The financial crisis of 2008-2009 provided an eye-opening experience for various industries, especially the insurance sector. One undeniable revelation was the sheer significance of Enterprise Risk Management (ERM). But what exactly is ERM? And how has it revolutionized the insurance industry?
1. The Emergence of ERM in the Insurance Industry
According to research by McKinsey, insurers with a robust ERM system fared much better during the financial crisis than those without. This discovery led to a surge of interest among insurers to develop or refine their ERM systems. The push was further bolstered by mounting pressures from regulators, rating agencies, and investors.
Initially, the insurance industry’s ERM approach was largely reactive. The primary aim was to address incidents and ensure compliance with existing and forthcoming regulations. But, as time progressed, a select group of visionary insurers evolved their ERM frameworks. They transitioned from merely responding to risks to actively strategizing around them, leading to reduced volatility in returns and enhanced capital performance. This advancement was due to a more holistic view of risk across the enterprise, with ERM being integral to business decision-making.
2. Anatomy of an Effective ERM Framework
Many leaders in the insurance sector have pondered the components of a successful ERM system. They are curious about how ERM can transition from a defensive tool to a mechanism for furthering business objectives. In fact, a recent survey revealed that while insurance leaders were confident in their risk management capabilities, they still identified potential areas for enhancement, particularly in risk transparency.
Additionally, smaller insurance entities highlighted the need to cultivate a stronger risk culture and drive performance transformation. Most CFOs and risk officers are now focusing on amplifying their ERM frameworks, given the prevailing climate of elevated risks characterized by economic uncertainties, financial market fluctuations, and geopolitical challenges.
3. McKinsey’s ERM Best Practices Framework
Drawing from the experiences of top-tier institutions, McKinsey formulated an ERM framework that encapsulates the best practices in the field. This structure revolves around a self-reinforcing cycle that aligns perfectly with business strategy.
In the realm of best practices, it’s vital for organizations to foster an integrated risk culture across all tiers. Typically, most insurers commence their risk management journey with a focus on compliance – a crucial first step. They keep tabs on risk, measure risk levels vis-à-vis new regulations, and formulate suitable reactions to risk incidents. The initial stages of ERM primarily look at developing control mechanisms and harmonizing risks with current regulations.
True systematic ERM emerges only after these foundational compliance capabilities have been set in place. This involves setting risk limits, crafting policies, and integrating accounting and statutory metrics. Most insurers are in this phase, adopting practices like ORSA (Own Risk and Solvency Assessment) to evaluate their risk management proficiency.
But the zenith of ERM is when it seamlessly integrates with the corporate strategy, thereby adding tangible value to the business.
4. Sharpening ERM’s Edge
The recent survey underscored that the main targets for ERM enhancement revolve around risk transparency and insights. These encompass better stress testing, superior risk reporting, and refined data analytics. Given the transformative potential of big data, there’s an industry-wide consensus on the need for more substantial investment in analytics.
Furthermore, the survey highlighted the necessity to embed a strong risk culture at the frontlines. This is especially relevant in areas like investment management and corporate insurance.
5. The Pathway to ERM Transformation
Successful ERM transformations share common denominators. One of the primary elements is robust backing from the board and top management. Moreover, the role of the Chief Risk Officer (CRO) is paramount. The CRO should not merely be a technical advisor but should spearhead the transformation, ensuring consistency and communicating the core objectives across all organizational levels.
There are two principal types of ERM transformations:
- Targeted Intervention: This zeroes in on specific elements like risk appetite definitions or stress testing. Such interventions are potent when the broader ERM framework is robust.
- Overall ERM Transformation: This comprehensive approach touches upon all facets of the ERM framework. It’s a long-haul process that could span up to two years, undertaken when a diagnostic evaluation signifies the need for a broad-based uplift of the ERM structure.
The insurance sector, like many others, is undergoing significant evolution. With rising complexities and challenges, the spotlight on ERM has never been brighter. Progressive insurers are leveraging this momentum to elevate their ERM systems, not just as protective shields but as strategic assets driving competitive advantage.