You are on page 1of 60

“RISK ASSESSMENT IN INSURANCE”.

UNIVERSITY OF MUMBAI

PROJECT REPORT ON

“RISK ASSESSMENT IN INSURANCE”.

T.Y.B.B&I (SEMESTER VI)
ACADEMIC YEAR: 2017-18

SUBMITTED BY
MR. ROHIT VISHWAKARMA
ROLL NO - 60

PROJECT GUIDE
PROF MRS. RIYA RUPANI

N.E.S. RATNAM COLLEGE OF
ARTS, SCIENCE & COMMERCE

PROJECT REPORT ON
“RISK ASSESSMENT IN INSURANCE”.

SUBMITTED
IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE
AWARD OF DEGREE OF
B.COM – BANKING & INSURANCE
BY
MR. ROHIT VISHWAKARMA
ROLL NO – 60

T.Y.BBI (SEMESTER VI)

DECLARATION

I, am Rohit Vishwakarma the student of T.Y.B.COM (Banking & Insurance)

Semester VI (2017-2018) hereby declare that I have completed the project on

“Risk Assessment in Insurance”.

The information submitted in this project is true and original to the best of my
Knowledge.

Mr. Rohit Vishwakarma
Roll no.-60
NES Ratnam college of Arts, Science &
Commerce NES Complex, NHS Marg, Bhandup.

ACKNOWLEDGEMENT

To list who all have helped me is difficult because they are so numerous
& Depth is so enormous.

I would like to acknowledge the following as being idealistic channels
and Fresh dimensions in the completion of this project.

I take this opportunity to thank the University of Mumbai for giving me
Chance to do this project.

I would like to thank my Principal, Dr. (Mrs.) Mary Vimochana for
providing the necessary facilities required for completion of this project.

I take this opportunity to thank our Course Coordinator As well as my
project guider Mrs. Riya Rupani for her Moral support and guidance
made the project successful.

I would like to thanks my college Library, for provided various
reference Books and magazines related to my project.

Lastly, I would like to thanks each and every person who directly or indirectly
helped me in the completion of the project especially my parents And peers
who supported me throughout my project.

CONTENTS Sr No Topic Page numbers 1 What Is Risk? 1-2 2 How Insurance Works? 3-4 3 Introduction To Risk Management 5-6 4 Principles Of Risk Management 7 5 Types Of Risks 8-17 6 Other Risks 18-19 7 Risk Assessment Process 20 8 Steps In The Risk Management Process 21-22 9 What Are The Benefits Of Risk Management To The 23-24 Insurance Company? 10 Potential Risk Treatments 25-28 11 Key Trends In Risk Management 29-30 12 Emerging Areas Of Risk Management 31-32 13 Key Risks Faced By Insurance Sector Globally 33-40 14 Enterprise Risk Management For Insurance Companies 41-52 15 Where Will The Indian Insurance Market Be In 2020? 52-53 16 Conclusion 54 17 Bibliography & Webliography 55 .

• Protecting the environment. Having a clear understanding of all risks allows an organization to measure and prioritize them and take the appropriate actions to reduce losses. property and people are all valuable resources that can be saved if fewer claims occur. assets. . Risk management ensures that an organization identifies and understands the risks to which it is exposed. • Protecting the reputation and public image of the organization. • Protecting people from harm. It makes your organization a better risk to insure. Good risk management doesn’t have to be expensive or time consuming. A risk management plan includes strategies and techniques for recognizing and confronting these threats. both to prevent the harm from occurring and in response to the harm or loss? 3. • Enhancing the ability to prepare for various circumstances. and for which an insurance claim may be submitted. it may be as uncomplicated as answering these three questions: 1. Risk management has other benefits for an organization. having an effective and operational risk management practice shows an insurer that your organization is committed to loss reduction or prevention. • Preventing or reducing legal liability and increasing the stability of operations. • Reducing liabilities. If something happens. including: • Saving resources: Time. how will we pay for it? Risk management provides a clear and structured approach to identifying risks. What will we do. is the possibility of a loss or other adverse event that has the potential to interfere with an organization’s ability to fulfil its mandate. Risk management also guarantees that the organization creates and implements an effective plan to prevent losses or reduce the impact if a loss occurs. An effective risk management practice does not eliminate risks. However.EXECUTIVE SUMMARY Risk. • Assisting in clearly defining insurance needs. in insurance terms. What can go wrong? 2. income.

If the cost of repairs is normally distributed. Modern society provides many examples of risk. Mostly only the downside is mentioned. is the standard deviation of the possible outcomes. A homeowner faces a large potential for variation associated with the possibility of economic loss caused by a house fire. then the probability that the repairs will cost more than 3000 is 31% for the Porsche but only 11% for the Toyota. “the quantifiable likelihood of loss or less-than-expected returns”. used in this study note. a chance of bad consequences. People seek security. However. and so on) in the present and in the future. In a discussion with students taking a course on financial risk management. loss or exposure to mischance”. we might arrive at a definition such as “any event or action that may adversely affect an organization’s ability to achieve its objectives and execute its strategies” or. A larger possible economic risk exists with respect to potential damages a driver might have to pay if he injures a third party in a car accident for which he is responsible. One measure of risk. rarely a possible upside. shelter. In the event of an accident the expected value of repairs for both cars is 2500. For financial risks. 1 . As an example. a Porsche and a Toyota. medical care. the subject of this book. no single one sentence definition is entirely satisfactory in all contexts. An individual with economic security is fairly certain that he can satisfy his needs (food. consequences and uncertainty. consider the cost of a car accident for two different cars. and shelter. A sense of security may be the next basic goal after food. alternatively. the standard deviation for the Porsche is 1000 and the standard deviation for the Toyota is 400. decisions. A driver faces a potential economic loss if his car is damaged. Most economic risk derives from variation from the expected outcome. ingredients which typically enter are events. clothing. Economic risk (which we will refer to simply as risk) is the possibility of losing economic security.WHAT IS RISK? The Concise Oxford Dictionary defines risk as “hazard. But while these capture some of the elements of risk.

Under a formal insurance arrangement. If someone’s barn burned down and a herd of milking cows was destroyed. each Insurance policy purchaser (policyholder) still implicitly pools his risk with all other policyholders. 2 . economic risk was managed through informal agreements within a defined Community. This cooperative (pooling) concept became formalized in the insurance industry. the community would pitch in to rebuild the barn and to provide the farmer with enough cows to replenish the milking stock.Historically. it is no longer necessary for any individual policyholder to know or have any direct connection with any other policyholder. However.

The pool participant is the policyholder. This defined claim payment amount can be a fixed amount or can reimburse all or a part of the loss that occurred. in total. The insurer considers the losses expected for the insurance pool and the potential for variation in order to charge premiums that. Each premium may be adjusted to reflect any 3 special characteristics of the particular policy. Their losses are paid out of the premiums collected from the pool of policyholders. the party agreeing to make the claim payments is the insurance company or the insurer. the entire pool compensates the unfortunate few.HOW INSURANCE WORKS Insurance is an agreement where. will be sufficient to cover all of the projected claim payments for the insurance pool. only a small percentage of policyholders suffer losses. The 3 . one party (the insurer) agrees to pay to the other (the policyholder or his designated beneficiary) a defined amount (the claim payment or benefit) upon the occurrence of a specific loss. The payments that the policyholder makes to the insurer are premiums. the larger the policy pool. Each policyholder exchanges an unknown loss for the payment of a known premium. The premium charged to each of the pool participants is that participant’s share of the total premium for the pool. Thus. for a stipulated payment called the premium. Under the formal arrangement. the more predictable its results. As will be seen in the next section. Normally.

Hazards are conditions that increase the probability or expected magnitude of a loss. the greater the risk. a peril is a potential cause of a loss. Risk. as discussed in Section I. The insurance policy may define specific perils that are covered. For example. Examples include smoking when considering potential healthcare losses. or a California residence when considering earthquake damage. is the variation in potential economic outcomes. and heart attack.insurance contract is the policy. hurricanes. the policyholder transfers the economic risk to the insurance company. It is measured by the variation between possible outcomes and the expected outcome: the greater the standard deviation. In this manner. 4 . theft. The risk of any unanticipated losses is transferred from the policyholder to the insurer who has the right to specify the rules and conditions for participating in the insurance pool. Perils may include fires. or it may cover all perils with certain named exclusions (for example. an insurance contract covers a policyholder for economic loss caused by a peril named in the policy. The policyholder pays a known premium to have the insurer guarantee payment for the unknown loss. The insurer may restrict the particular kinds of losses covered. poor wiring in a house when considering losses due to fires. In summary. loss as a result of war or loss of life due to suicide).

and ISO standards. 5 . financial portfolios. monitor. definitions and goals vary widely according to whether the risk management method is in the context of project management. credit risk. engineering.INTRODUCTION TO RISK ASSESSMENT Risk management is the identification. project failures. actuarial assessments. and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. Methods. accidents. industrial processes. Risks can come from uncertainty in financial markets. whether positive or negative) followed by coordinated and economical application of resources to minimize. actuarial societies. the National Institute of Science and Technology. legal liabilities. assessment. and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives. natural causes and disasters as well as deliberate attacks from an adversary. security. Several risk management standards have been developed including the Project Management Institute. or public health and safety.

avoiding the risk. a knowledge risk materializes. 6 .The strategies to manage risk include transferring the risk to another party. Risk management also faces difficulties in allocating resources. In ideal risk management. brand value. service. reducing the negative effect of the risk. Certain aspects of many of the risk management standards have come under criticism for having no measurable improvement on risk even though the confidence in estimates and decisions increase. profitability. quality. reputation. For example. and accepting some or all of the consequences of a particular risk. Intangible risk management allows risk management to create immediate value from the identification and reduction of risks that reduce productivity. Resources spent on risk management could have been spent on more profitable activities. These risks directly reduce the productivity of knowledge workers. and risks with lower probability of occurrence and lower loss are handled in descending order. when deficient knowledge is applied to a situation. Intangible risk management identifies a new type of a risk that has a 100% probability of occurring but is ignored by the organization due to a lack of identification ability. This is the idea of opportunity cost. In practice the process can be very difficult. decrease cost effectiveness. a prioritization process is followed whereby the risks with the greatest loss and the greatest probability of occurring are handled first. ideal risk management minimizes spending and minimizes the negative effects of risks. and earnings quality. Again. Process engagement risk may be an issue when ineffective operational procedures are applied. and balancing between risks with a high probability of occurrence but lower loss versus a risk with high loss but lower probability of occurrence can often be mishandled. Relationship risk appears when ineffective collaboration occurs.

PRINCIPLES OF RISK MANAGEMENT The International Organization for Standardization (ISO) identifies the following principles of risk management: Risk management should: • Create value • Be an integral part of organizational processes • Be part of decision making • Explicitly address uncertainty • Be systematic and structured • Be based on the best available information • Be tailored • Take into account human factors • Be transparent and inclusive • Be dynamic. iterative and responsive to change • Be capable of continual improvement and enhancement 7 .

reputational risk. As we noted in Table 1.. etc. fire risk. professional people who study risk use several words to designate what others intuitively and popularly known as “risk. Using different terminology to describe different aspects of risk allows risk professionals to reduce any confusion that might arise as they discuss risks. Likewise.g. risk professionals often differentiate between pure risk that features some chance of loss and no chance of gain (e.) and those they refer to as speculative risk.TYPES OF RISK A) Pure versus Speculative Risk Exposures Some people say that Eskimos have a dozen or so words to name or describe snow. depending on the particular aspect of the “consequences of uncertainty” that they wish to consider.3.2. “Roles (Objectives) Underlying the Definition of Risk”. “Examples of Pure versus Speculative Risk Exposures”. 8 . flood risk.). etc. This distinction fits well into Figure 1.” Professionals note several different ideas for risk. Speculative risks feature a chance to either gain or lose (including investment risk. strategic risk.

even if the manufacturer was reasonable in producing it.2. require risk transfers that use capital markets. For example. on the other hand. “Examples of Pure versus Speculative Risk Exposures” are not always a perfect fit into the pure versus speculative risk dichotomy since each exposure might be regarded in alternative ways. The examples provided in Table 1. Product liability refers to the possibility that a manufacturer may be liable for harm caused by use of its product. when evaluating the expected financial returns from the introduction of a new product (which represents speculative risk). Securitization is the packaging and transferring of insurance risks to the capital markets through the issuance of a financial security. The Evolution of Risk Management: Enterprise Risk Management.2. Hedging refers to activities that are taken to reduce or eliminate risks. The left-hand side represents pure risk. the risks can be more clearly categorized. Risk retention is when a firm retains its risk.” Some situations. Firms might prefer to capture up-side return potential at the same time that they mitigate while mitigating the downside loss potential. Some risks can be transferred to a third party—like an insurance company. However. Evolving Risk Management: Fundamental Tools and Chapter 5. for example. In essence it is self- insuring against adverse contingencies out of its own cash flows. Table 1. known as hedging or securitizations. Risk professionals find this distinction useful to differentiate between types of risk.The right-hand side focuses on speculative risk. 9 . We explain such risk retention in Chapter 4. Operational risks. In the business environment. other issues concerning product liability must be considered. “Examples of Pure versus Speculative Risk Exposures” provides examples of the pure versus speculative risks dichotomy as a way to cross classify risks. These third parties can provide a useful “risk management solution. if it is more specifically defined. can be regarded as operations that can cause only loss or operations that can provide also gain.

Examples of Pure versus Speculative Risk Exposures Pure Risk—Loss or No Loss Only Speculative Risk—Possible Gains or Losses Physical damage risk to property (at the enterprise level) Market risks: interest risk. It considers all risks simultaneously and manages risk in a holistic or enterprise-wide (and risk-wide) context. ERM was listed by the Harvard Business Review as one of the key breakthrough areas in their 2004 evaluation of strategic management approaches by top management.3. Table 1. weather damage foreign exchange risk. such as caused by fire. evaluating. the risk manager in businesses is no longer buried in the tranches of the enterprise. which is known as enterprise risk management (ERM). and mitigating all risks confronted by the entity is a key focus. “A Photo of Galveston Island after Hurricane Ike”. As you will see in later chapters.[9] In today’s environment.2. A picture of the enterprise risk map of life insurers is shown later in Figure 1.5. Risk managers are part of the executive team and are essential to achieving the main objectives of the enterprise. stock market risk Liability risk exposure (such as products liability.The simultaneous consideration of pure and speculative risks within the objectives continuum of Figure 1. identifying. ERM is one of today’s key risk management approaches. premise liability. Firms that are evaluated by credit rating organizations such as Moody’s or Standard & Poor’s are required to show their activities in the areas of enterprise risk management. flood. “Roles (Objectives) Underlying the Definition of Risk” is an approach to managing risk. employment practice liability) Reputational risk Innovation or technical obsolescence risk Brand risk Operational risk: mistakes in process or procedure that Credit risk (at the individual cause losses enterprise level) Mortality and morbidity risk at the individual level Product success risk Intellectual property violation risks Public relation risk 10 .

wars. and other pollution. Market for the product risk windstorms Man-made destructive risks: nuclear risks. however. irreversible Population changes destruction of food chains Natural disaster damage: floods. 11 . it could be said that all exposures are personal. sickness. Nationalize health care systems. air. earthquakes. it is common to further explore risks by use of the dichotomy of personal property versus liability exposure risk. unemployment. have a more direct impact on people’s individual lives. political risks Regulatory change risk Mortality and morbidity risk at the societal and global level (as in pandemics.) Accounting risk Longevity risk at the societal level Genetic testing and genetic engineering risk Pure Risk—Loss or No Loss Only Speculative Risk—Possible Gains or Losses Investment risk Research and development risk Within the class of pure risk exposures. or as taxpayers). hazardous-chemical. social security program Political risk exposure. Some risks. Exposure to premature death. etc. stakeholders in corporations. depletion of resources.Environmental risks: water. B) Personal Loss Exposures—Personal Pure Risk Because the financial consequences of all risk exposures are ultimately borne by people (as individuals. population changes.

disability, unemployment, and dependent old age are examples of personal loss
exposures when considered at the individual/personal level. An organization may
also experience loss from these events when such events affect employees. For
example, social support programs and employer-sponsored health or pension plan
costs can be affected by natural or man-made changes. The categorization is often
a matter of perspective. These events may be catastrophic or accidental.

C) Property Loss Exposures—Property Pure Risk
Property owners face the possibility of both direct and indirect (consequential)
losses. If a car is damaged in a collision, the direct loss is the cost of repairs. If a
firm experiences a fire in the warehouse, the direct cost is the cost of rebuilding
and replacing inventory. Consequential or indirect losses are nonphysical losses
such as loss of business. For example, a firm losing its clients because of street
closure would be a consequential loss. Such losses include the time and effort
required to arrange for repairs, the loss of use of the car or warehouse while
repairs are being made, and the additional cost of replacement facilities or lost
productivity. Property loss exposures are associated with both real property such
as buildings and personal property such as automobiles and the contents of a
building. A property is exposed to losses because of accidents or catastrophes
such as floods or hurricanes.

D) Liability Loss Exposures—Liability Pure Risk
The legal system is designed to mitigate risks and is not intended to create new
risks. However, it has the power of transferring the risk from your shoulders to
mine. Under most legal systems, a party can be held responsible for the financial
consequences of causing damage to others. One is exposed to the possibility of
liability loss (loss caused by a third party who is considered at fault) by having to
defend against a lawsuit when he or she has in some way hurt other people. The
responsible party may become legally obligated to pay for injury to persons or
damage to property. Liability risk may occur because of catastrophic loss
exposure or because of accidental loss exposure. Product liability is an illustrative
example: a firm is responsible for compensating persons injured by supplying a
defective product, which causes damage to an individual or another firm.

12

E) Catastrophic Loss Exposure and Fundamental or Systemic
Pure Risk
Catastrophic risk is a concentration of strong, positively correlated risk exposures,
such as many homes in the same location. A loss that is catastrophic and includes
a large number of exposures in a single location is considered a no accidental risk.
All homes in the path will be damaged or destroyed when a flood occurs. As such
the flood impacts a large number of exposures, and as such, all these exposures
are subject to what is called a fundamental risk. Generally these types of risks are
too pervasive to be undertaken by insurers and affect the whole economy as
opposed to accidental risk for an individual. Too many people or properties may
be hurt or damaged in one location at once (and the insurer needs to worry about
its own solvency). Hurricanes in Florida and the southern and eastern shores of
the United States, floods in the Midwestern states, earthquakes in the western
states, and terrorism attacks are the types of loss exposures that are associated
with fundamental risk. Fundamental risks are generally systemic and no
diversifiable.

Accidental Loss Exposure and Particular Pure Risk

Many pure risks arise due to accidental causes of loss, not due to man-made or
intentional ones (such as making a bad investment). As opposed to fundamental
losses, non-catastrophic accidental losses, such as those caused by fires, are
considered particular risks. Often, when the potential losses are reasonably
bounded, a risk-transfer mechanism, such as insurance, can be used to handle the
financial consequences.

In summary, exposures are units that are exposed to possible losses. They can be
people, businesses, properties, and nations that are at risk of experiencing losses.
The term “exposures” is used to include all units subject to some potential loss.

Another possible categorization of exposures is as follows:

13

Risks of nature
Risks related to human nature (theft, burglary, embezzlement, fraud)

Man-made risks

Risks associated with data and knowledge.

Risks associated with the legal system (liability)—it does not create the risks but
it may shift them to your arena.

Risks related to large systems: governments, armies, large business organizations,
political groups.

Intellectual property
Pure and speculative risks are not the only way one might dichotomize risks.
Another breakdown is between catastrophic risks, such as flood and hurricanes,
as opposed to accidental losses such as those caused by accidents such as fires.
Another differentiation is by systemic or non-diversifiable risks, as opposed to
idiosyncratic or diversifiable risks; this is explained below.

F) Diversifiable and Non diversifiable Risks
As noted above, another important dichotomy risk professionals use is between
diversifiable and non-diversifiable risk. Diversifiable risks are those that can have
their adverse consequences mitigated simply by having a well-diversified
portfolio of risk exposures. For example, having some factories located in non-
earthquake areas or hotels placed in numerous locations in the United States
diversifies the risk. If one property is damaged, the others are not subject to the
same geographical phenomenon causing the risks. A large number of relatively
homogeneous independent exposure units pooled together in a portfolio can make
the average, or per exposure, unit loss much more predictable, and since these
exposure units are independent of each other, the per-unit consequences of the
risk can then be significantly reduced, sometimes to the point of being ignorable.
These will be further explored in a later chapter about the tools to mitigate risks.
Diversification is the core of the modern portfolio theory in finance and in
insurance. Risks, which are idiosyncratic (with particular characteristics that are
not shared by all) in nature, are often viewed as being amenable to having their

14

Many of them are self- explanatory. As the events of September 2008 have shown. These risks have shown they have the ability to come back to bite (and poison) the entire enterprise and others associated with them.3. “Examples of Risk Exposures by the Diversifiable and Non diversifiable Categories” provides examples of risk exposures by the categories of diversifiable and non-diversifiable risk exposures.3. on the other hand. For example.3.financial consequences reduced or eliminated by holding a well-diversified portfolio. are considered non diversifiable. such as devaluation of the dollar is systemic risk for all firms in the export or import businesses In Table 1. The examples are not complete and the student is invited to add as many examples as desired. Systemic risks that are shared by all. The negative effect does not go away by having more elements in the portfolio. Destroying one’s reputation is not a systemic risk in the economy or the market-place. Examples of Risk Exposures by the Diversifiable and Non diversifiable Categories Diversifiable Risk— Non diversifiable Risks—Systemic Risk Idiosyncratic Risk • Reputational risk • Market risk • Brand risk • Regulatory risk 15 . This will be discussed in detail below and in later chapters. contrary to some interpretations of financial theory. or movements of the entire economy such as that precipitated by the credit crisis of fall 2008. Every asset or exposure in the portfolio is affected. the idiosyncratic risks of some banks could not always be diversified away. Table 1. such as global warming. but the most important distinction is whether the risk is unique or idiosyncratic to a firm or not. On the other hand. market risk. Table 1. the reputation of a firm is unique to the firm. The field of risk management deals with both diversifiable and non- diversifiable risks. “Examples of Risk Exposures by the Diversifiable and Non diversifiable Categories” we provide examples of risks by these categories.

“Life Insurers’ Enterprise Risks” 16 . • Accounting risk flood. premise liability.• Credit risk (at the individual enterprise level) • Environmental risk • Product risk • Political risk • Legal risk • Inflation and recession risk • Physical damage risk (at the enterprise level) such as fire. etc. • Longevity risk at the societal level employment practice liability) • Innovation or technical • Mortality and morbidity risk at the societal and obsolesce risk global Level (pandemics. the opportunities in the risks and the fear of losses encompass the holistic risk or the enterprise risk of an entity. weather damage • Liability risk (products liability.) • Operational risk • Strategic risk • Longevity risk at the individual level Diversifiable Risk— Non diversifiable Risks—Systemic Risk Idiosyncratic Risk • Mortality and morbidity risk at the individual level G) Enterprise Risks As discussed above. nationalize health care systems. The following is an example of the enterprise risks of life insurers in a map in Figure 1.6. social security program exposure.

the enterprise risk map of life insurers is offered here as an example. environmental risks. they usually include a long list of risks from employment risks to the operations of hardware and software for information systems Figure 1.4. Because operational risks are so important. “Risk Balls”. and several others not detailed in the map in Figure 1. Life Insurers’ Enterprise Risks 17 . Operational risks include public relations risks.Since enterprise risk management is a key current concept today.6.

• Market risk – the risk of an adverse movement in the market value of assets not matched by an equal and offsetting reduction in the market value of liabilities. • Liquidity risk – the risk of insufficient liquidity to meet obligations when required. Choose to invest policyholders’ money in ways that do not match policy obligations. the most significant risk is the credit risk stemming from banks’ lending activities. • Credit risk – the risk of default by obligors. while others may mismatch on a large scale and in doing so introduce substantial market risk. and • Realization risk – where asset values are dependent on the continuing operation of the business. Some insurers do not mismatch at all. These risks are common to other types of financial institution also. In the insurance sector. different sectors of the financial system need to focus on those risks that are most important for them. counterparties or reinsurers. the characteristic asset risk is market risk.Of course. These risks include: • Concentration risk – arising from inadequate diversification (or excessive exposure to a particular asset or obligor).OTHER RISK A) ASSET RISK Both life and general insurers hold investments to support their policy liabilities and capital and are subject to a range of asset risks. The extent of this mismatching behaviour differs across insurers. focusing only on those risks that are 18 . The liquidity risk that flows from banks’ deposit-taking business is also important. While each of these risks requires management. and often do. The ‘resilience’ of an insurer in the face of market risk can be usefully examined with the help of a simple model . In banking. This is because insurers can.

the banking sector is now sharpening its focus on the risks involved in other areas such as trading. As with insurance and asset risks. systems failure. • Errors in effecting reinsurance. • High rates of policy attrition. B) Operational Risk Like any business. both good management and capital are needed to cope with risks such as these. and fraud. • Unsound product design. • Ill-disciplined investment activity. • Unanticipated expense overruns. • Errors in premiums or unit prices. For this reason. as insurers become more involved in lending.characteristic of a given industry is unwise. Similarly. the insurance sector will need to improve its credit risk management practices. and more exposed to counterparty risks in their use of derivatives for asset management. 19 . such as the level of expenses or the rate of policy attrition). mainly operational in nature (or else arising through the premium rating process which requires assumptions to be made about operational matters. These risks include: • Mistakes in promotional material or poor sales practices. insurance companies face a number of other risks.

3. 10. 20 . Calculate values of assets and resources. Identify total assets and resources of organizations. 13. 6. Support proactive risk and loss control Risk Control programs. Provide maximum incentive for participation in risk control program. 11. 7. Project and communicate future losses and potential risk. 14. 4. Monitor effectiveness of risk control activities. Finance risk. Adopt a clearly defined risk Administration management structure. 8. taking advantage of all Risk Financing available financial resources. Identify major exposures to loss. 5. Maintain sound communications with all affected levels of management. Measure current risk. Create and sustain management commitment to risk management.RISK ASSESSMENT PROCESS AND GUIDING PRINCIPLES Four Elements of Risk Guiding Principles the Management Process 1. Risk Assessment 2. 12. Maintain appropriate catastrophe protection. 9. Develop clearly targeted annual objectives.

2) Identifying exposures to loss. the risk management process typically includes six steps. and Richard Mr. Arthur Williams Jr. and 6) Monitoring the results. These steps are 1) Determining the objectives of the organization. 3) Measuring those same exposures. Heins in their book Risk Management and Insurance. 5) Implementing a solution. 21 .STEPS IN THE RISK MANAGEMENT PROCESS According to C. 4) Selecting alternatives.

Nation's Business outlined some easy risk management tools for small businesses: maintain a high quality of work. the insurance option is usually chosen when the other options for managing risk do not provide sufficient protection. for example by installing fire sprinklers. Earthquake may be identified as a potential exposure to loss. via such methods as employee safety training. A final risk management tool is self-retention of risks— sometimes referred to as "self- insurance. or transferring the risks. and familiarity with. involves a regular review of the company's risk management tools to determine if they have obtained the desired result or if they require modification. employee disability. including avoiding. As another example. various types of insurance policies is a necessary part of the risk management process. for example. or a variety of other risks. The most common example of risk transference is insurance.The primary objective of an organization—growth. for example—will determine its strategy for managing various risks." Companies that choose this option set up a special account or fund to be used in the event of a loss. involves taking steps to reduce the probability or the severity of a loss. Identification and measurement of risks are relatively straightforward concepts. involves taking steps to prevent a loss from occurring. assuming. or loss reduction. which allows a company to pay a small monthly premium in exchange for protection against automobile accidents. or loss prevention. Awareness of. a pharmaceutical company may decide not to market a drug because of the potential liability. Any combination of these risk management tools may be applied in the fifth step of the process. Assuming risks simply means accepting the possibility that a loss may occur and being prepared to pay the consequences. Because of its costs. monitoring. Businesses have several alternatives for the management of risk. reducing. 22 . Transferring risk refers to the practice of placing responsibility for a loss on another party via a contract. Avoiding risks. Reducing risks. theft or destruction of property. but if the exposed facility is in New York the probability of earthquake is slight and it will have a low priority as a risk to be managed. implementation. The final step. train employees well and maintain equipment properly. install strong locks.

The higher the risk. A) Fair Premium With solid risk management procedures. The purpose of an insurance company is to determine the probabilities of risk and to design a premium structure ensuring that the company has a high chance of profiting in the future. This protects the insurance company from insolvency. Insurance companies write contracts and uphold them. if the insurance company knows the probability that a male of a certain age who smokes has a certain likelihood of contracting a lethal cancer. back up computer data often.smoke detectors. The charge reflects the risk of insurance. In addition. Insurance companies live and die by prudent risk management. For example. The more precise the risk model. an insurance company can determine how high of a premium to certain customers charge during a particular period. asset classes. keep the office clean and free of hazards. the larger the premium. and fire extinguishers. An insurance company builds its reputation on a long record of paying just claims. the better an insurance company can serve its customers and derive profit. companies. Miscalculations in risk management models can lead 23 . and store records securely offsite. and increases the chances that healthier insurance customers can afford the premiums. that company knows it should charge a higher premium to the insured person. B) Long Term Solvency The nature of the insurance business is such that small errors in a risk management model can lead to long-term insolvency. and other tasks. and vice versa. What Are the Benefits of Risk Management to the Insurance Company? Insurance companies are in the business of managing risk. insurance companies need to differentiate risks posed by different individuals.

24 . This increases the insurance pool. The virtuous cycle in the insurance business occurs when a risk management system is accurate. because the insurance company is likely to make a profit on the vast majority of customers. the lower the premiums. the more people signed up for an insurance program. C) Lower Costs When an insurance company has a more competitive risk management methodology relative to its competitors. It's important for companies to use accurate data to determine their models and assure they stay in business over the long run. improving the level of capitalization for the firm. it can afford to lower the costs of coverage.to severe losses at an insurance company over an extended period. In general.

Defence Acquisition University. Accept. from the US Department of Defence. or Transfer. for Avoid. This use of the ACAT acronym is reminiscent of 25 .POTENTIAL RISK TREATMENTS Once risks have been identified and assessed.outsource or insure) • Retention (accept and budget) Ideal use of these strategies may not be possible. calls these categories ACAT.mitigate) • Sharing (transfer . Control. withdraw from or not become involved) • Reduction (optimize . all techniques to manage the risk fall into one or more of these four major categories • Avoidance (eliminate. Another source. Some of them may involve trade- offs that are not acceptable to the organization or person making the risk management decisions.

B) Risk reduction Risk reduction or "optimization" involves reducing the severity of the loss or the likelihood of the loss from occurring. Avoidance may seem the answer to all risks. and between risk reduction and effort applied. Another would be not flying in order not to take the risk that the airplane were to be hijacked. If this takes too long. Hazard Prevention . Halon fire suppression systems may mitigate that risk. but the cost may be prohibitive as a strategy. it can optimise risk to achieve levels of residual risk that are tolerable. 26 . For example. The first and most effective stage of hazard prevention is the elimination of hazards. By an offshore drilling contractor effectively applying HSE Management in its organisation. but avoiding risks also means losing out on the potential gain that accepting (retaining) the risk may have allowed. in which Risk Management figures prominently in decision making and planning.Hazard prevention refers to the prevention of risks in an emergency. Acknowledging that risks can be positive or negative. the second stage is mitigation. optimizing risks means finding a balance between negative risk and the benefit of the operation or activity. Modern software development methodologies reduce risk by developing and delivering software incrementally. software projects can limit effort wasted to a single iteration.another ACAT (for Acquisition Category) used in US Defence industry procurements. A) Risk avoidance This includes not performing an activity that could carry risk. By developing in iterations. is too costly. or is otherwise impractical. sprinklers are designed to put out a fire to reduce the risk of loss by fire. Early methodologies suffered from the fact that they only delivered software in the final phase of development. An example would be not buying a property or business in order to not take on the legal liability that comes with it. any problems encountered in earlier phases meant costly rework and often jeopardized the whole project. Not entering a business to avoid the risk of loss also avoids the possibility of earning profits. This method may cause a greater loss by water damage and therefore may not be suitable.

" The term of 'risk transfer' is often used in place of risk sharing in the mistaken belief that you can transfer a risk to a third party through insurance or outsourcing. or customer support needs to another company. D) Risk retention Involves accepting the loss. the manufacturing of hard goods. the company can concentrate more on business development without having to worry as much about the manufacturing process. and the measures to reduce a risk. the original risk is likely to still revert to the first party. from a risk. from a risk when it occurs.[11] For example. or finding a physical location for a call centre." However.Outsourcing could be an example of risk reduction if the outsourcer can demonstrate higher capability at managing or reducing risks. For example. or benefit of gain. Risk retention pools are technically retaining the risk for the group. In practice if the insurance company or contractor go bankrupt or end up in court. Some ways of managing risk fall into multiple categories. the buyer of the contract generally retains legal responsibility for the losses "transferred". but spreading it over the whole group involves transfer among individual members of the group. a company may outsource only its software development. This is different from traditional insurance. in that no premium is exchanged between members of the group up front. but instead losses are assessed to all members of the group. Risk retention is a viable strategy for small 27 . technically speaking. As such in the terminology of practitioners and scholars alike. managing the development team. The insurance policy simply provides that if an accident (the event) occurs involving the policy holder then some compensation may be payable to the policy holder that is commensurate to the suffering/damage. The risk still lies with the policy holder namely the person who has been in the accident. C) Risk sharing Briefly defined as "sharing with another party the burden of loss or the benefit of gain. True self-insurance falls in this category. meaning that insurance may be described more accurately as a post-event compensatory mechanism. while handling the business management itself. a personal injuries insurance policy does not transfer the risk of a car accident to the insurance company. This way. the purchase of an insurance contract is often described as a "transfer of risk.

risks where the cost of insuring against the risk would be greater over time than the total losses sustained. Also any amounts of potential loss (risk) over the amount insured is retained risk. All risks that are not avoided or transferred are retained by default. This may also be acceptable if the chance of a very large loss is small or if the cost to insure for greater coverage amounts is so great it would hinder the goals of the organization too much. 28 . This includes risks that are so large or catastrophic that they either cannot be insured against or the premiums would be infeasible. War is an example since most property and risks are not insured against war. so the loss attributed by war is retained by the insured.

corporate risk managers began concentrating more on ensuring their companies' compliance with federal environmental regulations during the 1990s. risk managers started to assess environmental risks such as those associated with pollution. As RIMS predicted. predicts that the key areas for risk management in the 21st century will be operations management. 29 . and environmental liability in order to help companies bolster profitability and competitiveness. and windstorms in the future. Risk managers on the buying side. waste management. Risk Management indicated that there were five times as many natural disasters in the 1990s as the 1960s and that insurers paid 15 times what they paid in the 1960s. floods. and ethics. Buyers and sellers both use risk managers to identify and control risks. More and more companies called on risk managers to assess the risks involved in these mergers and to join their merger and acquisition teams. The trend towards mergers in the 1990s also affected risk management. which caused 12. For instance. there were a record 600 catastrophes worldwide in 1996. RIMS also believes more small. environmental risks.KEY TRENDS IN RISK MANAGEMENT The Risk and Insurance Management Society (RIMS). the primary trade group for risk managers. which they believe will lead to more and fiercer crop damage. stricter environmental regulations also prompted companies to have risk managers review their compliance with environmental policies to avoid any penalties for failing to comply. Furthermore. Some experts attribute the increase in natural disasters to global warming.and medium-size companies will focus on risk management and will hire risk managers or assign risk management tasks to treasurers or CFOs. In addition. According to Risk Management.000 deaths and $9 billion in losses from insurance. droughts.

and other aspects that could result in losses. providing risk managers with a new tool for preventing and controlling risks. A final trend in risk management has been the advent of non-traditional insurance policies.for instance. such as natural disasters or economic problems in other parts of the world. These insurance policies cover financial risks such as corporate profits and currency fluctuation. they guarantee profits for companies operating in international markets. 30 . insurance policies. preventing losses if a currency appreciates or depreciates. After that. review a selling company's expenditures. such policies ensure a level of profit even if a company experiences unexpected losses from circumstances beyond its control. loss experience. Consequently. they develop a plan for preventing or controlling the risks they identify. In addition.

tighter environmental regulations also goaded businesses to have risk managers check their compliance with environmental policies to prevent possible penalties for noncompliance. risk managers became a more integral part of company merger and acquisition teams. According to the Risk and Insurance Management Society (RIMS). environmental risks. Risk managers also suggest methods for preventing or controlling the risks they find. 31 . even when a company experiences unforeseen losses from circumstances it cannot control (e. risk managers examine a selling company's expenditures. new areas of risk management began to emerge that provide managers with more options to protect their companies against new kinds of exposures. and other areas that indicate a company's potential risks. Moreover. and ethics. natural disasters or economic downturns). Companies also have the option of obtaining new kinds of insurance policies to control risks.. Risk managers can also help alleviate losses resulting from mergers. and environmental liability to help make their companies more profitable and competitive. Stemming from the wave of mergers in the 1990s. Both parties in these transactions rely on risk management services to determine and control or prevent risks. risk managers began to assess environmental risk such as those arising from pollution.EMERGING AREAS OF RISK MANAGEMENT In the 1990s. risk managers of corporations started focusing more on verifying their companies' compliance with federal environmental regulations in the 1990s. the main trade organization for the risk management profession.g. which managers and risk managers can take into consideration when determining the best methods for covering potential risks. loss history. waste management. Furthermore. these non-traditional policies ensure profits for companies doing business in international markets. and hence they help prevent losses from fluctuations in a currency's value. On the buying side. among the emerging areas for risk management were operations management. Hence. According to Risk Management. these policies in effect guarantee a minimum level of profits. insurance policies. These non-traditional insurance policies provide coverage of financial risks associated with corporate profits and currency fluctuation. As forecast by RIMS.

32 .Finally. Business managers need to be aware of the various risks involved in electronic communication and commerce and include Internet security among their risk management activities. and advertising products and services has offered companies many advantages. The importance of online business activities in maintaining relationships with customers and suppliers. but also exposed them to new security risks and liability issues. risk managers have been called upon to help businesses manage the risks associated with increased reliance on the Internet. communicating with employees.

I joined the FSA in July. there are still many short and longer-term prudential risks facing firms in this sector. the macroeconomic changes affected insurers in different ways. As Jon Pain highlighted in his earlier speech. Because although the economic environment is more benign than this time last year. Director. which will affect capital and solvency positions for some time to come. The most marked difference being between the impact on the life sector. I will return to this longer term picture later. cushioning the impact of investment and underwriting losses. many UK businesses will find it difficult to ever return to the levels of income and profitability enjoyed before the crisis. but we’re not necessarily out of the woods yet. This has eased the immediate pressure. and since then the FTSE has risen by about 34% and bond spreads are making their way back to pre-crisis levels. And even though we are now recovering. where capital levels came under pressure and the non-life sector. As we travelled down the curve. there is still uncertainty around the shape and pace of that recovery. While our central scenario is one of steady recovery. But this is only half of the story.KEY RISK FACED BY INSURANCE SECTOR GLOBALLY 18 March 2010 (Speech by Ken Hogg. where reserve releases continued to support results. 33 . Insurance Sector. without a change in firms’ strategies and plans. this economic crisis has left behind a hangover for both parts of the sector. FSA Insurance Sector Conference)  Capital and solvency The first risks I want to highlight today relate to capital and solvency. when combined with the regulatory developments coming this way in the next few years.

34 . Although most have already strengthened assumptions in this area. Conditions can change very quickly and being slow to realise what’s happening and slow to respond could make a big difference to both the capital conserving options available and the opportunity cost – to shareholders and policyholders – of taking those actions. The report is a positive step and gives the European Commission a good basis on which to put forward proposals that will ensure future retirees receive a fair deal. the greatest challenges have been for those most exposed to falls in asset values.  Life insurers In the life sector. it’s about monitoring your solvency position. The recent industry/CEIOPS joint task-force report on this thorny question suggests it should be possible to find prudentially sound approaches to incorporating an allowance for illiquidity into the Solvency II framework. And what might that look like? Firstly. Although some of these pressures have now eased. regular and on-going stress testing is an important part of planning ahead. And while not related to economic conditions. in the event of a further economic decline. and ensure they are appropriately matched by duration. Under Solvency II. So a key priority is to pay careful attention to capital management and planning. In other words – annuity providers and with-profits firms. it is also important that annuity providers continue to keep pace with changes in life expectancy. widening bond spreads and low interest rates. some of these firms may find it difficult to take actions to further conserve or raise additional capital. you need to exercise care in the valuation of assets and liabilities. Secondly. a key issue is the extent to which annuity writers are able to reflect the illiquid nature of their liabilities in their valuation. Annuity providers in particular remain exposed to renewed widening of bond spreads. with a particular focus on the risk of a further downturn in the economy. we expect that you will need to continue to do so. As Jon mentioned earlier.

Pressure on corporate clients to drive down costs and squeeze out margins could increase their risks. pricing and underwriting? Secondly. Capital management and capital planning are key to restoring the sector’s strength and for preparation to withstand any further economic shocks. in raising additional capital. the long-term structural changes to the economy arising from the financial crisis may fundamentally alter the characteristics of risks insured by the industry. We’ve already seen examples in some insurers and intermediaries of how leveraged transactions have put pressure on cash flows. but the prolonged recession and the slow and uncertain recovery have increased the prudential risks in this sector. which could in turn lead to a pick-up in insurance claims across commercial lines. insurers considering innovative ways of leveraging capital need to ensure that there is genuine risk transfer and that Mergers and Acquisitions (M&A) transactions financed through debt don’t diminish the overall quality of capital.Thirdly. prudential challenges continue to loom large for 2010. And finally. particularly in stressed conditions. Given that pricing decisions rely on backward-looking data. This happens for a number of reasons: • Increases in fraudulent claims by policyholders in financial difficulties. guarantees and options must be appropriately valued and your stress and scenario testing needs to show to what extent they remain affordable as economic conditions change. how are you going to take account of the changes to the trading environment in making future decisions on reserving. • An increase in social crime leading to higher claims on property-related insurance. an economic downturn also tends to have an impact on people’s propensity to claim. size and type of claims. So for the life sector as a whole. from business interruption to product and employers’ liability. Firstly.  General insurers The impact of the financial crisis on the general insurance sector was less immediate and less significant. with increases in the number. or 35 . and we do not want to see this replayed across the sector.

Recent years have seen record reserve releases. So while the journey into recession was less risky for the General Insurance (GI) sector. and firms need to be vigilant against the temptation to under-price new business to remain competitive. the third risk I want to highlight is the re-emerging issue of reserving adequacy. further sizeable movements in exchange rates remain a risk to profitability and capital. combined with lower investment returns across the asset classes. but this is likely to be unsustainable in the claims environment I’ve just described coupled with lower investment returns and competitive pressures on price. they should ensure they are monitoring trends and building this into decisions on reserving. In this context then. And finally. Firms should take care not to underplay this risk. Any firm with a significant currency mis-match either on its balance sheet or its P&L must continue to be prepared for the possibility of major shifts in either direction – especially given the uncertain macroeconomic conditions. 36 . Any loss of pricing discipline in this kind of environment could quickly eat into capital. will require firms to focus more on underwriting for profit. • Decisions by commercial customers to self-finance fewer insured events. A more limited scope for reserve releasing. some significant hangover effects remain.

There are bigger risks associated with inadequate engagement than with managing through the uncertainty. 37 . Solvency II will require greater disclosure and transparency. as important as all these prudential risks are. together with additional and more frequent reporting. but the new directive goes much further. Although there are some material technical issues that are not yet finalised. and especially so for groups that operate in multiple countries. As Jon mentioned. The Individual Capital Adequacy Standards regime in the UK is a strong foundation on which to make the transition to Solvency II. The requirements for delivering and demonstrating the standards of risk management and governance will be challenging.  Solvency II But of course. the single biggest prudential challenge for all firms in the insurance sector is Solvency II. firms should not be waiting for these to be resolved. Solvency II will radically alter the capital adequacy regime for the European insurance industry.

the savings rate is up from -0.That’s all I want to say on Solvency II for now.  Insurance intermediaries My final comments on risks to capital and solvency concern intermediaries operating in the insurance markets. the availability and cost of refinancing maturing debt. which is also exacerbated by market conditions. At the same time. but one we are now more concerned about given the continuing challenges in the economic environment. We published a Dear CEO letter about this risk last month and later today it will be the subject of a panel discussion. There is a risk that some firms in this sector don’t have a realistic assessment of the amount of financial resources required to run their business and that as a result some firms are not meeting our threshold condition requirements.6% at the 38 . Across many parts of the life sector. pose a real challenge to the future viability of this business model. Another source of risk in this sector. and goodwill write-downs. This is a chance for us to discuss and debate what material challenges remain and what the FSA and you can do to ensure we manage this risk. In the life sector. UK new business levels were down for the major groups in 2009 and cash outflows from the existing book continue to exceed new inflows. This is an ongoing issue in this sector. because after the coffee break there is a panel session on how far the UK has come in preparing for Solvency II and how much there is still left to do.  Consumers The second set of risks I want to highlight today are to do with consumers.7% at the start of 2008 to 8. the financial crisis and the following recession appear to have reduced consumer demand for insurance products. In the current environment increased risks abound: servicing debt or interest payments. is the reliance of the broker business model on growth through acquisitions financed through debt.

but these risks are particularly relevant today. In the non-life sector there is also evidence to show consumers are becoming more willing to drop incidental or non-compulsory insurance cover in order to save money. a tougher taxation environment also appears inevitable. which may bring with it a change in the UK’s regulatory approach. last is most definitely not least. the drop in economic activity in areas like construction and shipping has left the same number of firms chasing less business. Never is a discussion on risk complete without a section on regulatory risk. pension reform under the guise of the government’s National Employment Savings Trust (NEST) and Solvency II – you could be forgiven for thinking the Mayan ‘end of an era’ predictions were made in relation to the UK life sector rather than the ending of an astrological cycle. With a significant number of policy initiatives converging in 2012 – the Retail Distribution Review (RDR). As Jon outlined this morning. You don’t need me to tell you that the combination of all of these changes and all this uncertainty. But for the life sector in 39 . Oh and there’s always the small matter of a potential change in government. a review of the Insurance Mediation Directive. On this occasion. make for extremely challenging times at the moment. You can also look forward to taxation changes necessitated by Solvency II.  2012 and beyond The final risks I want to mention today are those associated with the level of change and uncertainty in the regulatory environment. together with the uncertainty in the macroeconomic outlook. So although people are saving more. And whichever political party wins the day. which means a number of changes.end of Q3 last year. you’re also on the receiving end of intensive supervision. And it doesn’t end there. And for intermediaries competing for commercial business. not least in terms of the kind of stress testing we expect of you. ABI data from research carried out in June 2009 suggested that 22% of consumers surveyed had stopped taking out home contents insurance and 17% had stopped taking out buildings insurance. there is not much evidence that savings are flowing into the insurance sector. and European Commission proposals on packaged retail investment products.

And this will lead. The agents of change are the 2012 trio of RDR. Solvency II invites a much closer relationship between the kind of business a firm does and how much capital it holds. they give rise to a significant question over the sustainability of certain business models. Each of these initiatives has very good reasons for being and presents a wealth of opportunity as well as risk. in some cases. Ask yourself if your strategy remains fit for purpose among all this change.particular. Potentially leading to changes in consumer behaviour and preferences. NEST and Solvency II. you’ll need to undertake regular and challenging reassessments of your strategy and the adequacy of your resources to deliver that strategy. Both the RDR and NEST will change the deal between consumers and the industry. We’ll be doing some analysis of our own of what the world might look like for the life sector in 2012 and beyond. and changes in the kinds of products and markets attractive to firms. And if you’ve chosen to attend ‘The future of life insurance’ panel after lunch you will have the chance to share your views on the issue. In order to rise to these challenges and keep your business viable. to certain types of business being more expensive to write than under the existing regime. re-evaluate. If not. 40 . But of course it is the risks that I am focused on today.

ensuring an adequate underwriting infrastructure to measure and manage exposures. and ensuring adequate data for quantifying risk accumulations and measuring diversification. It covers risk issues such as mitigating unintended concentrations. Minimizing unintended underwriting risk and the risk to the enterprise from unintended risk accumulations is generally a 41 . The underwriting process itself is not addressed as that subject is amply covered in underwriting texts. Risks in Underwriting Individual accounts A non-life insurance company is in the business of assuming risk from individuals and businesses. evaluating correlations between risks. Underwriting is the discipline of understanding and evaluating which risks to intentionally assume.ENTERPRISE RISK MANGEMENT FOR INSURANCE COMPANY Risk in Non-life Insurance Underwriting Introduction This chapter addresses the risks inherent in non-life underwriting from the perspective of the Risk Officer.

and clash risks. In cases where risks are correlated with one another. the skills and experience required to analyse the risk. An underwriting infrastructure also needs to be in place to allow for the meaningful capture of data on the risks underwritten. as well as effective auditing to ensure compliance with delegated authorities. Concentration risk arises from systemic risks. Adherence to filed rates.responsibility shared between Underwriting and Risk Management (“RM”). regulations. This is necessary to monitor concentrations. Concentration risk arises in multiple forms and is the area where RM generally has the greatest involvement. and so forth. statutes. Underwriting authority needs to be granted based on skills and experience and not on managerial hierarchical level. 42 . meet any regulatory reporting requirements and have the ability to manage the underwriting of individual accounts to remain within agreed limits on aggregate concentrations. forms and similar measures is intended to reduce the opportunity for money laundering. and to ensure that customers are treated fairly. both disciplines are critical. stacking risk. and the ability and incentive to design coverage and price the account properly. By this we mean that the likelihood of a claim occurring is not impacted by the fact that another claim has occurred. The underwriting function needs to ensure that a robust infrastructure is in place so when individual accounts are underwritten the underwriter has: adequate information on the risk. filings and so forth are rigorously followed. A particular form of systemic risk comes from natural and man-made catastrophic exposure. The underwriting infrastructure also needs to provide training and oversight such that applicable laws. such that the exposures can be reasonably known and understood. the (re)insurer must be cognizant of potential concentration risk. in order to minimize opportunities for “rogue” activities. terrorism funding. Concentration Risk from Insurance Activities The insurance and reinsurance mechanisms work most effectively when dealing with risks that are not correlated with one another. Referral authorities need to be in place.

lines of business and policy years. Procedures such as a name and location clearance system are typical ways to prevent such an unintended accumulation. Here the risk arises. A current risk with potential systemic impact is nanotechnology. Critical from a RM perspective is the ability to monitor accumulations across lines of business and locations and to intervene when aggregate limit boundaries are breached. Underwriting and RM need to determine the economic risks. the likely effectiveness of coverage restrictions in policy wordings. Mitigation actions might include simply abstaining from additional underwriting commitments (or no renewing existing commitments upon expiry) or purchasing additional treaty or facultative reinsurance for peak exposures.. which lines of business might be exposed to loss (i. The critical element is having the infrastructure to identify unintended accumulations across multiple business units and all lines of business. Reasonable foresee ability and a large dose of common sense. workers compensation). Monitoring and managing risk accumulations requires detailed data (see below). 43 . products liability.e. Asbestos is the classic example of a systemic risk affecting multiple industries and policyholders. affecting one or more industry segments rather than a single risk. Exposure to systemic risk arises from both natural and man-made catastrophic events. Stacking is another aspect of concentration risk. This could lead to a higher than intended aggregate loss.Systemic risk is the accumulation of losses triggered by a single event or cause. Stacking refers to the accumulation of net (after reinsurance) retentions within the same line of business on the same insured. RM and Underwriting need to ensure processes are in place to identify similar potential risks and to monitor and effectively control accumulations. for example. together with an effective name clearance system and an agreed exposure limit are the keys for Underwriting and RM in managing these exposures. Clash is a similar concentration risk that occurs when one or more business units insure more than one line of business for the same policyholder which could be affected by the same claim or incident. models and an underwriting infrastructure that spans all lines of business and all business units that write policies in potentially exposed locations. the probability of different economic risk outcomes and the aggregate limit to expose the enterprise. from multiple business units providing coverage for the same policyholder plus participation in a reinsurance program from a policyholder’s reinsurance captive.

and automobile physical damage. AIR. Systemic risk also includes additional lines of business. For example. RM is uniquely positioned in many insurance organizations to consider the interaction of risks from different organizational silos in stress scenarios. group life. employer’s liability. Property damage and business interruption accumulations are typically modelled by using sophisticated commercial modelling tools (RMS.The concentration risk of natural catastrophes arises primarily from exposure to earthquakes. nor be subject to the same modelling capability. in addition to considering the results generated from the modelling tools. radiological “NCBR” e. Terrorism exposures are generally divided into two categories: conventional attacks (conventional bomb. It is also vital that the same infrastructure and modelling capability for monitoring and managing accumulations noted for natural catastrophes be in place for man-made catastrophic exposures. by their nature. the ERM framework for Lloyd’s includes consideration of specific Realistic Disaster Scenarios as a test of exposures under extraordinary circumstances. such as workers compensation. RM needs to be comfortable that processes are in place and effective to identify peak property exposures through name and location clearance systems in order to allow for identification of significant exposures to non-property lines of business at the same location. As such. to a train accident involving toxic chemicals. This category includes events ranging from terrorism. floods and windstorms. Very 44 . These exposures may not be coded to location in the same detail as property policies. Stress Scenarios Stress scenarios are especially necessary for determining aggregate limit boundaries for natural and man-made catastrophic events and guiding decisions on purchasing reinsurance protections. may provide coverage for all such events.). Man-made catastrophic events can similarly impact all lines of business. it’s important that data be captured identifying policies with NCBR coverage. etc. a “dirty bomb”). Policies covering worker compensation or employers liability. primarily. marine.g. Further. Property and business interruption policies may or may not include coverage for a terrorist act or coverage for NCBR. chemical. EQECAT. aircraft used as a missile) and nonconventional (nuclear. accident and health. From a RM perspective. biological.

Data Capture Accurate. plus losses on any debt or equity investments. In addition. standby credit. and/or similar arrangements to balance the potential exposures and financial stress the organization faces. tools to monitor and evaluate peak exposures bridging insurance commitments and financial holdings need to be in place. Mitigation actions may then involve internal or commercial reinsurance. RM needs to ensure that adequate auditing is in place to allow reliance on the data collected. and/or financial guarantees. liquidity. retrospective premium adjustments or other credit risk. policyholders and lines of business to stay within agreed risk limits. Concentration Risk from Credit-Related Exposures Another aspect of concentration risk arises from multiple financial-related exposures to an individual policyholder. Correlations between the various insurance and financial exposures under stress scenarios need to be determined with limits set reflecting both underwriting and credit rating considerations. and exposure as a counterparty to a derivative transaction. From a RM perspective. thorough. such as a fraud or severe downturn in profitability. Name clearance systems. Similarly.low probability events. or a pandemic will require RM to have considered not just the underwriting risk but to have incorporated the potential impact on the investment portfolio. allowing each underwriter participating on a policyholder’s program to see all the commitments to that policyholder. detailed data capture is key to measuring. reinsurance recoverable. and business continuity both from a holding company and individual subsidiary legal entities level. A significant event. a significant terrorism incident. reinsurance recoverable from a captive. as well as assurance that assessments of the creditworthiness of the policyholder are effective and guiding collateral negotiations. modelling and managing the risks of unintended exposure accumulations. RM needs to be comfortable that underwriting has the processes in place to monitor and manage individual account underwriting across multiple business units. securities lending. might lead to losses from a D&O policy. relevant. third-party liability and/or retrospectively rated insurance programs may generate exposure due to large deductibles. like a 1 in 250 year windstorm or earthquake. surety and fiduciary coverage’s. are an 45 .

for each precise location (street address. In particular. latitude and longitude) are critical. In this regard. and so forth. Operational Risk (including Non 46 . but to also think about where the emerging risks are arising and what data is necessary to assess these risks. underwriters or facultative buyers must be trained to have coverage afforded by the facultative reinsurance be concurrent with the terms of the underlying policy. RM must also be forward thinking about data capture. It is not sufficient to think about capturing data for risks that are current and obvious. Granular data including the policyholder’s type of business. Experience from many insurers examining losses from Katrina has shown that modelled catastrophic exposures were understated. as are systems to monitor accumulations by class and line of business. First and foremost RM must be attentive that the reinsurance purchased is actually providing the appropriate coverage to mitigate the peak risks. One reason for this was incomplete data capture of insured locations. business interruption coverage and limits. The insurance enterprise is exposed to various risks when purchasing reinsurance. On the facultative side. number of employees. construction type and age. Detailed data capture is especially critical for monitoring property accumulations for catastrophic exposure to both natural and man-made events. Reinsurance Risk Reinsurance is a widely used and valuable tool for mitigating peak risks on both individual accounts and portfolios. Regulatory Risk. awareness of exclusions or special acceptance criteria is vital. Risk needs to be comfortable that data capture is complete and audited as necessary for the modelled accumulations to be meaningful. values insured.effective tool in this regard. These include: Credit Risk. there needs to be strong communication between underwriting and the reinsurance buying function to ensure that underwriters are aware of the provisions of the reinsurance treaties being purchased. Inherent in reinsurance are several risks of concern to the Risk Officer.

47 . and Accounting/Tax Risk) and potentially Reputational Risk. Reinsurance may be purchased locally on a facultative basis by underwriters for individual accounts with peak exposures and also in multiple business offices on a portfolio. Credit risk has numerous aspects which must be managed. the accounting must consider all aspects of the agreement. verbal or written. it becomes difficult to assess the true nature of the transactions and to record all of the necessary accounting entries in an accurate and timely manner. including any written or verbal side agreements Also of concern is ensuring that reinsurance transactions are not structured to obfuscate the true financial results of the company. This operational risk is one on which the Risk Officer’s organization must focus. The starting point is the assessment of the credit worthiness of the reinsurer. ensuring that appropriate controls are in place to mitigate the risk. For both commercial reinsurance and captive arrangements. no side agreements. With many moving parts. any fees are reasonable. The Risk Officer needs to be comfortable that procedures are in place so all such arrangements receive appropriate oversight and monitoring. training and oversight need to be emphasized and sufficiently robust to ensure that there is a significant degree of risk transfer (underwriting and timing risk). a reinsurer and/or a retrocession ire. Sometimes the structure of these transaction becomes extremely complicated with the captive being the insurer. In particular. or treaty. policyholders may have captive insurers or reinsurers involved in their risk management program. Accounting risk arises as accounting for reinsurance transactions can be complex. RM needs to ensure that adequate controls are in place so accumulations by reinsurer are monitored with actions taken to mitigate peak exposures.Concurrency (mentioned above) Lack of Contract Certainty. Overly complex transactions and certain “circular” transactions can lead to accounting difficulties. This process generally leads to an “approved list” of acceptable reinsurers and a limit on the aggregate credit exposure to an individual reinsurer which is linked to its credit rating. basis. For example. the financial records of both parties reflect the transaction the same way. Reinsurance transactions need to have risk transfer characteristics in totality support insurance/reinsurance accounting (to be included in financial results as reinsurance) and these characteristics need to be appropriately analysed and documented. and similar measures.

indemnity reinsurance coverage based on the insurer’s ultimate net loss. non-concurrent terms and a simple failure to execute as intended. or. This is done through traditional. the bondholder will not receive all or any of their principle at maturity. For example. Industry loss warranty protections are structured similarly but the protection triggers are typically based on relatively narrowly defined risks and regions and a resulting aggregate industry loss. this demand has led to increased utilization of alternative risk transfer mechanisms to supplement the traditional reinsurance markets.Facultative reinsurance purchased locally to protect individual policies and treaty reinsurance has significant measures of operational risk. one based on the industry loss or the modelled loss from an event. In the event the reinsurance is triggered. Industry loss warranties are attractive to investors for simplicity but include considerable basis risk for the insurer which needs to be evaluated. These include delays in agreeing policy wording and a resulting lack of contract certainty. That is. while more attractive to the investor in the catastrophe bonds as the investor doesn’t have to underwrite the individual company. hedge funds and so-called “sidecars” have grown in popularity. In particular catastrophe bonds. more typically. Alternative Risk Transfer Large natural catastrophe losses in 2004 and 2005 and enhancements to catastrophe accumulation models have increased the demand for reinsurance and retrocessional protections. industry loss warranty protections. These facilities provide much needed fully collateralized capacity to insurers and reinsurers but may include basis risk which must be included in risk capital determinations. it is possible that the buyer could have a loss to which the coverage does not respond. The parametric coverage approach. The Risk Officer needs to ensure that the operational risk measures developed enterprise-wide extend to the placement of reinsurance. In turn. Catastrophe bonds typically involve a special purpose vehicle which provides protection to the insurer/reinsurer. The SPV. in turn. a recovery is determined based on a derivative (or parametric) measure of the loss. 48 . includes basis risk the Risk Officer needs to evaluate. develops its capitalization through the issuance of bonds to investors.

which is the risk that the sidecar cannot meet its reinsurance obligations to the cadent in an extreme event. They are difficult to quantify. may have a high loss potential and are marked by a high degree of uncertainty. This structure has the potential of “tail risk”. These reinsurers provide reinsurance on a fully collateralized basis. Finally. meaning that the full limit of the reinsurance is collateralized at the inception of the contract. risks pertaining to the collateral and failure to satisfy statutory requirements. This capital may disappear if terms and conditions are not ideal.Another alternative source of reinsurance capacity is reinsurance provided by thinly capitalized reinsurers backed by hedge funds. data collection and operational risk can be gained through a systematic review of large losses in a collaborative effort between underwriting and RM. These vehicles are funded by both debt and equity and typically provide quota share reinsurance to the sponsor (re)insurer. Post –Event Large Loss Reviews Insight into the effectiveness of the myriad individual account underwriting processes. concentration monitoring and management. The RM should also be aware that these vehicles typically do not include the reinstatement coverage available in traditional reinsurance. Risks involving emerging technologies or environmental 49 . Emerging Risks Emerging risks are exposures which may develop or already exist. Incidents that lead to insured losses happen. But insight into adherence to relevant guidelines when the risk was underwritten and the impact the risk has had on the various concentration management measures can provide Underwriting and RM with valuable information. Risks with these vehicles include operational risks. RM should consider and be aware that many alternative sources of reinsurance are transacted with capital that may be more opportunistic than traditional reinsurance. so-called “side cars” are special purpose reinsurance vehicles similar to those vehicles that facilitate Catastrophe Bonds. That’s why people and companies buy insurance. The SPV has limited capital resources and this limitation acts to cap the quota share coverage provided by the facility.

Similarly. reinsurance protection and monitoring of potential accumulations. genetically modified foods. limit and volume restrictions. Mitigation actions need to be agreed with Underwriting regarding coverage. A large factory explosion may lead to losses to policies that protect workers and to liability if neighbouring buildings are damaged. assessment. limits. As an example. healthcare and legal arenas. exposure to inflation in loss costs in future years is far less in property. reinsurance applicability and monitors developments broadly in the insurance. financial guarantees and the investment portfolio under stress scenarios. Relevant experience may well be very limited for analysing correlations. It is necessary to determine risk capital and optimize the mix by line. pandemics. Correlated Risk Assessing the degree of correlation between lines of business and for each line to other risk types is a critical requirement. surety. and so forth. reinsurance costs tend to have different trends. Potential for a D&O exposure also exists if the explosion was found to be the result of management negligence. however. An incident causing a loss may not typically affect both coverage’s. lines of business potentially exposed.changes require identification. RM and Underwriting need to ensure that 50 . and so forth. limits exposed and volume in order to minimize required capital through diversification. The actual situation is more subtle. property and business interruption coverage’s may generally be seen as having a very low correlation with casualty coverage’s. RM generally needs to work closely with Underwriting to judgmentally assess and agree the degree of correlation. Examples of such emerging risks would include nanotechnology. designing actions to contain unintended accumulations and monitoring that risk measures are effectively in place. RM is a key driver in determining the importance of identifying emerging risks. Hence. Operational risk might be seen as more strongly correlated with property exposures due to the complications with monitoring aggregate catastrophe accumulations and placing facultative reinsurance than casualty exposures. monitoring and mitigation. changes in weather patterns. RM needs to ensure that Underwriting identifies coverage triggers. accumulation potential across lines of business and policy years. for the more extreme scenarios. especially at the critical stress levels most important to risk capital determinations. one would expect a higher degree of correlation between D&O exposure.

terms and conditions will deviate from the actuarial price based on marketplace conditions.adequate consideration is given to stress scenarios intended to mirror the probabilities and correlations underlying the risk capital calculations. economic outlook. Actual prices. Risks in the Underwriting “Cycle” Actuarial price price RoE Actual price Target Medium term Time Price levels in non-life insurance tend to move in multi-year cycles as the result of varying levels of industry capital. especially as respects individual subsidiary legal entities. competition and similar considerations (see diagram below). 51 . an actuarially correct price for each account can be consistently determined based on desired ROE and anticipated loss trends. Theoretically.

This document does. however. Risk capital is required for uncertainty in this measurement due to the increased risk of understated loss reserves and added volatility as a consequence. there has to be a well-defined legal environment. contain a paragraph about a particular area of insurance: health insurance. First.Increased risk results from a failure to systematically measure deviations from the actuarial price and to fully recognize such deviations in current financial results. This should be supplemented by innovative insurance products and programmes by panchayats with reinsurance backup by companies and government to extend coverage to much larger sections of the population. Economic growth does not take place in vacuum.” 52 . rates of technological innovation. terms and conditions are monitored and that loss reserves and current financial results reflect deviations from actuarial pricing. both insurance and banking will play a critical role along with the stock market. The insurable population in India has been assessed at 250 million and this number will increase rapidly in the coming two decades.. cheaper and faster communication. RM needs special attention that actual pricing. particularly during times when marketplace pricing is less than the actuarial price. Legal framework has big impact on the development of the financial sector. There are two critical Ingredients needed. 1998). there has to be a well-functioning financial market (see Sinha. 2001). Vision 2020 document mentions “insurance” eight times in the 108 pages. Where Will The Indian Insurance Market Be In 2020? Vision 2020 identified the following factors as the engines of economic growth in India: Rising education level. “Health insurance can play an invaluable role in improving the overall health care system. On the other hand. availability of information. As a result. Second. it mentions banking only once! Given that services sector will become the largest in India. It makes no mention of the financial sector. it also Has a huge impact on economic growth (see La Porta et al. and globalization.

let us follow an extremely conservative projection: insurance demand goes exactly in line with income. evidence from other countries show that rising income below certain threshold has a nonlinear impact on insurance demand (the so-called S curve of insurance demand). we are assuming that in 2020. Over the next two decades we are likely to witness high growth in the insurance sector for three reasons. page 55). health insurance is not being discussed much. So is the pension market. In Sigma 8/2003. In that case. Thus. it is easy to see why this is an easy pick. This will raise the premium volume to USD 135 to USD 160 region by 2020. Given that Indians are already spending 5% of their income out of pocket for health care. This thought experiment above does not even address the two future potential growth drivers: private pensions and health insurance. private pension is its infancy in India. In this case. The insurance business is at a critical stage in India.2% for India (the figure for 2002) in 2020.(Planning Commission. If it rises to 6%. 2003. Financial deregulation always speeds up the development of the insurance sector. Of course. 53 . the premium volume will be USD 67 billion. First. the penetration of insurance (premium/GDP) stays exactly the same as in 2002. even in the face of rising income. If the penetration rises to 5% (more plausible if we believe in the S curve). But. Indians spend close to 5% of their income Out of pocket for health related issues. insurance penetration is not likely to stay at 3. we will simply multiply the current premium volume figure four-fold. this could easily add another USD 30 to 40 billion by 2020. Growth in income also helps the insurance business to grow. It will not remain so in the coming decades. So. such figures are available for 2002 for India. At present. At present. Let us conduct the following thought experiment using Table 1 for getting an idea of where the Indian market might be in 2020. In such a case. then the premium volume would rise to USD 121 billion. then the premium volume will rise to USD 105 billion. In addition. increased longevity and aging population will also spur growth in health and pension segments.

Taking the steps to reduce injuries could help in defending against a claim. public goodwill and continuing donor support. Risk management also addresses many risks that are not insurable. however. and the recourse they can take if they have been wronged. An organization should have a risk management strategy because: • People are now more likely to sue. • Organizations and individuals are held to very high standards of care. potential loss of tax-exempt status for volunteer groups. Purchasing insurance. • People are more aware of the level of service to expect. A thorough and thoughtful risk management plan is the commitment to prevent harm. 54 . is not risk management. • Courts are often sympathetic to injured claimants and give them the benefit of the doubt.CONCLUSION Insurance is a valuable risk-financing tool. Few organizations have the reserves or funds necessary to take on the risk themselves and pay the total costs following a loss. • Organizations are perceived as having a lot of assets and/or high insurance policy limits. • Organizations are being held liable for the actions of their employees/volunteers. including brand integrity.

wikipedia.BIBLIOGRAPHY  BOOKS :  B.com 55 .scribd.com  www.S Sharma “Insurance & Risk Management” WEBLIOGRAPHY  WEBSITE:  www.google.com  www.