Insurers Manage Others Risks Who Manages Theirs

1
Insurers Manage Others RisksWho Manages
Theirs?

• Allan Brender
• Special Advisor, Capital Division
• Jerusalem, 16 October 2006

2
Enterprise Risk Management

• Corporate-wide approach to dealing with risk
• Appears defensive but it can be a great resource
  in running any complex business
• Increasingly seen as an indicator of sound
  management
• Essential for all financial institutions,
  including insurance companies

3
Enterprise Risk Management

• Regulators encourage ERM
• However, it would be a mistake and unproductive
  for insurers to approach ERM as a compliance
  exercise
• With respect to ERM, there is a commonality of
  interests between policyholders and depositors,
  regulators and shareholders

4
Standard PoorsWhat corporate Directors Need
to Know About Credit Ratings

• Risk management lies at the core of a board of
  directors roles and responsibilities. Directors
  are accountable for the oversight of a companys
  risk appetite, and it is the directors duty to
  ensure that acceptable risks are assumed and
  managed appropriately as part of overall
  corporate strategy implementation. Intrinsically
  a risk management tool, credit ratings are at the
  heart of the overall risk awareness and risk
  management process.

5
Standard PoorsWhat corporate Directors Need
to Know About Credit Ratings

• Credit ratings analysis seeks to incorporate many
  dimensions of risk that determine a companys
  creditworthiness these include commercial and
  operational risks, considerations of corporate
  and industry structure, regulatory arrangements
  and other public policy factors, overall strategy
  and management effectiveness, along with a
  financial analysis of historical performance,
  current position, and outlook.

6
Insurers and ERM

• The business of insurance is the business of
  managing and mitigating our customers risks
• Insurers would appear to be risk experts who
  are at the forefront of risk management
• However, the operations of an insurance company
  introduce their own set of risks which are often
  distinct from those of the companys
  policyholders these may not be given sufficient
  recognition

7
Example General American

• Large U.S. life insurance company
• Had a run of high claims in the mid-1990s
• Credit rating was downgraded by Moodys
• The company had accepted a large deposit of
  pension funds for investment administration
• The contract included a 7-day call in the event
  GAs credit rating declined
• When GA was downgraded, it had insufficient
  liquid assets to meet the call
• The company was put into bankruptcy and assumed
  by Metropolitan Life

8
Example General American

• SP Rating-related questions that directors can
  ask their CFO or Treasurer
• 6. How would our business model and/or strategy
  implementation be affected by a rating downgrade?

9
Example Confederation Life

• In the early 1990s, the companys investments
  were focused on the real estate market, including
  mortgages and construction financing
• The company accepted a large pension deposit for
  investment administration
• The contract included a guarantee to meet the
  median return of large Canadian pension funds
• The companys investors chose to invest in real
  estate, contrary to industry practice
• When the real estate market in Canada and the
  U.S. suffered a severe downturn, the company was
  unable to meet the guarantee

10
Example Confederation Life

• SP Rating-related questions that directors can
  ask their Chief Investment Officer
• How are credit ratings incorporated in our
  investment policy guidelines?
• What is the analytical basis for our current
  eligible investment rating threshold what is the
  resulting degree of default risk incorporated in
  our portfolio?
• Based on the ratings distribution in our current
  holdings, what level of defaults should we expect
  in a credit cycle downturn?

11
Example Confederation Life

• The company wanted to become a financial
  conglomerate
• Like several other large Canadian insurers, it
  formed a trust company, accepting retail deposits
  and lending on mortgages
• The incentive compensation for the managers hired
  to operate the trust company was based solely on
  the volume of mortgages they could place
• As a result
• A high volume of low-quality mortgages were
  issued
• The trust company became known as a lender of
  last resort
• The parent company was forced to assume a large
  volume of mortgages in default in order to save
  the trust company

12
Example Models

• Models here may be
• Financial models used to price assets
• Corporate models used for valuation, scenario
  testing, valuation of liabilities, determination
  of capital requirements
• Financial models are
• based upon theoretical assumptions
• often modified for special instruments
• Simulation models include the companys products,
  assets, experience, strategies

13
Insurers and ERM

• The operation of an insurance company exposes it
  to a wide variety of risks in addition to the
  risks assumed from policyholders
• The insurance industry culture has tended to
• not give these risks the attention they deserve
• assume that in a long term business, most
  difficulties are smoothed and mitigated over time
• assume that for short term business, the business
  plan can be altered to work out any difficulties
• Successful implementation of ERM requires a
  change in company culture

14
Risk

• Any event or action that may adversely affect an
  organizations ability to achieve its objectives
  and execute its strategies
• For quantifiable events, risk is often associated
  with the volatility of outcomes
• Non-quantifiable events can also have significant
  financial costs

15
Risk

• Risk is inherent in the operation of any
  financial institution
• Section 4 (4) of the OSFI Actfinancial
  institutions carry on business in a competitive
  environment that necessitates the management of
  risk

16
Risk

• The object of risk management is not to eliminate
  risk but to mitigate its effects
• Risk management is a discipline for living with
  the possibility that future events may cause
  adverse effects

17
Risk Management

• RM is not totally focused on the downside
• We are usually compensated for taking on risk
  this compensation can be very attractive and
  rewarding
• RM enables a company to define its risk appetite
  this can help the company decide which risks it
  is willing to assume
• In this way, RM is a valuable management tool

18
The Many Faces of Risk

• Risk-based capital requirements
• Risk management
• Risk-based supervision

19
Risk-based Capital

• First introduced in Canada (life insurance)
• U.S. followed in the early 1990s and extended to
  non-life companies shortly thereafter
• International Association of Insurance
  Supervisors is developing a principles-based
  approach
• IAIS asked IAA for assistance result was A
  Global Framework for Insurer Solvency Assessment
• In Europe, Solvency II is proceeding on a more
  concrete but parallel course
• New developments in individual countries (U.K.,
  Switzerland, Canada)

20
Risk-based Capital

• Insurers, faced with regulatory capital
  calculations, began to consider how much capital
  should be allocated to support various activities
  within their companies
• A natural extension of these ideas is the
  development of Economic Capital

21
RBC EC

• Going concern with provision for eventual
  wind-up
• Protection of policyholders interests
• Standard calculation

• Going concern
• Shareholder value
• Company-specific, usually based upon corporate
  models

22
Economic Capital and ERM

• Development of an economic capital system
  naturally leads to asking
• How can capital allocation by risk be refined?
• How can the companys risks be better managed?
• Can we analyze income based upon return on
  allocated risk-based capital (RAROC)?
• This naturally leads to the development of ERM
• An interesting description of this process as it
  applies to Allstate Corporation is contained in
  the latest issue of the Tillinghast Emphasis
  magazine, available at
• www.towersperrin.com/td/getwebcachedoc?webcTILL/U
  SA/2006/200608/Allstate.pdf

23
Classification of Risks

• Insurance
• Credit
• Market
• Liquidity
• Operational
• Legal
• Reputation Strategy

24
Risk Types Correspond to a Possible Economic Loss
CREDIT RISK Unexpected Loss
Inter-risk diversification
Earnings Deviation due to variations in Credit
Losses
Earnings Deviation due to inability to repatriate
funds - immaterial for insurance
TRANSFER RISK Unexpected Transfer Loss
MARKET RISK Value at Risk
Earnings Deviation due to changes in the Market
Price or Liquidity
RISK Earnings Deviation
BUSINESS RISK Residual Earnings Deviation
Earnings Deviation due to changes in Operating
Economics (e.g. Volume, Margins or Costs)
OPERATIONAL RISK Event Loss Deviation
Earnings Deviation due to One-off Losses
unrelated to Volume, Margins and Costs
LIFE Risk Mortality Deviation
Earnings Deviation due to unexpected changes in
mortality rates
Total Economic Risk
Non-Life Risk Claims Deviation
Earnings Deviation due to changes in morbidity
and PC claims
25
Insurance Risk

• Product design
• Pricing
• Underwriting
• Selection
• Transfer, retention, reduction of risk
• Reserving for and adjudication of claims
• Management of contractual and non-contractual
  contract options

26
Risk and Diversification

• Traditionally, insurers have mitigated product
  risks through diversification
• Diversification within portfolios
• applies the Law of Large Numbers so that
  experience becomes more predictable as the size
  of the portfolio increases
• Diversification between portfolios
• Hold two portfolios for which risks, to some
  degree, offset
• e.g. life insurance and life annuities

27
Risk and Diversification

• Increasing portfolio size does not always
  diversify risk
• the Law of Large Numbers does not always apply
• Consider the case of segregated fund guarantees
  (maturity guarantees (U.K.) or variable annuities
  (U.S.))
• The product is a mutual fund
• The guarantee is that the value of the clients
  account in ten years or at death if sooner will
  equal some function of the original investment

28
Risk and Diversification

• The primary guarantee is based upon the levels of
  various financial market indexes
• All contracts are affected in the same direction
  by a change in index values
• This risk is not diversifiable
• The guarantee is equivalent to a put it has a
  potential substantial cost
• Many insurers charged no explicit price for this
  guarantee

29
Do We Learn from Others?

• In 1980, the U.K. Institute of Actuaries formed a
  working party to consider the implications of an
  investment product offering maturity guarantees
• David Wilkie was a member of the working party
  and created the Wilkie Model for equity markets
  for its work
• The working party concluded that a guarantee of
  100 was very risky
• Most U.K. companies decided not to offer this
  product
• The Canadian life insurance industry, although
  connected to the U.K. industry, ignored these
  results in developing segregated fund guarantees

30
Do We Learn from Others?

• Consider Term to Age 100 (T100) developed in
  Canada in the early 1980s
• This product offered no cash surrender values, or
  values only after age 65
• The product was priced assuming annual lapses of
  5 to 6 percent this led to very low premiums due
  to gains to the company resulting from surrenders
• Agents realized this product could be paired with
  deferred annuities to produce a better
  alternative to whole life insurance
• The product actually became one in which ultimate
  annual lapses are about 1.8

31
Do We Learn from Others?

• U.S. actuaries were well informed about the
  Canadian experience with T100
• The common opinion was that since U.S.
  non-forfeiture laws require cash surrender
  values, this type of difficulty could not arise
  in the U.S.
• The U.S. market has since developed Universal
  Life with Secondary Guarantees, a product which
  can be made to function like T100, with the same
  set of problems

32
Credit Risk

• The exact nature of this risk depends upon the
  nature of the instruments in which the company
  invests
• In principle, this is similar to the same risk
  for banks
• Insurers do not originate as many instruments
• Insurers usually deal with proportionately long
  term investments
• There is a vast literature on credit risk
• David Wright of Moodys KMV will discuss this
  later today

33
Market Risk

• Due to the often long-term nature of insurance
  liabilities, this is a very important source of
  risk for insurers
• Policyholder behavior is often an important
  factor
• An important risk mitigation strategy for
  insurers is Asset Liability Management
• Canadian experience is that ALM works very well

34
Liquidity Risk

• This is not well understood
• Not generally held to be quantifiable
• Frequency of the event is often low but the cost
  (severity) of an event can be extremely high
• This risk can be addressed through the companys
  investment policy (e.g. concentration limits and
  diversification requirements)

35
Reputation Strategy Risk

• Several insurers and reinsurers have had
  difficulties with respect to the use of finite
  reinsurance
• Several U.S. and Canadian life insurers had
  difficulties with respect to vanishing premium
  policies
• Total cost to the industry was many billions of
  dollars
• CIBC
• Formerly considered to be foremost among banks in
  ERM
• Principal lender to Enron
• Settled claims at a cost of 2.4 billion
• The case of elusive fax number

36
Operational Risk

• The risk of loss resulting from inadequate or
  failed processes, people, systems or from
  external events
• Most losses result from operational risks
  although they are later attributed to more
  technical categories
• Difficult to develop sufficient data to allow
  proper quantification

37
Implementing ERM

• There is no unique ERM structure
• Depends upon company structure, culture
• Components
• Direct involvement of the board of directors
• Board risk committee or expanded audit committee
• Quasi-independent RM structure within management
• Independent of line management
• Usually headed by CRO with a company-wide
  perspective
• Involvement of internal audit but separate from it

38
Chief Risk Officer

• Interacts with
• Chief Financial Officer
• Chief Investment Officer
• Chief Information Officer
• Chief Actuary
• Head of Internal Audit
• Direct reporting to CEO is preferable
• Often reports to CFO
• In insurance companies, often an actuary

39
Standard PoorsAssessing ERM Practices Of
Financial Institutions

• The following are viewed as favorable to credit
  assessments
• Culture
• RM function is independent of the business
• Daily close partnership with the business through
  constant dialog
• RM has the authority to advise the business to
  cut positions or halt execution of specific
  transactions if the need arises

40
Standard PoorsAssessing ERM Practices Of
Financial Institutions

• Culture
• RM is involved at the outset in the budgeting and
  planning process
• CRO participates at strategic planning sessions
  with senior management and/or the board
• The institution appoints as senior risk managers
  individuals with significant business experience
  and who may also have advanced degrees

41
Standard PoorsAssessing ERM Practices Of
Financial Institutions

• Risk appetite
• Risk appetite is established through dialog
  between RM and the businesses
• Strategically consider risk-reward tradeoffs
• Aggregate level risk tolerances are expressed
  holistically in terms of impact on earnings,
  volatility of revenues, capital, work force
  retention and reputation

42
Standard PoorsAssessing ERM Practices Of
Financial Institutions

• Risk aggregation and quantification
• In association with business units, managers
  decide upon appropriate global risk metrics that
  effectively and accurately assess the firms risk
  exposures
• The institution periodically provides senior
  management with a coherent picture of the risks
  to which the firm is exposed at any given point
  in time

43
Standard PoorsAssessing ERM Practices Of
Financial Institutions

• Risk disclosure
• Articulate to senior management all risks through
  clear high-quality internal reporting
• Hold weekly, monthly, quarterly meetings with RM,
  the business, and senior management to discuss
  risks
• Ensure the board is well-engaged with ERM
  initiatives and is to some degree setting the tone

44
Standard PoorsAssessing ERM Practices Of
Financial Institutions

• Technical and quantifiable risks
• Clear company-wide definitions and
  classifications
• Consistent risk-measures
• Clear limits for risk tolerance
• Risk-specific criteria

45
Supervisors and ERM

• Section 4 (2) (c) of the OSFI Act
• (2) The objects of the Office, in respect of
  financial institutions, are
• (c) to promote the adoption by management and
  boards of directors of financial institutions of
  policies and procedures designed to control and
  manage risk

46
Supervisors and ERM

• The fundamental interest of supervisors is that
  financial institutions continue as going concerns
  and all obligations to policyholders are honored
• Supervisors encourage ERM as a means of ensuring
  institutions will continue to operate in good
  financial health
• Approaching supervisors request to engage in ERM
  as a compliance exercise is inappropriate

47
Commonality of Interests
Risk versus Return
Risk versus Capital

• Regulators
• Rating Agencies
• Creditors

Senior Management

• Shareholders
• Analysts

Regulators demand that risks are well managed (to
avoid taxpayer bail-outs) Policyholders/creditors
expect safety of their savings and
investments Rating agencies will only give high
ratings to institutions able to measure and
manage risk
Shareholders have entrusted the board with their
capital They dont want to lose it They expect a
decent return on it They dont want any
surprises They penalise volatility
Capital Adequacy
Capital Efficiency
48
Risk-based Supervision

• The object is to allocate the supervisors scarce
  resources efficiently
• Greater resources should be devoted to
  institutions that pose greater risks
• Supervisors assess each institutions overall
  level of risk
• The assessment is shared with senior management
  on a confidential basis

49
Risk-based Supervision

• The quality of a firms RM is an important
  component in evaluating its risk score
• OSFI operates in a reliance mode
• To the extent that a firm has solid risk
  management, the supervisor may rely on that
  independent oversight of the firms operations

50
ERM and Risk-based Capital

• The new RBC requirements will provide for
  sufficiently sophisticated companies to use
  advanced (company-specific) approaches, including
  internal models, to determine required capital
• Approval for the use of such methods will
  generally depend upon the existence of a strong
  risk management program and culture in the company

51
U.K. FSA Individual Capital Adequacy Standards

• Presumption that all supervised companies have
  economic capital models and RM programs
• Submit these models to FSA
• FSA will assess these models and the firms
  capital target and level and provide confidential
  individual advice to the firm

52
IAIS Solvency Structure
53
Disclosure and ERM

• External stakeholders (analysts, shareholders,
  policyholders, supervisors) know that risk is
  present in financial institutions
• It cannot be eliminated but it can often be
  managed
• These stakeholders demand greater disclosure of
  the companys affairs, including ERM
• Disclosure will be increasingly required under
  the forthcoming fair-value based financial
  reporting system, which will produce more
  volatile results

54
Insurers and ERM

• Insurance industry culture contains serious gaps
  in assessing and managing risks
• The change in culture that comes with the
  adoption of ERM can only be beneficial
• ERM makes good business sense!

55
Questions?

• allan.brender_at_osfi-bsif.gc.ca