Unlocking Value with Enterprise Risk Management presented by Jim Toole, FSA, CERA, MAAA Bob Daino, FCAS, MAAA August, 2009 Our Talk Today Why Enterprise Risk Management? The ERM Process A Risk Vocabulary Implementing ERM Roles for Professional Service Providers Conclusion Page 2
Why Enterprise Risk Management? What is ERM? Integrated approach to managing a company s risk portfolio Framework for managing uncertainty Integration between departments Responding to risk Leveraging a company s risk portfolio Appropriately pricing risk adjusted returns Managing risk to maximize value Turning risk into a competitive advantage Page 4
Why Now? The velocity of change Page 5
Factors Driving Need for ERM Business continuity and disaster preparedness Security and technology issues Regulatory compliance Rating agency demands Globalization and competition Page 13 Rethinking Risk Evolve from a cost center to a profit center Move from risk avoidance to risk management Transition from opacity to transparency Shift from silo to integration Understand risk portfolio and term structure Price for risk with the same rigor as assets Page 14
Benefits of ERM Framework Align risk appetite and corporate strategy Sustain profitability Reduce earnings volatility, operational surprises Link growth, risk and returns Recognize and act on opportunities Deploy resources effectively Align incentives Improve risk response Communication channels in place Page 15 The ERM Process
Definition of ERM ERM is the process by which organizations in all industries assess, control, exploit, finance, and monitor risks from all sources for the purpose of increasing the organization s short and long term value to its stakeholders. - Casualty Actuarial Society, 2003 Could be called... Enterprise Risk & Return Management Page 17 Defining Your Risk Appetite Type and amount of risk willing to take on Key parameters & criteria Risk tolerance tied to clear limits Governance and control The discussion itself is healthy Once defined, serves as a rudder Drives the development of assessment, monitoring, and control The Risk Dashboard Page 18
Sample Key Parameters Expected return on capital exceeds 10% of risk free rate Less than 10% chance of reduction in earnings more than $0.05 per share Chance of a ratings downgrade less than 1% Fail to meet bond covenants less than 1% Chance of bankruptcy less than 0.1% Page 19 Risk Control Processes Identify risks Monitoring/scanning process Evaluate / quantify risk Quantitative vs qualitative Operational choices Avoid or limit quantity Hedge or transfer risk (insurance) Exploit retained or seek to acquire risk New products need to be evaluated Product life cycle Page 20
Governance Board of Directors Senior Management Control Functions Audit Compliance Risk management Monitoring and MIS support Risk Dashboard Page 21 Communication Internal reporting Creating a culture of transparency Fairness in risk and capital allocations Regulatory disclosure Accounting standards Federal, state, SEC, NAIC, etc. External stakeholders Customers Bondholders Shareholders Page 22
Incentives Compensation practices have been at odds with risk management Comp structure aligned with taking the risks No reward for saying no For ERM to stick, must align compensation with stated risk tolerances Tie incentive compensation to future performance Incentivize risk adjusted performance Page 23 ERM Culture Must start at the top Walk the walk Staff strong Internal control environment Governance structure implemented Audit/compliance relationships Adherence to board policies and procedures Consistent, strong internal communication Learn from your mistakes Better yet, learn from someone else s! Page 24
A Risk Vocabulary General Risk Categories Market Risk Credit Risk Operational Risk Insurance Risk Known vs. Emerging & Unknown Risks Page 26
Market Risk Equity Risk Interest Rate Risk Currency Risk Commodity Risk Oil Grains Metals Real estate Page 27 Credit Risk Bonds Loans Counterparty Other Assets Page 28
Operational Risk General Business Risk Management failure, poor planning Reputational damage Human capital Process Risk Lack of controls, E&O Inefficiency Distribution channels Page 29 Operational Risk (cont d) Event risk Cat events affecting daily operations Technology related events Reporting risk Model risk Page 30
Insurance Risk Pricing Reserving Catastrophe Mortality Morbidity Policyholder behavior Page 31 Known vs. Emerging/Unknown Extreme events Some known and some emerging Some simply not yet known Prepare for what is known Contingency plans Consider what s emerging Pandemics, etc., seek information What you don t know, someone else might Page 32
Dynamic Financial Analysis (DFA) Quantitative side of ERM Simulation modeling to reflect full range of outcomes... and the associated odds Understand and manage risks better, e.g., Allocate costs & savings Test retention strategies Capital planning, Economic Capital, etc. Page 33 Implementing ERM
Implementing ERM The Goal Board of Directors Establishes strategies Approves framework & variances Senior management Owns risk Establishes risk management culture Directs risk control processes Evaluates activities Decisions on risk/reward based on information Page 35 Implementing ERM (cont d) Chief Risk Officer Advises senior management on decisions Monitors utilization of risk Control issues to management and BOD Internal audit Independent testing and verification Validates framework Identifies areas for improvement Page 36
ERM for Financial Institutions ERM for Banks Basel II Recommended Standards (2004) Objectives Ensuring capital allocation is risk sensitive Separation and quantification of credit and operational risk Aligning regulatory capital and EC 3 Pillars Minimum capital requirements Supervisory review Market discipline Page 38
ERM for Insurance Companies RBC, BCAR, IRIS, EC, EVA and DFA are among the financial building blocks Controls, culture & communication are the mortar that hold it all together Emerging focus of rating agencies/regulators ERM questionnaires CARRMEL Page 39 ERM for Non-Financial Institutions
Non-Financial Institutions All companies need to evaluate & manage risk Companies that capitalize on opportunities presented by retaining risk can benefit from ERM High deductible Self insured Captives Page 41 Self Insured Companies Explicit decision to retain risk High level involvement in formation Entry point to full blown ERM program Management has shown willingness to engage on the topic Page 42
Implementing ERM Can be overwhelming Starting small can help Selected departments or functions Insurable risks first... Better understood Organization in place Better information available Page 43 Implementing ERM (cont d) Example: Testing retention strategies Dynamic Financial Analysis (DFA) Tools readily available Can be rented before buying Practical, useful results quickly Page 44
Retention Strategy with DFA Net Income - Results from DFA No Reinsurance $500.000 Retention $2 Mill. Retention $5 Mill. Retention in 10,000 Maximum $ 25,107,586 $ 12,137,849 $ 15,398,960 $ 17,464,808 1 in 500 99.80% 24,242,294 11,325,183 14,533,668 16,599,516 1 in 100 99.00% 23,718,274 10,840,238 14,009,646 16,075,495 1 in 20 95.00% 22,972,022 10,275,086 13,263,790 15,329,243 1 in 4 75.00% 21,455,378 9,290,557 11,788,609 13,812,600 Average 15,161,507 8,459,461 10,161,224 11,227,504 1 in 4 25.00% 16,291,902 7,711,338 8,840,586 9,252,899 1 in 20 5.00% (28,102,362) 6,393,757 6,099,544 4,668,550 1 in 100 1.00% (34,403,596) 5,312,468 3,840,732 774,476 1 in 500 0.20% (52,206,860) 4,489,865 1,818,386 (2,896,704) in 10,000 Minimum (82,206,680) 1,851,373 (1,007,291) (10,580,201) Page 45 Retention Strategy with DFA (Cont d) Risk - Return Tradeoff 12,000,000 11,000,000 $5 Mill Retention 10,000,000 $2 Mill Retention Return =Avg. Net Income. 9,000,000 8,000,000 7,000,000 $500,000 Retention 6,000,000 5,000,000 1,000,000 1,500,000 2,000,000 2,500,000 3,000,000 3,500,000 4,000,000 Risk = Standard Deviation of Net Income. Page 46
Roles for Professional Service Providers Why is ERM Important to You? Relationship building Natural extension of current services Sar-box component of operational Actuaries are natural complement to accountants in many areas Value added to the client Improves the effectiveness of core services going forward Page 48
Market Expanding in Size In response to downturn, 85% of corporate executives say they need to overhaul their approach to risk management 40% have or will increase investment in ERM Challenges Integration with firm processes and culture Aligning with overall business strategy Quantifying risks (modeling) Inadequate resources and talent Page 49 And Influence Ratings Agencies paying more attention to ERM Regulators (international and NAIC) at the table More public companies filing risk statements with public documents Society of Actuaries introduced 1 st new degree in 50 years (CERA) Page 50
Where to Start? Start where you left off Individual(s) responsible for managing risk can benefit from this discussion More financial companies are appointing Chief Risk Officers Be ready to have the conversation! Page 51 In Summary Quantitative and Qualitative Internal and external considerations Stakeholders Environmental factors Balance redundancy (controls) with efficiency Risk is opportunity! Page 52
Questions??? Evaluate Manage Capitalize