Insurers and ERM: Clear About

The Why, Working On The How The recent benchmark survey on enterprise risk management (ERM) in the global insurance industry by Tillinghast-Towers Perrin makes clear that there is a growing and strong consensus among insurers concerning why they should adopt ERM. But the survey shows far less consensus concerning how to implement it. In addition, respondents said they are not satisfied with the means they have available to make ERM a practical reality.

In our view, insurers can successfully move from their clear understanding of why to an equally clear vision of how they can adopt ERM in their own organizations by going back to first principles and re-grounding their efforts in an ERM operational framework that is specific to their companies.

Insurers today believe they should adopt ERM because it makes good business sense. In a relatively short period of time, ERM has gone from being viewed by the industry as theoretically desirable in the name of “good governance” to being treated as a pragmatic necessity in the name of effective management.

Nine out of 10 insurers surveyed said they are adopting ERM because it is “a good business practice.” Half said it provides them with “competitive advantage,” and more than half told us ERM offers them “a coherent conceptual framework” to coordinate risk management.

Corporate governance guidelines, regulatory pressure and rating agency pressure all trailed these core business rationales as the reasons insurers give today for adopting ERM.

These responses strongly support what we see in our consulting experience: insurers now understand that ERM is a unique strategic management tool that can enable them to both mitigate and exploit the totality of risk to which their organization may be exposed so that they can enjoy superior performance.

For that reason, we believe, more and more companies are implementing ERM. One of the clearest signs of the increasing adoption of ERM is in the rise of the number of chief risk officers in insurance companies. Today, some 40 percent of our survey respondents have appointed a CRO, nearly double the percentage in our first ERM benchmark survey published in 2000.

Overall, nearly half of our survey respondents already practice some form of ERM and nearly another 40 percent are planning to do so.

Insurers around the world understand that ERM can help them to achieve both top-line and bottom-line growth, while balancing the interests of policyholders and shareholders.

The belief insurers have in ERM as a tool for earnings and revenue growth is especially notable: nearly 80 percent believe ERM can help them achieve earnings growth and 55 percent said ERM can help them achieve revenue growth. We believe that last finding is striking because for many it may seem counterintuitive.

It says that insurers are increasingly coming to see ERM as a real business-building tool, not just a defensive tactic. For them, it is a formal discipline that enables companies to make robust decisions about which growth strategies are likely to produce the greatest reward, given the risk profile of an organization.

In short, many believe it can help them satisfy their shareholders interest in value creation, while protecting their policyholders interests in financial stability and security.

Whether ERM will realize its promise for individual insurance companies depends on how well individual companies work out the practical steps of implementing an ERM process for themselves. On that question, our survey shows that ERM is still a work in progress for most insurers around the world.

For instance, insurers continue to have qualms about the tools, processes and capabilities they believe are available to them to manage risks holistically.

The tools available to manage non-financial risks, such as intellectual capital risks and distribution channel risks, are of particular concern, earning at best the equivalent of a “D+” grade from respondents.

Insurers also expressed concerns about the tools, processes and capabilities they have to manage financial risks including liquidity, asset market value, interest rate, investment and credit risk. Insurers have significant experience managing these risks, yet the tools used to manage them earned only about a “C” average from respondents.

Insurers also still seem uncertain about which risks to include in a “holistic” approach to risk management. In the main, respondents still include chiefly financial risks within their ERM approach–though there is not universal agreement about which financial risks belong under ERM.

The broadest agreement is about “interest rate” risk, which 75 percent of respondents put under the ERM umbrella. Only 62 percent put credit risk under an ERM approach, and 54 percent cover asset market value risk under ERM.

Insurers seem even less certain about what to do with operational risks. Only about 50 percent or fewer of respondents place such operational risks as political-regulatory, intellectual capital and distribution channel risk within the ERM framework.

Moreover, insurers have yet to come to a clear and common understanding of what an operational risk actually is. Some define operational risks as any that are not purely financial. Others have a more specific definition: operational risks are clearly and distinctly different from strategic risks, event risks, business risks or hazard risks. Other insurers do not make such a distinction.

Finally, the current benchmark survey shows that insurers are still struggling to find the right organizational approach to managing risks from an enterprise perspective. For instance, insurers agree that ERM works by integrating the management of risk across the enterprise. But the actual degree of integration of ERM with other functional areas is still relatively low, with just about half the respondents in our survey saying they integrate ERM with internal audit, compliance, strategic planning, pricing and investment functions.

The implementation struggle also emerges in the way many organizations are using the CRO role.

In our experience, the CRO role works best as a change agent function, facilitating the integration of risk management by championing a shared understanding of holistic risk management. Yet most insurers in our survey still view the CRO as a technician whose primary competency is in the sophisticated mathematics of risk modeling.

These struggles are the growing pains of a work in progress. We believe insurers can work through them by going back to first principles and, as it were, re-grounding their efforts to implement ERM in a practical, systematic, company-specific ERM operational framework. Such a framework would define the companys objectives for ERM, which could be compliance, risk defense, risk exploitation, value creation or most likely some combination of these objectives.

Whats important is that top management unambiguously agrees about the aims of its own ERM. The framework would also clearly define the company-specific scope of its ERM program: the risks it will include in ERM and the management processes ERM will influence.

Finally, the framework would set out the companys own organization structure for ERM–with clearly articulated roles and responsibilities–and the specific tools it will use to implement ERM.

With this sort of company-specific operational framework in place, individual insurers can follow an implementation process that is right for them.

The process includes: systematically assessing all relevant risks; articulating alternative financial and operational strategies for dealing with (e.g., mitigating or exploiting) those risks; evaluating those strategies from the standpoint of both policyholder and shareholder interests; and then choosing the strategies that will provide the best balance of value to both policyholders and shareholders.

Those companies that have the patience to get these fundamentals right will much more likely achieve the competitive advantage that ERM promises.

Jerry Miccolis is a principal with Tillinghast-Towers Perrin in Parssippany, N.J.

Reproduced from National Underwriter Edition, April 7, 2003. Copyright 2003 by The National Underwriter Company in the serial publication. All rights reserved. Copyright in this article as an independent work may be held by the author.

Special Reports /

Insurers and ERM: Clear About The Why, Working On The How

Related Stories

Recommended For You