OPERATIONAL RISK MANAGEMENT: PRACTICAL IMPLICATIONS FOR THE SOUTH AFRICAN INSURANCE INDUSTRY

Similar documents
OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT

OPERATIONAL RISK MANAGEMENT: PRACTICAL IMPLICATIONS FOR THE SOUTH AFRICAN INSURANCE INDUSTRY

This section outlines the Solvency II requirements for a syndicate s own risk and solvency assessment (ORSA).

ORSA for Insurers A Global Concept

Own Risk and Solvency Assessment

Solvency II Preparation and IMAP James Latto

ORSA for Dummies. Institute of Risk Management Solvency II Group April 17th Peter Taylor

Risk Management. Trends for Insurance Companies. Jeffrey Lovern Genworth Financial VP, Enterprise Risk Management Global Mortgage Insurance

ORSA Implementation Challenges

Internal Model Approval Process (IMAP) Contents of Application (CoA) Template. August 2011 Version 1.0

Deriving Value from ORSA. Board Perspective

Solvency II Own risk and solvency assessment (ORSA)

Solvency II Own Risk and Solvency Assessment (ORSA)

Model Risk, A company perspective Peter K. Reilly, FSA Valuation Actuary & Head of Actuarial Strategic Initiatives Aetna, Inc

Preparing for ORSA - Some practical issues

Transforming risk management into a competitive advantage kpmg.com

Central Bank of Ireland Guidelines on Preparing for Solvency II Pre-application for Internal Models

CEIOPS Advice for Level 2 Implementing Measures on Solvency II: Articles 120 to 126. Tests and Standards for Internal Model Approval

DATA AUDIT: Scope and Content

CRO Forum Paper on the Own Risk and Solvency Assessment (ORSA): Leveraging regulatory requirements to generate value. May 2012.

EIOPACP 13/011. Guidelines on PreApplication of Internal Models

NY INSURANCE REGULATOR PROPOSES NEW ENTERPRISE RISK

Solvency II Detailed guidance notes

Guidance Note: Stress Testing Class 2 Credit Unions. November, Ce document est également disponible en français

Capital Adequacy: Advanced Measurement Approaches to Operational Risk

Enterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012

NEW YORK STATE DEPARTMENT OF FINANCIAL SERVICES 11 NYCRR 82 (INSURANCE REGULATION 203) ENTERPRISE RISK MANAGEMENT AND OWN RISK AND SOLVENCY ASSESSMENT

Actuarial Risk Management

Practical methods of modelling operational risk

Society of Actuaries in Ireland

Questions and answers collated at the PRA s Solvency II industry briefings on 12 December 2013

Principles for An. Effective Risk Appetite Framework

THE INSURANCE BUSINESS (SOLVENCY) RULES 2015

Subject ST9 Enterprise Risk Management Syllabus

Operational risk management frameworks and methodologies

Stress testing in a time of models. Peter Sondhelm, Steve Clark & James Orr

Insurance Guidance Note No. 14 System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive

Extracting learning from operational risk loss events and root cause analysis. Caroline Coombe Chief Executive, ORIC International

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

SOLVENCY II ARE YOU READY AND COMPLIANT?

Scenario Analysis Principles and Practices in the Insurance Industry

ERM from a Small Insurance Company Perspective

Public reporting in a Solvency II environment

Solvency II. PwC. *connected thinking. Internal models requirements and an example

Final Report on Public Consultation No. 14/017 on Guidelines on own risk and solvency assessment

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

ERM Exam Core Readings Fall Table of Contents

Key functions in the system of governance Responsibilities, interfaces and outsourcing under Solvency II

Risk Management & ORSA. kpmg.ca/insuranceconference2014

GN5: The Prudential Supervision outside the UK of Long-Term Insurance Business

Risk appetite as a dynamic management tool

ORSA - The heart of Solvency II

Preparing for ORSA - Some practical issues Speaker:

Operational Risk Management in Insurance Companies

LDA at Work: Deutsche Bank s Approach to Quantifying Operational Risk

Enterprise Risk Management: From Theory to Practice

Internal Loss Data A Regulator s Perspective

Innovations in Operational Risk. Neil Cantle, Principal

Understanding and articulating risk appetite

CEIOPS-DOC-45/09. (former CP 53) October 2009

Solvency II model assurance. 12 April 2012

Insurance Groups under Solvency II

Financial Services Industry Solvency II How to conduct the ORSA Requirements, EIOPA responses and Industry views

Building a framework for operational risk management: the FSA s observations

Making it clear Reporting and disclosure in the Solvency II world

Risk Management & Solvency Assessment of Life Insurance Companies By Sanket Kawatkar, BCom, FIA Heerak Basu, MA, FFA, FASI, MBA

INTERAGENCY GUIDANCE ON THE ADVANCED MEASUREMENT APPROACHES FOR OPERATIONAL RISK. Date: June 3, 2011

Implementing an AMA for Operational Risk

EIOPACP 13/09. Guidelines on Forward Looking assessment of own risks (based on the ORSA principles)

CONSULTATION PAPER P January Enterprise Risk Management for Insurers

From ICAAP/ORSA to ERM: Board and Senior Management Oversight. Leon Bloom, Partner, Deloitte & Touche LLP lebloom@deloitte.ca

Risk Management Policy

Basel Committee on Banking Supervision. Review of the Principles for the Sound Management of Operational Risk

Actuarial services that enhance performance. Insurance PRECISE. PROVEN. PERFORMANCE.

ICAAP for Asset Managers: Risk Control Limited

Regulations in General Insurance. Solvency II

Pro-cyclicality, current trends, issues and priorities for insurance mutuals.

Solvency II State of play. A survey of the non-life insurance sector

Solvency II in practice. Speaker: Tim O Hanrahan Deputy Head, Insurance, Central Bank of Ireland 16 March 2016

Solvency II Data audit report guidance. March 2012

Bank of America NA Dublin Branch Market Discipline. Basel II - Disclosures

Operational Risk Management Excellence Get to Strong Survey

Introduction to Operational Risk Modelling. 21 September 2015

Solvency ii: an overview. Lloyd s July 2010

Underwriting put to the test: Process risks for life insurers in the context of qualitative Solvency II requirements

Risk management systems of responsible entities

Rating Methodology for Domestic Life Insurance Companies

Solvency II New Framework for Risk Management Organisation. Dr. Maciej Sterzynski (Triglav Insurance, Ltd.) Matija Bitenc (Triglav Insurance, Ltd.

Guideline. Operational Risk Management. Category: Sound Business and Financial Practices. No: E-21 Date: June 2016

University of Edinburgh Risk Policy and Risk Appetite

EIOPA-CP-11/008 7 November Consultation Paper On the Proposal for Guidelines on Own Risk and Solvency Assessment

Bodily Injury Thematic Review

Solvency II. PwC. *connected thinking. Solvency II GAP-analysis: practical experience (life and non-life business)

Operational Risk Management Program Version 1.0 October 2013

Regulatory and Economic Capital

Introduction to Solvency II

Bank Capital Adequacy under Basel III

broader context market insurance

PRINCIPLES FOR THE MANAGEMENT OF CONCENTRATION RISK

Solvency II for Beginners

Transcription:

OPERATIONAL RISK MANAGEMENT: PRACTICAL IMPLICATIONS FOR THE SOUTH AFRICAN INSURANCE INDUSTRY Marilyn Martin & Mark Hayes

Agenda Aims Operational Risks in the Context of the South African Insurance Industry Operational Risk Management Principles Operational Loss Data as a Potential Solution Conclusion Questions 2

Definition Operational Risk the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. This definition includes legal risk, but excludes strategic and reputational risk. (BCBS, 2001) 3

Aim of the Presentation To investigate operational risks within the context of the South African insurance industry To examine the general application of operational risk management principles To investigate the use of operational loss data as a potential solution 4

Aim of the Presentation Context significance of operational risks operational risks and Solvency Assessment and Management (SAM) framework Operational risk management principles Operational risk management framework Operational loss data internal databases external databases 5

SA Industry Survey Relevance Scope: all South African registered insurers and reinsurers Response: 29 industry participants (±70% market GWP) Approximate gross annual premium Respondents role (by gross annual premium) R50 billion+ Other R10 - R50 billion Junior Actuary R1-10 billion CRO R500 million - R1 billion CFO Less than R500 million 0% 10% 20% 30% 40% Proportion of respondents Senior Actuary 0% 20% 40% 60% Proportion of respondents R10 bn+ R1-10 bn < R1 bn 6

Operational Risks in the Context of the South African Insurance Industry 7

Operational Risks in the Insurance Industry operational risks difficult to identify, quantify and manage insurers lag banks in management of operational risks operational risks may differ between banks and insurers Banking higher frequency, lower severity risks transactional nature of retail banking Insurance lower frequency, higher severity risks strategic nature of insurance strategic risks threaten the insurer as a going concern 8

Operational Losses in the South African Insurance Industry Operational losses as a percentage of net profit (by gross annual premium) Key operational risk concerns Other (please specify) 5% - 10% 1% - 5% 0.5% - 1% 0.05% - 0.5% < 0.05% Inability to manage going Increase in public scrutiny Increase of legal risk Inability to retain clients Increase in fraud activities Increases in errors from Inability to retain key staff Increase in reputational risk Increases in regulation 0% 20% 40% 60% Proportion of respondents R10 bn+ R1-10 bn < R1 bn 0% 20% 40% 60% 80% 100% Proportion of respondents 9

Operational Risk under SAM driver of developments in operational risk management Pillar I: SCR two alternatives for the calculation of the Solvency Capital Requirements (SCR) standard formula internal model Pillar II: ORSA more important than Pillar I in the management of risks holistic assessment and pricing of all material, foreseeable risks risk-management framework economic capital model modelling using parametric distributions modelling using scenario testing 10

Operational Risk under SAM Intended formula to be used for the SCR calculation (by gross annual premium) Extent of change in operational risk handling approach due to SAM (by gross annual premium) Unsure Totally To a lesser degree Internal Model To a high degree To a fair degree Standard Formula Not at all 0% 20% 40% 60% Proportion of respondents R10 bn+ R1-10 bn < R1 bn 0% 20% 40% 60% Proportion of respondents R10 bn+ R1-10 bn < R1 bn 11

Operational Risk Management Principles 12

Operational Risk Management Framework General Economic and Commercial Environment Risk Identification Risk Policy Risk Assessment Risk Monitoring Risk Management Risk Financing Professionalism 13

Operational Risk Framework: Risk Policy high-level strategy to achieve company objectives should set out principles for managing risk definition and taxonomy for operational risk organisational structure roles and responsibilities risk appetite - amount of risk accepted to pursue strategic objectives quantifiable and measurable tie back to economic capital in the Own Risk and Solvency Assessment (ORSA) 14

Operational Risk Framework: Risk Identification risk classification system common language within the organisation results in boxes to organise data classification system used by Operational Risk Consortium (ORIC) justification for the classification system required in the Own Risk and Solvency Assessment (ORSA) Key Risk Indicators (KRIs) quantitative measures representing operational risk performance embedded in the scenario approach scenario workshops are a key identification tool 15

Operational Risk Framework: Risk Identification Information collected as part of the operational risk assessment How interrelations between operational risks are captured (by gross annual premium) Linkages to other risks Other (please specify) Risk appetite limit Not recorded KRIs Reputational effects Risk ranking Quantitatively Frequency (#) Impact (R) Control description Risk owner Descriptively Risk description 0% 20% 40% 60% 80% 100% 120% Proportion of respondents 0% 20% 40% 60% Proportion of respondents R10 bn+ R1-10 bn < R1 bn 16

Operational Risk Framework: Risk Assessment ultimate goal predict potential losses so that actions can be taken Loss Distribution Approach (LDA) parametric estimations of individual and aggregate losses scenario approach risks calibrated by qualitative measures two approaches should be complimentary scenario approach may inform key points on the parametric distribution 17

Operational Risk Framework: Risk Assessment Current methods used for operational risk evaluation Appropriateness of data-based modelling of operational risk Don't know Unsure Stochastic Modelling Completely appropriate Modified SAM Standard formula Other Highly appropriate Factor based on volume measures Firm Developed Model SAM Standard Formula Scenario Analysis / Stress Testing Fairly appropriate Slightly appropriate Not at all 0% 10% 20% 30% 40% 50% Proportion of respondents 0% 10% 20% 30% 40% Proportion of respondents 18

Operational Risk Framework: Risk Assessment difficulties LDA requires historic data for calibration scenario approach does not directly require historical data, but what informs the scenarios? record losses in a well maintained internal loss database capture near-miss events record interdependencies/correlations between loss events and between their indicators cause-and-consequence recording approach supplementation through external databases 19

Operational Risk Framework: Risk Assessment Degree to which operational risk data is recorded Recording of near-miss events Unsure Totally Not recorded To a high degree To a fair degree To a lesser degree Recorded Not at all 0% 10% 20% 30% 40% Proportion of respondents 0% 20% 40% 60% Proportion of respondents R10 bn+ R1-10 bn < R1 bn 20

Operational Risk Framework: Risk Management purpose: minimise the impact of losses to allow for a greater focus on the revenue generating activities actions implement risk controls put in place mitigation strategies record in a risk register essential that there is a link between operational risk modelling and management currently a disconnect between the two sides goal for the future 21

Operational Risk Framework: Risk Management Importance of sound operational risk management practices Effectiveness of operational risk management practices Absolutely important Unsure Highly important Fairly important Slightly important Totally effective Highly effective Fairly effective Slightly effective Not at all Not at all 0% 10% 20% 30% 40% 50% 60% Proportion of respondents 0% 10% 20% 30% 40% 50% 60% Proportion of respondents 22

Operational Risk Framework: Risk Management ultimate responsibility for operational risk management: Ownership of responsible for operational risk management Other board of directors Role Shared CRO Board of Directors 0% 10% 20% 30% 40% 50% Proportion of respondents Organisation of operational risk function organisation of risk function 100% 80% 60% 40% 20% 0% centralised embedded approach both recommended Centralised Embedded in the lines of business 0% 20% 40% 60% 80% 100% Proportion of respondents 23

Operational Risk Framework: Risk Financing financial implications of all aspects of the framework should be considered when determining the optimum strategy risk-reward trade-off approach financing under SAM: holding of regulatory capital is holding capital for operational risk appropriate at all? cost of that capital better used for improving the effectiveness of controls? 24

Operational Risk Framework: Risk Monitoring ongoing process by embedded personnel in business lines overseen by the central risk manager iterative feedback loop assess earlier stages in the process operational risk management is not a static concept 25

Operational Loss Data as a Solution 26

Operational Loss Data Op Risk Data Op Risk Data 27

Uses of Operational Loss Data Risk Identification historical loss data provides a reference alert firms to risks otherwise not considered ensures completeness in the classification system Risk Assessment effective modelling requires data 28

Uses of Operational Loss Data Risk Management decision-making tool for risk managers identifies which risks require the most attention indicates which risk-reducing processes are worth investing in learning opportunities for companies capturing the causality of the event provides the greatest insights what to look out for what to do to avoid adverse occurrences Risk Monitoring monitor operational risk experiences objectively over time firm-specific losses can be isolated from those systematic to the industry 29

Limitations of Operational Loss Data not sufficient on its own past events may not be applicable for future experience risk management practices improved mitigations and controls put in place relevance of data diminishes over time insufficient low-frequency/high-severity events present to inform modelling black swan events impossible to predict from data alone 30

Sources of Operational Loss Data: Internal Databases Limitations Benefits internal loss data more appropriate for qualitative analysis certain practices increase the usefulness of internal loss data 31

Sources of Operational Loss Data: External Databases sources of external loss data publicly-available losses commercial databases using proprietary loss data consortium-based loss data the degree of confidence one may place on each source differs nature of events differs in consortiums consortium data more consistent may include legally sensitive events, not available publicly the threshold for recording losses lower 32

Sources of Operational Loss Data: External Databases Limitations Benefits 33

Sources of Operational Loss Data: Combining Different Data Sources assists with both quantitative and qualitative analysis of risks careful scaling of data needed to avoid bias / unrealistic results internal and external loss data should be combined with expert judgement to ensure the most complete view external data internal data expert judgement 34 operational risk information

Use of an Operational Risk Consortium in the SA Insurance Industry: ORIC Operational Risk Consortium (ORIC) founded in 2004 by the Association of British Insurers (ABI) (UK) 31 members losses above 10 000 recorded function collect, standardise and report operational loss and near miss data provide risk management support to member firms work with FSA to assist in regulation of operational risk management 35

Use of an Operational Risk Consortium in the SA Insurance Industry South African insurers would be permitted to join ORIC Operational Risk Consortium (ORIC) Benefits enhanced data from UK members modelling support Concerns data may not be comparable the reporting threshold may be too high for South African conditions costs may be prohibitive 36

Use of an Operational Risk Consortium in the SA Insurance Industry South Africa s own operational loss consortium? Risk Event Database (RED) Advantages good-quality, relevant, unbiased operational loss data identification of trends in risks provision of a benchmark improvements in exposure as a result of enhanced internal operational risk processes provision of key inputs for scenario discussions Challenges costs of joining / subscribing relevance of shared data amongst insurers time needed before the database is of a meaningful size current operational loss data recording standards inadequate ownership and management of the database 37

Use of an Operational Risk Consortium in the SA Insurance Industry: RED Willingness to be involved in an operational risk consortium (by gross annual premium) Willingness to join an operational risk consortium (subscriber vs. contributor) Yes 25% 14% 86% As a subscriber No 75% As a contributor 0% 20% 40% 60% 80% 100% Proportion of respondents R10 bn+ R1-10 bn < R1 bn Yes No 38

Use of an Operational Risk Consortium in the SA Insurance Industry: RED feasibility 52% of respondents believe it feasible should be considered bearing in mind Feasibility of an operational-loss consortium the consequences of failing to implement proper initiatives now willingness of industry to join promising practicalities choice of administrator regulatory position interim preparations costs 52% Feasible 48% Not feasible 39

Conclusion operational risks are very significant to South African insurers realise its importance and have begun to develop frameworks wide range of maturities in processes between insurers regulation is the main driver of operational risk developments but industry not happy with the approaches for the capital calculations in respect of operational risk Operational loss data essential current use immature more research required on the feasibility of a South African operational risk consortium 40

Questions 41

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information