Professional Documents
Culture Documents
June 5, 2009
Mary C. Gardner, ARM
Chief Risk Officer
Zurich North America
Agenda
1/30/2009 2
Agenda
1/30/2009 3
Operational Risk
Key Foundational Issues
Data
Use of scenarios
analysis
1/30/2009 4
Agenda
1/30/2009 5
Zurich’s ERM Program
Linkage from risk categories to Zurich
Governance Committees
Supporting
Risk Categories Example risks committees/processes
Investment • Solvency • Balance Sheet Committee
and Financial Risk • Market liquidity risk • Asset Liability Management
• Financial reporting integrity Investment Committee (ALMIC)
• Disclosure Committee
Operational
Risk
1/30/2009 7
Zurich’s ERM Program
Comprehensive TRP strategic risk identification
process
1 Generic TRP process … 2 … at all levels of the company
TRPs
6. Follow-up on improvement
actions quarterly
1/30/2009 8
Agenda
1/30/2009 9
Op Risk Defined
Operational risk
is defined as the
risk of loss
resulting from
inadequate or
failed internal
processes,
people and
systems or from
external events.
© Zurich Insurance Company
1/30/2009 10
Zurich’s ERM Program
The OpRisk Toolbox
Self Assessment Key Risk Indicators Loss Event Management
System automation
Preparation Late reports from Agent loss ratio above average
sourcing partners
& set up Staffing levels
Contractorsdata
Contractors data InternalGIT
GITdata
data
receivednot
nottimely
timely Internal
received receivednot
nottimely
timely
Monitoring & received
+
incorrect usage of spreadsheets, incorrect (allocated loss adjustment expense) reserves,
models
Assessment & which is covered elsewhere for RBC purposes;
movements in loss ratios, which is covered &
Identification elsewhere for RBC purposes; impact of
© Zurich Insurance Company
1/30/2009 11
Zurich Operational Risk and Control Framework
Operational Risk Assessments – relationship between the
assessments
Top Down Scenarios – BD Level
Goal: Assess OpRisk scenarios at the BU level
Result: Provide data to assess OpRisk RBC exposure
ta
Frequency: Annually for Spring RBC run
TDS
da
Approach: Pre-defined scenarios. Template provided by
king GRM, can be conducted in facilitated sessions
loo
across Group
al
Loss Event
ric
Approach: On occurrence
© Zurich Insurance Company
Information Flows:
1. TDS risks feed ORA scope
2. ORA risks feed ratings on TDS
3. ORA risks identify sources of potential loss events
4. Loss event data could show where risks need to be mitigated
5. Loss event data feeds ORA ratings
6. Loss event data feeds TDS ratings
1/30/2009 12
OpRisk
Bottom Up vs. Top Down – Similar objectives but differing
approaches
1/30/2009 13
Agenda
1/30/2009 14
Key Risk Indicators - monitoring changes in
the profile
Key Risk Indicators are used to monitor changes in the risk profile on
an ongoing basis
1/30/2009 15
KRI: Benefits
KRIs differ from loss events because they are more prospective than
retrospective. They are not associated with specific losses, but
indicate the general level of operational risk
KRIs allow the business to monitor changes in the risk profile of the
business quickly and monitor the risk profile against the agreed
threshold limits.
1/30/2009 16
KRI: Example
Poor Underwriting D
Skills && capabilities
Skills capabilities
Decision
# of technical training days per underwriter Deviation from national average (audit
scores)
© Zurich Insurance Company
Lessons learned from loss reviews No of losses over 300k per quarter
(case studies) Average rating of underwriters
performance review
No of PMP’s completed
1/30/2009 17
Agenda
1/30/2009 18
Tackling Loss Event Management
1/30/2009 19
Where can I find Loss Event Data?
1/30/2009 20
What losses should we capture?
1/30/2009 21
Source: BIS March 2003
90% 60%
80%
50%
70%
% of number of Loss Events
60% 40%
30%
40%
30% 20%
20%
10%
© Zurich Insurance Company
10%
0% 0%
0-10 10-50 50-100 100-500 500-1,000 1,000-10,000 10,000+
'000 EUR
1/30/2009 Percent of all Loss Events Value of loss Event - Percent of all Loss Events 22
Agenda
1/30/2009 23
Quantification and Modeling OpRisk
Exposure
1/30/2009 24
Agenda
1/30/2009 25
Consistent Reporting and Efficient Monitoring
Reporting:
Integrated, automated and intuitive
Provide a review, analysis and summary
Visual summary for streamlined high level analysis
Monitoring:
Should coincide with the meetings of key risk/management
committees
Minimum of quarterly review
© Zurich Insurance Company
1/30/2009 26
Agenda
1/30/2009 27
Zurich’s OpRisk Program
Pulling It All Together
Inputs Risk Assessments Outputs
Capital
Losses OpRisk Assmt
© Zurich Insurance Company
1/30/2009 29
OpRisk
Benefits - Shareholders = Ï SHV
1/30/2009 30
OpRisk
Benefits - Management
Local management
Avoid unexpected operational losses by better managing
operational risks
Provides tools to managers to manage and track their risks and
risk management actions
Increases the chance of achieving business objectives
Culture of transparency and clear risk ownership
1/30/2009 31
OpRisk
Having an integrated approach
1/30/2009 32
Zurich’s ERM Program
Collaboration between functions provide an integrated view of risks
Opportunity to rely
Internal Risk Compliance Finance External Other on and coordinate
Audit Mgmt Legal Audit
with other areas
Group External
3rd Line
Audit Audit
Core Assurance Providers
Risk
Compliance
2nd Line Management
ICF
Support Legal
1/30/2009 34
Zurich’s ERM Program
Zurich’s Enterprise Risk Management and Control Framework
© Zurich Insurance Company
1/30/2009 35
Agenda
1/30/2009 36
To sum it up…
1/30/2009 37
Characteristics of Successful ORM
1/30/2009 38
Questions?