The Con­ver­gence Of Reg­u­la­tion & Risk Man­age­ment!

Risk-Based Su­per­vi­sion For In­sur­ers

Insurance - - FEATURE - by Mo­hez Rem­tulla

What is risk-based su­per­vi­sion? Riskbased su­per­vi­sion in­volves the reg­u­la­tory au­thor­i­ties fo­cus­ing on those as­pects of the fi­nan­cial sys­tem which pose the great­est risk to its sta­bil­ity. The risk pro­file and the as­sess­ment of risk man­age­ment are used to guide the level and na­ture of su­per­vi­sory ac­tiv­ity di­rected to­wards that in­surer. By fo­cus­ing on risk (which may be ex­ter­nal to the in­di­vid­ual in­surer) such su­per­vi­sion could help reg­u­la­tors de­tect po­ten­tial risks which more tra­di­tional method­olo­gies might over­look.

“New facts, col­lected in old ways un­der the guid­ance of old the­o­ries, rarely lead to any sub­stan­tial re­vi­sion of thought. Facts do not ‘speak for them­selves’, they are read in the light of the­ory’. —Stephen Jay Gould (Ever

Since Dar­win, 1977)

'Risk-based' ap­proaches to reg­u­la­tion are premised on the be­guil­ingly sim­ple idea that reg­u­la­tion can­not, and in­deed, should not, aim to elim­i­nate all po­ten­tial harms, or – to put it more gen­er­ally – 'ad­verse' reg­u­la­tory out­comes. In an adap­tion of Paracel­sus' maxim – the likely dose makes the poi­son – 'risk-based' ap­proaches to reg­u­la­tion take into ac­count the prob­a­bil­ity as well as the im­pact of po­ten­tial ad­verse reg­u­la­tory out­comes. A risk-based su­per­vi­sion with more fo­cus on sol­vency re­quires changed reg­u­la­tions as well as changed meth­ods of su­per­vi­sion. Risk-based ap­proach en­tails de­ter­min­ing the boundary be­tween ac­cept­able and un­ac­cept­able ad­verse out­comes. In ad­di­tion, it is nec­es­sary for in­sur­ers to im­prove the steer­ing and con­trol over busi­ness ac­tiv­i­ties and there­fore re­quires su­per­vi­sors to re­view the man­ner in which in­sur­ers are iden­ti­fy­ing and con­trol­ling risks. An ef­fec­tive risk-based ap­proach in­volves iden­ti­fy­ing and cat­e­goris­ing sig­nif­i­cant ac­tiv­ity (de­fined as a line of busi­ness, busi­ness unit, or other in­surer-wide process) risks and es­tab­lish­ing rea­son­able con­trols based on risks iden­ti­fied. Ap­pli­ca­tion of a rea­soned and well-ar­tic­u­lated riskbased ap­proach will jus­tify the de­ter­mi­na­tions of in­sur­ers with re­gard to man­ag­ing sig­nif­i­cant ac­tiv­ity risks and al­low them to ex­er­cise rea­son­able busi­ness judge­ment with re­spect to their ac­tiv­i­ties.

Risk-based su­per­vi­sion in­volves the reg­u­la­tory au­thor­i­ties fo­cus­ing on those as­pects of the fi­nan­cial sys­tem which pose the great­est risk to its sta­bil­ity.

In­her­ent Risks

Adopt­ing a risk-based ap­proach im­plies the adop­tion of a risk man­age­ment process, which en­com­passes recog­nis­ing the ex­is­tence of the risk(s), un­der­tak­ing an as­sess­ment of the risk(s) and de­vel­op­ing strate­gies to man­age and mit­i­gate the iden­ti­fied risks. Ev­ery in­surer faces a dif­fer­ent ex­po­sure to each of the risks de­scribed be­low, de­pend­ing on its busi­ness ac­tiv­i­ties. Credit Risk – re­sults from fi­nan­cial trans­ac­tions with a counter-party in­clud­ing debtors, bro­kers, pol­i­cy­hold­ers or rein­sur­ers. • Credit risk stems from the pos­si­bil­ity that re­ceiv­ables may re­main un­paid, in par­tic­u­lar those due from rein­sur­ers (more sig­nif­i­cantly with re­spect to amounts ceded to rein­sur­ers un­der var­i­ous con­tracts of rein­sur­ance).

How­ever, an in­surer has po­ten­tial credit ex­po­sure on the pri­mary side from the time a con­tract is ini­ti­ated up to fi­nal set­tle­ment by the in­sured or the agent/bro­ker. In­sur­ers have ex­pended con­sid­er­able ef­forts in man­ag­ing credit risk re­lated to their in­vest­ment port­fo­lios through the pru­den­tial stan­dards although credit risk is present mainly in the ex­ten­sive bond port­fo­lios. Mar­ket Risk – arises from changes in mar­ket rates or prices. In­ter­est rate risk arises from move­ments in in­ter­est rates. Ex­po­sure to this risk pri­mar­ily re­sults from tim­ing dif­fer­ences in the re-pric­ing of as­sets and li­a­bil­i­ties, both on- and off-bal­ance sheet, as they ei­ther ma­ture or are con­trac­tu­ally re-priced. For­eign ex­change risk arises from move­ments in for­eign ex­change rates. Ex­po­sure to this risk mainly oc­curs dur­ing a pe­riod in which the in­surer has an open po­si­tion, both on- and off­bal­ance sheet. Mar­ket risk also arises from the in­ter­est rate used in dis­count­ing the ex­pected fu­ture claims obli­ga­tions of the in­surer. Prod­uct De­sign and Pric­ing Risk – arises from the ex­po­sure to fi­nan­cial loss from trans­act­ing in­surance and/or an­nu­ity busi­ness where costs and

The risk pro­file and the as­sess­ment of risk man­age­ment are used to guide the level and na­ture of su­per­vi­sory ac­tiv­ity di­rected to­wards that in­surer.

li­a­bil­i­ties as­sumed in re­spect of a prod­uct line ex­ceed the ex­pec­ta­tion in pric­ing the prod­uct line. Prod­uct De­sign and Pric­ing Risk or Un­der­writ­ing and Li­a­bil­ity Risk – also de­fined as the un­der­writ­ing risk, en­com­passes risks re­lated to the pric­ing of prod­ucts (pre­mi­ums) and the set­ting of ad­e­quate tech­ni­cal pro­vi­sions to cover claims. Op­er­a­tional Risk – re­sults from de­fi­cien­cies or break­downs in in­ter­nal con­trols or pro­cesses, tech­nol­ogy fail­ures, hu­man er­rors or dis­hon­esty and nat­u­ral catas­tro­phes. The fol­low­ing pro­vides a pic­ture of the level of op­er­a­tional risk: Growth, Con­sol­i­da­tion, or De Novo – If any­thing should set off op­er­a­tional risk alarm bells, it's this one. That's be­cause in a rapidly

grow­ing, con­sol­i­dat­ing, or new in­surer, ev­ery com­po­nent of op­er­a­tions is in a state of flux. Peo­ple, poli­cies, in­for­ma­tion sys­tems, even fa­cil­i­ties, may change rapidly of­ten with lit­tle or no knowl­edge of what things will be like on the other side. In­for­ma­tion Sys­tems – Of­ten con­sid­ered the back­bone of op­er­a­tions, com­puter hard­ware and soft­ware sys­tems play a large role in any in­surer's op­er­a­tional risk pro­file. Per­son­nel: Turnover, Train­ing, and Mo­rale – If key se­nior man­age­ment or op­er­a­tions po­si­tions are va­cant or held by un­qual­i­fied in­di­vid­u­als, that train­ing is lack­ing, or that turnover is high, op­er­a­tional risk is con­sid­ered high. Trans­ac­tion Vol­ume and Com­plex­ity – When vol­ume is high, such as in a per­sonal lines in­surance com­pany that han­dles a large vol­ume of small dol­lar trans­ac­tions, com­plex­ity can be low. Com­plex­ity refers to trans­ac­tions that re­quire mul­ti­ple hand-offs, sup­ported by dif­fer­ent sys­tems, or re­quir­ing highly-trained per­son­nel. New Prod­ucts/Ser­vices – If an in­surer is on the cut­ting edge of of­fer­ing new prod­ucts or ser­vices, the cor­re­spond­ing man­age­ment ex­per­tise to off­set the new and dif­fer­ent types of risk should be re­viewed care­fully. Rip­ple Ef­fects – If an op­er­a­tional dis­rup­tion spilled over to other in­sur­ers or ma­jor cus­tomers, this com­po­nent would be con­sid­ered high. This is where op­er­a­tional risk dove­tails with rep­u­ta­tional and le­gal risks. Fa­cil­i­ties/Ge­o­graphic Dis­per­sion – A higher level of in­her­ent op­er­a­tional risk would be re­flected in a greater than av­er­age num­ber of fa­cil­i­ties or where the lo­ca­tions are widely dis­persed. The greater num­ber and dis­per­sion of fa­cil­i­ties in­creases the like­li­hood of er­rors and loss of data in the trans­fer from branch to back-of­fice. Elec­tronic De­liv­ery – A high level of in­her­ent op­er­a­tional risk would be as­so­ci­ated with a fully trans­ac­tional In­ter­net site be­cause it in­tro­duces a myr­iad of se­cu­rity and com­pli­ance chal­lenges. Liq­uid­ity Risk – The amount of liq­uid­ity re­quired de­pends on the in­surer’s abil­ity to forecast de­mand and its ac­cess to out­side sources, par­tic­u­larly in a stressed sit­u­a­tion. Con­tin­gency plans and stress test­ing are im­por­tant mech­a­nisms to help pre­pare

Ap­pli­ca­tion of a rea­soned and well-ar­tic­u­lated riskbased ap­proach will jus­tify the de­ter­mi­na­tions of in­sur­ers with re­gard to man­ag­ing sig­nif­i­cant ac­tiv­ity risks and al­low them to ex­er­cise rea­son­able busi­ness judge­ment with re­spect to their ac­tiv­i­ties.

for the in­creased de­mands for liq­uid­ity that can arise dur­ing stress­ful pe­ri­ods. Th­ese risks can ma­te­ri­alise un­der var­i­ous cir­cum­stances, for ex­am­ple: 1. If present or fu­ture pay­ment obli­ga­tions can­not

be met in full or as of the due date, or 2. If re­fi­nanc­ing cap­i­tal can only be raised at higher rates (re­fi­nanc­ing risk) in the case of a liq­uid­ity cri­sis or if as­sets can only be liq­ui­dated be­low cur­rent mar­ket price (mar­ket liq­uid­ity risk). Le­gal and Reg­u­la­tory Risk – arises from an in­surer’s non-con­for­mance with laws, rules, reg­u­la­tions, pre­scribed prac­tices, or eth­i­cal stan­dards in any ju­ris­dic­tion in which the in­surer op­er­ates. Le­gal Risk – in­surance is an ex­tremely liti­gious in­dus­try. The lit­i­ga­tion process is of­ten lengthy and costly, with an in­surer agree­ing or be­ing re­quired to pay claims that it never ex­pected un­der the terms of its poli­cies. It is dif­fi­cult to pre­dict how courts will in­ter­pret the terms of a con­tract and the ac­tions of the in­surer. Reg­u­la­tory Risk – arises from the non­com­pli­ance of reg­u­la­tions, such as non­com­pli­ance with ex­ist­ing reg­u­la­tions re­spect­ing mar­ket­ing prac­tices, fail­ure to have ad­e­quate cap­i­tal re­serves to cover risks in mar­ket, credit and op­er­at­ing port­fo­lio, fail­ure to pro­vide com­pli­ance re­ports, etc. Strate­gic Risk – ex­poses the in­surer to fi­nan­cial losses caused by changes in the qual­ity of prod­ucts, ser­vices, op­er­at­ing con­trols, man­age­ment su­per­vi­sion, com­pe­ti­tion, and tech­nol­ogy. If th­ese risks are not ad­e­quately un­der­stood, mea­sured and con­trolled, they may re­sult in earn­ings volatil­ity and sig­nif­i­cant cap­i­tal pres­sures. Strate­gic risk also stems from emerg­ing risk con­cerns, which re­quire sig­nif­i­cant im­prove­ment to the qual­ity of pro­ce­dures and con­trols and to in­crease accountability and aware­ness; that ap­pro­pri­ate re­sources will be as­signed.

Con­clu­sion

A risk-based su­per­vi­sion ap­proach as­sesses the prob­a­bil­ity and sever­ity of the ma­te­rial risks to which in­sur­ers are sub­ject; it as­sesses the ef­fec­tive­ness of the con­trols in re­duc­ing the prob­a­bil­ity of risk events oc­cur­ring or the sever­ity if they do oc­cur. It fur­ther con­sid­ers what the in­surer has in place to deal with an event oc­cur­ring even though the con­trols are in place and are func­tion­ing prop­erly. The risk of fail­ure can be ap­prox­i­mated as the com­bi­na­tion of all the risks (be­ing the prod­uct of the prob­a­bil­ity of an event hap­pen­ing and the sever­ity if that event does hap­pen) less the value of the ad­di­tional sup­port. Risk as­sess­ments are never sim­ply tech­ni­cal and in­volve lev­els of qual­i­ta­tive judge­ment and even bias. Tacit knowl­edge and ex­per­tise re­main im­por­tant in assess­ing risk, de­spite in­creased for­mal­i­sa­tion in su­per­vi­sory pro­cesses, and this is es­pe­cially true when it comes to analysing softer in­her­ent risks. Of­ten judge­ments may be made in a con­text of un­cer­tainty where some de­gree of flex­i­bil­ity is re­quired con­cern­ing the no­tion of risk, and where dif­fer­ent method­olo­gies need to be em­ployed to as­sess it. Such vague­ness may en­able long-es­tab­lished equally ap­plied bu­reau­cratic prac­tices to con­tinue but dis­guised un­der the new rubric of risk, fur­ther adding to con­fu­sion and threat­en­ing fail­ure in meet­ing com­mu­ni­cated risk ob­jec­tives. Mo­hez Rem­tulla has ex­ten­sive fi­nance, rein­sur­ance, risk man­age­ment and reg­u­la­tory af­fairs ex­pe­ri­ence in the in­surance/rein­sur­ance sec­tors, hav­ing worked as fi­nan­cial ex­ec­u­tive for some of the largest rein­sur­ance com­pa­nies and also for the su­per­vi­sory author­ity in Canada. He is a qual­i­fied ac­coun­tant by pro­fes­sion and has ac­com­plished many aca­demic achieve­ments in ac­count­ing, fi­nance, rein­sur­ance and risk man­age­ment. He is cur­rently Chief Ex­ec­u­tive Of­fi­cer of Fa­timide As­so­ci­ates Inc., pro­vid­ing spe­cialised con­sult­ing ser­vices to the (re)in­surance sec­tor. He can be reached at mo­hezrem­tulla.fa­timideinc@gmail.com.

Newspapers in English

Newspapers from Malaysia

© PressReader. All rights reserved.