effective risk reporting sunder krishnan chief risk officer reliance life insurance company

33
Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Upload: noreen-russell

Post on 19-Jan-2016

215 views

Category:

Documents


2 download

TRANSCRIPT

Page 1: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Effective Risk ReportingSunder Krishnan

Chief Risk Officer

Reliance Life Insurance Company

Page 2: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

2007 Global crisis2007 Global crisis

• One of the most significant lessons learned from the global financial crisis that began in 2007.

• Information technology (IT) and data architectures were inadequate to support the broad management of financial risks.

• Weak risk data aggregation capabilities and risk reporting practices.

• Severe consequences on the stability of the financial system as a whole.

• As a result, the Basel Committee has issued supplemental Pillar 2 (supervisory review process) to enhance ability to identify and manage risks

Page 3: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

The Anthem case – Hackers stole massive data

3

Tens of Millions of Anthem Inc. Customers in a massive data breach Largest in Corporate History Personal Information compromised - Name, Birthdays, Medical IDs, Social

Security Numbers, Street Addresses, e-mail addresses, employment information, Income data

Damage is being assessed – not yet known whether credit card data is compromised – FBI is investigating

Very Sophisticated external cyber attack Largest in the series of companies to suffer severe data breaches Very swiftly informed the authorities Personal Apology by CEO to all the customers / members Everyone urged to change their passwords – all customers would receive some

Identity Fraud Protection ??? Last year hackers obtained credit card data of 40 Million Target Shoppers as well

as personal information of 70 Million Customers

Page 4: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide 4

Lower Persistency than expected Expenses / costs – underestimated Customers / agents / advisors not adequately identified Inadequate distribution or product roll out Inappropriate selling practices Morbidity & Mortality estimations deviate from actual New Businesses lower than expected Inferior return on investment Solvency / fund crunch issues Compliance issues with Agents exams & training Infrastructure not geared up for new businesses Inadequate investigation of death / accident claims Inadequate underwriting guidelines – lack of tie ups with adequate number of

quality medical centers, inadequate documentation & information obtained from policy holders

Legal / Regulatory /Ethics / fraud

Risk

Insurance – Morbidity & Mortality

Risks for Life &claims & pricing for

Non-life

Financial / Reporting reliability

Risk

Operational – People, Technology

& Process RiskInvestments

RiskReputation

Risk

Risks - Traditional

Page 5: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide 5

Emerging Risks Unforeseen risks from technology – hacking, malfunction, not meeting requirements International terrorism New diseases Untested areas of insurance High competition and thin margins – leading to inferior risk basket of proposals (wrong end of

the cycle) Need for scale – expectations of high volumes and market versus reality Need for Intermediation – banks, MF, Distributors…..support infrastructure

Not adequately geared yet Infrastructure issues – not adequately supporting micro Insurance Thinning talent pool of updated insurance professionals compared with the demand

High attrition rates Changing technology – necessitating constant upgrading – funds guzzler Increasing customer awareness and expectations Risks on processes, technology and people – leverage required to grab opportunities and

meet severe competition Outsourcing risks Innovations – face regulatory risks Alliance risks Corporate Governance Risks Marketing – Hype risks

Page 6: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Need for Effective Risk ReportingNeed for Effective Risk Reporting

• Enhance the infrastructure for reporting key information, particularly that used by the board and senior management to identify, monitor and manage risks

• Improve the decision-making process throughout the organisation;

• Enhance the management of information across legal entities, while facilitating a comprehensive assessment of risk exposures at the global consolidated level;

• Reduce the probability and severity of losses resulting from risk management weaknesses;

• Improve the speed at which information is available and hence decisions can be made;

• Improve the organisation’s quality of strategic planning and the ability to manage the risk of new products and services.

Page 7: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Principles of Effective Risk ReportingPrinciples of Effective Risk Reporting1. Governance

2. Data architecture and IT infrastructure

3. Accuracy and Integrity

4. Completeness

5. Timeliness

6. Adaptability

7. Accuracy

8. Comprehensiveness

9. Clarity and usefulness

10. Frequency

11. Distribution

12. Review

13. Remedial actions and supervisory measures

14. Home/host cooperation

Page 8: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Internal Financial Framework Internal Financial Framework OverviewOverview

Clause 49, listing agreement•CEO/ CFO Certification•Establish and maintain internal Control•Evaluate effectiveness of the internal control systems•Deficiencies in design or operations of internal controls•Steps taken to rectify the deficiencies

Clause 49, listing agreement•CEO/ CFO Certification•Establish and maintain internal Control•Evaluate effectiveness of the internal control systems•Deficiencies in design or operations of internal controls•Steps taken to rectify the deficiencies

Companies Act 2013,Sec 134: As per section 134 (5) (e) of the Companies Act 2013, directors need to make an assertion in Directors Responsibility Statement that they have laid down internal financial controls to be followed and that such IFCs are adequate and operating effectively.

Section 177: Under section 177 (4) (vii), the duties of the Audit Committee include evaluation of internal financial controls.

Section 143: Under section 143 (3) (i), Statutory Auditors are required to make a statement in their Auditors Report, whether the company has adequate IFC system in place and the operating effectiveness of such controls.

Schedule IV: The roles and functions codified in Schedule IV of The Companies Act 2013 clearly state that independent directors shall satisfy themselves on the integrity of financial information and that financial controls and systems of risk management are robust and defensible.

Companies Act 2013,Sec 134: As per section 134 (5) (e) of the Companies Act 2013, directors need to make an assertion in Directors Responsibility Statement that they have laid down internal financial controls to be followed and that such IFCs are adequate and operating effectively.

Section 177: Under section 177 (4) (vii), the duties of the Audit Committee include evaluation of internal financial controls.

Section 143: Under section 143 (3) (i), Statutory Auditors are required to make a statement in their Auditors Report, whether the company has adequate IFC system in place and the operating effectiveness of such controls.

Schedule IV: The roles and functions codified in Schedule IV of The Companies Act 2013 clearly state that independent directors shall satisfy themselves on the integrity of financial information and that financial controls and systems of risk management are robust and defensible.

ListedListed / Unlisted

Framework Adequate Operating Effectively

Page 9: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Internal Financial Framework Internal Financial Framework OverviewOverviewDefinition of Internal Financial Controls as per Companies Act, 2013

“policies and procedures adopted by the company for ensuring the orderly and efficient conduct of its business, including adherence to company’s policies, the safeguarding of its assets, the prevention and detection of frauds and errors, the accuracy and completeness of the accounting records, and the timely preparation of reliable financial information”

Financial Reporting Controls

Controls to address Financial Assertions

(includes Fraud and IT risk)

Operational Controls

Fraud Implications

Efficiency / Service Implications

Quality / Maintenance / etcTechnical Controls

Page 10: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Enterprise wide Risk Management – The Building Enterprise wide Risk Management – The Building BlocksBlocks

Effective Risk Reporting is an important part of ERM governance

Page 11: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Operational Risk

RISK MANAGEMENT WORKING STRUCTURE

Market & Credit RiskIT Risk & BCP Insurance Risk

1. Risk Investigation

2. Risk Projects

3. KRI Dashboard

4. Risk Mate /

Automation

5. MIS and reporting

• Mid office - Investments

• Market Risk MIS• Limit Monitoring• Voice Call Tracking• Personal Trading• Credit Review• Investments

concurrent audit co-ordination

1. BCP monitoring & co-ordination

2. DR follow-ups3. IT risk review &

co-ordination4. IT Risk

Assessments5. CAATs

1. ALM Monitoring &

co-ordination

2. Insurance risk

measures

3. Strategic risk

4. Underwriting Risk

5. Actuarial Risk1. Risk Review2. Continuous

Monitoring3. Risk Assessments4. Risk & Control Self

Assessment5. Risk based internal

audit Co-ordination6. BCM audit

monitoring

Both Reputation and Financial impact of each risk is managed

Page 12: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide 12

How an Organization could gear up for best practices in Risk ManagementEnte

rpri

se R

isk

Managem

en

t

Environment

Strategy

Process

Infrastructure

Disclosure

Investors Analysts RegulatorRating

Agencies

RiskAppetite

EconomicCapital

RiskDiversification

PortfolioOptimization

RiskModeling

RiskMitigation

RiskFinancing

RMFramework

ORSA Data Reporting

Modeling Risk MgmtMgmt

Information

StakeholderMgmt

AccountsSolvency & FinancialCondition reporting

Strategy

Finance

Compliance

Operations

Projects

BusinessUnits

Page 13: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Effective Reporting at Reliance lifeEffective Reporting at Reliance life

Page 14: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Creating a Heat Map and Mitigation

HEAT - MAP

I M P A C T

Catastrophic

Major

Moderate

Minor

Insignificant

Moderate Likely Almost Certain

L I K E L I H O O D

Rare Unlikely

2

3

4

5 1

24

6 7 8

9

10 11

12

13

14

15

1617

18 19

20

21

22232526

27

28

29 30 31

32

366

33

34

35

376

386

396

Plan of action for Red Risks

Responsibility for action

Follow up and update

Page 15: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Risk Management Framework & Committee

Broad objective of the Risk Management Committee is to ensure that riskmanagement processes are followed as per COSO guidelines.

Page 16: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Export – Web

Send researches to an Intranet server and give users navigation and graphic tools

Periodic update (copy) of the information – Policies, Expenses and Claims

Customers'profile

-Portfolio segmentation

- Cross-selling

- New policies' profiles- Lapses' profiles

- Scoring

Trends andForecastingExpense Mgt.

- Follow up in time of profit centers(Agents, Products…)- Expenses

Reporting- Trends andBudget

-Business simulations

Productsmanagement

- Profit and Lossareas

- Review pricings

- Simulationson new pricings

CreatePricing

- Build new pricings. in Pure Premium. in % of value

- Frequency and Costmodeling

Claims

- Reporting

- Claims' explorer

- ReservingTriangulationsStochastic models

- Claimssegmentation

Reports' generator

- Taylor made Reporting

- Taylor made follow up of entities

- Define specific indicators

System N(example: product p)

System 1(example: Auto Company A)

System 2(example: Auto Company B)

System N-1(example: Fire)

Import files

Clean dataCreate variables

Make insurance calculations

Analyze theRisk Premium and stratify values

Portfolioexplorer

Real Timeprocessing

Page 17: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Ongoing Planning and Performance Measurement Process

Evaluating Risk Appetite

• Define vision• Design/Review target

portfolio by– Industry– Geography– Product type

• Distinguish between– Corporate– Retail (personal,

SME)– Treasury

• Risk position• Comparison of actual v/s

target portfolio• Risk adjusted performance

measures• Financial performance

• Competitive positioning

• Strategic aspirations• Risk/return profile

of SBU’s

• Capital allocation• Risk weighted return

measurement• Risk incurring

transactions• Risk mitigation tactics

6. Monitoring And Performance Reporting6. Monitoring And Performance Reporting

1. Strategic Planning1. Strategic Planning

4. Allocate Capital4. Allocate Capital

3. Set Target Returns3. Set Target Returns

5. Business Unit Transactions5. Business Unit Transactions

• Risk return expectation of the bank• Risk grade of the portfolio

2. Evaluate Risk Assessment2. Evaluate Risk Assessment

Page 18: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Reporting requirements Reporting requirements

Reliance Capital (Group

Company)

Monthly Risk meeting on Risk practices and implementation

Quarterly CRO meeting on review o f Status

Quarterly Group Conglomerate meeting on aggregation of risk practices

Monthly reporting on Risk trending, indicators, market risk and operation

risk

Nippon Life Risk Reporting

Annually reporting of all policies procedure and practices

Inspection of risk management and audit practices annually

Audit

Conducting various audits and submitting reports to stakeholders and

regulators

Internal audit, IFC review, Statutory audits and concurrent audits

Page 19: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Reporting requirements Reporting requirements

IRDA reporting and other regulatory reporting

Monthly Risk meeting on Risk practices and implementationQuarterly CRO meeting on review o f StatusQuarterly Group Conglomerate meeting on aggregation of risk practicesMonthly reporting on Risk trending, indicators, market risk and operation risk Collation of various reports of risks, frauds, investments and market risk

Board and Executive

Management

Quarterly reporting to Board for the following activitiesFinancialsRisk DashboardKey risk indicatorsQuarterly audit report of financials and key regulations by auditorsInternal audit reportInvestmentsALM Report (Asset Liability Management)Compliance update – circulars and reporting deadlines

Monthly reporting to Executive ManagementRisk Dashboard to Risk CommitteeKey ratios and key risk issuesCompliance UpdateDashboard of various service TATsInvestment committeeALM committee

Page 20: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Expectations from Actuarial for Effective Risk ReportingExpectations from Actuarial for Effective Risk Reporting

Expectations Expectations

from Actuarial for from Actuarial for

Effective Risk Effective Risk

ReportingReporting

Adequate Statutory reserving

Effective disclosure on Business /Product Assumptions

Monitoring of Assumptions vs actual of insurance risks such as

claims, mortality, persistency, expenses and new business

Business parameters

Channel wise monitoring

Product wise monitoring

Page 21: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Risk Management framework with independent reporting line to CEO / CRO / Group – matrix reporting to Audit committee and Board

Governance – Policies and processes Identification – Risk Assessment, Stipulation of risks along processes and projects Measurement – Quantification and Qualification of risks and losses / impact – Financial and Reputation – risks not measurable are qualified Monitoring – Identification, tracking and control of risk events and resolution thereof Mitigation – Proactive management of risks

Quarterly review of the framework – efficiency and effectiveness Appointed Actuary a part of the Risk Committee / Framework Risk Management operational framework – few key areas:

Operational risks, Product / Pricing risks, Risk Transfer to Reinsurance, Underwriting policies….

Fraud prevention framework, Mis-selling, Investigations, Risk Control and monitoring ALM risk or a separate ALM / ALCO with AA as a member Insider Trading Policy Information Systems Risk Risk Management processes – key processes: Control Self Assessments,

Root Cause Analysis, Risk Assessments and Risk Reviews

Risk Management Framework

DetectionMeasurementWhistle blowing

ControlsPolicyResponsibilities

AssessmentVulnerability

Awareness

Page 22: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Solvency II ArchitectureThree Pillars

•Market Consistent Valuation•MCR & SCR•Formula to calculate SCR is likely to be based on Tail Value at Risk VaR 99.5% 1-Year•MCR-relation to SCR to set up•Internal models for SCR•Recognition of Credit Risk mitigation•Recognition of Credit for diversification

•Emphasis on good governance

•Own Risk & Solvency Ass.

•Supervisory Review Process

•More developed than in Basel

•New requirements for disclosure to harness market discipline in support of achieving regulatory objectives

•New requirements for transparency

1. QuantitativeRequirements

2. QualitativeRequirements

3. Disclosure &Reporting

Third pillar of Solvency II Architecture requires Effective Disclosure and reporting

Page 23: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Integration of ORSA with Internal Solvency II Model

Risk Management Systems

Internal Audit

Outsourcing

Internal Control

Good Repute

Actuarial Function

General Governance

Fit & Proper

Own Risk and Solvency Assessment

Operational Risk

Market Risk

Underwriting Risk

Default Risk

Pillar I – Quantative

Pillar II - Qualitative

Page 24: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Integrating Risks to Solvency II Model Counter Party Default Risk

Using Exposure, Probability of Default and Loss Given Default

Type I Exposures: Reinsurance arrangements, Derivatives, Securitizations, Deposits with

ceding institutions, letters of credit and cash at bank. =>99.5th percentile of the variance of the combined exposure

Type 2 Exposures (More diversified but unrated): Receivables from intermediaries, policyholder debtors and deposits with

ceding institutions (if numbers of counterparties are below a certain threshold) => Sum of the [Exposure multiplied by a (generic) Risk Factor]

Credit derivatives: credit risk transferred goes to (market) credit spread risk

Page 25: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Market Risk

Interest Rate Risk: Increase in the volatility of Interest Rates

Currency Risk: Most Onerous result for each individual foreign currency and the aggregate

Stress Risk: Credit Stress vary by duration

Property Risk: Consider differential shocks to commercial, retail and other types of property

Concentration Risk: Thresholds 1-2% (from 3-5%)

Integrating Risks to Solvency II Model – Continued…

Page 26: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Life & Health Underwriting Risk:

Mortality Stress: 15% permanent increase in Rates (from 10%) Morbidity/disability Stress: 20% permanent decrease in recovery rates Inception rates 50% increase (from 35%) in inception rates in year one followed by 25%

increase for all subsequent years

Lapse Stress: The greater of 50% increase in lapses 50% decrease in lapses Sum of 30% of surrender strains of policies where the surrender strain is positive

CAT Risk: A 2.5 per mile mortality catastrophe test (from 1.5 per mile in QIS 4) Morbidity CAT stress moved to health risk – a number of pan – European catastrophes will

be developed

Integrating Risks to Solvency II Model – Contd…

Page 27: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Operational Risks

Additional elements:

Risks arising from any external management of investments: 0.5% of highest amount held with a single 3rd party management company

Risks associated with increased business activity:

Additional capital if the technical provisions/earned premium are expected to increase by more than 10% over the year

Risk associated with the use of management actions in calculating life provisions:

An increase in the loading applied to life technical provisions Substantial increases in the capital factors:

Still no credit for diversification between operational and other risks

Integrating Risks to Solvency II Model – Contd…

Page 28: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Risk Appetite

Environment risk Country Risk and Macro Indicators Nature of business, regulations and Impact Industry trends Profitability Asset base and solvency Stake holders expectations

– Owners

– Regulators

– Government

– Customers

Page 29: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Risk Management StrategyRisk Management Framework

Enhancement and Extension of risk framework across

Support to Risk Based Capital

Rating for ERM (Enterprise Risk Management)

Self Risk Management

Self Risk assessment across functions and decentralization

Facilitation process

Corroborative Risk Management

Automated Risk Management

Quantitative Risk Management tool

Embedding risk management in process, technology and trainings

Page 30: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Improvement in risk management practices

Need to integrate these practices into the management process

Possible change in organization structure

Greater volatility in balance sheet

Possible move to less volatile asset classes

Greater diversification of assets and use of risk mitigation

Increased capital requirements for higher risks

More innovative risk management

Industry consolidation

Changes to product design

Revision of product diversification

Page 31: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Expected Impact on Insurers

Page 32: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Confidential Slide

Some Key statistics

Page 33: Effective Risk Reporting Sunder Krishnan Chief Risk Officer Reliance Life Insurance Company

Thank you