S&P initiated a great deal of the activity around enterprise risk management (ERM) when it announced that it was going to specifically rate insurers' ERM functions and that those ratings would influence insurers' credit and financial-strength ratings. At the time, S&P offered specific ERM criteria from a variety of perspectives, one of which was termed strategic risk management (SRM).

The word “strategic” is much used, but implicit in most uses is the act of investment: allocating capital to a given product or line of business that is intended to generate a profitable return. The foundation of corporate investment is the business plan, which frequently contains a detailed description of the proposed investment, as well as pro forma results. Because a pro forma is a forecast and the future could develop unfavorably, some level of risk adjustment to that forecast is necessary. There are a number of ways to accomplish this—one of which is through a model.

Capital models form the bedrock of some ERM functions, and they can be valuable for the insights and measurement capabilities they offer. However, no model can provide a complete picture of the future, and thus no model should be exclusively relied on for either risk adjustment or forecasting. For example, corporate strategists frequently assess business plans using other forms of qualitative and behavioral information that, together with quantitative input, form the basis for strategic decisions. As we define it, SRM effectively does the same thing for risk.

SRM leverages common ERM capabilities around accumulations and modeling analyses, but it extends those analyses by seeking to identify and track the “weak signals” of a developing ambiguous threat that could trigger a concentrated loss. Successfully accomplishing this depends heavily on the efficient use of internal and external forms of quantitative, qualitative and behavioral information. This can be extremely demanding, but such information is necessary to properly risk-adjust strategic decisions.

We note above that the term strategic implies an investment act. In a risk-management context, investment could entail a variety of things, such as:

Finding economical ways to hedge a developing ambiguous threat. For example, prior to the recent financial crisis a number of astute financial observers (including some insurance companies) purchased favorably priced credit-default swaps. These purchases resulted in significant levels of profitability during the crisis—but more importantly, the purchases preserved the integrity of the hedging enterprises during the most severe financial episode since the Great Depression.
Finding efficient methods of preserving the integrity of a business model. For example, and as history has shown, insurance-policy terms and conditions can slip incrementally over the duration of a soft market. Such incremental deviations generate a number of risks—especially if the deviant activity is not reflected in capital/risk models. However, if deteriorating market behavior is identified and tracked early on, then strategists can make product-mix and/or market-position decisions to mitigate deterioration-related risks.
Changes to the business strategy and business plan to take advantage of a perceived future market change which competitors have not yet identified. For example, a small number of insurers that correctly identified an impending financial crisis rapidly exited lines of business such as Directors & Officers, Financial Institutions, Bankers Blanket Bonds, Fidelity Guarantee and, to a lesser extent, Professional Liability.
Pseudo risk-free, high-yielding investments. For example, following the partial nationalization of Royal Bank of Scotland and Lloyds Banking Group in the UK, a number of insurers purchased high-coupon corporate bonds issued by these two UK-government-backed banks because they were effectively risk-free. Conversely, insurers who were concerned about the potential for a major subprime-mortgage event switched out of mortgage-backed securities once they realized that even some “AAA”-rated instruments included tranches of subprime exposures.

Many risk-mitigation solutions entail a blending of risk distribution (e.g., reinsurance/retrocession and hedging) and business-model-related activities. This is an important point, as many risk-management functions have been built around external criteria and thus are documentation-oriented. SRM still requires some level of documentation, of course, given the current regulatory environment. However, the end result is not documentation; rather, it is strategic actions designed to economically and efficiently preserve the integrity of a business model, even under—or especially during—conditions of extreme distress. Successfully doing this over time will go a long way toward facilitating rating-agency and regulatory compliance, which is important in an increasingly regulation-based global economy.

Paul Delbridge also contributed to this article.

Special Reports /

Putting the 'Strategic' in SRM

Related Stories

Recommended For You