Risk Management – The Building Blocks

A Reliance Capital company9fhk0031
Continuity and Resilience (CORE)Continuity and Resilience (CORE)
ISO 22301 BCM Consulting FirmISO 22301 BCM Consulting Firm
Presentations by our partners andPresentations by our partners and
extended team of industry expertsextended team of industry experts
Our Contact Details:
INDIA UAE
Continuity and Resilience
Level 15,Eros Corporate Tower
Nehru Place ,New Delhi-110019
Tel: +91 11 41055534/ +91 11 41613033
Fax: ++91 11 41055535
Email: neha@continuityandresilience.com
Continuity and Resilience
P. O. Box 127557
Abu Dhabi, United Arab Emirates
Mobile:+971 50 8460530
Tel: +971 2 8152831
Fax: +971 2 8152888
Email: info@continuityandresilience.com

A Reliance Capital company9fhk0031 22
Risk Management – The Building Blocks
Identification Measurement MonitoringGovernance
Self Assessment
Capture of Losses
 Improve
Processes
 Improve BCM
 Enhance
Technology /
BCP
 Enhance
Business
Controls
 Project
Quality
Assurance
 Project
Readiness
Assessment
 Committees
 Regulatory
Reporting
 Quality
Assurance of
GRC processes
 Consistency
across Group
 Group Risk
 Group Audit
 Independent
Review and
Audit Control
 Legal &
Compliance
framework
 Asset Liability
Management
Governance, Risk & Compliance (GRC)
Framework – people, process & technology
Key Risk Indicators
Process Mapping
Strategy /
Design
Implementation Mitigation
Mitigation
Governance: Establishment of
policies and the definition of the
framework to implement these
policies
Identification: Stipulation and
documentation of risk exposure
along process and project lines
Measurement: Qualification and
quantification of risk and loss in
financial value and quality
Monitoring: Identification,
tracking and control of risk
events and resolution thereof
Mitigation: Proactive
management of risk exposure
Source: Reliance Life

Objective COSO Mapping Procedure
Governance: Internal Environment,
Objective Setting
Establishment of policies &
framework to implement
Identification: Event Identification Stipulation & documentation of risk
exposure along processes
Measurement: Risk Assessment, Risk
Response
Qualification & quantification of
risk / loss in financial value
Monitoring: Information &
Communication
Monitoring
Identification, tracking, & control of
risk events and resolution
Mitigation: Control Activities,
Continual Improvement
Proactive management of risk
exposure
Risk Management In RLIC consists of …

A Reliance Capital company
Risk Management Strategy
 Risk Management Framework
Enhancement and Extension of risk framework across
Support to Risk Based Capital
Rating for ERM (Enterprise Risk Management)
 Self Risk Management
Self Risk assessment across functions and decentralization
Facilitation process
Corroborative Risk Management
 Automated Risk Management
 Quantitative Risk Management tool
 Embedding risk management in process, technology and trainings

Operational Risk
RISK MANAGEMENT STRUCTURE AT RLIC
Market & Credit Risk IT Risk & BCP Insurance Risk
1. Risk Investigation
2. Risk Projects
3. KRI Dashboard
4. Risk Mate /
Automation
5. MIS and reporting
Mid office -
Investments
• Market Risk MIS
• Limit Monitoring
• Voice Call
Tracking
• Personal Trading
• Credit Review
• Investments
concurrent audit
co-ordination
1. BCP
monitoring &
co-ordination
2. DR follow-ups
3. IT risk review
& co-
ordination
4. IT Risk
Assessments
5. CAATs
1. ALM Monitoring
& co-ordination
2. Insurance risk
measures
3. Strategic risk
1. Risk Review
2. Continuous
Monitoring
3. Risk Assessments
4. Risk & Control Self
Assessment
5. Risk based internal
audit Co-ordination
6. BCM audit
monitoring
Both Reputation and Financial
impact of each risk is managed

ORGANISATION STRUCTURE OF RISK MANAGEMENT FUNCTION - People
Chief Risk Officer
ORM
(Operations Risk Management)
ERM
(Enterprise Risk Management)
Market, IT and Insurance
Risk Management
7 Zonal Managers
Manager- ERM
Group CRO
187 Assistant Branch Service Managers
Risk ManagementRisk Management
acrossacross
geography,geography,
embed inembed in
processes,processes,
products andproducts and
technologytechnology

Operations Risk Management - Process
Gap analysis and Vulnerability assessment - Facilitation
Process Mitigation Exercises
Risk Assessments Project based activities to assess risks
Qualitative & quantitative exercises for risk rating
Suggested controls to manage identified risks
Risk Reviews Conducted on service enhancements
Review risks that could possibly exists in processes laid down
Risk & Control Self
Assessments
Ownership of identifying risks and accessing the ensuing controls to manage these risks with the
process or functional owners
Facilitated by Risk Management Personnel
Root Cause Analysis Initiated to identify and assess risks
Identifying cause or causes of issues or risks that have occurred
Control & Monitoring KRI Dashboard envisages abreast of top risks
Operation Risk
Management
NB Investigations - Malpractices on Selling, Investigation & Reporting to Risk Committee
Doctor’s Audit - Malpractices on Medical Examinations to mitigate risks of proxy, tie-up with
advisors, poor performance
Malpractice Matrix - All Investigation Recommendations based on pragmatic application of matrix
Br. Control Self
Assessments
Drives on branches where there was no external review done such as Risk Reviews, Continuous
Monitoring Audit or Compliance Reviews.
Investigation on
Intermediaries
Background verification of select distribution intermediaries
Periodical Exercises Informal data / process analysis to recommend mitigation of risks in existing setup.
Informal risk assessment of sub-process where high risks are identified

Business – IT Alignment
Real Time Access -CIF
Integrated Customer DataRelationship
Business Intelligence on Tap
•Profiling Questions
•Pre-built Options
•Search Tools
Need
Assessment
Service
Configuration
•Service Inquiry
•Service
Modification
Offer
Configuration
•Behavior Modeling
•Business Rules
•Product Constraints
•Payment Options
Channel Mix
Product Mix
Loyalty
Cross Sell
Strategic
Profiling &
Analysis
Segmentation
Risk
Personalization
& Business
Intelligence
Integrated Data Sources
Transaction Queries Eyeballs Account Maint Service Req Complaints AppreciationInteraction
Real Time Data Access
Kiosk ATM E-Mail Mobile Portal BranchTouchpoints
Integrated Workflow
B
U
S
I
N
E
S
S
T
R
A
N
S
F
O
R
M
A
T
I
O
N
T
E
C
H
N
O
L
O
G
Y
A
L
I
G
N
M
E
N
T

Call Center
Mobile
Portal
TPD
Partners
Branch
Touchpoints
Customer Relationships Enterprise DaCustomer Service Subscription Customer Channel Subscription
ContentManager
EAI
Business Rules
Engine
App
Server
Integration
Firewall
Access
SingleSign-On
Enterprise IT Architecture
Hosts
DirXML
JMS,JDBC,XML,..
Glue
Customer
Employees
Partners
Provisioning
Provisioning
BPMS&
WebServices
Customer Data Hub
Credence
SAP
WorkFlow
Management
SAVVION
Core Insurance
LIFE ASIA
UnderWritting
INSC
Sales Force
Management
Directory
SAP HR

Decentralized Risk Management Activities
Zonal Compliance Audit & Risk Team to manage the following activities at
Zonal Level.
• Risk Investigations
• Zonal KRI Dashboard
• Zonal Risk Assessments & Risk Reviews
• Driving Self Compliance & Self Audits at the Branch Levels
• Updation of all the above activities in the Automated Risk Management
Systems (RISK MATE)

 Journey So Far – Risk Management at Reliance Life Insurance
 Implementation of GRC
 Risk Management Activities to monitor IRDA Compliance
 Road Map
ContentsContents

INEGRATION AND AUTOMISATION OF GRC

Strategic framework - Governance Risk & Compliance
Governance Corporate Vision
Value drivers
Corporate Mission and Objectives
Corporate Strategy
Corporate Plans
Governance Culture
Corporate Governance
IT Governance
Risk Strategic / Reputational Risk
Credit Risk Management
Market Risk Management
Operational Risk Management (Fraud Risk, IT Risk, Security Risk, BCP
Risk)
Business Risk Management
Insurance Risk Management
Compliance Regulatory Compliance
Compliance of corporate ethics, culture, enterprise policies, processes

1. Quarterly Board Meetings chaired by Independent, Non executive Directors
not being part of the Executive Management
2. Quarterly review of Risk Management and Audit practices by the Audit
Committee – consisting of non-executive members
3. Quality Review Meetings – monthly dash boards (various performance
metrics that are shared from a business perspective) – RLIC being a ISO
certified company
4. Monthly Conglomerate Reporting (Data that is mandatorily required to be
reported to the regulator in their specified formats) as per the guidance of
IRDA, RBI and SEBI
5. Independent third party Internal Auditors with access to Board for reporting
Corporate Governance practices in RLIC

Governance Committees – Board & Executive Levels
Notations: AA: Appointed Actuary; CHRO: Chief Human Resources Officer, Head -LCCS: Head -Legal, Compliance & Company Secretary, Head - New
Business Initiatives, Customer Care & Business Excellence – the above are IRDA recommended committees
Committee Members Meeting Frequency
Board Audit, Risk, ALM & Compliance
Committee (includes risk mgt.)
2 independent directors and 2 Non-executive
directors
Quarterly
Board Investment Committee
3 Non-executive directors,
President, AA, CFO, CIO
Quarterly
Executive Investment Committee President, CFO, AA , CIO, CRO Monthly
Control Committee (Risk, Audit &
Compliance)
President, CRO, AA, CFO, CHRO, Head - LCCS Monthly
Claims Review Committee
President, CFO, AA, CRO, Head – LCCS,
Head - Claims
Monthly
Grievance Redressal Committee
President, CRO, AA, Head - LCCS,
Head - NBI, CC & BE, Independent Member
Monthly

Risk Management & Compliance to Various IRDA Requirements
Requirements Management Initiatives
Corporate Governance
Guidelines for Insurance
Companies
IRDA Circular No.
IRDA/F&I/CIR/F&A/014/01/2010 dated January
29, 2010
 The RLIC had one independent Director. However one more
independent Director Mr. Chitale has been inducted to the Board,
Investment & Audit Committee.
 The ALM committee and Policyholder’s Protection Committee has
been initiated along with the Risk Audit and Compliance committee
at the board and executive level.
Economic Capital
IRDA Circular No.
IRDA/CIR/LIF/049/03/2010 dated March 11,
2010
 Risk Management Framework has been designed to achieve
Economic Capital
 Journey Towards Economic Capital has been initiated jointly with
Actuarial Department

Investments Regulations  Concurrent audit
Independent Concurrent auditor “Devdhar Joglekar & Srinivas”
appointed for complete review of investments
 System Review of Investment Application
Independent Audit was conducted by M P Chitale. Gaps were
identified and immediate actions taken for implementation
 Introduction of Mid office – Separation from Front and Back office
with a line of reporting to CRO
Mid office – as a part of Risk management function was introduced to
monitor and review complete segregation of Back office and Front
office activities, further review limits, internal / personal trading
activities, voice call reviews, monitor and update market and credit
risk to investment committee, etc.
 In-house NAV implementation
Enhancements have been done to Credence application to calculate
NAV internally. Project has been completed. Parallel run has been
initiated by the developer since end of April 2010 and will continue till
December 31, 2010.

Inspection of Corporate
Agents by Insurer:
IRDA Circular
IRDA/CAGTS/CIR/LCE/093/06/2010
Dated June 07, 2010
 All corporate Agents of Reliance Life were audited by independent
audit & investigation agency at the 135 Corporate Agents office. The
manner of audit was detailed including Document Verification, Mystery
Shopping, Background Verification, Interviews of CIEs and Specified
Persons, etc.
 Basis this actions were initiated against the corporate agents where
serious discrepancies were noted (Terminated – 90) and follow-up
closure of actionables were obtained for Corporate agents with
Medium and Low risk issues (Follow-up review for closure – 25).
Balance 20 corporate agents had no issues.
Referral Arrangements  All referral arrangements have been discontinued
Public Disclosures  Public disclosures as required by the regulation has been implemented
 Review of all public disclosures being done by independent auditors

Anti Money Laundering
Policies
 AML guidelines related to cash restrictions, identity / address / income
proofs built in the insurance (Life Asia Application) to ensure compliance
with the AML policies.
 Infrasoft (AML software) system purchased and implemented to monitor
and report AML deviations and Suspicious Transaction reporting to FIU.
File & Use Deviations  All Group products are now strictly in compliance with File & Use
 There has been Zero file & Use deviations since 2009-10
Grievance Redressal  Grievance policy have been amended as per the guidelines specified.
 Complaints buckets and TAT in the customer redressal systems has been
aligned with the guidelines specified.
Products  As per IRDA directions, two Universal life products have been
discontinued on immediate basis.
 New products complying with the recent ULIP guidelines have been filed
and approved by IRDA.
 Health products also filed, approved by IRDA
 Traditional products have been filed to reduce concentration

ERM Journey
RLIC
AllAll
InsuranceInsurance
companiescompanies

EWRM and Financial Strength Rating: BWR AAAefs
 Brickwork Ratings (BWR) has assigned BWR AAAefs (Pronounced BWR triple A EWRM and
Financial Strength rating) for Reliance Life Insurance Company Limited (RLIC) Enterprise
wide Risk Management (EWRM) and Financial Strength Rating.
 ‘BWR AAAefs’ stands for the Best EWRM capabilities and financial strength to meet ongoing
policyholder obligations.
 The rating has, inter alia, factored demonstrated ability of RLIC’s promoters to infuse capital
at regular intervals to fund growth, potential strategic partnership with Japan’s Nippon Life
Insurance Company, improving market position in terms of new premium written, diverse
customer profile, technological expertise, reported profit for Q3FY11 and over all Life
insurance industry’s growth supported by changing demographics.
 RLIC also faces certain challenges with regard to improving persistency ratio in future,
dependence on unit linked products, maturity of claims analytics and quantitative risk
management techniques. In the past, the RLIC growth was primarily driven by ULIP and
Universal Life products, and now with changed regulations, the Company will have to
demonstrate its ability to sell traditional products on sustained basis.
 The ability of the company to meet its shared business plan, improve persistency, diversify its
revenue mix across products and ensure timely implementation of its EWRM initiatives are
key rating sensitivities.

 In view of the recent developments in the macro economic scenarios across the world,
it has become essential to find ways to improve capital efficiency of the insurance
companies without threatening solvency. Too much capital will reduce the capital
efficiency and too little capital may threaten the solvency. Economic capital is a way of
ensuring proper balance between capital adequacy and capital efficiency. Economic
capital is the amount of capital required to keep the balance sheet solvent on a going
concern basis under a stress event.
 “Sufficient surplus to cover potential losses at a given risk tolerance level over a
specified time horizon.”
Economic Capital- The journey ahead

Thank you
www.continuityandresilience.com | info@continuityandresilience.com

Risk Management – The Building Blocks

More Related Content

What's hot

Viewers also liked

Similar to Risk Management – The Building Blocks

More from Continuity and Resilience

Recently uploaded

Risk Management – The Building Blocks