Risk Treatment Standard-ASB


Published on

A presentation on the proposed ERM risk evaluation standard by the US Actuarial Standards Board.
Présentation de la norme ERM du Actuarial Standards Board des USA

Published in: Economy & Finance
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Risk Treatment Standard-ASB

  1. 1. Session 28PD Mr. Michel RochetteEnterprise Risk Advisory,LLC September 10th, 2012 Enterprise Risk Advisory, LLC 1
  2. 2. Topics Context Two proposed risk standards:  Risk Evaluation – covered in this presentation  Risk Treatment – see ASB web site Reactions Discussion Questions Enterprise Risk Advisory, LLC 2
  3. 3. Risk Evaluation in Enterprise Risk Management Enterprise Risk Advisory, LLC 3
  4. 4. ContextEnterprise Risk Advisory, LLC 4
  5. 5. ContextSource: INGRAM, Dave(2009), “ERM and Actuaries”, Casualty Actuarial Society E-Forum, WinterEdition, p.386-395 Enterprise Risk Advisory, LLC 5
  6. 6. Context Risk Controlling: – Creation of comprehensive risk models: establish and monitor risk tolerance and limits – Some existing ASOPs fall in this category but actuaries mostly absent Risk Trading: – Pricing and valuation of risks – Most ASOPs pertain to this goal, mostly insurance Risk Steering: – EC, Risk-adjusted performance, Value Enterprise Risk Advisory, LLC 6
  7. 7. Context RISK EVALUATION RISK TREATMENTCopyright 2010 by the Society of Actuaries, Schaumburg, Illinois. . Enterprise Risk Advisory, LLC 7
  8. 8. Context Most ERM standards usually apply at the company level Most other ASB ASOPs are very specific, although they also reference risk issues: – #7: Analysis of life, health, or property/casualty insurer cash flows – #12: Risk classification (All practice areas) – #19: Appraisal of insurers – #35: Selection of demographic and other non economic assumptions for measuring pension obligations Enterprise Risk Advisory, LLC 8
  9. 9. ContextSource: INGRAM, Dave(2011), “ERM Standards of Practice: A SocraticDialogue”, SOA Annual Meeting, p.11-22 Enterprise Risk Advisory, LLC 9
  10. 10. Context Other ERM Standards of practice” being considered: – IAA: global standards initiative: Ex. Social Security – Asset management industry: some initiatives at the industry level – Auditors: some very specific individual risk standards: risk audit and SOX. Enterprise Risk Advisory, LLC 10
  11. 11. Standards in general Enterprise Risk Advisory, LLC 11
  12. 12. Standards in general Enterprise Risk Advisory, LLC 12
  13. 13. Ex. Components of StandardsIndividual Risk Standards Enterprise Risk Advisory, LLC 13
  14. 14. Risk standards Lets listen to Dave Ingrams presentation of the context at the 2012 ERM Symposium http://www.ermsymposium.org/2012/audio/C9.mp3 Source: ERM Symposium, 2012, session C9 Enterprise Risk Advisory, LLC 14
  15. 15. Risk standardsSource: ERM Symposium, 2012, session C9 Enterprise Risk Advisory, LLC 15
  16. 16. Risk standardsSource: ERM Symposium, 2012, session C9 Enterprise Risk Advisory, LLC 16
  17. 17. Risk standardsSource: ERM Symposium, 2012, session C9 Enterprise Risk Advisory, LLC 17
  18. 18. Risk standardsSource: ERM Symposium, 2012, session C9 Enterprise Risk Advisory, LLC 18
  19. 19. Risk standardsSource: ERM Symposium, 2012, session C9 Enterprise Risk Advisory, LLC 19
  20. 20. Risk Evaluation Standard Purpose: Provide guidance – not guidelines – to actuaries – for the moment – as it pertains to risk evaluation – broader than measurement, quantification but smaller than analysis – systems: - not just a framework - – Design or Implement – Use or Review Scope: apply to actuaries for any ERM phases: ERM control or compliance cycle, trading or steer objectives Enterprise Risk Advisory, LLC 20
  21. 21. Risk Evaluation Standard Different categories of risk evaluations: – Risk evaluation models: apply to 3 ERM phases – Economic Capital: mostly steer phase – Stress testing: trading & steer phases – Emerging risk: steer phase – Other risk evaluations: all 3 phases Applies to an ERM type work, not pricing nor valuation as there are particular ASOPs. Q: What about MAD in principles-based reserving? Enterprise Risk Advisory, LLC 21
  22. 22. Risk Evaluation Standard: some definitions Risk Evaluation System — A combination of practices, tools, and methodologies within a risk management system used to measure the potential impacts of risk events on the performance metrics of an organization. Risk—The potential of future losses or shortfalls from expectations due to deviation of actual results from expected results. Economic Capital—The amount of capital needed for an organization to survive or to meet a business objective over a specified period of time at a selected confidence level, given its risk profile. Enterprise Risk Advisory, LLC 22
  23. 23. Standard doesnt use “standard” definitions for some componentsEx. Standard uses counterparty risk: risk that the party providing a risk offset or accepting a risk transfer does not fulfil its obligations. Missing some components. A counterparty is larger than credit risk. Risk Management Terms Survey, SOA, 2007 SOA (2006): Enterprise Risk Management Specialty Guide May 2006, SOA CCRO (2002): Committee of Chief Risk Officers; Volume 6 of 6 Glossary, Nov 2002 Enterprise Risk Advisory, LLC 23
  24. 24. More “standard” risk definitionsSource: Risk Management Terms Survey, SOA, 2007 Enterprise Risk Advisory, LLC 24
  25. 25. Risk standard definitionsSource: Risk Management Terms Survey, SOA, 2007 Enterprise Risk Advisory, LLC 25
  26. 26. Risk standard definitions Standard risk definition: deviation from expectations only. What about the average losses? Source: Risk Management Terms Survey, SOA, 2007 Enterprise Risk Advisory, LLC 26Source: Risk Management Terms Survey, SOA, 2007
  27. 27. Potential improvements Adopt industry specific risk definitions: – Ex.http://ec.europa.eu/internal_market/insurance/docs/sol vency/impactassess/annex-c08d_en.pdf  ISO Guide 73: Risk management vocabulary Rephrase the standard to propose that the evaluation be adapted to the context of how risk definitions are actually used by practitioners Create a risk taxonomy adapted to the context:  Ex. If risk is evaluated and treated as a system – systemic risk -, different from risk evaluation by source or cause – economic capital calculation-. Enterprise Risk Advisory, LLC 27
  28. 28. Risk Evaluation Standard considerations Financial resources and risk profile: – Financial strength of the organization – broader than just capital – Risk profile, nature, scale and complexity – Current and long-term risk environments: internal and external, own assessment or based on managements – Organizations strategic goals including risk tolerance – desired volatility – of value – Interests of various stakeholders Enterprise Risk Advisory, LLC 28
  29. 29. Risk Evaluation Standard considerations Financial resources and risk profile: – External risk evaluations: Ex., as done by rating agencies ERM evaluation – Extent of dependencies, correlations, interactions of risks – Fungibility of capital resources Organizations own risk system: – Risk appetite, tolerance & management involvement – Enterprise Risk Control Effectiveness: management actions toward unexpected events Enterprise Risk Advisory, LLC 29
  30. 30. Risk Evaluation Standard considerations Interaction of financial resources, risk profile and risk system: – “If in the actuary’s professional judgement, as appropriate to the assignment, a significant inconsistency exists, then that inconsistency should be reflected in the risk evaluation.” – Important element to consider but criteria could be expanded to include other specific considerations like: • Looking at existing recent losses and how it was managed, other professionals report like Audit, financial analysts instead of only professional judgement Enterprise Risk Advisory, LLC 30
  31. 31. Risk Evaluation Standard considerations Risk Evaluation models: “Fit for the purpose:” – Sophistication of models & materiality of risks – Models reproducible & adaptable to new risks – Practical considerations: usability, reliability, timeliness, process, cost effectiveness – Limitations: inherent & statistical. Ex. VAR – Model validation, calibration, sensitivity – Approaches to model correlations Aspect missing: as in Solvency II, no “use test” Enterprise Risk Advisory, LLC 31
  32. 32. Risk Evaluation Standard considerations Risk Evaluation models: Assumptions – Assumptions supportable, documented & allow for deviations from the expected – Regularly revisited to assess effectiveness – If assumptions reflect anticipated management & actions are supportable by facts. Standard should capitalize on other work in this area, particularly in the valuation area. Could also have assumptions as to the risk control effectiveness, not just gross risk. Enterprise Risk Advisory, LLC 32
  33. 33. Risk Evaluation Standard considerations Risk Evaluation: Economic Capital models – Components: timeframe, basis to measure risk – regulatory, reputation, earnings loss,.. -, confidence level – Reflection of significant risks in a consistent and comprehensive manner – Appropriateness of method to measure each risk Standard could capitalize on the many economic capital requirements being developed for Solvency II, ICAP, Rating Agencies EC requirementsEnterprise Risk Advisory, LLC 33
  34. 34. Risk Evaluation Standard considerations Risk Evaluation: Economic Capital models – Reliance on consistent accounting framework – Somewhat inconsistent as the idea of an “economic” capital model is to measure risks on an “economic”, not an accounting approach! – Choice of appropriate methods: • Stochastic, stress tests, scenarios, standard measures like “add-ons” – Validation of the models – Assumptions: remote & unlikely: historical, market prices, experts, internal consistency, documented Risk Advisory, LLC Enterprise 34
  35. 35. Risk Evaluation Standard considerations Risk Evaluation: Stress & Scenario testing – Extent to which stress tests reflect similar degree of adversity. Ex. 1 in 200 year event – How an organization will function during a catastrophic event – I think it is the link to business continuity planning, if any - – Extreme event may be part of many extreme events – all correlations go to one -. In other words, when things go bad, they all go bad at the same time and reactions by all stakeholders – How to quantify non readily quantifiable risks and their potential total impact. Op risk + Enterprise Risk Advisory, LLC 35 reputation
  36. 36. Risk Evaluation Standard considerations Risk Evaluation: Stress and Scenario testing – Methods and models to actually assess impact on all organizations must be ascertained – Integrate disparate systems or build one integrated model – Assumptions: Tests themselves. • Effect on other assumptions • Management responses • Regulatory and market reactions • Risk mitigation and time horizon – Scenarios: limited considerations Enterprise Risk Advisory, LLC 36
  37. 37. Risk Evaluation Standard considerations Risk Evaluation: Emerging risks – Impact of emerging risks over time – Limited considerations in the standard Risk Evaluation: other risk evaluations – Used in risk monitoring, mitigation: compliance and control ERM – Apply same considerations as in general risk evaluation and risk evaluation models Data quality: ASOP 23 Documentation: ASOP 41 Enterprise Risk Advisory, LLC 37
  38. 38. Risk Evaluation Standard considerations Risk Evaluation: Document and disclosure – Economic capital: models, results, limitations, timeframe, measurement basis, confidence – Stress & scenarios: results, intended use & limitations – Emerging risks: methods and sources – Major assumptions: as before – Risks included: risks excluded? – Model validation results – If major deviations from this standard: ASOP 41 – What about other disclosure standards Enterprise Risk Advisory, LLC 38
  39. 39. Risk Evaluation Standard Potential applications IAIS Core Principles:16 and 20 NAIC ORSA NAIC Form F: Enterprise risk reports Solvency II, Pillar II, Pillar III and ORSA Rating agencies ERM and EC assessments ComFrame IAA Care report Enterprise Risk Advisory, LLC 39
  40. 40. Reactions Questions asked by the task force: Enterprise Risk Advisory, LLC 40
  41. 41. Reactions Questions raised: – Sufficient guidance for risk evaluation? – Flexible enough? – Explicit enough about the reliance on the work of others? – ERM scope clear enough so that it doesnt extend to other actuarial work? 25 comments, mostly by individuals, companies and two organizations Review comments and get your input Enterprise Risk Advisory, LLC 41
  42. 42. Reactions Comments so far: – Pierson: guidance question. Should consider joining the two proposed standards as the risk evaluation and risk treatment are related. What is relevant is the net risk to the organization – Bakos: scope questions. • Doesnt see difference between evaluation of risks net of expectations covered by this standard and other “common actuarial tasks” like reserving and pricing, which also involve risk classification & evaluation. • Only applies to CERA doing ERM work or any actuary? Enterprise Risk Advisory, LLC 42
  43. 43. Reactions Blanchard III: guidance questions – Comments on definitions and ERM cycle – Replace emerging by environmental scan – Risk modelling should be done only after understanding materiality of risks, data sources and mitigation initiatives Koller: guidance question – Align definitions with other more standard definitions Zher: good start for guidance, flexible enough, area of concern on the reliance on others Enterprise Risk Advisory, LLC 43
  44. 44. Reactions Bradley: – Make link with ORSA as risk evaluation will contribute to this process – Should standard be rephrased ERM evaluation and not just “risk” evaluation as ERM considers risks and gains? – Align “stress-test” definition with external definitions Pfluger: – More emphasis on correlation, required capital, not flexible enough to handle new standards, inevitable to integrate others Enterprise Risk Advisory, LLC 44
  45. 45. Reactions Rochette: – Is the purpose more “risk assessment” within ERM than an evaluation, which is a broader term? – View proposed standard as a good start if goal is to review, not complete enough is goal is to design, implement, use – To make it more flexible, should be more- principles based – Inevitable to work with others. EC section should refer to that explicitly, otherwise, silo EC – Should standard be ERM-context dependent? Enterprise Risk Advisory, LLC 45
  46. 46. Reactions Hay: not enough guidance, flexible enough, reliance inevitable as ERM is team-work, division of standard arbitrary – why exclude pricing, reserving, claims – not realistic to separate ERM from other “actuarial” activities Financial Reporting Council: UK regulator for governance and reporting – Board responsible to assess risks – Risk evaluation is part of that role of Boards Enterprise Risk Advisory, LLC 46
  47. 47. ReactionsEnterprise Risk Advisory, LLC 47
  48. 48. Reactions North American CRO Council: – “We strongly believe that ERM is not an actuarial process and goes beyond an actuarial function.” – “We believe it may be premature to develop a standard related to ERM and that expressing the ERM principles in the form of guidance document may be more appropriate at this time.” – “This standard would be adding to existing and growing compliance requirements in the ERM landscape.” Enterprise Risk Advisory, LLC 48
  49. 49. Your reactions?Outstanding issues related to any new ERM standards: Source: ERM Symposium, 2012, session C9 Enterprise Risk Advisory, LLC 49
  50. 50. Your reactions? Should we have such a standard? Do you agree with the ERM standard task forces earlier conclusions or do you agree with NACROs conclusions? Your reactions to the standard itself: guidance, scope, flexible enough, interactions with non actuaries? Other issues? Do you think that the actuarial profession should develop its own theoretical ERM Framework to position itself in the ERM space? Should standards reflect “existing”50 Enterprise Risk Advisory, LLC practice or “best” practice?