ACTEX Learning

Learn Today. Lead Tomorrow. ACTEX Learning

General InsuranceReading Extension to theSOA ERM Study Manual

Spring 2018 Edition

Zafar Rashid, FSA, MAAA, CERA

ACTEX LearningNew Hartford, Connecticut

General InsuranceReading Extension to theSOA ERM Study Manual

Spring 2018 Edition

Zafar Rashid, FSA, MAAA, CERA

Copyright © 2018, ACTEX Learning, a division of SRBooks Inc.

ISBN: 978-1-63588-251-3

Printed in the United States of America.

No portion of this ACTEX Study Manual may bereproduced or transmitted in any part or by any means

without the permission of the publisher.

Actuarial & Financial Risk Resource Materials

Since 1972

Learn Today. Lead Tomorrow. ACTEX Learning

ACTEX General Insurance Reading Extension to the SOA ERM Study Manual, Spring 2018 Edition

ACTEX is eager to provide you with helpful study material to assist you in gaining the necessary knowledge to become a successful actuary. In turn we would like your help in evaluating our manuals so we can help you meet that end. We invite you to provide us with a critique of this manual by sending this form to us at

your convenience. We appreciate your time and value your input.

Your opinion is important to us

Publication:

Very Good

A Professor

Good

School/Internship Program

Satisfactory

Employer

Unsatisfactory

Friend Facebook/Twitter

In preparing for my exam I found this manual: (Check one)

I found Actex by: (Check one)

I found the following helpful:

I found the following problems: (Please be specific as to area, i.e., section, specific item, and/or page number.)

To improve this manual I would:

Or visit our website at www.ActexMadRiver.com to complete the survey on-line. Click on the “Send Us Feedback” link to access the online version. You can also e-mail your comments to [email protected].

Name:Address:

Phone: E-mail:

(Please provide this information in case clarification is needed.)

Send to: Stephen Camilli ACTEX Learning

P.O. Box 715 New Hartford, CT 06057

i

ACTEX Learning ERM Study Manual * General Insurance Extension

Contents ERM-123-14: S&P Enterprise Risk Management Criteria 1 ERM-415-17: Strategic Risk Management in Insurance 7 ERM-705-12: P&C RAROC: A Catalyst for Improved Capital Management 11 ERM-708-13: Natural Catastrophe Loss Modeling 17 ERM-710-14: Allocation of Capital in the Insurance Industry 21 ERM-711-16: Risk Appetite for a General Insurance Undertaking (ex. Appendices) 27 ERM-712-16: Catastrophe Modeling: Guidance for Non-Catastrophe Modelers 31 ERM-713-16: Stochastic Modeling of Catastrophe Risks in DFA Models 35 ERM-714-18: U.S. Property-Casualty: Underwriting Cycle Modeling and Risk Benchmarks (section 2, pp. 95-108) 39 ERM for Property-Casualty Insurance Companies, section 2 43 Human Dynamics of the Insurance Cycle and Implications for Insurers 51 Regulatory Capital Standards for Property and Casualty Insurers under US, Canadian and Proposed Solvency II (Standard) Formulas 55 Research paper on Quantification of Variability in P&C Liabilities, CIA 59

ii


ERM-123-14: S&P Enterprise Risk Management Criteria 1


ERM-123-14: S&P Enterprise Risk Management Criteria (paragraphs 74-81)

Reviewer’s note: This is a new resource for 2014. It describes in considerable detail the methodology used by S&P in scoring a company’s ERM practices as part of its credit and financial strength ratings. The tables in the paper (not reproduced in this summary) provide an overview of what S&P considers strong, neutral or weak practices. They merit a careful reading.

I. Summary of the Criteria

S&P’s ratings process includes an evaluation of whether the firm executes its risk management practices in a systematic, consistent, and strategic manner across the enterprise.

It focuses on five main areas: risk management culture, risk controls, emerging risk management, risk models, and strategic risk management. Table 2 in the paper gives examples of practices considered strong, neutral or negative in each of these five areas.

An insurer with strong scores in the above categories is less likely to experience losses outside its established risk tolerances. The importance of the ERM score is high for insurers exposed to complex risks that could significant losses in a short period or that are highly uncertain and usually long-term in nature. The ERM score is determined for the entire firm including “core” or “highly strategic” businesses. Non-core businesses may be scored separately and get a different score than the entire firm. Start-up companies are not assigned a score higher than adequate until sufficient experience develops of the efficacy of their ERM practices. The summaries below outline the best practices in each category that would merit a “strong” or “positive” score. To the extent a firm’s practices are judged to be below these standards it may result in a neutral or negative score.

II. Risk Management Culture

Focused on four key areas

Risk governance and organization structure Risk appetite framework Risk reporting and communication Incentive compensation structures

A. Risk governance and organization structure S&P looks for the following as evidence of best practices

1. A well-defined and independent ERM governance structure

2. Involves guidance and oversight from the Board of Directors

3. A dedicated ERM function headed by a senior executive

4. Risk management functions at the business unit level

5. Clear definition of roles, responsibilities and reporting relationships

6. An effective system of risk committees with adequate resources

7. Enterprise-level functions to aggregate and manage overall risks

2 ERM-123-14: S&P Enterprise Risk Management Criteria


B. Risk appetite framework Best practices include

1. A well-defined risk appetite framework supporting effective risk selection

2. Track record of containing risk exposures within risk tolerances and limits

3. Active involvement of the Board

4. Buy-in from senior management and business units

5. Alignment with the firm's strategic goals, resources and value proposition

6. Direct linkage between risk preferences, tolerances, limits and policies

C. Risk reporting and communication Best practices include

1. Extensive and clear communications on risk with internal and external audiences

2. Frequent reporting of key risk exposures

3. A high level of transparency around its risk profile

D. Incentive compensation structures Best practices include

1. Compensation structure aligned with metrics to encourage long term goals

2. Rewards managers based on an analysis of risk/reward tradeoffs

3. Consistent with firm's strategic goals and objectives

III. Risk Controls (Processes used by the firm to manage key risk exposures)

Best practices include

1. Programs exist to identify, measure, monitor and manage risk exposures

2. Track record of managing risks within established tolerances, even in stress periods

3. Identifies risk exposures from all sources, reports exposures on multiple metrics

4. Clearly communicated risk limit system and risk limit enforcement policies

5. Continuous review (and improvement) of program's effectiveness Appendix 2 Table 4 provides a comprehensive set of standards by which to evaluate a company's risk control framework. It is quite thorough and concise and the student is encouraged to study it carefully.

IV. Emerging Risk Management (Risks that could become a threat in the future)

Evaluation of possible future risks arising from such areas as new regulation, physical environment changes, macro-economic developments, technology development, etc. Best practices include

1. Well established processes to identify, assess, monitor and mitigate these risks

2. Scenario analyses performed to estimate financial impact

3. Existing and ongoing development of new mitigation strategies



V. Risk Models (Robustness, consistency and completeness of risk models)

A best in class risk model system has the following characteristics

1. Captures material risk exposures and the interrelation of risks

2. Has a rigorous governance process including an extensive validation

3. Can perform comprehensive stochastic and deterministic scenario analyses

4. Model results are used extensively in making ERM decisions

5. Enhances a full understanding of the firm's risk profile

6. Can be used for economic capital modeling

VI. Strategic Risk Management

Defined as the process used to optimize risk-adjusted returns and to evaluate and prioritize strategic options on a level playing field. Best practices include

1. Consistent and effective risk/reward analyses supporting strategic planning, product pricing, strategic asset allocation, reinsurance strategy, new strategic initiatives such as M&A, capital planning and budgeting, etc.

2. History of successful execution including better-than-peer risk-adjusted returns

VII. Appendix II Risk Controls of Major Risks

A. Credit Risk Controls Assessment (Indicators of a positive assessment)

1. Identified all potential credit risk sources and aggregated their exposures

2. Uses multiple metrics to measure exposure reflecting both internal and external assessments

3. Takes into consideration co-dependencies between sources of credit risk

4. Performs frequent stress testing including systemic and single obligor/sector events

5. Has a comprehensive set of credit risk limits

6. Risk limits are expressed in multiple measurements

7. Counterparty exposures managed through a centralized counterparty approval process and minimum rating requirements, frequent monitoring of creditworthiness and collateral requirements

B. Interest Risk Controls Assessment (Indicators of a positive assessment)

1. Identified and captured all exposures to all sources of interest rate risks

2. Exposures are measured and monitored using multiple metrics

3. Assets and liabilities are segmented into appropriate sub-portfolios and interest rate risk limits are monitored for the sub-portfolios as well as the whole enterprise

4. Performs stress tests on the impact on financials, liquidity and economics of a variety of interest rate scenarios

5. Uses a variety of risk management strategies including active management of inforce business, strategic asset allocation and hedging

6. Product development team works with ALM team to develop appropriate investment and hedging strategies for new products



C. Market Risk Controls Assessment (Indicators of a positive assessment)

1. Identified and captured equity, real estate and currency exposures from all sources

2. Frequency of measurement and monitoring is consistent with tolerance and hedging

3. Metrics capture relevant equity risk components on both gross and net of hedges basis and supplemental stress tests are utilized

4. Uses comprehensive risk limits expressed in multiple metrics

5. Measures foreign exchange risks in all currencies to which it is exposed and has stated risk limits

6. Uses risk mitigation and hedging to keep retained exposures within risk limits

7. Has clearly defined hedge targets and has been effective in meeting those targets. Unhedged exposure is small and within risk tolerances

8. Closely monitors hedge performance and frequently rebalances as appropriate

9. Thorough hedge performance, basis risk an attribution analysis used to support hedge program and business management

10. Has well defined risk mitigation strategies and a track record of implementing them during periods of stress

11. Risk managers and product managers work closely to embed risk mitigation in product development and inforce management

D. Life and Health Insurance Risk Controls Assessment (Indicators of a positive assessment)

1. Identified and captured exposures from all sources and understands all potential policyholder behavior risks

2. Frequent and comprehensive experience studies and recent actual/expected experience has been favorable

3. Formal risk limits are directly linked to risk appetite

4. Clear, documented and communicated underwriting authorities, with closely monitored and audited compliance

5. Disciplined product development process and close monitoring of new and inforce business on all key profitability drivers

6. An effective management feedback loop from experience monitoring

7. Pricing and valuation assumptions are set prudently and extensive sensitivity and stress testing is performed

E. P/C Risks - Reserves and Claims Management (Indicators of a positive assessment) 1. A track record of reserve release consistent with target reserve levels and a n effective feedback loop

from actuarial to underwriting to claims management 2. A centralized reserving function independent of risk taking functions 3. Robustly set assumptions based on appropriate and extensive data and reflecting emerging trends 4. Uses stochastic reserve models to evaluate the risk of adverse developments 5. Has deep in-house expertise supplemented with external expertise 6. A robust review process including internal snd external actuarial reviews 7. A well-defined and extensive claims management framework



F. P/C Risks – Underwriting, Pricing and Cycle Management (Indicators of a positive assessment)

1. A track record of higher-than-peer underwriting returns with low volatility

2. A comprehensive system of underwriting authorities, limits, peer reviews and audits

3. Rigorous underwriting and counterparty/client audits

4. Underwriting platforms have pre-built quality controls and facilitate reporting

5. Uses a portfolio approach to setting risk-adjusted underwriting targets

6. Robust cycle management plans and a record of disciplined and stable pricing

7. Uses advance analyses of pricing and exposure trends using multiple sources

8. Uses multiple risk management strategies to optimize the balance between risk retention and risk transfer for maximum cost efficiency and capital utilization

9. Close coordination between business units and functional areas

G. P/C Risks – Catastrophic Risks (Indicators of a positive assessment)

1. A granular and up-to-date view of catastrophe risk exposure

2. A well-defined catastrophe risk tolerance supported by thorough analysis

3. A comprehensive system of risk limits, linked to tolerances and effectively constraining risk taking

4. Frequent and thorough analysis of concentration across the enterprise

5. Has deep in-house expertise supplemented with external resources

6. Makes rigorous reviews and improvements to proprietary models

7. Model risks and limitations are well understood

8. Vendor provided models and data are thoroughly validated

9. Uses scenario/impact analyses to supplement stochastic models

10. Uses portfolio based pricing taking into account concentration risks

H. Health Insurance Risks (Indicators of a positive assessment)

1. A disciplined underwriting process with clear limits and authorities

2. Active monitoring and analysis of claim experience with feedback to pricing/projections

3. Judicious reviews and audits of underwriting and claims management

4. Ongoing review of care trends, medical advances, etc. with impact analysis and risk mitigation strategies

5. Uses multiple medical care cost forecasting techniques

6. Staggered rate renewals to facilitate prompt pricing adjustments

7. Effective communications with regulators and health care providers

8. Use of reinsurance to balance risk retention/transfer

9. Incentive structure tied to performance targets that balance risk and reward

10. Maintains pricing/negotiating power with sponsors and networks

11. Maintains multiple providers and staggers renewal of provider contracts



I. Operational Risk Controls Assessment (Indicators of a positive assessment)

1. Identified all major operational risks using internal and industry experience

2. For key risks, owners are assigned, risks monitored and mitigation strategies in place

3. Comprehensive, documented and communicated compliance standards

4. Rigorous compliance reviews and audits

5. Effective internal audit and compliance functions

6. Business continuity an disaster recovery programs in place and regularly tested

7. Loss events and “near misses” recorded to inform the quantification of risk

8. No major losses from operational risk events in recent years

ACTEX Learning

Documents