Sifting Through the Ashes To Assess ERM’s Value

ashes.jpg

Did enterprise risk management (ERM) fail the companies at the epicenter of the financial services meltdown or did the companies fail to properly employ ERM? While this question will vex many for a long time to come, it is especially urgent for insurers to understand whether their ERM practices are actually protecting them, or merely providing an illusory comfort.

A collection of essays, “Risk Management: The Current Financial Crisis, Lessons Learned and Future Implications,” published jointly by the Society of Actuaries, the
 Casualty Actuarial Society and the Canadian Institute of Actuaries, examines the past culpability and the future efficacy of ERM.

Michael Wacek, president and CEO at Stamford, Conn.-based Odyssey America Reinsurance Corp., says this examination is vital. “To prevent the baby from being thrown out with the bathwater, it is essential that the current financial crisis be studied closely to identify the real ERM successes and failures, and to distinguish between those companies who truly managed their enterprise risks and those who merely pretended,” he writes. “The results should be widely promulgated.”

Wacek says that American International Group’s (AIG) ability to threaten its very solvency while not running afoul of its ERM regime potentially creates credibility problems both for risk modeling and ERM in general. “When poorly supervised but apparently sophisticated modeling exacerbates a business disaster rather than helps to avoid it, it is viewed by some as a general failure of both risk modeling and ERM,” he writes.

Not surprisingly, the inability of risk managers to grasp the impact of derivatives, such as credit default swaps (CDS) on a company, is singled out by Wacek.

“The favorable balance sheet optics provided by CDS enabled AIG management to pursue an extremely leveraged business strategy without attracting much attention and perhaps without itself fully understanding it,” Wacek writes.

Credit default swaps were not designed with transparency in mind. So, the inability of ERM to account for them is at least understandable. Other blind spots are not.

Prakash Shimpi, global practice leader, ERM, at Towers Perrin in New York, says understanding the limits of capital and cash flow between legal entities within the same organization is vital. “One lesson made clear from AIG’s collapse is that capital and cash are not fungible within the different parts of a conglomerate financial institution,” he writes, adding that in a properly functioning ERM regime, fungibility should be stress-tested. “Legal and regulatory restrictions limit the flow of capital and cash between legal entities within an enterprise. Even if the needed funds were available, these restrictions would have prevented AIG from dealing with its problems.”

Jean-Pierre Berliet, founder of Berliet Associates LLC, a New York-based advisory firm on strategy and risk management, writes that it is exactly these types of strategic risks that insurers employing ERM correctly should account for.

“It is not enough for insurance companies to understand and manage the financial risks of their business that can cause insolvency,” he writes. “They need also to manage external “strategic” risks to their business. Until the present crisis, many insurers did not think much about their dependence on the efficient functioning of credit and other financial markets or the overall safety and soundness of the banking system. Now they do.”

Berliet also warns that insurers should not confuse compliance with a fully formed risk management strategy. Indeed, Berliet charges that even the forthcoming Solvency II regulations understate both the need for—and the cost of—capital to insurers in a crisis environment. “Because the insurance industry has been highly regulated, many insurance companies have not developed a deep strategic risk assessment capability. They need one urgently,” he writes.

Wacek, too, contends that the merits of highly functional ERM will eventually become self-evident.

“Over time, the market will punish companies practicing the window-dressing version of risk management and reward those whose ERM proves effective,” he writes.

Exclusive content only available on InsuranceNetworking.com

For reprint and licensing requests for this article, click here.
Core systems Security risk Data security Policy adminstration
MORE FROM DIGITAL INSURANCE