8th edition of the FERMA benchmarking survey

In collaboration with EY, AIG, XL Catlin, Marsh and CHUBB

Jeudi 30 mars 2017 - Lyon

FERMA Benchmarking Survey 8th Edition

1

FERMA Risk Management – Benchmarking Survey 2016 – 8th EditionIn collaboration with

FERMA Benchmarking Survey 8th Edition

2


Intervenants

Sébastien RimbertDirecteur Associé

Risk Advisory EY

Paris

Florent MideyDirecteur Associé

Risk Advisory EY

Lyon

Gaëlle LarchevèqueDirecteur contrôle interne et audit

Groupe April

3


Introduction

103responses

634responses

►Eight biennal benchmarking survey conducted by the Federation of European Risk Management Associations (FERMA).

►The survey received 634 responses and was conducted from April to June 2016.

►Focus on the French market

►16,2% of the panel

240responses

►Focus on small and medium enterprises

►38% of the panel have revenues less than €1 billion

2 European perspective

European insights on risk management practices1

1. European insights on risk management practices

6


Risk Management reporting lines

0,0%

5,0%

10,0%

15,0%

20,0%

25,0%

30,0%

Global

France

ETI

18,8%

17,5%

22,9%

7


Insurance Management reporting lines

0,0%

5,0%

10,0%

15,0%

20,0%

25,0%

30,0%

35,0%

40,0%

Global

France

ETI

20,4%

8


Risk/Insurance Managers’ roadmap ETI Market

Top embedded activities

1. Development of map of risks: risk identification,

analysis, evaluation, prioritization and reporting

2. Insurance management and claims handling / insurable

loss prevention

3. Assistance to other functional areas in contract

negotiation, project management, acquisitions and

investments

Activities planned for 2016-2017

1. Development and embedding of Business

Continuity Management / Emergency Management

/ Crisis Management / Incident response programs

and solutions

2. Design and implementation of risk

controls/prevention

3. Alignment and integration of risk management as

part of business strategy

9


7%

13%

37%

42%

10%

24%

18%

48%

11%

22%

16%

51%

Emerging Moderate Mature Advanced

2012 2014 2016

Risk Management interactions with Top Management

There is no

mechanism in

place to

formally report

about risk

management

GRAPH CAPTION


Meets Board

and/or Top

Management

members on a

requested

basis

Formally

presents to the

Board of

Directors and

Top

Management

once a year

Formally

presents to the

Board of

Directors and

Top

Management

several times

per year

45%

ETI Position 2016

10


Organisational Model

Organisational model between Risk Management, Insurance Management, Internal Control and Internal Audit

French market position – 2016

11,0%

23,8%7,7%

15,8%

All functions together ina single department

All functions separate in four differentdepartments

Risk and Insurance Management together

Risk Management and Internal Control together

Internal Audit separate

Insurance Managementseparate

29,1%

20,4%

9,7%

20,4%

12,6%

7,8%7,7%

38,9%

11% - Full panel

Top 3 – ETI organisational model

1- Risk and Insurance Management

together (26%)

2- All functions separate in four

different departments (21%)

3- All functions together in a single

department (18%)

11


Organisational Model

Relationships between Risk Management, Insurance Management, Internal Control and Internal Audit: basic coordination but room for improvement.

12


5%

16% 17%

62%

8%

15%

22%

55%

11%14%

26%

49%

0%

10%

20%

30%

40%

50%

60%

70%


2012

2014

2016

Risk mapping deployment

No such

approach has

been put in

place yet

GRAPH CAPTION


Only for certain

business units /

categories of

risks

On a global

corporate level

only (strategic,

financial and

operational)

From corporate

level down to

divisions and

business units

57,3%

29,1%

10,7%

2,9%

38%

26%

French market position – 2016 ETI Position 2016

13


IT/GRC tools

Scenario Analysis 34%

Legend 2016

2014

Risk appetite and tolerance 35%

Claims analysis 45%

Risk quantification (Evaluating the probability of a risk event occurrence and effect) & Risk modelling

46%

Monitoring of risk mitigation actions / controls 49%

Risk mapping 55%

Risk registers 52%

Risk reporting / Risk dashboards 57%

22,3%

26,2%

35,0%

30,1%

36,9%

51,5%

40,8%

45,6%

French market position - 2016

28%

31%

45%

French market position – 2016 ETI Position 2016

2. European perspective

15


Top 10 risks (1/2)French market

Full Panel Risk vs French market - 2016

Top 10 Risk in 2016 – Full Panel Top 10 Risk in 2016 – French marketFrench market VS Full

Panel Risk position

#1 Economic conditions Business continuity disruption

#2 Business continuity disruption Cyber-attack / data privacy

#3 Political, country instability Economic conditions

#4 Non-compliance with regulation and legislation Political, country instability (crisis, war, regulatory changes)

#5 Competition Competition

#6 Reputation and brand Fraud, Bribery and Insider Dealing

#7 Cyber-attack / data privacy Non-compliance with regulation and legislation

#8 Market strategy, clients Market strategy, clients

#9 IT systems and data centers Interest rate & Foreign exchange

#10 Interest rate and foreign exchange Quality of products & services (design, safety & liability)

Equal to Full Panel

Above Full Panel

Under Full Panel

Specific Risk in Top 10 for the French market

16


Top 10 risks (2/2)French market

Business continuity disruption

Cyber-attack/data privacy

Economic Conditions

Political country instability (crisis, war, regulatory changes)

Competition

Non-compliance with regulation and legislation

Fraud, Bribery and Insider Dealing

Market strategy, clients

French Market

Interest rate & Foreign Exchange

Quality of products & Services (safety & liability)

Legend High

Low

Medium

Full Panel

Mitigation Satisfaction Level

17


Top 10 risks (1/2)ETI market

Full Panel Risk vs ETI market - 2016

Top 10 Risk in 2016 – Full Panel Top 10 Risk in 2016 – ETI marketETI market VS Full Panel Risk position

#1 Economic conditions Economic conditions

#2 Business continuity disruption Business continuity disruption

#3 Political, country instability Non-compliance with regulation and legislation

#4 Non-compliance with regulation and legislation Political, country instability (crisis, war, regulatory changes)

#5 Competition Reputation and brand

#6 Reputation and brand Market strategy, clients

#7 Cyber-attack / data privacy Human resources / key people, social security (labour)

#8 Market strategy, clients Competition

#9 IT systems and data centers IT systems and data centers

#10 Interest rate and foreign exchange Cyber-attack / data privacy

Equal to Full Panel

Above Full Panel

Under Full Panel

Specific Risk in Top 10 for the ETI market

18


Top 10 risks (2/2)ETI market

Economic Conditions

Business continuity disruption

Non-compliance with regulation and legislation

Political country instability (crisis, war, regulatory changes)

Reputation and brand

Human resources/ key people, social security (labour)

Market strategy, clients

Competition

ETI Market

IT systems and data centers

Cyber attack/ data privacy

Legend High

Low

Medium

Full Panel

Mitigation Satisfaction Level

19


Risks’ level of satisfactionETI market

What are the five risks for which ETI Risk Managers are the most/least satisfied in terms of mitigation?

Highest level of satisfaction

1. Business continuity disruption

2. Noncompliance with regulation and legislation

3. Reputation and Brand

4. Economic growth/slowdown

5. Market strategy

Lowest level of satisfaction

1. Digital transformation

2. Corporate social responsibility, Human Rights and Ethics

3. Terrorism

4. Strategy execution and transformation programs

5. Security

20


European risk mapFull Panel


Merci

22

Enquête Gouvernance – EY - 2016

►Vous souhaitez une présentation détaillée de l’étude sur votre secteur ?

(Manufacturing, Energy / utilities, Consumer goods, Retail, Pharmaceuticals and Life Sciences, Transportation / logistics)

►Contactez-nousFlorent Midey

Executive Director

Risk Advisory

Tel.: +33 4 78 63 16 33

Mobile: +33 6 82 55 73 61

[email protected]

mailto:[email protected]


Ernst & Young

Assurance | Fiscalité | Transactions | Conseil

A propos de Ernst & Young

Ernst & Young est un leader mondial dans les services d’assurance, de fiscalité, de transaction et de conseil. Au niveau mondial, nos 167 000 employés sont unis par nos valeurs partagées et un engagement indéfectible envers la qualité. Nous faisons la différence en aidant nos employés, nos clients et nos communautés au sens large à réaliser leur potentiel.

Pour plus d’informations, veuillez visiter www.ey.com.

Ernst & Young se réfère à l’organisation mondiale des cabinets membres de Ernst & Young Global Limited, chacun d’eux étant une entité légale séparée. Ernst & Young Global Limited, une entreprise britannique limitée par garantie, ne fournit pas de services aux clients.

© 2016 EYGM Limited. Tous droits réservés.

Cette publication contient des informations présentées sous forme de résumés et est donc destinée à être utilisée à titre indicatif uniquement. Elle ne vise pas à se substituer à une recherche approfondie ou à un jugement professionnel. EYGM Limited, ni aucun autre membre du réseau mondial Ernst & Young, ne peut accepter une quelconque responsabilité pour les pertes occasionnées à toute personne agissant ou s'abstenant d'agir sur la base de son contenu. Un conseiller approprié doit être consulté pour toute question spécifique.

Contacts

Florent Midey

Executive Director

Risk Advisory

Tel.: +33 4 78 63 16 33

Mobile: +33 6 82 55 73 61

[email protected]

mailto:[email protected]

8th edition of the FERMA benchmarking survey

Business

Transcript of 8th edition of the FERMA benchmarking survey