Yasa Fujioka IAIS Secretariat ASSAL-IAIS Training Seminar, 19-22 November 2012

Yasa FujiokaIAIS Secretariat

ASSAL-IAIS Training Seminar, 19-22 November 2012

Risk Management- ICP 8, 16 and ComFrame M2E2 -

The information contained in this document is classified as Secret (ASSAL-IAIS Training Seminar Participants Only) and contains highly sensitive information. Direct access to information classified as ‘Secret’ is limited to the persons individually named by the Owner. Any recipient of information in this category may redistribute it to other persons within their organisation whose access to this information is necessary to carry out or assist in connection with the relevant business activity or operations (need-to-know principle). If distributed further, the original receiver maintains sole responsibility for ensuring the information is not distributed to unintended recipients. If you are an unintended recipient of this information please do not distribute this information further and destroy all copies of this information immediately. In addition, please notify the IAIS immediately via [email protected] or +41 61 225 7300.

ASSAL-IAIS Training Seminar Participants Only

19-22 Nov 2012San Jose

Please refer to the confidentiality notice detailed on the first page of this document

- Risk Management, Yasa Fujioka - 2

Agenda

I. Overview

II. Real Life Example – HIH

III. ERM for Solvency Purposes

IV. ComFrame – Group ERM

Appendix: Details of ICP 8 and 16




I-1. What is risk management and why?

• Risk management– process that management takes to assess and

control the impact of past and future events that are detrimental

– Particularly important to insurers

• Triggered global financial crisis– “Result of a failure of risk manage-

ment on a colossal scale” Robert Hartwig– “AIG’s trouble was directly related to failure of

internal risk management” Hank Greenberg

Overview

Real Life Example – HIH

ERM for Solvency Purposes

ComFrame – Group ERM

Appendix: ICPs on Risk Management




I-2. Relevant international standards

Overview





• ICP 8: Risk management and internal controls– Importance of independent control functions

• ICP 16: Enterprise risk management for solvency purposes– Provide framework for all relevant and material

risks

• ComFrame M2E2: Group ERM– IAIG relevant issues on group ERM




II-1. What is HIH?

• Australia’s second largest non-life insurer– Workers comp., liability and indemnity

– In Australia, UK and California (USA)

– In late 1990s, assets of A$7 billion, revenue of A$4 billion and operating profit of A$60 million

• Bankrupt in 2001– Largest corporate failure in Australia

• Many causes of failure including risk management

Overview





*case based on the report of the HIH Royal Commission (www.hihroyalcom.gov.au)




II-2. Risk management failure (1)


Overview





• Continuous underwriting loss• Poorly managed underwriting

– Underwrite personal accident cover to Taiwanese military

– Reinsure motor vehicle insurance w/o terrorism exclusion to Israeli military (self ins.)

• Identify and quantify risk under a sufficiently wide range of outcomes - ERM Framework

• Regularly assess the adequacy of risk management and solvency - ORSA




II-3. Risk management failure (2)


Overview





• Lack of due diligence and Board / senior management decision process– Enter, exit, re-enter US market

– FAI acquisition

• Effective internal control systems and functions– Necessary authority, power and resources

• Ownership of ORSA – Board / senior management




III-1. ERM Framework

Overview





Governance and ERM Framework

Role of supervision

リスク管理方針リスク許容度ステートメント

継続性分析経済資本・　　　規制資本

Own Risk and Solvency Assessment (ORSA)Own Risk and Solvency Assessment (ORSA)

Risk Management Policy


Risk Tolerance Statement


Continuity Analysis

Continuity Analysis

Economic and Regulatory Capital


Feed back Loop

Feed back Loop




III-2. Own Risk and Solvency Assessment

• Assess adequacy of its risk management in relation to current and future solvency

• “Owned” by Board and Senior Management

• Encompasses all reasonably foreseeable and relevant material risks

• Economic and regulatory capital

• Continuity analysis

Overview








III-3. ERM Framework

Overview





Governance and ERM Framework

Role of supervision

リスク管理方針リスク許容度ステートメント

継続性分析経済資本・　　　規制資本

Own Risk and Solvency Assessment (ORSA)Own Risk and Solvency Assessment (ORSA)





Continuity Analysis

Continuity Analysis



Feed back Loop

Feed back Loop




IV. ComFrame – Group ERM

• ComFrame– Operationalisation of ICPs with regard to IAIGs– Based on ICPs, but adds and reduces options

• Example of going beyond ICPs– ERM Framework comprises group-wide

strategies– Risks from operating internationally and

operations through subs and branches– Risks arising from intra-group transactions and

place restrictions

Overview








Conclusion

• ERM Framework– Assess all foreseeable and relevant risks– Board is responsible– Nature, scale and complexity (e.g. IAIGs)

• ERM into practice– 2002 HIH had corporate governance, 2008

AIG had ERM in place– Did not go beyond guideline and policies– Integrate with business operation and culture




Thank you.

[email protected]




Appendix

Following pages will not be covered in the presentation.

For further information on ICPs, try our ICP online-tool!!

http://www.iaisweb.org/ICP-on-line-tool-689

Overview








A-1. ICPs on risk management

• ICP 8: Risk management and internal controls

• ICP 16: Enterprise risk management for solvency purposes

Overview








• … effective systems of risk

management and internal

controls,

• including … risk management,

compliance, actuarial matters

and internal audit

A-2. Risk Management and Internal Control (1)

Overview








A-3. Risk Management and Internal Control (2)

– Risk Management: identify, assess, monitor, manage and report its key risks in a timely way (Std 8.3)

– Compliance: meet legal and regulatory obligations … culture of compliance and integrity (Std 8.4)

– Actuarial: evaluate and provide advice … technical provisions, premium and pricing activities … (Std 8.5)

– Internal Audit: provide Board with independent assurance in respect of the insurer’s governance (Std 8.6)

• In order to function properly, the control functions need authority, independence and resources (Std 8.2)

Overview








A-4. ICPs on risk management

• ICP 8: Risk management and internal controls

• ICP 16: Enterprise risk management for solvency purposes

Overview








A-5. ERM (for solvency purposes) core principle

• ICP16: “The supervisor establishes enterprise risk management requirements for solvency purposes that require insurers to address all relevant and material risks

• Applies to insurance legal entities and any risks posed by non-insurance entities on insurance groups

• Requirement for identification and quantification of risk, including documentation

• Active enterprise risk management policy• A risk tolerance statement and other evidence of

consistency of measurement of risk• A responsive risk management framework• Own risk and solvency assessment (ORSA)• Active supervision

Overview








A-6. ICP16.1 Risk Identification and measurement

• The ERM framework must provide for:– The identification and quantification of risk

under a sufficiently wide range of outcomes– Using techniques appropriate to the nature,

scale and complexity of the risks borne by the insurer

– Adequacy for risk and capital management and for solvency purposes

Overview








A-7. ICP 16.2 and 16.3 – Evidence of the Framework in action

• Measurement of risk must be supported by accurate documentation– Detailed description of risks covered– Measurement approaches used, plus key

assumption

• Risk management policy– Outline of the management of relevant and

material categories of risk

Overview








A-8. ICP 16.4 to 16.8 – Consistency of measurement and clarity of management process

• Clear risk tolerance limits, and relationship with regulatory and economic capital, and processes and methods for monitoring risk

• Well-defined ALM policy• Explicit investment policy• Explicit underwriting policy• Clear and detailed risk tolerance

statement

Overview








A-9. ICP 16.9 and 16.10 – Risk Responsiveness

• ERM framework should be responsive to changes in the risk profile of the insurer

• A feedback loop should be incorporated in the framework– Based on appropriate and good quality

information, management processes and objective assessment

– Allows necessary action in a timely manner

Overview








A-10. ICP 16.11 to 16.16 – Own Risk and Solvency Assessment (ORSA)

Overview





• Assess adequacy of its risk management in relation to current and future solvency

• “Owned” by Board and Senior Management

• Encompasses all reasonably foreseeable and relevant material risks

• Economic and regulatory capital

• Continuity analysis

Yasa Fujioka IAIS Secretariat ASSAL-IAIS Training Seminar, 19-22 November 2012

Documents

Transcript of Yasa Fujioka IAIS Secretariat ASSAL-IAIS Training Seminar, 19-22 November 2012