While the insurance sector has largely recovered from the economic impact of the financial crisis, the risk management landscape remains forever changed. This is nowhere more evident than in the changing stature, authority and visibility of chief risk officers (CROs) across the industry. The crisis afforded CROs the opportunity to demonstrate their value—an opportunity many seized by helping to de-risk balance sheets and navigate their carriers through the turbulence.
Today, intensifying and constantly changing regulatory, economic and competitive challenges are keeping their skills in high demand. Indeed, there is a pervasive sense across the industry that risk management (and therefore CROs) is becoming more central to nearly all aspects of the business.
The recent release of Ernst & Young's fourth annual survey of insurance CROs highlights the evolution of the role. Survey results confirm that more CROs are reporting directly to the chief executive officer (CEO), serving on the senior management committee, and formally reporting to and having more interaction with the board. They are increasingly being asked to engage more frequently and directly with decision-makers across the business, and on a broader range of issues.
This higher organizational profile is being shaped by several factors. For one, it shows that insurers today see more risks and issues on their radars. More importantly, it seems these risks are more clearly perceived and considered more significant by the highest levels of executive leadership. This may be evidence of CROs' success in clearly identifying such risks and articulating their potential impact on the business. Further, there is growing recognition that CROs bring a forward-looking perspective and a unique set of analytical tools that can help leadership understand the implications of emerging risks.
Increasing regulatory efforts—especially those associated with the Own Risk and Solvency Assessments (ORSA) reports—also bear mention. Because CROs are often responsible for preparing this critical document and presenting and defending it to the board, they have become more visible at the highest levels of the company. CROs are naturally positioned to play leadership roles as new capital standards and other regulatory matters come to the fore.
Priorities shift to the strategic
When asked about their priorities for the next 12 months, survey participants cited a variety of initiatives that touched on many parts of the company and risk-related areas. Their plans included more emphasis on enterprise risk management (ERM), economic capital, regulatory concerns and operational risks; further development of a risk appetite statement; and integration of risk into the business units. The diversity of these answers reflects the "full plate" many CROs face every day, as well as the evolution of their role in the last year.
There is considerably less focus on "playing defense" in terms of immediate risk reduction and ensuring company survival, which were the top post-crisis priorities. Instead, CROs are turning their attention toward the effectiveness of ERM programs and promoting risk-informed decision making more broadly across the business. Further, they are thinking about—and helping others in the business think about—risk as a dimension of business opportunity rather than as an existential threat or strictly a compliance matter. In this sense, they are helping to create "risk cultures."
C-level reporting now a reality
Compared to last year, there has been a dramatic change in the reporting structure for many CROs. The most profound shift is away from direct chief financial officer (CFO) reporting. Equal numbers of CROs now report directly to the CEO. This is perhaps the most tangible evidence of the increasing responsibilities and authority of the CRO and the continuing separation of the CRO position from the CFO position. Taking the historical perspective, participants in the 2010 CRO Pulse Survey predicted that within three to five years the CRO position would be on par with the CFO. That prediction is largely coming true, even if at a more gradual pace than initially expected.
Although continuously evolving, CROs' responsibilities are becoming more consistent across the industry. All respondents indicated that they are responsible for all second-line-of-defense duties: ERM, risk reporting, risk measurement and governance. This full spectrum demonstrates how the CRO agenda has broadened and deepened during the last several years. Similarly, the interrelated nature of these risks requires CROs to aim for more integrated and holistic frameworks for overseeing them.
The answers also highlight how CROs are involved with corporate committees focused on specific types of risks (e.g., market, credit or IT security risks). It's also important to note that, as the second line of defense, CROs have broad oversight or reporting responsibilities, rather than actual accountability for specific risks. One CRO described the role as "oversight for all; ownership for none."
From brake to co-pilot to strategic advisor
There is broad consensus among respondents that the trend toward greater responsibility, authority and presence—especially before the executive management committees and the board—will continue. If the economy weakens or market turbulence returns, the trend is more likely to accelerate.
There is little doubt that the CRO role will also grow in strategic importance, functioning like a senior advisor to the C-suite, as well as to stakeholders and decision makers across the business. In the view of one respondent, the CRO role is becoming more analogous to that of a "co-pilot" to the business, where in the past the CRO role was more like a "brake" on the business.
The strategic expansion of the CRO role places a premium on the unique mix of skills required for success. That's why many firms are looking outside the traditional areas of audit and actuary to identify the right candidates. Risk quantification and economic capital functions, as well as banks and asset management companies, may become sources of tomorrow's insurance CROs.
The significant evolution of the CRO's role seems certain to continue. With significant regulatory shifts and new threats emerging, insurers' ongoing "risk journey" has entered an important new phase, with CROs likely to play important leadership roles as their agendas expand. It is no coincidence that their increased focus on the effectiveness of various ERM efforts has led to both higher organizational profiles and increased value contribution to the business.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.