Archive for the ‘Solvency II’ category

Risk Capital Standard

June 23, 2014

Insurers in the US and Canada are required to state their own internal Risk Capital Standard in their ORSA Summary Report. From RISKVIEWS observations over the years of actual insurer actions, insurers have actually operated  with four levels of Risk Capital Standards:

  • Solvency – enough capital to avoid take-over by regulators
  • Viable – enough capital to avoid reaching Solvency level with “normal” volatility
  • Secure – enough capital to satisfy sophisticated commercial buyers that you will pay claims in most situations
  • Robust – enough capital to maintain a Secure level of capital after a major loss

In many cases, this is not necessarily a clear conscious decision, but insurers do seem to pick one of those four levels and stick with it.

Insurers operating at the Solvency levels are usually in constant contact with their regulator.  They are almost always very small insurers who are operating on the verge of regulatory takeover.  They operate in markets where there is no concern on the part of their customers for the security of their insurer.  Sometimes these insurers are government sponsored and are permitted to operate at this level for as long as they are able because the government is unwilling to provide enough capital and the company is not able to charge enough premiums to build up additional capital, possibly because of government restrictions to rates.  This group of insurers is very small in most times.  Any adverse experience will mean the end of the line for these companies.

Many insurers operate at the Viable level.  These insurers are usually operating in one or several personal/individual insurance lines where their customers are not aware of or are not sensitive to security concerns.  Most often these insurers write short term coverages such as health insurance, auto insurance or term insurance.  These insurers can operate in this manner for decades or until they experience a major loss event.  They do not have capital for such an event so their are three possible outcomes:  insolvency and breakup of the company, continued operation at the Solvency level of capital with or without gradual recovery of capital to the Viable level.

The vast bulk of the insurance industry operates at the Secure level of capital.  Companies with a Secure capital level are able to operate in commercial/group lines of business, reinsurance or the large amount individual products where there is a somewhat knowledgeable assessment of security as a part of the due diligence process of the insurance buyer.   With capital generally at the level of a major loss plus the Viable capital level, these companies can usually withstand a major loss event on paper, but if their business model is dependent upon those products and niches where high security is required, a major loss will likely put them out of business because of a loss of confidence of their customer base.  After a large loss, some insurers have been able to shift to operating with a Viable capital level and gradually rebuild their capital to regain the Secure position and re-engage with their original markets.  But most commonly, a major loss causes these insurers to allow themselves to be acquired so that they can get value for the infrastructure that supports their high end business model.

A few insurers and reinsurers have the goal of retaining their ability to operate in their high end markets in the event of a major loss by targeting a Robust capital level.  These insurers are holding capital that is at least as much as a major loss plus the Secure capital level.  In some cases, these groups are the reinsurers who provide risk relief to other Robust insurers and to the more cautious insurers at the Secure level.  Other firms in this groups include larger old mutual insurers who are under no market pressure to shed excess capital to improve Return on Capital.  These firms are easily able to absorb moderate losses without significant damage to their level of security and can usually retain at least the Secure level of capital after a major loss event.  If that major loss event is a systematic loss, they are able to retain their market leading position.  However, if they sustain a major loss that is less broadly shared, they might end up losing their most security conscious customers.  Risk management strategy for these firms should focus on avoiding such an idiosyncratic loss.  However, higher profits are often hoped for from concentrated, unique (re)insurance deals which is usually the temptation that leads to these firms falling from grace.

One of the goals of Solvency II in Europe has been to outlaw operating an insurer at the Solvency or Viable levels of capital.  This choice presents two problems:

  • It has led to the problem regarding the standard capital formula.  As noted above, the Solvency level is where most insurers would choose to operate.  Making this the regulatory minimum capital means that the standard formula must be near perfectly correct, a daunting task even without the political pressures on the project.  Regulators tendency would be to make all approximations rounding up.  That is likely to raise the cost of the lines of insurance that are most effected by the rounding.
  • It is likely to send many insurers into the arms of the regulators for resolution in the event of a significant systematic loss event.  Since there is not ever going to be regulatory capacity to deal with resolution of a large fraction of the industry, nor is resolution likely to be needed (since many insurers have been operating in Europe just fine with a Viable level of capital for many years).  It is therefore likely that the response to such an event will be to adjust the minimum capital requirement in one way or another, perhaps allowing several years for insurers to regain the “minimum” capital requirement.  Such actions will undermine the degree to which insurers who operate in markets that have traditionally accepted a Viable capital level will take the capital requirement completely seriously.

It is RISKVIEWS impression that the Canadian regulatory minimum capital is closer to the Viable level. While the US RBC action level is at the Solvency level.

It is yet to be seen whether the US eventually raises the RBC requirement to the Viable level or if Canada raises its MCCSR to the Secure level because of pressure to comply with the European experiment.

If asked, RISKVIEWS would suggest that the US and Canada waits until (a) the Europeans actually implement Solvency II (which is not expected to be fully inforce for many years after initial implementation due to phase in rules) and (b) the European industry experiences a systematic loss event.  RISKVIEWS is not likely to be asked, however.

It is RISKVIEWS prediction that the highly theoretical ideas that drive Solvency II will need major adjustment and that those adjustments will need to be made at that time when there is a major systematic loss event.  So the ultimate nature of Solvency II will remain a complete mystery until then.

Advertisements

Full Limits Stress Test – Where Solvency and ERM Meet

April 25, 2014

We can know, looking back at last year, how much risk that an insurer was exposed to. And we can simply look at the balance sheet to see how much capital that they held. So that is the way we have tended to look at solvency. Backwards. Was the insurer solvent last year end? Not really useful information. Unless…

Head_On_Collision

That is, unless you make some potentially heroic assumptions about the future.  Not an unusual assumption.  Just that common assumption that the future will be just like the past.

That assumption is usually ok.  Let’s see.  In the past 15 years, it has been correct four or five times.  But is that good enough for solvency work – a system that might give the right answer a third of the time?!?

But there is a solution.  Regulators have led us right up to that solution but they haven’t yet dared to say what it is. Perhaps they do not know, or even that they are not thinking that the backward looking problem has two aspects.  We are making two of the heroic assumptions:

  1. We are assuming that the environment will be the same in the near future as the recent past.
  2. We are assuming that the company activity will be the same in the near future as the recent past.

The regulatory response to these two shaky assumptions is:

  1. Stress Scenarios
  2. Look forward using company plans

Solution 1 can help, but solution 2 can be significantly improved by using the ERM program and risk appetite.  You may have noticed that regulators have all said that ERM is very important.  And that Risk Appetite is a very, very important part of ERM.  But they have never, ever, explained why it is important.

Well, the true answer is that it can be important.  It can be the solution to one part of the backward looking problem.  The idea of looking forward with company plans is a step in the right direction.  But only a half step. The full step solution is the FULL LIMIT STRESS TEST.

That test looks forward to see how the company will operate based upon the risk appetite and limits that management has set.  ERM and risk appetite provide provide a specific vision of how much risk is allowed by management and the board.  The plan represents a target, but the risk appetite represents the most risk that the company is willing to take.

So the FULL LIMIT STRESS TEST would involve looking at the company with the assumption that it chooses to take the full amount of risk that the ERM program allows.  That can then be combined with the stress scenarios regarding the external environment.

Now the FULL LIMIT STRESS TEST will only actually use the risk appetite for firms that have a risk appetite and an ERM program that clearly functions to maintain the risk of he firm within the risk appetite.  For firms that do not have such a system in place, the FULL LIMIT STRESS TEST needs to substitute some large amount of growth of risk that is what industry experience tells us that can happen to a firm that has gone partially or fully out of control with regard to its risk taking.

That makes the connection between ERM and Solvency very substantial and realistic.

  • A firm with a good risk management program and tight limits and overall risk appetite will need the amount of capital that would support the planned functioning of the ERM program.  The overall risk appetite will place a limit on the degree to which ALL individual risk limits can be reached at the same time.
  • An otherwise similar firm with a risk management program and loose risk appetite will need to hold higher capital.
  • A similar firm with individual risk limits but no overall risk appetite will need to hold capital to support activity at the limit for every single risk.
  • A firm without a risk management program will need to hold capital to support the risks that history tells us that a firm with uncontrolled growth of risk might take on in a year.  A track record of informal control of risk growth cannot be used as a predictor of the range of future performance.  (It may be valuable to ask all firms to look at an uncontrolled growth scenario as well, but for firms with a good risk control process will be considered to prepare for that scenario with their ERM program.)
  • A firm without any real discipline of its risk management system will be treated similarly to a firm without an ERM program.

With this FULL LIMIT STRESS TEST, ERM programs will then be fully and directly connected to Solvency in an appropriate manner.

 

Two Fundamental Flaws of Solvency II

February 25, 2013

Many people in Europe have worked very hard for many years, attempting to perfect solvency oversight for insurers. The concepts underlying Solvency II are the best thinking about risk regulation that the world has ever seen.

However, there are two fundamental flaws that are drivers of the problems that Solvency II is having in getting to the point of actual implementation.

The first flaw is the targeted level of required capital.  When Solvency II was first imagined, banks seemed to be well run and well regulated.  And under that system banks were reporting returns in the high 20’s.  Insurer returns rarely hit the perennial 15% target.  Banks tended to operate right at their level of regulatory required capital.  Insurers looked at that and suggested that the capital requirement for Solvency II should be at a level that the largest insurers would be comfortable operating at.  There was also a big push for a single set of books.  So with a solvency requirement at the level where a rational insurer would want to operate that would mean that in addition to having only one set of books, there would only be one important capital target.  (for discussion of the flaw in the idea of “one number” management, see Risk and Light.)   But the reason why setting the required capital at that high of a level is that it then leaves no room for error or for disagreement.  (Disagreement is absolutely inevitable.  See Plural Rationalities.) The capital calculation needed to be just right.  A capital requirement that was at say 2/3 of the level a prudent company would want to operate at would leave room for errors and disagreements.  If for some risks the requirements were even 50% higher than what some would feel is the correct number, then companies could in fact live with that.  It would become known in the marketplace that companies that write that risk are likely to have tighter solvency margins, and everyone would be able to go about their business.  But with a target that is so very high, if some risk is set too high, then there would be firms who are forced to hold higher capital than makes sense in their minds for their risks.  That completely destroys the idea of management relying upon a model that is calibrated to what they believe is the wrong result.  It also encourages firms to find ways to get around the rules to only hold what they believe is the right level of capital.  What we are seeing now is the inevitable differences in opinions about riskiness of some activities.  The differences of opinion mean the difference between being in business and not for companies concentrated in those activities.  Or for being in those businesses or not for more diversified groups.  If the Solvency II target was set at, for instance, a 1 in 100 loss level, then there might be room for compromise that would allow that activity to continue for firms willing to run a little tight on solvency margin.

==========================================

The second flaw, that surprisingly has only been raised very recently is to total lack of any cost benefit criteria for the process.  If further refinement of Solvency II could prevent one insolvency over a 10 year period, yet would cost other insurers $100 million in expenses and $1 billion in additional capital, is that a good trade-off?  This is the exact sort of thinking that Solvency II REQUIRES of insurers.  EIOPA ought to have a complex model of the insurance industry in Europe so that they can show the risk reward relationship of all of their rules.  What?  You say that is terribly difficult and complicated and would not provide reliable guidance?  EIOPA should  live in the same world that they are requiring of insurers.  Without even a simple minded cost benefit requirement, anything can make it into Solvency II.  The exposure process allows questions to be raised about cost/benefit, but in many cases, that has not happened.  Besides, with no stated criteria for cost benefit, the question is ultimately solved by judgment.  So now we have insurers saying that they will withdraw from parts of the Solvency II process because they are too expensive.  Those insurers have not put forward an objective criteria under which they reached that conclusion either.

It seems unlikely at this point that either of these flaws of Solvency II will be fixed.  A lower standard would seem to too many to be a retreat, a dilution of the power of Solvency II.  Imposing a risk reward or cost benefit rule would result in crazy inconsistencies between decisions made after the rule with those made before or else a very long wait as all of the parts of Solvency II are examined under such a rule.

So it is yet to be seen whether those faults will in the end be fatal.  Solvency II could be tied up in arguments until it is abandoned, it could limp into practice with very mixed support and then be pulled after a few years and enough unanticipated implementation issues, or it could soar for a long run of effective prudential oversight as its designers originally hoped.

I am sure that someone in London can quote you odds.

How Much Strategic ERM is Enough?

November 13, 2011

Strategic Risk Management is the name given by S&P to the enterprise level activities that seek to improve risk adjusted returns by a strategic capital allocation process.  It is also considered by S&P to the the “Use Test” for economic Capital models.  Strategic Risk Management includes

  • Capital Budgeting and Allocation
  • Strategic Trade-offs among insurance coverages AND investments
    • based on long term view of risk adjusted return
    • Recognizing significance of investment risk to total risk profile
    • Recognizing ceded reinsurance credit risk
  • Selecting which risks to write and which to retain over the long term
  • Strategic Asset Allocation
  • Risk Reward Optimization
Meanwhile Solvency II had created standards for its internal model Use Test.
The foundation principle of the Solvency II Use Test states that
internal model use should be sufficiently material to result in pressure to increase the quality of the model 
This strongly self referential idea is then supported by 9 Basic Principles.
Principle 1. Senior management and the administrative, management or supervisory body, shall be able to demonstrate understanding of the internal model
Principle 2. The internal model shall fit the business model
Principle 3. The internal model shall be used to support and verify decision-making in the undertaking
Principle 4. The internal model shall cover sufficient risks to make it useful for risk management and decision-making
Principle 5. Undertakings shall design the internal model in such a way that it facilitates analysis of business decisions.
Principle 6. The internal model shall be widely integrated with the risk-management system
Principle 7. The internal model shall be used to improve the undertaking’s risk-management system.
Principle 8. The integration into the risk-management system shall be on a consistent basis for all uses
Principle 9. The Solvency Capital Requirement shall be calculated at least annually from a full run of the internal model
 
From these two descriptions of a Use Test, one should be forgiven for picturing a group of priests in long robes prowling the halls of an insurer in procession carrying a two foot thick book of the internal model.  Their primary religious duty is to make sure that no one at the insurer ever have an independent thought without first thinking about the great internal model.  Every year, the internal model book is reprinted and the priests restart their procession.  
 
But take heart.  A quick look at the website of the European CRO Forum reveals that those firms do not revere their internal models quite so highly.  
 
The above chart suggests that in most groups the internal model is just one consideration for making most strategic decisions of the insurer.  
 
The excerpt below from the Tokio Marine Holdings puts these things into perspective.  

The Group carries out a relative evaluation of each business and prioritizes the allocation of management resources (business portfolio management).  It is achieved by using risk/return indicators for each business and applying a scoring indicator covering market growth potential and profitability, competitive advantages and expected effects of strategies.  Allocated management resources include funds, human resources and risk capital. By allocating these resources to business units and new businesses with even higher profitability and growth potential, we aim to improve the profitability and growth potential of our business portfolio.

You see from that statement that risk return is not the only input nor is capital the only factor under consideration.  Describing Strategic Risk Management as its own separate management process is incorrect.  
 
Strategic Risk Management is one set of inputs and outputs to/from the Strategic Decision Making Process.  
 
And if read carefully, that will satisfy both S&P as well as Solvency II Use Tests.
 

Not About Capital

April 13, 2011

The reality is that regulatory capital requirements, no matter how much we try to refine them, will always be a blunt tool.  Certainly they should not create the wrong incentives, but we cannot micromanage firm behavior through regulatory capital requirements.  There are diminishing returns to pursuing precision in regulatory capital requirements.

Terri Vaughan, NAIC

These remarks were made in Europe recently by the lead US regulator of the insurance industry.  In Europe, there has never been a regulatory capital requirement that was risk related.  But the Europeans have been making the discussion all about capital for about 10 years now in anticipation of their first risk based capital regime, Solvency II.

The European assumption is that if they follow as closely as possible the regulatory regime that has failed so spectacularly to control the banking system, Basel II, then everything will be under control.

The idea seems to be that if you concentrate, really concentrate, on measuring risk, then insurance company management will really take seriously the idea of managing risk.   Of course, that conclusion is also based upon the assumption that if you really, really concentrate on measuring risk that you will get it right.

But the Law of Risk and Light tells us that our risk taking systems will lead us to avoid the risk in the light and to load up on the risk in the dark.

That means the risks that are properly measured by the risk based capital regulatory system will be managed.

But whatever risks that are not properly measured will come to predominate the system.  The companies that take those risks will grow their business and their profits faster than the companies that do not take those poorly measured risks.

And if everyone is required to use the same expensive risk measurement system, very, very few will invest the additional money to create alternate measures that will see the flaws in the regulatory regime.

The banking system had a flaw.  And many banks concentrated on risks that looked good in the flawed system but that were actually rotten.

What is needed instead is a system that concentrates on risk controlling.  A firm first needs a risk appetite and second needs a system that makes sure that their risks stay within their appetite.

Under a regulatory risk capital system, the most common risk appetite is that a firm will maintain capital above the regulatory requirement.  This represents a transfer of the duty of management and the board onto the regulator.  They never need to say how much risk that they are willing to take.  They say instead that they are in business to satisfy the regulator with regard to their risk taking.

The capital held by the firm should depend upon the firm’s risk appetite.  The capital held should support the risk limits allowed by the board.

And the heart of the risk control system should be the processes that ensure that the risk stays within the limits.

And finally, the limits should not be a part of a game that managers try to beat.  The limits need to be an extremely clear expression of the fundamental way that the firm wants to conduct business.  So any manager that acts in a way that is contrary to the fundamental goals of the firm should not continue to have authority to direct the activities of the firm.

Why ORSA?

January 20, 2011

At first glance, the Own Risk and Solvency Assessment (ORSA) seems like an unnecessary redundancy.  For some firms, they will have looked at the Standard formula for capital adequacy and then looked again at the Internal Model and the Economic Capital.  And on all of those views, the firm has sufficient solvency margin.

But the problem that ORSA solves is a problem that is so very fundamental that we have almost completely forgotten that it exists.  That problem is that all of the traditional ways of looking at capital adequacy look at the wrong thing.  Yes, you heard that right, we have always and will continue to focus on the wrong thing when we assess capital adequacy.

The basis for capital assessment is the wrong view because it looks backwards.  We already know that the firm survived the past year.  What we really need to know is whether the firm can survive the next year and probably the one after that.

The traditional backwards looking solvency assessment tradition started when there was no viable alternative.  It is a good basis for looking at solvency under only a few possible futures.  Fortunately, many firms broadly operate within the range of futures.

For the backwards looking approach to solvency to have any validity, the future of the firm needs to be very much like the past of the firm.  Firms need capital more for the future than for the past and the balance sheet is more about the past of the firm than the future.  So a capital regime that is tied to the balance sheet is useful only to the firms whose future does not materially change their balance sheet.

But wait, the only time when that capital is needed is when the balance sheet DOES change materially.

So ORSA shifts the question of solvency from the past to the future.

The second thing that ORSA does is to shift the burden of determining adequacy of capital from the regulator to the board and management.  With the ORSA, the board and management will never again have the excuse that they thought everything was fine because they met the standards of the regulators.  The ORSA requires the board and management to assert, IN THEIR OWN OPINION, that the firm has sufficient capital for its own risks AND its own risk management systems.  Prior regimes allowed management to pass a test set by the regulator and thereby show adequacy of capital.  Even if the test did not pick up on some new risk that management was totally aware of but which was not at all recognized by the regulatory formula.

Now that is a game changer.

A Wealth of Risk Management Research

December 15, 2010
The US actuarial profession has produced and/or sponsored quite a number of risk management research projects.  Here are links to the reports: 


%d bloggers like this: