Tag Archives: risk management

Considerations for product governance risk management

A key focus of the insurance regulatory authorities around the world has been the protection of policyholder interest. This has resulted in more emphasis on product governance and product life-cycle management. The insurance directive launched under the European Union insurance law has issued guidelines for insurers to embed product oversight and governance into their risk management frameworks.

A robust product governance process can help reduce mis-selling and complaints, and increase policyholder confidence in the market. It can also ensure internal and regulatory compliance for the products offered by the insurer.

The core components of a robust product governance process are:

• Product governance policy
• Product development
• Pricing and value
• Distribution and sales
• Legal, compliance and risk management
• Ongoing assessment of the product

To read more about building a strong product governance policy, read Neha Taneja’s article here.

Global developments in conduct risk management

Risks relating to conduct of business are attracting increased attention across financial services firms, prompted by the ever-increasing focus of regulators in this area. Senior managers are accountable for conduct risk failings, and accordingly a strong conduct risk framework is an important tool in protecting against such failings. Based on our experience of assisting clients in this area, conduct risk management is still evolving and firms face many challenges. This paper by Milliman’s Karl Murray and Eamonn Phelan looks at recent and ongoing developments from around the globe and discusses actions firms need to take in order to address the changing business and legislative environment with regards to consumer protection.

Milliman consultant speaking at Mortgage Bankers Association forum

Milliman consultant Madeline Johnson, CMB, will speak at the 2017 MBA Risk Management, QA and Fraud Prevention Forum this September in Miami, Florida. She is scheduled to speak at the session entitled “QC for Purchase Markets” on Monday, September 25.

The three-day forum will be held from September 24 to 26. For more information on the talk and forum, click here.

Judging the appropriateness of the Standard Formula under Solvency II

The Standard Formula (SF) aims to capture the risk that an average European (re)insurance company is exposed to. The SF may not be appropriate for all (re)insurance companies, but the majority of European insurers currently uses it. In this article, Milliman’s Steven Hooghwerff, Sinéad Clarke, and Roel van der Kamp provide a short overview of the SF’s structure. They also present a suggested framework and worked examples, and discuss challenges and pitfalls to be considered.

Capitalizing on your actuarial report

In this article, Milliman’s Richard Frese and Andy Hoffman offer organizations perspective concerning critical topics they should discuss with an actuary to enhance their insurance program, better manage liabilities, and maintain appropriate actuarial analysis for the needs of their program. The authors also discuss best practices when working with an actuary.

This article was published in The Risk Management Quarterly.

Spotlight on operational and reputational risk

macdonnell-bridgetOperational and reputational risks have become areas of greater focus in recent times. There have been so many high-profile operational risk events that it is clear how important operational risk management is for all companies—Anthem, Volkswagen, and UBS are just a few examples of companies that have suffered significant losses because of operational risk events. In addition, for every publicly reported incident there are sure to be a host of smaller cases, which have not been large enough to hit the headlines, and which, of course, can have a cumulative detrimental effect over time. There is also a somewhat invisible aspect to operational risk, given that the damage does not always affect physical assets. Information can be stolen through a cyber breach, agents can act in their own interests, fraudulent activity can happen, and all of these events can go undetected.

Operational risk can also contribute to other risks that undertakings face, particularly reputational risk—a risk we don’t always fully appreciate until the damage is done. There are many strategies and marketing campaigns aimed at ‘one brand’ and ‘one vision’ which show the value organisations place on their reputations. Yet reputational risk management is not always given the attention it deserves. It’s worth pausing for a moment to take a closer look at operational and reputational risk management.

Operational risk
The challenges of quantifying operational risk are numerous—they include the lack of data to properly calibrate models and there are also challenges in relation to the models themselves. For example, the major shortcomings of the Solvency II standard formula calculation of operational risk capital are highly topical at the moment. Under Solvency II, operational risk capital must be held as part of the company’s Pillar 1 capital requirements. Criticism of this factor-based calculation includes its failure to capture many relevant elements of a company’s risk profile, such as the operating model and the specific processes within the company.

Interestingly, the solvency regime in Switzerland (known as the ‘Swiss Solvency Test’) does not require operational risk capital to be held. Rather, operational risk is considered as part of the company’s risk management, therefore treating it as a Pillar 2, as opposed to a Pillar 1, issue. Earlier this year, the Basel Committee on Banking Supervision imposed an outright ban on operational risk internal models for banks, acknowledging the widely differing approaches and complex modelling of this risk within the industry. Whether or not such developments will flow over to the EU (re)insurance solvency regime remains to be seen, but regardless of where operational risk sits from a regulatory perspective it is nonetheless an area where there are increasingly sophisticated methods being used in companies’ own risk assessments, such as, for example, Bayesian Network modelling.

For those who may be unfamiliar with Bayesian Network modelling, it is a technique that is gaining more and more traction as companies continue to develop their understanding of their operational risk exposures. This technique aids the understanding of operational risk exposures through workshops with various experts within the business, in order to establish the key underlying drivers of operational exposure and the relationships between these drivers. They are often not obvious at first glance and tend to involve quite nonlinear relationships. Once these exposures are well understood, the company can focus its attention on managing and mitigating the risks.

Continue reading