Increasing Risk Complexity Outpaces ERM Oversight

More organizations are recognizing the value of a structured focus on emerging risks. The number of organizations with a complete enterprise risk management (ERM) program in place has steadily risen from 9% in 2009 to 28% in 2016, according to the N.C. State Poole College of Management’s survey “The State of Risk Oversight: An Overview of Enterprise Risk Management Practices.”

Yet this progress may lag behind the increasingly complicated risks that need addressing. Of respondents, 20% noted an “extensive” increase in the volume and complexity of risks the past five years, with an additional 38% saying the volume and complexity of risks have increased “mostly.” This is similar to participant responses in the most recent prior years. In fact, only 2% said the volume and complexity of risks have not changed at all.

Even with improvements in the number of programs implemented, the study—which is based on responses of 432 executives from a variety of industries—found there is room for improvement. Overall, 26% of respondents have no formal enterprise-wide approach to risk oversight and currently have no plans to consider this form of risk oversight.

Organizations that do have programs continue to struggle to integrate their risk oversight efforts with strategic planning processes. “Significant opportunities remain for organizations to continue to strengthen their approaches to identifying and assessing key risks facing the entity especially as it relates to coordinating these efforts with strategic planning activities,” the researchers found.

According to the study:

Many argue that the volume and complexity of risks faced by organizations today continue to evolve at a rapid pace, creating huge challenges for management and boards in their oversight of the most important risks. Recent events such as Brexit, the U.S. presidential election, immigration challenges, the constant threat of terrorism, and cyber threats, among numerous other issues, represent examples of challenges management and boards face in navigating an organization’s risk landscape.

Key findings include:

Can ORSA Work For All Businesses?

In addition to impacting the way countless organizations conduct business, the 2008 financial crisis was an awakening for regulators charged with reviewing and setting the rules that shape the way organizations assume risk. Insurance, perhaps the riskiest business of them all, did not go unscathed.

Not only are insurers responsible for managing their own internal risks, but careful calculations and guidelines are built into their business models to ensure that the risks fall within set parameters. Regulators will argue, however, that this wasn’t always the case.

Own Risk Solvency Assessment (ORSA) was adopted and now serves as an internal process for insurers to assess their risk management processes and make sure that, under severe scenarios, they remains solvent.

U.S. insurers required to perform an ORSA must file a confidential summary report with their lead state’s department of insurance.  The assessment aims to demonstrate and document the insurer’s ability to:

  • Withstand financial and economic stress with a quantitative and qualitative assessment of exposures
  • Effectively apply enterprise risk management (ERM) to support decisions
  • Provide insights and assurance to external stakeholders

While ORSA is requirement for insurers, a new study by RIMS and the Property Casualty Insurers Association, Communicating the Value of Enterprise Risk Management: The Benefits of Developing an Own Risk and Solvency Assessment Report, maintains that ORSA can be used for all organizations looking to strengthen their ERM function.

According to the report:

Whether or not required by regulation or standard-setting bodies, documenting the following internal practices is a worthwhile endeavor for any company in any sector to utilize in their goal to preserve and create value:

  • Enterprise risk management capabilities

  • A solid understanding of the risks that can occur at catastrophic levels related to the chosen strategy

  • Validation that the entity has adequately considered such risks and has plans in place to address those risks and remain viable.

The connection between the ORSA regulation imposed on insurers and the development of an ERM program within an organization outside of the insurance industry is apparent.

ORSA and ERM both require the organization to strengthen communication between business functions. Breaking down those silos are key to uncovering business risk, but perhaps more importantly, is the interconnectedness of those risks.

Secondly, similar to ERM in non-insurance companies, ORSA requires risk management to document its findings, processes and strategies. Such documentation allows for the process of managing risks to be effectively communicated to operations, senior leadership, regulators and stakeholders. Additionally, documentation enhances monitoring efforts, the ability to make changes to the program and is a benefit that allows ERM to reach a “repeatable” maturity level as defined by the RIMS Risk Maturity Model.

Developing an ERM program has become a priority for many organizations as senior leaders recognize the value of having their entire organization thinking, talking and incorporating risk management into their work. Examining and implementing ORSA strategies can be an effective way for risk professionals to get their ERM program off the ground and operational.

Business Interruption Seen as Top Risk Globally

A survey of more than 1,200 risk managers and corporate insurance experts in over 50 countries identified business interruption as the top concern for 2017. According to the sixth annual Allianz Risk Barometer of top business risks, this is the fifth successive year that business interruption has been seen as the biggest risk.
top-10-risks

“Companies worldwide are bracing for a year of uncertainty,” Chris Fischer Hirs, CEO of AGCS said in a statement. “They are concerned about rather unpredictable changes in the legal, geopolitical and market environment around the world. A range of new risks are emerging beyond the perennial perils of fire and natural catastrophes and require re-thinking of current monitoring and risk management tools.”

While natural disasters and fires are what businesses fear most, non-damage events such as a cyber incident, terrorism or political violence resulting in denial of access are moving higher up on the scale, according to the report. These types of incidents can cause large loss of income to companies, without actual physical loss.

The second concern, market developments, could result from stagnant markets or M&As, or from digitalization and use of new technologies.

Cyberrisk, third on the list of perils, has jumped up from 15th place in just four years. Cyber was identified as the second concern in the United States and Europe.

According to Allianz:

The results indicate that cyber risk occupies a significant portion of a company’s exposure map. The risk now goes far and beyond the issue of privacy and data breaches. A single incident, be it a technical glitch, human error or an attack, can lead to severe business interruption, loss of market share and cause reputational damage. Of the top 10 global risks in the 2017 Allianz Risk Barometer, a cyber incident could be a potential root cause or trigger for 50% of them. In addition, the toughening of data protection regulation regimes around the world is also contributing to this risk being at the forefront of risk managers’ minds, as penalties for non-compliance are increasingly severe.

Fourth on the list, natural catastrophes added up to $150 billion in total economic losses in 2016—with insured losses accounting for $42 billion of those losses—up from $28 billion in 2015, according to the report. Businesses also are more concerned about the impact of climate change and increasing weather volatility year-on-year.

Trump outlook for 2017

“Opportunities and challenges,” says Ludovic Subran, head of Euler Hermes Economic Research and deputy chief economist of Allianz research. “Companies which are domestic, either a regional multinational or national, will benefit. However, the business environment for large multi-national corporations who do have global, strongly regionally diversified business models will be more challenging. Stronger regional interests will make the lives of companies more complicated as there will be increasing protectionist regulation.”

P&C Insurers Face Lower Profit Margins

High insured losses from natural catastrophes, challenges from the personal auto business and pricing competition will make it more difficult for the property and casualty industry to maintain the favorable underwriting results it has seen for the past three years, according to S&P Global Market Intelligence.

In its U.S. P&C Insurance Market Report, S&P predicts an increase in the industry’sDown chart2 statutory combined ratio to 99.5% in 2016 from 97.6% in 2015 and reduction of pretax returns on equity to 8.7% from 10.8%—or to 7.5% from 9.9% when adjusting for the impact of prior-year reserve development.

“Profit margins are projected to be much narrower than they have been in the last few years, unless something dramatic happens,” report authors Tim Zawacki, senior editor and Terry Leone, manager of insurance research at S&P Global Market Intelligence said in a statement. “While insurers have wisely accounted for the fact that they haven’t been able to depend on investment gains to subsidize underwriting losses, they still need to practice restraint as they seek growth.”

Commercial Lines
The commercial lines combined ratio is projected to increase to 95.1% from 93.4% for 2015, which represented the third-consecutive year that the measure of underwriting profitability had ranged between 93.3% and 93.5%.

According to the report, premium growth in the commercial lines has benefited from factors such as slow, but steady macroeconomic growth and rate increases in commercial auto business, offset by continued downward pressure on commercial property rates. The outlook anticipates that the 93.9% combined ratio in the workers compensation line in 2015—which marked the first sub-100% result in that business since 2006—will not be repeated and that historically favorable results of the past three years in commercial multiperil and the fire and allied lines will begin to normalize over time.

Factors such as abundant reinsurance capacity, favorable underwriting results and relatively high levels of capitalization have contributed to downward pressure on commercial lines rates. The outlook assumes that carriers will continue to exhibit discipline in their underwriting, as recent contractions in Treasury yields in the aftermath of the U.K.’s June Brexit vote offer a reminder of the reinvestment risk the industry continues to confront, in what remains a low-for-long interest rate environment, S&P said.

Key observations
• Reduced Profitability: The P&C industry’s pre-tax ROE is projected to decline about 2 percentage points in 2016 while its combined ratio, which measures expenses incurred relative to premiums earned, is projected to increase to 99.5%, the highest level since 2012.
• Increased Investment Risk: Declining Treasury yields in the aftermath of the U.K.’s Brexit referendum have reinforced the challenges the industry faces to earn reliable, low-risk investment income, putting additional pressure on underwriting discipline.
• Weak First Half: Large increases in the amount of insured catastrophe losses during the first half of 2016 will negatively impact loss ratios in several business lines that have produced historically favorable results during the past three years.
• Personal lines: Historically unfavorable results in the private-passenger auto business are projected to deteriorate further in 2016 as miles driven by Americans continue to rise due to low gas prices. They will begin to improve once broad-based rate increases fully take hold, but this will take some time.
• Financial Results Hinge on Auto Line Performance: Private auto lines accounted for 34.4% of the industry’s 2015 direct premiums and, as financials demonstrated, the performance of those lines have played a significant role on the fate of underwriting.
• Future Issues: Favorable reserve development, broad access to reinsurance capacity, and a series of benign hurricane seasons have provided tailwinds to the industry in recent years. But none of those elements will continue in perpetuity and the absence of any one of them could create additional hurdles for the industry from a profitability perspective in 2016 and beyond.