Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
FERMA
Risk Management
Benchmarking Survey 2016
8th Edition
“ I am delighted to present to you the FERMA 2016 European Risk and Insurance Report,
gathering the views of more than 600...
Presentation of the survey
 Eighth biennal benchmarking survey conducted by the
Federation of European Risk Management As...
 The survey (39 questions) received 634 responses and was conducted
from April to June 2016
 The survey was divided into...
49
269
460
555
782
809
850
634
0
100
200
300
400
500
600
700
800
900
2000 2002 2004 2006 2008 2010 2012 2014 2016
Number o...
This is the eighth edition of the FERMA European Risk and Insurance Report. It has been published every two
years since 20...
Table of Content
1. Introduction
2. European insights on risk management
practices
3. European perspective
4. Insurance: E...
1. Introduction
Risk and Insurance Managers’ profile
The survey shows that the typical risk manager profile remains stable in age, gender
...
Risk and Insurance Managers’ profile
Europe’s risk management population has changed little in terms of age, gender and co...
Risk and Insurance Managers’ salary
Salary levels for risk managers in leadership positions are typically higher for male
...
A representative panel of European companies
19%
13%
10%
8%
7%
5%
5%
4%
4%
4%
4%
3%
3%
8%
Manufacturing
Energy / utilities...
A representative panel of European companies
10%
3%
14%
11%
31%
31%
Less than €50 million
Between € 50 million and
less th...
52% 51%
29%
17%
19%
32%
Risk Management Insurance
Up to 3
Between 4 to 10
More than 10
Full Time Equivalents dedicated to ...
2. European insights on risk
management practices
GRAPH CAPTION
Reports to other
function or
department
Emerging Moderate Mature/Advanced
Reports to CFO,
General
counsel/He...
CFOs remain the primary reporting line for Risk Managers across Europe
The main reporting lines are
respectively:
 Risk m...
Reporting lines of risk and insurance managers - detailed responses
2%
3%
3%
5%
5%
5%
6%
7%
10%
11%
16%
26%
2%
4%
0%
1%
11...
Risk/Insurance Managers’ roadmap: towards the development of Risk management as a strategic tool
deployed at all levels of...
Risk Management interactions with Top Management/Board
There is no
mechanism
in place to
formally
report about
risk
manage...
Relations between Risk Management and other functions: basic coordination but room for
improvement
Risk Management first-r...
Relationships between Risk Management, Insurance Management, Internal Control and Internal Audit:
unchanged organisational...
Risk mapping exercise: widely implemented but room for the development of advanced practices
No risk
mapping
approach in
p...
Risk Management technology gains greater significance
52%
47%
46%
47%
43%
46%
27%
N/A – new in 2016
57%
55%
52%
49%
46%
45...
3. European perspective
Top 10 Risks
The study reveals that the economic conditions are
currently seen as the number one threat to
successful achi...
What are the five risks for which European Risk Managers are the most/least satisfied in terms
of mitigation?
Highest leve...
What are the five risks for which European Risk Managers are the most/least satisfied in terms
of mitigation?
Satisfaction...
Mitigation strategies: tailored approaches to risks’ specificities
The survey shows that an ACCEPTANCE strategy is applied...
Risk coverage strategy: tailored approaches to risks’ specificities – Focus on TOP 10 Risks
0%
20%
40%
60%
80%
100%
Reduct...
Mitigation strategies: tailored approaches to risks’ specificities
68%
66%
65%
65%
64%
Strategic project failures
Security...
Risk map 2016
5 high risks have a low level of mitigation ("improvement zone")
The improvement zone represents high risks with a low lev...
European Priorities
Our study uncovers three clear priorities for FERMA on the EU stage:
• Establish official recognition ...
European Priorities
2. Digital (cybersecurity and data protection )
Cyber is the top priority for risk managers (combined ...
European Priorities
3. Corporate transparency
Corporate governance and transparency come in third place with 52% in the co...
4. Insurance: Evolution of the
Insurance Market and Risk
Managers’ Expectations
Loss control and prevention become priority number one
Foreseen changes to insurance programmes as a result
of the current...
Insurance buying patterns
There have been no clear changes to insurance buying patterns in the last two years. There is a ...
Compliance to local regulation remains a key consideration for international coverage
Policies issued… 2012 2014 2016 Tren...
Loss control services and claims handling
60% 61%
66%
48%
35%
58%
66% 68%
46%
41%
Property Liability (public,
products)
Cy...
Loss control services and claims handling
The three main areas of improvement for service providers (brokers, insurers etc...
Upcoming SlideShare
Loading in …5
×

FERMA European risk and insurance report 2016 - full set of results

2,147 views

Published on

FERMA's 2016 European Risk and Insurance Report is designed to serve as a high-level overview for risk
and insurance managers and other executives. Our analysis includes benchmarking information drawn from
respondents across a variety of industries and companies. The data, therefore, reflects general trends about
the profession.

Published in: Data & Analytics
  • Be the first to comment

  • Be the first to like this

FERMA European risk and insurance report 2016 - full set of results

  1. 1. FERMA Risk Management Benchmarking Survey 2016 8th Edition
  2. 2. “ I am delighted to present to you the FERMA 2016 European Risk and Insurance Report, gathering the views of more than 600 European risk managers at a time of major changes in Europe. At our general assembly in June this year, FERMA set out its strategic vision to achieve “a world where risk management is embedded in the business model and culture of organisations”. Today, we see that risk managers are increasingly moving into a position where they will help achieve that vision in their own organisations. They are taking more strategic roles, and the majority report to a chief officer or to the board. Risks are always evolving – as we see from the focus on data protection and cyber risks. Risk managers want to develop skills and tools that enhance their ability to manage such emerging risks and want their advisers, brokers and insurers to be their partners in doing so. The findings of this report, combined with FERMA’s mission and strategy, will shape our activities over the next two years. One of the priorities that our members see for FERMA is to strengthen the professional standing of risk managers in Europe, and FERMA’s professional certification programme rimap® will be an important contribution to achieving that objective. I trust that you will find FERMA’s 2016 European Risk and Insurance Report a source of valuable information and topics for further discussion as we build our profession together. “ Jo Willaert, President of FERMA
  3. 3. Presentation of the survey  Eighth biennal benchmarking survey conducted by the Federation of European Risk Management Associations  FERMA in collaboration with:  AIG  Chubb  EY  Marsh  XL Catlin
  4. 4.  The survey (39 questions) received 634 responses and was conducted from April to June 2016  The survey was divided into 3 parts: PART 1: RISK MANAGEMENT PROFESSION AND PRACTICES IN EUROPE: from S1 to Q16 This part is seeking to reinforce the understanding and positioning of the risk and insurance management role. Support the development of the risk and insurance management function. PART 2: EUROPEAN INSIGHTS ON RISK MANAGEMENT: from Q17 to Q20NEW This part is seeking to identify the main priorities for EU risk and insurance managers to ensure that FERMA supports its members’ needs and expectations as regards the risk and insurance management function. PART 3: Insurance Management : from Q30 to Q39 This part is seeking to provide EU insight on the evolution of the insurance market and risk managers’ expectations. Key facts
  5. 5. 49 269 460 555 782 809 850 634 0 100 200 300 400 500 600 700 800 900 2000 2002 2004 2006 2008 2010 2012 2014 2016 Number of respondents Total Number of responses since 2002
  6. 6. This is the eighth edition of the FERMA European Risk and Insurance Report. It has been published every two years since 2002. FERMA in collaboration with AIG, Chubb, EY, Marsh and XL Catlin, conducted the European Risk and Insurance Survey, on which the report, is based between April and June 2016. The FERMA European Risk and Insurance Survey 2016 is a fully online project. The population of the study is composed of all FERMA members (22 national associations in 21 countries) and contacts from AIG. In total, 4.407 invitations were sent: 634 participants responded to parts one and two, of which 406 also answered to the third optional part of the questionnaire. This represents a response rate of 14%, which makes it a good representative sample of the profession. The similarity in the respondents between the previous survey in 2014 and the latest version confirms that the findings are an expression of views across the European risk management community. Every participant received an invitation email with a personnel link; there were no sampling methods applied to the population. An independent research company, Toluna, collected the responses and compiled the results. Disclaimer The 2016 FERMA European Risk and Insurance Report is designed to serve as a high-level overview for risk and insurance managers and other executives. Our analysis includes benchmarking information drawn from respondents across a variety of industries and companies. The data, therefore, reflects general trends about the profession. Survey methodology
  7. 7. Table of Content 1. Introduction 2. European insights on risk management practices 3. European perspective 4. Insurance: Evolution of the Insurance Market and Risk Managers’ Expectations
  8. 8. 1. Introduction
  9. 9. Risk and Insurance Managers’ profile The survey shows that the typical risk manager profile remains stable in age, gender and salary wise since the last 2 years The typical risk manager in a leadership role is around 50 years of age (78,8%) and male (80,5%). Within the younger generation of risk managers women are still the majority in number, however women continue to lose this position quickly as the survey findings move through the risk management career time line and male risk managers predominate in leadership roles from the age of 35. The growth in the number of young risk managers is encouraging for FERMA’S risk management certification programme, rimap®, launched in 2015. We believe rimap will strengthen career opportunities for people joining the profession. FERMA’s insight
  10. 10. Risk and Insurance Managers’ profile Europe’s risk management population has changed little in terms of age, gender and compensation since 2014. Generally, risk managers are:  Male (73% male compared to 27% female)  Between 36-55 years (72%), with a small increase in young risk managers since 2014  Earning more than €100.000 a year (46%) and more than €200.000 for 7%, with salaries remaining higher for men than women by 65%  The younger generation (less than 25 years category) seems to be more diverse having 50/50 between genders  62% working for companies with turnover exceeding €1 billion  80% working for companies with more than 20,000 employees and dedicate four or more full time employees to risk management
  11. 11. Risk and Insurance Managers’ salary Salary levels for risk managers in leadership positions are typically higher for male risk managers than for women. 18% 18% 18% 15% 12% 12% 7% Less than €60k Between €60k - €80k Between €81k - €100k Between €101k - €120k Between €121k - €150k Between €151k - €200k More than €200k
  12. 12. A representative panel of European companies 19% 13% 10% 8% 7% 5% 5% 4% 4% 4% 4% 3% 3% 8% Manufacturing Energy / utilities Banking and Financial Services Professional and Business Services Transportation / logistics Insurance Technology and Telecoms Automotive Food and Beverages Retail Public sector and non-profit Real Estate Pharmaceuticals and Life Sciences Others The top 3 organization’s main sector of activity are: 1. Manufacturing 2. Energy /utilities 3. Banking and Financial services While capital intensive industries face more risks than services industries – the very reason why the majority of respondents work within these sectors – the rise of cyber risks is set to change this balance. In the future, we are likely to see higher proportions of risk and insurance managers in service industries as cyber risk continue to grow with further advancement in technology.
  13. 13. A representative panel of European companies 10% 3% 14% 11% 31% 31% Less than €50 million Between € 50 million and less than € 100 million Between € 100 million and less than € 500 million Between € 500 million and less than € 1 billion Between € 1 billion and €5 billion More than € 5 billion 13% 10% 22% 12% 13% 31% Less than 250 Between 250 and less than 1,000 Between 1,000 and 5,000 Between 5,001 and 10,000 Between 10,001 and 20,000 More than 20,000 Organization’s turnover: Organization’s total number of employees: Risk Management team in larger companies include at least 4 people :  60.6% of respondents from companies with turnover over 1 billion EUR have RM team of >4 FTE  77% of respondents from companies with turnover over 5 billion EUR have RM team of > 4 FTE  The larger company, the larger the risk management team (same as in 2014)
  14. 14. 52% 51% 29% 17% 19% 32% Risk Management Insurance Up to 3 Between 4 to 10 More than 10 Full Time Equivalents dedicated to Risk/Insurance Management More than half of European companies have up to 3 FTE dedicated to Risk/Insurance Management
  15. 15. 2. European insights on risk management practices
  16. 16. GRAPH CAPTION Reports to other function or department Emerging Moderate Mature/Advanced Reports to CFO, General counsel/Head of Legal Department, Head of Internal Audit Reports to President/Chairman, Audit (and/or risk) Committee, Board of Directors / Supervisory Board, CEO / Managing Director or General / Company secretary Risk Management function globally reports at Top Management level (88%). This practice is increasing compared to 2014 (84%). Risk Management reporting: increasing reporting at Top Management level 7% 40% 53% 17% 33% 51% 12% 36% 52% Emerging Moderate Mature/advanced 2012 2014 2016
  17. 17. CFOs remain the primary reporting line for Risk Managers across Europe The main reporting lines are respectively:  Risk managers: Board of directors, president, chief executive officer, risk committee and chief financial officer (65%)  Insurance managers: President, chief executive officer, chief financial officer, head of treasury and head of legal (73%) Risk and insurance managers are also reporting to top level non-executive functions such as presidents and the chairman as well as the board of directors and supervisory board at 21% and 16% respectively. This suggests that risk managers are beginning to gain much-needed board engagement as they start to take on a more strategic role.
  18. 18. Reporting lines of risk and insurance managers - detailed responses 2% 3% 3% 5% 5% 5% 6% 7% 10% 11% 16% 26% 2% 4% 0% 1% 11% 6% 9% 2% 9% 8% 12% 35% Chief Operating Officer General / Company Secretary Head of Internal Audit Audit Committee Head of Treasury Chief Risk Officer General Counsel / Head of Legal Department Risk Committee President / Chairman Board of Directors / Supervisory Board Chief Executive Officer / Managing Director Chief Financial Officer Insurance Management Risk Management
  19. 19. Risk/Insurance Managers’ roadmap: towards the development of Risk management as a strategic tool deployed at all levels of the organization 1. Insurance management and claims handling / insurable loss prevention (86%) 2. Development of map of risks: risk identification, analysis, evaluation, prioritization and reporting (79%) 3. Assistance to other functional areas in contract negotiation, project management, acquisitions and investments (77%) 1. Development and implementation of Risk Culture across the organization (68%) 2. Alignment and integration of risk management as part of business strategy (62%) 3. Development and embedding of Business Continuity Management / Emergency Management / Crisis Management / Incident response programes and solutions (59%) 1. Analysis of capital projects and delivering business plans (40%) 2. Design and implementation of risk financing strategy and association solutions (30%) 3. Definition of compliance (Management, Framework, embedding and assurance) (29%) 1 Top embedded activities Activities planned for 2016-2017: Not planned activities Operational risk activities remain high on the agenda for the risk profession but for the year ahead, risk managers are planning to take on more strategic responsibilities as enterprise risk management gains traction in many businesses. This trend shows that risk management is evolving, transitioning from an operational function to a strategic one. The evolution of reporting lines also indicates that risk managers are gaining much‐needed board engagement as they develop this more strategic role. FERMA’s insight
  20. 20. Risk Management interactions with Top Management/Board There is no mechanism in place to formally report about risk management GRAPH CAPTION Emerging Moderate Mature Advanced Meets Board and/or Top Management members on a requested basis Formally presents to the Board of Directors and Top Management once a year Formally presents to the Board of Directors and Top Management several times per year 7% 13% 37% 42% 10% 24% 18% 48% 11% 22% 16% 51% Emerging Moderate Mature Advanced 2012 2014 2016 A majority of respondents (51%) formally present Risk Management activities to the Board/ Top Management several times a year. Nevertheless, we note that one third of respondents still have limited interaction with Top Management.
  21. 21. Relations between Risk Management and other functions: basic coordination but room for improvement Risk Management first-rank partners No relationships < 20% Risk Management second-rank partners No relationship <35% Risk Management third-rank partners No relationship >35% 1 2 3 Risk managers are forging closer relationships with the finance function, compared to 2014, with investments/ investor relations, treasury and business budgets entering into the second-rank category. This suggests that risk managers are more involved in financial monitoring and financial decision-making, than two years ago. The IT department is only a third-rank partner of the risk management function, which is surprising with IT-related risks and cyber-attacks on the rise. The survey indicates that cyber threats continue to be seen as an IT problem and not an enterprise-wide risk management issue. For ERM to be effective, more needs to be done to fully integrate the governance and risk management of technology risks across the business.
  22. 22. Relationships between Risk Management, Insurance Management, Internal Control and Internal Audit: unchanged organisational model with Risk and Insurance Management together (all functions together in a single department), 11.0% (all functions separate in four different departments), 23.8% (Risk and Insurance Management together), 33.9% (Risk Management and Internal Control together), 7.7% (Internal Audit separate), 7.7% (Insurance Management separate), 15.8% In line with 2014 survey results, the most commonly used organisation remains Risk and Insurance Management together and separated from Internal Control and from Internal Audit. Nevertheless, this trend is decreasing (34% in 2016 vs. 40% in 2014).
  23. 23. Risk mapping exercise: widely implemented but room for the development of advanced practices No risk mapping approach in place yet GRAPH CAPTION Emerging Moderate Mature Advanced Partial approach in place (certain business units/areas, risks…) Approach in place at global corporate level (strategic, financial and operational) Approach in place from corporate level down to divisions and business units 5% 16% 17% 62% 8% 15% 22% 55% 11% 14% 26% 49% Emerging Moderate Mature Advanced 2012 2014 2016 The survey results previously revealed that risk mapping was an embedded activity in Risk Managers’ agenda. The above graph confirms this trend as 75% of the respondents perform risk mapping: 49% from corporate level down to divisions and business units and 26% at corporate level. The study indicates a negative trend in the deployment of the risk mapping from corporate level down to divisions and business units (49% in 2016 vs. 55% in 2014 vs. 62% in 2012).
  24. 24. Risk Management technology gains greater significance 52% 47% 46% 47% 43% 46% 27% N/A – new in 2016 57% 55% 52% 49% 46% 45% 35% 34% Risk reporting / Risk dashboards Risk mapping Risk registers (Comprehensive analysis of all risks related to your business, including strategic,… Monitoring of risk mitigation actions / controls Risk quantification (Evaluating the probability of a risk event occurrence and effect) & Risk… Claims analysis Risk appetite and tolerance Scenario Analysis 2016 2014 IT tools such as governance, risk management and compliance (GRC) software are playing a more significant role in supporting risk management activities, compared to 2014. While IT/GRC tools are mainly used for reporting activities such as maintaining risk registers, risk mapping and risk dashboards, it is encouraging to see that they are beginning to support activities such as scenario analysis. This development reflects the changing character of risk. As non‐physical or intangible risks, such as brand and data, increasingly make up the bulk of business assets, the value of intelligent scenario analysis and data collection analysis, supported by IT/GRC tools, will also increase. This is an area where risk managers can develop expertise and contribute to their organisations. FERMA’s insight
  25. 25. 3. European perspective
  26. 26. Top 10 Risks The study reveals that the economic conditions are currently seen as the number one threat to successful achievement of an organisation’s strategic objectives in terms of impact and likelihood. This is demonstrated by its surge to first place from fifth in 2014 and its mention by 63% of respondents compared to 47% in 2014. Business continuity disruption has made an entrance into the top 10 and jumped straight into second place. Political/country instability, non‐compliance with regulation and legislation, and competition complete the top five risks, selected by over half of respondents. Concern has increased about digital risks in various forms and interest rate and foreign exchange exposures. The latter is most likely linked to the top risk of threats to economic growth. The rise in concern about business continuity and cyber risks reveals a clear need by companies for more resilience to external threats (industrial damage, extreme events…) and growing awareness following a series of high profile cyber-attacks. Despite the evolving economic conditions and the increased concern about cyber-attacks and data privacy, “digital transformation and “strategy execution and transformation programmes” are not among the top ten risks to business. FERMA’s insight
  27. 27. What are the five risks for which European Risk Managers are the most/least satisfied in terms of mitigation? Highest level of satisfaction 1. Loss of assets (buildings, equipment,IP) 2. Safety & health 3. Security 4. Quality of products & services (design, safety & liability) 5. Environment and sustainability Lowest level of satisfaction 1. Economic growth/slowdown 2. Political, country instability (crisis, war, regulatory changes) 3. Increase of fiscal and taxes regulation (including fiscal optimization) 4. Human resources / key people, social security (labour) 5. Strategic project failures Despite the fact satisfaction levels are higher for those areas of risk where a risk manager can actually mitigate or transfer the risk, the study highlights that among the top ten risks with lowest level of satisfaction, 5 risks are not directly triggered by external factors: • Human resources / key people, social security (labour) • Strategic project failures • Cyber-attack / data privacy • Digital transformation • Market strategy, clients Satisfaction level – overall risks list
  28. 28. What are the five risks for which European Risk Managers are the most/least satisfied in terms of mitigation? Satisfaction level – focus on Top 10 risks Interest rate & Foreign exchange Business continuity disruption Noncompliance with regulation and legislation Reputation and brand IT systems and data centers Market strategy, clients Cyber-attack / data privacy Competition Political, country instability Economic conditions HighestLowest
  29. 29. Mitigation strategies: tailored approaches to risks’ specificities The survey shows that an ACCEPTANCE strategy is applied for strategic/external risks in most cases, while TRANSFER and REDUCTION strategies are mainly applied to operational/internal risks. A risk transfer strategy is applied in a limited number of instances, most frequently where risks are easy to quantify including business continuity disruption and interest rate/foreign exchange.  External risks  Accept Economic conditions; Demographics; Political, country instability; Increase of fiscal and tax regulation ... • Internal risks  Reduce Strategic project failures; Security; Safety, health; Non-compliance with regulation and legislation …
  30. 30. Risk coverage strategy: tailored approaches to risks’ specificities – Focus on TOP 10 Risks 0% 20% 40% 60% 80% 100% Reduction Transfer Accepted
  31. 31. Mitigation strategies: tailored approaches to risks’ specificities 68% 66% 65% 65% 64% Strategic project failures Security Fraud, Bribery and Insider Dealing Safety, health Noncompliance with regulation and legislation Reduction strategy 66% 46% 34% 33% 29% Loss of assets (buildings, equipment,IP) Terrorism Business continuity disruption Interest rate & Foreign exchange Supply chain, outsourcing/off shoring, logistics & transport Transfer strategy 69% 68% 66% 56% 48% Economic growth/slowdown Demographics Political, country instability (crisis, war, regulatory changes) Increase of fiscal and taxes regulation (including fiscal optimization) Competition Acceptance strategy The economic environment and political instability are considered the highest accepted risks, and these are also the areas of risk with the lowest level of mitigation, because there are limits to what businesses can do to mitigate/hedge against such forces. Non‐compliance with regulation and legislation, reputation and brand, and cyber and IT‐related risks have a lower acceptance level. Here, risk transfer or risk reduction can be used. 'Reduction' and 'Acceptance' are considered to be the most common strategies, risk transfer being a viable alternative. Risk managers are willing to put in place internal processes to reduce exposure or to accept these risks.
  32. 32. Risk map 2016
  33. 33. 5 high risks have a low level of mitigation ("improvement zone") The improvement zone represents high risks with a low level of mitigation. The survey indicates that out of the five risks in the improvement zone, three are strategic or external risks: ‐ Political, country instability ‐ Economic conditions ‐ Market strategy, clients Two operational/internal risks in the improvement zone are not included in the top 10 risks but are key topics for risk management: ‐ Human resources / key people, social security ‐ Supply chain The two new risks join the top 10 in the monitoring zone The monitoring zone represents high risks that are assessed with a better level of mitigation than others. A majority of operational risks can be found in this zone and are high on the agenda for risk management. The two newly introduced risks in the top 10 ‐ business continuity disruption and cyber attacks/data privacy – directly join the monitoring zone. The survey reveals that European organisations surprisingly rate risks related to ‘digital transformation’ and ‘strategy execution and transformation programmes’ with low impact and likelihood, whereas they both are ‘hot topics’ in the context of a changing economic environment. Risk map 2016
  34. 34. European Priorities Our study uncovers three clear priorities for FERMA on the EU stage: • Establish official recognition of the Risk Manager, • Advise on implementation of Data Protection Regulation and • Represent risk managers’ views on increased reporting and transparency requirements. 1. Recognition of the profession (legal basis) The survey shows a strong desire for official recognition of the profession, not only by organisations but also by public authorities. There is a broad support for the establishment of a legal basis for the profession (57%). Respondents believe that risk management should be embedded in non-financial sectors as a matter of good corporate governance and resilience. The position of the risk manager is not yet considered mandatory outside financial services. FERMA’s strategic vision is of “a world where risk management is embedded in the business model and culture of organisations”. It is our mission to achieve greater recognition for risk managers among EU policymakers and raise awareness among EU institutions of the fundamental role of risk managers. FERMA’s insight
  35. 35. European Priorities 2. Digital (cybersecurity and data protection ) Cyber is the top priority for risk managers (combined 68%) Survey shows that cyber is an enterprise risk and not an IT risk only by stressing the risk manager’s role concerning cyber risk assessment Risk managers are in need of a methodology to better manage the cyber risk and ways to optimize the distribution of their financial investments, notably: • Cybersecurity norms • The insurance solutions tailored to the needs of their organisation Data protection is the top European priority (55%) and a compliance challenge for risk managers. Companies will have to comply with new requirements when the EU Data Protection Regulation comes into effect in 2018. Risk managers are especially concerned about the notification of data breaches and possible fines, the appointment of a data protection officer and the data protection impact assessment to be performed. FERMA will focus its efforts on providing information and advice on the implementation of data protection and continue to stress the importance of ERM in the management of digital risks, including cyber. FERMA’s insight
  36. 36. European Priorities 3. Corporate transparency Corporate governance and transparency come in third place with 52% in the context of: 1. New EU proposals for corporate transparency and extended reporting requirements (Country by Country Reporting and Non‐Financial Reporting) 2. The OECD (Organisation for Economic Co-operation and Development), Base Erosion and Profit Shifting (BEPS) recommendations, published in October 2015 and their impact on captives The study shows the demand to explore these wide-ranging risks (52.2%) – from reputation and global competitiveness down to cross-border synergies and their management – and implement a finely balanced set of requirements, taking into account checks that ensure the right level of transparency while bearing in mind the inevitable administrative costs they will impose on companies. FERMA has been active on this dossier and will continue to be involved and advocate for • The inclusion of ERM in the Non-Financial Reporting Directive guidelines • The role played by risk managers in the context of Country by Country Reporting • The recognition of captives as a needed risk financing tool for companies FERMA’s insight
  37. 37. 4. Insurance: Evolution of the Insurance Market and Risk Managers’ Expectations
  38. 38. Loss control and prevention become priority number one Foreseen changes to insurance programmes as a result of the current financial and economic climate Strengthening loss prevention activity is the most important expected change to insurance programmes with an increase of 10 points since 2014, as a result of the current economic and financial climate. Nearly 54% of risk managers intend to invest in loss prevention activity in order to seek balance‐sheet protection. This confirms the value to insurers of providing of risk engineering services. The study also shows a decrease in the importance of negotiating long term agreements or roll‐overs, compared to two years ago (43% in 2016 compared to 50% in 2014). This is a clear indication of a soft market, and suggests that buyers do not expect rapid changes in pricing levels. There is a noticeable increase in organisations accelerating their claims settlement process from 24% in 2014 to 31% in 2016.
  39. 39. Insurance buying patterns There have been no clear changes to insurance buying patterns in the last two years. There is a tendency for retentions, limits and lines either to increase or stay the same, reflecting the continued soft market. It is interesting to note is the rise in the use of ERM tools to guide insurance purchasing decisions from 15% in 2014 to 20% in 2016, which seems to underline the increased combination of risk management with financial decisions. Compliance with local regulations remains a key consideration for international coverage. It is still by far the most important reason for implementing standalone policies in certain countries (54%). There have been no significant changes in service delivery regarding the issuance of multinational policies, compared to 2014.
  40. 40. Compliance to local regulation remains a key consideration for international coverage Policies issued… 2012 2014 2016 Trend … before inception date 15% 18% 18% …within 3 months of inception date 65% 68% 67% …more than 3 months after inception date 20% 14% 15% There have been no significant changes in service delivery regarding the issuance of multinational policies, compared to 2014.
  41. 41. Loss control services and claims handling 60% 61% 66% 48% 35% 58% 66% 68% 46% 41% Property Liability (public, products) Cyber D&O Motor For service providers (brokers, insurers, third parties) Within own organisation Main areas of improvement related to loss control services alongside insurance policies Claims data are more important than ever, according to the study. Risk managers increasingly use claims data to conduct insurance programme retention optimisation (66% in 2016 compared to 57% in 2014) and insurance programme limit optimisation (45% in 2016 compared to 47% in 2014). Assessing the cost of uninsured risks ranks third in terms of use of claims‐related data (45% in 2016 compared to 33% in 2014). Tailor‐made and user‐friendly reporting capabilities as well as claims management tools remain the top two priorities for improvement in terms of IT platform/portal for risk and insurance management, either via an in house or external solution. For both service providers and within their own companies, risk managers believe that cyber, liability and property are the main areas for improvement in relation to loss control services, alongside insurance policies.
  42. 42. Loss control services and claims handling The three main areas of improvement for service providers (brokers, insurers etc) related to loss control services and claims handling asked by risk managers are: • Confirmation of coverage as quickly as possible (38.7%) • Policy wording tests (36.9%) • Co-ordination between teams involved (35.5%) Other important areas of improvement include building relationships at the pre-loss stage between insureds, insurers and brokers, and lessons learned in the post loss stage. Transparent and clear communication is needed at all stages of the claims process: prior to a loss, during a loss and after a loss. For companies themselves, key areas of improvement are different. • Lessons learned analysis is key for risk managers with 53.9% believing that they need to improve this within their organisation. • This is followed by crisis management simulations at the pre loss stage with a 10% increase in improvement required versus 2014, and the setting up of claims handling procedures and the co-ordination between teams involved.

×