Nine Questions Mutual Company Directors Should Ask When Assessing Their ERM Culture
November 12, 2017| Von Berto Sciolla |
P/C General Industry
Region: North America
Every year our Mutual Practice team looks forward to the National Association of Mutual Insurance Companies (NAMIC) Annual Convention. With nearly 2,000 attendees, it is a great opportunity to experience the rich tradition of the mutual insurance industry, enjoy a diverse a range of talented keynote speakers and listen to a multitude of stimulating panel discussions.
At the 122nd Annual Convention in Denver in September, I was fortunate enough to have the opportunity to participate as a panelist in a session entitled, “Questions All Directors Should Be Asking,” with my focus being Reinsurance. The session was designed to provide directors with an overview of the key questions they should be asking when addressing the following topics – compensation, automation/technology, succession planning, Cat modeling/data analytics and reinsurance.
Managers and CEOs today are being asked to do an awful lot; however, creating an Enterprise Risk Management (ERM) framework that brings value to your organization begins with the Board of Directors setting the tone, detailing roles and responsibilities and providing oversight. Ultimately, for an ERM framework to be truly effective, it is management’s responsibility to achieve those priorities and ingrain ERM into the culture of the entire organization.
Here are some of the fundamental questions mutual company directors should consider asking to help shape a framework for managing your company’s “units of risk” and build success capital:
- Are there assigned roles and responsibilities and a defined Enterprise Risk Management framework established for our organization?
- Is our board fully engaged in the risk management process? Have we set the "tone from the top"?
- Do we have a system in place and a methodology for identifying and prioritizing our organizational risks?
- Do we have the proper processes and procedures in place to manage and monitor our risk?
- Are we effectively managing risk and capital in our enterprise and are we using the most efficient tools to do so?
- Does my organization have the proper amount of economic capital to support its risk profile?
- What is my organization's risk appetite? Have we set defined metrics and targets to use as risk benchmarks?
- In what ways can our organization leverage our financial partnerships to maximize our operational efficiency?
- Is my organization utilizing reinsurance to maximize its cost/benefit tradeoff?
From the most rudimentary risk management perspective, insurers assume risk across their balance sheets. Each component of risk, such as underwriting and investment risk, contributes to the overall risk of the enterprise. Since insurers have a limited amount of risk-taking capacity, they must manage these various components effectively in order to control the overall risk being assumed by the enterprise. Here is how we think about “units of risk” at the enterprise level:
The enterprise risk assessment spectrum is wide and can include the following:
- Individual large losses
- An accumulation of losses from natural or man-made catastrophes
- Multiple insureds involved in the same occurrence
- A single event involving multiple policies for a single insured
- Volatility in loss ratios, across lines of business or across years
- Capital base limiting growth opportunities
- Problems with the legal, social and regulatory climate
- Inadequate/limited expertise in certain lines/classes/territories
A risk assessment process involves identifying and prioritizing risk drivers - in all their different forms - that an organization has to manage. To effectively prioritize such risk drivers, it is helpful to have a framework for capturing both the likelihood and the potential quantitative impact these risks can have on your organization.
Once a framework is in place, reinsurance tools and efficient asset allocation can be deployed to manage the various components and control the overall risk being assumed by the enterprise.
Essentially, ERM is all about identifying and managing risks to help you achieve your long-term goals and align with business objectives. Recognizing the choices you make about where your business is today will determine your results in the future.
To share your thoughts on this topic, or if we can help you think through some of these challenges, please reach out to me directly.