23 Risk Management & Controls Flashcards
What are the three lines in the “Three Lines of Defence” model of enterprise risk management? (3)
- Business Operations: a well established control environment in day-to-day operations.
- Oversight Functions: responsible for the production, implementation and monitoring of risk management policies and procedures.
- Independent Assurance Providers: internal and external audit to provide evaluation and challenge of the risk management process.
What are the factors to take into account when monitoring credit risk exposure. (6)
- Counterparty exposure - the amounts the company would lose from each counterparty.
- Adequacy of diversification.
- Likelihood of default.
- Amount that could be recovered in event of default.
- Period of exposure.
- Risk mitigating arrangements (e.g. credit risk insurance or credit default swaps).
How may a company manage market risk? (4)
- Define governance arrangements for investment management decisions.
- Define authorisation levels for investment management decisions.
- Ensure management understand the sensitivity of the liability calculations to movements in market values.
- Define management actions in the events of movements in the level of key market indicators.
How may a company manage liquidity risk? (4)
- Monitor the potential for short-term cashflow mismatches due to the volatility of claim payments and policyholder options.
- Monitor investment operations (e.g. collateral requirements for derivatives)
- Clear inclusion of liquidity risk in the company’s risk policy.
- Include liquidity risk assessment in the risk-based capital framework.
List possible sources of operational risk. (16)
- Mis-selling
- Mis-pricing
- Inadequate experience analysis
- Model risk
- Admin errors
- IT failures
- Transaction processing errors
- Data issues
- Damage to physical assets
- Business disruptions
- Customer services standards
- Staff retention
- Key person risk
- Fraud
- Failure to comply with health and safety regulation
- Conduct risk
- TCF contraventions
Define conduct risk and give six examples of issues to consider. (6)
The risk that behaviour results in poor outcomes for customers.
Examples include:
- Operational failures.
- Information asymmetries.
- Keeping pace with regulatory requirements.
- Market conditions.
- Product development activities. 6. Strategic objectives.
List nine types of model risk. (9)
- Incorrectly specified.
- Correctly specified, but incorrectly built.
- Correctly specified and built but inappropriately used.
- An inappropriate level of complexity.
- Misinterpretation of results.
- Data or assumptions that are inconsistent with the methodology.
- Errors in the process of using the model.
- Inappropriate use where the models limitations indicate that the results will be inappropriate.
- Where expert judgement is inadequately applied.
What actions can be taken to manage model risk? (6)
- Model owners being required to approve the methodology.
- Model owners evidencing that testing of the model is adequate.
- Review of model assumptions and limitations to ensure they are appropriate.
- Having documented processes with sufficient checks to ensure they are carried out correctly.
- Regular validation of models to ensure their use remains appropriate.
- Model validation being repeated when material changes occur.
List eight possible sources of unit pricing risk. (8)
- Errors in the calculation of the prices at which units are allocated or deallocated from policyholders.
- Errors in the calculation of the prices at which units are created or cancelled.
- Errors in the way that compensation for mistakes is determined.
- Not changing between bid and offer prices when needed.
- The tax allowance for unrealised gains and realised and unrealised losses.
- Where surrenders are allowed at a preceding price, anti-selective surrenders occurring due to a fall in the underlying value of assets.
- Management charge rebates being incorrect when unit funds invest in other internal or external funds.
- System errors e.g. out of date or inaccurate asset prices.
Define insurance risk and give three examples. (5)
The risk of fluctuations in the timing, frequency and severity of insured events, relative to expectations at the time of underwriting.
It can also refer to the risk of fluctuations in the timing and amount of claim settlements.
Examples:
- Variations in mortality and persistency rates.
- Guarantees acquiring a value that adversely affects the finances of the company.
- Potential expense overruns relative to pricing.
In addition to the standard proposal form, list four sources of medical evidence used by insurers for medical underwriting. (4)
- Medical examinations.
- Nurse screening.
- Medical history.
- Supplementary questionnaires.
Describe five steps UK insurers can take to address non-disclosure. (5)
- Cotinine testing for tobacco related non-disclosure.
- Comprehensive, clearly worded application forms.
- Client declarations on application.
- Random sampling of cases after acceptance.
- Abide by the industry code of practice when non-disclosure is discovered.
List three risks generated by reinsurance. (3)
- Counterparty risk
- Legal risk
- Systems and data risk
Describe a longevity swap that could be used by an insurance company to hedge the risk of an immediate annuity portfolio. (4)
The insurance company pays a fixed series of payments agreed at the outset of the swap.
The reinsurer pays a floating series of payments linked to either the actual annuity amounts paid or a specified mortality index.
Collateral is calculated regularly and paid to reflect the value of the swap at any given date.
To determine collateral, the counterparties have to agree a discount rate and the forward mortality rate for the floating leg.
State two risks that may be introduced or increased by an insurance company entering into a longevity swap. (2)
- Counterparty risk
- Basis risk (if the floating leg of the swap is based on a generic population mortality index).