Archive for August 2011

Decision Fatigue and Crisis Risk Management

August 31, 2011

In a recent New York TImes Magazine article, the problem of decision making fatigue is described.  The article says that people will generally tire of making decisions.  It sites studies of judges rulings on parole hearings.  Parolees who have the bad luck to have their case heard later in the day have much less chance of success was one example cited.

Another interesting aspect of decision fatigue was that once fatigued of decisions, people tended to narrow their decision making criteria.  Tired decision makers would eventually get down to a single factor driving their decisions.

The idea given of how to avoid decision fatigue is generally to avoid making too many decisions.

There are interesting implications for risk management.  RISKVIEWS has said many times that risk management means that sometimes the company will do something different then before they had risk management.  But since the company is not doing something different all of the time, each different situation requires a decision.  But all decisions are not of the same economic impact.

So a strategy for getting it right – or at least avoiding decision fatigue for the most important decisions is to make sure that a fresh decision maker is involved in the decisions of higher importance.

This idea may not mean making any change in the procedures of many companies.  It is not uncommon for decisions that involve larger amounts of money to require approval by a more senior person than the person who makes the lesser decisions.  It appears that is a good idea from a decision fatigue point of view.  Firms who seek to empower their employees by avoiding that sort of system may be playing russian roulette with their most important risk management decisions.

In a crisis, many decisions are needed in a short time.  That is perhaps one way of defining a crisis.  Things must be done differently.  The likelihood of decision fatigue in a crisis seems to be immense.

A solution to this is to reduce the number of decisions.  This can be accomplished by anticipating the decisions that may be needed and making the most likely decisions in advance.  It may well be that an advance decision made with an approximation of the situation may be better than a fatigued decision.  There still remains the decision of whether the advance decision is still applicable.  But if done right, the stress of decisions can be greatly reduced.

In addition, the narrowing of decision making criteria for fatigued decision makers is an interesting finding.  Many management information people report that they need to refine the information that they provide to single indicators, in some cases to red light/green light on/off indicators.

This seems to be clear indication of decision fatigue of senior managers.  While MI professionals will not usually be empowered to have an opinion on this, it seems that what is in order is for the top managers to make fewer decisions until they get to the point where they are no longer too fatigued to recognize the actual complexity of the decisions that they are making.

Be Honest about the Cost of Risk Management

August 29, 2011

The cost of risk management is not primarily salaries and other expenses for the risk management staff.

It is not even the cost of top management time that might be diverted to risk management from other topics.

The real cost of risk management is the cost of the activities that the firm undertakes to prevent or reduce losses.

That was brought home with Hurricane Irene this weekend.  To reduce possible losses, Riskviews spent several hours bringing inside personal things that might have been blown into the house, bringing the kayak in from the marina and filling up containers with extra water.  It will take another half day to put things back after the storm.

Almost all risk management activities have such costs.  Or else they have the opportunity costs that we also experienced this past weekend.  Most people on the eastern seaboard missed out on one opportunity or another because of the storm.

These are the costs of risk management because doing risk management means doing something different than you would have done without risk management.

This past weekend, at least in the New York area, Hurricane Irene was not as dangerous as the hurricane that we were all advised to prepare for.

Risk management is about changing future probabilities.  So that means that these costs will sometimes be incurred when the hurricane weakens before getting to you, or veers off into the ocean and does not even trouble the city.

Some managers are taught to make business decisions based upon cost benefit analysis.  With a cost benefit approach, many risk management actions will fall short.  That is because they will usually look at the actual cost and the experienced benefit.  Many risk management actions, such as hedging or reinsurance may have an expected cost – that means that your projection is that you will reduce profits by taking the risk management actions.

But the real benefit of risk management is the reduction of the likelihood that an adverse event will create unacceptable losses.  Whether that event happens or not and whether or not it is as adverse as expected, is not a primary consideration.  That information is a matter for calibration of the model used to project the likelihood of the adverse event.

So the sooner you have the conversation about the true cost of risk management the better.

And when you have that conversation, be honest.

Maybe it is not as obvious as you think…

August 24, 2011

Do you have any bad instructions risk?

The Risk Managers Desk Reference

August 23, 2011

If you are a risk manager, you probably already have this book on your desk.  Ready for the next time that someone say that some disaster your are asking them to prepare for will never happen.  You then can pull out this resource and show them that something much worse has happened several times before.  This invaluable resource is

The Pessimist’s Guide to History 3e: An Irresistible Compendium of Catastrophes, Barbarities, Massacres, and Mayhem – from 14 Billion Years Ago to 2007 by Flexner and Flexner.

With this book, the alert risk manager can perform a comprehensive study of disasters that occured in the 1500’s, for example.  The PGTH (as fans affectionately call it) tells of the following:

  • 1502 – 30 Spanish treasure ships destroyed by hurricane
  • 1514 – Hungarian Peasants Revolt
  • 1520 – Sad Night at Tenochtitlan
  • 1521 – Smallpox and Spanish conquer Aztecs
  • 1524 – Peasants revolt in Germany
  • 1527 – Sack of Rome
  • 1528 – Spanish explorers ships wrecked by hurricane near Florida
  • 1531 – Earthquake hits Lisbon
  • 1545 – Sinking of Mary Rose
  • 1546 – Massacre of Waldenses
  • 1556 – Chinese earthquake kills over 800,000
  • 1559 – Spanish ships sink in hurricane near Tampa
  • 1562 – Massacre near Vassy, France
  • 1570 – Massacre at Novogorod
  • 1572 – Massacre of St. Bartholomew
  • 1574 – Floods in Netherlands kill 20,000 Spanish soldiers
  • 1587 – English colonists at Roanoke disappear
  • 1588 – Spanish Armada defeated
  • 1589 – Assassination of Henry III
  • 1591 – Philippines volcano erupts
  • 1591 – Storms destroy 29 Spanish ships near Florida

Other events include the extinction of the dinosaurs 65 million years ago.  If you are using that piece of data to help to calibrate your loss models, you can think of that as a total loss once in the past 65 million years.

So the next question from your management may be whether if the total loss scenario is a one in 65 million year event and it has not happened in 65 million years, are we due?

And from this data, it looks like hurricanes happen near Florida.  Especially dangerous to Spanish ships.  Tell that to your underwriters.

But they probably have their own copy of the book.

And one very sure sign of a dangerous situation for your company is if you find one of your underwriters with an different book by the Flexner’s, The Optimists Guide to History.

Something important to check for.

ERM Disclosure (2)

August 22, 2011

In a post last week, it was noted that US insurers are starting to admit to managing their risks in their public disclosures.  The 671 word discussion of the ERM process of Travelers was reproduced.  (Notice that over 100 of those words talk about the unreliability of the ERM system. )

But disclosure of ERM processes has been much more widespread and much more extensive in other parts of the world for more than 5 years.

For Example, Munich Re’s 2010 annual report has a 20 page section titled Risk Report.  That section has sub headings such as:

Risk governance and risk management system

Risk management organisation, roles and responsibilities

Control and monitoring systems

Risk reporting

Significant risks

Underwriting risk: Property-casualty insurance

Underwriting risk: Life and health insurance

Market risk

Credit Risk

Operational risk

Liquidity risk

Strategic risk

Reputation Risk

Economic Capital

Available Financial Resources

Selected Risk Complexes

It is not just Munich Re.  Manulife’s Risk Management disclosure is 22 pages of their annual report.  Below is the introduction to that section:

Manulife Financial is a financial institution offering insurance, wealth and asset management products and services, which subjects the Company to a broad range of risks. We manage these risks within an enterprise-wide risk management framework. Our goal in managing risk is to strategically optimize risk taking and risk management to support long-term revenue, earnings and capital growth.
We seek to achieve this by capitalizing on business opportunities that are aligned with the Company’s risk taking philosophy, risk appetite and return expectations; by identifying, measuring and monitoring key risks taken; and by executing risk control and mitigation programs.
We employ an enterprise-wide approach to all risk taking and risk management activities globally. The enterprise risk management (“ERM”) framework sets out policies and standards of practice related to risk governance, risk identification, risk measurement, risk monitoring, and risk control and mitigation. With an overall goal of effectively executing risk management activities, we continuously invest to attract and retain qualified risk professionals, and to build, acquire and maintain the necessary processes, tools and systems.
We manage risk taking activities against an overall risk appetite, which defines the amount and type of risks we are willing to assume. Our risk appetite reflects the Company’s financial condition, risk tolerance and business strategies. The quantitative component of our risk appetite establishes total Company targets defined in relation to economic capital, regulatory capital required, and earnings sensitivity.
We have further established targets for each of our principal risks to assist us in maintaining appropriate levels of exposures and a risk profile that is well diversified across risk categories. In 2010, we cascaded the targets for the majority of our principal risks down to the business level, to facilitate the alignment of business strategies and plans with the Company’s overall risk management objectives.
Individual risk management programs are in place for each of our broad risk categories: strategic, market, liquidity, credit, insurance and operational. To ensure consistency, these programs incorporate policies and standards of practice that are aligned with those within the enterprise risk management framework, covering:

■ Assignment of risk management accountabilities across the organization;
■ Delegation of authorities related to risk taking activities;
■ Philosophy and appetite related to assuming risks;
■ Establishment of specific risk targets or limits;
■ Identification, measurement, assessment, monitoring, and reporting of risks; and
■ Activities related to risk control and mitigation.

Such frank discussion of risk and risk management may be seen by some US insurers’ management to be dangerous.  In the rest of the world, it is moving towards a situation where NOT discussing risk and risk management frankly and openly is a risk to management.

Which would you prefer?

Solar Risk

August 20, 2011

At least 75% of the US has experienced some Solar Risk this summer. Temperatures were into triple digits.

(in Fahrenheit. Fahrenheit is a part of the ancient measuring system that only America uses. 100F is 37.7C. Not so magical stated that way.  But it is still exceptional.)

But very different solar risk is thought to be on the way.  Solar Storms are thought to entering a busy season and to have the capability of wrecking havoc on various electromagnetic broadcast and receiving systems.  GPS systems are thought to be particularly vulnerable.

The last major storm to hit earth reportedly caused the emerging telegraph systems in the US and Europe to encounter problems.  We now depend upon many, many complex electronic systems.

But see what happens if you try to get your firm to prepare for violent solar storms.  The best that may happen is that you would be laughed out of the room.

So do your own preparation.  Carry a map.

ERM Discosure

August 18, 2011

Here is a tip from the IRMI about how to get started with a new ERM program:

✓ If  you  are  a  public  company,  begin  by asking  the  person  or  group  that  identifies  risks  for  SEC  reports  to  also  identify
the top three corrective actions for the next quarter. Update the list quarterly.

That sounds like a great suggestion.  RISKVIEWS has always been amazed that the standard for disclosure in the US has been to disclose risks but not to say anything about what the firm is doing about those risks.  Based upon the standard disclosures, it is almost impossible to tell the difference between a firm with state of the art risk management and a firm with almost none.

But recently, companies, even in the US, are increasingly including a mention of their risk management activities along with the required laundry list of risks.

Just picking a public firm at random, here is an excerpt from Allstate’s risk disclosure:

As a property and casualty insurer, we may face significant losses from catastrophes and severe weather events

Because of the exposure of our property and casualty business to catastrophic events, our operating results and financial condition may vary significantly from one period to the next. Catastrophes can be caused by various natural and man-made disasters, including earthquakes, volcanoes, wildfires, tornadoes, hurricanes, tropical storms and certain types of terrorism. We may incur catastrophe losses in our auto and property business in excess of: (1) those experienced in prior years, (2) those that we project would be incurred based on hurricane and earthquake losses which have a one percent probability of occurring on an annual aggregate countrywide basis, (3) those that external modeling firms estimate would be incurred based on other levels of probability, (4) the average expected level used in pricing or (5) our current reinsurance coverage limits.Despite our catastrophe management programs, we are exposed to catastrophes that could have a material adverse effect on operating results and financial condition. For example, our historical catastrophe experience includes losses relating to Hurricane Katrina in 2005 totaling $3.6 billion, the Northridge earthquake of 1994 totaling $2.1 billion and Hurricane Andrew in 1992 totaling $2.3 billion. We are also exposed to assessments from the California Earthquake Authority and various state-created catastrophe insurance facilities, and to losses that could surpass the capitalization of these facilities. Our liquidity could be constrained by a catastrophe, or multiple catastrophes, which result in extraordinary losses or a downgrade of our debt or financial strength ratings.

In addition, we are subject to claims arising from weather events such as winter storms, rain, hail and high winds. The incidence and severity of weather conditions are largely unpredictable. There is generally an increase in the frequency and severity of auto and property claims when severe weather conditions occur.

Green text coloring added by RISKVIEWS to highlight mention of risk management activities.

Another example from Travelers:

Catastrophe losses could materially and adversely affect our results of operations, our financial position and/or liquidity, and could adversely impact our ratings, our ability to raise capital and the availability and cost of reinsurance. Our property and casualty insurance operations expose us to claims arising out of catastrophes. Catastrophes can be caused by various natural events, including, among others, hurricanes and other windstorms, earthquakes, hail, wildfires, severe winter weather, floods and volcanic eruptions. Catastrophes can also be man-made, such as a terrorist attack (including those involving nuclear, biological, chemical or radiological events), explosions, infrastructure failures or a consequence of political instability. The geographic distribution of our business subjects us to catastrophe exposures in the United States, which include, but are not limited to: hurricanes from Maine through Texas; tornadoes throughout the Central and Southeast United States; earthquakes in California, the New Madrid region and the Pacific Northwest region of the United States; wildfires, particularly in the Southwest; and terrorism in major cities in the United States. In addition, our international operations subject us to catastrophe exposures in the United Kingdom, Canada and the Republic of Ireland, as well as to a variety of world-wide catastrophe exposures through our Lloyd’s operations. The incidence and severity of catastrophes are inherently unpredictable, and it is possible that both the frequency and severity of natural and man-made catastrophic events could increase. Some scientists believe that in recent years changing climate conditions have added to the unpredictability and frequency of natural disasters (including, but not limited to, hurricanes, tornadoes, other storms and fires) in certain parts of the world and created additional uncertainty as to future trends and exposures. For example, in recent years hurricane activity has impacted areas further inland than previously experienced, thus expanding our overall hurricane exposure. The catastrophe modeling tools that we use, or that we rely on from outside parties, to help manage certain of our catastrophe exposures are based on assumptions and judgments that are subject to error and mis-estimation and may produce estimates that are materially different than actual results. In addition, our increased presence in certain geographic areas, such as in the Midwest and Western regions of the United States, and any changes in climate conditions could cause our data to be more limited and our catastrophe models to be even less predictive, thus limiting our ability to effectively evaluate and manage such exposures. See ‘‘Item 7— Management’s Discussion and Analysis of Financial Condition and Results of Operations—Catastrophe Modeling’’ and ‘‘—Changing Climate Conditions.’’ The extent of losses from a catastrophe is a function of both the total amount of insured exposure in the area affected by the event and the severity of the event. Increases in the value and geographic concentration of insured property and the effects of inflation could increase the severity of claims from catastrophic events in the future. In addition, states have from time to time passed legislation, and regulators have taken action, that has the effect of limiting the ability of insurers to manage catastrophe risk, such as legislation prohibiting insurers from reducing exposures or withdrawing from catastrophe-prone areas or mandating that insurers participate in residual markets. Participation in residual market mechanisms has resulted in, and may continue to result in, significant losses or assessments to insurers, including us, and, in certain states, those losses or assessments may not be commensurate with our direct catastrophe exposure in those states. If our competitors leave those states having residual market mechanisms, remaining insurers, including us, may be subject to significant increases in losses or assessments following a catastrophe. In addition, following catastrophes, there are sometimes legislative initiatives and court decisions which seek to expand insurance coverage for catastrophe claims beyond the original intent of the policies. Also, our ability to increase pricing to the extent necessary to offset rising costs of catastrophes, particularly in the Personal Insurance segment, requires approval of regulatory authorities of certain states. Our ability or our willingness to manage our catastrophe exposure by raising prices, modifying underwriting terms or reducing exposure to certain geographies may be limited due to considerations of public policy, the evolving political environment, changes in the general economic climate and/or social responsibilities. We also may choose to write business in catastrophe-prone areas that we might not otherwise write for strategic purposes, such as improving our access to other underwriting activities. There are also risks that impact the estimation of ultimate costs for catastrophes. For example, the estimation of reserves related to hurricanes can be affected by the inability to access portions of the impacted areas, the complexity of factors contributing to the losses, the legal and regulatory uncertainties and the nature of the information available to establish the reserves. Complex factors include, but are not limited to: determining whether damage was caused by flooding versus wind; evaluating general liability and pollution exposures; estimating additional living expenses; the impact of demand surge; infrastructure disruption; fraud; the effect of mold damage; business interruption costs; and reinsurance collectability. The timing of a catastrophe’s occurrence, such as at or near the end of a reporting period, can also affect the information available to us in estimating reserves for that reporting period. The estimates related to catastrophes are adjusted as actual claims emerge and additional information becomes available. Exposure to catastrophe losses or actual losses following a catastrophe could adversely affect our financial strength and claims-paying ratings and could impair our ability to raise capital on acceptable terms or at all. Also, as a result of our exposure to catastrophe losses or actual losses following a catastrophe, rating agencies may further increase capital requirements, which may require us to raise capital to maintain our ratings or adversely affect our ratings. A ratings downgrade could hurt our ability to compete effectively or attract new business. In addition, catastrophic events could cause us to exhaust our available reinsurance limits and could adversely impact the cost and availability of reinsurance. Such events can also impact the credit of our reinsurers. For a discussion of our catastrophe reinsurance coverage, see ‘‘Item 1—Business—Reinsurance—Catastrophe Reinsurance.’’ Catastrophic events could also adversely impact the credit of the issuers of securities, such as states or municipalities, in whom we have invested. In addition, coverage in our reinsurance program for terrorism is limited. Although the Terrorism Risk Insurance Program Reauthorization Act of 2007 (the Act) provides benefits in the event of certain acts of terrorism, those benefits are subject to a deductible and other limitations. Under this law, once our losses exceed 20% of our commercial property and casualty insurance premium for the preceding calendar year, the federal government will reimburse us for 85% of our losses attributable to certain acts of terrorism which exceed this deductible up to a total industry program cap of $100 billion. Our estimated deductible under the program is $2.08 billion for 2011. In addition, because the interpretation of this law is untested, there is substantial uncertainty as to how it will be applied to specific circumstances. It is also possible that future legislative action could change the Act. Because of the risks set forth above, catastrophes such as those caused by various natural events or man-made events such as a terrorist attack, including ‘‘unconventional’’ acts of terrorism involving nuclear, biological, chemical or radiological events, could materially and adversely affect our results of operations, financial position and/or liquidity. Further, while we seek to manage our exposure to man-made catastrophic events involving conventional means, there can be no assurance that we would have sufficient resources to respond to claims arising out of one or more man-made catastrophic events involving so-called weapons of mass destruction, including nuclear, biological, chemical or radiological means.

Travelers actually has a section of the 10k devoted to Catastrophe modeling:

CATASTROPHE MODELING

The Company uses various analyses and methods, including computer modeling techniques, to analyze catastrophic events and the risks associated with them. The Company uses these analyses and methods to make underwriting and reinsurance decisions designed to manage its exposure to catastrophic events. In making underwriting and reinsurance decisions for hurricane and earthquake exposures, the Company uses third-party proprietary computer modeling in an attempt to estimate the likelihood that the loss from a single event occurring in a one-year timeframe will equal or exceed a particular amount. The tables below set forth the estimated probabilities that losses from a single event occurring in a one-year timeframe will equal or exceed the indicated loss amounts (expressed in dollars and as a percentage of the Company’s common equity). For example, on the basis described below the tables, the Company estimates that there is a one percent chance that the Company’s loss from a single U.S. hurricane occurring in a one-year timeframe would equal or exceed $1.1 billion, or 5% of the Company’s common equity at December 31, 2010. Dollars (in billions) Single U.S.

The last disclosure does provide good context for their risk level.  And their ability to even disclose this information suggests a likelihood that they may be actually using this information to manage the risk.

Travelers goes on to take the unusual step for a US insurer of actually directly addressing their ERM program in their 10k:

ENTERPRISE RISK MANAGEMENT

As a large property and casualty insurance enterprise, the Company is exposed to many risks. These risks are a function of the environments within which the Company operates. Since certain risks can be correlated with other risks, an event or a series of events can impact multiple areas of the Company simultaneously and have a material effect on the Company’s results of operations, financial position and/or liquidity. These exposures require an entity-wide view of risk and an understanding of the potential impact on all aspects of the Company. It also requires the Company to manage its risk-taking to be within its risk appetite in a prudent and balanced effort to create and preserve value for all of the Company’s stakeholders. This approach to Company-wide risk evaluation and management is commonly called Enterprise Risk Management (ERM). ERM activities involve both the identification and assessment of a broad range of risks and the execution of synchronized strategies to effectively manage such risks. Effective ERM also includes the determination of the Company’s risk capital needs, which takes into account regulatory requirements and credit rating considerations, in addition to economic and other factors. ERM at the Company is an integral part of business operations. All risk owners across all functions, all corporate leaders and the board of directors are engaged in ERM. ERM involves risk-based analytics, as well as reporting and feedback throughout the enterprise in support of the Company’s long-term financial strategies and objectives. The Company uses various methods, including sophisticated computer modeling techniques, to analyze catastrophic events and the risks associated with them. These analyses and methods are used in making underwriting and reinsurance decisions as part of managing the Company’s exposure to catastrophic events. In addition to catastrophe modeling and analysis, the Company also models and analyzes its exposure to other extreme events. These analytical techniques are an integral component of the Company’s ERM process and further support the Company’s long-term financial strategies and objectives. In addition to the day-to-day ERM activities within the Company’s business units, other key internal risk management functions include the Management Committee (comprised of the Company’s Chief Executive Officer and the other most senior members of management), the Enterprise and Underwriting Risk Committees of management, the Credit Committee, the Chief Compliance Officer, the Business Conduct Officer, the Corporate Actuarial group, the Corporate Audit group, the Accounting Policy group, the Enterprise Underwriting group and many others. A senior executive oversees the ERM process. The mission of this executive is to facilitate risk assessment and to collaborate in implementing effective risk management strategies throughout the Company. Another strategic ERM objective of this executive includes working across the Company to enhance effective and realistic risk modeling capabilities as part of the Company’s overall effort to understand and manage its portfolio of risks to be within its risk appetite. Board oversight of ERM is provided by the Risk Committee of the board of directors, which reviews the strategies, processes and controls pertaining to the Company’s insurance operations and oversees the implementation, execution and performance of the Company’s ERM program. The Company’s ERM efforts build upon the foundation of an effective internal control environment. ERM expands the internal control objectives of effective and efficient operations, reliable financial reporting and compliance with applicable laws and regulations, to fostering, leading and supporting an integrated, risk-based culture within the Company that focuses on value creation and preservation. However, the Company can provide only reasonable, not absolute, assurance that these objectives will be met. Further, the design of any risk management or control system must reflect the fact that there are resource constraints, and the benefits must be considered relative to their costs. As a result, the possibility of material financial loss remains in spite of the Company’s significant ERM efforts. An investor should carefully consider the risks and all of the other information set forth in this annual report, including the discussions included in ‘‘Item 1A—Risk Factors,’’ ‘‘Item 7A—Quantitative and Qualitative Disclosures About Market Risk,’’ and ‘‘Item 8—Financial Statements and Supplementary Data.’’

And finally, Travelers does disclose in the list of management that there are two senior executives, out of about 50 listed, with the words “Enterprise Risk Management” as a part of their title.


%d bloggers like this: