Enhancing Our Risk Appetite Framework. A Case Study

Similar documents
Preparing for an Own Risk & Solvency Assessment

Enterprise Risk Management Economic Capital Modleing and the Financial Crisis

ERM Implementation and the Own Risk and Solvency Assessment (ORSA)

Risk Appetite for Life Offices IFoA working party

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

Risk Appetite: Survey Results. March 2015

INTEGRATED RISK MANAGEMENT GUIDELINE

RISK MANAGEMENT FRAMEWORK

Risk Appetite. What is risk appetite?

Enterprise Risk Management Policy Adopted by the AMP Limited Board on 2 February 2017

RISK APPETITE FRAMEWORK

Harmonizing Risk Appetites within a Stress Testing Framework

Capturing Risk Appetite Through ERM - Implementation Challenges

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

Risk Architecture: Agenda. Leon Bloom, Partner, Deloitte & Touche LLP

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

Enterprise Risk Management

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Risk Appetite Survey Current state of the Insurance Industry

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

First Informal Consultation on ERM Policy. 24 th July 2018

Standard Chartered Bank UAE Branches

A.M. Best s New Risk Management Standards

LEGAL & GENERAL GROUP PLC risk management supplement

Applying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004

Talent and accountability incentives governance Risk appetite and risk responsibilities

Energize Your Enterprise Risk Management

Leveraging an organization s current risk management to create a sustainable ERM program. Thursday, January 15, 2015

New Actuarial Standards of Practice No. 46 Risk Evaluation in ERM No. 47 Risk Treatment in ERM

Risk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY

Applying COSO s Enterprise Risk Management Integrated Framework

American Academy of Actuaries Webinar: The Practice of ERM in the Insurance Industry. Enterprise Risk Management Committee November 19, 2013

Tips for Assessing Risk Appetite

Establishing and Embedding Risk Appetite: Practitioners View

Summary of Risk Management Policy PT Bank CIMB Niaga Tbk

2014 Own Risk and Solvency Assessment (ORSA) Feedback Pilot Project Observations of the Group Solvency Issues (E) Working Group

Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers

GUIDELINE ON ENTERPRISE RISK MANAGEMENT

RISK COMMITTEE CHARTER THE CHARLES SCHWAB CORPORATION

RISK COMMITTEE TERMS OF REFERENCE. The Board has resolved to establish a Committee of the Board to be known as the Risk Committee.

Enterprise Risk Management How much risk do you want to take? Mark Lim Risk Consulting and Software Towers Watson

Enterprise-Wide Risk Management

SOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY

Overview and context

INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS MODULE

Title of the presentational;;l

Foundation Dialogues. Valued Client. Presented By: Robert Burke Jr.

Sections of the ORSA Report

Amex Bank of Canada. Basel III Pillar III Disclosures December 31, AXP Internal Page 1 of 15

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

PILLAR 3 REGULATORY DISCLOSURES REPORT AS AT 30 NOVEMBER 2017 LEUCADIA INVESTMENT MANAGEMENT LIMITED

Risk appetite. Getting in shape building and sustaining your risk appetite. 27 February 2014

WHITE PAPER. Solvency II Compliance and beyond: Title The essential steps for insurance firms

LIQUIDITY RISK MANAGEMENT MODULE

Merrill Lynch Kingdom of Saudi Arabia Company. Pillar 3 Disclosure. As at 31 December 2017

ORSA reports: gaps and opportunities

Delivering Clarity to Credit Unions Through Expertise and Experience

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

MENA Insurance Enterprise Risk Management Survey. April 2015

Credit risk management. Why it matters and how insurers can enhance their capabilities

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

RISK MANAGEMENT FRAMEWORK

Criteria Insurance General: Refined Methodology For Assessing An Insurer's Risk Appetite. Table Of Contents

RISK MANAGEMENT FRAMEWORK OVERVIEW

Basel III Reforms. Strategic Initiatives of the Risk Management Implementation in Risk and its Management Profiles

ERM in the Rating Process: A Practical Perspective

Working through Risk Appetite

Session 8A: Risk Appetite in Practice. Moderator: Presenters: Anthony Dardis, FSA, CERA, FIA, MAAA. Damon Levine

Risk Management Framework

M_o_R (2011) Foundation EN exam prep questions

ESTABLISHING RISK BOUNDARIES. Michel Rochette, MBA, FSA Caribbean Actuarial Association Annual Meeting Trinidad & Tobago December 4th 2008

Embrace the Solvency II internal model

University Risk Management Policy

The Components of a Sound Emerging Risk Management Framework

Guidance Note: Internal Capital Adequacy Assessment Process (ICAAP) Credit Unions with Total Assets Greater than $1 Billion.

Risk Management Policy

Draft Guideline. Corporate Governance. Category: Sound Business and Financial Practices. I. Purpose and Scope of the Guideline. Date: November 2017

Risk Management at Central Bank of Nepal

RSMR Portfolio Services Limited RSMR-PS Pillar 3 Disclosure

Heightened Expectations for Some a Message for All to Consider: The Evolution of the 3 Lines of Defense WHITE PAPER

Northern Trust Corporation Liquidity Coverage Ratio Public Disclosure

The Rating Agency View of Capital Modelling. Simon Harris Team Managing Director European Insurance

INSURANCE CORE PRINCIPLES, STANDARDS, GUIDANCE AND ASSESSMENT METHODOLOGY

NAIC OWN RISK AND SOLVENCY ASSESSMENT (ORSA) GUIDANCE MANUAL

Solvency II Insights for North American Insurers. CAS Centennial Meeting Damon Paisley Bill VonSeggern November 10, 2014

Meeting of Bristol Clinical Commissioning Group Governing Body

Section Defining Risk Management. 11. Principles of Risk Management

Merrill Lynch Kingdom of Saudi Arabia Company. Pillar 3 Disclosure. As at 31 December 2016

360 Degrees of Enterprise Risk Management

DEVELOPING THE RISK APPETITE FRAMEWORK OF A LIFE INSURANCE BUSINESS

As a provider of financial

THE ROLE OF THE BOARD IN RISK MANAGEMENT

Practical aspects of determining and applying a risk appetite for SMEs

REPUTATION RISK ON THE RISE

RISK APPETITE. A short guide 2017

Certified Enterprise Risk Professional (CERP) Test Content Outline

Communicating the Value Enterprise Risk Management

TD BANK INTERNATIONAL S.A.

How Internal Audit Can Help Promote Effective ERM

Risk appetite frameworks: good progress but still room for improvement

Transcription:

Enhancing Our Risk Appetite Framework A Case Study

Desired Outcomes 1. An approach to developing a risk appetite framework and risk appetite statement. 2. Understanding how a risk appetite framework can be operationalized. 3. Identifying and overcoming challenges to asserting the value of risk appetite to stakeholders. 2

History Inaugural group policy/statement in 2011 Businesses established risk appetite policies and protocols in 2008-2009 International business has an actively managed risk appetite framework Risk appetite metrics and dashboard are part of ongoing corporate ERM reporting Risk appetite concepts are evolving in the industry Aim for our risk appetite framework to be both defensive and opportunistic 3

Objectives - enhancing framework 4 Strengthen link to our vision, strategy and business objectives More forward-looking Enhance consideration stakeholders Incorporate upside and downside Vet and validate existing risk tolerances and limit metrics Use it Continuous improvement

Approach Broad Steps Agree principles Risk appetite policy Questionnaire Multiple rounds Group risk appetite statement Cascade to business Governance Business risk committees Executive Risk Management Committee Senior management C-Suite Members of Board of Directors 5

Principles Establishing Risk Appetite The risk appetite framework should clearly align with our vision and business strategy. The risk appetite framework should identify risk preferences for all material risks. The diverse interests and objectives of key stakeholders should be considered. For risk exposures that are challenging or inappropriate to quantify, qualitative boundaries should be developed and assessed. 6

Principles 7 Embedding Risk Appetite Ownership of and adherence to risk appetite should be embedded in culture and expectations. The risk appetite framework should be cascaded through the company to achieve understanding and support and will build off of business unit and functional operating policies and procedures. Risk and other management committees should put the risk appetite framework into practice at the business and/or functional levels; They have oversight responsibility to ensure decisions are consistent with group objectives and risk appetite.

Principles Embedding Risk Appetite Evidence of strategy and risk appetite alignment at both enterprise and business segment levels should be provided. Risk limit metrics should relate to business objectives and stakeholders priorities as well as specific objectives of the business unit or function. Managing within risk appetites should be practical, applicable and actionable. 8

Principles Governance Board of Directors and senior management involvement, responsibility, and ownership should be clearly established. Roles and responsibilities for monitoring adherence to risk appetite should be clearly established. Risk appetites should be reassessed after significant events and reviewed by the Board of Directors at least annually. 9

Components Risk Appetite Policy Policy on establishing, embedding, and governing our risk appetite framework. Group Risk Appetite Statement Summarizes risk categories, attitude toward and capacity for assuming, and approach to managing each, and articulates appetite for uncertainty in achieving objectives, and trade-offs we are willing or unwilling to accept. Business Process Policies and Operating Procedures Developed and utilized by business and functional areas to manage and operate activities and to summarize operational risk limits for managing and mitigating risk exposures. Business Monitoring and Operational Metrics Developed /utilized by business and functional areas to assess/measure risk profile against risk limits and to establish management actions as necessary. Policies, statements, processes and governance that establish and monitor adherence to Risk Appetite 10

Components 11 Risk Limits: Granular operational controls, associated with business process policies and operating procedures designed to improve risk-taking. Forward-looking measurements that cascade risk tolerances to lower levels of granularity. Convenient to monitor, and established at/for the level of the organization that manages risk on a day-to-day basis. Serve dual purpose enough risk taken and as a brake against excessive risk taking.

Components 12 Risk Profile: Point in time assessment of risk exposures, measuring them relative to our risk tolerances and limits Business monitoring and operational metrics support adherence to risk appetite Stress and scenario testing: Utilized to set expectations and highlight risk exposures, allowing management to determine appetite for each and used to monitor against risk tolerances and limits

Questionnaire - Primer Many employees have laptop computers, allowing them great flexibility in how and where they work. What is your appetite for a stolen laptop (the physical asset)? 1-Averse: We have zero or near-zero tolerance and avoid this risk at all costs. 2-Cautious: We have low tolerance and avoid this risk except under rare circumstances. 3-Moderate: We have limited tolerance, will accept the risk if outweighed by benefits, and if it can be carefully measured, monitored, and corrected. 4-Flexible: We have tolerance, will accept this risk for high likelihood of gain, and will manage the impact. 5-Tolerant: We have a high level of tolerance and accept this risk in order to exploit the gains. 13

Questionnaire - Primer What is your appetite for access to customer information or confidential data by the individual who stole the laptop? 1-Averse: We have zero or near-zero tolerance and avoid this risk at all costs. 2-Cautious: We have low tolerance and avoid this risk except under rare circumstances. 3-Moderate: We have limited tolerance, will accept the risk if outweighed by benefits, and if it can be carefully measured, monitored, and corrected. 4-Flexible: We have tolerance, will accept this risk for high likelihood of gain, and will manage the impact. 5-Tolerant: We have a high level of tolerance and accept this risk in order to exploit the gains. 14

Questionnaire - Categories What are our strategic/business objectives? For each risk category, what is tolerance for each? What is our attitude regarding uncertainty in achieving them? When faced with decision making, how willing are you to put achievement of each objective at risk? 15

Questionnaire - Purpose Help senior management and the Board articulate levels of appetite for/aversion to different risks AND tolerance with uncertainty in achieving our key business objectives Intended to draw out views and perceptions Educate and synthesized to an aligned view 16

Questionnaire - Outcomes The method began and sustained the risk appetite conversation. We got at the heart of understanding our culture's risk appetite. Improved understanding and consistency regarding what we are trying to accomplish 17

Risk appetite framework Decision making framework Guidance Encourages discussions Attitude for consideration of risks and volatility High-level filter through which we consider decisions and changes to strategy Accountability framework Establish boundaries Ongoing measurement Review of profile against risk appetite are we operating within our risk appetite? Encourages advance preparation and action planning Supports culture At all levels of the organization, encourages operating in a manner that is mindful of risk implications Simple actions protect our results Encourages critical thinking and good judgment Defensive and opportunistic Early warning system, serving as a control against excessive risk taking Also, highlights capacity for risk taking to drive growth and capitalize on opportunities 18

Implicit in our strategy and aligned with our vision and values is maintaining a solid financial foundation, meeting commitments to policyholders and maximizing shareholder value over the long term. Risk Appetite Statement Vision & Values Strategy Risk Appetite R I S K S We assume risks to create value and achieve objectives. Risk appetite articulates: Our preferences Our attitude toward and capacity for assuming additional risk Our approach to managing our risks. Risk management supports achievement of objectives. Risk appetite articulates the level of uncertainty we are comfortable with in achieving our objectives 1. Protecting and growing our franchise value 2. Maintaining adequate and efficient levels of capital 3. Maintaining liquidity to satisfy obligations 4. Achieving target performance

Risk Preferences Accept and Manage Minimize Exposure Strategic Insurance Credit Market Operational Reputational Capacity Definition Strategy Focus Avoid Expertise Preferences 20

Risk Tolerances - examples Franchise Value Protection and Growth Brand, reputation Data security and privacy Third parties Regulatory compliance Capital and Liquidity Management Regulatory/excess capital Liquidity metrics Use of stress testing and EC Capital quality and fungibility Target Performance Achievement Minimum profitability Sale/price balance Volatility sensitivity testing Statutory and GAAP

Cascading to the business 22 Establishing risk tolerances and limits Risk and other management committees have oversight responsibility Business units determine risk tolerances and limits, utilizing existing structures Risk limits are applicable and serve as metrics by which to manage within risk appetite. Aligns with level at which business decisions are made. Encourages operating with a risk management mindset. Accountable for establishing/enhancing programs to keep risk exposures within risk appetite using risk limits and actions triggered as needed

Cascading to the business Monitoring and reporting Accountability for establishing policies and procedures with relevant risk limits. Anticipate risk limit breaches, by considering a projected risk profile Escalation process with procedures to ensure action Employ soft limits and hard limits. Soft limits - relate to an exposure level that triggers discussion and heightened monitoring, but for which remedial action is not yet necessary. Hard limits - breach results in immediate remedial action, 23

Establishing the link Within risk appetite Watching Outside risk appetite Key Objective Achieving target performance Risk Tolerance Operate within minimum profitability targets 1 st Line of Defense Process Quoting & Underwriting Key Risk Processes Quote Rate/Market Rate Case Rate Risk Rate Underwriting Authority Levels Metrics with Risk Limits Pricing Floors Rate to Case Rate Pricing Floors Rate to Case Rate 24 Opportunity: budget available to add risk Outside of risk appetite: Need to take actions

Establishing the link Pricing to Target IRR Greater than required minimum IRR Sensitivity testing to understand sensitivity of profitability to: Incidence Persistency Mix of Business MEDIUM HIGH LOW Forward Looking Expectation Incidence Persistency Mix of Business Ongoing Experience Monitoring Incidence Persistency Mix of Business Sensitivity testing can be used to understand volatility, determine risk appetite and monitor against it. 25

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback