Cassandra Moren

The Benefits of Effective Enterprise Risk Management for Insurers

by Somna Trehan, December 2011

Developing a systematic approach towards managing risk in the enterprise involves an evolutionary process. The last couple of years have witnessed a strong and growing realization among financial services organizations and their stakeholders that having a holistic approach towards enterprise risk management (ERM) is not just an added advantage, but a necessity for sustained and profitable performance.

ERM provides an advanced framework of risk assessment and the ability to respond confidently to existing and emerging challenges. According to Standard and Poor’s, it marks a shift in a company’s focus from operating on a “cost/benefit” line of thought to a “risk/reward” approach.

The Current ERM Landscape

Acceptance of ERM across the financial services and insurance world has grown significantly as companies prepare to face risks with greater confidence and poise. The sixth biennial ERM survey of Global Insurers, conducted by Towers Watson, indicated that an ERM program has resulted in key business changes for a growing proportion of respondents — from 78 percent in 2008 to 92 percent in 2010. The findings show that ERM programs have influenced several major business aspects, including changes in asset strategy (52 percent), risk strategy or appetite (47 percent), product pricing (44 percent), and management decision-making processes (36 percent).

ERM has also gained prominence as a crucial factor impacting insurers’ ratings. Rating agencies primarily look at insurers’ ability to identify, monitor, manage, and mitigate its risks by assessing risk culture, strategy, and models. Post 2008, rating agencies have increased emphasis on insurers having a fully functional ERM.

From a rating agency’s perspective, ERM helps insurers demonstrate that they really know their risks and have developed a sound strategy for managing them. Standard and Poor’s states that it will consider an insurer with more capital to be more secure than an insurer with less capital. However, it also adds that capital is not a substitute for ERM. A company with a high capital position still needs to be able to demonstrate that it can maintain that position by limiting future losses.

Despite an obvious understanding and acknowledgement, there is still a high level of variability in the extent of ERM adoption by insurers. Key reasons why insurers still have not adopted ERM to the full extent include:

  • Tendency to view different types of risk independently, not holistically

  • Challenge to ERM implementation due to data quality and integration issues

  • Different regulations and methodologies in different geographies

  • A shortage of skilled people resources

  • Lack of involvement across the organizational hierarchy

The Benefits of ERM Implementation

One of the key findings of rating agencies is that ERM implementation is still primarily driven by compliance requirements. Not many companies have come to believe that ERM has the potential of significant upside in performance and they often focus on just covering the downside risks. However, both the insurance companies and rating agencies expect that as ERM implementation progresses, its greater competitive advantages will be recognized. In fact, insurers have begun to realize how ERM influences multiple business aspects and brings along tangible and quantifiable benefits:

  • Lower earnings and capital volatility: ERM builds a foundation for stable earnings. It increases insurers’ ability to identify and quantify risks with greater accuracy resulting in informed and improved decision making. Greater insight into risk profile of insurance business and investments results in lower earnings and capital volatility, which in-turn translates into greater confidence of all stakeholders — particularly shareholders.

  • Improved Credit Ratings: Effective ERM increases confidence of rating agencies on risk assessment and mitigation systems resulting in lower capital requirements. Also, better earnings quality, capital position and improved performance on rating metrics help in attaining higher credit ratings.

  • Regulatory Compliance: ERM framework supports insurers with meeting regulatory requirements. For instance Solvency II requires insurers to perform Own Risk and Solvency Assessment (ORSA). ORSA facilitates risk measurement and management and improves decision making. However, as per Towers Watson, only 10 percent of European respondents subject to Solvency II believe their current models meet expected future regulatory requirements.

  • Driving Higher Shareholder Value: Credit ratings have a significant bearing on any company’s borrowing capacity and also the rate at which a company can borrow. Hence, ERM also assumes the role of a determinant of cost of capital and consequently of shareholder value.

A study by S&P empirically demonstrates that ERM scores correlate with companies' stock performance. During 2008, all North American and Bermudan public multiline insurers experienced decline in stock price. The companies that had ‘Excellent ERM’ witnessed close to 30 percent decline where as companies with ‘Weak ERM’ saw their share price go down by as much as 60 percent. The study also shows that stock price volatility is inversely related to ERM effectiveness. During 2008, insurers with ‘Effective ERM’ witnessed around 30 percent volatility compared to insurers with ‘Weak ERM’ which experienced volatility of close to 70 percent.

Steps to Developing an Effective ERM Strategy

Increasingly, insurers are working towards implementing fully functional ERM. As insurers reshape their businesses in a dynamic environment, ERM will play an increasing role in the broader strategic decisions regarding choosing segments/geographies of operations, arriving at investment exposures and thresholds, meeting requirements of regulators and rating agencies, and finally, driving greater shareholder value. The following are the key aspects they need to focus on to create and evolve impactful ERM:

  • Setting the Objective: The final objective of ERM is to maximize value for all internal and external stakeholders. However, the realization of this aim will be driven by setting and achieving smaller milestones.

  • Developing a Congenial Organizational Structure: To have a successful ERM, insurers need to have an effective risk culture, and support of the senior management.

  • Clarity of Risk Management Process: There should be clarity and consistency towards the approach to risk management, which will form the foundation of a seamless risk management system across the organization.

  • Risk Identification, Quantification, and Prioritization: To ensure timely action based on the urgency and severity of impact, quantification with the help of detailed analysis and modeling can help to gain insight into real-time balance sheet risks.

  • Risk Mitigation: Risk mitigation strategies are based on performance under historical circumstances and forecasted scenarios. Stress testing the existing systems and financial position helps companies understand the potential impact in case of out-of-the-ordinary developments.

  • ERM Implementation: Successful implementation is achieved by closely monitoring the progress. Constant review of the policies, systems and processes is important to make sure that they are aligned with the larger goal and also to take timely corrective action.

  • Governance and Compliance: Finally, the ERM policies and procedures should be in line with and facilitate governance and compliance. However, care should be taken that risk management does not end at regulatory compliance, but instead becomes an integral part of the day-to-day business.


 Somna Trehan is senior associate of Oracle Industry Strategy and Insight.