Brehm Ch 4 Flashcards
Define operational risk
Risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.
It includes legal risk, but excludes strategic and reputational risk.
List the 7 types of operational risk
- Internal fraud
- External fraud
- Employment practices and workplace safety
- Clients, products and business practices
- Damage to physical assets
- Business disruption and system failures
- Execution, delivery and process management
Describe the internal fraud type of operational risk and provide an example
Acts by internal party that unfairly take property or circumvent regulations.
Insurer-specific example:
claim falsification
insider trading
employee theft
Describe the external fraud type of operational risk and provide an example
Acts by a third-party that unfairly take property or circumvent regulations.
Insurer-specific example:
falsifying application information
computer hacking
Describe the employment practices and workplace safety type of operational risk and provide an example
Acts that are inconsistent with employment, health or safety laws.
Insurer-specific example:
repetitive stress
discrimination claims
general liability (customer slip and fall at office)
Describe the clients, products and business practice type of operational risk and provide an example
Unintentional or negligent failure to meet a professional obligation to specific clients.
Ex:
client privacy
bad faith
red-lining
misuse of confidential customer information
money laundering
Describe the damage to physical assets type of operational risk and provide an example
Loss or damage to physical assets from natural disasters
Ex:
damage to own office
damage to own automobile fleets
terrorism
vandalism
earthquakes and floods
Provide an example of business disruption and system failures type of operational risk
Processing center downtime
System interruptions
Telecommunication problems
Describe the execution, delivery and process management type of operational risk and provide an example
Failed transaction processing or process management, and relationships with vendors.
Ex:
policy processing errors
claim payment errors
data entry errors
unapproved access given to client accounts
incomplete legal documentation
Identify 3 causes of P&C company impairments
- Deficient loss reserves
- Underpricing
- Rapid growth
- Alleged fraud
- Overstated assets
- Catastrophes
- Reinsurance failure
- Reckless management
State the root reason for insurer failure.
Although reserves are normally cited as primary cause of insolvency, root reason for insurer failure is the accumulation of too much exposure for supporting asset based.
Deficient carried reserves are indicators of deficient initial reserving which is driven by optimistic plan loss ratios or premature reserve releases.
The plan LR determination process is considered the fulcrum of operational risk.
Fully describe a bridging model leading to financial downfall
Ultimate LR from mature years are trended forward to set the new plan LR.
Ultimate LR for immature prior years are calculated with BF method using ELRs set to initial plan LR for each prior year.
An operational problem with bridging process is that it produces a high degree of interdependence between prior year ultimate loss ratios. Thus, optimistic older prior-year loss ratios can roll forward and lead to optimistic plan loss ratios.
Eventually, older years deteriorate, cause many AYs to deteriorate.
Explain 3 possible explanations if an insurer failed due to reserve deterioration from bridging model. Explain how each relates to operational risk.
- The model could not have accurately forecasted the loss ratio (or reserves)
Operational risk: process and system failure (or inherent uncertainty and no operational risk if all competitors were wrong) - Model could have accurately forecasted the loss ratio (or reserves) but was improperly used.
Operational risk: people failure - Model did accurately forecast the loss ratio, but the indications were unpopular and ignored.
Operational risk: process and governance failure
Identify 2 potential negative consequences of an optimistic plan LR to the company’s financial results.
- Using an optimistic plan LR as ELR can lead to reserve deficiencies
- Using an optimistic plan LR as ELR can lead to inadequate rates
Explain why it is difficult to separate operational risk from underwriting risk when explaining the impact of an optimistic plan LR on the company’s financial results in retrospect.
It’s difficult to determine if forecasting model could not accurately predict the LR (underwriting risk) or if the model was simply not used/implemented appropriately (operational risk).
Briefly describe cycle management
Cycle management is the management of UW capacity as market prices change with UW cycle (hard or soft).
System performance assessments for cycle management rely on which 4 characteristics.
- Stability
- Availability
- Reliability
- Affordability
Provide an example of naive cycle management and its possible results.
Writing business at inadequate prices during a soft market in order to maintain market share.
Possible results:
- Insurer may be downgraded, causing policyholders to switch insurers (failure of stability and availability requirements)
- Insurer may go insolvent with partial recoveries on claims for policyholders (failure of reliability and affordability requirements)
Provide an example of effective cycle management. Why is this challenging?
Disciplined underwriting:
Soft market = decrease WP volume (do not write inadequately priced business)
Hard market = increase WP volume
This is challenging because it affects many critical areas simultaneously: planning, underwriting, objective setting and incentive bonuses.
Describe 2 areas to focus for effective cycle management.
- Intellectual Property
An insurer’s franchise value is driven by intellectual property.
Ex:
Retain and continue to develop top talent through soft markets
Maintain a presence in core marketing channels
Maintain consistent investment in systems, models and databases - Underwriter Incentives
Incentive plans should be flexible so underwriting decisions are aligned with corporate objectives, which change with market conditions.
Ex:
If prices drop too low, underwriters may need to stop writing new business, but their bonuses and employment should not be at risk. - Market overreaction
When prices fall too low in a soft market, the insurer should maintain underwriting discipline and write less.
When market hardens and prices overcorrect, the insurer will have capacity to write significantly more business profitably. - Owner Education
Some financial figures may diverge from those of peer companies, such as:
a. Premium volume: will drop during soft markets
b. Overhead expense ratio: maintaining intellectual property during a premium decline will cause the expense ratio to rise
Briefly explain how agency theory relates to operational risk
Agency theory considers management agents of a firm’s owners, whose interests are not always aligned.
These divergent interests are an operational risk.
State 2 goals of agency theory
- Aligning management and owner interests
- Understanding the impacts of potential divergence
Describe how interests of management and owner diverge when company agrees to pay management a % of increase in its market capital after n years.
Incentive: percentage of increase in market capital after n years.
Result: management may take too much risk to increase firm value because:
a. High upside benefit (big payoff if there is a major increase in firm value)
2. Low downside risk (gambling with someone else’s money)
Describe how interests of management and owner diverge when company agrees to pay management in stock grants or stock options.
Incentive: stock grants or stock options
Result: management may become too risk-averse because:
a. Shareholders may have diversified portfolios
b. Management has a large portion of their wealth tied to the company
Describe and explain how to handle pension funding risk
Combines financial and HR components.
Quantify this risk with models that include financial risk and firm demographics.
Describe and explain how to handle IT failure risk
Includes traditional hardware and software failure as well as viruses and internet attacks.
Monitor and control with contingency planning.
The remaining risk could be quantified and funded.
Describe and explain how to handle other HR risks.
Includes loss of important staff, employee fraud, inadequate training errors, rule breaking and incompetence.
Identification and control of these risks is most important.
Describe and explain how to handle reputational risk.
Results from product tampering, bad press coverage, off-hours behaviour of key employees, etc.
Monitoring and controlling these risks is most important.
Describe and explain how to handle lawsuits.
Results from a variety of things (making too much/little money, improper business practices)
Monitoring is key, but funding may provide value as well. Corporate culture can also reduce the risk of lawsuits.
Describe Control Self-Assessment (CSA)
CSA is a process through which internal control effectiveness is examined and assessed.
Objective is to provide reasonable assurance that all business objectives will be met.
Identify the 5 primary objectives of internal controls.
- Reliability and integrity of information
- Compliance with policies, plans, procedures, laws, regulations and contracts
- Safeguarding of assets
- Economical and efficient use of resources
- Accomplishment of established objectives and goals for operations or programs
Explain what are Key Risk Indicators (KRIs)
Risk indicators are measures used to monitor the activities and status of control environment of a particular business area for a given operational risk category.
They must have a frame of reference (escalation criteria/trigger level). When KRIs reach these, management is required to take action.
Explain the key difference in review frequency of KRIs.
While typical control assessment processes occur only periodically, risk measures can be measured daily.
Explain the key difference with historical losses of KRIs.
KRIs are forward-looking indicators of risk, whereas historical losses are backward-looking.
Provide 4 insurer KRI examples
- Production:
Hit ratios
Retention ratios
Pricing levels
Rate per unit of exposure - Internal controls
Audit results
Audit frequency - Staffing
Employee turnover
Training budget
Premium per employee
Policies per employee - Claims
Frequency
Severity
New classes of loss
Describe the 6 sigma framework and list 4 areas of focus.
Six sigma is a management framework.
Name means that customer-specified tolerances for product defects are plus/minus 3 standard deviations from mean.
Six sigma focuses on:
1. Process redesign
2. Project management
3. Customer feedback
4. Internal communications
5. Design tradeoffs
6. Documentation
7. Control plans
Provide 3 examples of insurer processes that might benefit from process improvements of six sigma.
- Underwriting
Exposure data verification
Exposure data capture
Price component monitoring
Classification
Hazard selection - Claims
Coverage verification
ALAE
Use of outside counsel
Case reserve setting - Reinsurance
Treaty claims
Reporting
Coverage verification
Reinsurance recoverables
Disputes
Letters of credit
Collaterization
Provide 2 benefits of six sigma
Identify and eliminate:
1. Inefficiencies
2. Errors
3. Overlaps
4. Gaps in communication
5. Gaps in coordination
Describe the steps needed for operational risk portfolio management.
- Identify exposure base (payroll, head count, policy count, premium volume)
- Measure the exposure level
- Estimate the loss potential (frequency and severity) per unit of exposure
- Create loss frequency and severity distributions by combining steps 2 and 3
- Estimate the impact of risk mitigation, process improvement or risk transfer on freq/sev distributions
Define strategic risk
Strategic risk is the risk to the company from making the right or wrong strategic decisions, not making a decision or not recognizing that a strategic decision needs to be made.
It’s the risk of choosing the wrong plan given market conditions.
Define strategy
Long-term series of actions designed to take a company from its current state to its desired future state and aims to provide a competitive advantage over other companies in the same market.
Describe 2 things that strategy is not
- Pure business planning
Strategy goes beyond this by ensuring companies understand the markets in which they are competing, where they sit relative to their competitors and how they will compete and outperform their rivals. - Tactics
Tactics are short-term and detailed. Strategy is long-term and broad in scope.
Define strategic risk management (SRM)
Means to devise and deploy a systematic approach for managing strategic risk.
List 2 important elements of strategic risk.
- Voluntariness of exposure
- Controllability of consequences
- Discounting in time
- Knowledge of risky situation
- Magnitude of impact
- Group/individual factors
List 2 concerns factored into strategic decision making under simplistic approach.
- Obtaining more accurate forecasts
- Adjusting factors empirically
- Raising thresholds for required returns
- Estimating best, probable and worst case outcomes (rudimentary scenario analysis)
- Considering selected probabilities on key factors
Describe 4 components of strategic risk analysis, their level of risk to insurer and provide an example.
- Industry
Capital intensiveness, overcapacity, commoditization, deregulation, cycle volatility.
Insurer risk: very high
Ex:
UW Cycle
Insurance as a commodity - Technology: shift, patents, obsolescence
Insurer risk: low
Ex:
Data management
Innovations in distribution over internet - Brand
Erosion or collapse
Insurer risk: moderate
Ex:
Reputation loss through bad press or class action lawsuits. - Competitor
Global rivals, gainers, unique competitors.
Insurer risk: moderate
Ex:
Predatory pricing from competitors
Entrance into new market with inadequate expertise/system - Customer
Priority shift, power, concentration
Insurer risk: moderate
Ex:
This is an issue with large commercial insurance business - Project
Failure of R&D, IT, business development or M&A
Insurer risk: high
Ex:
Value-destroying M&A, underinvesting in R&D and IT - Stagnation
Flat or declining volume, price decline, weak pipeline.
Insurer risk: high
Ex:
Response to changes in UW cycle
Describe scenarios used in scenario testing.
Range of future outcomes is limited to a fixed number of states called scenarios.
Scenarios…
1. Describe how various elements might interact under certain conditions.
2. Are tested for internal consistency and plausibility.
3. Are used to explore the joint impact of various uncertainties.
4. Change several variables at one time, trying to capture the impacts of major shocks in key variables.
5. Are more than just simulation output. They include subjective interpretations of factors that cannot be modelled.
Describe the key steps in scenario planning process
- Define the scope of the analysis (time frame, segments, etc)
- Identify the major stakeholders (customers, competitors, employees, shareholders)
- Identify basic trends and their influence on organization
- Identify key uncertainties
- Construct initial scenario themes by combining key elements
- Check for consistency and plausibility (scenarios should be realistic and internally consistent)
- Develop learning scenarios (identify themes that are strategically relevant)
- Identify research needs (understand trend and uncertainties identified)
- Develop quantitative models
- Evolve toward decision scenarios (iterative process to converge to scenarios used to test strategies and generate new ideas)
Describe a traditional planning approach
Begins by defining key plan components by LOB:
1. Base loss ratio
2. Cost trend
3. Price change
4. Target premium volume
5. Plan loss ratio
Describe 2 issues of the traditional planning approach
- Based upon plan estimates
Theoretically, these estimates are unbiased and realistic.
In reality, they are often overly optimistic due to the need to meet overall corporate profit or premium volume targets. - When actuals deviate from overly optimistic plan, managers are reluctant to deviate from plan numbers.
This results in booked numbers that are unrealistic for far too long.
Underwriters do whatever is necessary to meet their plan numbers at the detriment of the company’s health.
Describe the scenario planning approach (alternative to traditional planning)
In contrast to traditional planning approach, scenario planning expands the single point estimate for price change from different scenarios (pessimistic, realistic, optimistic).
The likelihood and response plans for each scenario must be decided in advance.
For the 3 options, firm would need to develop detailed plans that would be activated depending on how market conditions play out (need to be monitored).
Calculate scenario LR
Scenario LR = Base LR *(1+Cost Trend)/(1+Price Change)
Describe a potential insurer response in the optimistic scenario
Ride the wave:
Insurer might books premium written.
Describe a potential insurer response in the pessimistic scenario
Bail out:
The insurer might tighten premium written to avoid chasing market share in unprofitable environment.
Describe 2 advantages of scenario planning
- Company thinks through responses beforehand
Can select best strategic response to different market conditions - Reduces organizational inertia
Provides more flexibility compared to trying to “make plan” even if market conditions change
Describe advanced scenario planning
Using ERM models, large sets of scenarios can be generated.
Depending on the scenario, the best strategy can be found by maximizing some performance metric and reducing downside risk.
Describe how advanced scenario planning can be used in asset risk management.
For each scenario, various asset strategies are tested by simulating returns.
Each strategy is represented as a set of asset selection rules. Rules are repeatedly applied to rebalance portfolio in response to environment changes.
Rebalancing measures include selling bonds, changing investment allocations and buying tax-exempt investments in response to portfolio tax position.
Selected portfolio is the one that maximizes a performance metric (ex: NI, economic value) and reduces downside risk (ex: TVaR).
Provide 2 examples of insurance-related action rules in response to environment changes,
- Hold price in response to market price decreases. This reduces premium volume and market share.
- Allocate underwriter capacity in various ways based on anticipated price adequacy levels.
Describe how interactions between multiple firms might be handled in scenario planning.
In reality, multiple companies are engaged in strategy testing simultaneously.
These strategies compete with each other, creating negative impacts.
Capturing the dynamics of simultaneous action requires agent-based modelling (ABM).
Describe agent-based modelling (ABM)
ABM is a method for studying systems of interacting agents.
These agents are independent entities capable of assessing the environment, selecting courses of action and using those selections to effect change on the environment.
When one agent’s changes interact with another agent’s changes, new qualities are creates in the environment (emergent properties).
Provide an example of how one firm’s strategy might conflict with another firm’s strategy.
One firm might independently plan to target a profitable market segment.
The firm might create detailed plans outlining the target premium volume and loss ratio.
However, they fail to recognize the fact that other competitors have also noticed the profitable segment.
When all competitors attempts to grow in the same segment, prices drop and profitability decreases.
ABM allows a firm to model these types of interactions.