More than 10 years ago, I helped Standard & Poor’s define their insurance rating criteria for assessing the quality of enterprise risk management (ERM) programs used by insurers. We fully realized that there would be quite a variety of appropriate ERM practices among well managed insurers. But, we presumed that there was mostly one way to perform what we called strategic risk management (SRM).
As a result of that over-simplification, we initially judged that only a very few insurers had implemented any of the SRM practices that we identified. And, almost 11 years later, the majority of insurers have still not developed those practices.
Why don’t insurers practice strategic risk management?
After leaving S&P and joining Willis Re, I started to look for an explanation. I led with the presumption that the insurers who were not developing Strategic ERM as we had defined it at S&P were acting rationally — they must have a good reason that I just did not yet understand.
What I eventually learned was that while the S&P strategic risk management idea was completely consistent with the economic ideal of maximizing shareholder value, the strategies of most insurers were more complicated than that because the ability to maintain and improve market position usually dominated the purely financial considerations of risk and reward optimization that was at the heart of strategic risk management.
Linking insurer strategy with ERM
Ultimately, we found that the process of linking insurer strategy with ERM required four steps:
- Understand strategy and strategic objectives related to risk
- Identify and affirm, or modify, the basic risk management strategies for each of the major risk categories
- Identify and apply primary ERM linkages that best fit with strategy and objectives
- Assess and adapt risk plans for individual risks
These steps sound very complicated when explained in general, but, with any specific situation, many of the choices for basic risk strategy and ERM linkages fall away quickly because they are not a fit. And, for any one insurer, there are only a few choices that make sense.
For example, the six strategies below represent the approaches that most insurers take towards their business strategy. While there is usually one primary ERM linkage that makes the most sense for each business strategy, larger insurers may have multiple lines of business operating under appropriately different business strategies. This means that the primary ERM linkage may not make as much sense for their secondary businesses.
|Business Strategy||Examples of Insurers||Primary ERM Linkages|
|Affiliation/proximity||Farm bureaus, professional liability specialists||Diversification/concentration|
|Judgment & experience||Casualty, specialty||Risk appetite & tolerance|
|Scale||Largest national and global insurers||Risk profile|
|Segmentation||Personal lines insurers||Risk adjusted pricing|
|Service||WC state funds, Medicare/Medicaid||Operational risk management|
|Technical – models and analytics||Natural catastrophe, reinsurance||Risk reward optimization|
These ideas along with the results of a survey regarding business and ERM strategies of about 60 insurers were presented in a webinar I delivered recently with Kevin Madigan from the Willis Towers Watson P&C Actuarial consulting group. See the webinar in the video above.