Insurers have some work ahead of them in their risk management efforts—integrating risk responsibilities into compensation goals, establishing integrated risk management processes and systems and improving model validation, according to a
The sixth edition of the report, “Risk Management in the Spotlight,” surveyed chief risk officers (or equivalent senior risk officers) from 111 financial institutions, with combined total assets of more than $19 trillion. Also included in the survey were insurers and asset managers. Less than half of the financial institutions surveyed (49%) have incorporated risk management responsibilities, either in whole or in part, into the performance goals and compensation decisions for senior management.
“Many insurance companies have dedicated significant resources to building their risk management programs in recent years,” Edward Hida, the editor of the report and a partner with Deloitte’s Banking & Securities team, told INN. “However, the losses and declines in market value associated with the recent economic environment have revealed new insights about the complexity of risk, such as the increase in systemic risk and interconnectedness between financial risk and risk embedded in insurance products. The current economic environment and the insights that are emerging from it offers opportunities for companies to improve risk management capabilities.”
Only 36% of the institutions surveyed had an enterprise risk management (ERM) program, although another 23% were in the process of creating one. Even among institutions with $100 billion or more in assets, a little more than half (58%) had an ERM program already in place.
“There is anecdotal information that suggests the performance of insurance companies in the current financial crisis may be at least partly related to their ERM capabilities,” Hida said. “For example, rating agencies have begun to utilize the results of their ERM assessments as a leading indicator of a company’s ability to withstand stress brought on by losses.”
According to the survey, regulators have been encouraging financial institutions to independently validate their risk-related models to ensure they can reliably assess the likelihood and magnitude of potential risks. While 53% of the participating institutions indicated having an independent model validation function, over two-thirds of the remaining respondents reported having no plans to create such a function.
Institutions may also have significant work to do to upgrade their IT risk management infrastructures. Roughly half of the executives were extremely or very satisfied with the capabilities of their risk systems to provide the information needed to manage market and credit risk. In other areas, such as liquidity risk and operational risk, only 40% or fewer provided ratings this high.
Earlier this month, ACE Group, KPMG, SAP and Towers Perrin released
1. Conceptualize and design a companywide risk management process
2. Make risk management everyone’s responsibility
3. Ensure executive management engagement
4. Instill risk management in business culture
5. Provide risk management a seat at the table
6. Make risk management part of the incentive system
7. Share risk knowledge
8. Gain a portfolio view of risk
9. Leverage technology solutions
10. Engage the board of directors
