It’s been called the US$37 trillion question: the total amount of risk out there in the world, defined as the approximate total amount of annual insured losses globally. This is the figure for 2015, the year that saw the highest ever number of natural disasters with a total of 128 catastrophic events and 26,000 related deaths. In recent surveys of risk management professionals, they said they are being hugely challenged by tight regulation to come up with a clear governance model for risk management.
Regulators around the world are being challenged more and more on insurtech and new technologies such as AI and automation. They have been focusing more closely on the role of the board of directors in setting an insurer’s risk appetite and ensuring this is implemented effectively by management.
The modern insurance environment has become global and interconnected. The risk management challenge is more complex and more cross-border. An earthquake in Japan can lead to the failure of a bank on the other side of the world. An event like Brexit with a dip in foreign exchange rates can flip the advantage between two competitors. Sensitive databases are interconnected between dispersed systems, software houses and outsourcing providers, frequently ending up on an API or the smartphone of the consumer. So it is no longer possible to manage different risks independently.
Consider all the challenges the insurance industry currently faces: the shift in the digital customer experience, new eco-systems, artificial intelligence, predictive analytics, cyber risk, personalization, disruption from external competitors, breaking silos of activities and pressures on capital adequacy with appalling bond yields.
When the confluence of all these things comes together in the hyper-connected world, it will sit at the risk desk.
Speaking at the recent Instech 2020 conference Barry Hawkins, Head of Dynamic Underwriting and Pricing, AXA said that in an age of data enrichment, where data is becoming an arms race for insurers, a particular concern is regulation and more specifically regulators struggling to keep up with changes to the insurance eco-system.
In Europe, the effects of the EU data protection regulation GDPR represent another set of external risks and another wave of change.
“Data will allow us to become better risk managers. It is an opportunity, not just a threat,” said Barry Hawkins. “For example telematics is enabling young drivers to get insurance who would otherwise be priced out of the market.”
It is self-evident that risk managers manage risk, but in any insurance organisation their role can vary depending on the nature of the business. Some risk functions are much more active than others, and involved in the value chain.
Marcia Cantor-Grable, Risk Director at Prudential, commented: “Risk teams are, and should be, a catalyst. It should not just be about business as usual. Risk doesn’t necessarily mean stop….The opposite of risk is opportunity.”
However, when you have very siloed activity in the insurance organisation, the risk management function tends to be narrow and passive. There is a risk of doing nothing, failing to keep pace with a more open, agile, data-driven approach which consumers are demanding.
Risk management is changing with technology and regulatory pressures
For insurers who are not just UK-centric, there are also different political, legal and regulatory systems which are hugely complex for the risk management function to navigate.
So to what degree are new risk techniques being adopted with technology?
“I am a big fan of technology,” said Marcia Cantor-Grable. “But with the rise of populism and consumer power we need to get to an agnostic playing field. Operating in the cloud is a benefit but there are still some brass tacks that need to be hammered down [in terms of the global landscape of regulation]….For example risk managers need to look carefully at the jurisdiction where the data is hosted and so on.”
There are so many complexities right now for risk managers operating across more than one legal jurisdiction. There are pressures to stretch established risk techniques to create a little extra margin.
Meanwhile the regulatory cost of getting data protection wrong for the insurer, in terms of penalties, is highly onerous. The reaction to cyber risk, outside of the insurance industry itself, has been generally to ignore it as a risk function.
“I predict the actuarial function will change and it will be much more an analytic and data function,” commented Andrew Wildon, Chief Risk Officer, NHBC.
Stephen Kramer, Head of Digital Analytics Catalysts at SwissRe, agreed that data is having a big impact on risk models.
“You can begin to manage risk more actively up front,” he said. “There are more signals and this is where insurers have to transform, not just paying out, but managing the risk.”
Follow the link to the LexisNexis Risk Solutions website to find out more about how we support insurance providers.