techniques. It might also adjust its business strategy in order to meet its business objectives, or its risk strategy to ensure the overall level of risk remains within its risk appetite. 

Consider a general insurance company that spots an opportunity to branch out into home insurance, in line with the company's strategy to seek profitable new lines of business. Doing so would increase catastrophe risks (from windstorms) whereas the company's risk strategy is to reduce an already heavy exposure to catastrophe risk. In addition, the new line of business would increase the volatility of the company's earnings beyond its risk appetite. To tackle this, the company could investigate obtaining catastrophe reinsurance cover, which would reduce profitability but bring catastrophe risk into line with its risk strategy and earnings volatility within its risk appetite. 


Conclusion

Getting everyone in an organisation talking about risk in the same way is about much more than defining risks captured in a capital model. It needs a holistic approach encompassing the risk framework and the business model. Successful implementation needs energy and drive from the risk function and chief risk officer, combined with engagement and support from right across the business. 

It also takes time, as the development of a consistent risk framework and business model is likely to be an iterative process that will be refined over a number of business-planning cycles. However, the benefits will be simpler, clearer and improved decision-making, and a solid foundation for meeting future regulatory requirements. 

This article appeared in our October 2013 issue of The Actuary.
Click here to view this issue
Filed in:
10
Topics:
Risk & ERM

You might also like...

Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Latest Jobs

Senior Underwriting Risk Manager

London (Central)
£85K-£95K + Benefits
Reference
124386

Reserving Manager (Contract)

London (Central)
£1200 - £1400 per day
Reference
124385

Life Actuary - Contract - IFRS 17 Financial Impact

England, London / England, Bristol / North Yorkshire, England
£900 - £1150 per day
Reference
124384
See all jobs »
 
 

Today's top reads

 
 

Sign up to our newsletter

News, jobs and updates

Sign up

Subscribe to The Actuary

Receive the print edition straight to your door

Subscribe
Spread-iPad-slantB-june.png

Topics

  • Data Science
  • Investment
  • Risk & ERM
  • Pensions
  • Environment
  • Soft skills
  • General Insurance
  • Regulation Standards
  • Health care
  • Technology
  • Reinsurance
  • Global
  • Life insurance
​
FOLLOW US
The Actuary on LinkedIn
@TheActuaryMag on Twitter
Facebook: The Actuary Magazine
CONTACT US
The Actuary
Tel: (+44) 020 7880 6200
​

IFoA

About IFoA
Become an actuary
IFoA Events
About membership

Information

Privacy Policy
Terms & Conditions
Cookie Policy
Think Green

Get in touch

Contact us
Advertise with us
Subscribe to The Actuary Magazine
Contribute

The Actuary Jobs

Actuarial job search
Pensions jobs
General insurance jobs
Solvency II jobs

© 2022 The Actuary. The Actuary is published on behalf of the Institute and Faculty of Actuaries by Redactive Publishing Limited. All rights reserved. Reproduction of any part is not allowed without written permission.

Redactive Media Group Ltd, 71-75 Shelton Street, London WC2H 9JQ