EnterpriseRisk ManagementFor Insurers and Financial Institutions

David IngramCERA, FRM, PRM

From the International Actuarial Association

Course Outline

1. INTRODUCTION - Why ERM?

2. RISK MANAGEMENT FUNDAMENTALS – FIRST STAGE OF CREATING AN ERM PROGRAM

3. RISK ASSESSMENT AND RISK TREATMENT - ACTUARIAL ROLES

4. ADVANCED ERM TOPICS

INTRODUCTION

1. INTRODUCTION - Why ERM?

1.1 Enterprise risk management history

1.2 What is enterprise risk management?

1.3 ERM & the Financial Crisis

1.4 ERM Adoption in the Insurance Industry

A Brief History of Risk Management

1952 – Markowitcz – Portfolio Theory – Risk = variance

1973 – Black Scholes – Derivative Pricing – variance is key driver

1987 – Black Monday – Portfolio Insurance implicated in record 1 day fall in stock market

1992 – Cadbury (UK) Report urges centralized, comprehensive corporate RM

1993 – First CRO named at GE

Current Trends in Risk Management

1. Dedicated risk management function- Risk Management decision making

remains largely decentralized

2. Risk Aggregation / Economic Capital - in early stages of development

3. Regulatory practices encourage ERM

4. Regulatory Capital Economic Capital

Basel Survey (August 2003)

Risk Management Failures

1973: Equity Funding Fraud1983: Baldwin United Shell Game1986: The ZZZ Best Carpet Scandal.1988: Equitable (NY) GIC losses.1989: The US S&L Crisis.1991: Salomon Brothers Bond Scandal. 1991: BCCI Scandal. 1991: Executive Life / First Capital Life Failures1991: Mutual Benefit Life Failure 1994: Orange County Default1994: Kidder Peabody Fiasco. 1994: Confederation Life Failure1994: Monarch Life Seizure1995: The Barings Derivatives Scandal.1996: Sumitomo Copper Scandal. 1997: The Natwest Hole.1997: The Bre-X Mining Scandal.1997: Smith Barney Investor Fraud.1997: Bank of Tokyo-Mitsubishi Derivatives

Loss.

1997: UBS Derivatives Model Problems.1997: Prudential Insurance US Market Conduct1998: Russian Bond Debacle. 1998: The Long-Term Capital Management

Model Failure. 1999: General American Liquidity Failure1999: Unicover Fiasco2000: Equitable UK Pension guarantees2001: American Express CBO Losses2002: Enron & Worldcom2003: Parmalat2003: Allmerica VA reserving2003: Annuity & Life Re Overgrowth2004: Marsh Contingent Commissions2005: AIG Finite Re2006: Scottish Re Tax Asset2006: Hurricane Katrina2007: Countrywide Sub Primes 2008: Bear Sterns/ Lehman/ AIG Sub Prime

Risk Management Failures

Bank / Financial

Barings – Controls Missing, mgt didn’t understand risks

LTCM – Models inadequate, overleveraging

Northern Rock – Excessive Growth

Insurance

Nissan Mutual – ALM mismatch, underpricing interest credits

Equitable UK – underpriced annuities, poor relationship with regulators

HIH – insurance mispricing, underreserving

Confed Life – Over-concentration in illiquid investments, shell game

General American – ALM mismatch, rating downgrade, downgrade trigger options

American International Group – Small Financial Group brings down Insurance giant

Barings (UK)

Venerable UK Bank

Trading losses in Singapore

Exceeded value of bank

Problems

Management didn’t understand what the trader was doing

Trades were not the hedged transactions they were supposed to be

Trader did all reporting of trades

No separation of duties

Long Term Capital Management (US)

Private Investment Fund

Very highly Leveraged portfolio of investments

Highly sophisticated risk management

Capital was insufficient to withstand market movement

Problems:

Risk Model was inadequate to predict 1998 international financial problems

Counterparties did not know the extant of their full exposure

Northern Rock (UK)

Mortgage lender grew rapidly to become one of the top 5 mortgage lenders in the UK

Had used securitization to fund mortgage lending growth

Encountered liquidity problems when mortgage securitization markets froze in Aug 2007

Problem:

Request for help with liquidity from Bank of England triggered first run on UK bank in over 100 years

Nissan Mutual (Japan)

Savings product guaranteed high interest rates

High sales growth of this product

Investment losses & inadequate yield

¥200 billion net losses covered by Life Association of Japan

Problem:

Asset Liability Mismatch

Underpricing (over crediting) of interest

Equitable (UK)

Guaranteed payout annuity product sold to pension plans

Improvement in mortality & decline in interest rates

Management tried to “force” solution on regulators

Problem:

Underpricing & poor Asset Liability matching

Poor relationship with regulators lead to company demise rather than workout

HIH (AUS)

Second largest General Insurer “suddenly” found to be insolvent

Problem:

Total control failure at all levels

Company, Auditor, Regulator

Ultimate problem was fundamental underpricing and overspending

Hidden by systematic underreserving

Confederation Life (Can)

Company invested over 70% of assets in Real Estate

Company failed following valuation and liquidity crunch

Concentration hidden by accounting

Problem:

Lack of Diversification, Liquidity

Limited oversight from regulators, rating agencies due to accounting “gimmicks”

General American Life (US)

Funding agreement product sold to banks and mutual funds with 7-day put option

Investments were made in 1 to 2 year maturity securities

Partner handled large share of funds

Downgrade of partner =>triggered downgrade of company => triggered calls

Company unable to raise cash for multi billion $$ calls

Problem:

Asset Liability Mismatch

High dependency of business on ratings

Huge Counterparty exposure

American International Group

In late 2006, AIG claimed to have $16B of excess capital

In early 4th Quarter 2008, AIG needed over $100B of funds from US government to meet obligations

Problem:

Small Financial Products unit has written Trillions of CDS, some on sub prime CDOs

MTM losses lead to downgrade which leads to collateral call

Reasons for Current Interest in Risk Management

World Markets Interdependent

Chaos Theory – Butterfly Effect

Wide Use of Derivatives

“Financial WMD” Warren Buffett

Accelerated Pace of Business

Recent Experiences of Losses

1998 International Currency Crisis

2001/2002 Terrorism & Investment Losses

Tsumani and Hurricanes

Financial Crisis

Reasons

Tools for Risk Mgt are getting better and better

Success of RM in banking over the past down cycle (view in 2004)

No Major Bank Failures

Insurance Companies in Europe fared much worse with less Risk Mgt

Extreme over exposure to equities

Insurance regulators are getting interested

In many jurisdictions same regulators for banking & insurance

Does the Global Financial Crisis prove

that ERM is Ineffective?

Frequently Asked Question. ..

Study of 11 major banks in 2007

Found differences in ERM Practices

Better Risk Management Practices

Four main differences in practices.

Better-performing banks:

1) Shared risk and exposure information both quickly and broadly among business unit staff, risk management staff and top management.

2) Used rigorous internal practices and models, consistent across all business units, to evaluate their risk positions.

3) Coordinated cash planning centrally, avoiding or limiting activities that created large contingent liquidity needs and setting incentives to make such activities unattractive to business unit management.

4) Used multiple risk assessment tools and metrics and generally had very adaptive risk models.

Insurers should be concerned if:

Business Units are empowered to add significantly to risk concentrations without frequent disclosures to Top Management

Business Units apply different risk models

Risk sign-off sometimes relies totally on the presumption that someone else is doing good analysis

Contingent risks are not usually identified

Risk models are inflexible, requiring changes to be planned out a year in advance

“Nobody believes those stress tests anyway, so we don’t put much time into them”

Insurers should be encouraged if:

Open communications among Business Units, Risk Management staff and Top Management

Enterprise level decision-making about major risk accumulations

Systematic internal evaluation of risks

Low reliance on third party risk evaluations

Identification of and plans for contingent risks

Incentives for business units to minimize contingent risks

Multiple risk management tools and metrics

Flexible and adaptive risk models

Aggregation of net and gross exposures in addition to expected losses

Stress testing that is credible to Top Management

ERM & Seatbelts

They only work if you use them!

Risk Management is

A. Setting & enforcing limits for all firm risks that are appropriate for the capital of the firm.

B. Increasing & rewarding activities with superior risk adjusted return and fixing or limiting activities with inferior risk adjusted return.

C. Identifying & preparing for special events that could significantly impair the earnings &\or the solvency of the firm.

Benefits of Risk Management(James Lam)

1. Market Value Improvement

– Due to decreased volatility

2. Early Warning of Risks

– Risk management replaces

Crisis Management

3. Reduction of Losses

4. Rating Agency Capital Relief

5. Risk Transfer Rationalization

– Reinsurance cost/benefit

6. Corporate Insurance Savings

28

ERM Framework

Strategic

Tactical

Risk control Balance sheet protection

Risk/return optimization

Value creation

Compliance

Loss minimization

Risk management

Risk measurement

Strategic integration

Value optimization

Risk Controlling

Risk Trading

Risk Steering

Change Risk Management

29

Scope of ERM

Risk Controlling

Limit exposures and therefore losses

ERM adds Aggregate approach to risk tolerance

Risk Trading

Getting paid for risks taken

ERM adds consistent approach to risk margins

Risk Steering

Strategic choices to improve value

ERM adds risk vs. reward point of view

Change Risk Management

Managing the risks from new projects, products, territories,

ERM adds fitting into the risk profile & ERM program

Potential Benefits of Effective Risk Management

Reduction in management

time spent “fire-fighting”

Increased likelihood of change initiatives

being achieved.

Potential Benefits

(ICA)

More focus internally on

doing the right things properly.

Lower cost of capital.Better basis for

strategy setting.

Competitive advantage.

Fewer sudden shocks and unwelcome surprises.

Better able to take advantage

of new business opportunities.

Higher share price

Moody’s View of Risk Management

Environment More Risky

More complex products

Higher regulatory scrutiny

Reinsurers leaving markets

Insurers Response

Stress Testing

Risk Management Committee/CRO

4/21/2005 32

What is the difference between Risk Management and ERM?

An ERM Program comprehensively applies Risk Management…

across ALL of the significant risks of the Enterprise

Consistently across the risks

Consistently with the fundamental objectives of the enterprise

Standard & Poor's

4/21/2005 33

Full Benefits of an ERM Program

Once a firm’s enterprise wide risks are identified and objectives are set, an ERM Program should…

Develop and maintain systems to periodically measure the capital needed to support the retained risks of the company

Reflect the risk capital in:

• strategic decision making,

• product design and pricing,

• strategic and tactical investment selection

• financial performance evaluation

The product of a fully-realized ERM Program is the optimization of enterprise risk adjusted return

Standard & Poor's

Benefits of Integrated Risk Management Strategy

Avoid “land mines” and other surprises

Improve Stability & Quality of Earnings

Enhance growth and shareholder return

By more knowledgeably exploiting risk opportunities

Identify specific opportunities such as natural synergies & risk arbitrage

Reassure stakeholders that the business is well managed

Life Office Management Association (USA)

Management – Level 1 Planning

Planning Projection

Management – Level 2 Scenario Testing

Management – Level 3 Scenario Analysis

Planning Projection

Average Scenario

Confidence Interval

Management – Level 4 Risk Management

Planning Projection

Average Scenario

Confidence Interval

ERM Benefits & Uses

Insurance = Risk Taking

Risk Management = Management

for Insurance Companies

Risk Management => systematic risk selection

as more insurance companies adopt risk management they will select the better risks

companies without RM will not know

ERM Benefits & Uses

Communicating with Rating Agencies Risk Management can provide language for

dialogue with RA Communicating with Board Markets become more volatile

as more financial institutions use Risk Management

Solvency 2 & ERM

Pillar 2

• Article 43 requires firms to have an effective risk management system.

• Requires firms to consider all risks

• Risk management system to be fully integrated into the organisation

GFC & ERM

• “Progress has been made in strengthening . . . Risk Management”

– Leaders' Statement from G20 Summit, 2009

Questions

Key Points from Intro

1. Risk Management has evolved over many years.

2. Learning from Failures.

3. Interest in Risk Mgt is increasing.

4. Risk Management is preventing losses and improving risk adjusted return.

5. Risk Management replaces Crisis Management.