Chapter 25: Risk Governance Flashcards
List the 6 stages in the risk management control cycle.
- Risk identification
- Risk classification
- Risk measurement
- Risk control
- Risk financing
- Risk monitoring
This is consistent with the actuarial control cycle:
- Specifying the problem – identifying and analysing the risks
- Developing the solution – selecting the most appropriate response to each risk and, where relevant, implementing the chosen mitigation action
- Monitoring and feeding back into the process
Which stage in the risk management control cycle is considered to be the hardest?
Risk identification is seen as the hardest aspect because the risks to which an organisation is exposed are numerous and their identification needs to be comprehensive. The biggest risks are unidentified ones, as they will not have been appropriately managed. This is particularly relevant to events that have not occurred before.
Risk Identification
The recognition of the risks that can threaten the income and assets of a organisation
Having identified each risk, the following should be determined/identified:
- Whether each risk is systematic or diversifiable
- Possible risk control processes that could be put in place for each risk (to reduce the likelihood or the impact should it occur).
- Opportunities to exploit risks to gain a competitive advantage (eg by insurance or reinsurance companies)
- The organization’s risk appetite or risk tolerance
Risk Classification
Classifying risks into groups aids the calculation of the cost of risk and the value of diversification.
It also enables a risk ‘owner’ to be allocated from the management team, who would normally be responsible for the control processes for the risk
Risk Measurement
The estimation of the probability of a risk event occurring and its likely severity, should it occur
This would normally be carried out before and after the application of any risk controls, and the cost of the risk controls would be included in the assessment.
Knowing whether a risk is high, medium or low probability and severity helps in the prioritization of risks and deciding whether the risk should be:
- declined
- transferred
- mitigated
- retained with or without controls
Risk Control
Involves deciding to reject, fully accept or partially accept each risk
This stage also involves identifying different possible mitigation options for each risk that requires mitigation
Risk control measures are systems that aim to mitigate the risks or the consequences of the risk events by:
- Reducing the probability of the risk occurring (eg control and checking procedures)
- Limiting the financial consequences of a risk (eg insurance)
- Limiting the severity of the effects of the risk that does occur (reducing probability of a catastrophic loss – eg insurance or fire extinguishers)
- Reducing the consequences of a risk that does occur – refers to consequences of a risk event that do not have a direct financial cost, but lead to adverse implications for the company, often operational the loss of trading after a fire. Eg use business continuity plan
Risk Financing
- Determining the likely cost of each risk (incl. the cost of any mitigations and the expected losses and cost of capital arising from retained risk)
- Ensuring the organisation has sufficient financial resources to continue its objectives after a loss event occurs
Risk monitoring
- The regular review and re-assessment of all the risks previously identified, coupled with an overall business review to identify new or previously omitted risks
- It is the process of ensuring that risks continue to be managed
- Objectives may be to:> determine is exposure to risks or the risk appetite of the organisation has changes over time
identify new risks or changes in the nature of existing risks
report on risks that have actually occurred and how they were managed
access whether the existing risk management process is effective
List 7 perceived benefits of risk management to the provider
SAMOSAS
Stability and quality of business improved
Avoid surprises
Management and allocation of capital improved – improves growth and returns
(risk) Opportunities exploited– improves growth and returns
(natural) Synergies identified (and related opportunities arising from this)
(risk) Arbitrage opportunities identified (and related opportunities arising from this)
Stakeholders in the business given confidence that business is well managed
Explain how natural synergies may arise in life insurance
A life insurance company may sell some products (eg term insurance) that expose it to mortality risk and other (eg annuities) that expose it to longevity risk
Explain how natural synergies may arise in general insurance
A general insurer may find that good weather increases claims on its domestic property policies as there are more subsidence (sinking of the ground) claims, but reduces claims on its motor policies as there are fewer accidents
List 5 objectives of the risk management process
- Incorporate all risks, both financial and non-financial
- Evaluate all relevant strategies for managing risk, both financial and non-financial
- Consider all relevant constraints, including political, social, regulatory and competitive
- Exploit the hedges and portfolio effects among the risks
- Exploit the financial and operational efficiencies within the strategies
Explain the difference between “risk” and “uncertainty”
“Uncertainty” means that an outcome is unpredictable.
“Risk” is a consequence of an action that is taken which involves some element of uncertainty, but there may be some certainty about some components of the risk.
For example, the provider of a whole life assurance policy is exposed to mortality risk. There is certainty that the policyholder will die - but the timing is uncertain.
Systematic risk
Risk the affects an entire financial market or system, and not just specified participants. It is not possible to avoid systematic risk through diversification.
Diversifiable risk
Risk that arises from an individual component of a financial market or system. An investor is unlikely to be rewarded for taking on diversifiable risk since, by definition, it can be eliminated by diversification. In theory, all rational investors would hold a portfolio of assets that was all well diversifies as possible