In advanced markets, insurance and risk functions work in absolute synergy, but this is often not the case in developing markets where many organizations are still catching up with best practices. In developing markets, the delineation between these functions
has given rise to different approaches to risk management within the same organization, thereby duplicating efforts since both functions operate on similar principles. Organizations in these markets need to look at how they can better integrate insurance
and risk functions as part of an overarching move toward enterprise risk management.
The Developing Market Landscape
In many developing markets, the risk function is an evolved area of operation in sectors such as banking, life insurance, IT/ITES and pharmaceuticals, as well as large publicly-listed companies. However, for others including newer start-ups, finance, treasury and legal firms, company secretarial or sometimes human resources perform double-duty as a risk manager.
Greater emphasis should be placed on developing a separate risk function. Consider the following analogy: If a person falls sick, he or she would consult a doctor who typically prescribes a few diagnostic tests. After analysis of the test results, a treatment program will be planned and implemented. Similarly, in an organization, the risk function acts like a diagnostic lab that monitors and evaluates critical parameters of an organization’s function, internal and external stimuli, etc., and treats for the risks in conjunction with the insurance department.
These departments need to work in tandem because all organizations are exposed to risks, many of which have the capacity to destroy businesses. Thus, an enterprise risk management framework needs to be put in place to identify, assess, strategize and monitor risks.
Two important points that need to be considered in implementing an ERM framework are: 1) the universe of risks is dynamic, so it needs constant monitoring; and 2) risks usually strike in conjunction, so an organization's tolerance of it depletes due to this aggregation.
Risk management involves ascertaining the organization’s risk tolerance and appetite, which provides the basis for how risk financing is structured to optimize capital efficiency. As organizations have a limited capacity to bear risks, there is a need to transfer it, via insurance or other alternative means. That is where insurance departments play a major role. They transfer risks effectively onto the books of insurers.
Not all risks are insurable, however, and not all risks that get insured are fully transferred onto insurers. Sometimes, it does not make sense to insure a risk on account of a disadvantageous cost-benefit analysis. This leaves organizations with residual sets of risks that they need to take upon themselves and so they must evaluate other measures to mitigate them. Unless there is continuous monitoring, not only of risks but also of insurance solutions, organizations may be completely blinded to the residual set of risks they are exposed to. Furthermore, if risk evaluation and risk transfer functions are not aligned, it may compromise the ability of an organization to deal with risks.
A Broader Approach
By working together, risk management and insurance functions allow organizations to proactively manage the downside of those risks more effectively, whether that is by transferring that risk onto insurers or through other, non-insurance mitigation measures.
These functions can take a broader look at the risks facing the business, supported by a careful analysis of all potential risk exposures. Organizations are then able to develop and maintain a customized risk-relevance framework that continuously decodes the dynamic risk environment for the business and focuses on effective treatment and mitigation mechanisms as gaps are identified. With the assistance of statistical models, they can establish an appropriate level of risk appetite and tolerance, ascertain residual risk and its impact on the balance sheet, and design a suitable risk finance model that includes an optimal mix of risk transfer, retention and alternative risk transfer solutions.
In order to achieve these goals and facilitate the most effective collaboration, organizations also need to consider three critical elements:
- Structural change: The risk management and insurance functions should have parallel reporting to the risk committee or board of directors. This convergence under the attention of senior management will strengthen the strategic, administrative and execution function of the risk committee and integrate risk management and insurance elements into reports to the board, shareholders and other interested parties.
- Functional change: Both departments need to supplement the efforts of the other. For example, risk managers should focus on quantification of risk and evaluate the transfer solutions with insurance department. The insurance department should focus on new and emerging scenarios, assessment of insurance, and other modes of risk transfer and plug the outcome into risk management.
- Approach change: From insurance, risk managers get insights on different mode of risk transfer mechanisms, other than traditional insurance policies, which will pave way for creative approaches to managing risk. From risk management, insurance functions will gain visibility on top, and potentially catastrophic, risks so they can focus on balance sheet protection.
Overall, risk management and insurance functions oversee the ingredients needed to help management make more informed strategic decisions. In pursuit of this objective, the functions engage in various dedicated and multidisciplinary activities including developing and implementing risk frameworks, cross-functional analysis, self and third-party evaluations, risk finance modeling, loss prevention and control activities, and peer reviews.
Risk is a dynamic phenomenon. By operating in conjunction, the risk management and insurance functions will be best prepared to proactively decipher, prioritize and evaluate measures of mitigating it for the benefit of the organization.