KPMG s integrated Risk Management solution Business DialogueS breakfast conference 20/09/2011
Agenda Integrated Risk Management Spirit and Solutions The SaaS mechanism Conclusion 1
Solvency II extract Solvency II directive European Union 25/11/2009 2
Integrated Risk Management system Meaning Governance Rules Defines Applied through Contain Risks Implemented in Business Processes Mitigation items Controlled by Applied on Controls Defines Manages Require Risks management Compliance 3
Integrated Risk Management system Typical situation Regulator Governance Rules Defines Company Management Internal Audit Applied through Organization Contain Risks Implemented in Business Processes Mitigation items Operational Staff Controlled by Applied on Controls Defines Manages Require Risk Management Risks management Internal Control Compliance 4
Integrated Risk Management system Typical situation Regulator Regulations Processes database Organization Contain Risks Require Risks tracking Risk Management Loss reports Governance Governance Implemented in Rules Defines Applied through Business Procedures Processes Operational documentation Staff Mitigation items Guidelines Defines Risks management Company Management Controlled by Internal Control Applied on Controls database Manages Audit logs Independent report Internal Audit Assessment Compliance Controls history and reporting 5
Integrated Risk Management system Solvency II spirit Regulator Regulations Governance Governance Rules Defines Company Management Independent report Internal Audit Applied through Organization Contain Risks Implemented in Processes, Business procedures, Processes risks and controls Mitigation items Defines Controlled by Operational Staff Applied on Controls Manages Require Risk Management Risks management Internal Control Compliance 6
State of the Luxembourg insurance market Tools used for the management of risks 2010 5% 42% 53% 2011 41% 13% 47% 0% 20% 40% 60% 80% 100% Solvency II readiness survey KPMG September 2011 Market In-house None 7
Complex equation So we are seeking for the Luxembourg insurance market: A Risk Management solution compliant with the Solvency II directive... + able to interface with already documented business processes + able to cope with undocumented business processes + able to propose a complete and flexible GRC framework (risk management system) + able to support interactions with operational teams (loss reports, control campaigns) + able to generate on demand risk steering and management reports (heat maps...) + without any technological burden + at a reasonable price 8
Introducing one of the market s leaders in GRC solutions Cura Software Solutions offers broad GRC capabilities and risk expertise. The company highlights its product flexibility and risk expertise as differentiators, and customer feedback supports these claims. 2010, Forrester Research, Inc. 9
The following screenshots are samples Please contact us for a dedicated on-site demonstration of full system functionalities 10
Identifying and assessing risks Risk Identification Risk Evaluation Risk Mitigations Actions 11
Defining tasks (composing action plans) and assigning tasks to staff 12
Reporting on target heat maps and action plan status 13
Reporting by staff of losses and incidents 14
Reporting on losses and incidents to management 15
Assessing risks mitigation effectiveness through control campaigns 16
Reporting on residual risks 17
The SaaS mechanism proposed by KPMG Integrated GRC solution Company A s compartment Generic setup ABCD System admin Online support Related ad-hoc services Risks & controls management Loss reports Control campaigns Reporting Company A Secured Chinese walls 18
Conclusion So we have found for the Luxembourg insurance market: A Risk Management solution compliant with the Solvency II directive... + able to interface with already documented business processes + able to cope with undocumented business processes + able to propose a complete and flexible GRC framework (risk management system) + able to support interactions with operational teams (loss reports, control campaigns) + able to generate on demand risk steering and management reports (heat maps...) + without any technological burden Contact us for a on-site demo + at a reasonable price Fee quote is available upon request 19
Conclusion The risk management tool will not resolve in itself all the aspects of the Second Pillar of the Solvency II directive. It is the ground on which you can base your risk management approach. Few elements are missing once the tool is in place: Identification, understanding and ownership of the risks; Organization of ongoing management of risks. You can therefore concentrate on the value adding part of your work! 20
Thank you Presentation by Geoffroy Gailly ABCD Geoffroy Gailly Director KPMG Advisory Tel. +352 22 51 51-7250 9, allée Scheffer Mob +352 621 87 7250 L-2520 Luxembourg Fax +352 22 51 71 geoffroy.gailly@kpmg.lu KPMG Advisory S.à r.l., is a Luxembourg Société à responsabilité Limitée and a subsidiary of KPMG Europe LLP
2011 KPMG Advisory S.à r.l., a Luxembourg private limited company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (KPMG International), a Swiss entity. All rights reserved. The KPMG name, logo and cutting through complexity are registered trademarks or trademarks of KPMG International Cooperative (KPMG International).