Brehm #4 Flashcards
Operational risk
risk of loss from failed internal processes, people, and systems or from external events
> > includes legal risk, but excludes strategic and reputational risk
Categories of operational risk (7)
- internal fraud
- external fraud
- employment practices and workplace safety
- clients, products, and business practices
- damage to physical assets
- business disruption and system failures
- execution, delivery, and process management
Explanation of internal fraud and examples (3)
attempts to defraud, misappropriate property, or circumvent rules/regulations from an inside source
ex:
1. intentional misreporting
2. employee theft
3. insider trading
Explanation of external fraud and examples (3)
attempts to defraud, misappropriate property, or circumvent rules/regulations from an outside source
ex:
1. robbery
2. forgery
3. damage from computer hacking
Explanation of employment practices and workplace safety operational risk and examples (3)
acts inconsistent w/ health and safety laws/standards, result in personal injury, or diversity and discrimination issues
ex:
1. WC claims violation of health and safety rules
2. discrimination claims
3. GL claims
Explanation of clients, products, and business practices operational risk and examples (3)
unintentional or negligent failure to meet a professional obligation
ex:
1. misuse of confidential customer info
2. improper trading activities
3. money laundering
Explanation of damage to physical assets operational risk and examples (5)
physical damage from natural disaster or other events
ex:
1. terrorism
2. vandalism
3. EQ
4. fire
5. flood
Examples of business disruption and system failure operational risk (3)
- hardware/software failures
- telecommunications problems
- utility outages
Explanation of execution, delivery, and process management operational risk and examples (3)
failed transaction processing or process management and relationships w/ partners or vendors
ex:
1. data entry errors
2. incomplete legal documentation
3. vendor disputes
Primary cause of insurer failures
operational risks
Explanation of bridging process for plan LR determination
mature prior year ultimate LRs are bridged forward based on estimates of yr-over-yr LC and price level changes
ultimates for immature prior years are set using the BF method w/ELR = initial plan LR
Operational risk problem with the bridging process for plan LR determination
high degree of interdependence b/w prior yr ultimate LRs
optimistic prior year LRs roll forward and lead to optimistic plan LRs, producing a string of optimistic forecasts
as older years deteriorate, BF ELRs increase, producing reserve conflagration
Management options when facing reserve conflagration as a consequence of optimistic planning process (2)
- book reserve deficiency and suffer rating downgrade
2. change reserving process
Possible explanations for failed LR planning bridging process (3)
- inherent uncertainty - plan LR / reserve review model could not accurately forecast the LR / reserves
- people failure - plan LR / reserve review model could accurately forecast the LR / reserves, but was improperly used
- process and governance failure - plan LR / reserve review model did accurately forecast LR / reserves, but indications were ignored
UW cycle management
management of UW capacity as market pricing changes w/ the UW cycle
Types of problems resulting from inefficient UW cycle management (2)
- stability and availability problem - increases losses from increased exposures increases risk of ratings downgrades which could drive customers away
- reliability and affordability problem - risk of insolvency from recognition of mounting exposures and potential partial claim payments to policyholders
Key components of effective UW cycle management (4)
- intellectual property (aka intangible assets) - focus on retaining and developing top talent and investment in systems, models, and databases while maintaining presence in core market channels
- adaptable UW incentives - should be tied to supporting portfolio goals and adapt to changing market conditions
- preparation for market overreaction - firms with most available capital during price improvements will see profits that can offset years of UW losses
- owner education - owners must understand how to interpret results and what to do with that information
Examples of KPIs that may seem out of line under effective UW cycle management (2)
- drop in premium volume - understand that premium is result of amount of exposures and price per exposures - management should not make calls to increase market share at worst possible point in UW cycle
- overhead expense ratio - high expense ratio could indicate capital investments in intellectual property vs. operational inefficiency
Key concept of agency theory
considers management agents of a firm’s owners, whose interests are not always aligned (which creates operational risk)
Goals of agency theory (2)
- align management and owner interests (reduce operational risk)
- understand impacts of potential divergence
Potential issues with management incentives under agency theory (2)
- if management incentives are tied to company performance, managers may be more willing to take on risk than owners b/c they are allowed to “gamble with the owner’s money”
- if management incentives are firm stock options, managers may be less diversified (and more risk averse) than owners
Additional operational risks in banking and manufacturing (5)
- pension funding - financial and HR component
- IT failure
- other HR risks incl. loss of important staff, fraud, inadequate training, rule-breaking, or incompetence
- reputational risk
- lawsuits
monitoring and control more important than quantifying and funding
Examples of reputational risk (3)
- products tampering
- bad press coverage
- off-hours employee behavior
Primary objectives (5) of control self-assessments (CSA)
- reliability and integrity of info
- compliance w/ policies, laws, and regulation
- safeguarding assets
- economical and efficient use of resources
- accomplishment of established objectives/goals for operations
Critical component of key risk indicators (KRIs)
must have trigger levels that require management action
Main categories of KRIs (4)
- production
- internal controls
- staffing
- claims
Examples of production KRIs (4)
- hit ratio
- retention ratio
- pricing level
- rate per unit of exposure
Examples of internal control KRIs (2)
- audit results
2. audit frequency
Examples of staffing KRIs (4)
- employee turnover
- training budget
- premium per employee
- policies per employee
Insurer processes that could benefit from six sigma management framework process improvements (3)
- UW
- claims
- reinsurance
Steps for operational risk modeling (5)
- identify exposure base for each operational risk source (ex: payroll, policy count, CC, premium volume)
- measure exposure level for each business unit
- estimate loss potential (frequency and severity) for each unit reflecting internal controls and process effectiveness
- produce modeled frequency and severity distributions by business unit
- estimate impact of mitigation, process improvement, or risk transfer
Strategy and two things strategy is NOT
long term series of actions designed to take a company from its current state to its desired future state and aims to provide a sustainable competitive advantage over other companies in the same market
NOT:
- pure business planning - goes beyond understanding market position and how to outperform
- tactics = short term and detailed vs. strategy = long term and broad
** often overlaps w/operational risk definitions
Strategic risk vs. strategic risk taking
strategic risk = unintentional risks that occur as a result of strategic planning/execution
strategic risk-taking = intentional risk-taking as part of strategic execution
Strategic risk categories for insurers (7)
- industry
- technology
- brand
- competitor
- customer
- project
- stagnation
Highest (3) and lowest (1) strategic risk categories for insurers
highest: industry, project, and stagnation
lowest: technology
Examples of industry strategic risk (5)
- capital intensiveness
- overcapacity
- commoditization
- de-regulation
- cycle volatility
Examples of technology strategic risk (2)
- technological advancement in internet distribution
2. data management
Example of customer strategic risk
concentration risk for large commercial insurers
Examples of project strategic risk (3)
- failure of mergers and acquisitions
- underinvestment in research and development
- underinvestment in IT
Examples of stagnation strategic risk (4)
- redeployment of intellectual assets (highly task-specific)
- extensive reporting lags
- mismatch in timing of revenue and expenses
- poor insurer response to market price cycles
Key distinction b/w scenario planning (in strategic risk management) and simulation
scenario planning involves subjective interpretations of factors that cannot be modeled
Plan or actual LR calculation using traditional planning forecast methods
LR = [ base LR * ( 1 + cost trend ) ] / ( 1 + price change )
Potential problems stemming from management reluctance to deviate from plan results (2)
- unforeseen reserve deficit
2. overall portfolio mix may not be what was intended
Components of scenario planning for strategic risk management (3)
- scenarios (price changes)
- likelihoods
- response plans
Advantages of scenario planning (2)
- company considers scenarios and responses ahead of time, getting consensus on best response and saving time during crisis
- reduced organizational inertia (= more flexible plan)
Considerations when combining scenario planning for multiple LOB (3)
- consistency
- correlations
- UW capacity/allocation across LOB
Advanced scenario planning
simulates large sets of scenarios and allows for re-balancing of the portfolio to find the best strategy
best strategy maximizes a performance metric (ex: net income or economic value) and reduces downside risk (ex: TVaR)
Example of portfolio re-balancing actions in advanced scenario planning (2)
- sell bonds
2. change investment allocations
Agent-based modeling
considers impact of strategic interactions b/w companies (“agents”)
Control self assessment (CSA)
A process for examining and assessing internal control effectiveness
Examples of brand strategic risk (2)
Erosion or collapse from
- Bad press
- Class action suits
Example of competitor strategic risk (3)
- Predatory pricing
- Entrance into new lines/territories with inadequate expertise, systems, or capabilities
- Multiple competitors simultaneously targeting the same market segment