Over the summer, the NAIC ran a pilot review of the U.S. ORSA using 13 ORSA summary reports that a variety of insurers submitted. Although formal feedback to the industry is still pending, the NAIC did make some initial comments on the results of this review at its summer national meeting in August 2012. Although this feedback is unlikely to find its way into the guidance manual, insurers are likely to adapt ORSA processes in order to address it.
One particular area of comment was stress tests. Specifically, in addition to single-factor stress testing, companies should consider combined stress event scenarios. In addition, particularly for the life sector, there should be stress testing on liquidity.
There are several worthwhile considerations related to stress testing under the ORSA:
• Individual stress tests are helpful in understanding a model's sensitivity to key assumptions or risk variables. However, when it comes to preparing for situations that threaten risk appetite limits, it is worth focusing on the fact that events do not usually happen in isolation, and there is usually a high degree of tail risk correlation. When things go wrong, they can go very wrong. Accordingly, companies could use their risk inventory and views on correlations to develop combined stress scenarios that represent real world events.
• Companies will benefit from an overall combined process that enables risk management activities, the ORSA and stress testing to fit in with the annual business planning cycle.The ORSA process, when properly orchestrated, is an ideal opportunity to perform a comprehensive stress and scenario exercise and will take place in conjunction with the organization’s business planning process. This will help enable linkage of risk appetite with corporate objectives and the calibration of risk-specific limits that maintain the organization’s appetite over the planning horizon. In addition, this will be an ideal time to stress and scenario test business plans, risk exposures and appetite metrics in a comprehensive and coordinated manner.
• Some risks naturally lend themselves to scenario analysis. For example, operational risks are often more realistic when thought of as scenarios rather than single-factor stresses. Thinking about the impact of a 10-percent increase in morbidity on operational risk capital is difficult as the operational impact is not obvious. However, a site-specific disaster close to the insurer’s head office that results in administrative issues and increased sickness claims from the locally insured is more tangible. This scenario is easier to quantify and naturally leads to the identification of mitigating actions. Accordingly, maintaining a risk register of operational risk events and near misses can provide a good basis to inform scenarios selection. However, this process may not capture high-impact, low-frequency events and may need to be supplemented by operational risk workshops that gather scenario suggestions from throughout the business.
• Including reverse stress test scenarios as part of the ORSA may be illuminating. Reverse stress scenarios, in the context of an ORSA, identify events that could breach risk appetite. This is a worthwhile exercise because it can provide information on just what will cause distress and helps identify business weaknesses. When discussing these topics it also is sometimes easier to focus on realistic and tangible scenarios rather than trying to envisage what you would do if extreme tail risk events arose. To do this, companies would start with a comprehensive set of individual risk stresses at different points and work towards an understanding of the distribution of risk outcomes and identification of such appetite breaching scenarios.
• Stress testing should focus on more than just capital metrics. Although capital metrics, particularly regulatory solvency, are commonly stressed, it is worth considering other metrics. In fact, any metric in a risk appetite statement is worth consideration in stress testing (e.g., liquidity, as identified in the NAIC feedback). Most life companies include a statement on liquidity in their risk appetite and many include requirements for stressed liquidity coverage as well. Modelling of stress scenarios (such as a combination of market events and higher lapses), including planned responses and potential limitations thereon, will help identify the events that could strain liquidity, as well as key considerations regarding sources of funding.
• However, other risk metrics in addition to liquidity should be part of stress testing. For example, it is common to include earnings metrics in risk appetite statements. These metrics should be part of a comprehensive stress testing program because an understanding of the events that can breach risk appetite is essential to understanding how to avoid it. Using the risk appetite statement metrics is a valuable approach to ensuring the completeness of the stress testing program.
• Outside of the risk appetite statement, there may be additional metrics (e.g., exposure metrics for in the money guarantees) that provide valuable information when subject to stress testing. Where non-linear exposures exist, stress testing can identify where "cliff events" arise and exposures rapidly increase.
In summary, a robust stress and scenario testing process is an essential part of a risk management framework. Companies can begin to promote an adequate stress testing approach by:
• Modelling scenarios and individual stresses;
• Linking the stress testing process to the wider business planning cycle;
• Maintaining risk registers of near misses and gathering input from throughout the business;
• Incorporating the use of reverse stress tests; and
• Checking stress testing completeness by checking against appetite metrics and other key exposure and risk indicators.
We describe above some of the many considerations for designing such a process. NAIC feedback indicates this as an area where improvements are necessary. As insurers prepare ORSA documents for regulatory review, effective stress and scenario testing processes will be evident; conversely, those processes that are not effective also will be evident and likely to warrant regulatory challenges. Addressing such gaps will support a smoother regulatory review process, and will help management in its overall business strategy and risk management execution.
Brian Paton is a director with PwC.
Readers are encouraged to respond to Brian using the “Add Your Comments” box below. He can also be reached at: brian.paton@us.pwc.com.
This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.
The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.
