Archive for April 2013

Learnings from the Superstorm

April 29, 2013

From the FSOC 2013 Annual Report with minor paraphrasing…

• Planning and testing: It is important that your company and all of your important counterparties, vendors, and sub contractees, fully understand the functionality of contingency systems, and that key operations and business personnel communicate efficiently to assure enterprise-wide clarity. Expanded testing exercises would enhance assurance of failover reliability. Such testing should involve all parties inside and outside your firm that you depend upon to continue functioning, and should also involve providers of essential services such as power, water, and telecommunications.

• Incident management: Protocols for assuring a timely decision on whether and when to close or open the company would benefit from review and streamlining by the responsible parties. Likewise, protocols for assuring timely decisions within the firm on whether and when to leverage back-up sites would benefit from continued regular testing. Furthermore, operational interdependencies need to be fully incorporated in the decision-making process.

• Personnel: The resilience of critical components of the company requires geographic dispersal of both electronic systems and personnel sufficient to enable an organization to operate despite the occurrence of a wide-scale disruption affecting the metropolitan or geographic area of the organization’s primary operations, including communities economically integrated with, adjacent to, or within normal commuting distance of the primary operations area. Organizations, including major firms, need to continuously and rigorously analyze their routine positioning and emergency repositioning of key management and staff. This is an ongoing requirement as technology, market structure, and institutions evolve rapidly. Developed business continuity plans should be implemented, and key staff should be sent to disaster recovery sites when there is advance notice of events.

• Dependencies: Cross-industry interdependencies require constant review, reassessment, and improvement by organizations to mitigate the impact of energy, power, transport, and communications failures during severe incidents, and to help ensure reliable redundancy.


April 28, 2013

Post to Financial Training

Posts to WillisWire:


  1. Former FDIC Chairman Sheila Bair speaking at #ermsymposium warns #SolvencyII against internal models as they encouraged banks to take risk

  2. What happened to last year’s discussion of a country CRO at the #ermsymposium?

  3. Speaker from Fed at #ermsymposium says CTE no good since you don’t know distribution. How was the product priced? Not with stress tests!

    Retweeted by SocietyofActuaries

  4. Seems that insurance industry may need to save up more cash to cover Nat Cat if forecasts on climate change are right! #ermsymposium

  5. Systemic risk decreases with transparency. #ermsymposium

  6. So, we trust national security to causal models because data does not work. But we trust financial systems to statistics. #ermsymposium

  7. Just hearing all the great things about Bayesian models…expert judgement, ease of communication to C-suite #ermsymposium #Bayesrules

    1. Dave Ingram@dingramerm 23 Apr Must look at risk measures in the context of your business model. C Lawrence #ermsymposium

    2. Need to invest in the future of risk profession. Mark Abbott #ermsymposium

    3. I just heard the coolest story from Hall of Achievement Inductee Gary Peterson #ERMSymposium

    4. Neil Cantle: Complex adaptive systems are more than the sum of their parts. #ERMSymposium 

    5. What is the biggest misconception about enterprise risk management?  #ERMSymposium #ERM #risk

      Retweeted by Milliman, Inc.

    6. What role does economic capital modeling play in your organization?  #ERMSymposium #ERM

      Retweeted by Neil Cantle and 1 other

    7. Business Insurance article focuses on the Emerging Risks Survey and includes some quotes from me. #ERMSymposium 

    8. CFO magazine article quoting me and talking about the Emerging Risks Survey! #ERMSymposium 

  1. CRO needs to have a 360 degree view of risk. #ermsymposium
    from Chicago, IL Dave Ingram ‏@dingramerm 24 Apr
  2. New risk: longevity risk transfer products take a risk that was regulated into non-regulated areas. S Wason #ermsymposium from Chicago, IL Dave Ingram ‏@dingramerm 24 Apr
  3. Companies do not always believe in their own mortality which undermines any risk mgt culture. #ermsymposium
    from Chicago, IL Dave Ingram ‏@dingramerm 24 Apr
  4. Interconnectedness is THE issue for financial regulation going forward. #ermsymposium from Chicago, IL Dave Ingram ‏@dingramerm 24 Apr
  5. CEO needs to be very hands on with risk. Deniability is not an option. S Bair #ermsymposium from Chicago, IL Dave Ingram ‏@dingramerm 24 Apr
  6. Predictive analytics in US healthcare #ermsymposium from Illinois, US Dave Ingram ‏@dingramerm 24 Apr
  7. Canadians using ERM to improve financial management of health firms. #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  8. Professional Standards for Actuarial Risk Managers effective May 1, 2013 Dave Ingram ‏@dingramerm 23 Apr
  9. Too many think the risk equations are a closed form solution for the future when they are really about the past. M McCarthy #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  10. When you crossed a limit you HAD to take an ACTION. B Mark #ermsymposium from Chicago, IL Dave Ingram ‏@dingramerm 23 Apr
  11. Key goal of regulators is now financial stability. Zero tolerance for “fat tailed” failure. C Lawrence #ermsymposium
    from Chicago, IL Dave Ingram ‏@dingramerm 23 Apr
  12. Bank returns jumped from 7% to 20% in 1970s & believed that risk was under control. C Lawrence #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  13. Biggest risks are when we choose not know about potential problems that we did know about. Turning off fire alarms. W Fisher #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  14. ERM can find offsetting risks and notionally create capital and opportunity. This gets enthusiastic buy in from mgt. M Stein #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  15. The ERM program needs to show success on the opportunity side ot risk. J Kollar #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  16. Accounting can cloud risk issues. Challenge to reconcile different statement. M Stein #ermsymposium from Chicago, IL Dave Ingram ‏@dingramerm 23 Apr
  17. Disconnect between economics and accounting a challenge for ERM. Makes it harder to get buy in for ERM C Gilbert #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  18. CRO Council papers Model Validation & Emerging Risks M Stein #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  19. Key for CRO to be able to create a coherent summary of risk information for board M Stein #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  20. Get board involved asking the risk questions. This create engagement in the organization to answer those questions W Fisher #ermsymposium Dave Ingram ‏@dingramerm 23 Apr
  21. Wayne Fisher addressing Risk Profile at CRO panel #ermsymposium

But even with all those tweets, #ermsymposium did not make it to the top list of trending categories

Provisioning – Packing for your trip into the future

April 26, 2013

There are two levels of provisioning for an insurer.  Reserves and Risk Capital.  The two are intimately related.  In fact, in some cases, insurers will spend more time and care in determining the correct number for the sum of the two, called Total Asset Requirement (TAR) by some.

Insurers need an realistic picture of future obligations long before the future is completely clear. This is a key part of the feedback mechanism.  The results of the first year of business is the most important indication of business success for non-life insurance.  That view of results depends largely upon the integrity of the reserve value.  This feedback information effects performance evaluation, pricing for the next year, risk analysis and capital adequacy analysis and capital allocation.

The other part of provisioning is risk capital.  Insurers also need to hold capital for less likely swings in potential losses.  This risk capital is the buffer that provides for the payment of policyholder claims in a very high proportion of imagined circumstances.  The insurance marketplace, the rating agencies and insurance regulatory bodies all insist that the insurer holds a high buffer for this purpose.

In addition, many valuable insights into the insurance business can be gained from careful analysis of the data that is input to the provisioning process for both levels of provisioning.

However, reserves are most often set to be consistent with considerations.  Swings of adequate and inadequate pricing is tightly linked to swings in reserves.  When reserves are optimistically set capital levels may reflect same bias. This means that inadequate prices can ripple through to cause deferred recognition of actual claims costs as well as under provisioning at both levels.  This is more evidence that consideration is key to risk management.

There is often pressure for small and smooth changes to reserves and risk capital but information flows and analysis provide jumps in insights both as to expectations for emerging losses as well as in terms of methodologies for estimation of reserves and capital.  The business pressures may threaten to overwhelm the best analysis efforts here.  The analytical team that prepares the reserves and capital estimates needs to be aware of and be prepared for this eventuality.  One good way to prepare for this is to make sure that management and the board are fully aware of the weaknesses of the modeling approach and so are more prepared for the inevitable model corrections.

Insurers need to have a validation process to make sure that the sum of reserves and capital is an amount that provides the degree of security that is sought.  Modelers must allow for variations in risk environment as well as the impact of risk profile, financial security and risk management systems of the insurer in considering the risk capital amount.  Changes in any of those elements may cause abrupt shifts in the amount of capital needed.

The Total Asset Requirement should be determined without regard to where the reserves have been set so that risk capital level does not double up on redundancy or implicitly affirm inadequacy of reserves.

The capital determined through the Provisioning process will usually be the key element to the Risk Portfolio process.  That means that accuracy in the sub totals within the models are just as important as the overall total.  The common practice of tolerating offsetting inadequacies in the models may totally distort company strategic decision making.

This is one of the seven ERM Principles for Insurers.

Does Anyone Care about Risk Appetite?

April 24, 2013

RISKVIEWS got a private comment on the Risk Portfolio post. The comment can be summed up by the title above.

And if you think about the insights about ERM from the Plural Rationality discussion, you might echo that question.


If your risk attitude is what we call MAXIMIZER, then you will believe that you should be able to accept as much adequately priced risk as you can find.

If your risk attitude is what we call CONSERVATOR, then you will believe that you should mostly accept only risks that are very similar to what you write already, to what you are comfortable with.  You might fear that setting an appetite would improperly encourage folks to take more risk even it it does not really fit that very stringent criteria.

If your risk attitude is what we call PRAGMATIST, then you will believe that it is a waste of time to set down a rule like that in advance.  How would you know what the opportunities will be in the future?  You might easily want to accept much more or much less.  You would think that it is a waste of time to worry about such an unknowable issue.

Only the companies that are driven by what we call the MANAGERS would embrace the risk appetite idea.  They would say that you must have a risk appetite for your ERM program to have any meaning.  Many regulators have the same MANAGER risk attitude.  They agree with the fundamental idea of ERM, with the idea that risk managers are needed to assist insurance company managers, to assess risks and to make sure that the insurer does not take too much risk.  The risk managers should also be able to help the top management of the company to select the corporate strategic balance, reflecting the best combination of risks to optimize the risk reward balance of the company.

And MANAGERS will do the best for the company when they manage the risks of the firm during times of moderate volatility.  Then their choices of risks will likely perform just as their models will predict.  However in times when opportunities are best, the MANAGERS will doubtless hold the company back from the sort of gains in profitable business that the MAXIMIERS will achieve in the companies that they run.  And in times when the red ink is running all over, the MANAGERS will urge insufficient caution and will see larger losses than their models would indicate.

In the sort of uncertain times that we have lived with for 5 years now, the MANAGER’s models will not be able to adequately point the way either.  Results will languish or bounce unexpectedly.

But it is just not true that nobody cares about Risk Appetite.

ERM Control Cycle

April 20, 2013

ERM Control Cycle

The seven principles of ERM for Insurers can be seen as forming an Enterprise Risk Control cycle.

The cycle starts with assessing and planning for risk taking.  That process may include the Diversification principle and/or the Portfolio principle.

Next to the steps of setting Considerations and Underwriting the risks.  These steps are sometimes operated together and sometimes separate, usually depending upon the degree to which the risks are  small and homogeneous or large and unique.

The Risk Control cycle is then applied to the risks that have been accepted.  That step is needed because even if a risk is properly priced and appropriately accepted, the insurer will want to manage the aggregate amount of such risks.  Within the risk control cycle, there is a risk mitigation step and within that step an insurer may choose to reduce their total risk or to increase their risk taking capacity.

Risks that have been accepted through the underwriting process and that the insurer is retaining after the risk control cycle process must be assessed for Provisioning, both for reserve and capital.

Finally, for this discussion of the ERM Cycle, the insurer needs to consider whether there are additional risks that have been unknowingly accepted that may emerge in the future.  The Future risk principle provides a path for that step.

For the ERM Cycle, there is actually no such thing as FINALLY.  As a cycle, it repeats infinitely.  The picture above has many two headed arrows in addition to the one way arrows that represent a single circular process.

The ERM idea sits in the middle of these seven principles.  The ERM idea is the idea that an insurer will follow a cycle like this for all of the risks of the insurer and in addition for the aggregation of all risks.  This will be done to protect all of the stakeholders of the insurers, policyholders, stockholders, bondholders, management, employees and communities to the greatest extent that their sometimes contradictory interests allow.

Most firms will put different degrees of emphasis on different elements.  Some will have very faint arrows between ERM and some of the other principles.  Some insurers will neglect some of these principles completely.

It may be that the choice of which principles to emphasize are tightly linked with their view of the risk environment.

env copy

This a part of the discussion of the seven ERM Principles for Insurers

Risk Portfolio Management

April 18, 2013

In 1952, Harry Markowitz wrote the article “Portfolio Selection” which became the seed for the theory called Modern Portfolio Theory. Modern Portfolio Theory (MPT) promises a path to follow to achieve the maximum return for a given level of risk for an investment portfolio.

It is not clear who first thought to apply the MPT ideas to a portfolio of risks in an insurer. In 1974, Gustav Hamilton of Sweden’s Statsforetag proposed the “risk management circle” to describe the interaction of all elements in the risk management process, including assessment, control, financing and communication. In 1979, Randell Brubaker wrote about “Profit Maximization for a multi line Property/Liability Company.” Since then, the idea of risk and reward optimization has become to many the actual definition of ERM.

Standard & Poor’s calls the process “Strategic Risk Management”.

“Strategic Risk Management is the Standard & Poor’s term for the part of ERM that focuses on both the risks and returns of the entire firm. Although other aspects of ERM mainly focus on limiting downside, SRM is the process that will produce the upside, which is where the real value added of ERM lies.“

The Risk Portfolio Management process is nothing more or less than looking at the expected reward and loss potential for each major profit making activity of an insurer and applying the Modern Portfolio Management ideas of portfolio optimization to that risk and reward information.

At the strategic level, insurers will leverage the risk and reward knowledge that comes from their years of experience in the insurance markets as well as from their enterprise risk management (ERM) systems to find the risks where their company’s ability to execute can produce better average risk-adjusted returns. They then seek to optimize the risk/reward mix of the entire portfolio of insurance and investment risks that they hold. There are two aspects of this optimization process. First is the identification of the opportunities of the insurer in terms of expected return for the amount of risk. The second aspect is the interdependence of the risks. A risk with low interdependency with other risks may produce a better portfolio result than another risk with a higher stand alone return on risk but higher interdependence.

Proposals to grow or shrink parts of the business and choices to offset or transfer different major portions of the total risk positions can be viewed in terms of risk-adjusted return. This can be done as part of a capital budgeting/strategic resource allocation exercise and can be incorporated into regular decision-making. Some firms bring this approach into consideration only for major ad hoc decisions on acquisitions or divestitures and some use it all the time.

There are several common activities that may support the macro- level risk exploitation.

Economic Capital
Economic capital (EC) flows from the Provisioning principle. EC is often calculated with a comprehensive risk model consistently for all of the actual risks of the company. Adjustments are made for the imperfect correlation of the risks. Identification of the highest-concentration risks as well as the risks with lower correlation to the highest-concentration risks is risk information that can be exploited. Insurers may find that they have an advantage when adding risks to those areas with lower correlation to their largest risks if they have the expertise to manage those risks as well as they manage their largest risks.

Risk-adjusted product pricing
Another part of the process to manage risk portfolio risk reward involves the Consideration principle. Product pricing is “risk-adjusted” using one of several methods. One such method is to look at expected profits as a percentage of EC resulting in an expected return-to-risk capital ratio. Another method reflects the cost of capital associated with the economic capital of the product as well as volatility of expected income. The cost of capital is determined as the difference between the price to obtain capital and the rate of investment earnings on capital held by the insurer. Product profit projections then will show the pure profit as well as the return for risk of the product. Risk-adjusted value added is another way of approaching risk-adjusted pricing.

Capital budgeting
The capital needed to fulfill proposed business plans is projected based on the economic capital associated with the plans. Acceptance of strategic plans includes consideration of these capital needs and the returns associated with the capital that will be used. Risk exploitation as described above is one of the ways to optimize the use of capital over the planning period. The allocation of risk capital is a key step in this process.

Risk-adjusted performance measurement (RAPM)
Financial results of business plans are measured on a risk-adjusted basis. This includes recognition of the cost of holding the economic capital that is necessary to support each business as reflected in risk-adjusted pricing as well as the risk premiums and loss reserves for multi-period risks such as credit losses or casualty coverages. This should tie directly to the expectations of risk- adjusted profits that are used for product pricing and capital budgeting. Product pricing and capital budgeting form the expectations of performance. Risk-adjusted performance measurement means actually creating a system that reports on the degree to which those expectations are or are not met.

For non-life insurers, Risk Portfolio Management involves making strategic trade-offs between insurance, credit (on reinsurance ceded) and all aspects of investment risk based on a long-term view of risk-adjusted return for all of their choices.

Insurers that do not practice Portfolio Risk Management usually fail to do so because they do not have a common measurement basis across all of their risks. The recent move of many insurers to develop economic capital models provides a powerful tool that can be used as the common risk measure for this process. Economic capital is most often the metric used to define risk in the risk/reward equation of insurers.

Some insurers choose not to develop an EC model and instead rely upon rating agency or regulatory capital formulas. The regulatory and rating agency capital formulas are by their nature broad market estimates of the risk capital of the insurer. These formulae will over-state the capital needs for some of the insurer’s activity and understate the needs for others. The insurer has the specific data about their own risks and can do a better job of assessing their risks than any outsider could ever do. In some cases, insurers took high amounts of catastrophe exposure or embedded guarantee and option risks, which were not penalized in the generic capital formulas. In the end, some insurers found that they had taken much more risk than their actual loss tolerance or capacity.

Risk Portfolio management provides insurers with the framework to take full advantage of the power of diversification in their risk selection. They will look at their insurance and investment choices based on the impact, after diversification, on their total risk/reward profile. These insurers will also react to the cycles in risk premium that exist for all of their different insurance risks and for all of their investment risks in the context of their total portfolio.

Sales of most insurance company products result in an increase in the amount of capital needed by the business due to low or negative initial profits and the need to support the new business with Economic Capital. After the year of issue, most insurance company products will show annual releases of capital both due to the earnings of the product as well as the release of supporting capital that is no longer needed due to terminations of prior coverages. The net capital needs of a business arise when growth (new sales less terminations) is high and/or profits are low and capital is released when growth is low and/or profits are high.

The definition of the capital needs for a product is the same as the definition of distributable earnings for an entire business: projected earnings less the increase in Economic Capital. The capital budgeting process will then focus on obtaining the right mix of short and long term returns for the capital that is needed for each set of business plans.

Both new and existing products can be subjected to this capital budgeting discipline. A forecast of capital usage by a new product can be developed and used as a factor in deciding which of several new products to develop. In considering new and existing products, capital budgeting may involve examining historic and projected financial returns.

Pitfalls of Risk Portfolio Management

In theory, optimization processes can be shown to produce the best results for practitioners. And for periods of time when fluctuations of experience are moderate and fall comfortably within the model parameters, continual fine tuning and higher reliance on the modeled optimization recommendations produce ever growing rewards for the expert practitioner. However, model errors and uncertainties are magnified when management relies upon the risk model to lever up the business. And at some point, the user of complex risk models will see that levering up their business seems to be a safe and profitable way to operate. When volatility shifts into a less predictable and/or higher level, the highly levered company can find it self quickly in major trouble.

Even without major deviations of experience, the Risk Portfolio Management principles can lead to major business disruptions. When an insurer makes a major change in its risk profile through an acquisition or divestiture of a large part of their business, the capital allocation of all other activities may shift drastically. Strict adherence to theory can whipsaw businesses as the insurer makes large changes in business.

Insurers need to be careful to use the risk model information to inform strategic decisions without overreliance and abdication of management judgment. Management should also push usage of risk and reward thinking throughout the organization. The one assumption that seems to cause the most trouble is correlation. The saying goes that “in a crisis, all correlations go to one”. If the justification for a major strategic decision is that correlations are far from one, management should take note of the above saying and prepare accordingly. In addition management should study the variability of correlations over time. They will find that correlations are often highly unreliable and this should have a major impact on the way that they are used in the Risk Portfolio Management process.

Risk Portfolio Management is one of the Seven ERM Principles for Insurers

Future Uncertainty

April 16, 2013

Often called emerging risks. Going back to Knight’s definitions of Risk and Uncertainty, there is very little risk contained in these potential situations.  Emerging risks are often pure uncertainty.  Humans are good at finding patterns.  Emerging risks are breaks in patterns.

What to Do about Emerging Risks…

Emerging risks are defined by AM Best as “new or evolving risks that are difficult to manage because their identification, likelihood of occurrence, potential impacts, timing of occurrence or impact, or correlation with other risks, are highly uncertain.” An example from the past is asbestos; other current examples could be problems deriving from nanotechnology, genetically modified food, climate change, etc. Lloyd’s, a major sufferer from the former emerging risk of asbestos, takes emerging risks very seriously. They think of emerging risks as “an issue that is perceived to be potentially significant but which may not be fully understood or allowed for in insurance terms and conditions, pricing, reserving or capital setting”.

What do the rating agencies expect?

AM Best says that insurers need “sound risk management practices relative to its risk profile and considering the risks inherent in the liabilities it writes, the assets it acquires and the market(s) in which it operates, and takes into consideration new and emerging risks.” In 2013, Best has added a question asking insurers to identify emerging risks to the ERM section of the SRQ. Emerging Risks Management has been one of the five major pillars of the Standard & Poor’s Insurance ERM ratings criteria since 2006.

How do you identify emerging risks?

A recent report from the World Economic Forum, The Global Risks 2012 report is based on a survey of 469 experts from industry, government, academia and civil society that examines 50 global risks. Those experts identified 8 of those 50 risks as having the most significance over the next 10 years:

  •   Chronic fiscal imbalances
  •   Cyber attacks
  •   Extreme volatility in energy and agriculture prices
  •   Food shortage crises
  •   Major systemic financial failure
  •   Rising greenhouse gas emissions
  •   Severe income disparity
  •   Water supply crises

This survey method for identifying or prioritizing risks is called the Delphi method and can be used by any insurer. Another popular method is called environmental scanning which includes simply reading and paying attention for unusual information about situations that could evolve into future major risks.

What can go wrong?

Many companies do not have any process to consider emerging risks.  At those firms, managers usually dismiss many possible emerging risks as impossible.  It may be the company culture to scoff at the sci fi thinking of the emerging risks process.  The process Taleb describes of finding ex post explanation for emerging Black Swan risks is often the undoing of careful plans to manage emerging risk.  In addition, lack of imagination causes some managers to conclude that the past worst case is the outer limit for future losses.

What can you do about emerging risks?

The objectives for emerging risks management are just the same as for other more well-known risks: to reduce the frequency and severity of future losses. The uncertain nature of emerging risks makes that much more difficult to do cost effectively. Insurers can use scenario testing to examine potential impact of emerging risks and to see what actions taken in advance of their emergence might lessen exposures to losses. This scenario testing can also help to identify what actions might lessen the impact of an unexpected loss event that comes from a very rapidly emerging risk. Finally, insurers seek to identify and track leading indicators of impending new risk emergence.

Reinsurance is one of the most effective ways to protect against emerging risks, second only to careful drafting of insurance contract terms and conditions

Many of the largest insurers and reinsurers have developed very robust practices to identify and to prepare for emerging risks.  Other companies can learn from the insurers who practice emerging risk management and adapt the same processes to their emerging risks.

Normal risk control processes focus on everyday risk management, including the management of identifiable risks and/or risks where uncertainty and unpredictability are mitigated by historical data that allow insurers to estimate loss distribution with reasonable confidence. Emerging risk management processes take over for risks that do not currently exist but that might emerge at some point due to changes in the environment. Emerging risks may appear abruptly or slowly and gradually, are difficult to identify, and may for some time represent an ill formed idea more than factual circumstances. They often result from changes in the political, legal, market, or physical environment, but the link between cause and effect is fully known in advance. An example from the past is asbestos; other examples could be problems deriving from nanotechnology, genetically modified food, climate change, etc. 
For these risks, normal risk identification and monitoring will not work because the likelihood is usually completely unknown. Nevertheless, past experience shows that when they materialize, they have a significant impact on the insurers and therefore cannot be excluded from a solid risk management 
program. So insurers have implemented unique specific strategies and approaches to cope with them properly.

Identifying emerging risks

Emerging risks have not yet materialized or are not yet clearly defined and can appear abruptly or very slowly. Therefore, having some sort of early warning system in place, methodically identified either through internal or external sources, is very important. To minimize the uncertainty surrounding these risks, insurers will consistently gather all existing relevant information to amass preliminary evidence of emerging risks, which would allow the insurer to reduce or limit growth of exposure as the evidence becomes more and more certain.  However, Insurers practicing this discipline will need to be aware of the cost of false alarms.

Assessing their significance

Assess the relevance (i.e. potential losses) of the emerging risks linked to a company’s commitment— which classes of business and existing policies would be affected by the materialization of the risk—and continue with the assessment of the potential financial impact, taking into account potential correlation with other risks already present in the firm. For an insurer, the degree of concentration and correlation of the risks that they have taken on from their customers are two important parameters to be considered; the risk in question could be subject to very low frequency/high intensity manifestations, but if exposure to that particular risk is limited, then the impact on the company may not be as important. On the other hand, unexpected risk correlations should not be underestimated; small individual exposures can coalesce into an extreme risk if underlying risks are highly interdependent. When developing extreme scenarios, some degree of imagination to think of unthinkable interdependencies could be beneficial.

A further practice of insurers is to sometimes work backwards from concentrations to risks. Insurers might envision risks that could apply to their concentrations and then track for signs of risk emergence in those areas. Some insurers set risk limits for insurance concentrations that are very similar to investment portfolio credit limits, with maximum concentrations in specific industries in geographic or political regions. In addition, just as investment limits might restrict an insurer’s debt or equity position as a percentage of a company’s total outstanding securities, some insurers limit the percentage of coverage they might offer in any of the sectors described above.

Define appropriate responses

Responses to emerging risks might be part of the normal risk control process, i.e., risk mitigation or transfer, either through reinsurance (or retrocession) in case of insurance risks, through the financial markets for financial risks, or through general limit reduction or hedging. When these options are not available or the insurer decides not to use them, it must be prepared to shoulder significant losses, which can strain a company’s liquidity.  Planning access to liquidity is a basic part of emerging risk management.  Asset-selling priorities, credit facilities with banks, and notes programs are possible ways of managing a liquidity crisis.

Apart from liquidity crisis management, other issues exist for which a contingency plan should be identified in advance. The company should be able to quickly estimate and identify total losses and the payments due. It should also have a clear plan for settling the claims in due time so as to avoid reputation issues. Availability of reinsurance is also an important consideration: if a reinsurer were exposed to the same risks, it would be a sound practice for the primary insurer to evaluate the risk that the reinsurer might delay payments.

Advance Warning Process

For the risks that have identified as most significant and where the insurer has developed coherent contingency plans, the next step is to create and install an advanced warning process.  To do that, the insurer identifies key risk indicators that provide an indication of increasing likelihood of a particular emerging risk.


Finally, sound practices for managing emerging risks include establishing procedures for learning from past events. The company will identify problems that appeared during the last extreme event and identify improvements to be added to the risk controls.  In addition, expect to get better at each step of the emerging risk process with time and experience.

But emerging risk management costs money.  And the costs that are most difficult to defend are the emerging risks that never emerge.  A good emerging risk process will have many more misses than hits.  Real emerged risks are rare.  A company that is really taking emerging risks seriously will be taking actions on occasion that cost money to perform and possibly include a reduction in the risks accepted and the attendant profits.  Management needs to have a tolerance for these costs.  But not too much tolerance.


This is one of the seven ERM Principles for Insurers

%d bloggers like this: