Objective 2 Flashcards
Describe Risk Management Culture
Risk Governance and Organization Structure - clear definition of roles
Incentive Compensation Structure - align with long term goals
Risk Appetite Framework
Risk Reporting and Communication - frequent risk reporting around key risks
Describe successful Risk Appetite Framework
Thorough understanding of enterprise risk profile in relation to risk appetite.
Track record of containing risk exposures within the chosen tolerance and limits.
Well-defined framework.
Active involvement from Board and strong buy in from senior management
From ERM score: What is Risk Controls?
How is it scored?
Risk controls analyze the processes insurers employ to manage key risk exposures (i.e: Insurance risk, credit risk, etc).
Each material risk is scored: positive, negative or neutral
Describe Emerging Risk Management
Emerging risk management analyzes how the insurer addresses risks that are not a current threat, but could be in the future.
Eg: Regulation and medical developments.
Good Risk Model
The robustness and consistency of models is scored.
Captures material risk exposures and interrelation
Extensive validation
Rigorous model governance process
Describe Strategic Risk Management
Process which insurer facilitate the optimization of risk adjusted returns,
start with view of required risk capital
well defined process of allocation capital among different line of business/products.
Risk appetite
Risk preference
Risk tolerance
Risk limits
Risk appetite: Level of aggregate risk company chooses to take in pursuit of objectives
Risk preference: Qualitative statement
Risk tolerance: Quantitative statement to guide insurer in the selection of risk/Aggregate risk taking capacity
Risk limits: Quantitative boundaries to constrain specific risk taking activities.
Total Adjusted Capital =
Capital + Surplus
Describe Underwriting Risk: H2
Risk of underestimating the cost of insurance
Apply a risk factor against some measure for each health insurance product
Claim Fluctuation risk and Other Underwriting risk
Claim Fluctuation Risk
Grouping?
Formula?
Measure?
Five product groupings: Comprehensive Medical, Medicare Supplement, Dental and Vision, Part D, Other
Premium x Incurred Claim/Premium x Risk Factor x Managed care risk adjustment/discount factor
Measure: Underwriting Revenue
Describe Managed care risk adjustment factor?
Measure?
Category?
Not applicable to?
Reflects that certain contractual reimbursement leads to greater predictability in claims level and reduce the need of capital
Measure: Paid claims (not incurred)
Category: Not included, Contractual fee arrangements, Bonus payments, Capitation, Non contingent expenses - staff model HMOs.
Not applicable to Part D and Others.
Other Underwriting risk
Disability income: earned premium, individual and group not combined.
LTC: Premium, Incurred claim, Reserves
Other: Stop loss
Rate guarantees
Premium Stabilization reserves
Describe Asset Risk - Affliates (H0)
Risk that investment in stock of affiliated company may lose value
Require RBC - RBC x % ownership
Not require RBC - book value x 30%
Describe Asset Risk - Other (H1)
Risk that investments may default/decrease in value
Book value x risk factor
Cash/Bonds
Common Stock
Property & Equipment
Describe Credit Risk (H3)
Risk that amounts owed to health insurer will not be recovered. Receivables x %
Risk that capitated provider won’t fulfill contractual obligations. Annual cap x %
Describe Business Risk (H4)
Admin expense risk
ASO business risk
Guaranty fund assessment
Excessive growth risk
Change in RBC formula =
RBC ratio new = RBC ratio prior x H2 prior / H2 new
Allocating the benefits of diversification
Retain the difference centrally
Give full benefit of diversification to new business line
Start with stand alone capital requirements and then allocate diversification benefit
Consider marginal contribution of each additional business unit: Euler capital allocation principle, Standard deviation of losses, Value at risk/Tail Value at risk
Reinsurance Methods
Proportional
- Coinsurance: Fixed/excess share (final payout is fixed like Disability/LTC benefit per day), Quota share
- Modified coinsurance
- Funds withheld coinsurance
- Risk premium reinsurance
Non proportional:
- Extended wait
- Excess reinsurance - SSL and ASL (final payout is not fixed like medical reinsurance)
- Specified benefit
Challenges for new health insurers
Start up capital to meet requirements
Pricing
Networks
ORSA Section 2: Assessment of Risk Exposures
- Quantitative and Qualitative assessment of risk exposures
- Normal and stressed environments
- For each material risk categories
- Impact of stresses on capital
ORSA Section 3: Assessment of Group Risk Capital
Aggregate available capital is compared against various risks that can have an adverse impact
Assess risk over varying time horizons, valuation approaches and capital management strategies.
Comparative view against prior year
Capital needed to achieve business objectives, not RBC
ORSA Section 3: Assessment of Prospective Solvency
Demonstrate financial resources to execute multi year business plan
Describe management actions it will take to remedy capital concerns.
A feedback loop: project, action, re-project
Capital =
Asset - Liabilities
Five Main Areas/Subfactors of ERM
Risk Management Culture
Strategic Risk Management
Risk Controls
Emerging Risk Management
Risk Models
Insurer’s ERM Score - Describe Overall Score and List Subfactor Scores
Overall Score
- Very strong: all positive
- Strong: first 3 positive
- Adequate with strong risk controls: Strong risk controls, Neutral strategic risk management
- — no negatives—-
- Adequate: Neutral risk management culture, neutral risk controls
- Weak
Subfactor Scores
- Positive
- Neutral
- Negative
Considerations for the Scoring of Each Risk under ERM
Risk identification
Risk measurement and monitoring
Risk limits and standards
Risk controls: Procedures to manage risk within the limit
Execution of risk control program
Uses of Risk Models under ERM
Measuring the risk exposure
Testing risk correlation and diversification benefit
Evaluating risk mitigation strategies
Quantify capital requirements for a given risk profile
Key Areas of Analysis for Strategic Risk Management Score under ERM
Company’s strategic planning
Product pricing and repricing
Strategic asset allocation
Optimization of risk adjusted returns
Capital budgeting
Economic budgeting
Reinsurance strategy
Net retained risk profile
New risk-bearing initiatives
Main Risks for Life Insurers
Main Risks for Health Insurers
Life:
- Mortality
- Longevity
- Morbidity
- Policyholder behavior
Health:
- Morbidity
Two Key Items of Uncertainty of Reserving Risk for P&C
Level of reserves that will ultimately be needed to meet all liabilities
Timing of those liabilities
Significant Concerns for Health Insurers
and Key Risks Under ERM
Concerns:
- Changing regulations and legislation
- Rising medical cost
- Insufficient data: Less-than-perfect data in the underwriting and pricing processes
Risks:
- Underwriting
- Pricing
- Provider Renewal
- Claims Management
Key Elements Essential to All Insurers’ Operational Risk Controls Under ERM
Procedures in place to systemically:
- identify operational risks and
- to monitor,
- assess,
- and mitigate those identified risks
Sound business continuity plan (BCP) that has undergone multiple drills
Two Key Principles of ERM
Recognizes broad range of risks as either sources of capital or potential for losses
- ”Capital” risk can be negative (adverse effect) or positive (upside).
- Manage risks to exploit the upside possibilities
Holistic approach to managing diverse risks: Risks are not isolated in silos
Risk Domains of ERM
Financial: Organization’s ability to earn, raise or access capital, as well as costs associated with transfer of risk
Strategic: Ability of organization to grow and expand
Operational: Organization’s core business, including systems and practices
Regulatory: Health care statutory and regulatory compliance, licensure and accreditation
Human: Recruiting, retaining and managing workforce
Technological: Associated with biomedical and information technologies, equipment, devices and telemedicine
Issues with Traditional Risk Management
Fails to appreciate relationships among risks
Lacks optimization of collective risk evaluation
Lacks common definition of risk and how to gauge risk management efforts
Risk Handling Categories under ERM (Ways to Deal with Risk)
Avoid
Retain/Accept
Share
Reduce
Roles and Responsibilities under ERM
- Chief Risk Officer (CRO): Responsible for identifying and quantifying risks and managing the process, analyzing risk strategically. Facilitator, liaison, etc.
Board of Directors: Provides oversight, understand key elements and discuss risks regularly
Chief Executive Officer (CEO) /President: Responsible for molding corporate culture and making sure ERM functions
effectively
Chief Financial Officer (CFO): Provides analytical insight to determine risk appetite
Health Care Risk Manager: Front lines of risk management and focused on daily operations
Middle Managers and Others: Understand risks they are accountable for and manage them within approved tolerances
COSO ERM Framework
Process
Effected by people
Applied in strategic setting
Applied across enterprise
Designed to identify potential events
Manages risks to be within risk tolerance
Provide reasonable assurances
Supports achievement of key objectives
What Distinguishes CRO from Risk Manager
Risk Manager
- 1 Snapshot view
- 2 Lacks wider view to see patterns/relationships
- 3 Not sufficiently involved with sr. leadership
- 4 Decisions based on isolated issues or circumstances
CRO
- 1 Decision based on total picture of risks and opportunities
- 2 Connects dots among risks in all departments; Empowered to examine workings of all departments
- 3 Unlimited access to sr. management
Three Major Tasks for CRO (broad list)
Coordinating all risk management activities
Introducing integrated framework
Improving risk communication with internal and external partners
Key Tasks for CRO (different list than major tasks of CRO)
- Develop framework for risk management
- Identify and monitor emergent risks
- Determine risk tolerance
- Evaluate insurance coverage
- Develop alternative risk strategies
- Ensure compliance with regulations
- Inform board of significant risk issues
- Train and communicate with workforce on policies and structures
- Chair ERM committee
- Policy assessment
- Assure business continuity
- Extend risk principles to broader strategy
- Develop data strategy to build picture of operational risk
- Educate investment committee on risk management strategy
- Disclosures (internal and external)
- Deliver integrated picture of risk
Regulatory Action Levels
Company action: 150% to 200% - submit correction action plan
Regulatory action: 100% to 150% - submit corrective action plan and Commissioner may issue an order specifying corrective actions
Authorized control: 70% to 100% - Commissioner may place company under regulatory control
Mandatory control: Under 70% - Commissioner must take regulatory control of the company
Reasons why NAIC RBC Model influences states that haven’t adopted the model act
All companies filing an Orange blank (medical) must calculate Health RBC for annual statement
Regulators are familiar with the RBC concept and express concerns when TAC/ACL ratio is below 200%
Quasi-regulatory agencies like Blue Cross/Blue Shield have embraced Health RBC ratios and may require these levels from companies associated with them
Calculation of Health RBC After Covariance (RBCAC)
RBCAC: H0 - Asset Risk for Affiliates H1 - Asset Risk for Other Assets H2 - Underwriting Risk H3 - Credit Risk H4 - Business Risk
Authorized Control Level = RBCAC/2
Components of Underwriting Risk H2
Claims Fluctuation Risk = Premium x Claims/Premiums x Risk Factor x Managed Care Discount Factor
Other UW Risk
Life RBC Formula
Asset Risk for Affiliates
Business Risk
(AB)
Asset Risk - All Other
Interest Rate Risk
(AOI)
Asset Risk for Unaffiliated Common Stock and Affiliated NonInsurance Stock
Market Risk
(AUM)
Insurance Risk
Health Credit Risk
Health Administrative Expense Component Of Business Risk
Categories of Risk
Financial Risks:
Non Financial:
Financial
- Market and Economic
- Interest Rate
- Liquidity
- Credit
- Systemic
- Foreign Exchange
Demographic Risk Non-Life Insurance Risk Environmental Risk Operational Risk Residual Risk (including Basis Risk)
Four Types of Systemic Risk
Financial infrastructure
Liquidity
Common Market Position
Exposure to Common Counter Party
Four Types of Mortality/Longevity Risk
Level: Risk that underlying mortality of population differs from assumed
Volatility: Risk that mortality experience differ from assumed because of finite number of lives considered (not enough data)
Catastrophic: Risk of large losses due to significant event beyond normal volatility
Trend: Risk that mortality improve over time at a rate different than assumed.
Four Types of Non-Life Insurance Risk
Underwriting: Risk that average level of claims is different than assumed, insurance accepted when it should not have been.
Volatility:
Catastrophic: Large loss, significant event beyond normal volatility
Trend: Risk of unexpected changes from current level in the freq and severity of claims
Various Types of Operational Risk (Basel Definitions)
Internal Fraud: involve 1 party internal to the firm
External Fraud
Business Disruption and System Failures: affect physical ability to carry out business in normal place of work
Damage to Physical Assets
Employment Practices and Workplace Safety
Client, Products and Business Practices: Risk of the way firm deals with clients. Product poor design, not suitable to particular client
Execution, Delivery and Process Management
Various Types of Operational Risk (non-Basel Definitions)
- Crime Risk
- Technology Risk
- Cyber Risk
- Regulatory Risk
- People Risk (SUBLIST ON FOLLOWING CARD)
- Legal Risk
- Model Risk
- Data Risk
- Reputational Risk
- Project Risk
- Strategic Risk
Various Types of Operational Risk
People Risk
Indirect Employment Related Risks
Adverse Selection
Bias
Agency
Moral Hazard
Risk Identification Tools
SWOT analysis
Case studies
Risk-Focused Process Analysis
Risk Check Lists
Risk Prompt Lists
Risk Taxonomy
Risk Trigger Questions
Risk Identification Techniques
Surveys, Interviews
Brainstorming
Independent group analysis: Silently write down, aggregate and discussion.
Gap analysis
Delphi technique: Surveys where experts are asked to comment on risks anonymously and independently
Working group: To investigate more thoroughly
Factors To Be Included in Risk Register
- Unique Identifier
- Category Where the Risk Falls
- Date of Assessment of Risk
- Clear Description of Risk
- Whether Risk Is Quantifiable
- Likelihood of Risk
- Severity of Risk
- Period of Exposure to Risk
- Current Status of Risk
- Scenarios Where Risk Is Likely to Occur
- Details of Other Risks Linked to this Risk
- Risk Responses Implemented
- Cost of the Responses
- Details of Residual Risks
- Timetable and Process for Review of Risk
- Risk Owner
- Entry Author
Definition of Economic Capital
Additional Assets or Cash Flows to Cover Unexpected Items
Amount Needed to Cover These Unexpected Events to a Specified Measure
Consider the Risk over a Specified Time Horizon
Common definition: additional value of funds needed to cover potential outgoings, falls in asset values and rises in liabilities at some given risk tolerance over a specified time horizon
Uses of Internal Capital Model
Determine how much capital it should hold to protect against adverse events
Gives better understanding of financial implications of current strategy
Assess impact of changes in investment strategy and capital structure of organization
Pricing of new products
Decide how to allocate capital across business lines Measure performance (calculating return on capital)
Assess amount of economic capital to be held as products develop over time
Determine optimal mixes of assets and funding sources
Look at how organization copes with extreme events
Carrying out due diligence for corporate transactions (M&A)
Provide information on the financial state of an organization to regulators
Factors to Include in Margin
Uncertainty implicit in the product
Extent to which the product acts as a diversifier to other businesses
Volume of product sold
Experience that emerges from the product
Designing an Economic Capital Model
Agree What Model Is For
What Risks Will be Modeled
What Approach Will be Used
- 1 Factor Table Approach
- 2 Deterministic Approach
- 3 Stochastic Approach
Will Model be Run on Enterprise-Wide Basis or Run for Each Individual Business Line and Aggregated
Nature of Output Required
Management Actions that Require Decisions or Changes to the Capital Model
Changes to Investment Strategy in Response to Performance
Changes to Sources and Amounts of Capital
Decisions on Withdrawal of Particular Products
Premium Rates
Dividends Payable
Levels of Reinsurance
Bonuses Payable on With-Profit Policies
Measures of Economic Capital
Return on Capital
Economic Income Created (EIC)
Shareholder Value (SV)
Shareholder Value Added (SVA)
Two Common Approaches for Coinsurance
Quota Share
Fixed/Excess share
Two Types of Excess Reinsurance
Individual Excess (Specific Stop Loss)
Aggregate Stop Loss
Other Purchasers of Medical Reinsurance
Self insured employers
Providers providing prepaid benefit plans
HMO organizations providing services
Traditional insurers offering first dollar insurance and excess of loss coverage
Bases for Medical Reinsurance Coverage Periods
Loss occurring: Claims only covered if occurring during the agreement year
Risk attaching: Reinsurance period for underlying risks coincides with the insurer’s policy year
Primary Approaches to Medical Reinsurance
Specific Stop Loss Aggregate Stop Loss Combined Specific and Aggregate Quota Share Carve out coverage
Key Questions Regarding the Source of the Business for Medical Reinsurance
- Is it coming from HMO?
- Does plan include PPO networks?
- How do benefits vary inside and outside the networks?
- How are reasonable and customary limits applied?
- What employer groups are targeted and how are occupational hazards handled?
- What amounts are self-insured employer groups required to retain?
Additional Uses of Reinsurance (Other Than Traditional Coverages)
- Captive reinsurers for employee benefits
- Stop loss for providers who offer per capita services
- Securitizations of health insurance (with a special purpose vehicle)
- Capital relief with a portfolio reinsurance agreement
Issues to Consider for Insurers and Reinsurers Relating to Compliance
- Proper disclosure and communication of terms and conditions and appeals process
- Prompt and fair claim adjudication
- Fair access to discounts and networks for all insureds
- Benefits must meet or exceed ACA requirements and state regulation
Key Aspects of Why CO-OPs Fail
Outsource critical health plan functions
High vs low enrollment
Pricing strategies
Premium stabilization program
Marketing
Benefit design
Adjusting to Market Conditions
3 Key Decisions by Federal Policymakers That Increased Chances That CO-OPs Would Fail
Allowed states to permit individuals and small employers to remained enrolled in pre-ACA policies (for a transitional period)
Disabled ACA’s risk corridor program in late 2014 by mandating that it be budget neutral
Budget agreements slashed program’s $6 billion allocation by almost 2/3rds (to $2.4 billion)
Key Policy Decisions to Reduce Some Hurdles for CO-OPs, made by the Obama administration
Flexibility to sign up large employers
Relaxed marketing restrictions to engage the public
Repayment of federal loans subordinate to payment of members’ claims
Why LTC Insurance is Susceptible to Mispricing
Relatively new product (little experience)
Limited actuarial data
Potential payments far in the future (up to 50 years)
Assumptions Relevant to LTC Insurance Pricing
Interest Rate
Lapse
Mortality
Claim Incidence
Benefit Utilization
Claim Termination
Reasons for Failure/Insolvency of Penn Treaty
Policyholders lived longer than expected
Medical expenses higher than expected
Lapse assumptions were lower than estimated
Process Supported by ORSA
Risk Identification and Prioritization
Risk Measurement
Articulation of Risk Appetite and Tolerances
Implementation of Risk Limits and Controls
Development of Risk Mitigation Strategies
Capital Adequacy Assessment
Governance and Risk Reporting
ORSA Practical Considerations
Be the responsibility of the company
Incorporate forward-looking assessment of all material risks
Be embedded in the decision-making processes of the business
Insurer Requirements Under ORSA
Regularly conduct an ORSA to assess adequacy of its risk management framework, and current and estimated projected future solvency position, done at least annually
Internally document the process and results of assessment
Provide a confidential, high-level ORSA Summary Report annually to the lead state commissioner and, upon request, to the domiciliary state regulator
Primary Goals of ORSA
Foster an effective level of ERM at all insurers to identify, assess, monitor, prioritize and report on material and relevant risks identified by the insurer, using appropriate techniques for the nature, scale and complexity of the risks, in a manner that is adequate to support risk and capital decisions
Provide a group-level perspective on risk and capital, as a supplement to the existing legal entity view
Exemptions from Filing ORSA Summary Report
Individual insurer’s annual direct written and unaffiliated assumed premium less than $500 million (including international direct and assumed premium but excluding premiums reinsured with the Federal Crop Insurance Corporation and the National Flood Insurance Program); AND
Insurer is a member of an insurance group and the insurance group’s annual direct written and unaffiliated premium is less than $1 billion (including international direct and assumed premium but excluding premiums reinsured with the Federal Crop Insurance Corporation and the National Flood Insurance Program)
Major Areas of ORSA Summary Report
Section 1: Description of the Insurer’s Risk Management Framework
Section 2: Assessment of Insurer’s Risk Exposure
Section 3: Assessment of Group’s Risk Capital and Prospective Solvency
ORSA Summary Report should identify
Accounting basis (GAAP or statutory)
Date or time period that the report represents
Short summary of material changes to the ORSA from prior years (including rationale)
Scope of the ORSA, such that the report identifies which insurers are included in the report
Effective ERM Framework Key Principles Under ORSA
- Risk Culture and Governance
- Risk Identification and Prioritization
- Risk Appetite, Tolerance and Limits
- Risk Management and Controls
- Risk Reporting and Communication
ORSA Section 1 Items
Section 1: Description of the Insurer’s Risk Management Framework
- Provide a high-level overview of principles
- Describe how insurer identifies and categorizes relevant and material risks and manages them
- Describe risk-monitoring processes and methods, provide risk appetite statements and explain risk tolerances and the amount and quality of risk capital
- Identify assessment tools used to monitor and respond to changes in risk profile
- Describe how insurer incorporates new risk information to monitor and respond to changes in risk profile
Approach and Assessment of Group-Wide Capital Adequacy Considerations Under ORSA
Elimination of intra-group transactions and double-gearing where same capital is used simultaneously as a buffer against risk in two entities
Level of leverage from holding company debt, if any
Diversification credits and restrictions on the fungibility (ability to be substituted for) of capital within the holding company
Effects of contagion risk, concentration risk and complexity risk
Effects of liquidity risk or calls on the insurer’s cash position