Iaa Risk Book

IAA Risk Book
Chapter 1 - Introduction to the IAA Risk Book

David Sandberg
1. Introduction/Overview
The IAA Risk Book provides a set of high quality reference materials for use in managing the
uncertainty of insurer risks. The IAAs aim in developing these materials is to help ensure both the
sustainability of insurance programs and the protection of their policyholders.
This chapter of the Risk Book is organized into the following sections:
2. Opportunities
3. Challenges
4. Solutions
5. Stakeholder Tools Supervisors
6. Stakeholder Tools Insurers
7. Emerging Actuarial Tools and Processes
8. Conclusion
The terms insurance regulator and insurance supervisor are sometimes used inter-changeably
despite some real differences in function. For ease of communication, this chapter uses the term
supervisor (i.e., as in International Association of Insurance Supervisors) unless the term
regulator is clearly more appropriate.
2. Opportunities
Historically, actuaries have played many important roles for providers of insurance (e.g., pricing,
product design, valuation, and risk and capital management). In addition, the actuaries have
provided a unique and central interface between supervisors and the providers of insurance
coverage to ensure both the sustainability of insurance programs and the protection of
policyholders.
The actuarial profession has contributed significantly to the development of risk management tools
and processes, both within and outside the insurance industry. Actuarial practice continues to
improve the understanding, measurement and communication of risk and its implications through
the development of tools (and increasingly processes) to manage the uncertainty of risk in a
sustainable and transparent fashion. These tools and processes aim to trace, manage and mitigate the
acceptance and transmission of the uncertainty of risk, perhaps serving in a similar aspirational
capacity to the way that accounting debits and credits trace the acceptance and transmission of cash.
This allows industry stakeholders, including actuaries, supervisors and management, to clarify risk
exposures, recognize their sensitivities and provide sustainable, ongoing, management oversights.
The 2007-08 Global Financial Crisis (GFC) demonstrated that the worlds financial systems,
including both corporations and supervisors, need better processes to facilitate the effective
This paper has been produced and approved by the Insurance Regulation Committee of the IAA
on 29 September 2015.
2015 International Actuarial Association / Association Actuarielle Internationale
provision of sustainable risk taking and risk pooling. Clarifying the necessary framework developed
for insurance may also have relevance for other components of the financial system.
In 2004, before the GFC, the International Actuarial Association (IAA) published A Global
Framework for Insurer Solvency Assessment. Originally prepared for the International
Association of Insurance Supervisors (IAIS), this book explored the elements needed for an
international capital standard for insurers and provided a best practice approach available to all
supervisors. It dealt with methods supervisors might use to assess insurers current financial
position, as well as to understand the range of their possible future financial positions.
This Risk Book adds to the IAAs 2004 work, as well as lessons learned from the GFC, by
addressing professional developments in the areas of governance, management and regulation of
insurance risks. These processes are needed to enable sustainable management of the uncertainties
of pooled risks. They constitute part of the internal franchise value and intellectual capital of the
company, as essential as economic capital is for ensuring sustainability. Each chapter in the Risk
Book highlights key messages of interest to boards, senior management, financial analysts,
actuaries, and supervisors. These messages apply to both established and evolving structures for
pooling risk. Each chapter is valuable as a solo tool, but their real value comes from applying
multiple tools simultaneously and taking advantage of their synergies and implications to (and uses
in addressing) the larger challenges of the financial system.
3. Challenges
The governance, management and regulation of insurance risk are faced with a number of
challenges.
1. Market complexity The financial markets within which insurance operates are
complex. A simplified map of the financial market inter-relationships is included at the
end of this chapter. The financial markets continually evolve as participants strive to
remain competitive. This evolution fuels the birth and transformation of financial
products such as banking, insurance and financial instruments. This stretches and
reshapes the boundaries of conventional wisdom as to which products should be
categorized as insurance, banking or securities. This evolution of financial products,
including insurance, is healthy but at the same time represents challenges to: 1)
supervisors attempting to fulfill their mandates; 2) insurers attempting to fulfil promises
and achieve success for their stakeholders and 3) financial product consumers attempting
to manage their financial needs (e.g., protection, investment and financing).
2. Uncertainty of risk Unlike auditable cash and inventory, the assessment of risk is
incomplete without addressing the underlying uncertainty. Claims are subject to
uncertainty as to their level, trend, timing and volatility. The assets used to fund these
future claims will also have risks associated with their ultimate value, especially for life
insurers. The manner in which different risks will interact or be dependent on each other
and on a common set of circumstances (e.g., scenario or stress) can also be uncertain.
Although the measurement of the effects of past events can be an important basis for
assessing the future, conditions can change in ways that cannot be predicted from past
experience. As a result, past experience is not necessarily predictive of future experience.
To submit comments about this paper or to report any problems with the website, please send an
email directly to riskbookcomments@actuaries.org.
1-2
How to exercise sound judgment in a dynamic environment with the use of tools and
techniques is the focus of much of this collection of chapters1.
3. Many dimensions of insurer risks Governing, managing and regulating insurer risks
is challenging due to the many dimensions of those risks. For example, a partial list of
some of the dimensions includes:
a. Presence of credit, market, insurance and operational risks (among others)
b. Insurance product guarantees which can last for decades or lifetimes
c. Presence of substantive policyholder options (e.g., withdrawal, renewal and resets)
d. The nature of insurance products which tend to be a liability driven business
requiring careful attention to asset liability management, notably for life insurers
e. The variation in coverage type; some insurer risks have loss distributions skewed to
their tails (e.g., catastrophic earthquake insurance) while others have more normal
distributions (e.g., group dental).
f. The nature and scope (and size) of non-life insurance risks continually change, such
that data from a few years ago may not be fully relevant to current risks, and the type
of risk can vary greatly from one product to another. Hence there tends to be a
shortage of sufficient data to get precise measures of the risk before the risk changes.
In addition, the data for one product is generally not relevant to another product.
g. The need to consider the integrated effect of all an insurers risks, at both the entity
and the group level when considering an insurance group. This means allowing for
such factors as synergistic effects, diversification, fungibility constraints and
liquidity needs.
As a result of these challenges, there is no single risk measure that provides sufficient information
for the governance, management and regulation of insurance operations. Multiple tools are required
to provide sufficient perspective.
Currently, the Financial Stability Board and the International Association of Insurance Supervisors
(IAIS) are facing the substantial difficulties involved in creating a global Insurance Capital
Standard (ICS) for insurance. This is due, in part, to the challenges inherent in the governance,
management and regulation of an insurers risks. For example, the development of the ICS and
capital requirement in various jurisdictions has focused on the merits and challenges of standardized
approaches versus internal models. Both approaches have important benefits and shortcomings 2.
1
An important contrast between banking and insurance is that insurers use these tools to estimate, report on, and
manage their liabilities of unknown value in comparison with the usually straightforward market value determination of
their assets. Banks have the reverse situation -- the value of their liabilities (deposits) is easily known, but the value of
their assets is not. Thus, banks have applied some of these tools and techniques to their assets (such as loans made to
individuals and businesses), without, unless specified by their regulators, of a consistent professional approach and
methodology that are effectively integrated into their regulatory framework.
2
A common approach will assume a frequency/severity model (or one based on frequency and/or timing) for calculating
all risks. While applicable to most life and pension coverages, and for many non-life (property and casualty) offerings,
each coverage and loss type can have its own frequency and severity distribution. In practice, for products with multiple
loss types/coverages, the focus is generally on aggregate loss estimates over all loss types, not the individual odds or
probabilities for frequency and severity (which may never be explicitly calculated for some products).
1-3
Standardized approaches have the advantage that they are based on industry averages and consistent
shocks (perhaps applied through factors multiplied by financial statement amounts) to all insurers,
thereby achieving a form of apparent comparability. The disadvantage of standardized approaches
is that by design they will not capture the specifics of an individual insurers risks or the way in
which those risks are managed and mitigated. An internal model approach enables the specifics of
the risks faced by each insurer to be considered and modeled directly. Supervisors, however, face
the challenge of making appropriate assessments of the models, their calibration, their validation,
their governance and their use when internal models are used. In addition, supervisors are faced
with the challenge of cross-insurer comparability of methods and key assumptions.
The need for multi-dimensional perspectives of an insurers risks is illustrated by the use by
insurers and supervisors of both the insurers current financial position (e.g., point in time capital
requirements), and its projected future financial condition, informed by processes such as ORSA or
stress testing.
In the popular movie Toy Story, Buzz Lightyear says To infinity and beyond. The chapters of the
IAA Risk Book address the challenge To future uncertainty and beyond. They provide a
description of the tools and processes available to supervisors, insurers and actuaries to estimate and
effectively manage pooled risks in a sustainable manner. The IAA hopes that these tools will be
applied beyond their historically successful micro-applications (focused on the sustainability of
individual insurance organizations) to also be of significant value to the macro issues involving the
intersection of insurance, banking and other financial services.
4. Solutions
The actuarial profession is strategically positioned to contribute to and advance the development of
risk management tools due to its emphasis on ensuring sustainable pooling of risk for all
stakeholders. The aspects of the profession that contribute to making this possible include:
A widely recognized body of learning derived from research, education, training and
practical experience at a high level;
Specialized and general knowledge and skills;
Adherence to high ethical and technical standards;
Being subject to a formal disciplinary process; and
A self-declared professional mission to consider and contribute to the needs of the public
beyond its members personal gain.
From this foundation, actuaries have developed globally recognized skills and expertise to help
ensure the long run sustainability of pooled risk ventures and arrangements. These open-ended
problems, while complex, are manageable if approached in a disciplined and thoughtful manner.
Historically actuarial work with regard to the balance sheet largely involved developing reliable
point-in-time numbers to report to stakeholders. Stakeholders, however, need more they need to
have the implications embedded in those numbers explained clearly, including the limitations of the
underlying models, and they need to recognize that management understands the risks involved and
is taking prudent steps to mitigate those risks. Risk management is the umbrella term used to
describe identifying, managing (mitigating), and communicating all inherent risks and uncertainties
not just those inherent in financial reporting.
1-4
The actuarial profession has stepped up to this challenge and undertaken pioneering research to
develop risk management methodologies and processes. Some of these efforts are addressed in this
Risk Book. It highlights tools and processes used by the various stakeholders to identify, manage,
and report on risk which are at the heart of the actuarial approach to risk management, such as the
actuarial control cycle3.
DEPICTION OF THE ACTUARIAL CONTROL CYCLE
5. Stakeholders Tools Supervisors

The terms insurance regulator and insurance supervisor are sometimes used inter-changeably
despite some real differences in function. For ease of communication, this chapter has used the term
supervisor (i.e., as in International Association of Insurance Supervisors) unless the term
regulator is clearly more appropriate. In reality there are two separate functions the regulatory
function may set out rules and regulations to be applied by insurers, while the supervisory function
may focus on assessing compliance with applicable laws and regulations and carrying out such
monitoring/intervention as are necessary and allowed for under the supervisors powers. Many
supervisory authorities also have regulatory powers. Jurisdictions may choose to retain legislative
control over certain matters rather than fully delegate this power to the insurance supervisory
authority.
3
A colloquial (i.e. Wikipedia derived) definition for the actuarial control cycle is a set of specific activities that
involves the application of actuarial techniques to real world business problems. The actuarial control cycle requires a
professional within that field (i.e., an actuary) to specify a problem, develop a solution, monitor its consequences, and
repeat the process.[1] Actuarial organizations worldwide are increasingly integrating the actuarial control cycle into their
examination/qualification processes as a framework that helps to define actuarial projects.
https://en.wikipedia.org/wiki/Actuarial_control_cycle Also, see diagram (x) at the end of this paper. This cycle has been
the foundation for emerging actuarial professional processes for ERM and Model Governance that will be further
discussed in this Risk Book. It is also a standard engineering concept used in many traditional engineering fields.
1-5
A forthcoming chapter of this Risk Book - Resolution (of insolvencies) is particularly germane to
this topic. Although it is a detailed exposition by a UK actuary of the resolution process in the UK,
the principles outlined are applicable globally.
A supervisors authority to act stems from the enabling legislation of their jurisdiction. Such
legislation will identify the nature of the powers granted as well as the scope of the entities subject
to supervision. For example, one supervisors enabling legislation includes the statement that their
object is to supervise financial institutions in order to determine whether they are in sound
financial condition and are complying with their governing statute law and supervisory
requirements under that law. Other supervisory powers that may be granted by enabling legislation
might include market conduct, resolution, licensing and systemic risk monitoring. Each jurisdiction
will assign these powers (or others) among one or more supervisory bodies.
Insurance supervisors exercise their powers through a variety of tools that cover the spectrum from
must comply with regulations (hard tools) to moral suasion (soft tools). Some examples of
the harder and softer tools4 include:
1. Harder tools:
a. Regulations (i.e., must comply some jurisdictions also have other tools or use
other names such as guidelines which may be a hard tool in some jurisdictions
or a soft tool in others);
b. Valuation and capital requirements;
c. Statutory actuarial roles;
d. Disclosure requirements, both public (such as financial reporting standards) and
private (such as the ORSA);
e. Intervention powers, including the ability to require changes to the insurers plans
and strategies to reduce its risk profile and improve its capital position, as well as to
require the preparation of recovery and/or resolution plans (See Chapter [E] on
Resolution for a through discussion of this tool);
f. Quantitative assessments were certain financial components determined correctly
or are they within standards;
g. Examination authority and authority to fine; and
h. Authority to prohibit or restrict certain operations or transactions.
2. Softer tools:
a. Supervisory framework the process by which the supervisory authority will assess
the insurers under its jurisdiction;
4
Many of these tools are also used by banking supervisors, but their perspective and purpose may differ. For example,
the time horizon for identifying and addressing a banking crisis may be a matter of days, while for insurance it may be
many months or years. In addition, once intervention actions are needed, the banking supervisor often has complete
fungiblity to move capital throughout a series of legal entities within a group, while the insurance supervisor may need
to freeze all funds in related entities.
1-6
b. Manner in which professionals such as actuaries and auditors (with their professional
practice standards and discipline processes) are either relied upon or used (i.e., trust
but verify);
c. Supervisory intensity instead of supervisory reliance only on a submission of
materials, there is the option to include considerable in-depth review by supervisory
staff (especially those skilled in actuarial matters), along with regular in-person
discussions with insurer staff);
d. Moral suasion works best in a climate of mutual trust and respect;
e. Qualitative assessments e.g., covering the effectiveness of governance and the
actuarial function;
f. Ability to collaborate with and learn from other supervisors as part of supervisory
cooperation and coordination (e.g., supervisory colleges); and
g. In depth discussions with management and access to private corporate information.
6. Stakeholders Tools - Insurers

There is a suite of tools (often enhanced by actuarial standards) that is often used by insurers
(depending on their scale, breadth and complexity) to meet the competing needs of the various
stakeholders (e.g., shareholders, policyholders, supervisors and customers) for the effective
governance of insurer risks (identification, management and communication). These include:
1. Enterprise Risk Management (ERM) concepts such as risk governance, appetite, limits
and controls;
2. Use of risk experts, with those from a profession (especially actuaries) being perhaps the
most valuable;
3. Effective control functions for actuarial matters, risk management and audit, including
how they are organized to address governance of internal models (especially their control
and validation), which may include a version or variation of what is currently described
as three lines of defense;
4. Appropriate use of management tools such as reinsurance, both proportional and non-
proportional (see chapters 6 and 7), hedging investment risks, and asset liability matching
techniques (which will be addressed in upcoming chapters);
5. Current financial position assessment, which may involve consistent valuation of balance
sheet items and an assessment of additional capital needs and regulatory capital
requirements;
6. Future financial condition analysis including the ORSA process (which will also be
addressed in an upcoming chapter);
7. Models, including both external vendor models and models developed internally, which
include financial, catastrophe (cat) and economic capital models;
8. Stress and scenario testing;
9. Responsible pricing, product design and inforce management;
10. Voluntary disclosures to both shareholders and policyholders; and
1-7
11. Traditional corporate management processes such as disaster recovery, strategic
planning, compensation philosophy and market positioning.
The underlying challenge with this multiplicity of tools is that while each tool is important, the
sheer number of such tools can create confusion within the insurer and reduce focus on the
important risks involved. Not only can these tools be viewed as being redundant, rather than
complementary, but the substantive cost of maintaining these tools will need to be justified. In
addition, it is possible that the key messages from the different tools will be confusing or even lead
to incorrect conclusions without proper orchestration of the tools and their results. Actuaries have a
unique perspective to understand the many dimensions of risk. This allows them to be able to
develop the key messages provided by the combination of risk tools available to the insurer. The
actuarial function frequently works closely with the Chief Risk Officer (CRO) in these matters to
help ensure that all policyholder promises and obligations are met, while also meeting shareholder
expectations (e.g., profitability and sustainability).
The financial statements (balance sheet and income statement) are where serious mismanagement
issues are ultimately revealed. As a result, management typically focuses on identifying and
managing the leading indicators of risk before they arrive on the financial statements. Sometimes
this can be achieved through mitigation techniques such as reinsurance, product design, group
structures and hedging. At other times management identifies and measures risk and sets limits of
acceptable risk through an ERM process. A key to understanding these topics is that each tool
mitigates some, but not all, risks. In this Risk Book, we will clarify which risks each tool is best
suited for, what residual risks will remain, and what might lead these residual risks to become
material.
7. Actuarial Tools and Processes

The IAA has created this Risk Book to provide insight into existing actuarial tools and processes
and the synergistic value of their integrated use. The IAA also hopes the Risk Book will accelerate
the development of, and added value arising from, emerging actuarial tools and processes,
including:
1. Roles and functions of the actuary - There has been a growing global recognition of the
role and importance of the actuarial function within insurers. Increasingly, supervisors
recognize the actuarial function as a control function. Despite this recognition,
uncertainties may remain over the important features of an effective actuarial function.
This is explored further in chapter 2.
As an example of various roles and functions, twenty five years ago in the United States,
two actuarial roles were written into its statutory reporting requirements to address the
inherent conflict between the use of factors and professional judgement. For life
insurance products, the role of the actuary was to express an opinion and write a report
(subject to both supervisory and regulatory requirements and to actuarial standards) that
identified any risks that were missed by factor reserves and to increase the reserves, if
needed. The role of general insurance actuaries was to opine on the reasonableness of
the recorded claim liabilities (i.e., whether the recorded number fell within the range of
possible estimates that the actuary considered reasonable). This was an explicit
supervisory acknowledgement that the uncertainty inherent in such an estimate allows for
a range of reasonable estimates. The actuarial role today is well suited to further
1-8
expand on this concept of reasonable ranges for the uncertain future, while also
recognizing that any estimates and/or ranges cannot be guaranteed to be sufficient in all
possible scenarios. In both cases, the actuary provides a more relevant risk context to an
accounting number that may be subject to inappropriate interpretation without that
context. By so doing, the tools used to estimate and manage risk can reveal and address
the level of uncertainty/volatility that may accompany these estimates.
2. Internal models - It is increasingly recognized that internal models are an important part
of insurer risk and capital management. However, their use is frequently subject to a
mistrust reflected in a commonly referred to saying by George Box that essentially, all
models are wrong but some are useful. There can also be a concern that a mark-to-
model mentality may result in management and boards not recognizing unmodelled
risks or the limitations of the internal models. An important element in fostering
confidence in the results of internal models is the development of effective governance
processes for such models and their assumptions. An upcoming chapter of the Risk Book
is devoted to this topic as are standard setting projects at the IAA and the US Actuarial
Standards Board.
3. ERM - An emerging focus of the profession has been to identify the key processes
needed for sustainable risk management. This has resulted in the development of
standards for actuaries practicing in an ERM role (such as those adopted in the United
States, and the model standards addressing ERM processes being developed by the IAA).
This professional focus addresses many of the gaps and criticisms of the historical focus
solely on financial statements (which can be backward looking by their very nature and
hence poor at providing helpful forward looking assessments). The value of the forward
looking aspects of ERM has recently been recognised in supervisory requirements on
insurers Own Risk and Solvency Assessment (ORSA). A forthcoming chapter of the
Risk Book focuses on ORSA and the actuarial involvement in this important tool and
process.
4. Integrating micro and macro tools - There has been a post-financial crisis development
to better understand and communicate insights on interconnectedness, aggregation and
systemic implications. We identify and suggest briefly how some of the micro tools
discussed in this Risk Book may have relevance to macro needs. We hope that further
elaboration will be developed by means of collaboration with others. Possible topics
include:
a. Time horizon of risk - How can we best incorporate the time dimension over which
risk exposures are manifested, as well as for corrective action(s) that can/will be
taken? What does risk look like one month, one year and three to five years into the
future? What tools and processes are needed to address the longer time horizon
inherent in many insurance risks? This will require addressing risk across various
business models with different relative risk exposures and time horizons. We need to
develop additional tools for this purpose.
b. Correlations - How to assess the extent of the correlations between risks, especially
how they change in stressed times compared to normal times?
c. Capital requirements and process requirements - We have tended to address risk by
cataloguing/aggregating all risks into risk factors (or models) to calculate required
1-9
capital. However, while some risks can be mitigated by capital, others are better
mitigated through improved processes. Since processes are the elements that create
and maintain franchise value (separate from the balance sheet measurement of
specific assets and liabilities), can we develop supervisory requirements that lead to
reduced process risk exposures?
d. Stress testing - We develop capital requirements based on stress testing and scenario
testing. These requirements are based on a defined risk tolerance and presumed risk
distribution. As a process, what are standardized languages and terms we could use
to facilitate comparability across firms and sectors?
e. Interconnectedness tools - Can we use network theory or other tools to build visual
risk maps to better reflect and communicate the character and dependencies of risk
instead of our traditional reliance on spreadsheets and pages of text? Can the map
show a systemic landscape of risks and their current linkages?5 Could a public
mapping/database of financial and economic variables apply to a companys unique
risk profile? Can this mapping also reflect past observed correlations (including
regime shifts) and include the ability to dynamically alter them?
8. Conclusion
We do not intend to create a one and done Risk Book, but rather build something like a dynamic
Wikipedia summary of risk topics of current interest. We hope that this will spawn additional
research into these topics, as well as relevant spin-off topics. Each chapter covers the central issues
of its topic and includes references to additional information, where available. The IAA will update
and maintain these chapters and their interrelationships on an ongoing basis on its website. The Risk
Book is available to the worldwide actuarial profession and all those concerned with the sustainable
governance (via identification, management and communication) of insurance operations.
________
Dave Sandberg FSA, MAAA, CERA is Vice-President and Corporate Actuary at Allianz Life of North America in
Minneapolis, MN and is the current chair of the IAA's Insurance Regulation Committee. His principal areas of focus are
life insurance, retirement income solutions and enterprise risk management. He can be contacted at
dave.sandberg@allianzlife.com.
5
And, could it also be interactive and show different levels of resolution (e.g., like Google maps) and serve as a mass
collaboration tool to communicate and sense and respond to emerging risks?
1-10
1-11
IAA Risk Book
Chapter 2 - Actuarial Function
Stuart Wason
1. Executive Summary
The insurance community increasingly recognizes the importance of the actuarial function (AF) in
mitigating risk within insurers and insurance groups through its provision of risk oversight. This has
led to active dialogue among insurers, the actuarial profession, and supervisors concerning the
scope and responsibilities of the AF and its relationship to various statutory roles (e.g., Appointed
Actuary, Chief Actuary, Signing Actuary, and With Profits Actuary). The key messages from this
dialogue are of interest to boards, senior management, financial analysts, actuaries, and supervisors.
This dialogue has already led to enhanced risk management practices.
These key messages include:
1. Insurance supervisors are focusing on the oversight role of the AF as part of the second
of the traditional three lines of defence in effective risk management.
2. Actuaries are not restricted to providing the oversight of risk (i.e., second line of
defence), but are active in some or all of the three lines of defence within an insurer.
3. Independent risk oversight by the AF is important to boards, senior management, and
supervisors because of the unique actuarial perspective of the insurers risks. Effective
AF oversight can facilitate less intrusive supervision.
4. The AF is frequently expected to make material contributions to the risk management of
the insurer.
5. The AF must be organized and operate within an insurer and insurance group in a clear,
effective, and transparent manner. This benefits both internal management and interested
external stakeholders, such as the insurance supervisor.
6. Insurance supervisors develop and maintain confidence in the work of the AF through a
combination of:
a. Validation of the important aspects of the work of the AF;
b. Presence of strong professionalism as evidenced by codes of conduct, standards of
practice, and a disciplinary process; and
c. Presence of effective feedback loops between the supervisor, profession, standard-
setters, and the disciplinary process.
Other related chapters in this IAA Risk Book include Governance of Models, Professional Standards,
and Own Risk and Solvency Assessment (ORSA).
Within this chapter the word insurer is intended to include both reinsurers and insurers.
This paper has been produced and approved by the Insurance Regulation Committee of the IAA on
31 August 2015.
2. The Unique Role of the Actuary in Risk Oversight
Insurers require that they take on risk in a way that ensures both the payment of policyholder
benefits and the provision of a reasonable return to shareholders. In so doing, insurance satisfies an
important societal function in mitigating the financial consequences of adverse events. It also
contributes to overall financial stability, timely payments to bondholders, and employment in the
community. Due to their skills and education, actuaries have long played a unique role in managing
risks and helping to ensure the long-term sustainability of insurers. As a result, jurisdictions have
assigned various required roles to actuaries.
While actuaries work in many functional capacities within an insurer (e.g., marketing, product
design, enterprise risk management (ERM), pricing, underwriting, investments, reserving/valuation,
and financial reporting), their work typically entails both operational and oversight functions. The
actuarys work in providing oversight has been formally recognized through the standards of the
International Association of Insurance Supervisors (IAIS) that identify the AF as one of four major
insurer control functions.1
The IAIS standards leave the definition of the AF to its members. As a result, as described later in
this chapter, several jurisdictions have taken steps to define and assess the AF in their jurisdictions.
The recognition of the importance of the role of the AF in providing risk oversight within insurers
has led to active dialogue among insurers, the actuarial profession, and supervisors concerning the
scope and nature of the AF and its relationship to various statutory roles (e.g., Appointed Actuary,
Chief Actuary, Signing Actuary, and With Profits Actuary). The key messages from this dialogue
are of interest to boards, senior management, financial analysts, actuaries, and supervisors, and have
led to enhanced risk management practices (e.g., consistent development and use of key
assumptions in various processes such as pricing, valuation, and financial projections).
Regulatory recognition of the AF as a control function fits well with current risk management
literature, which describes three lines of defence of risk management in the following categories:
1. Functions that own, manage, and report on risks (e.g., operational management);
2. Functions (and processes) that oversee risks (e.g., AF, risk management, compliance, risk
committees, and sign-off requirements); and
3. Functions that provide independent assurance (e.g., internal and/or external audit).
Actuaries can actively contribute to each of these lines of defence.
With respect to the third line of defence, additional types of independent assurance external to the
insurer can be provided by the external auditors and various specialized experts/consultants retained
by the insurer (and sometimes by the supervisor) with regard to specific matters. Additional
external actuarial oversight can be provided by actuaries employed for that purpose by the external
auditor as well as by consulting actuaries retained to study specific matters.
1
IAIS ICP 8.2.1: As part of an effective system of risk management and internal controls, insurers have
control functions, including for risk management, compliance, actuarial matters and internal audit. Also,
ICP 8.5 states: The supervisor requires that there is an effective actuarial function capable of evaluating and providing
advice to the insurer regarding, at a minimum, technical provisions, premium and pricing activities, and compliance
with related statutory and regulatory requirements.
2-2
3. Scope of the AF
Actuaries have been involved in the operations of insurers in many different roles since the
beginning of the insurance industry. A partial list of these roles includes:
Valuation of insurance obligations (technical provisions);
Product design and marketing;
Product pricing;
Asset/liability management;
Participating (with profits) product management;
Risk mitigation (including reinsurance and hedging);
Investment management; and
Risk and capital management (including future financial condition reporting such as
ORSA).
The involvement of actuaries in each of these roles has evolved over time and varies by practice
area, jurisdiction, and company. For example, actuaries have been very involved in product design
for life and annuity products, although in recent years some of these products have become similar
to commodities subject to intense regulation, with marketing and sales units driving product design
in many cases. While actuaries have had a negligible role with regard to some general insurance
product management due to a perceived absence of the need for actuarial expertise in the
management of such products, this may be changing as general insurance business has become
much more technical in the last 20 years; as a result actuarial involvement has also increased
substantially. As a further example, actuarial expertise is frequently involved in investment and
asset/liability management within the life insurance and annuity businesses due to the presence of
significant and long-term interest rate guarantees and investment-related benefits within these
products. Since these types of guarantees and benefits tend not to be a feature of general insurance
products, there is less need for actuarial involvement.
In fulfilling these roles, actuaries, due to their skills and experience, are frequently involved at all
management levels within an insurerincluding, for example, as a CEO, chief risk officer (CRO),
CFO or chief actuary.
In carrying out their mandate of risk-based supervision, insurance supervisors have recognized the
importance of the work of actuaries. This recognition includes, but may be broader than, the work
of actuaries who carry out statutory defined roles (e.g., Chief Actuary, Appointed Actuary, Signing
Actuary, and With Profits Actuary) as defined by various jurisdictions.
As a result, insurance supervisors are focusing on the oversight role of the AF as part of the second
of the traditional three lines of defence. As footnoted previously concerning ICP 8.2.1, supervisors
explicitly recognize the importance of the AF as an insurer control function.
Supervisors in their jurisdictions may provide additional direction regarding the AF and its
assessment as part of the regimes supervisory framework. Two examples are:
1. EU Article 48 of the Solvency II Framework Directive states:
2-3
Insurance and reinsurance undertakings shall provide for an effective actuarial function
to:
a. coordinate the calculation of technical provisions;
b. ensure the appropriateness of the methodologies and underlying models used as well
as the assumptions made in the calculation of technical provisions;
c. assess the sufficiency and quality of the data used in the calculation of technical
provisions;
d. compare best estimates against experience;
e. inform the administrative, management or supervisory body of the reliability and
adequacy of the calculation of technical provisions;
f. oversee the calculation of technical provisions ...;
g. express an opinion on the overall underwriting policy;
h. express an opinion on the adequacy of reinsurance arrangements; and
i. contribute to the effective implementation of the risk-management system ..., in
particular with respect to the risk modelling underlying the calculation of the capital
requirements ... and to the [ORSA] assessment ...
2. In Canada, the AF is one of the control functions assessed within the Office of the
Superintendent of Financial Institutions (OSFIs) risk-based supervisory framework.
This assessment considers both the characteristics and the performance of the AF. While
the scope of the AF is not defined by OSFI, insurers demonstrating a narrower scope of
actuarial oversight would be determined to be less effective than other insurers with
similar size, scope, and complexity of risks that demonstrate a broader scope of their AF.
These examples illustrate similar, yet different, supervisory approaches to the AF. Other
jurisdictions have used various approaches to assessing the AF. Regardless of the specific
supervisory expectations in a jurisdiction, the AF is always recognized for its important control and
oversight role in insurers.
4. Setting Expectations for the Competencies of the AF

Given the variety of types of AF work (e.g., oversight and review of data quality, experience
studies, risk management, actuarial calculations, models, and methods), it is not surprising that IAIS
ICP 8 is not specific about the skills or experience that individuals within the AF should have,
although ICP guidance 8.5.5 states a robust actuarial function that is well positioned, resourced
and properly authorised and staffed is essential for the proper operation of the insurer.
In the EU, Article 48 of the Solvency II Framework Directive also states:
The actuarial function shall be carried out by persons who have knowledge of actuarial and
financial mathematics, commensurate with the nature, scale and complexity of the risks inherent in
the business of the insurance or reinsurance undertaking, and who are able to demonstrate their
relevant experience with applicable professional and other standards.
2-4
Although members of European actuarial associations are well qualified to carry out the AF for EU
supervised insurers, Article 48 does not rule out the possibility that others may also perform these
functions. At the present time, the Actuarial Association of Europe is drafting a model European
actuarial standard of practice to provide guidance to actuaries when issuing an Actuarial Function
Report (AFR) in connection with Article 48.
Similar to the EU, Canada does not indicate specific credentials for individuals conducting the AF.
Nonetheless, OSFIs expectation is that members of the Canadian Institute of Actuaries would carry
out the AF for insurers under its supervision. In the United States, actuaries who perform certain
functions e.g., asset adequacy testing or reserve adequacy attestationsmust meet certain
educational and experience requirements.
In summary, while the standards of the IAIS are not specific about the skills or experience that
individuals within the AF should have, jurisdictions have either specified them explicitly or have
specified that credentialed actuaries are expected to carry out the AF (however defined by local
authorities) in their jurisdiction. In addition, at least one actuarial association is drafting a model
standard of practice for actuaries issuing an AFR in compliance with local legislation.
5. Structural Considerations of the AF

Insurers generally organize their AF based on the nature, size, and complexity of their operations.
They may be centralized or decentralized and may or may not separate the actuarial and risk
functions. Regardless of the manner in which insurers organize themselves, it should always be
possible to identify the manner in which actuarial oversight is exercised locally (i.e., in a
decentralized model) and then brought together across the insurer or insurance group.
There is no single title used across insurers or within jurisdictions that uniquely identifies the
Actuarial Function Head (AFH). Identifying the head of actuarial oversight should be able to be
made from an understanding of the AF role rather than through the use of titles such as Chief
Actuary, Corporate Actuary, Senior Actuary and Appointed Actuary, which may be
assigned with different roles/mandates in mind from one insurer to the next. Insurers organize
themselves as they see fit. As previously noted, even the supervisory expectations of the AF can
differ across jurisdictions. To avoid titling confusion within this chapter, the terms AF and AFH
are used generally in the context of actuarial oversight, without connection to any specific titling
conventions used in the insurance industry.
For larger insurers (in terms of size and complexity), and especially for insurance groups, the
manner in which actuarial oversight is provided depends on the needs of underlying businesses as
well as organizational preferences toward centralized/decentralized structures. In highly
decentralized structures, significant actuarial oversight responsibilities will be assigned to staff local
to those business units or insurers. Regardless, the home supervisor for the insurer or the group-
wide supervisor, as applicable, seeks to assess the effectiveness of the oversight provided by the AF
across the insurer or insurance group. In the EU, for example, an individual must be designated as
the main contact for the AF. In Canada, the effectiveness of actuarial oversight for an insurer or
insurance group without a clear AFH would be rated as being less effective than a comparable
entity with an effective AFH.
It is important that the AF make a strong contribution to the risk management of an insurer. As a
result, some insurers may choose to align closely the work of the AF and the work of the CRO. In
2-5
some cases it may make sense for the AF to report to the CRO or even to combine these roles into
one position. Due to the seniority of the CRO role defined in this manner, reporting to the CEO, it
would be in a position to present a very capable challenge to the first line of defence.
On the other hand, boards and supervisors of larger insurers and insurance groups may prefer to
have both an AFH with sufficient gravitas to provide an actuarial view of the insurers risks as well
as an organizationally separate CRO. According to this view, the CRO would be responsible for
risk management for the insurer while the AFH is responsible for actuarial oversight; together they
represent an effective team that can challenge each others ideas and perspectives. This approach
can work well if both the CRO and AFH hold senior roles within the insurer (e.g., each reporting to
the CEO). The synergy between the AFH and CRO may be less effective if the AFH and CRO do
not have similar seniority in the organization.
In many insurers the actuary responsible for the technical provisions (i.e., perhaps a statutory role in
some jurisdictions with a title such as Appointed Actuary or Valuation Actuary) is the most suitable
candidate to be the AFH. In the event that this statutory role (e.g., Appointed Actuary) is positioned
lower down in the organization structure, such an individual may not have sufficient breadth of
perspective to enhance the work of the CRO or sufficient seniority to provide an effective challenge
to the CRO. In these cases, another person, higher in the organization and to whom the statutory
role reports, may be better positioned to provide effective actuarial oversight as the AFH (e.g., as
noted previously this may be the CRO).
In contrast, it may not be economically viable for smaller insurers to maintain staff dedicated solely
to the AF or to fully segregate the CRO and AFH duties. Indeed, staff performing the AF role may
also have operational responsibilities (although preferably not when this would constitute a conflict
of interest). A smaller insurer may be more likely to retain an external consulting actuary to carry
out specific duties such as to value or provide an independent assessment of the insurers policy
liabilities (i.e., technical provisions). The precise nature of external actuaries work and their
relationship with the insurer will determine if they, or a staff member of the insurer, are the key
providers of actuarial oversight to the insurer. Regardless of who provides it, the oversight and
control provided by the AF are essential for the prudent operation of each insurer.
In conclusion, although the AF within an insurer frequently includes actuaries who carry out
specified statutory roles (e.g., Appointed Actuary or Signing Actuary), identifying both the scope
and responsibilities of the AF and its head or lead person may not be straightforward or obvious
solely through examination of the insurers structure or titling conventions. While it is important for
insurers to structure their operationsincluding their AFs control functionaccording to their
needs and staff, it is also important that the manner in which the AF is organized and operates
within an insurer be clear, transparent, and effective for both internal, as well as interested external,
stakeholders such as the insurance supervisor.
6. Reliance on the Competency of the AF

The supervisor benefits from the work of the AF (and indeed other insurer control functions) when
the AF operates effectively as part of an insurers second line of defence. The insurance supervisor
must validate important aspects of the AFs work to enable the supervisor overseeing the company
or group to have sufficient confidence in the work product of the AF. AF effectiveness, including
2-6
the AFs material contributions to risk management, contributes to streamlining and minimizing the
overall supervisory burden on the insurer.
It is important to note that under normal circumstances the validation of the AFs work by the
supervisor does not need to duplicate the work of the AF (e.g., model/methodology selection, data
validation, recalculation, and assumption setting), nor is it to be performed solely through the
application of a checklist. Rather the supervisor seeks sufficient understanding of the AFs work
(e.g., key risks, assumptions, and methods) and processes to have confidence that they have been
completed in an appropriate and transparent manner in consideration of the risks involved. This in
fact is one of the key purposes of this Risk Bookthat is, to enable a supervisor to better understand
the key issues faced by actuaries, both technical and professional, and to identify newly emerging
issues.
Validation of the AF effectiveness by the supervisor seeks to confirm the reasonableness of the
estimates and judgements applied by the AF. To effectively carry out this assessment, the
supervisor must have both a formal and informal relationship with the AF and have access to
suitable actuarial resources of its own, either internal to or externally contracted by the supervisor.
7. Provision of Effective Actuarial Oversight

As noted earlier, the AF as a control function fits well with current risk management literature that
describes the second line of defence as a function that oversees risks (i.e., distinct from functions
that own and manage risksoperational management). In addition, ICP 8.1.19 states:
Subject to the nature, scale and complexity of the insurer, an effective internal controls system
typically includes [among other things] ...
Appropriate segregation of duties where necessary and controls to ensure such segregation is
observed. Appropriate segregation of duties means, among other things, having sufficient distance
between those accountable for a process or policy and those who check if for such process or policy
an appropriate control exists and is being applied. It also includes appropriate distance between
those who design a control or operate a control and those who check if such control is effective in
design and operation.
The elements of an effective internal controls system, such as the AF (i.e., part of second line of
defence; segregation of duties), are described collectively in this chapter by the term
independence. The wider dictionary implications of the term independence (i.e., part of a stand-
alone entity) are not intended to apply.
For larger, more complex financial institutions, fully independent oversight functions (e.g., risk
management, internal audit, actuarial, and compliance) may be appropriate. These functions can be
centralized or decentralized with a centralized oversight component. For all institutions it may be
more appropriate for a focus that optimizes functional independence over a focus on the structure
used. Whatever the size of the organization, the following questions need to be addressed:
1. Do the control function employees have clear performance objectives/incentives that link
to the management of risk rather than only to targets related to profit, revenues, and
volume?
2. Is their incentive compensation calculated independently of the results of the business
unit they oversee?
2-7
The judicious and thoughtful review of risk management information (e.g., ORSA) by the
supervisor will assist by means of structured feedback in the assessment, benchmarking, and
reporting of the quality of the insurers AF. Boards and managements should also do more than rely
on gut and instinct when assessing the effectiveness of the insurers risk management function.
Nonetheless, gut and instinct are useful, as they are reflective of the degree of experience and
judgement of those performing such assessment. It is preferable, however, to, in addition, quantify
these beliefs and hold periodic third-party reviews of the insurers oversight functions. This can
help boards and management (not to mention the supervisor) to benchmark the insurers risk
management practices and processes, as well as to address any gaps that exist. One source for such
reviews may be through the insurers external auditors, especially their actuarial team. Another
source may be consulting firms active in this area.
The AF should be clearly identifiable, with disclosure of any firms or individuals who provide
independent actuarial oversight. Given the importance of the work of actuaries to insurers, the risk
oversight by the AF should be as independent of management as practical. As mentioned above, the
organization of the AF may vary substantially from insurer to insurer, based on their circumstances.
The AFH need not be an individual in a statutory or designated actuarial role, although this is
frequently the case. It is important that individuals providing independent oversight should not be
conflicted by wearing a similar operational role. For example, it is difficult to independently design
the set of oversight and control procedures for a hedging program if the individual responsible for
this oversight is also responsible for the hedging programs design and operation.
Because actuaries already have experience and skills in and often play a key role in risk
management, many are also well suited to provide independent oversight of this area, in a manner
similar to what actuaries have developed and applied in other areas. The AF is frequently expected
to make material contributions to the risk management of the insurer. For example, this might
include contributions to the risk and capital modelling of the insurer as well as in relation to stress
and scenario testing undertaken for future financial condition analysis, such as for an ORSA or
other board-related needs.
Independent oversight by the AF is important to boards, senior management, and the supervisor, as
it provides additional comfort that the insurers controls are effective. This in turn can lead to
enhanced assessment by the supervisor of an insurers net risk (i.e., the combined risks of the
insurer net of the expected effects of applicable risk mitigation) and an appropriate adjustment of
the nature and intensity of the supervisory work concerning the insurer or group. If the supervisor is
comfortable that the insurer or groups own oversight and risk limit functions are robust and
transparent, supervisory oversight can be less intrusive. The opposite would be the case if internal
oversight functions are inadequate.
Stuart Wason, FSA, FCIA, MAAA, Hon FIA, CERA, is senior director, Office of the
Superintendent of Financial Institutions (OSFI). He is located in Toronto, Canada. His principal
areas of expertise include life insurance and enterprise risk management. He can be contacted at
stuart.wason@osfi-bsif.gc.ca.
2-8
IAA Risk Book
Chapter 3 - Professional Standards
Godfrey Perrott
Codes of professional conduct (codes) and professional standards of qualification and practice
(standards) provide the context in which sound actuarial practice addresses the needs of those who
rely on the profession. The codes of actuarial organizations provide the framework within which
standards and ethical behaviour of their members may be addressed. Codes are binding on member
actuaries of most actuarial associations wherever they practice, as the scope of such codes and their
application is generally international in nature.
2. Key Messages
1. Actuarial standards serve to assure the public that actuaries are professionally
accountable. This gives the users of actuarial work confidence that the work has been
performed appropriately. At the same time, standards provide practicing actuaries with a
basis for assuring their work will conform to appropriate practice.
2. Actuarial standards (including those applicable to the assessment of risk and solvency of
insurance companies and pension plans) can be of significant value to regulators.
3. Full Member associations (FMAs) of the International Actuarial Association (IAA) must
have codes that contain a common core of general principles. One such principle is that
their members comply with applicable actuarial standards.
4. Actuarial standards and regulations complement each other. Actuarial standards guide
actuarial work. They are usually principle-based, rather than prescriptive, and permit
departures from the standards guidance if they can be justified. Regulations, on the other
hand, are usually prescriptive and mandatory.
5. Actuarial standards are adopted to apply to actuaries practicing in a particular jurisdiction
by whatever authority(ies) in that jurisdiction is (are) entitled to enact standards.
6. The scope of actuarial standards includes the process of setting assumptions, selecting
methodologies, and disclosing the purpose for which the calculations were made, who set
the assumptions, the actuarys opinion on their suitability, and the uncertainty associated
with the actuarys estimates.
3. Background
Qualification standards are the requirements that actuaries need to satisfy to be considered by the
profession to be qualified to perform the work in question (and in some jurisdictions to describe
themselves as an actuary). These usually include initial educational requirements required to obtain
sufficient knowledge to practice (broadly or in a particular practice area), continuing professional
development (CPD) requirements, and experience requirements. In some jurisdictions qualification
23 July 2015.
standards may have additional requirements for specific actuarial services such as practicing
certificates or heightened CPD requirements.
Actuarial standards of practice address how actuarial work should be performed, and usually apply
to the individual actuaries doing the work (in contrast to accounting standards, for example, which
apply to the entity that is reporting its financial results). These standards usually apply to specific
types of actuarial work, although some apply to all actuarial work.
Both types of standards are generally promulgated by a local standard-setter (often, but not always,
the local actuarial association). The applicable regulator in a jurisdiction can require such standards
to be followed in that jurisdiction.
This requirement (to comply with codes and standards) is supported in each FMA by a discipline
process that can admonish, reprimand, suspend, or even expel a member found (after appropriate
due process) to have materially violated applicable codes or standards.
The IAA Professionalism Committee addresses these topics in its paper The Principles of
Professionalism. 1 It includes a comprehensive overview of:
1. The accountability of individual actuaries to their actuarial association (or other
professional oversight body);
2. The educational requirements to become a qualified actuary and the continuing education
requirements to maintain that qualification (qualification standards); and
3. Codes of conduct (which also refer to standards of qualification, practice, and
disciplinary processes).
Material addressing professionalism aspects of cross-border actuarial services can be found in the
IAA paper Principles in Relation to the Governance of International Actuarial Work.2
4. Benefits of Actuarial Standards

A summary of the role and benefits of well-developed and well-managed standards of practice has
been described by one standard-setter as follows3:
1. Standards of practice serve to assure the public that actuaries are professionally
accountable. At the same time, standards provide practicing actuaries with a basis for
assuring that their work will conform to appropriate practices. Standards protect the
public by:
a. Indicating for various areas of actuarial practice the appropriate procedures,
techniques, and approaches, thereby enhancing the public's trust in the credibility
and completeness of the actuarial work product.
b. Providing a means by which the many separate elements that make up actuarial
practice can be reviewed and updated on a regular basis, so that practice remains
current.
1
IAA: The Principles of Professionalism, approved 23 January 2012, IAA website:
www.actuaries.org/ABOUT/Documents/Principles_of_Professsionalism_EN.pdf, referenced 26 November 2014.
2
Final draft as of August 2014:
www.actuaries.org/CTTEES_PROFESS/Documents/PROFESS_London_Item5a_InternationalGovernanceofActuarial
WorkECVersionAugust2014.pdf, referenced 17 February 2015.
3
US Actuarial Standards Board website: www.actuarialstandardsboard.org/aboutasb.asp, referenced 13 June 2014.
3-2
c. Furnishing criteria for evaluating actuarial work products.
d. Providing a basis for discipline in those instances in which standards are not adhered
to.
2. For individual actuaries, standards confer major benefits as well, by:
a. Providing guidance, particularly in practice areas that may be somewhat unfamiliar.
b. Giving strong evidence to any interested observer that the profession serves the
public in an effective and responsible way.
c. Offering evidence of appropriate professional performance, which constitutes a
defense in any civil or professional disciplinary action.
3. Standards of practice also serve to further assure regulatory authorities that they can
depend on the actuarial profession to act effectively in the public interest. Written
standards of practice, coupled with written provisions for disciplining members, show
that a profession governs itself and takes an active interest in protecting the public.
The existence of effective standards enables a profession to describe appropriate practice, thereby
narrowing the range of acceptable practice and discouraging poor practice. This is achieved both by
establishing expectations of professional practice and behaviour and through the threat of
professional sanctions. This gives the users of actuarial work confidence that the work has been
performed appropriately.
Standard-setters promulgate practice standards to codify appropriate practice. They do not attempt
to codify generally accepted practice, as such practice may become outdated or no longer be
appropriate. Occasionally a standard may be promulgated for a new area of practice or to comply
with new regulation, where no accepted practice has been established.
Actuarial standards also provide support for actuaries doing appropriate work who are challenged
by their principal with respect to their work.
5. Standard-Setters and Regulators

Many standard-setters maintain a feedback loop with relevant local regulators (among other
feedback loops). Periodic meetings allow regulators to bring issues or concerns that they have
observed in their review of practice to the standard-setters. Periodic review of existing standards by
practitioners also provides a feedback loop for working actuaries to comment on how the standards
may be improved if modified, supplemented, amended, or repealed.
Standards of practice and regulations complement each other. Standards of practice guide actuarial
work. They are usually principle-based, rather than prescriptive. In some jurisdictions standards use
the verb must, meaning their guidance has to be followed in all circumstances. Much more often
standards do not use the verb must. Instead, they state what the actuary should consider, do, and
disclose when performing a particular type of assignment. This accommodates unforeseen
situations, not contemplated in the standards, in which application of the standard would produce an
inappropriate result. In such situations, it would be unprofessional to apply the standard. However,
any such departure from the guidance of a standard should be identified and explained.
Regulations, on the other hand, are usually prescriptive and mandatory. In the event of a conflict
between standards and applicable law (including regulations), the law would govern.
3-3
6. IAA Model Standards
There are currently two categories of standardsmodel standards, and local standards applicable to
the jurisdiction where the actuarial services are rendered. The IAA promulgates model standards
that are not binding but can be used in several ways4:
1. An individual actuary may state compliance with one or more International Standards of
Actuarial Practice (ISAPs) in his/her report (either of the actuarys volition, or because
the client requires it), in which case the actuary is bound by those ISAPs.
2. A local standard-setter may create a new local standard by adopting an ISAP making
only the changes specified in the drafting instructions within the ISAP.
3. A local standard-setter may base a new local standard on an ISAP by making more
extensive changes.
4. A local standard-setter may revise its existing standards to be substantially consistent
with an ISAP.
5. A local standard-setter may conclude that one or more of its existing standards are
substantially consistent with an ISAP.
The development of ISAPs as models is a contribution that the IAA is uniquely positioned to make
to stakeholders in the financial services sector worldwide. The strategic objectives of the IAA
include objectives to [e]stablish, maintain and promote common standards of actuarial education
and common principles of professional conduct. Promote the development and issuance of actuarial
standards in the jurisdictions of all Full Member Associations, and the global convergence of
actuarial standards. The status of the development of ISAPs at this time can be found at
www.actuaries.org/index.cfm?lang=EN&DSP=PUBLICATIONS&ACT=STANDARDS_ISAP.
Local actuarial standards are promulgated by a local standard-setter, which is often, but not always,
an actuarial organization. Examples where this is not the case are the standard-setters in Canada and
the United Kingdom (for technical standards), which are independent of the local actuarial
organization(s). Local standards under most codes are binding on any credentialed actuary
performing actuarial services in the standard-setters jurisdiction. They may or may not be derived
from ISAPs. (Many developed countries, such as the United States, have standards that predate the
ISAPs.)
7. Content of Standards
Actuarial standards cover actuarial work such as the process of setting assumptions, selecting
methodologies, and making disclosures. These disclosures include the purpose for which the
calculations were made, who set the assumptions, the actuarys opinion on their suitability, and the
uncertainty associated with the actuarys estimates.
Although historically most actuarial standards of practice focused on the calculations actuaries
make or the principles to be followed in making those calculations, they are increasingly focused on
processes used by actuaries. Some examples of this process orientation are standards relating to
enterprise risk management (ERM) in the United States, and parts of the European Standard of
Actuarial Practice 2 Actuarial Function Report under Solvency II (a working draft as of June 2015)
4
Even if a local standard-setter does not follow any of these actions, it may still benefit from the IAA model standard in
the development and maintenance of its own standards.
3-4
in Europe. The US ERM standards in particular address the appropriate processes and
considerations needed to evaluate an ERM approach, rather than to produce a number. This is
consistent with the recent focus of banking, insurance, and pension regulators on governance
structures and processes.
Actuarial standards that are binding on actuaries within the applicable jurisdiction are different from
educational or research material that may be published by an actuarial organization. Such material
is educational in nature; an actuary may use it or not, as the actuary deems appropriate. This fact is
often stated prominently. Examples of this type of material include International Actuarial Notes
(IANs) published by the IAA, monographs, and research papers.
8. Enforcement of Standards
As stated in the beginning of this chapter, codes and standards are part of the professional context to
ensure that sound actuarial practice addresses the needs of the public at large. This context also
needs to include a formal discipline process to ensure that conduct follows the principles laid out in
codes and complies with standards. The IAA has therefore established a set of criteria that a
discipline process must satisfy as one of the accreditation requirements for FMAs. These criteria
are:
1. A complaint process is accessible to anyone affected by an actuarys work and the
actuarys professional peers.
2. Due process of defense is available to the actuary complained against, so that the
actuarys rights are fully respected.
3. There is an objective formal appeal process independent of the body that has ruled at the
prior level.
4. There are available sanctions appropriate to the seriousness of the violations committed,
including termination of membership in the association.
5. Appropriate notice and information are given to the public of the results of the complaint
process where any penalty is imposed.
The IAA paper Professionalism Committee Paper on Considerations in the Design of a Discipline
Process5 provides information on the items to be addressed when instituting a formal discipline
process.
One way the regulator can verify that standards have been followed is to require a review of an
actuarys work by another qualified actuary. This should be an actuary who is qualified to provide
the type of work that he or she is reviewing. This normally is an actuary who has not been involved
in the work in question. It can be an independent actuary who does not work for the company or
group.
5
IAA: Professionalism Committee Paper on Considerations in the Design of a Discipline Process approved July
2008, IAA website:
www.actuaries.org/CTTEES_ACCRED/Documents/Considerations_Design_Discipline_Process_EN.pdf, referenced 26
November 2014.
3-5
9. Conclusion
Actuarial standards of practice benefit regulators, users of actuarial work, and practicing actuaries
as each group carries out their different roles. Actuarial standards support the production of a
professional, appropriate work product on which regulators and users may rely with confidence.
Godfrey Perrott, FSA, MAAA, is retired. He was a principal at Milliman in its Boston, London, and
Philadelphia offices. His primary area of practice is life insurance financial reporting, and he can be
reached at godfrey@perrotts.com.
3-6
IAA Risk Book
Chapter 4 - Operational Risk
Peter Boller
Caroline Grgoire
Toshihiro Kawano
Current categories for key risk factors for insurers are insurance risk (e.g., underwriting,
catastrophe, and reserve risk), market risk, and credit risk. Operational risk is also an important
risk for insurers and should be addressed via a multi-pillar supervisory framework.
Key messages of this chapter include:
1. The quality and maturity of the risk management process are key indicators that can
impact potential losses arising from operational risk events.
2. Operational risk is closely linked to the risk culture of an insurer; as such, qualitative
issues (such as strength of governance processes and oversight functions) play a large
role in the management of operational risk.
3. The reliability of any operational risk modelling exercise is strictly connected with the
actual quality of the overall data (internal or external data), which is generally an
unknown. As a result, the appropriate model calibration in the data-poor environment
of operational risk is one of the most significant and persistent challenges for insurers.
Without sufficient data, models to quantify operational risk cannot be calibrated
adequately.1
4. Typically a capital charge or other mitigation method acts to reduce risk exposure, but
adding an operational risk charge based on past losses (or the lack thereof) can be pro-
cyclical.
5. Operational risk events for high-frequency/low-severity events can be captured and
modelled, but tail events that are low frequency/high severity are where a qualitative
scaling assessment can be most effective.
6. A credible assessment approach that is free from moral hazard is needed to evaluate
the effectiveness of management in addressing operational risk exposures of both low-
and high-severity events. It is true that quantitative methods for modelling operational
risk for insurers are being developed and the literature supporting such methods is
1 Canadian Institute of Actuaries (CIA) Research Paper on Operational Risk, November 2014.
on 15 September 2015
being published at a greater rate than in the past.2 However, to have an effective and
consistent operational risk regime, the assessment for operational risk should take into
account, via a relativistic approach that is qualitative in nature, the rigor around risk
management processes for such risk.
2. Introduction
In line with current regulatory interests, the focus of this chapter is on the importance of
qualitative assessments to identify and estimate exposure to operational risk. It must be
emphasized that of all the risks faced by insurers, operational risk is most likely the one risk that
has the strongest qualitative aspects and where choosing a predominantly quantitative approach
could fail to describe and assess the risk appropriately.
In international discussions on Basel II, academics and regulators have been critical of
approaches to quantify operational risk capital for banking institutions that are based on expert
scenarios and the probabilistic use of a tail value at risk (TVaR)-based measurement.
Nevertheless, a granular focus on operational risk is increasingly evident in organizations. While
some insurers are directing considerable efforts at quantifying operational risk, others are
focusing primarily on the qualitative aspects of operational risk (e.g., looking into the processes
that can lead to operational risk events).
Operational risk is closely linked to the risk culture of an insurer; thus, any attempt to quantify
operational risk should be conducted in a very conscientious manner, making the limitations of
the modelling approach transparent to the stakeholders. The focus for quantification should not
be limited to the calculated results (i.e., the required capital) but also directed to:
The processes and methodology followed to determine the required capital;
The relevance and quality of the data used for modelling;
The frequency with which the assumptions need updating; and
The reliability of the derived value.
In addition, a quantitative approach to measuring operational risk should take into account the
specific risk management processes directed at mitigating operational risks.
A further challenge with quantifying operational risk is related to the extensive use of expert
judgment. In light of the challenges related to data, many organizations incorporate the use of
experts to supplement historical operational risk loss events. Where used, expert judgment
should be robustly applied, well documented, and supported by data wherever possible. One of
2 CIA Research Paper on Operational Risk, November 2014.
4-2
the challenges cited in the literature is the absence of methods for combining expert opinion with
relevant internal and external data.3
Stakeholders must recognize the significantly greater uncertainty in modelled results of required
capital for operational risk vs. other types of risk that have much longer histories of sufficient
and reliable data (e.g., mortality risk for life insurers and catastrophe risk for general insurers). It
should also be noted that, because of changes in management practices, data with respect to
operational risks would potentially always be out of date.
Furthermore, an overly broad interpretation of operational risk could be problematic for events
that have aspects of operational risk and are already included in the capital requirements
associated with other risk types (e.g., credit, market, or insurance risk). For general insurers, an
example of potential double counting of risk could arise with insurance risks that may include an
element of claim fraud (detected or undetected), since fraud may be embedded in the claim ratios
used to quantify underwriting risk and/or the historical claims development patterns that are used
to quantify reserve risk. Operational risk solvency capital requirements generally focus on low-
frequency/high-severity claim fraud events. It is important, nevertheless, to recognize that a
certain amount of double counting may exist, reflecting a conservative approach to the overall
quantification of capital requirements. The focus would be directed at adequate management
actions to reduce the exposure to these types of boundary risk events. An important factor in
quantifying a capital charge associated with operational risk is to avoid double counting with
other risk categories.
I. Definition
The definition of operational risk adopted by most insurance regulators is based on the
definition originally set out for the regulation of international banks. Section V.A.644 of
Basel II defines operational risk:
Operational risk is defined as the risk of loss resulting from inadequate or failed
internal processes, people and systems or from external events. This definition
includes legal risk, but excludes strategic and reputational risk.4
Legal risk is also defined within Basel II:
Legal risk includes, but is not limited to, exposure to fines, penalties, or punitive
damages resulting from supervisory actions, as well as private settlements.5
4 Basel Committee on Banking Supervision, International Convergence of Capital Measurement and Capital
StandardsA Revised ApproachComprehensive Version, Bank for International Settlements, June 2006:
s.644: https://www.bis.org/publ/bcbs128.pdf.
5 Ibid. Legal risk can be further described as Legal risk is the risk of loss resulting from exposure to 1) non-
compliance with regulatory and/or statutory responsibilities and/or 2) adverse interpretation of and/or
enforceability of contractual provisions. This includes the exposure to new laws as well as changes in
4-3
An important recent effort for insurers to expand the definition has been suggested in a
white paper from the CRO Forum6 that does not limit the definition of operational risk to
losses only but also looks at other adverse consequences such as negative publicity and
censure from supervisory agencies.7 The objective is to ensure consideration of effects
such as reputational risk so that appropriate operational risk management actions can be
assessed.
II. Importance of Risk Culture
It is critical to recognize that a mechanical use of quantitative methods to determine
required capital for operational risk should be avoided as the qualitative components that
play a large role in the management of operational risks are often not fully captured by the
methods. A weak risk culture has been the source of operational risk events leading to
substantial financial losses within the insurance industry in the past. Examples include:
poorly designed incentive systems, unclear direction from senior management (or
messages that bad news is not welcome), and lack of accountability. Even if some
elements of risk culture can be assessed through quantitative approaches, there will always
be some elements of a rather informal nature that are not assessable.
In this context, stakeholders should be cognizant of the insurers risk culture as well as of
the limitations of the selected methodology used to quantify operational risk.
3. Operational and Other Risks

I. Current Research/Findings
Key risk factors for insurers are insurance risk (i.e., underwriting, catastrophe, and reserve
risk), market risk, and credit risk. Operational risk is also an important risk for insurers that
should be addressed in a multi-pillar supervisory framework. In selecting a method to
quantify operational risk, it is critical to carefully consider the definition of operational risk
and any potential overlap with other risk categories. Many operational risks may already be
considered implicitly as part of other risk types. It is essential that boundary conditions be
clearly articulated so that risks are neither double counted nor overlooked. This topic is
addressed in a presentation document titled Operational Risk Management prepared by
Van den Heever and Slawski for the Actuarial Society of South Africas 2011 Convention.
They state: A detailed taxonomy is required to obtain approximately consistent
interpretations of existing law(s) by appropriate authorities and exceeding authority as contained in the
contract. The source of this description is ORX Association, Operational Risk Reporting Standards
(ORRS)Edition 2011, Revised 12 July 2012: s.3.1.2.
6 CRO Forum, Operational Risk (Principles of Operational Risk Management and Measurement), September 2014,
p. 4.
7 Ibid. p.4, A1. Definitions Practice 1 : Adopt a broad scope for the management of operational risk.
4-4
interpretations of risk event types and to ensure complete risk universe assessments.8
They note that operational risks arising from shared services are often double counted,
leading to duplication of risk management and capital. Another frequently cited example of
potential double counting is the treatment of outsourcing risks.
Operational risk for insurers has been the subject of numerous papers and discussions. Two
of the most recent and comprehensive papers are from the CIA and Milliman.
The CIA research paper is focused on:
Definitions of operational risk terminology;
Categorization of operational risk;
Identification and description of quantification methods; and
Details of existing regulatory requirements related to operational risk.
The CIA comments that a review of the published literature on operational risk reveals a
distinction between models that are used for (a) quantifying operational risk and
calculating economic or regulatory capital and (b) managing operational risk. Such a
differentiation can present challenges as those models used to quantify operational risk can
also be used for management and vice versa. The CIA research paper focuses on models
used to quantify operational risk rather than models used to manage operational risk.
Millimans paper, Operational Risk Modelling Framework,9 summarizes the current
quantitative approaches and compares them to processes used by industries outside the
financial sector. Recently, the CRO Forum published a white paper on principles of
operational risk management and measurement,10 which takes into account both
qualitative and quantitative aspects of operational risk.
II. A Point of Reference: Operational Risk in Other Sectors
Within the financial sector, the concept of operational risk has primarily emerged from the
banking industry and initially was defined by exclusionnamely all risks other than
market or credit. The Basel Committee on Banking Supervision (the Basel Committee)
introduced a capital requirement under Basel II for operational risk for banking institutions,
specifically laid out in the Revised Framework.
Under the Basel II regime, the (minimum) capital requirements of Pillar I are calculated
separately for credit, market, and operational risk. It allowed the use of three different
8 R. van den Heever and J. Slawski, Operational Risk Management, presented at the 2011 Convention of the
Actuarial Society of South Africa, 89 November 2011.
www.actuarialsociety.org.za/Portals/2/Documents/Convention-OperationalRiskManagement-RH-JS-2011.pdf.
9 Milliman, Operational Risk Modelling Framework, February 2013.
10 CRO Forum, Principles of Operational Risk Management and Measurement, September 2014.
4-5
methods for the determination of operational risk capitalnamely the basic indicator
approach (BIA), the standardized approach (SA), and the advanced measurement approach
(AMA), where increasing sophistication of the approach goes hand in hand with higher
risk sensitivity. In general, the operational risk charge is a function (i.e., a proportion) of a
banks gross income; the underlying assumption is that risk corresponds to size as
measured by income.
The Basel Committee recently conducted a review of the principles for sound management
of operational risk that were first published in June 2011.11 The review recommended that
banks should:
Improve the implementation of each of the operational risk identification and
assessment tools;
Enhance the implementation of change management programs;
Improve board and senior management oversight; and
Strengthen the implementation of the three lines of defense, especially by refining
the assignment of roles and responsibilities.
For quantification purposes, the Basel Committee has moved to two approaches: the SA
and AMA.12 Operational risk management now focuses on every process and risk within
an organization and is more detailed than one overall estimate for the entire company that
was previously based solely on overall revenues. The review also mentions that methods
for identifying and managing operational risk should be seen as complementary to the
calculation of operational risk capital requirements, rather than as a consequence of that
activity.
While different industries tend to adopt slightly revised definitions of operational risk,13
the essence of the various definitions is quite similarfailed systems, people, processes
whether internal or external.
11 Basel Committee on Banking Supervision, Review of the Principles for the Sound Management of Operational
Risk, 6 October 2014.
12 Basel Committee on Banking Supervision, Operational RiskRevisions to the Simpler Approaches, Consultative
Document, October 2014.
13 In the United States, the Federal Reserve defines operational risk as: the potential that inadequate information
systems, operational problems, breaches in internal controls, fraud or unforeseen catastrophes will result in
unexpected losses ( Board of Governors of the Federal Reserve System, Federal Reserve Guidelines for
Rating Risk Management at State Member Banks and Bank Holding Companies, SR 95-51 (SUP) 14
November 1995). And, in the Milliman paper, the following definition of operational risk is offered: Risk of
loss resulting from inadequate or failed productive inputs used in an operational activity (Milliman (2013), p.
7).
4-6
When comparing operational risks across different sectors of the financial industry to one
another, care must be taken to pay attention to the different nature of the business. In a
bank, millions of transactions can be processed each day. These are typically time-critical
(e.g., money transfers and payments); and a major, persistent malfunction of such
processes would have severe consequences for the bank concerned as well as other banks
involved in the transactionsand possibly, through a ripple effect in a worst-case
situation, for the entire financial system. Also, fraud (in particular in the form of rogue
trading) has been an important phenomenon in the banking and trading industry as well as
in the insurance industry, albeit of a different nature.
Felice and Hall of the National Association of Insurance Commissioners (United States)
state that the definition of operational risk used for banks by the Basel Committee is
inappropriate for insurers due to the differences between the business models for banking
and insurance. They believe the characteristics and sources of operational risk differ:
Banks are in the borrowing and lending business, while insurers act as risk-takers and
managers of insurable risks. Banking/investment banking is a transactional business,
supported by short-term funding in the capital markets, whereas insurers business is not
transactional. Insurers cover risk exposures through reinsurance.14
There are countless papers on the topic of operational risk management and measurement
directed at banks. These papers provide detailed theoretical presentations of various
methods used to quantify operational risk. They also present the results of comprehensive
case studies, some based on the historical experience of individual banks and others based
on aggregated data for multiple institutions. Finding up-to-date literature specifically
applicable to the quantification of operational risk for insurers, however, is a challenge.
While there are papers directed at insurers, they are far fewer than those directed at banks.
Furthermore, some of the papers for insurers are now dated given the continued
advancements in economic capital modelling, Solvency II, and the activities of the
International Association of Insurance Supervisors (IAIS).
Given the greater volume of data available for modelling operational risk events for banks,
there are naturally different modelling approaches for banks compared to insurers and
consequently different capital requirements.
The following table provides examples of different modelling approaches for operational
risk that would be warranted in varied industries, differentiating events by frequency and
severity.
14
CIA Research Paper on Operational Risk, November 2014. P.15.
4-7
Examples of Operational Risk Events
Insurance Banking Mining Energy
Low Claims processing, ATM failures Transport Meter reading

severity/high data errors, service errors
frequency periodic/installment interruption
premium collection
Medium Fraud, regulatory Online security Environmental Environmental

severity/medium compliance failure breach, fraud, contamination contamination
frequency regulatory
compliance
failure
High Mis-selling, Rogue trader Mine collapse Oil spill, gas

severity/low mispricing plant fire
frequency
Source: Milliman (2013), p. 13 with modifications by author

III. Common Factors and General Approach to Operational RiskSummary of
Current Research
Given that all definitions of operational risk are directed at financial losses that stem from
failed people, processes, and systems, as well as from external events that adversely affect
the organization, one can identify the following aspects that are common to all industries:
1. The business model drives the relative importance of people, processes, and
systems and their influence on operational risk events.
2. Since tail events are often nonlinear and have interdependencies, mean and
variance techniques tend to be very unstable. A useful way to address these
constraints is to specify the following three major categories of inputs and
outcomes:
Inputs -
a. Land, labor, and capital;
b. Processes used, regulations, legal and political events/environment, and
technology; and
c. Risk culture.
4-8
Outcomes -
a. High frequency/low severity;
b. Medium frequency/medium severity; and
c. Low frequency/high severity.
3. The need to blend qualitative and quantitative assessments.
4. The need to link operational risk outcomes to the drivers that created them and to
consider the related time horizon for both causation and resolution.
Thus, to address operational risk, the following items need to be considered:
Clarify how the operational risk outcomes are related to the specific people, processes,
systems, and external events that produce them.
Distinguish if the primary goal is to manage operational risk or to quantify the risk
with a goal to translate the quantification into a capital charge.15 Then later evaluate which
tools are necessary to manage or assess operational risk incorporating both quantitative and
qualitative considerations.
Because high-severity event factors tend not to be stable over time, simple factors are often
unreliable, resulting in an operational risk capital that may be insufficient or excessive in
relationship to the financial impact of the operational risk event.
The management and governance of behaviours need to be a primary focus to
reduce/mitigate the consequences of operational risk events.
There are evolving techniques for measurement of operational risk, but it is often a
difficult task to determine an appropriate level of operational risk capital for insurers.
Because insurance events are financially driven processes, operational risk may best be
addressed (in some circumstances) through the tools already in place for mis-selling,
pricing, or reserving. The CRO Forum stated16 that the measurement of operational risk is
not about finding the exact truth; it is about finding a reasonable numerical assessment
with the aim to support the quality of (risk) management decisions.
4. Prerequisites for the Quantification of Operational Risk

In Quantifying Regulatory Capital for Operational Risk, Embrechts et al. state: The accuracy
in predicting future loss values depends on the volume and quality of the observed historical
15 Historically, the quantification of a risk has been essential to being able to trade it in an open market.
Operational risk seems to be not tradable in the open market.
16 CRO Forum, Principles of Operational Risk Management and Measurement, September 2014, p. 3.
4-9
data.17 The reliability of any operational risk modelling exercise is strictly connected with the
actual quality of the overall data (internal or external data), which is generally an unknown. As a
result, the appropriate model calibration in the data-poor environment of operational risk is one
of the most significant and persistent challenges for insurers. Without sufficient data, models to
quantify operational risk cannot be calibrated adequately.
I. Data Sources
Data sources can be internal or external to the insurer.
Basel II requires banks to use a minimum of five years of internal loss data when using the
AMA.18 Internal data represent the actual operational risk losses incurred by the financial
institution and can be used for the primary quantification methods used to determine
required capital for operational risk. One of the reasons that internal loss data are often
used as a foundation for the AMA is that internal data are considered to be the most
objective risk indicator currently available reflecting the unique risk profile of the specific
financial institution.19 The challenges in securing sufficient internal data and the need to
evaluate the exposure to potentially severe tail events are among the reasons why Basel II
requires banks to supplement their own data with further sources (including both external
data and scenario analysis) to determine their operational risk capital charge.
External data refer to operational risk losses that have occurred in other organizations.
External data may be obtained from a third-party vendor or from a data consortium such as
ORIC for insurers or ORX for banks. Aue and Kalkbrener explain that external loss data
can be used to supplement an internal loss data set, to modify parameters derived from the
internal loss data, and to improve the quality and credibility of scenarios. External data can
also be used to validate the results obtained from internal data or for benchmarking.20
However, it is not necessarily clear whether operational risk data from one company (e.g.,
an insurer) is relevant for the business of another company (whether another insurer or a
reinsurer).
Lastly, beyond pure quantitative data (e.g., costs, frequency), the capturing and
understanding of qualitative information are critical. Qualitative information describes the
causal drivers of operational risk and interdependencies with other risks and circumstances.
This is a particularly crucial aspect for insurers.
17 P. Embrechts, H. Furrer, and R. Kaufmann, Quantifying Regulatory Capital for Operational Risk, research
supported by Credit Suisse Group, Swiss Re and UBS AG through RiskLab, Switzerland, 2003: 4:
www.math.ethz.ch/~embrecht/ftp/OPRiskWeb.pdf.
18 When first moving from the BIA or SA to the AMA, a bank is allowed to use three years of internal loss data.
19 F. Aue and M. Kalkbrener, LDA at Work, Deutsche Bank AG, February 2007: 8:
kalkbrener.at/Selected_publications_files/AueKalkbrener06.pdf.
20 Ibid.: 11.
4-10
II. Data Quality
One of the greatest impediments to modelling operational risk is the lack of a sufficient
volume of high-quality, accurate databoth internal and external data. There are numerous
factors contributing to the challenges with data. First, for some insurers, historical
operational risk loss data have only been recorded and aggregated for a relatively short
period of time. Historically, data on losses arising from events that are categorized as
operational risk loss events were not required. Furthermore, the costs of collecting such
data were deemed to outweigh the benefits. In LDA at Work, Aue and Kalkbrener
discuss two inherent weaknesses of internal loss data when used as a foundation for
operational risk exposure measurement:
Loss data is a backward-looking measure, which means that it will not capture
changes to the risk and control environment.
Loss data is not available in sufficient quantities in any financial institution to
permit a reasonable assessment of exposure, particularly in terms of assessing the
risk of extreme losses.21
Data on operational risk need to be comprehensive. For this purpose, a framework needs to
be set up and applied as data are recorded and gathered. Data standards need to be
homogeneous and uniform over time and across sources of operational risk (e.g., what
constitutes a loss, how a loss figure is derived), consistent over time, and complete (e.g.,
which loss elements are included and which are excluded).
One key aspect to be considered is the issue of potential double counting; losses should not
be registered more than once.
III. Data Relevance
For an appropriate assessment of operational risk, the data and information used need to be
relevant for the business of the insurer. As insurers differ based on domicile, size, lines of
business written, organizational structure, etc., the losses arising from operational risk
events at one insurer may have little relevance for another insurer. While internal data may
be considered to be the most appropriate (but also likely most scarce), external data will
only be valuable to the extent it is relevant for the business and the processes of the insurer
concerned.
The Milliman white paper states In general, operational risks are characterized by
underlying drivers, which tend to adapt and change over time. This makes it problematic to
use a classical statistical approach, as data can rapidly cease to relate to the risk.22
21 F. Aue and M. Kalkbrener, LDA at Work, Deutsche Bank AG, February 2007: 8:
22 N. Cantle, D. Clark, J. Kent, and H. Verheugen, A Brief Overview of Current Approaches to Operational Risk
under Solvency II, Milliman white paper, July 2012: 2: http://uk.milliman.com/uploadedFiles/insight/life-
4-11
Changes in processes may reduce or even eliminate the possibility that particular past
losses would occur in the future, or that losses that happened in the past would recur in the
future but with a significantly different severity.
While some insurers lack a sufficient volume of operational risk loss data, others face
challenges with the inconsistency in the collection of operational risk loss data. Because
operational risk spreads over different activities of an insurer, any loss analysis would be
exposed to the potential for inconsistencies in the identification, categorization, and
reporting of losses. Inconsistencies may exist from department to department or business
line to business line within an insurer as well as from one insurer to another.
Inconsistencies present challenges when the internal data are aggregated within an insurer
or when internal data are combined with external data. Such inconsistencies could
influence the statistical analysis of operational risk losses, particularly given the limited
volume of data possessed by most insurers.
The basic question remains whether the data should be used to monitor and improve the
control system that limits this risk or to quantify a capital requirement. Doing the former is
inconsistent with the latter, as any data uncovering a material risk generally leads to actions
that make the data unusable for quantifying the future risk.
5. Assessment of Operational Risk

A comprehensive assessment of operational risk requires an amalgamation of a qualitative and a
quantitative approach. While the qualitative aspect addresses primarily the manage part of
dealing with operational risk, the quantitative aspect addresses the financial consequences, or
measurement part of operational risk. Depending on the characteristic of the operational risk
(i.e., human, process, system, and external events), insurers may apply significantly different
weights to the quantitative and qualitative approaches. Operational risk events for high-
frequency/low-severity events can be captured and modelled, but those tail events that are low
frequency/high severity are where a qualitative scaling assessment can be most effective.
I. Quantitative Approaches
The CIA Research Paper on Operational Risk includes a comprehensive description of the
three primary quantitative methods that are found in the literature for both banks and
insurers. The Milliman paper also describes each of these methods in detail.
A. Frequency-severity approach
The use of frequency-severity analysis is well documented in actuarial literature
for general insurance. Within the context of Basel II, frequency-severity analysis
is referred to as the LDA. Dutta and Babbel note that given the similarity of
operational losses to property/casualty losses, the measurement approach
published/pdfs/current-approaches-operational-risk.pdf.
4-12
predominantly follows the loss distribution approach (LDA), which actuaries use
for pricing property/casualty insurance.23
The LDA is described by Chapelle et al. as follows:
... a parametric technique that consists in separately estimating a frequency
distribution for the occurrence of operational losses and a severity distribution
for the economic impact of individual losses. In order to obtain the total
distribution of operational losses, these two distributions are then combined
through n-convolution of the severity distribution with itself, where n is a random
variable that follows the frequency distribution.24
For banks complying with the requirements of the AMA under Basel II, the LDA
would include:
Homogeneous categories of internal observations to derive univariate
distributions of operational losses for each type of loss event;
Integration of external loss data to refine the shape of the distribution tail at
its extreme; and
Joint analysis of loss event categories to reflect possible dependence between
univariate distributions.
The basic principle of a frequency-severity analysis is to generate the number of
losses and the average value (i.e., severity) of each loss using separate and distinct
statistical models. Model parameters are derived by fitting historical data to a
variety of distributions using the input of experts or a combination of data and
expert input.
B. Causal modelling and Bayesian estimation techniques - (including the use of key
risk indicators)
A Bayesian network (BN) is described by Alexander as a statistical model that
relates the marginal distributions of causal factors, or attributes of a risk, to its
multivariate distribution.25 BNs have been used for decades in numerous
23 K. K. Dutta and D. F. Babbel, Scenario Analysis in the Measurement of Operational Risk Capital: A Change of
Measure Approach, Wharton School of the University of Pennsylvania, 5 July 2012: 2:
http://fic.wharton.upenn.edu/fic/papers/12/12-15.pdf.
24 A. Chapelle, Y. Crama, G. Hbner, and J.-P. Peters, Practical Methods for Measuring and Managing Operational
Risk in the Financial Sector: A Clinical Study, ScienceDirect, Journal of Banking & Finance 32 (2008) 1049
1061, 1 October 2007: s.5: http://finance.flemingeurope.com/webdata/3118/JBF-Chapelle-etal2008.pdf.
25 C. Alexander, Chapter 14: Managing Operational Risk with Bayesian Networks, Operational Risk: Regulation,
Analysis, and Management, 2003: S.14.2:
www.carolalexander.org/publish/download/JournalArticles/PDFs/Chapter_Alexander_Bayesian_2003.pdf.
4-13
applications including medical expert systems, transportation, failure diagnosis,
pattern matching, chemical processing, speech recognition, infrastructure,
environmental modelling, and legal and evidential reasoning. The use of BNs
within financial institutions and insurance in particular, has not been as pervasive
as in other industries.
BNs are also described as an elegant solution to the modelling of operational risk
that combines both qualitative and quantitative information to arrive at a loss
estimate.26 BNs can be particularly useful for modelling operational risk
categories with little or no loss data (internal or external). Unlike the frequency-
severity approach, BNs are causal networks and thus valuable for analyzing the
causes that contribute to operational risk.
C. Scenario analysis
According to Dr. Eric Rosengren, scenario analyses are used by banks for three
primary purposes: stress testing, creating synthetic losses (when there is
insufficient internal loss data), and generating severity functions for the
frequency-severity approach.27 As noted previously, historical data are not always
a good predictor for future states of the world, in particular if processes
surrounding operational risk events have changed significantly. Historical data
may also be incomplete (especially for very low-frequency events with extreme
dollar impacts). Thus, scenario analysis is a technique that is often used to
describe and quantify the tail of the distribution. A scenario describes a consistent
future state of the world over time, resulting from a plausible and possibly adverse
set of events or sequences of events.28 Scenarios can be relatively simple and one-
dimensional or very complex (e.g., a shock event triggers a series of causal,
consecutive, cascading events). In addition, a scenario could be immediate with a
short duration (e.g., earthquake), while other scenarios, typically complex
scenarios, can develop over longer time periods (e.g., the financial crisis of 2007
2008). To better describe unobserved events for the purpose of quantitative
modelling of operational risk, synthetic scenarios would typically be used.29
26 S. Ramamurthy, H. Arora, and A. Ghosh, Operational Risk and Probabilistic NetworksAn Application to
Corporate Actions Processing, Infosys, white paper, November 2005: 2:
www.infosys.com/industries/financial-services/white-papers/documents/operational-risk-probabilistic-
networks.pdf.
27 E. Rosengren, executive vice president, Federal Reserve Bank of Boston, 19 July 2006 presentation titled
Scenario Analysis and the AMA: 3: www.boj.or.jp/en/announcements/release_2006/data/fsc0608be9.pdf.
28 For a comprehensive discussion of scenarios and scenario analysis refer to Stress Testing and Scenario Analysis,
International Actuarial Association (IAA), July 2013:
http://www.actuaries.org/CTTEES_SOLV/Documents/StressTestingPaper.pdf.
29 K. K. Dutta and D. F. Babbel, Scenario Analysis in the Measurement of Operational Risk Capital: A Change of
4-14
Synthetic scenarios describe hypothetical conditions that have not been observed
and that can thus be more easily tailored to a specific situation of interest. These
hypothetical conditions might occur but have not been observedfor instance,
because of sheer good luck or because certain risks did not previously exist.
II. Qualitative Approaches
As noted repeatedly in this chapter, consideration of operational risk requires a qualitative
perspective as well as a quantitative outcome.
The current data sources for operational losses are rather thin; thus, it is imperative that
risk assessments for operational risks take into account the risk management processes to
support this risk. The quality and maturity of an insurers risk management processes have
a material influence on the severity and frequency of potential losses arising from
operational risk events. Yet, a credible measurement approach that is free from moral
hazard is needed to evaluate the effectiveness of management.
The following regulatory examples illustrate some current approaches to address this
challenge:
A. Commercial Insurers Solvency Self-Assessment (CISSA)
As part of the CISSA, the Bermuda Monetary Authority (BMA) relies on the
Commercial Insurer Risk Assessment (CIRA30) for the assessment of the
operational risks of an insurer. This self-assessment is split into three components:
corporate governance, risk management function, and risk management process
(identification, measurement, response, and monitoring/reporting) for eight
operational risk categories.
The processes are checked whether they are at stage 1 (ad hoc), 2, 3, or 4
(implemented, well documented, standardized and reviewed annually) as
described in CIRA. They are then allocated scores (from 50 to 200) depending on
their quality. The final score of the complete assessment is turned into a capital
charge: the more mature the risk management system, the more points are
obtained from the self-assessment, and the lower the operational risk charge
becomes.
The maximum operational risk charge of CIRA corresponds to 10 percent of the
required capital for the other quantifiable risks (e.g., underwriting, market, and
credit). After a threshold of points has been reached in the self-assessment, the
operational risk charge decreases.
Measure Approach, Journal of Risk and Insurance, June 2014.
30 Commercial Insurer Risk Assessment, BMA, Guidance Note #17, November 2008.
4-15
This self-assessment allows an undertaking to quantify the operational risks,
which can also be validated by the other approaches mentioned above. In addition
to the calculation of required capital, the self-assessment provides a direct link to
the risk management process, which satisfies the so-called use-test of regulatory
requirements. The self-assessment allows undertakings to easily identify the areas
of the risk management system that need improvements, and, from there on,
priorities can be set. It also provides incentives to improve the control process and
reduce operational risk.
This approach starts with a qualitative approach that is then transformed into a
quantitative figure.
B. China Risk Oriented Solvency System (C-ROSS)
In February 2015, the China Insurance Regulatory Commission introduced C-
ROSS.31 C-ROSS reflects realities of the emerging markets. C-ROSS uses
qualitative regulatory tools to assess operational risk. Operational risk is
categorized in Pillar II. A capital charge is included for operational risk and other
Pillar II risks (strategic, reputational, and liquidity risks) via a factor applied to the
quantifiable risks capital charge in Pillar I. This factor is assessed on a company
basis and based on the regulator evaluation of the risk management capabilities
of the insurers. That evaluation results in a score between 0 and 100. For scores
below 80, the factor (and the resulting Pillar II charge) is positive; for scores
above 80, the factor is negative (resulting in a reduction in the overall capital
requirement), with no Pillar II charge for a score of 80. As a result, C-ROSS
incentivizes insurers to adopt and maintain good risk management.
C. Swiss Solvency Test (SST)
SST32 does not include a capital charge for operational risk. It states that at the
current time, no quantitative consideration of operational risks is generally
required in the SST unless an insurance company were to be expressly requested
by Swiss Financial Market Supervisory Authority (FINMA) to do this for serious
reasons. Operational risks are to be appropriately taken into account in risk
management.
31 China Insurance Regulatory Commission, China Risk Oriented Solvency System Conceptual Framework, March
2014.
Guan Ling, China Risk Oriented Solvency SystemA Practical View from Emerging Market, IAA Zurich
Meeting, April 2015.
Junbo Xiang, C-ROSS: A Major Reform of Chinas Insurance Regulatory System, The Geneva Association
Newsletter No. 59, June 2015.
32 FINMA, Swiss Solvency Test, Circular 2008/44 SST.
4-16
III. Conclusions
To summarize, key reasons why many insurers are not yet modelling operational risk
include:
The lack of credible data due to the relatively short time span for which historical
operational risk loss data have been collected;
The role of the internal control environment and its ever-changing nature, which
makes historical operational risk loss data somewhat irrelevant;
The important role of infrequent but very large operational risk loss events;
The continued state of development for insurers internal models and the rigorous
governance framework surrounding the use of such models; and
Cost-benefit issues that result in questions about the value of internal models
given their significant implementation costs.
Typically, a capital charge or other mitigation approach acts to reduce risk exposure, but
adding an operational risk charge based on past losses (or the lack thereof) could have no
effect on reducing future risk. A pro-cyclical process could be created whereby the absence
of operational risk event losses leads to no required capital; when an event occurs, not only
does the insurer need to fund the event, it must also raise funds for a possible future
operational risk event even though the circumstances that generated the event have likely
changed.
Dr. Peter Boller was vice-chair of the Insurance Regulation Committee, chair of the ASTIN
Section, and chair of the Reinsurance Subcommittee of the IAA. He was a substantial contributor
until his untimely death.
Caroline Grgoire, BSc from Universit de Montral, is an associate member of the Swedish
Actuarial Association. She has worked in various positions at Hannover Re in Hannover,
Germany, including reserving for property and casualty business, internal audit, operational and
qualitative risk management, and risk reporting. She can be reached at
Caroline.Gregoire@hannover-re.com.
Toshihiro Kawano, FIAJ, is chief actuary at AEGON Sony Life Insurance Company in Tokyo,
Japan. He is also vice-chair of the Insurance Regulation Committee of the IAA. Toshihiro can be
reached at Toshihiro_kawano@aegonsonylife.co.jp.
4-17
IAA Risk Book
Chapter 4Operational Risk
Peter Boller
Caroline Grgoire
Toshihiro Kawano
issues (such as strength of governance processes and oversight functions) play a
large role in the management of operational risk.
3. The reliability of any operational risk modelling exercise is strictly connected with
the actual quality of the overall data (internal or external data), which is generally an
unknown. As a result, the appropriate model calibration in the data-poor
environment of operational risk is one of the most significant and persistent
challenges for insurers. Without sufficient data, models to quantify operational risk
cannot be calibrated adequately.1
4. Typically, a capital charge or other mitigation method acts to reduce risk exposure,
but adding an operational risk charge based on past losses (or the lack thereof) can
be pro-cyclical.
This paper has been produced and approved by the Insurance Regulation Committee of the
IAA on 15 September 2015 and amended on 8 March 2016. See end of chapter for explanation
of amendment(s).

the effectiveness of management in addressing operational risk exposures of both
low- and high-severity events. It is true that quantitative methods for modelling
operational risk for insurers are being developed and the literature supporting such
methods is being published at a greater rate than in the past.2 However, to have an
effective and consistent operational risk regime, the assessment for operational risk
should take into account, via a relativistic approach that is qualitative in nature, the
rigor around risk management processes for such risk.
2. Introduction
emphasized that of all the risks faced by insurers, operational risk is most likely the one risk
that has the strongest qualitative aspects and where choosing a predominantly quantitative
approach could fail to describe and assess the risk appropriately.
Nevertheless, a granular focus on operational risk is increasingly evident in organizations.
While some insurers are directing considerable efforts at quantifying operational risk, others
are focusing primarily on the qualitative aspects of operational risk (e.g., looking into the
processes that can lead to operational risk events).
4-2
the challenges cited in the literature is the absence of methods for combining expert opinion
with relevant internal and external data.3
Stakeholders must recognize the significantly greater uncertainty in modelled results of

required capital for operational risk vs. other types of risk that have much longer histories of
sufficient and reliable data (e.g., mortality risk for life insurers and catastrophe risk for general
insurers). It should also be noted that, because of changes in management practices, data with
respect to operational risks would potentially always be out of date.
example of potential double counting of risk could arise with insurance risks that may include
an element of claim fraud (detected or undetected), since fraud may be embedded in the claim
ratios used to quantify underwriting risk and/or the historical claims development patterns that
are used to quantify reserve risk. Operational risk solvency capital requirements generally
focus on low-frequency/high-severity claim fraud events. It is important, nevertheless, to
recognize that a certain amount of double counting may exist, reflecting a conservative
approach to the overall quantification of capital requirements. The focus would be directed at
adequate management actions to reduce the exposure to these types of boundary risk events.
An important factor in quantifying a capital charge associated with operational risk is to avoid
double counting with other risk categories.
4-3
I. Definition
definition originally set out for the regulation of international banks. Section V.A.644 of Basel
II defines operational risk:
Operational risk is defined as the risk of loss resulting from inadequate or failed internal
processes, people and systems or from external events. This definition includes legal
risk, but excludes strategic and reputational risk.4
An important recent effort for insurers to expand the definition has been suggested in a white
paper from the CRO Forum6 that does not limit the definition of operational risk to losses only
but also looks at other adverse consequences such as negative publicity and censure from
supervisory agencies.7 The objective is to ensure consideration of effects such as reputational
risk so that appropriate operational risk management actions can be assessed.
It is critical to recognize that a mechanical use of quantitative methods to determine required

capital for operational risk should be avoided as the qualitative components that play a large
role in the management of operational risks are often not fully captured by the methods. A
weak risk culture has been the source of operational risk events leading to substantial financial
losses within the insurance industry in the past. Examples include: poorly designed incentive
systems, unclear direction from senior management (or messages that bad news is not
welcome), and lack of accountability. Even if some elements of risk culture can be assessed
StandardsA Revised ApproachComprehensive Version, Bank for International Settlements, June
2006: s.644: https://www.bis.org/publ/bcbs128.pdf.
5
Ibid. Legal risk can be further described as Legal risk is the risk of loss resulting from exposure to 1)
non-compliance with regulatory and/or statutory responsibilities and/or 2) adverse interpretation of and/or
6
CRO Forum, Operational Risk (Principles of Operational Risk Management and Measurement), September
2014, p. 4.
7
Ibid. p.4, A1. Definitions Practice 1 : Adopt a broad scope for the management of operational risk.
4-4
through quantitative approaches, there will always be some elements of a rather informal
nature that are not assessable.
In this context, stakeholders should be cognizant of the insurers risk culture as well as of the
limitations of the selected methodology used to quantify operational risk.
should be addressed in a multi-pillar supervisory framework. In selecting a method to quantify
operational risk, it is critical to carefully consider the definition of operational risk and any
potential overlap with other risk categories. Many operational risks may already be considered
implicitly as part of other risk types. It is essential that boundary conditions be clearly
articulated so that risks are neither double counted nor overlooked. This topic is addressed in a
presentation document titled Operational Risk Management prepared by Van den Heever
and Slawski for the Actuarial Society of South Africas 2011 Convention. They state: A
detailed taxonomy is required to obtain approximately consistent interpretations of risk event
types and to ensure complete risk universe assessments.8 They note that operational risks
arising from shared services are often double counted, leading to duplication of risk
management and capital. Another frequently cited example of potential double counting is the
treatment of outsourcing risks.
Operational risk for insurers has been the subject of numerous papers and discussions. Two of
the most recent and comprehensive papers are from the CIA and Milliman.
www.actuarialsociety.org.za/Portals/2/Documents/Convention-OperationalRiskManagement-RH-JS-2011.
pdf.
4-5
distinction between models that are used for (a) quantifying operational risk and calculating
economic or regulatory capital and (b) managing operational risk. Such a differentiation can
present challenges as those models used to quantify operational risk can also be used for
management and vice versa. The CIA research paper focuses on models used to quantify
operational risk rather than models used to manage operational risk.

financial sector. Recently, the CRO Forum published a white paper on principles of operational
risk management and measurement,10 which takes into account both qualitative and
quantitative aspects of operational risk.
banking industry and initially was defined by exclusionnamely all risks other than market or
credit. The Basel Committee on Banking Supervision (the Basel Committee) introduced a
capital requirement under Basel II for operational risk for banking institutions, specifically laid
out in the Revised Framework.
separately for credit, market, and operational risk. It allowed the use of three different methods
for the determination of operational risk capitalnamely the basic indicator approach (BIA),
the standardized approach (SA), and the advanced measurement approach (AMA), where
increasing sophistication of the approach goes hand in hand with higher risk sensitivity. In
general, the operational risk charge is a function (i.e., a proportion) of a banks gross income;
the underlying assumption is that risk corresponds to size as measured by income.
The Basel Committee recently conducted a review of the principles for sound management of
operational risk that were first published in June 2011.11 The review recommended that banks
should:

10
CRO Forum, Principles of Operational Risk Management and Measurement, September 2014.
4-6
assessment tools;

For quantification purposes, the Basel Committee has moved to two approaches: the SA and
AMA.12 Operational risk management now focuses on every process and risk within an
organization and is more detailed than one overall estimate for the entire company that was
previously based solely on overall revenues. The review also mentions that methods for
identifying and managing operational risk should be seen as complementary to the calculation
of operational risk capital requirements, rather than as a consequence of that activity.
While different industries tend to adopt slightly revised definitions of operational risk,13 the
essence of the various definitions is quite similarfailed systems, people, processeswhether
internal or external.
another, care must be taken to pay attention to the different nature of the business. In a bank,
millions of transactions can be processed each day. These are typically time-critical (e.g.,
money transfers and payments); and a major, persistent malfunction of such processes would
have severe consequences for the bank concerned as well as other banks involved in the
transactionsand possibly, through a ripple effect in a worst-case situation, for the entire
financial system. Also, fraud (in particular in the form of rogue trading) has been an important
phenomenon in the banking and trading industry as well as in the insurance industry, albeit of a
different nature.
12
Basel Committee on Banking Supervision, Operational RiskRevisions to the Simpler Approaches,
Consultative Document, October 2014.
13
In the United States, the Federal Reserve defines operational risk as: the potential that inadequate information
loss resulting from inadequate or failed productive inputs used in an operational activity (Milliman (2013),
p. 7).
4-7
Felice and Hall of the National Association of Insurance Commissioners (United States) state
that the definition of operational risk used for banks by the Basel Committee is inappropriate
for insurers due to the differences between the business models for banking and insurance.
They believe the characteristics and sources of operational risk differ:
supported by short-term funding in the capital markets, whereas insurers business is
not transactional. Insurers cover risk exposures through reinsurance.14
directed at banks. These papers provide detailed theoretical presentations of various methods
used to quantify operational risk. They also present the results of comprehensive case studies,
some based on the historical experience of individual banks and others based on aggregated
data for multiple institutions. Finding up-to-date literature specifically applicable to the
quantification of operational risk for insurers, however, is a challenge. While there are papers
directed at insurers, they are far fewer than those directed at banks. Furthermore, some of the
papers for insurers are now dated given the continued advancements in economic capital
modelling, Solvency II, and the activities of the International Association of Insurance
Supervisors (IAIS).
The following table provides examples of different modelling approaches for operational risk
that would be warranted in varied industries, differentiating events by frequency and severity.
14
4-8
Low Claims processing, ATM Transport Meter reading

severity/high data errors, failures service errors
premium collection
Medium Fraud, regulatory Online Environmental Environmental

severity/medium compliance failure security contamination contamination
frequency breach,
fraud,
regulatory
compliance
failure

frequency

Current Research
failed people, processes, and systems, as well as from external events that adversely affect the
organization, one can identify the following aspects that are common to all industries:
1. The business model drives the relative importance of people, processes, and systems
and their influence on operational risk events.
2. Since tail events are often nonlinear and have interdependencies, mean and variance
techniques tend to be very unstable. A useful way to address these constraints is to
specify the following three major categories of inputs and outcomes:
3. Inputs

technology; and
c. Risk culture.
4-9
4. Outcomes
Distinguish if the primary goal is to manage operational risk or to quantify the risk with a
goal to translate the quantification into a capital charge.15 Then later evaluate which tools are
necessary to manage or assess operational risk incorporating both quantitative and qualitative
considerations.
The management and governance of behaviours need to be a primary focus to reduce/mitigate

the consequences of operational risk events.
There are evolving techniques for measurement of operational risk, but it is often a difficult
task to determine an appropriate level of operational risk capital for insurers. Because
insurance events are financially driven processes, operational risk may best be addressed (in
some circumstances) through the tools already in place for mis-selling, pricing, or reserving.
The CRO Forum stated16 that the measurement of operational risk is not about finding the exact
truth; it is about finding a reasonable numerical assessment with the aim to support the quality
of (risk) management decisions.
16
CRO Forum, Principles of Operational Risk Management and Measurement, September 2014, p. 3.
4-10
In Quantifying Regulatory Capital for Operational Risk, Embrechts et al. state: The
accuracy in predicting future loss values depends on the volume and quality of the observed
historical data.17 The reliability of any operational risk modelling exercise is strictly
connected with the actual quality of the overall data (internal or external data), which is
generally an unknown. As a result, the appropriate model calibration in the data-poor
environment of operational risk is one of the most significant and persistent challenges for
insurers. Without sufficient data, models to quantify operational risk cannot be calibrated
adequately.
I. Data Sources
institution and can be used for the primary quantification methods used to determine required
capital for operational risk. One of the reasons that internal loss data are often used as a
foundation for the AMA is that internal data are considered to be the most objective risk
indicator currently available reflecting the unique risk profile of the specific financial
institution.19 The challenges in securing sufficient internal data and the need to evaluate the
exposure to potentially severe tail events are among the reasons why Basel II requires banks to
supplement their own data with further sources (including both external data and scenario
analysis) to determine their operational risk capital charge.
External data refer to operational risk losses that have occurred in other organizations. External
data may be obtained from a third-party vendor or from a data consortium such as ORIC for
insurers or ORX for banks. Aue and Kalkbrener explain that external loss data can be used to
supplement an internal loss data set, to modify parameters derived from the internal loss data,
and to improve the quality and credibility of scenarios. External data can also be used to
18
When first moving from the BIA or SA to the AMA, a bank is allowed to use three years of internal loss data.
19
F. Aue and M. Kalkbrener, LDA at Work, Deutsche Bank AG, February 2007: 8:
4-11
validate the results obtained from internal data or for benchmarking.20 However, it is not
necessarily clear whether operational risk data from one company (e.g., an insurer) is relevant
for the business of another company (whether another insurer or a reinsurer).
Lastly, beyond pure quantitative data (e.g., costs, frequency), the capturing and understanding
of qualitative information are critical. Qualitative information describes the causal drivers of
operational risk and interdependencies with other risks and circumstances. This is a
particularly crucial aspect for insurers.
II. Data Quality
One of the greatest impediments to modelling operational risk is the lack of a sufficient volume
of high-quality, accurate databoth internal and external data. There are numerous factors
contributing to the challenges with data. First, for some insurers, historical operational risk loss
data have only been recorded and aggregated for a relatively short period of time. Historically,
data on losses arising from events that are categorized as operational risk loss events were not
required. Furthermore, the costs of collecting such data were deemed to outweigh the benefits.
In LDA at Work, Aue and Kalkbrener discuss two inherent weaknesses of internal loss data
when used as a foundation for operational risk exposure measurement:
Loss data is not available in sufficient quantities in any financial institution to permit
a reasonable assessment of exposure, particularly in terms of assessing the risk of
extreme losses.21
Data on operational risk need to be comprehensive. For this purpose, a framework needs to be
set up and applied as data are recorded and gathered. Data standards need to be homogeneous
and uniform over time and across sources of operational risk (e.g., what constitutes a loss, how
a loss figure is derived), consistent over time, and complete (e.g., which loss elements are
included and which are excluded).
One key aspect to be considered is the issue of potential double counting; losses should not be
registered more than once.
20 Ibid.: 11.
21
4-12
III. Data Relevance
business written, organizational structure, etc., the losses arising from operational risk events at
one insurer may have little relevance for another insurer. While internal data may be
considered to be the most appropriate (but also likely most scarce), external data will only be
valuable to the extent it is relevant for the business and the processes of the insurer concerned.
The Milliman white paper states In general, operational risks are characterized by underlying
drivers, which tend to adapt and change over time. This makes it problematic to use a classical
statistical approach, as data can rapidly cease to relate to the risk.22 Changes in processes may
reduce or even eliminate the possibility that particular past losses would occur in the future, or
that losses that happened in the past would recur in the future but with a significantly different
severity.
exposed to the potential for inconsistencies in the identification, categorization, and reporting
of losses. Inconsistencies may exist from department to department or business line to business
line within an insurer as well as from one insurer to another. Inconsistencies present challenges
when the internal data are aggregated within an insurer or when internal data are combined
with external data. Such inconsistencies could influence the statistical analysis of operational
risk losses, particularly given the limited volume of data possessed by most insurers.
The basic question remains whether the data should be used to monitor and improve the control
system that limits this risk or to quantify a capital requirement. Doing the former is inconsistent
with the latter, as any data uncovering a material risk generally leads to actions that make the
data unusable for quantifying the future risk.
A comprehensive assessment of operational risk requires an amalgamation of a qualitative and

a quantitative approach. While the qualitative aspect addresses primarily the manage part of
22
N. Cantle, D. Clark, J. Kent, and H. Verheugen, A Brief Overview of Current Approaches to Operational Risk
under Solvency II, Milliman white paper, July 2012: 2:
http://uk.milliman.com/uploadedFiles/insight/life-published/pdfs/current-approaches-operational-risk.pdf.
4-13
weights to the quantitative and qualitative approaches. Operational risk events for
high-frequency/low-severity events can be captured and modelled, but those tail events that are
low frequency/high severity are where a qualitative scaling assessment can be most effective.
three primary quantitative methods that are found in the literature for both banks and insurers.
The Milliman paper also describes each of these methods in detail.
The use of frequency-severity analysis is well documented in actuarial literature for general
insurance. Within the context of Basel II, frequency-severity analysis is referred to as the LDA.
Dutta and Babbel note that given the similarity of operational losses to property/casualty
losses, the measurement approach predominantly follows the loss distribution approach
(LDA), which actuaries use for pricing property/casualty insurance.23
... a parametric technique that consists in separately estimating a frequency distribution

for the occurrence of operational losses and a severity distribution for the economic
impact of individual losses. In order to obtain the total distribution of operational
losses, these two distributions are then combined through n-convolution of the severity
distribution with itself, where n is a random variable that follows the frequency
distribution.24
As discussed in Dutta and Perry, LDA implementation needs thorough exploratory work to be
done before deciding on a model.25
23. K. K. Dutta and D. F. Babbel, Scenario Analysis in the Measurement of Operational Risk Capital: A Change
of Measure Approach, Journal of Risk and Insurance, June 2014.
24
A. Chapelle, Y. Crama, G. Hbner, and J.-P. Peters, Practical Methods for Measuring and Managing
Operational Risk in the Financial Sector: A Clinical Study, ScienceDirect, Journal of Banking & Finance
32 (2008) 10491061, 1 October 2007: s.5:
http://finance.flemingeurope.com/webdata/3118/JBF-Chapelle-etal2008.pdf.
25 Dutta, K.K. and Perry, J., A tale of tails: An empirical analysis of loss distribution models for
estimating operational risk capital, Working Paper Series, Federal Reserve Bank of Boston,
No. 06-13, July 2006
4-14
For banks complying with the requirements of the AMA under Basel II, the LDA would
include:
Homogeneous categories of internal observations to derive univariate distributions

of operational losses for each type of loss event;
Integration of external loss data to refine the shape of the distribution tail at its
extreme; and

The basic principle of a frequency-severity analysis is to generate the number of losses and the
average value (i.e., severity) of each loss using separate and distinct statistical models. Model
parameters are derived by fitting historical data to a variety of distributions using the input of
experts or a combination of data and expert input.
B. Causal modelling and Bayesian estimation techniques (including the use of key risk
indicators)
A Bayesian network (BN) is described by the Milliman paper as a visual description

(formally, a directed acyclical graph) of the relationships between causes and effects. BNs use
Bayes theorem to compute the probabilities in the model26. The CIA paper explains that BNs
have been used for decades in numerous applications including medical expert systems,
transportation, failure diagnosis, pattern matching, chemical processing, speech recognition,
infrastructure, environmental modelling, and legal and evidential reasoning. The use of BNs
within financial institutions and insurance in particular, has not been as pervasive as in other
industries27.
Unlike the frequency-severity approach, BNs are causal networks and thus valuable for
analyzing the causes that contribute to operational risk. The CIA paper states that BN's can be
particularly useful for modeling ORCs with little or no loss data (internal or external).
However, the paper also indicates that Some European banks have experimented with using
BN for operational risk capital quantification without patent success. It is unclear whether the
issues encountered by the banking sector will translate to the insurance sector. As such, further
26 Milliman, Operational Risk Modelling Framework, February 2013, p38.
27 CIA Research Paper on Operational Risk, November 2014, p66.
4-15
research will be required by the insurance industry to determine the applicability of BN for the
quantification of operational risk capital.28
According to Dr. Eric Rosengren, scenario analyses are used by banks for three primary
purposes: stress testing, creating synthetic losses (when there is insufficient internal loss data),
and generating severity functions for the frequency-severity approach.29 As noted previously,
historical data are not always a good predictor for future states of the world, in particular if
processes surrounding operational risk events have changed significantly. Historical data may
also be incomplete (especially for very low-frequency events with extreme dollar impacts).
Thus, scenario analysis is a technique that is often used to describe and quantify the tail of the
distribution. A scenario describes a consistent future state of the world over time, resulting
from a plausible and possibly adverse set of events or sequences of events.30 31 Scenarios can
be relatively simple and one-dimensional or very complex (e.g., a shock event triggers a series
of causal, consecutive, cascading events). In addition, a scenario could be immediate with a
short duration (e.g., earthquake), while other scenarios, typically complex scenarios, can
develop over longer time periods (e.g., the financial crisis of 20072008). To better describe
unobserved events for the purpose of quantitative modelling of operational risk, synthetic
scenarios would typically be used. Synthetic scenarios describe hypothetical conditions that
have not been observed and that can thus be more easily tailored to a specific situation of
interest. These hypothetical conditions might occur but have not been observedfor instance,

28 Ibid.: P.66 and 79.

29
E. Rosengren, executive vice president, Federal Reserve Bank of Boston, 19 July 2006 presentation titled
30
For a comprehensive discussion of scenarios and scenario analysis refer to Stress Testing and Scenario
Analysis, International Actuarial Association (IAA), July 2013:
31
For how to integrate a scenarios in estimating operational risk refer to K. K. Dutta and D. F. Babbel, Scenario
Analysis in the Measurement of Operational Risk Capital: A Change of Measure Approach, Journal of Risk
and Insurance, June 2014.
4-16
The current data sources for operational losses are rather thin; thus, it is imperative that risk
assessments for operational risks take into account the risk management processes to support
this risk. The quality and maturity of an insurers risk management processes have a material
influence on the severity and frequency of potential losses arising from operational risk events.
Yet, a credible measurement approach that is free from moral hazard is needed to evaluate the
effectiveness of management.
challenge:
As part of the CISSA, the Bermuda Monetary Authority (BMA) relies on the Commercial
Insurer Risk Assessment (CIRA32) for the assessment of the operational risks of an insurer.
This self-assessment is split into three components: corporate governance, risk management
function, and risk management process (identification, measurement, response, and
monitoring/reporting) for eight operational risk categories.
The processes are checked whether they are at stage 1 (ad hoc), 2, 3, or 4 (implemented,
well documented, standardized and reviewed annually) as described in CIRA. They are then
allocated scores (from 50 to 200) depending on their quality. The final score of the complete
assessment is turned into a capital charge: the more mature the risk management system, the
more points are obtained from the self-assessment, and the lower the operational risk charge
becomes.
The maximum operational risk charge of CIRA corresponds to 10 percent of the required
capital for the other quantifiable risks (e.g., underwriting, market, and credit). After a threshold
of points has been reached in the self-assessment, the operational risk charge decreases.
This self-assessment allows an undertaking to quantify the operational risks, which can also be
validated by the other approaches mentioned above. In addition to the calculation of required
capital, the self-assessment provides a direct link to the risk management process, which
satisfies the so-called use-test of regulatory requirements. The self-assessment allows
undertakings to easily identify the areas of the risk management system that need
improvements, and, from there on, priorities can be set. It also provides incentives to improve
the control process and reduce operational risk.
32
Commercial Insurer Risk Assessment, BMA, Guidance Note #17, November 2008.
4-17
This approach starts with a qualitative approach that is then transformed into a quantitative
figure.
In February 2015, the China Insurance Regulatory Commission introduced C-ROSS.33

C-ROSS reflects realities of the emerging markets. C-ROSS uses qualitative regulatory tools to
assess operational risk. Operational risk is categorized in Pillar II. A capital charge is included
for operational risk and other Pillar II risks (strategic, reputational, and liquidity risks) via a
factor applied to the quantifiable risks capital charge in Pillar I. This factor is assessed on a
company basis and based on the regulator evaluation of the risk management capabilities of
the insurers. That evaluation results in a score between 0 and 100. For scores below 80, the
factor (and the resulting Pillar II charge) is positive; for scores above 80, the factor is negative
(resulting in a reduction in the overall capital requirement), with no Pillar II charge for a score
of 80. As a result, C-ROSS incentivizes insurers to adopt and maintain good risk management.
SST34 does not include a capital charge for operational risk. It states that at the current time, no
quantitative consideration of operational risks is generally required in the SST unless an
insurance company were to be expressly requested by Swiss Financial Market Supervisory
Authority (FINMA) to do this for serious reasons. Operational risks are to be appropriately
taken into account in risk management.
III. Conclusions
To summarize, key reasons why many insurers are not yet modelling operational risk include:
The lack of credible data due to the relatively short time span for which historical operational
risk loss data have been collected;
33 China Insurance Regulatory Commission, China Risk Oriented Solvency System Conceptual Framework,
March 2014.
34
FINMA, Swiss Solvency Test, Circular 2008/44 SST.
4-18
Cost-benefit issues that result in questions about the value of internal models given
their significant implementation costs.
adding an operational risk charge based on past losses (or the lack thereof) could have no effect
on reducing future risk. A pro-cyclical process could be created whereby the absence of
operational risk event losses leads to no required capital; when an event occurs, not only does
the insurer need to fund the event, it must also raise funds for a possible future operational risk
event even though the circumstances that generated the event have likely changed.
Section, and chair of the Reinsurance Subcommittee of the IAA. He was a substantial
contributor until his untimely death.
Germany, including reserving for property and casualty business, internal audit, operational
and qualitative risk management, and risk reporting. She can be reached at
Japan. He is also vice-chair of the Insurance Regulation Committee of the IAA. Toshihiro can
be reached at Toshihiro_kawano@aegonsonylife.co.jp.
CHAPTER AMENDMENT(S):
Section 5 Assessment of Operational Risk, subsection I Quantitative Approaches of this

chapter was amended on 8 March 2016. The description now uses a recent definition of the
Bayesian-Network and related explanations, and some footnotes were amended to make
footnotes 23 and 29 (new 31) refer to the same paper.
4-19
IAA Risk Book
Chapter 4Operational Risk
Peter Boller
Caroline Grgoire
Toshihiro Kawano
issues (such as strength of governance processes and oversight functions) play a
large role in the management of operational risk.
3. The reliability of any operational risk modelling exercise is strictly connected with
the actual quality of the overall data (internal or external data), which is generally an
unknown. As a result, the appropriate model calibration in the data-poor
environment of operational risk is one of the most significant and persistent
challenges for insurers. Without sufficient data, models to quantify operational risk
cannot be calibrated adequately.1
4. Typically, a capital charge or other mitigation method acts to reduce risk exposure,
but adding an operational risk charge based on past losses (or the lack thereof) can
be pro-cyclical.
IAA on 15 September 2015
IAA on 15 September 2015 and amended on 18 March 2016. See end of chapter for explanation
of amendment(s).31

the effectiveness of management in addressing operational risk exposures of both
low- and high-severity events. It is true that quantitative methods for modelling
operational risk for insurers are being developed and the literature supporting such
methods is being published at a greater rate than in the past.2 However, to have an
effective and consistent operational risk regime, the assessment for operational risk
should take into account, via a relativistic approach that is qualitative in nature, the
rigor around risk management processes for such risk.
2. Introduction
emphasized that of all the risks faced by insurers, operational risk is most likely the one risk
that has the strongest qualitative aspects and where choosing a predominantly quantitative
approach could fail to describe and assess the risk appropriately.
Nevertheless, a granular focus on operational risk is increasingly evident in organizations.
While some insurers are directing considerable efforts at quantifying operational risk, others
are focusing primarily on the qualitative aspects of operational risk (e.g., looking into the
processes that can lead to operational risk events).
4-2
the challenges cited in the literature is the absence of methods for combining expert opinion
with relevant internal and external data.3
Stakeholders must recognize the significantly greater uncertainty in modelled results of

required capital for operational risk vs. other types of risk that have much longer histories of
sufficient and reliable data (e.g., mortality risk for life insurers and catastrophe risk for general
insurers). It should also be noted that, because of changes in management practices, data with
respect to operational risks would potentially always be out of date.
example of potential double counting of risk could arise with insurance risks that may include
an element of claim fraud (detected or undetected), since fraud may be embedded in the claim
ratios used to quantify underwriting risk and/or the historical claims development patterns that
are used to quantify reserve risk. Operational risk solvency capital requirements generally
focus on low-frequency/high-severity claim fraud events. It is important, nevertheless, to
recognize that a certain amount of double counting may exist, reflecting a conservative
approach to the overall quantification of capital requirements. The focus would be directed at
adequate management actions to reduce the exposure to these types of boundary risk events.
An important factor in quantifying a capital charge associated with operational risk is to avoid
double counting with other risk categories.
4-3
I. Definition
definition originally set out for the regulation of international banks. Section V.A.644 of Basel
II defines operational risk:
Operational risk is defined as the risk of loss resulting from inadequate or failed internal
processes, people and systems or from external events. This definition includes legal
risk, but excludes strategic and reputational risk.4
An important recent effort for insurers to expand the definition has been suggested in a white
paper from the CRO Forum6 that does not limit the definition of operational risk to losses only
but also looks at other adverse consequences such as negative publicity and censure from
supervisory agencies.7 The objective is to ensure consideration of effects such as reputational
risk so that appropriate operational risk management actions can be assessed.
It is critical to recognize that a mechanical use of quantitative methods to determine required

capital for operational risk should be avoided as the qualitative components that play a large
role in the management of operational risks are often not fully captured by the methods. A
weak risk culture has been the source of operational risk events leading to substantial financial
losses within the insurance industry in the past. Examples include: poorly designed incentive
systems, unclear direction from senior management (or messages that bad news is not
StandardsA Revised ApproachComprehensive Version, Bank for International Settlements, June
2006: s.644: https://www.bis.org/publ/bcbs128.pdf.
5
Ibid. Legal risk can be further described as Legal risk is the risk of loss resulting from exposure to 1)
non-compliance with regulatory and/or statutory responsibilities and/or 2) adverse interpretation of and/or
6
CRO Forum, Operational Risk (Principles of Operational Risk Management and Measurement), September
2014, p. 4.
7
Ibid. p.4, A1. Definitions Practice 1 : Adopt a broad scope for the management of operational risk.
4-4
welcome), and lack of accountability. Even if some elements of risk culture can be assessed
through quantitative approaches, there will always be some elements of a rather informal
nature that are not assessable.
In this context, stakeholders should be cognizant of the insurers risk culture as well as of the
limitations of the selected methodology used to quantify operational risk.
should be addressed in a multi-pillar supervisory framework. In selecting a method to quantify
operational risk, it is critical to carefully consider the definition of operational risk and any
potential overlap with other risk categories. Many operational risks may already be considered
implicitly as part of other risk types. It is essential that boundary conditions be clearly
articulated so that risks are neither double counted nor overlooked. This topic is addressed in a
presentation document titled Operational Risk Management prepared by Van den Heever
and Slawski for the Actuarial Society of South Africas 2011 Convention. They state: A
detailed taxonomy is required to obtain approximately consistent interpretations of risk event
types and to ensure complete risk universe assessments.8 They note that operational risks
arising from shared services are often double counted, leading to duplication of risk
management and capital. Another frequently cited example of potential double counting is the
treatment of outsourcing risks.
Operational risk for insurers has been the subject of numerous papers and discussions. Two of
the most recent and comprehensive papers are from the CIA and Milliman.
www.actuarialsociety.org.za/Portals/2/Documents/Convention-OperationalRiskManagement-RH-JS-2011.
pdf.
4-5
distinction between models that are used for (a) quantifying operational risk and calculating
economic or regulatory capital and (b) managing operational risk. Such a differentiation can
present challenges as those models used to quantify operational risk can also be used for
management and vice versa. The CIA research paper focuses on models used to quantify
operational risk rather than models used to manage operational risk.

financial sector. Recently, the CRO Forum published a white paper on principles of operational
risk management and measurement,10 which takes into account both qualitative and
quantitative aspects of operational risk.
banking industry and initially was defined by exclusionnamely all risks other than market or
credit. The Basel Committee on Banking Supervision (the Basel Committee) introduced a
capital requirement under Basel II for operational risk for banking institutions, specifically laid
out in the Revised Framework.
separately for credit, market, and operational risk. It allowed the use of three different methods
for the determination of operational risk capitalnamely the basic indicator approach (BIA),
the standardized approach (SA), and the advanced measurement approach (AMA), where
increasing sophistication of the approach goes hand in hand with higher risk sensitivity. In
general, the operational risk charge is a function (i.e., a proportion) of a banks gross income;
the underlying assumption is that risk corresponds to size as measured by income.
The Basel Committee recently conducted a review of the principles for sound management of
operational risk that were first published in June 2011.11 The review recommended that banks
should:
10
CRO Forum, Principles of Operational Risk Management and Measurement, September 2014.
4-6
assessment tools;

For quantification purposes, the Basel Committee has moved to two approaches: the SA and
AMA.12 Operational risk management now focuses on every process and risk within an
organization and is more detailed than one overall estimate for the entire company that was
previously based solely on overall revenues. The review also mentions that methods for
identifying and managing operational risk should be seen as complementary to the calculation
of operational risk capital requirements, rather than as a consequence of that activity.
While different industries tend to adopt slightly revised definitions of operational risk,13 the
essence of the various definitions is quite similarfailed systems, people, processeswhether
internal or external.
another, care must be taken to pay attention to the different nature of the business. In a bank,
millions of transactions can be processed each day. These are typically time-critical (e.g.,
money transfers and payments); and a major, persistent malfunction of such processes would
have severe consequences for the bank concerned as well as other banks involved in the
transactionsand possibly, through a ripple effect in a worst-case situation, for the entire
financial system. Also, fraud (in particular in the form of rogue trading) has been an important
12
Basel Committee on Banking Supervision, Operational RiskRevisions to the Simpler Approaches,
Consultative Document, October 2014.
13
In the United States, the Federal Reserve defines operational risk as: the potential that inadequate information
loss resulting from inadequate or failed productive inputs used in an operational activity (Milliman (2013),
p. 7).
4-7
phenomenon in the banking and trading industry as well as in the insurance industry, albeit of a
different nature.
Felice and Hall of the National Association of Insurance Commissioners (United States) state
that the definition of operational risk used for banks by the Basel Committee is inappropriate
for insurers due to the differences between the business models for banking and insurance.
They believe the characteristics and sources of operational risk differ:
supported by short-term funding in the capital markets, whereas insurers business is
not transactional. Insurers cover risk exposures through reinsurance.14
directed at banks. These papers provide detailed theoretical presentations of various methods
used to quantify operational risk. They also present the results of comprehensive case studies,
some based on the historical experience of individual banks and others based on aggregated
data for multiple institutions. Finding up-to-date literature specifically applicable to the
quantification of operational risk for insurers, however, is a challenge. While there are papers
directed at insurers, they are far fewer than those directed at banks. Furthermore, some of the
papers for insurers are now dated given the continued advancements in economic capital
modelling, Solvency II, and the activities of the International Association of Insurance
Supervisors (IAIS).
The following table provides examples of different modelling approaches for operational risk
that would be warranted in varied industries, differentiating events by frequency and severity.
14
4-8
Low Claims processing, ATM Transport Meter reading

severity/high data errors, failures service errors
premium collection
Medium Fraud, regulatory Online Environmental Environmental

severity/medium compliance failure security contamination contamination
frequency breach,
fraud,
regulatory
compliance
failure

frequency

Current Research
failed people, processes, and systems, as well as from external events that adversely affect the
organization, one can identify the following aspects that are common to all industries:
1. The business model drives the relative importance of people, processes, and systems
and their influence on operational risk events.
2. Since tail events are often nonlinear and have interdependencies, mean and variance
techniques tend to be very unstable. A useful way to address these constraints is to
specify the following three major categories of inputs and outcomes:
3. Inputs

technology; and
c. Risk culture.
4-9
4. Outcomes
Distinguish if the primary goal is to manage operational risk or to quantify the risk with a
goal to translate the quantification into a capital charge.15 Then later evaluate which tools are
necessary to manage or assess operational risk incorporating both quantitative and qualitative
considerations.
The management and governance of behaviours need to be a primary focus to reduce/mitigate

the consequences of operational risk events.
There are evolving techniques for measurement of operational risk, but it is often a difficult
task to determine an appropriate level of operational risk capital for insurers. Because
insurance events are financially driven processes, operational risk may best be addressed (in
some circumstances) through the tools already in place for mis-selling, pricing, or reserving.
The CRO Forum stated16 that the measurement of operational risk is not about finding the exact
truth; it is about finding a reasonable numerical assessment with the aim to support the quality
of (risk) management decisions.
16
CRO Forum, Principles of Operational Risk Management and Measurement, September 2014, p. 3.
4-10
In Quantifying Regulatory Capital for Operational Risk, Embrechts et al. state: The
accuracy in predicting future loss values depends on the volume and quality of the observed
historical data.17 The reliability of any operational risk modelling exercise is strictly
connected with the actual quality of the overall data (internal or external data), which is
generally an unknown. As a result, the appropriate model calibration in the data-poor
environment of operational risk is one of the most significant and persistent challenges for
insurers. Without sufficient data, models to quantify operational risk cannot be calibrated
adequately.
I. Data Sources
institution and can be used for the primary quantification methods used to determine required
capital for operational risk. One of the reasons that internal loss data are often used as a
foundation for the AMA is that internal data are considered to be the most objective risk
indicator currently available reflecting the unique risk profile of the specific financial
institution.19 The challenges in securing sufficient internal data and the need to evaluate the
exposure to potentially severe tail events are among the reasons why Basel II requires banks to
supplement their own data with further sources (including both external data and scenario
analysis) to determine their operational risk capital charge.
External data refer to operational risk losses that have occurred in other organizations. External
data may be obtained from a third-party vendor or from a data consortium such as ORIC for
insurers or ORX for banks. Aue and Kalkbrener explain that external loss data can be used to
supplement an internal loss data set, to modify parameters derived from the internal loss data,
and to improve the quality and credibility of scenarios. External data can also be used to
18
When first moving from the BIA or SA to the AMA, a bank is allowed to use three years of internal loss data.
19
4-11
validate the results obtained from internal data or for benchmarking.20 However, it is not
necessarily clear whether operational risk data from one company (e.g., an insurer) is relevant
for the business of another company (whether another insurer or a reinsurer).
Lastly, beyond pure quantitative data (e.g., costs, frequency), the capturing and understanding
of qualitative information are critical. Qualitative information describes the causal drivers of
operational risk and interdependencies with other risks and circumstances. This is a
particularly crucial aspect for insurers.
II. Data Quality
One of the greatest impediments to modelling operational risk is the lack of a sufficient volume
of high-quality, accurate databoth internal and external data. There are numerous factors
contributing to the challenges with data. First, for some insurers, historical operational risk loss
data have only been recorded and aggregated for a relatively short period of time. Historically,
data on losses arising from events that are categorized as operational risk loss events were not
required. Furthermore, the costs of collecting such data were deemed to outweigh the benefits.
In LDA at Work, Aue and Kalkbrener discuss two inherent weaknesses of internal loss data
when used as a foundation for operational risk exposure measurement:
Loss data is not available in sufficient quantities in any financial institution to permit
a reasonable assessment of exposure, particularly in terms of assessing the risk of
extreme losses.21
Data on operational risk need to be comprehensive. For this purpose, a framework needs to be
set up and applied as data are recorded and gathered. Data standards need to be homogeneous
and uniform over time and across sources of operational risk (e.g., what constitutes a loss, how
a loss figure is derived), consistent over time, and complete (e.g., which loss elements are
included and which are excluded).
One key aspect to be considered is the issue of potential double counting; losses should not be
registered more than once.
20 Ibid.: 11.
21
4-12
III. Data Relevance
business written, organizational structure, etc., the losses arising from operational risk events at
one insurer may have little relevance for another insurer. While internal data may be
considered to be the most appropriate (but also likely most scarce), external data will only be
valuable to the extent it is relevant for the business and the processes of the insurer concerned.
The Milliman white paper states In general, operational risks are characterized by underlying
drivers, which tend to adapt and change over time. This makes it problematic to use a classical
statistical approach, as data can rapidly cease to relate to the risk.22 Changes in processes may
reduce or even eliminate the possibility that particular past losses would occur in the future, or
that losses that happened in the past would recur in the future but with a significantly different
severity.
exposed to the potential for inconsistencies in the identification, categorization, and reporting
of losses. Inconsistencies may exist from department to department or business line to business
line within an insurer as well as from one insurer to another. Inconsistencies present challenges
when the internal data are aggregated within an insurer or when internal data are combined
with external data. Such inconsistencies could influence the statistical analysis of operational
risk losses, particularly given the limited volume of data possessed by most insurers.
The basic question remains whether the data should be used to monitor and improve the control
system that limits this risk or to quantify a capital requirement. Doing the former is inconsistent
with the latter, as any data uncovering a material risk generally leads to actions that make the
data unusable for quantifying the future risk.
22
N. Cantle, D. Clark, J. Kent, and H. Verheugen, A Brief Overview of Current Approaches to Operational Risk
under Solvency II, Milliman white paper, July 2012: 2:
http://uk.milliman.com/uploadedFiles/insight/life-published/pdfs/current-approaches-operational-risk.pdf.
4-13
A comprehensive assessment of operational risk requires an amalgamation of a qualitative and

a quantitative approach. While the qualitative aspect addresses primarily the manage part of
weights to the quantitative and qualitative approaches. Operational risk events for
high-frequency/low-severity events can be captured and modelled, but those tail events that are
low frequency/high severity are where a qualitative scaling assessment can be most effective.
three primary quantitative methods that are found in the literature for both banks and insurers.
The Milliman paper also describes each of these methods in detail.
The use of frequency-severity analysis is well documented in actuarial literature for general
insurance. Within the context of Basel II, frequency-severity analysis is referred to as the LDA.
Dutta and Babbel note that given the similarity of operational losses to property/casualty
losses, the measurement approach predominantly follows the loss distribution approach
(LDA), which actuaries use for pricing property/casualty insurance.23
... a parametric technique that consists in separately estimating a frequency distribution

for the occurrence of operational losses and a severity distribution for the economic
impact of individual losses. In order to obtain the total distribution of operational
losses, these two distributions are then combined through n-convolution of the severity
distribution with itself, where n is a random variable that follows the frequency
distribution.24
23. K. K. Dutta and D. F. Babbel, Scenario Analysis in the Measurement of Operational Risk Capital: A Change
of Measure Approach, Journal of Risk and Insurance, June 2014.
24
A. Chapelle, Y. Crama, G. Hbner, and J.-P. Peters, Practical Methods for Measuring and Managing
Operational Risk in the Financial Sector: A Clinical Study, ScienceDirect, Journal of Banking & Finance
32 (2008) 10491061, 1 October 2007: s.5:
http://finance.flemingeurope.com/webdata/3118/JBF-Chapelle-etal2008.pdf.
4-14
As discussed in Dutta and Perry, LDA implementation needs thorough exploratory work to be
done before deciding on a model.25
For banks complying with the requirements of the AMA under Basel II, the LDA would
include:
Homogeneous categories of internal observations to derive univariate distributions

of operational losses for each type of loss event;
Integration of external loss data to refine the shape of the distribution tail at its
extreme; and

The basic principle of a frequency-severity analysis is to generate the number of losses and the
average value (i.e., severity) of each loss using separate and distinct statistical models. Model
parameters are derived by fitting historical data to a variety of distributions using the input of
experts or a combination of data and expert input.
B. Causal modelling and Bayesian estimation techniques (including the use of key risk
indicators)
A Bayesian network (BN) is described by by Alexander as a statistical model that relates the
marginal distributions of causal factors, or attributes of a risk, to its multivariate
distribution the Milliman paper as a visual description (formally, a directed acyclical graph)
of the relationships between causes and effects. BNs use Bayes theorem to compute the
probabilities in the model26. The CIA paper explains that BNs have been used for decades in
numerous applications including medical expert systems, transportation, failure diagnosis,
pattern matching, chemical processing, speech recognition, infrastructure, environmental
modelling, and legal and evidential reasoning. The use of BNs within financial institutions and
insurance in particular, has not been as pervasive as in other industries27.
25 Dutta, K.K. and Perry, J., A tale of tails: An empirical analysis of loss distribution models for
estimating operational risk capital, Working Paper Series, Federal Reserve Bank of Boston,
No. 06-13, July 2006 C. Alexander, Chapter 14: Managing Operational Risk with Bayesian
Networks, Operational Risk: Regulation, Analysis, and Management, 2003: S.14.2:
http://fic.wharton.upenn.edu/fic/papers/12/12-15.pdf.
26 Milliman, Operational Risk Modelling Framework, February 2013, p38.
27 CIA Research Paper on Operational Risk, November 2014, p66.
4-15
BNs are also described as an elegant solution to the modelling of operational risk that
combines both qualitative and quantitative information to arrive at a loss estimate. BNs can be
particularly useful for modelling operational risk categories with little or no loss data (internal
or external).
Unlike the frequency-severity approach, BNs are causal networks and thus valuable for
analyzing the causes that contribute to operational risk. The CIA paper states that BN's can be
particularly useful for modeling ORCs with little or no loss data (internal or external).
However, the paper also indicates that Some European banks have experimented with using
BN for operational risk capital quantification without patent success. It is unclear whether the
issues encountered by the banking sector will translate to the insurance sector. As such, further
research will be required by the insurance industry to determine the applicability of BN for the
quantification of operational risk capital.28
According to Dr. Eric Rosengren, scenario analyses are used by banks for three primary
purposes: stress testing, creating synthetic losses (when there is insufficient internal loss data),
and generating severity functions for the frequency-severity approach.29 As noted previously,
historical data are not always a good predictor for future states of the world, in particular if
processes surrounding operational risk events have changed significantly. Historical data may
also be incomplete (especially for very low-frequency events with extreme dollar impacts).
Thus, scenario analysis is a technique that is often used to describe and quantify the tail of the
distribution. A scenario describes a consistent future state of the world over time, resulting
from a plausible and possibly adverse set of events or sequences of events.30 31 Scenarios can
be relatively simple and one-dimensional or very complex (e.g., a shock event triggers a series
of causal, consecutive, cascading events). In addition, a scenario could be immediate with a
28 Ibid.: P.66 and 79.
29
E. Rosengren, executive vice president, Federal Reserve Bank of Boston, 19 July 2006 presentation titled
30
For a comprehensive discussion of scenarios and scenario analysis refer to Stress Testing and Scenario
Analysis, International Actuarial Association (IAA), July 2013:
31
For how to integrate a scenarios in estimating operational risk refer to K. K. Dutta and D. F. Babbel, Scenario
Analysis in the Measurement of Operational Risk Capital: A Change of Measure Approach, Journal of Risk
and Insurance, June 2014.
4-16
short duration (e.g., earthquake), while other scenarios, typically complex scenarios, can
develop over longer time periods (e.g., the financial crisis of 20072008). To better describe
unobserved events for the purpose of quantitative modelling of operational risk, synthetic
scenarios would typically be used. 32 Synthetic scenarios describe hypothetical conditions that
have not been observed and that can thus be more easily tailored to a specific situation of
interest. These hypothetical conditions might occur but have not been observedfor instance,

The current data sources for operational losses are rather thin; thus, it is imperative that risk
assessments for operational risks take into account the risk management processes to support
this risk. The quality and maturity of an insurers risk management processes have a material
influence on the severity and frequency of potential losses arising from operational risk events.
Yet, a credible measurement approach that is free from moral hazard is needed to evaluate the
effectiveness of management.
challenge:
32
K. K. Dutta and D. F. Babbel, Scenario Analysis in the Measurement of Operational Risk Capital: A Change of
Measure Approach, Journal of Risk and Insurance, June 2014.
4-17
As part of the CISSA, the Bermuda Monetary Authority (BMA) relies on the Commercial
Insurer Risk Assessment (CIRA33) for the assessment of the operational risks of an insurer.
This self-assessment is split into three components: corporate governance, risk management
function, and risk management process (identification, measurement, response, and
monitoring/reporting) for eight operational risk categories.
The processes are checked whether they are at stage 1 (ad hoc), 2, 3, or 4 (implemented,
well documented, standardized and reviewed annually) as described in CIRA. They are then
allocated scores (from 50 to 200) depending on their quality. The final score of the complete
assessment is turned into a capital charge: the more mature the risk management system, the
more points are obtained from the self-assessment, and the lower the operational risk charge
becomes.
The maximum operational risk charge of CIRA corresponds to 10 percent of the required
capital for the other quantifiable risks (e.g., underwriting, market, and credit). After a threshold
of points has been reached in the self-assessment, the operational risk charge decreases.
This self-assessment allows an undertaking to quantify the operational risks, which can also be
validated by the other approaches mentioned above. In addition to the calculation of required
capital, the self-assessment provides a direct link to the risk management process, which
satisfies the so-called use-test of regulatory requirements. The self-assessment allows
undertakings to easily identify the areas of the risk management system that need
improvements, and, from there on, priorities can be set. It also provides incentives to improve
the control process and reduce operational risk.
This approach starts with a qualitative approach that is then transformed into a quantitative
figure.
33
Commercial Insurer Risk Assessment, BMA, Guidance Note #17, November 2008.
4-18
In February 2015, the China Insurance Regulatory Commission introduced C-ROSS.34

C-ROSS reflects realities of the emerging markets. C-ROSS uses qualitative regulatory tools to
assess operational risk. Operational risk is categorized in Pillar II. A capital charge is included
for operational risk and other Pillar II risks (strategic, reputational, and liquidity risks) via a
factor applied to the quantifiable risks capital charge in Pillar I. This factor is assessed on a
company basis and based on the regulator evaluation of the risk management capabilities of
the insurers. That evaluation results in a score between 0 and 100. For scores below 80, the
factor (and the resulting Pillar II charge) is positive; for scores above 80, the factor is negative
(resulting in a reduction in the overall capital requirement), with no Pillar II charge for a score
of 80. As a result, C-ROSS incentivizes insurers to adopt and maintain good risk management.
SST35 does not include a capital charge for operational risk. It states that at the current time, no
quantitative consideration of operational risks is generally required in the SST unless an
insurance company were to be expressly requested by Swiss Financial Market Supervisory
Authority (FINMA) to do this for serious reasons. Operational risks are to be appropriately
taken into account in risk management.
III. Conclusions
To summarize, key reasons why many insurers are not yet modelling operational risk include:
The lack of credible data due to the relatively short time span for which historical operational
risk loss data have been collected;
34 China Insurance Regulatory Commission, China Risk Oriented Solvency System Conceptual Framework,
March 2014.
35
FINMA, Swiss Solvency Test, Circular 2008/44 SST.
4-19
Cost-benefit issues that result in questions about the value of internal models given
their significant implementation costs.
adding an operational risk charge based on past losses (or the lack thereof) could have no effect
on reducing future risk. A pro-cyclical process could be created whereby the absence of
operational risk event losses leads to no required capital; when an event occurs, not only does
the insurer need to fund the event, it must also raise funds for a possible future operational risk
event even though the circumstances that generated the event have likely changed.
Section, and chair of the Reinsurance Subcommittee of the IAA. He was a substantial
contributor until his untimely death.
Germany, including reserving for property and casualty business, internal audit, operational
and qualitative risk management, and risk reporting. She can be reached at
Japan. He is also vice-chair of the Insurance Regulation Committee of the IAA. Toshihiro can
be reached at Toshihiro_kawano@aegonsonylife.co.jp.
4-20
____________________
CHAPTER AMENDMENT(S):
Section 5 Assessment of Operational Risk, subsection I Quantitative Approaches of this

chapter was amended on 18 March 2016. The description now uses a recent definition of the
Bayesian-Network and related explanations, and some footnotes were amended to make
footnotes 23 and 29 (new 31) refer to the same paper.
4-21
IAA Risk Book
Chapter 5 - Catastrophe Risk
Karen Clark
Vijay Manghnani
Hsiu-Mei Chang
Catastrophe risk has become an increasing focus for those involved in risk management largely
due to recent major earthquakes and windstorms in various parts of the world. This chapter, after
a brief introduction, discusses how the risk of such events is generally quantified and the issues
associated with such quantification. Key observations/findings from the chapter include:
1. Catastrophes result in a sudden and mass destruction of property, lives, environment,
and/or the economy.
2. Catastrophes can be natural or man-made (e.g., terrorism)
3. The frequency and severity of catastrophe losses have been increasing over past
several decades primarily due to increasing concentrations of population and property
in geographical areas prone to disasters.
4. Catastrophes impact society first, and insurers only to the extent that the damages are
insured.
5. Due to their infrequent nature, analysis of past losses cant sufficiently measure
catastrophe risk so many insurers use catastrophe models to estimate potential losses.
6. Catastrophe models are based on four primary components event catalogs, intensity
formulas, damage functions and a financial module.
7. Model uncertainty is unavoidable, and is impacted by both data issues (related to
quality and availability) and political issues (influencing how events will unfold in
times of stress). This is in addition to the uncertainty related to random events.
8. Model development and usage is evolving, including a trend towards open models (as
opposed to closed proprietary models) and their use for scenario analysis.
9. Catastrophe models are part of the risk management process both in terms of
pricing/underwriting and in terms of solvency/capital management.
on 31 August 2015.
2. Introduction
Catastrophes refer to certain adverse events whose occurrence result in a sudden and mass
destruction of property, lives, environment, and/or economy. Catastrophes can be caused by
natural or man-made events. An adverse event will not rise to the level of a catastrophe or
disaster if it occurs in an area without a vulnerable population. Catastrophe risk is highest where
significant potential for adverse events coincides with population and building density.
According to the statistics published in the International Emergency Disasters Databasei, the
frequency, duration and magnitude of disasters have increased since 1975 ii. Increasing
population density and higher concentrations of property values in areas prone to disasters is
leading to increased chances of mega-losses from natural and man-made events. According to a
2015 World Bank study of East Asia, in the decade 2000 to 2010, for urban areas with more than
100,000 people, population density increased from 5,400 to 5,800 per square kilometeriii.
Coastal property values in the US have increased fourfold between 1988 and 2014 according to
studies of population and property value growthiv.
The risk arising from catastrophes can severely impact an individual insurers solvency position
if not properly managed. Effective catastrophe risk management requires a comprehensive
approach to identifying, assessing, transferring, and mitigating the risk and large loss potential.
This chapter provides an overview of the types of catastrophes faced by the global insurance
industry and discusses how companies estimate and manage catastrophe risk. (While this chapter
is written at a particular point in time, our understanding of catastrophes and the tools used to
quantify and manage catastrophe risk continue to evolve.)
3. Causes and Risk Implications of Catastrophes

I. Causes of Catastrophes
Broadly, catastrophes can be categorized into two typesnatural catastrophes and man-
made catastrophes. A natural catastrophe is a major adverse impact from either weather or
geological related events. Examples of weather related events include tropical cyclones1,
floods, tornadoes, hailstorms, wildfires, and blizzards. Geological events include
earthquakes, tsunamis, volcanic eruptions, mudslides and avalanches. Natural catastrophes
are relatively well understood by the scientific community but difficult to predict and
impossible to prevent.
According to the most recent report by Intergovernmental Panel on Climate Change
(IPCC), demographic changes are the main cause of increasing losses over the past few
decades and not climate change. Catastrophe losses have grown and will likely continue to
grow steadily over time, primarily due to increasing concentrations of people and property
values in hazardous regions.
1
This term is meant to include hurricanes, typhoons and cyclones all the same phenomena but with different
names based on where they occur.
5-2
Man-made catastrophes refer to incidental or deliberate human actions such as aviation
accidents, act of terrorism, cyber-attacks, civil unrest, wars, nuclear power plant
explosions, and oil/chemical spills. These events can cause great damages to property and
lives because malicious man-made events often target large cities and high-profile
landmarks such as international airports and civilian government facilities.
II. Risk Implications of Catastrophes
While there is wide variation from year to year, annual global catastrophe losses regularly
exceed $100 billion and can top $400 billion in one year according to statistics published
by Swiss Re and Munich Re. Total economic losses from a major event will typically
include damaged infrastructure, lost jobs, disruption to services, and other costs not
covered by insurance policies. Additionally, insurance policies in many countries exclude
or limit coverage for certain types of perils that are considered uninsurable due to their
very infrequent but severe nature and because of that the inability to credibly price the
coverage. However, insurers will still be impacted by the indirect costs of uninsured risks
resulting from infrastructure damage, disruptions to supply-chains, etc.2
There is wide variation between countries with respect to how catastrophe losses are
funded. Governmental policies can influence how much of these losses are pre-funded
through mechanisms such as insurance versus post-funded through taxation, borrowing,
and international disaster assistance.
Insurance can be provided by governments or the private market. For example, in New
Zealand and California, earthquake insurance is provided through both the private market
and government-sponsored entities. In New Zealand, earthquake insurance for households
is compulsory while in California it is not. Where coverage is voluntary, there is the
concept of take-up rates that indicate the percentage of policyholders purchasing certain
coverages. For example, the earthquake insurance take-up rates in California can range
between 10 and 30 percent depending on the length of time since the last major event.
Private market insurance and risk-based pricing are generally thought to be the most
efficient ways to fund catastrophe losses. Immediately after an event, insurers can begin to
adjust and settle claims so policyholders can start rebuilding homes and businesses. It will
typically take several months, and possibly years, for all of the claims to be identified and
paid by the insurance industry depending on the size of the event leading to a relatively
long payout pattern. Risk-based pricing also encourages mitigation activities that can help
societies become more resilient to future events.
Since 1975 natural and man-made catastrophe losses have hit the insurance industry very
hard and resulted in insolvencies of small and large insurersv. According to a 2013 A.M.
Bests Special Reportvi, annual insured catastrophe losses ranged from 2% to 14% of US
Property/Casualty (P/C) insurance companies surplus during the period of 1969 2012
with two peaksone in 1992 following Hurricane Andrew and the other in 2005 after
2
Some also label pandemics as catastrophes. This paper instead focuses on those with a physical basis and not a
biological basis. This paper also acknowledges emerging concerns with the risk of solar flares, but does not attempt
to address that hazard at this time.
5-3
Hurricane Katrina. In the same report, it indicates that catastrophe losses are among the top
four causes for P/C insurance sectors financial impairments, accounting for 7.1% of
failures.
According to the A.M. Best report, between 1969 and 2012 a total of 53 US-based
property/casualty Insurance companies became impaired as a result of catastrophe losses
and 11 became insolvent from one eventHurricane Andrew. While private insurance
covers only a fraction of total global economic losses, private insurers collectively pay out
between $50 and $100 billion each year based on current economic conditions.
4. Estimating Losses from Catastrophes

Catastrophes are infrequent events in specific geographical regions which means there is a
paucity of data for loss estimation. Standard actuarial approaches using historical claims and
loss data to project future losses are not appropriate for most types of catastrophes. Because of
the sparse historical data any approach will be characterized by significant uncertainty, so its
prudent for insurance companies to use a variety of methods to identify the types of events that
could result in large losses and to estimate the magnitude of those losses.
One method that can be used even if there is no data on past events is to add up total insured
values in specific regions exposed to severe events and apply factors representing the
percentages of total values that could be lost in one event or an aggregation of events over some
time periodusually a year. Total insured values3 obviously represent the upper bound of loss
potential.
Scenario testing is another method used to estimate the losses from specific events. For example,
Lloyds of London has developed a set of Realistic Disaster Scenarios (RDS) and requires
syndicates to report on their loss estimates from these scenarios each year. Many companies
employ scenarios as part of their Enterprise Risk Management (ERM) framework.
Catastrophe models provide a robust structured approach for estimating a wide range of possible
future scenario losses along with their associated probabilities. Because the catastrophe models
provide full probability distributions, they are suitable for many types of actuarial analyses. Loss
estimates produced from catastrophe models can be deterministic for a specific event (e.g.,
Hurricane Katrina, a magnitude 8.0 earthquake in San Francisco) or probabilistic from a catalog
of hypothetical events.
The first catastrophe models were developed in the late 1980s to assess the risk from hurricanes,
earthquakes, and other natural hazards. The adoption of the models by the insurance industry
accelerated after Hurricane Andrew in 1992 and the Northridge Earthquake in 1994. Models for
man-made catastrophes, such as terrorism, were constructed after the World Trade Center
disaster.
I. Key Components of Catastrophe Models
For all types of catastrophes and for all peril regions, the models have the same four
primary components as shown in Figure 1 below.
3
After adjustment for possible replacement cost guarantees
5-4
Figure 1. Catastrophe Model Components
Model
Description
Component
Defines event parameters including frequency and

Event Catalog
physical severity by geographical region
Intensity Estimates the intensity experienced at each location

Formulas in the area affected by each event
Estimates the damages to building, contents, and

Damage
time element exposures (may also estimate
Functions
casualties)
Financial Applies insurance policy conditions and reinsurance

Module terms to estimate insured losses
A. Event Catalog
The event catalog includes the important parameters defining the characteristics
of each simulated event, such as location, severity, and size. For tropical cyclones
the event catalog includes landfall point, peak wind speed, and radius of
maximum winds while for earthquakes it includes epicenter, depth, and
magnitude. For terrorist attacks, the event catalog could include location, type and
size of bomb,.
For each event in the catalog, there is a rate of occurrence that is estimated using
statistical analysis of historical information if there is enough data (tropical
cyclones, other windstorms) or by scientific studies and expert opinion where
there is less data (earthquakes, terrorist attacks). The catalogs typically include a
large sample of events generated by Monte Carlo simulation or stratified sampling
techniques.
The event catalog is extremely important because it defines the frequency and
physical severity of events by geographic region. The reliability of the catalog
varies considerably across peril regions depending on the quality and quantity of
historical data and the scientific understanding of the hazard. For example, in
California and Japan, there have been a number of significant earthquakes and the
nature of the faulting is generally understood by scientists (although there are
many unknowns with respect to the magnitudes and locations of future events).
Even less is known about intra-plate regions, such as the central US and
Australia.
5-5
B. Intensity Formulas
For each event in the catalog, the models estimate the intensity at each affected
location using the event parameters discussed above, site information, and
scientific formulas developed by the wider scientific community. While scientists
have collected and analyzed intensity data from past events to develop these
formulas, the amount and quality of the intensity data varies significantly across
perils and regions.
For example, tropical cyclone intensity is defined by wind speed and scientists
have developed well established formulas for hurricane wind speeds over water.
When a storm makes landfall however, wind speeds start to dissipate because the
hurricane loses its source of energy and due to frictional effects from the rougher
terrain. Because there are relatively few reliable over land wind speed
measurements for historical events, a degree of judgment goes into estimating
hurricane intensity over land.
For earthquakes, intensity is defined by ground motion and is estimated using
attenuation equations developed by scientists around the world. Because there is
not an abundance of observed ground motion data for past events, historically,
earthquake intensity has been inferred from the damage using the Modified
Mercalli Intensity (MMI) scale.
A further complication with earthquakes is that the ground motion experienced at
a location will be influenced by the nature of the rock and soil the energy waves
pass through before getting to that locationthese complexities cannot be reliably
modeled. A simplifying approach of applying factors based on local soil
conditions is typically used where detailed soil data is available. Secondary
hazards such as liquefaction and fire following earthquakes might also be
considered by the model.
While the likely frequency and severity of future man-made catastrophes is highly
uncertain, there is a wealth of information on the impacts of terrorist attacks,
particularly attacks using conventional types of weapons.
C. Damage Functions
The model damage functions estimate for different intensity levels the damages
that will be experienced by different types of exposures. For property exposures,
the damage functions will consider the building construction type, occupancy, and
other characteristics depending on the peril.
The damage functions are expressed as the ratio of the repair costs (as a result of
the damage) to the building replacement value. Because the nature of actual
damage is spotty, for any given wind speed and mean damage ratio, different
properties will experience different levels of damagepotentially ranging from 0
to 100 percent.
5-6
This uncertainty is typically called secondary uncertainty and includes the
uncertainty in the intensity and damage calculations. In the catastrophe modeling
terminology, primary uncertainty refers to uncertainty with respect to the events
themselves.
D. Financial Module
After the building, contents, and time element ground up losses are calculated,
the secondary uncertainty distributions are used to estimate the insured losses
accounting for policy terms and conditions. Policy terms include loss triggers,
deductibles by coverage, aggregate deductibles, total and sub limits, coinsurance,
attachment points, and applicable reinsurance terms. This model component is
essentially the same across all peril regions (except for accounting for country and
peril-specific policy conditions).
To construct the first three model components for a specific peril region, e.g. US
hurricane, Turkey earthquake, data and information is collected from external
entities such as government bodies and scientific organizations. The models are,
for the most part, based on the same information collected, published, and
maintained by the wider scientific communitymodel differences result from
how the data is interpreted and analyzed to develop the many model assumptions.
II. Model Input
Exposure inventory is the key input in the catastrophe models. The most basic information
is the replacement value for building, contents and time element coverages. Ideally, this
information would be provided for each insured property by geo-coded location. In reality,
the resolution and quality of the exposure data varies by peril region.
For US perils, most companies can provide this level of detail to the models along with
other building characteristics such as construction, occupancy and year built. The more
detailed the information on the structure and contents, the more reliable the model loss
estimates will be. In other regions, the data may be total insured values (TIVs), aggregated
by CRESTA (Catastrophe Risk Evaluation and Standardizing Target Accumulations) zone
and line of business (residential, commercial, industrial). For example, in France, insurers
typically collect data on the number of rooms rather than TIVs, and the data are aggregated
by CRESTA zone.
Exposure data quality is an important issue in the quantification of catastrophe risk.
Because most types of catastrophes impact localized areas, detailed knowledge of where
exposures are located and the replacement values of those exposures are critical for
credible loss estimates. For example, for properties exposed to storm surge flooding, its
important to know how far the properties are from the coast. In seismic regions, the risk
depends heavily on how close the exposed properties are to active faults.
Regulators should inquire about the geographical resolution of the exposure data and
whether its exact latitude-longitude coordinates, postal code centroids, or aggregates by
CRESTA Zones. They should also know how building, contents, and time element values
are being determined. The nature and extent of other building characteristics contained in
5-7
the exposure data files would be an indication of the emphasis placed on exposure data
quality.
III. Model Output
The primary catastrophe model output is the exceedance probability (EP) curve that shows
the probabilities of a portfolio of exposures exceeding losses of different amounts. The
catastrophe models typically generate two types of EP curvesthe annual occurrence
distribution (OEP) and the annual aggregate distribution (AEP). The OEP gives the
probabilities of losses from the maximum occurrence in a year, and the AEP gives the
probabilities of total annual losses from multiple events in a year.
For very low frequency, high severity events, such as earthquakes, the curves will be very
similar and typically converge in the tail. For more frequent events, such as tornado
outbreaks, the AEP losses can be significantly higher than the OEP losses at all probability
levels. The AEP losses will also be higher than the OEP losses for geographically
diversified portfolios versus more concentrated books of business.
There are different techniques for estimating the AEP distribution. Generally, it is more
challenging to estimate and less robust than the OEP distribution. Theoretically, average
annual losses (AALs) should be calculated from the AEP.
Figure 2 Illustrative Exceedance Probability (EP) Curve
Insurers and regulators have been relying on point estimates from this curve for risk
management purposes. For example, in the US, insurers use the points on the curve where
the estimated probabilities of loss exceedance are .01 and .004, popularly known as the 1 in
100 and 1 in 250 year losses, respectively. These points are also referred to as the 100 and
250 year Probable Maximum Losses (PMLs). In Europe, the .005 point estimate is used
more heavily.
The catastrophe models can generate the EP curves and the AALs at any level of
resolution, bearing in mind that as the resolution increases, so does the uncertainty.
Because the EP curve is a complete probability distribution, it is useful for many types of
actuarial analyses, including pricing.
5-8
IV. Model Uncertainty
As Figure 2 illustrates theres significant uncertainty surrounding the EP curves. The EP
curves are better thought of as fuzzy areas versus lines. Apart from the model
uncertainty, theres uncertainty in the exposure data input, with respect to the claims
handling practices of individual insurers, and due to other factors external to the model
such as political pressures after a major event. In large loss events, there can also be
material and labor supply shortages causing the costs of repair to be higher than the
replacement values of properties pre-event. This is typically referred to as demand
surge.
Model uncertainty stems from lack of high quality data in sufficient quantities to credibly
estimate all of the model assumptions. Catastrophe models are constructed from historical
data on past events, and for peril regions where events are infrequent there will be less
reliable data and higher uncertainty. Even in geographical areas with more recent events,
there is typically not a comprehensive network of highly calibrated instrumentation
required to collect high resolution data.
The source and relative reliability of the data underlying the scientific and engineering
model components are illustrated in Table 1 below. Green shading indicates a relative
abundance of data and red indicates the leastyellow is in between. (Note that even for
the green shaded area there is generally significant uncertainty, given the difficulty of
obtaining useful data for extreme return periods, such as 1-in-250 years, especially if the
climate or other factors are changing over time.)
Table 1 Data Supporting the Catastrophe Model Components
Event catalogs Intensity formulas Damage functions
In most regions of the Based on established For a few regions, such as

world, based on historical meteorological formulas Florida and the Gulf states,
data collected and developed over the past historical loss and claims
maintained by government several decades by data has been made
organizations, such as the government organizations available to the modelers by
National Hurricane Center and the wider research insurance companies, and
and the Japan community. Formulas are this data can be used to fine-
Meteorological Agency. well-documented in the tune the damage functions.
The modeling companies scientific literature. Expert However, because there are
rely on these databases and judgment is applied for thousands of damage
apply some expert judgment some aspects of hurricane functions reflecting
for assumptions on the intensity such as varying different occupancies,
Tropical cyclones
characteristics of future terrain impacts on overland construction and building

events in regions where the winds. Land use data is characteristics, most of the
historical data are sparse. maintained by and available functions are based on
through government expert judgment.
agencies.
5-9
Event catalogs Intensity formulas Damage functions
Historical data on New generation attenuation There is limited claims data

earthquakes is collected and (NGA) equations have been available to the modelers for
maintained by government developed by a global construction of the
organizations such as the consortium of earthquake earthquake damage
US Geological Survey and experts using data on functions. The global
European-Mediterranean significant earthquakes earthquake community
Seismological Centre. around the world, and these compiles information and
These organizations also form the bases of the periodically publishes
sponsor research such as ground motion formulas in studies of building and
paleo seismicity studies to the catastrophe models. contents vulnerability to
supplement the historical Generally, soil data is ground motion. Limited,
record. Catastrophe inferred from geological full scale, shake table tests
modelers use this data and data except in major urban and sophisticated
other information, such as areas where more detailed engineering analyses are
Earthquakes
hazard maps and scientific studies have been available, but this model
reports, as the bases for the conducted. component is still heavily
earthquake event catalogs. reliant on expert judgment.
There are many types of The shock waves and Because attacks using
terrorist attacks and tens of pressure impacts of various conventional weapons such
thousands of potential types of bomb blasts are as bomb blasts and aviation
targets for which there are well studied and understood incidents are localized
little or no data for even though the density and events, and the damage is
estimating the likelihood of complexity of an urban often complete, the model
future events. Given that setting can distort the damage functions are
terrorists want to intimidate resulting intensity pattern. straightforward. Much more
by surprise, past data may The intensity footprints of judgment goes into the
not be a reliable guide for chemical, biological, construction of damage
future events. The models radiological, and nuclear functions for chemical,
rely heavily on the (CBRN) attacks are much biological, radiological, and
judgment of larger and more difficult to nuclear (i.e., CBRN)
Terrorist Attacks
counterterrorism specialists project reliably, but these incidents.

from the FBI, CIA and other impacts have been studied
government bodies. and tools have been
developed to estimate the
effects.
5 - 10
Because of the paucity of data underlying the model components for many peril regions,
model assumptions rely in large part on expert opinion and judgment. Model variability
and volatility frequently arise from differing scientific opinions and perspectives.
The complexity and the infrequent nature of the natural hazards being represented by
catastrophe models implies that the models will always contain a significant amount of
uncertainty. This uncertainty is both aleatory (inherent process uncertainty) and epistemic
(introduced by the incomplete knowledge of the process parameters and/or the proper
model structure4). In theory, aleatory uncertainty is impossible to reduce due to the
stochastic nature of the process and in a well designed model it is suitably represented by
the probabilistic distribution of loss from a single model.
Estimation of epistemic uncertainty requires use of multiple models built using different
parameterizations of the natural hazard process. Many insurance companies are moving
towards the use of multiple catastrophe models (or multiple representations of the same
catastrophe model enabled by newer, open loss models) to better manage the model risk
arising from epistemic uncertainty. Various approaches have been devised to combine
(blend) the output from these models to derive a more robust view of risk.
The models do not anticipate all sources of loss from an event and parameter risk cannot be
accurately quantified. Typically they do not, but if the models do produce confidence
bands around the EP curves, these will not be all-inclusive or robust. They may reflect
process risk and/or the uncertainty around the losses for individual events.
V. Model Usage
While the models are useful tools to quantify the nature and uncertainty of catastrophe risk,
it is important to recognize that they are often constrained in their ability to fully capture
all the varied aspects of the hazard and its consequences - they reflect the model
developer's inherent assumptions and scientific judgment. The onus is on the model user to
determine if the model is fit for purpose; to use only credible models and adapt them to
their specific business with appropriate settings.
If the model representation is fairly adequate but with certain gaps, then, to the extent
possible, the model user may apply appropriate adjustments to the model output. If model
adjustments are not possible due to the nature of the gap or the lack of
transparency/flexibility in the model, the model gaps may need to be documented and
accounted for separately. In some instances, addressing the gaps may necessitate
significant amount of model development in itself because non-modeled gaps can be fairly
material.
For instance, tsunami losses are not explicitly modeled in the earthquake models for many
regions, nor are losses from inland floods triggered by tropical cyclones. In a similar vein,
the model may not represent certain exposures, such as out-buildings in residential
4
For example, studies of some past hurricanes and floods have identified the level of soil saturation from previous
rains as a factor in the extent of the hazard intensity or damage. This generally is not modeled currently (perhaps
due to practical difficulties in doing so).
5 - 11
exposures, contingent business insurance in commercial exposure, and potential loss to
infrastructure assets.
There may also be residual market pools or other societal mechanisms to provide insurance
policies to otherwise uninsured risks. To the extent these mechanisms are funded by
assessments on the insurance industry, they may lead to otherwise non-modeled exposures.
Of course, such gaps are model dependent and models continue to evolve to address some
of these gaps. The model user may use underwriting insight, industry, and internal claims
experience to calibrate and supplement the models.
The closed proprietary nature of the traditional catastrophe models makes it difficult to
assess whether the portfolio risk is driven by the hazard (frequency, physical severity, and
intensity of the events) or vulnerability component of the model. Often, decision makers
are interested in such underlying detail to devise optimal risk management strategies. There
are various other risk measures that allow risk managers to assess the risk in more intuitive
ways.
One such approach is to track the portfolio risk for certain events, such as the Realistic
Disaster Scenarios developed by Lloyds as discussed earlier. Many companies might
complement probabilistic risk measures derived from the model EP curves with the
development of their own internal catalogue of disaster scenarios to monitor accumulations
and manage risk appetite. The uncertainty surrounding catastrophe risk, and its low
frequency high severity nature, necessitates multiple approaches to estimating losses to
help inform and arm decision makers.
VI. The Future Evolution of Catastrophe Models
Catastrophe models have made significant strides since the late 1980s and they will
continue to evolve as actual events occur, scientific discoveries are incorporated,
technology advances and new data is analyzed as well as when there is expansion to cover
more perils and exposed regions. However, the models will never be complete or accurate
so the onus will remain on the model user to fully understand, validate, and refine the
model assumptions as appropriate.
Because catastrophe model development requires scientific, engineering and computer
programming expertise not usually found within insurance companies, most insurers have
been licensing catastrophe models from third party vendors. The proprietary nature of the
third party models makes it difficult for insurers to ascertain which assumptions are driving
the model loss estimates. Model updates add to the volatility of loss estimates, and its
very challenging and time consuming for insurers to determine whats causing the changes.
Open Models - The future evolution will be to more open models that allow for a greater
ownership of risk as well as better appreciation of the inherent uncertainty in catastrophe
risk. Open models are transparent enabling insurers to more fully understand the model
assumptions and how different scientific opinions impact their losses. Open models enable
users to test their portfolio losses against different sets of assumptions to clearly evaluate
model sensitivities and key drivers of their loss estimates.
5 - 12
New Risk Metrics - Future evolution will also be in the area of facilitating new and
intuitive risk metrics that give decision makers more insight into their large loss potential.
While the EP curve metrics are informative, they do not provide decision-makers with all
of the risk information they need, and they can be misleading. For example, the 100 year
PML can be misinterpreted as the 100 year event loss which can give a false sense of
security. The largest losses incurred from the 100 year events will likely be much greater
than the 100 year PML from the model-generated EP curve.
The new Characteristic Event (CE) approach in which the probabilities are based on the
hazard versus the loss provides additional and more intuitive information for risk
management purposes. It gives decision makers their losses from the 100 year (and other
return period) eventsinformation many may have thought they already had. The chart
below shows the loss estimates for the 100 year event at different locations for a
hypothetical company. The 100 year PML is the point on the EP curve that represents a
one percent chance the company will have a greater loss; the 100 year CEs show how
much greater and where the larger losses are likely to be.
Figure 3 Example Characteristic Event (CE) Chart
The CEs help a company identify potential solvency-impairing exposure concentrations

information not provided by the EP curve metrics. The CEs are operational metrics that
can be used to monitor and manage risk over time.
5. Catastrophe Risk Management

The first step in effective catastrophe risk management is to recognize the uncertainty inherent in
estimating catastrophe losses and to utilize multiple approaches and risk metrics to gain as much
insight as possible into large loss potential. Then insurers can determine if theyre overly
exposed to specific events and decide how to underwrite and price the risk and how much to
transfer to the reinsurance and financial markets.
5 - 13
I. Underwriting and Pricing
For many insurance coverages, underwriting rules and rates (prices) are based on the
expected losses, also called the average annual losses (AALs) to an insurance policy. A
proportion of the standard deviation around the expected losses can also be applied.
For example, in the US, actuaries often use model-generated AALs by postal code to
develop hurricane catastrophe loads for homeowners rating territories. The California
Earthquake Authority (CEA) uses model-generated AALs to determine earthquake rates by
territory. While it is less common outside the US to utilize the models for ratemaking,
some global companies use AALs by location and policy to underwrite and price
individual accounts. At this high resolution, however, and for specific types of risks, the
traditional model output has the least credibility and is highly volatile.
Because of the nature of catastrophes and the skewed, thick-tailed loss distributions,
insurers have moved from using expected losses and standard deviation metrics to
catastrophe pricing approaches that factor in the capital consumed by different peril
regions and even specific contracts. This is typically called marginal impact pricing
because its based on the additional capital required to write the new policy, line of
business, etc. Rather using the PML, a VaR measure, insurers are moving to metrics
capturing more of the EP curve such as TVaR, or tail-value-at risk for their marginal
impact decisions.
Apart from pricing considerations, it is also common for underwriters to manage the
catastrophe risk in high hazard and accumulation zones by offering restrictive policy terms
and conditions such as, sublimits, exclusions and higher deductibles, or by focusing on
those building types/locations that are less susceptible to catastrophe losses5. Risk
metrics, such as CEs, enable companies to see where they have exposure concentrations
that need to be reduced.
II. Enterprise Risk Management and Transfer
For solvency and risk transfer purposes, insurance companies, rating agencies and
regulators in the US, have come to rely most heavily on the .01 and .004 loss exceedance
probabilitiesthe so called 100 and 250 year probable maximum losses (PMLs),
respectively. These numbers are used to set capital requirements, determine how much
reinsurance to buy, and for formal risk tolerance statements, but theres a growing
awareness of the danger in relying on point estimates from the EP curves.
To reduce the over-reliance on one point of an EP curve, companies are leveraging other
more robust tail risk measures, such as Conditional Tail Exceedance (CTE, also known, as
TVaR) or an Excess Annual Average Loss (XSAAL). The CTE or TVaR, represent the
loss amount conditional on the loss exceeding a certain threshold (perhaps, at a certain
exceedance probability) and XSAAL represents the (unconditional) average value of loss
exceeding a certain threshold. Unlike the PML, both of these measures take into account
the thickness of the tail, are not overly dependent on one point on the distribution, and they
5
For example, analyses of recent hurricanes and floods in the US have shown that it is possible in some cases to
prevent or minimize susceptibility to damage through the use of certain building practices.
5 - 14
have attractive coherent properties (such as, subadditivity), which make them attractive to
risk aggregators and portfolio managers. (As a caution, however, such values are based on
the most uncertain and hence least reliably estimable sections of the loss exceedance
curve.)
Risk transfer is a key exposure accumulation management strategy for insurers in their
quest to limit net aggregate risk to their balance sheet or earnings. Due to the high demand
and supplier interest, over the years, many different risk transfer approaches have evolved.
Risks can be transferred at various levels, at a single location or account or at a business
unit or a corporate aggregate portfolio. The risk can be assumed by reinsurers, retro-
cessionaries and institutional investors6. The modes of risk transfer might include
indemnity based or parametric/index based cessions or a hybrid of both.
The underwriting and pricing of risk transfer options fully leverages catastrophe model
outputs, which are used to assess the expected loss in the contract, the marginal capital
impact and the relative cost of that capital, in addition to corporate risk appetite
considerations. Some firms may also use risk transfer to mitigate inherent model risk.
___________
Karen Clark, is President and CEO of Karen Clark & Company and a leading authority on
catastrophe risk assessment and management. Ms. Clark developed the first hurricane model and
founded the first catastrophe modeling company, Applied Insurance Research (AIR) which
subsequently became AIR Worldwide after acquisition by Insurance Services Office. Ms. Clark
has spent over 25 years working closely with scientists, engineers and other experts to develop
the most advanced catastrophe models, and she continues to lead the development of new risk
metrics and software applications that are used globally as sophisticated tools for catastrophe risk
assessment and management. Ms. Clark holds an MA in Economics and an MBA from Boston
University. She can be reached at KClark@karenclarkandco.com
Vijay Manghnani, PhD, FCAS, CCRA is the Exposure and Analytics Officer and Head of the
AIG Cat Management and Analytics Center of Excellence. In this role, he is responsible for
implementing state of the art science and analytics into the underwriting and risk management
strategy. His focus includes quantification of emerging risks, catastrophe risk management,
predictive modeling and portfolio optimization. He recently served as the Chair of the North
American Actuaries Climate Change Committee, which is charged with quantifying the risk of
climate change for the insurance industry. Vijay holds a Ph.D. in Meteorology from North
Carolina State University. Vijay may be reached at Vijay.Manghnani@aig.com
Ms. Hsiu-Mei Chang, MAAA, FCAS is currently a Risk Director at AIG Model Risk
Management Group (MRMG) leading the model validation and various model risk management
functions of property/casualty actuarial models. Before joining AIG, she had more than 25 years
of experience in providing Insurance / Risk solutions in various capacities for many global
(re)insurance, consulting, and auditing firms.. She holds an M.S. degree in Statistics from
University of Kentucky.
6
See Chapter 6 - Non-Proportional Insurance for more details.
5 - 15
i
The International Emergency Disasters Database http://datahub.io/dataset/emdat
ii
2013 Global Assessment Report on International Disasters Reduction
http://www.preventionweb.net/english/hyogo/gar/2013/en/gar-pdf/GAR2013_EN.pdf
iii
East Asias Changing Landscape: Measuring a Decade of Spatial Growth, World Bank 2015
iv
Coastal Exposure and Community Protection: Hurricane Andrews Legacy, Insurance Institute for Property
Loss Reduction and Insurance Research Council, April 1995 and The Coastline at Risk: 2013 Update to the
Estimated Value of US Coastal Properties, AIR Worldwide Report, 2013
v
Swiss Re 2000, Mills et al. 2001
vi
A.M. Bests Impairment Review June 24, 2013 http://www.reuters.com/article/2013/06/25/nj-am-best-
idUSnBw256092a+100+BSW20130625
5 - 16
IAA Risk Book
Chapter 6 Non-proportional Reinsurance
Michael Eves
Alexander Fritsch
Eberhard Mller
Reinsurance is a powerful risk mitigating tool for insurance undertakings, particularly
nonproportional reinsurance, which allows insurance companies to transfer significant parts of tail
risksbe it for single losses or for entire portfoliosto reinsurers at a given price. Reinsurers
typically have the ability to diversify risks worldwide (e.g., for natural catastrophes) and between
different lines of business (e.g., property and casualty (P&C)). This allows a very efficient use of
capital, which forms the basis for creating significant capital relief for reinsurance buyers. In turn
the credit risk and liquidity risk associated with the outstanding reinsurance have to be considered.
The key messages include:
1. Nonproportional reinsurance is a very powerful tool in spreading risk and diversifying
risk.
2. Nonproportional reinsurance is used extensively in P&C reinsurance but is less common
for life and health insurance where proportional reinsurance continues to dominate.
3. In addition to risk and capital considerations, nonproportional reinsurance is used
extensively to reduce the potential volatility of a company's quarterly or yearly earnings.
4. The risk assessment and the pricing of nonproportional reinsurance products are reliant
upon having good meaningful data. This contributes to the overall improvement of data
quality, especially for smaller insurers.
5. As regulatory capital regimes become more risk based it is likely that nonproportional
reinsurance solutions will become more common across all lines of business.
6. Nonproportional reinsurance structures, and reinsurance in general, carry a risk in respect
of a failure of the reinsurer. This risk needs to be carried in the capital requirements.
2. Introduction
Reinsurance is a powerful risk management tool for insurance undertakings (cedants). It allows an
insurer to transfer significant parts of risk to third parties (reinsurers) for a set premium. The main
purpose for many cedants is to obtain capital relief, while reinsurers effectively manage capital
through worldwide diversification. This is especially true for nonproportional reinsurance, as it
allows the cedant to substitute substantial (expensive) amounts of its capital with lower (cheaper)
capital of reinsurers as they are able to turn worldwide diversification effects into capital credit. In
this sense reinsurers do nothing other than apply the principle of insurance for insurance
undertakings in the same way as insurance undertakings provide the principle of insurance for
their clients.
8 September 2015.
It needs to be noted that by transferring risk to a reinsurer the cedant takes on counterparty credit
risk and additional liquidity risk in the event of the failure of the reinsurer. In general this is a much
lower risk than the risk placed with the reinsurer, particularly if the reinsurer is highly rated.
Cedants will often try to reduce this risk by placing their reinsurance with several reinsurers and
will normally also maintain counterparty credit limits for individual exposures to a single reinsurer.
3. Which Kinds of Reinsurance Are Normally Considered?

I. Facultative vs. Treaty.
Facultative reinsurance typically is purchased for large single risks like oil platforms or major
construction sites for a defined operating or construction period, while treaty reinsurance
typically covers entire portfolios (usually for one year). As the processes of assessing and
handling risks are quite different it is common for facultative reinsurance to be managed by
dedicated facultative departments within professional reinsurers. For life insurance,
facultative reinsurance may cover lives with specialized medical conditions. Treaty
reinsurance is normally organized by geographical regions and/or lines of business.
II. Proportional vs. Nonproportional.
Proportional reinsurance typically shares the fortunes between cedants and reinsurers in a
proportional mannerbe it on given single exposures by slices (surplus treaties) or for
entire portfolios (quota share treaties). Premiums and losses are shared by the agreed ratio,
adjusted by a compensation for cedants for their business generation and administration
expenses (reinsurance commission).
Nonproportional reinsurance transfers losses beyond a certain threshold (retention) from
cedants to reinsurers, be it for single losses (per risk excess of loss), events (catastrophe
excess of loss), entire portfolios over a given period (aggregate excess of loss, stop loss), or a
combination thereof.
Prices for nonproportional reinsurance are agreed upon between cedants and reinsurers. This
can be done through direct negotiations or through (reinsurance) brokers. It is usual that
comprehensive informationon current exposures as well as on loss historywill be made
available to reinsurers to allow for an assessment of the risk profile of the exposures reinsured.
III. Short-Tail vs. Long-Tail.
Depending on the run-off behaviour of losses there is a distinction between business segments
where the ultimate size of losses (e.g., property lines) is known quite quickly and lines where
the knowledge about loss occurrences as well as the final determination of loss amounts may
not be known until years or even decades after the treaty period (e.g., liability lines).
For nonproportional reinsurance treaties it is usual for cedants to notify the reinsurer of
underlying losses only if they are estimated to exceed the contractual notification level (e.g.,
half of the attachment point). This leaves the burden to reinsurers to estimate the amount of
incurred but not reported losses (IBNR) for reserving purposes. Deriving this amount and
consequently the ultimate expected loss ratio is a crucial task of reinsurers. Failing here can
lead to run-off losses, which, if significant, will impact future earnings and solvency.
Consequently there is a considerable capital charge for uncertainty in respect of the reserve
estimates that create much income volatility over time. An approach that can be used to
reduce this uncertainty is to agree on claims made rather than loss occurrence policies, as
6-2
claims made means that only claims notified in a given period are covered while loss
occurrence policies cover losses when they occureven far in the future. This can also be
used on the primary insurance level orindependent from the primary structurefor the
reinsurance treaty only.
An example that demonstrates this effect is medical malpractice coverage: The cause of a
medical condition or injury that requires future treatment may be an action that takes place
today (e.g., leaving a knife in the body after a surgery). Symptoms may become evident 10
years from now, triggering a first treatment. This treatment may turn out to be ineffective after
further 10 years and may then trigger a legal case. This legal case then may take another
decade until the final settlement. The time from the action that caused the problem to the final
settlement can take 30 years! Therefore it is helpful for both parties to limit the notification
period to a given year within a claims made policy and to provide prior acts coverageif
necessaryat separately calculated prices.
IV. Direct vs. Brokered.
Sometimes reinsurance is differentiated between direct business (business relation between
cedant and reinsurer without an intermediary) and brokered business. For brokered business
usually the broker provides all the services surrounding a treaty, such as supplying the data for
risk assessments, comparing the offers, setting the terms, wording the treaties, allocating the
shares, collecting and distributing premiums and losses, and trying to solve disputes.
The charge for these services is usually a percentage of the premium. While for proportional
treaties with their comparably higher premium volume and lower administration requirements
the charge is usually about 11.5 percent, it can be quite significant for nonproportional
treaties reaching 1015 percent. This charge therefore constitutes a material part of the pricing
considerations.
4. Types of Nonproportional Reinsurance

I. Why Nonproportional Reinsurance.
Proportional reinsurance has only two major adjustment factors: the sharing ratio and the
commission. In all other aspects the reinsurer usually follows the fortune of the cedant. In
contrast, nonproportional reinsurance allows for tailor-made solutions fitted to the targeted
risk profile of cedants as close and as flexible as possible. This applies not only to the
technical structure of the treaty (including reinstatements of coverage after loss events) but
also to the set of conditions surrounding the treaty, including event definitions (e.g., hourly
clauses for storm events), inclusions/exclusions, and cash loss provisions.
II. Excess of Loss Reinsurance.
Excess of loss (XL) reinsurance transfers losses beyond a certain threshold (retention) from
cedants to reinsurers. This can be done for single losses, events, or a combination thereof.
Typically losses are covered up to a certain limit. Various limits can be staggered (layers of
coverage). Cedants may cede all the losses in a layer or retain certain percentages of given
layers. Reinsurers may demand that the cedant retain a portion of the layer so that the cedant
retains the incentive not to overpay claims once losses reach the ceded layer. Unlimited covers
are possible but uncommon.
6-3
A. Per Risk XL
Example: Showing retention, limit, and uncovered top for two layers for three losses.
Figure 1: Example Per Risk XL
B. Catastrophe XL
Example: Showing retention, limit, and uncovered top for one event.
Figure 2: Example Catastrophe XL
C. Aggregate XL, Stop Loss

Regardless of the physical reasons for losses, entire portfolios can be reinsured beyond a
certain threshold. For stop-loss treaties, retention and limit are typically expressed in
(annual) loss ratio terms for the covered portfolio (example for a stop-loss cover: 20
percent excess of 110 percent loss ratio).
D. Life vs. Nonlife
While in principle the same kinds of nonproportional reinsurance are available for life
and health reinsurance, it is currently far more important for nonlife reinsurance,
especially for natural catastrophes. The most common form of life reinsurance has
traditionally been on a proportional basis, although surplus reinsurance, which in some
respects is similar to nonproportional reinsurance as defined for P&C business, has also
been used.
6-4
Nonproportional life reinsurance is typically placed on a per life basis over a fixed sum
assured, e.g., all risks are reinsured over 50,000 sum assured for each individual life.
Nonproportional reinsurance for life business is more common on a small group of lives
or in respect of a catastrophe event where there is an accumulation of potential risk. An
example would be a group life scheme where the cedant is concerned about a single event
that could impact several or many lives within the same group scheme. Other forms
include stop-loss reinsurance and coverage for a period of payments in excess of a
retained periodfor example, for disability income or long-term care insurance coverage.
As solvency regimes become more risk based, cedants will be looking to reinsure their
peak (tail) risks that are consuming a lot of capital. For mortality the main threat to
solvency is often from a pandemic event, and it is likely that nonproportional reinsurance
structures will grow in this area. Now the capital markets are developing nonproportional
types of covers aimed at protecting certain levels of excess mortality. Mass lapse risk is
also another area where nonproportional-type reinsurance structures are developing.
5. Pricing of Nonproportional Reinsurance

I. Experience-Based Methods.
The loss experience for a given layer forms the basis for pricing. The most common method,
the burning cost" method, calculates the proportion of observed ground-up losses that
would have created a loss for the considered layer. Of course it is essential that the historic
losses are transformed into the current treaty period to allow for loss inflation and especially
superimposed inflation. The latter relates to loss increases due to trends beyond inflation, e.g.,
for medical malpractice claims because of the improvement of medical treatment, changes in
the legal environment, or social inflation. Other relevant trends must also be reflected, and
in some cases this could result in decreasing historic losses due, for example, to tort reform
for liability claims or effective loss prevention measures like sprinkler devices. On balance
trends are generally increasing historic losses.
The annualized amount of (updated) losses divided by the annual premium forms the so-
called burning cost ratio. Expressed as a percentage of the limit this is the so-called net
rate on line (ROL). Risk margins (e.g., for using the cost of capital method), expense
margins, and brokerage (for business through brokers) will be added to arrive at the gross
ROL.
For low net ROLs (i.e., for less frequent events), the uncertainty and therefore also the
amount of capital bound to back this uncertainty are increasing. The consequence is that for
very infrequent eventse.g., return periods of 100 years (1 percent net ROL)the risk
margin may be a multiple of the expected value of losses and therefore the most significant
part of the premium.
Example: Consider the following historical losses (fgu = from ground up) shown in the table
below, a nonproportional reinsurance layer 1000xs1000 (free reinstatementssee paragraph c
below for further discussion of reinstatements) and the corresponding losses to that layer.
6-5
Loss to Layer
Year Incurred Loss (fgu) (1000xs1000)
2005 1,500 500

2005 1,200 200
2006 2,400 1,000
2008 900 0
2008 600 0
2008 1,100 100
2009 3,500 1,000
2010 1,900 900
2010 1,300 300
2010 1,800 800
2010 900 0
2011 700 0
2013 1,800 800
2013 1,700 700
2014 1,600 600
To calculate the burning cost of that layer, the total premium is divided by the total losses to
the layer. The table below shows the annual premium (paid by the policyholders to the cedant)
as well as the annual total losses to the layer.
Year Premium Losses to Layer

2005 9,500 700
2006 10,000 1,000
2007 10,000 0
2008 11,000 100
2009 10,500 1,000
2010 11,000 2,000
2011 12,000 0
2012 13,000 0
2013 11,500 1,500
2014 12,500 600
Totals 111,000 6,900
Net Rate 6.22%
Eventually, a net rate is derived for the reinsurance premium of 6.22 percent. Note that this
example is simplified to illustrate the basic working of the burning cost calculation. In
practice, consideration is given to aspects such as inflation, reinstatement premiums, original
rate changes, indexation clauses, or trends that are only partly treated above.
6-6
Through various types of profit commission arrangements, i.e., the sharing of part of the
profit of a reinsurance treaty with the cedant, a reinsurer can try to provide a further incentive
for a cedant to ensure effective underwriting and loss management. As profit commissions
transfer at least some parts of the volatility back to the cedant they may decrease the related
risk margin. A similar effect may be achieved if the cedant retains a certain percentage of a
ceded layer for its own account.
II. Exposure-Based Methods.
For treaties with insufficient loss experience (e.g., high layers, rare natural catastrophes, and
fast-changing exposures) and also as second opinions for experience-based rated treaties, it
has become common to simulate ground-up losses several thousand times and to calculate the
necessary ROL for a given layer by means of so-called probabilistic loss exceedance curves.
The first applications of respective natural catastrophe simulation models date back to the late
eighties. Currently there are three major providers of worldwide vendor modelsApplied
Insurance Research (AIR), Risk Management Solutions (RMS), and EQECAT. The major
reinsurers also have their own models for some catastrophe risks. All of these models consist
of three parts: simulations of natural catastrophes, calculation/simulation of damages caused
by the respective catastrophes, and calculation/simulation of the insured losses following the
damages.
Catastrophe model output is quite dependent on the quality of the input data, which can easily
reach the terabyte range for large insurance undertakings. Ensuring the accuracy of the input
data is therefore crucial for this kind of exposure pricing.
The advantage of this kind of probabilistic outcome is that it not only shows the expected
value of losses (the so-called net risk premium) but also the full probability curve of results.
That allows the calculation of various types of risk margins. This starts with simple treaty-
related charges, e.g., expressed as percentages of the standard deviation ormore
commonlyconverting this into the respective percentages of the net risk premium, the so-
called multiplier. For infrequent events, e.g., in the 1 percent range (1 in 100 years), this can
easily reach multipliers of four, i.e., the risk charge is three times the net risk premium.
More advanced techniques compare the capital requirements for a portfolio without a
respective treaty with the portfolio including this particular treaty and determine the risk
margin by means of the expenses for serving the additional (marginal) capital. For practical
purposes it is common to combine both techniques.
III. Reinstatements.
Especially for natural catastrophe XLs, it is usual to agree upon how many limits are available
in a given year and how reimbursements (reinstatement premiums) for reinstating limits after
loss events are calculated (pro rata capita, pro rata temporis, or a combination thereof). Of
course these reinstatement premiums are due immediately after triggering events occur and
usually will be offset against the loss payments.
When trying to assess the net situation after certain events it is therefore necessary to fully
reflect the impact of reinstatement premiums.
For reinsurers this usually has two opposite effects: Reinstatement premiums received from
cedants after events will mitigate their net position while reinstatement premiums they have to
pay for their own protections (retrocessions) will add to the losses.
6-7
6. Effects of Nonproportional Reinsurance
I. Volatility Reduction.
Depending on the limit and layer structure, a massive volatility reduction (not only for the
portfolio in question but for the entire risk profile of the cedant) is possible, as
nonproportional reinsurance typically transfers major tail risks of loss distributions from
cedants to reinsurers (e.g., for natural catastrophes).
Figure 3: Volatility reduction by nonproportional reinsurance

II. Diversification Improvement.
While only a few insurance undertakings are really globally active it is the core value
proposition of reinsurers that they carry out their business worldwide. This allows the
utilisation of powerful diversification effects worldwidee.g., for natural catastrophes: US
windstorm events with Japanese earthquakes, Californian earthquakes with European
windstorms and floods, Australian brushfire with Canadian blizzards. All perils on all
continents are diversifying each other, even if it is sometimes not perfect (e.g., if certain
global trends like global warming are gradually affecting all global meteorological perils the
same way).
This can be illustrated in the following example:
Assume two independent catastrophe risks have to withstand the 1-in-200-year situation (i.e.,
Solvency II standard).
6-8
Figure 4: Worldwide diversification
III. Improvement of Risk/Return Relations.
Let us consider again the example in section A. The gross distribution shows a higher
expected underwriting result than the net distribution. However, the tail is less severe for the
net distribution due to nonproportional reinsurance. Hence, the net distribution has a lower
volatility. To compare the two respective risk/return relations, one can look at the so-called
return on risk adjusted capital (RORAC), which is significantly higher with the reinsurance
cover than without (at the 0.5 percent value at risk (VaR)). The following ideal example is
of course abstracting from further considerations like validity of the VaR approach, model risk,
and market behaviour.
Gross Net
Mean Underwriting Result 24,996 16,270
0.5%-Percentile -50,235 -15,000
RORAC 49.8% 108.5%
In this case the reduction in required capital far outweighs the reduction in expected profit.
IV. Capacity Increase.
Assume a regional primary insurer can write property risks up to a 100-year loss of US$50
million. When the company reaches this level, it has to stop writing risks although the forgone
business might be very profitable. A nonproportional reinsurance cover in excess of US$50
million would enable the company to write further business without being limited to its 100-
year net retention.
Assume another primary insurer can take single risks up to a total sum insured of US$1
million. Its limited capacity leads to rejection of risks above that threshold. This circumstance
results in a limited ability of the insurer to further diversify its portfolio (e.g., geographically
or by line of business) by writing more risks. Nonproportional reinsurance attaching at US$1
million would allow the insurer to enhance its diversification as the company gets access to
more risks. It is beneficial for the insurer if it can steer its overall risk profile with a maximum
degree of flexibility.
Hence, nonproportional reinsurance can serve as a means to increase an insurers capacity.
6-9
V. Qualitative Effects.
Data requirements for risk assessment (for complex natural catastrophe treaties in the terabyte
range) foster the establishment of information technology (IT) systems and processes and
their continuous improvement to avoid unnecessary charges for insufficient data (especially
for smaller insurers).
7. Capital Effects of Nonproportional Reinsurance

I. Substantial Decrease of Insurance Risk Capital.
Under Solvency II, reinsurance can be taken into account when calculating the Solvency
Capital Requirement (SCR) provided that credit risk and other risks arising from the use of
such techniques are properly reflected in the Solvency Capital Requirement (Directive
2009/138/EC Article 101 (5)). In this section we will consider the impact of nonproportional
reinsurance on the SCR and will further describe the corresponding credit risk in the
following section.
In general, the SCR calculation is divided into modules as shown in Figure 5:
Figure 5: SCR composition according to Solvency II specifications

The capital requirements on lower levels are aggregated on the basis of correlation
assumptions.
Nonproportional reinsurance can significantly reduce the SCR for nonlife catastrophe risk.
The premium risk SCR can also be decreased by nonproportional reinsurance for life-related
risks (especially catastrophe risks) if appropriate covers exist. Theoretically the following
holds: the higher the volume of reinsurance and the higher the weight of the covered risk
module, the higher the effect of reinsurance on the total SCR. On the other hand it should be
6 - 10
noted that overreliance on reinsurance also can lead to an increased insolvency risk as recent
studies show.
II. Potential Increase of Insurance Risk Capital.
As explained above, Solvency II allows an insurer to take reinsurance into account as well as
charging for the credit risk of the reinsurance at the same time. However, the risk mitigating
effect of reinsurance is generally much greater than the increase of risk capital by credit risk,
although the actual effect depends on the credit quality of the reinsurer.
The credit risk mainly depends on the rating (or other credit metrics if rating is not available)
of the counterparty with which reinsurance is placed. Under Solvency II, the rating impact on
capital is much greater than the effect of diversification of counterparties (i.e., placing
reinsurance with several reinsurers). It should also be noted that the risk charge for a reinsurer
defaulting on its obligations with its cedants is lower than the implied risk of default based on
the credit rating of any debt issued by the reinsurer. (This is particularly so when the debt is
issued by the holding company of the reinsurer and the reinsurer itself is an insurance
regulated entity.)
Many capital models also allow for collateralisation but usually reinsurers try to avoid this as
it usually brings restrictions they would prefer to avoid. There will also be a cost to the cedant
as reinsurers need to charge for any loss of potential income. In theory the credit risk can be
reduced to zero if all reinsurance contracts are fully collateralized. However, the overall effect
may be limited as credit risk for reinsurance is generally small.
III. Solvency Ratio Improvement.
Modern solvency regimes around the world allow for the impact of reinsurance. The solvency
regime until 2015 in EuropeSolvency Itakes nonproportional reinsurance into account
very simplistically and treats proportional and nonproportional reinsurance in the same way.
Reinsurance is only considered to the extent of the respective recoveries in the prior three
years. The maximum relief was capped at 50 percent. Therefore, the effect of reinsurance is
only oriented toward the past and does not depend on its current exposure at all.
The succeeding regimeSolvency IIallows for nonproportional reinsurance much more
explicitly as long as credit risk connected to the reinsurance arrangement is taken into account
appropriately (see section A). The Solvency II framework considers the benefit of reinsurance
not only from the perspective of exposure management, but also in view of a companys
overall capital and risk management. The risk mitigation effect of reinsurance is also reflected
in an increase of own funds due to a lower so-called risk margin being part of the market
value of liabilities (see
Figure 6).
6 - 11
Figure 6: Effects of reinsurance under Solvency II
In the US National Association of Insurance Commissioners (NAIC) P&C risk-based capital
(RBC) formula, introduced in 1994, nonproportional reinsurance is reflected only through the
use of risk factors based on and applied to data by line of insurance net of reinsurance. Any
loss borne by a reinsurer therefore reduces the capital requirement in the first step according
to the applicable factor. A side effect can be achieved by improving diversification between
lines of business: the lower the contribution of the peak line the higher the credit (up to 30
percent if 15 lines have equal size). If peak premiums are reduced by nonproportional
reinsurance this will positively influence the credit for diversification.
At the time this chapter was written, the NAIC was testing a new catastrophe risk charge for
RBC. (The original formula was developed when catastrophe models were still in their
infancy; hence it did not include a separate catastrophe risk charge.) Once this is
implemented, it will directly reflect the risk reduction features in a particular insurers
catastrophe reinsurance program by utilizing each insurers catastrophe model results net of
reinsurance (with a small reduction for the related credit risk).
IV. Rating Impact.
Nonproportional reinsurance also has a positive impact in capital models of most rating
agencies (e.g., Standard & Poors, A.M. Best). This is especially true for nonproportional
catastrophe reinsurance. In general, the capital models distinguish between premium risk
for attritional losses and catastrophe risk for large property losses. Premium risk is
determined by net premium volumes, i.e., the reduction in required capital by nonproportional
reinsurance is only proportional to the amount of ceded premium.
The respective risk factors are determined by using industry data net of reinsurance, therefore
reflecting the industrywide impact also of nonproportional reinsurance. For individual
companies, however, the premium risk models treat proportional and nonproportional
reinsurance in the same way.
The rating agencies catastrophe models look at certain scenarios (e.g., 1/100yr European
Wind) and their net impact on the profit and loss (P&L) (i.e., net after reinsurance and inward
and outward reinstatement premiums) or at a convoluted net 250yr-VaR of the property
portfolio (S&P net gap). In both cases, the actual reinsurance structure can be applied,
which in essence means the full limit of nonproportional reinsurance is taken into account if
6 - 12
applicableand not only the ceded premium. All in all, nonproportional reinsurance can be
tailored to get the most efficient relief also in the context of capital models of rating agencies.
8. Nonproportional Reinsurance and Regulation

I. Business-to-Business Character of Transactions
The supervisory protection needed for direct insurance clients in principle does not apply for
reinsurance relations as both business partners are knowledgeable parties. For this reason
reinsurance in many countries (especially in Europe) was only supervised to a limited extent
until the end of the last century. When applying general supervision principles to reinsurers it
still should be recognized that both partners are informed business professionals with
knowledge about risks. This holds even more for large international undertakings.
II. Powerful Risk Management Tool.
No other instrument allows for the same kind of tailor-made design of a targeted risk position
like nonproportional reinsurance. This starts with micro solutions on a facultative basis,
special protections for certain pieces of business (like lines of business), protection for entire
portfolios, and even protection of the entire operation of an insurer.
III. Importance of Full Recognition.
Because of the risk effectiveness of nonproportional reinsurance it should be fully recognized
in supervisory considerations, especially on capital requirements, if the desire is to most
accurately reflect risk. This holds for both partiesreinsurers and cedants: Any significant
change in the overall risk situation incurred by reinsurance arrangements should be reflected
in the respective capital requirements.
IV. Cash Losses and Collateralization.
For short-tail business (like fire) it is common to have a provision in the contract that in case
of a major loss a certain part of the loss estimate (e.g., 50 percent) can be called upfront by the
cedant as cash loss payable in advance by the reinsurer. For the remaining part of the loss a
loss reserve is established by the reinsurer.
For long-tail business it is unusual to agree upon cash-loss provisions as the loss usually
requires some time to become settled. Here it is important for the reinsurer to establish a
reserve as close to the final settlement as possible.
A possible solution to eliminate the credit risk on outstanding reserves for the cedant is to
require collateral, i.e., a payment guarantee or dedicated assets such as in the form of a trust
fund or a deposit of reserves. These mechanisms provide protection in the case of problems in
receiving payments from the reinsurer. One such very common instrument is a letter of
credit (LoC) provided by a bank in favour of the cedant. The expenses of LoCs usually have
to be borne by reinsurers and can reach substantial amounts, running into many millions over
time. From average annual expenses between 25bps to 40bps LoC expenses have increased to
75bps to 100bps after the financial crisis, making them nearly 10 times more expensive than
trust funds. Typically reinsurers try to avoid these expenses by claiming that their credit risk is
remote and that the usual contractual provisions are sufficient to secure claim payments. In
certain jurisdictions it is required that collaterals are in place for the cedant to get the
respective balance sheet relief. All forms of collateral have associated costs and these form
part of the reinsurance price. In certain jurisdictions the rules for collateral vary between
6 - 13
reinsurance placed with domestic reinsurers and reinsurance placed with reinsurers based
outside of the country, which may lead to political discussions.
V. Systemic Risk Mitigation.
In contrast to widespread views about systemic risk contribution of traditional
(nonproportional) reinsurance, it must be emphasized that the opposite is normally true:
Reinsurers capital typically acts, admittedly to a moderate degree, as a mitigating instrument
for balancing capital market distortions, particularly in the case of major (natural)
catastrophes. This is underlined in research by the Geneva Association.
9. Complementary Risk Mitigation Instruments

I. Industry Loss Warranties.
Industry loss warranties (ILWs) are binary covers that depend on the overall market loss. A
certain limit is paid to the insured when the total market loss reaches a predefined threshold
(e.g., a limit of US$50 million is paid when the market loss of a Californian earthquake
exceeds US$80 billion). Hence, ILWs are quite simple from a structural point of view.
However, they may bear a significant basis risk for the insured compared to a traditional
nonproportional cover if the covered portfolio does not behave like the market (i.e., there
might be a huge loss to the insured, but the market loss has not reached the required
threshold). The index may also be subject to modification or imprecise measurement and
develop over time. It is up to the insured company whether it wants to bear the basis risk in
exchange for potentially cheaper cover.
II. Catastrophe Bonds.
The reinsured exposure under "traditional" nonproportional reinsuranceusually a multiple
of the premium volumestill bears some sort of residual risk: the "credit risk" of the reinsurer,
especially in case of major catastrophes. This is especially true for reinsurers, buying
"retrocessional" protection from fellow reinsurers to protect "peak" exposures in case of very
large catastrophes with "high" return periods (e.g., 100 years).
It is therefore no surprise that a reinsurer in 1994 "invented" so-called "securitizations", where
the entire amount of protected exposure has to be capitalized in advance, preferably as an
investment from capital market participants with limited correlation to natural catastrophes.
The "premium" is regarded as a "return on investment" in case of no losses, whereas the
invested "principal" amount will be lost in case of the respective major loss occurrence.
To facilitate such a construction it is usual to establish a special purpose vehicle (SPV),
domiciled in a suitable environment. A reinsurance treaty will transfer the exposures and the
respective premium into a protected account of the SPV, and in turn investors will invest in
bonds or notes issued by the SPV. To justify the still significant expenses, these types of
investments have historically exceeded US$100 million and are done for more than one year
(usually three to five years). The settlement period can be extended even further in the event
of a catastrophe to allow for the time it takes until losses are fully known and paid.
The performance of those bonds or notes is linked to the loss experience of the respective
exposures, clearly described and modelled in the offering memorandum. It is common
practice to use a third party (e.g., a catastrophe model vendor) to model the probabilistic curve
describing the potential losses and to express the return ("spread") in excess of the risk-free
6 - 14
rate (usually LIBOR) as multiple of the expected losses. The bonds are usually rated for risk
by one or more of the rating agencies in a similar way to corporate bonds or similar
instruments.
In the beginning of this type of business it was possible for investors to achieve four times the
expected losses as "excess return" (e.g., for the 100-year Californian earthquake or Caribbean
hurricane). However, prices meanwhile have come down.
The key for marketability of these products is clear, reliable, and foreseeable modelling. It is
no surprise that this holds for plain vanilla natural catastrophe exposures in prominent
locations like the United States, Europe, and Japan. Meanwhile other short-tail business
(aviation, marine) is sometimes securitized while it is still rare to convince investors to invest
in long-tail exposures (e.g., general liability) where also loss reserve deviations form part of
the risk. Experience shows that investors want resolution of the uncertainty in a finite,
relatively short period (say three to five years).
III. Catastrophe Swaps.
Instead of transforming a catastrophe exposure into a fixed premium, it is possible to
exchange different exposures directly between two parties. This requires a modelled
exchange rate, which is acceptable to both parties. If this can be achievedusually through
the application of accepted natural catastrophe modelstwo undertakings with peak
exposures in different parts of the world can swap, e.g., x units of European windstorm
exposure with y units of Japanese earthquake exposure within a given period.
IV. Other Forms of Securitization.
In addition reinsurers have started to meet several clients requests by offering "collateralized"
protections, where the covered exposure is collateralized by letters of credit or trust funds,
therefore reducing the credit risk for the cedant significantly. As this limits/eliminates the
leverage of the respective capital by the reinsurer, it comes with correspondingly higher prices
compared to traditional reinsurance.
_______________________
Michael Eves, UK qualified actuary, member of SAV, is the group chief actuary of Swiss Re. He is
chairman of the Reinsurance Subcommittee of the International Actuarial Association (IAA). Eves
can be reached at michael_eves@swissre.com.
Alexander Fritsch, Dipl.-Math. oec., MSc, Aktuar DAV, CERA, is senior actuary in Hannover Res
dynamic financial analysis department and can be reached at alexander.fritsch@hannover-re.com.
Eberhard Mller, Dipl. Math., Aktuar DAV, CERA, is chief risk officer and chief actuary of
Hannover Re Group. He is a member of the Reinsurance Subcommittee of the IAA. Mller can be
reached at eberhard.mueller@hannover-re.com.
6 - 15
IAA Risk Book
Chapter 7 - Intra-Group Reinsurance Transactions
2013 Reinsurance Subcommittee of the
Insurance Regulation Committee
Intra-Group Reinsurance Transactions (commonly known as IGRs) are essentially the same as
similar reinsurance transactions between two unconnected regulated legal entities, and much of
the rationale for entering and executing such transactions is identical. They are an important tool
for groups and their subsidiary companies to manage capital efficiency and risk throughout the
group structure.
The transacting legal entities of an IGR ultimately have the same parent company and
shareholder and this gives rise to the need for special considerations. Additionally such
transactions often attract increased scrutiny from regulators and other bodies.
2. Key Messages
1. The rationale for IGR transactions is similar to normal reinsurance transactions, but
the relationship between the two related transacting companies gives rise to special
considerations. In addition, the presence of a third party, namely the Group, who will
exert their own influence, requires that good process and governance is in place.
2. IGRs are useful within a group for managing risk and capital across the entire
organization. IGRs are often used in a group as an alternative to increasing the capital
within a subsidiary company as they can transfer risk to another subsidiary company
where there is surplus capital.
3. The IGR structure depends upon the intended outcome. One aiming to reduce the
overall capital requirement of a ceding legal entity will be different to that seeking to
reduce P&L volatility.
4. These transactions need to be executed as if they are between independent parties.
Each legal entity takes responsibility that any transaction is beneficial from their own
perspective.
5. Conflicts of interest will arise. The individual participants need to recognize potential
conflicts and know to whom are they advising or for whom are they taking a decision.
6. Active negotiation needs to take place and be evident. Transaction pricing should be in
the range of what is observable within the market that each company operates.
7. Where IGRs involve the use of Special Purpose Vehicles (SPVs) or other similar
vehicles then additional considerations may apply.
on 19 August 2015.
3. Background
The note describes the role of Intra-Group Reinsurance Transactions in managing and steering a
(re)insurance group. Intra-Group Reinsurance Transactions, consistent with any reinsurance
transactions between two separate legal entities, impact the level and emergence of profit within
the two entities as well as the strength of the respective two balance sheets. Unless described
otherwise,
the note focusses on issues arising from transactions which cross national regulatory boundaries
rather than transactions between entities within the same national regulatory environment.
IGRs are essentially the same as similar reinsurance transactions between two unconnected
regulated legal entities and much of the rationale for entering and executing such transactions is
identical. However, the situation with IGRs where both legal entities have ultimately the same
parent company and shareholder gives rise to the need for special considerations, which this note
attempts to describe. In particular, the additional scrutiny that may arise from regulators, tax
authorities, rating agencies etc. needs to be considered when setting up the appropriate approval
processes. All these transactions clearly need to be shown to have been carried out for the benefit
of both parties and agreed to by both parties independently.
An alternative form of IGR arrangement arises when a number of companies within a Group
participate in a pooling structure. Whilst much of the same considerations apply here as with a
standard IGR, there are some differences, which are outlined in the relevant sections of this note.
Another form of IGR includes the ceding of risks into a Special Purpose Vehicle (SPV). Usually
SPVs are funded by capital raised from investors outside of the Group, but they can be used to
bring capital from one group member to meet risk in another. In this intragroup context the
considerations are similar to those for an IGR. The presence of the SPV creates an additional
legal entity that needs to meet the local legal, tax and regulatory requirements.
This note only considers Intra-Group "reinsurance transactions" rather than including other types
of intra-group transactions such as "capital transactions" although for solvency and other
purposes both have a role to play. It also excludes fronting arrangements.
4. Purpose of the transaction

There are various potential drivers for reinsurance. Capital requirements and the diversification
of risks are common considerations that motivate reinsurance. In the context of capital, the
ceding company and its shareholders may need to consider the advantages and disadvantages of
a reinsurance transaction as opposed to some other form of capital support. When the ceding
company is a subsidiary of a Group then this decision has also to consider the needs of the
shareholder including the shareholder's willingness or ability to inject capital or provide other
forms of support.
Reinsurance is also used for risk management purposes. Frequently a company will have
sufficient capital to support its volume of business, but the management may consider that they
7-2
are too exposed to certain risks and search to reduce these exposures through reinsurance. This is
often the case when a company is looking to reduce the volatility of its profit and loss account or
it has certain risks within its portfolio, which they would like to reduce. Linked to this, internal
reinsurance is also used to allow the transfer of risks from legal entities licensed to sell insurance
in certain jurisdictions to the legal entities where Groups intend to manage and diversify the said
risks.
An IGR by definition is between two related group companies and this effectively brings in 3
parties to the transaction. Not only do the needs and benefits of the two potentially transacting
companies need to be considered, but also that of the Group as a whole. In most circumstances
Group is normally defined as the ultimate shareholders and who are represented by Corporate
Centre type functions, however it is also possible for Groups to have sub-holding companies or
subsidiary entities who are responsible for managing a number of companies within the
subgroup. The Group corporate centre will normally have their own views on the appropriateness
of any IGRs and in particular, whether they are in line with group strategy and are beneficial to
the Group as a whole. IGRs can take place between any two related companies within a group
structure, ie either horizontally or vertically. It should be noted that a branch office cannot
perform an IGR with its parent company as it is part of the same capital base. Nevertheless a
subsidiary company can carry out an IGR with its parent as both companies will have the own
individual regulated capital requirements to accommodate.
Pooling arrangements and the use of an SPV are variants to this standard IGR and are discussed
separately later in this section.
Every party has its reason for such transactions, below the most common ones:
II. Capital/Solvency
As already mentioned, reinsurance can represent an alternative form of capital, allowing
the company to write a greater volume of business than would otherwise be possible for the
same level of capital. Through reinsurance a ceding company will normally be able to
reduce their capital requirements while improving their solvency ratios or other capital
driven ratios. The driver may not necessarily be regulatory solvency but could be for rating
agency capital adequacy or to meet group internal guidelines. The local subsidiary boards
will normally articulate their own capital management policy and this can also be a reason
for seeking reinsurance.
For the reinsurer, or the assuming company of such a transaction, an IGR could be a good
use of excess capital, particularly if the opportunity to use the capital by writing business
externally is difficult. From a group perspective an IGR for these reasons can be more
efficient and easier to execute than moving capital from one legal entity to another.
III. Risk (from a capital perspective)
Although a company may have sufficient capital for the risks on its balance sheet it could
be an inefficient use of capital if the company has a single or a few peak risks which are
out of balance with the other risks of the company. By reinsuring the peak risks, the ceding
7-3
company may not only reduce its overall capital requirement under certain regulatory
regimes, but gain proportionally more from diversification benefits and hence make more
efficient use of its capital. The released capital can then be used, for example, to increase
business or pay increased dividends. A more balanced portfolio from a risk perspective is
also likely to reduce volatility in the profit and loss account and this could be a further
reason for an IGR.
The assuming company will look at the transaction in a similar way. If they are receiving
risks that are relatively small compared to other risks on their balance sheet, then their own
diversification benefits will probably increase proportionately for their size of business.
From an overall group perspective, capital efficiency will be improved with less capital
tied-up in individual subsidiary companies.
IV. Risk (other perspectives)
Local subsidiary boards, together with local management, will determine the risk appetite
for the local company. This will be based on numerous local factors and will reflect the
local company's views on the desirability of certain risks. For certain risks they may differ
from the larger group risk appetite. Hence, whilst the local company will write certain risks
for group purposes they will reinsure to other group companies such risks in order to keep
within their own risk appetite and risk limits. The group as a whole gains from such
practice as it brings risks into the group that are attractive. At the same time an IGR will be
able to move the risk from a local company that is not so keen on the risk to the one that
wants to write the risk. The group may also use IGRs to bring together similar risks into a
single legal entity in order to be able to better manage the business.
V. P&L Volatility
Subsidiary companies often measure their performance by the amount of profit generated
within the company on a net retained basis. In this case, the potential volatility of the profit
and loss account may be of concern and one way to reduce this volatility is to reinsure part
or all the risks that are the main contributors to the volatility. From an assuming company
and group perspective the volatility may be immaterial, so an IGR allows the full potential
profit to be kept within the group, whilst allowing the subsidiary to reduce the volatility
around its expected results.
VI. Pooling Arrangements
Pooling arrangements are specific agreements within a group, whereby multiple companies
from that group take shares of risks written on identical terms. The legal entities involved
are typically domiciled within a single national jurisdiction and may be operated as if they
were a single entity. Each of the companies involved in such an arrangement will write
their own defined business, but then cede pre-agreed percentage amounts to the other
companies participating within the pool. This allows each company to accept new business
from a wider client base whilst managing the overall risk by ceding a certain proportion of
7-4
their own originated business. This creates diversification benefits and limits exposure on
one risk or several portfolio of risks.
VII. Special Purpose Vehicles (SPVs)
A SPV is often used by groups as a way of ceding risk to the capital markets. Group
companies will cede certain risks via IGRs to the SPV so that the SPV can package them
for onwards risk transfer to investors. This helps both, group companies and the group
itself, to limit its net exposures and is therefore often an efficient way to reduce certain
types of risk. The contractual terms between the Group Company and SPV will be similar
to those found in other types of IGR and the necessary controls and governance should
follow a similar process.
5. Types of transaction
The basic structure of an IGR follows the structure of any external reinsurance transaction. The
actual structure depends on the underlying drivers for the transaction and the most efficient
method of execution. The typical types of reinsurance transactions that are used together with
their primary purpose are now listed.
I. Quota share
This is normally the best method to cede risk across a line of business or across a company
and thereby reduces risk and capital requirements proportional to the amount of business
ceded.
II. Non-proportional including catastrophe covers
Non-proportional including catastrophe covers are used to reduce peak risks by reducing
the overall capital requirements and improving the diversification of the remaining
portfolio. They are particularly useful in reducing volatility in quarterly or annual results.
III. Surplus/Excess share
This is very similar to non-proportional covers whereby the ceding company reinsures an
amount above some predefined per policy attachment point. For example, the ceding
company retains the first $1m of risk on each policy and reinsures the excess. Again this
has the effect of reducing peak risks and P&L volatility.
IV. Stop loss
A stop loss arrangement can be written for a portfolio, a line of business or across the
whole company. From a group perspective giving a stop loss protection to a subsidiary
company could be viewed as an alternative to capital provision. In the event of a severe
loss, the subsidiary company is reimbursed through the stop loss arrangement rather than
through an injection of capital. Hence this type of arrangement can be a very powerful risk
capital instrument.
7-5
V. Adverse development cover
A company may have significant reserve risk within its in-force portfolio that is requiring
significant amounts of regulatory or risk capital to support. An adverse development
reinsurance cover will protect the company from a deterioration of its reserves and reduce
its associated capital needs. This capital can then be redeployed in other areas of the
business. These covers are most common when a company has significant long-tail risks
such as liability, including asbestos or environmental risks, workers compensation or motor
liability.
VI. Facultative risk
This is normally a single risk cover, which can transfer unwanted risks from a ceding
company balance sheet. These are unwanted risks and can be due to size or type of risk.
6. Roles and responsibilities

Although ultimate responsibility rests with the local company management teams and their
respective local boards, there are many parties who should be involved in giving their opinion
before agreeing an IGR. In respect of an IGR between two group companies it is the
responsibility of both sets of boards and managements to look at a potential IGR from their own
company perspective and decide whether such a transaction is in the interests of their local legal
entity. A transaction that is beneficial for the group overall but adverse from a local perspective
should normally be rejected.
Depending upon the type of transaction it is vital that employees with the relevant skills, for
example, financial, risk, actuarial and tax experts are consulted to provide input into the decision
process. These functions need to report on the impact of the transaction from their own
perspective, such that the ultimate decision makers understand the impact on the capital position
of the company, on the overall risk profile of the company, on any implications to reserving and
on the overall tax position. Depending on the structure of the transaction other specialists may
need to be included such as treasury, asset management and underwriting. In addition there will
be times when a company's external auditors and/or local regulator should likewise be consulted.
The corporate center functions of the Group also need to be included in order to provide the
group perspective and inform the group management of any material group implications.
Furthermore, a group function is likely to run the overall IGR process by coordinating the
dialogue between the legal entities and their appointed delegates.
For an IGR structured as an intra-group pooling arrangement, the above comments are generally
applicable but with multiple parties involved. If these are often within the same border, then the
group will take more of a lead role.
An IGR process can give rise to conflicts of interest for the people involved. It is important that
the participants in the process understand for whom they are advising or for whom they are
taking a decision. In particular when IGRs are between two group companies operating in
different regulatory environments, then anyone giving advice or taking decisions should consider
7-6
the IGR either from the perspective of the ceding company, the assuming company or the group
as a whole, in order not to confuse issues between the different parties. In particular individuals
who have an interest in both, the ceding and assuming company, should exclude themselves from
the decision making process.
To make sure that good governance is applied, it is best practice for the group to have an IGR
governance policy, detailing the roles and responsibilities of the various parties and individuals
who would be involved in the process. This policy should contain guidance on how individuals
should deal with actual or potential conflicts of interest.
7. Negotiation process
For many IGRs, particularly those which cross borders with differing regulatory requirements
and tax regimes, the pricing and negotiation should take place based on the arm's length
principle. Both, the ceding and assuming company, should be negotiating the contract as if the
transaction was with a business partner from outside of the group.
From a transfer pricing perspective, it has to be possible to clearly show that the transaction
pricing is within the range of what could be observed within the market in which the company
operates. If there is no market of a similar type transactions, then comparisons against other
measures will need to be carried out and documented. In addition, it should be clear that the
transaction has been entered into for sound business reasons, otherwise the local tax authorities
may disallow any actual or perceived tax treatments.
The actual approach to pricing the transaction and the subsequent negotiation will depend on
how the group delegates pricing methodology and target returns. If the two companies have full
control over pricing then each will use their own respective methodologies to form a view on
what price will meet their respective target return. However, some groups impose consistent
pricing methodology and target returns across the company. Some groups will have group-wide
in-house models to price business. In this case both group companies will look at the potential
deal in a similar way. The latter approach can also mean that many of the underlying
assumptions will be viewed identically in both, the ceding and assuming companies, with the
only differences in respect of expenses, tax and capital assumptions.
Ideally, there should be evidence of active negotiation between the two parties. In most cases,
this will end with an agreement to go ahead with the deal. In other instances the two companies
may remain apart and unable to conclude a deal, most possibly because of price return targets. In
the latter case, the group needs to get involved to see if the gap in price can be bridged, because a
good deal for all parties should not be stopped because of high target returns imposed by the
group. An example is if the group has the policy of a return of x% on economic capital. In this
case the group may need to relax its approach (i.e. reduce the x%) to create the opportunity for
the ceding and assuming companies to be able to bridge the gap in price.
Pooling type arrangements or IGRs carried out within the same regulatory environment may
require less negotiation, although this depends also on the actual tax regime in force in the
7-7
particular environment. For example, depending on the exact structure of a pooling arrangement
there is most likely little negotiation between the differing parties, yet each party's interest will
still be adequately represented because they are inter-connected and the group will play a strong
coordination role.
8. Other points to consider

IGRs are basically transactions between two friendly companies. Therefore it should be possible
to structure the transaction in a way that keeps administration at a minimum. An IGR will add to
the overall costs, so it is in the interests of all parties to keep the additional costs to a minimum.
Contract wordings need as well to be negotiated and agreed. Again, this should be relatively
straightforward due to the relationship between the two parties to the transaction. However,
given the potential long term nature of such business, it is important that both parties have a
contract that protects them in the same way as contracts with external parties would do. There is
always a possibility that over time the group structures change as companies are merged or sold,
which can change an Intra-Group Reinsurance contract from an internal into an external one.
Any impact on accounting should have been considered as part of the approval process. Again,
the accounting should be efficient and not give rise to any excessive burden for either party.
Reserving practices may differ between the ceding company and the assuming company,
particularly when the transaction is cross-border. In addition, reserving for insurance business
may have different requirements to reserving the same business as reinsurance.
Generally, when an IGR is written cross-border, then they will be more complex. Different
regulatory regimes and taxation approaches will need to be considered. Depending on the
structure of the IGR, currency risk could become relevant, although this can normally be reduced
with appropriate asset and liability matching.
In some countries regulatory approval may need to be obtained before an IGR transaction can be
closed. If this is necessary and the transaction has a deadline, time needs to be allowed to get the
regulators comfortable.
One of the issues that may concern regulators is that an IGR, or an increased use of IGRs could
give increased exposure to group risk. Reinsuring across the group means that the ceding
company's on-going solvency becomes more and more dependent on the on-going solvency of
the wider group. The ceding company has basically a concentration risk to another group
company or the group as a whole. There are mechanisms, such as deposit of reserves, collateral
triggers etc. to mitigate or partially mitigate this impact, but the ceding company needs to
consider what happens if the wider group gets into trouble. Even on an on-going basis, additional
capital may be required to cover the risk of group failure and this should be considered as part of
the overall IGR process.
Finally both companies need to be able to carry out the on-going management and monitoring of
any IGR and assess whether it performs the way expected. This analysis needs to be reported to
local management, local boards and the group regularly.
7-8
The use of IGRs increases the interconnectedness between companies within the same group.
Hence it could be regarded that there is increased possibility that a problem in one group
company could also appear in one or more other group companies and thereby increases
systemic risk. The counter point is that the spreading of risk is the primary function of insurance,
which has the effect of lowering the overall level of risk. IGRs themselves do not increase
systemic risk as long as each company has good risk management practices and understands the
different risks on its balance sheet. This includes the exposures they have to other company
failures, either to other group companies through IGRs or to external reinsurers. The group itself
has the responsibility to look at crisis scenarios and consider how risks flow throughout the
group during the failure of a group company.
9. Summary
IGRs are an important tool for groups and their subsidiary companies to manage capital and risk
efficiency throughout the group structure. They are essentially the same as similar transactions
between two independent parties, but the fact that the ceding company and assuming company
are connected requires additional considerations, particularly around the appropriateness and
governance of such transactions.
This paper was originally completed in 2013 by the Reinsurance sub-committee of the Insurance
Regulation Committee of the IAA at the request of the IAIS. It is reproduced as part of the Risk
Book with very minor changes to make it consistent with the structure of the other chapters.
Michael Eves was the chair of the 2013 Reinsurance sub-committee at the time this paper was
produced. He is a UK qualified actuary, member of SAV, is the group chief actuary of Swiss Re.
Eves can be reached at michael_eves@swissre.com.
7-9
IAA Risk Book
Chapter 8Addressing the Consequences of Insurance Groups
Alan Joynes
Ralph Blanchard
Stuart Wason
A group is generally defined as a collection of companies under common ownership and/or
control. The International Association of Insurance Supervisors (IAIS) has adopted the
definition1 that a group is considered to be an insurance group for the purpose of group-wide
supervision if there are two or more entities of which at least one is an insurer and one has
significant influence on the insurer.
Importantly, one entity in the insurance group has significant influence, either directly or
indirectly, over the other entities in the group. This entity may be an insurer or may be a
holding company with no direct business operations other than managing other members in
the group. Regulators refer to this entity as the head of the group.
The continued growth and globalization of insurance and insurance groups have led to
increased regulatory focus on insurance groups. Recognizing the importance of insurance
groups in the insurance market, this chapter identifies major observations about the operation
of such groups.
Key issues relating to insurance groups that arise for some or all of boards, senior
management, financial analysts, actuaries/risk management and supervisors include the
following:
I. For the Management of Insurance Groups
1. There is a need for a group level enterprise risk management (ERM) function
supported by local risk functions.
2. Identification of all the material linkages between members of the insurance group
and their associated risks, including concentration or accumulation of risk
exposures (both direct and indirect), is very important for the risk and capital
management of the group as well as its prudential supervision.
3. Members of the insurance group and its head need to understand the roles,
expectations, and requirements of their respective involved supervisors.
4. The head of the insurance group has ultimate responsibility within the group for
meeting the expectations and requirements of the group-wide supervisor.
1
IAIS Glossary at www.iaisweb.org.
IAA on 8 March 2016
II. For the Supervision/Regulation of Insurance Groups
5. The group-wide supervisor, in cooperation and coordination with involved
supervisors, plays a lead role in effective group-wide supervision, including
addressing any resolvability issues.
6. The cooperation and coordination of all involved supervisors, in carrying out their
roles as local supervisors and as members of the supervisory college, are important
to the effective supervision of the group.
III. For the Actuarial Function
7. Actuaries involved in risk management generally, and control functions
specifically (i.e., those identified by the IAIS in Insurance Core Principle (ICP) 8
with respect to actuarial matters and risk management control functions),
throughout the insurance group, have appropriate regard not only to their entity-
specific responsibilities/risks but also for the wider group context/risks within
which their work is conducted.
8. The head of the insurance group should have adequate access to actuarial expertise
(e.g., group level Own Risk and Solvency Assessment (ORSA)). For some
insurance groups, supervisors may require the establishment of an actuarial
function at the group level.
2. Introduction
A group is generally defined as a collection of companies under common ownership and/or
control. The complete International Association of Insurance Supervisors (IAIS) Glossary
definition2 states that a group,
is considered to be an insurance group for the purpose of group-wide supervision if
there are two or more entities of which at least one is an insurer and one has significant
influence on the insurer. The significance of influence is determined based on criteria
such as (direct or indirect) participation, influence and/or other contractual obligations;
interconnectedness; risk exposure; risk concentration; risk transfer; and/or intra-group
transactions and exposures
Importantly, one entity in the insurance group has significant influence, either directly or
indirectly, over the other entities in the group. This entity may be an insurer or may be a
holding company with no direct business operations other than managing other members in
the group. Regulators refer to this entity as the head of the group.
This IAIS definition of an insurance group is used in the remainder of this chapter for ease of
communication to readers.
Insurance groups may be part of a broader group of entities that involve other financial
sectors (e.g., banking and/or securities). Such groups are called financial conglomerates. (See
IAIS Glossary for the definition of a financial conglomerate.3)
2
IAIS Glossary at www.iaisweb.org.
3
Ibid.
To submit comments about this paper or to report any problems with the website, please send
an email directly to riskbookcomments@actuaries.org.
8-2
Insurance groups present unique issues or issues with a different priority relative to stand-
alone insurance entities. Interest in understanding these issues has grown since the global
financial crisis (GFC) of 20082009. While insurance activities were not a cause of the GFC,
the insurance industry and regulators alike have heightened their focus on the features of
insurance groups that affect their governance, management, and regulation. Actuaries
throughout the insurance industry and within the regulatory community are playing key roles
in each of these areas.
The remainder of this chapter describes some of these features of insurance groups versus
legal entities (e.g., linkages, supervision/regulation) and concludes by describing the key
issues relating to insurance groups that arise for a variety of stakeholders.
3. Insurance Group Linkages

A fundamental feature of an insurance group is that its members are linked or connected to
each other in a variety of ways. The nature, extent, and strength of these linkages vary
significantly between groups and can vary significantly within a group depending on the
agreements reached between the involved entities. The various entities of an insurance group
are influenced by and are the ultimate responsibility of the head of the group. In one way or
another, each entity in the group contributes to the overall business activities of the group.
Some entities may represent geographic or product diversity. Others may represent different
but synergistic businesses to insurance (e.g., investment or funds management). Others may
provide specialized services needed by the group of companies (e.g., data services, customer
service, etc.). Finally, some entities may operate largely independently of others in the group.
Nevertheless, their financial results and risks contribute to those of the overall group.
Not unique to insurance groups, but also important to consider, are the linkages that may also
exist between members of the group and various external entities that are not members of the
group (i.e., not connected by ownership or investmentexamples might include third party
providers of key software, data administration, contract administration, call centres, etc.).
Insurance groups employ a variety of linkages to facilitate synergies within different parts of
the group, thereby leading to cost efficiencies, profit maximization, improvement in risk
management, and more effective control of capital and funding. A useful supervisory paper
on this topic is Intra-Group Transactions and Exposures [ITE] Principles.4
In good times, all members of the group perform as expected and interact with each other as
planned. Internal and external stresses may cause difficulty to the operations of one or more
members of the group. In turn, these stresses may stretch or even break one or more of the
linkages within the group. In many cases the group will have the resilience to respond or
provide support to affected members in the event that an individual members actions are
insufficient to respond to the stress appropriately. Care needs to be taken that the groups
capital resources are sufficient to withstand targeted levels of stress. Stress scenarios should
consider integrated scenarios affecting the entire group, possibly resulting in multiple
subsidiaries needing support at the same time.
4
Intra-Group Transactions and Exposures Principles, 1999, Joint Forum, BCBS.
8-3
The following paragraphs outline some types/aspects of linkage that are of importance to
insurance groups.
I. Ownership
Members of the insurance group are fundamentally linked through connected ownership or
significant investment. Different terms are used to describe the extent of such ownership or
investment. In some cases, reference is made to a controlling interest although there is no
common definition for this term. For example, 51% ownership certainly constitutes a
controlling interest but such an interest may exist for a lesser degree of ownership depending
on the interests of other owners. Other terms used may refer to significant investment or
related undertakings.5 Various stakeholders in insurance groups may have assigned specific
meaning to certain of these terms to assist their understanding of the linkages within a group.
Insurance groups may be structured in a variety of ways. Some groups have all members
100% owned (directly or indirectly) by the same holding company, while others have various
portions of minority ownership among the group members.6 There may also be various
subgroups within the overall insurance group, or various levels of holding companies spread
throughout the ownership chain.
Groups may also exist that have no common ownership, but still exhibit common control
(such as where there is a high degree of common management or a high degree of
dependence through financial or operational support). Yet for our purposes the most
important issue in defining an insurance group or applying insurance group supervision is
whether the operations (and solvency) of one group member are materially impacted by
others within the group. In other words, are the members of the group interconnected or
linked in some fashion in a material (solvency-related) way? There may be groups where this
is not the case, and there are groups where not all group members are impacted by others in
the group,7 but those cases are not of interest for this chapter.
II. Governance
Consistent with the concept of common control, groups frequently have a governance
structure across the members of the group. The manner in which governance is carried out
has both structural and style components. Both are important and relevant to risk
management.
Responsibility for governance of the group rests with the head of group, its board, and senior
management team. Responsibility for governance throughout the group is then passed down
through the other members of the group through their respective boards and senior
management teams.
5EIOPA-BoS-14/170 EN Guidelines on treatment of related undertakings, including participations; UK

Companies Act 2006, Section 409.
6
There can also be cases where the group has a minority interest in the equity of a member of the group.
7
In such cases, the legal entity whose solvency is not impacted by others within the group can be viewed as
merely an investment of the group, albeit one that may not be very liquid.
8-4
The degree of centralization or decentralization in such governance structures can vary
drastically from group to group. In some cases, the head of the group assumes a more passive
investment management role (e.g., decentralized) allowing its members considerable latitude
to make business decisions independently. Other heads of groups assume a much more
directive role (i.e., centralized), perhaps through insistence on head of group board member
participation in member boards. Both approaches have their advantages and disadvantages
but either approach can be effective in providing necessary governance across the group. It is
the responsibility of the head of the group to ensure effective governance is in place across
the group, including within the head of the group. The role of corporate culture in the
effectiveness of governance is provided as an example later in this chapter under the heading
culture.
III. Capital Links
Many groups have a centralized capital management function. This is especially important to
the extent that capital providers view the group as a single entity. In such an environment,
group capital is generally allocated to firms based on group priorities and legal entity
regulatory capital requirements but not necessarily legal entity priorities.
Group capital management may rely on different types of capital instruments for various
levels and legal structures within the group. The raising of capital through debt or equity
offerings may occur at various levels within a group. In some cases, it may be easier or under
more favourable terms for the issuance to be at the head of group level. In other cases, it may
be preferable that a member of the group undertake the issuance. Once raised, the capital may
be down-streamed to another member of the group as debt or equity. The repayment of any
external debt may be dependent on coupon, capital repayments and dividends from the
recipient of that down-streamed capital.
Legal entity capital in excess of regulatory capital requirements and supervisory targets may
be dividended up in accordance with group priorities. Higher quality forms of capital will
tend to be retained in the regulated entities as it may be preferable for these entities to exhibit
the strongest solvency positions within the group. Alternatively, the downstream insurance
entity may be minimally capitalized, but with an implicit or explicit solvency guarantee
provided by the parent. In this case, the solvency of the downstream entity is reliant on the
solvency of the parent and the fungibility of group capital is important.
Group capital management also involves consideration of the proper allocation among the
member companies of the benefits of group operation. Examples of these include the groups
overall deferred tax position and the value of risk diversification across the group.
Branches may also be viewed as separate entities within an entity, depending on the degree of
ring-fencing of assets that exist within the branch. It may be questionable as to whether the
assets of the branch would be available to support the liabilities (and solvency) of the non-
branch policyholders.
Lloyds of London syndicates may also require separate investigation, as they have links to
both their parent group (which can provide capital in the form of an assessable letter-of-
credit) and to the overall Lloyds of London structure.
8-5
IV. Contractual Links
There may be contractual agreements between the entities within a group that link the
survival of one group member to other group members. These can include:
1. Intra-group reinsurance (see IAA Risk Book chapter 7 on this topic):
a. Quota-share reinsurance. Using capital in one entity to reduce requirements in
another with a corresponding change in where profit emerges.
b. Catastrophe, aggregate excess or other excess reinsurance agreements between
group members. These typically would be written by the larger and/or lead
member of the group protecting the smaller group members either to be
retained or to coordinate reinsurance with third party reinsurers.
c. Quota-share reinsurance pools (typically involving only group members
within the same jurisdiction), such that the entities share equally the
underwriting results of certain or all insurance policies written by pool
members.
d. Reinsurance mixer companies may be used to help with achieving
diversification of risks and lower capital requirements.
2. Guarantees, such as loss reserve guarantees or performance guarantees.
3. Service contracts, whereby some or all of the operations for one (or more) group
member(s) are contractually provided by other group members.
Quota-share pools within a group (which are very common if not the norm for U.S. property
and casualty (P&C) companies) can result in the entire pool effectively being a single entity
for risk management and solvency regulation. The entire pool survives or sinks as a whole. In
such a case the pool members may be best viewed as a single entity for risk management
and/or regulation purposes.
Contractual links may not extend to all members of a group. Hence some members within a
group may be more separable (or more interconnected) than others. Indeed, if a multiple
point of entry (MPE) resolution strategy is envisaged, assessing barriers to separation of
entities or subgroups will be imperative.
V. Shared Resources
Many shared resources can exist within the group whereby the same resource is used and
relied upon by multiple legal entities. Examples may include a common investment
department, common finance department, common claim department, common IT platforms,
etc. The degree of this sharing can vary within the group (e.g., claim departments may be
shared within the same jurisdiction but not across jurisdictions). The sharing of resources
within a group may be formally structured through the use of service contracts.
As mentioned earlier, different groups have different levels of centralization and
decentralization, although they always have to address local legal and regulatory
requirements. The IAIS gives one instance: The supervisory regime requires insurers to
8-6
maintain contingency plans and procedures based on their specific risk for use in a going- and
gone-concern situation.8
There may be a limit to the extent of resource sharing that can occur and this may be a factor
in any resolution planning.
VI. Business Management Structures Cross Legal Entity Lines
A group can also have a business unit structure that crosses over legal entities. A single legal
entity can contain business from multiple business units, and a single business unit can share
all the legal entities it uses with other business units. In short, the operational structures and
the legal entity structures of the group may be very different.
VII. Reputation Risk
There is also an intangible link between members of a group to the extent their customers and
counterparties (including potential customers and counterparties) view the group members as
part of the whole group. To the extent these parties view the group as a whole, any crisis (or
success) of a group member may impair (or build up) these parties view of other group
members. This is frequently labelled reputation risk or group risk. Hence the risk
management of one group member may be linked to that of other group members, even in the
absence of any tangible linkage. (Note that this is not absolute, as some group members may
not be viewed by their relevant parties as having any noticeable connection to their group
the general public in some cases may not even be aware of this connection.)
VIII. Culture
Group members may also to an extent share the same culture. Where this exists, it may be
driven by common management, by interactions among the various group members, by
movement by employees across the group, or other causes. To the extent a group culture
exists, it affects the extent to which group members react the same way to certain stimuli.
As an example of the importance of corporate culture, the manner in which governance is
carried out within the group can be significantly affected by the tone from the top. Some
heads of groups provide significant direction on business strategy or have focused views on
risks to be assumed, risk appetites, etc. These groups are likely to share a common view of
risk across the group. However, a potential weakness to be guarded against is a tendency for
member risk management capabilities to be underdeveloped (i.e., due to directive influence
from the head of group). Other heads of group may permit a greater degree of independence
to their members to make business decisions and assume risk. These groups may feature
more highly developed risk management capabilities within each member but the
development of common or cohesive risk management across the group at the head of the
group may be a challenge. Of course, both polarities of tone from the top can work
effectively but groups need to be aware of their own strengths and weaknesses and the
possible implications for risk and capital management.
8
IAIS ICP 26.6.
8-7
4. CapitalGroup versus Legal Entity
I. Amount of Capital
A legal entity and a group will decide what level of capital is needed/desired to meet its
business objectives and commitments to policyholders and other stakeholders. This typically
involves a formal examination of capital needs using a variety of risk management and
modelling tools. Many insurers and groups include this work within their regular Own Risk
and Solvency Assessment (ORSA) process. (ORSA is described in more depth in IAA Risk
Book chapter 10.) The resulting target level of capital set by the legal entity and group will
also be influenced and/or informed by the views of important stakeholders such as rating
agencies and supervisors who will have their own perspectives on the amount and form of
capital to be maintained. Supervisors will typically reference a number of different levels of
capital, a minimum level (i.e., a minimum capital requirement or MCR) which when
breached triggers strong supervisory intervention, and one or more higher levels, including a
prescribed capital requirement (PCR). Successive breaches of supervisory capital targets
trigger increasing levels of supervisory interaction and intervention as the breaches signify
increasing risk to policyholders interests. These increased levels of activity should take into
account the supervisory views of the legal entity and group risks to policyholders and the
adequacy of capital and its position within the group to provide for the groups risks.
The desired level (or adequacy) of capital may be assessed at the group level, the entity level,
or both (with both being the common approach). Important stakeholders such as rating
agencies9 and supervisors may have different views on the desired level and positioning of
capital throughout the group (e.g., fungibility of capital being an important issue)10.
Either the groups consolidated accounts may be used as a basis or another aggregation
method may be used. The former is already adjusted for intra-group holdings and further
adjustments may then need to be made to reflect the fact that the group may not behave or be
allowed to behave as one single entity. This is particularly the case in stressed conditions.
The latter method may sum surpluses or deficits (i.e., the difference between capital resources
and capital requirements) for each insurance legal entity in the group with relevant
adjustments for intra-group holdings in order to measure an overall surplus or deficit at group
level. Alternatively, it may sum the insurance legal entity capital requirements and insurance
legal entity capital resources separately in order to measure a group capital requirement and
group capital resources. Where an aggregation approach is used for a cross-border insurance
group, consideration should be given to consistency of valuation and capital adequacy
requirements (i.e., including relative levels of prudence) and of their treatment of intra-group
transactions.
It is not the purpose of group-wide capital adequacy assessment to replace assessment of the
capital adequacy of the individual insurance legal entities in an insurance group. Its purpose
9
There may also be holding company liquidity targets, such as the need to maintain sufficient assets at the
holding company to pay, say, one or two years of debt payments, dividend costs, and other holding company
level expenses, without needing capital or cash up-streamed from the holding companys subsidiaries to do so.
10
For example, a jurisdiction may place restrictions of movement of capital into or out of the jurisdiction that
may limit the ability or speed of any capital transfer.
8-8
is to require that group risks are appropriately allowed for and the capital adequacy of
individual insurers is not overstated (e.g., as a result of multiple gearing and leverage of the
quality of capital or as a result of risks emanating from the wider group) and that the overall
impact of intra-group transactions is appropriately assessed.
II. Location of Capital (including capital fungibility)
The ability of individual legal entities as well as the group as a whole to maintain sufficient
capital and liquidity to meet each entitys (or at the group level) targets can be dependent on
the ability to access capital/liquidity elsewhere within the group (and the costs including tax
effects). In some cases, these sources are readily available or fungible in times of need.
However, it is common for there to be a variety of restrictions that reduce the fungibility of
such capital or liquidity, especially in times of stress.11 Restrictions/costs on the movement of
capital resources into and out of an entity include: protections applicable to with profits
funds; protected cell structures; legal restrictions on interest, dividend, and capital
movements out of an entity; tax implications; and foreign exchange restrictions. Hence the
starting point in evaluating capital adequacy within a group is determining the capital
requirements (legal and otherwise) for each entity within the group.
Evaluation of capital adequacy for the individual group members and the overall group is
heavily dependent on the fungibility12 of capital. Where assets are perfectly fungible within a
group, the location of the capital is not an issue for evaluating capital adequacy within or
across the group. In addition, where capital is fungible the group gets maximum benefit from
diversification of risks across group members, reducing the level of capital required to
support the groups business. This diversification benefit is a major advantage of groups vis-
-vis stand-alone entities that operate in limited markets. Where capital fungibility is limited
or restricted, full diversification benefits may not be achieved and capital adequacy of the
individual group members becomes more important. This is one reason why some prefer to
use the term group capital assessment rather than calculation.
There are a number of ways that a group can make funds in one entity available in another in
the absence of full capital liquidity and fungibility. Common examples would be:
Using intra-group reinsurance to reduce the capital requirement and possibly the
liquidity need in the ceding entity (taking advantage of higher capital and/or
liquidity in the assuming entity).
11
In many cases there is not a need for an overnight cash injection, and it is important to distinguish between
resources to meet claims as they fall due and liquidity. Even so, from the supervisory perspective there is always
a concern that the funds cannot be made available in times of stress, particularly where cross-border issues arise.
12
The term transferability is sometimes used interchangeably with fungibility although they have different
meanings. Fungibility frequently refers to financial instruments being of such nature or kind as to be freely
exchangeable or replaceable, in whole or in part, for another of like nature or kind. Transferability refers to the
ability to convey or cause to pass from one place, person, or thing to another. Fungibility tends to be a broader
and more relevant question for group capital adequacy than the narrower concept of transferability. It is
important to consider what purposes funds are required to fulfil and whether they can be achieved. Relevant
questions may include: can title be transferred without loss? How long would it take to make the transfer of
funds effective? After transfer, can benefits of ownership be enjoyed without restriction or loss of value? Post
transfer, is there sufficient liquidity? (The funds transferred do not need to be liquid if there is sufficient
liquidity elsewhere.)
8-9
Using external (ceded) reinsurance from one entity to reduce its required capital
resources and so being able to use the freed assets to support another entity in
difficulty.
Using external (ceded) reinsurance for the group as a whole, but which would
direct any recovery to the entity suffering the losses.
Inter-company loans.
Guarantees within a group.
Service contracts within the group (including the use of shared resources).
Tax treaties (typically within a tax jurisdiction) that share the tax reductions caused
by adverse experience and direct the cash benefit to the entity with the losses.
Securitization of cash flows. It may be possible to sell future cash flows from
portfolios of policies to external parties for a greater, and more certain, value than
the regulatory valuation. Any risks created need to be allowed for and any residual
risk carefully assessed.
Many of these arrangements or approaches to address group capital needs (and to maximize
group diversification benefits) also create operational efficiencies. The use of shared
resources allows for higher return on investment in IT systems, intellectual capital, service
platforms, and systems of controls (with the understanding that this can be overdonelocal
differences cannot be ignored).
While such arrangements or approaches can be sound ways to manage resources and address
emerging issues, their use must also consider their effectiveness in times of stress.13 For
example, although intra-group reinsurance should have the same legal enforceability as
external reinsurance, there may be concern that after an extreme event, the assuming entity
will fail to meet its obligations. Alternatively, will an intragroup reinsurance arrangement or
service contract be enacted with the primary purpose of moving capital from one entity to
another?
III. Capital Access and Quality of Assets
Related to the issue of capital fungibility are the issues of capital access and the positioning
of quality assets.
Groups frequently provide greater economies of scale with regard to access to the capital
markets. This relates to both issuance of common stock and to long-term debt. The greater
scale makes public financing easier to achieve, as the more securities issued by an
organization, the more robust the secondary market, and hence the easier for investors to buy
and sell the securities. This increased liquidity in the securities issued by the group makes it
more attractive to investors, and hence may provide for lower costs of capital and easier
access to capital in times of stress.
For some groups, the access to capital markets may be facilitated by issuance in a major
capital market (e.g., US, EU). If the head of the group is not based in one of those
13
A third concern exists that relates to group resolutions and breakups. That concern is discussed later.
8-10
jurisdictions, then capital access may be more easily achieved via the legal entity based in
that market.
Where the group level debt is concentrated at the ultimate parent in the form of a non-
insurance company, there is an open issue as to how to treat this parental debt for group
capital assessment purposes. Such parental debt is generally contributed downward to the
operating (insurance) entities. The holding company parent typically has limited assets other
than its subsidiaries. Hence it uses dividends from the operating entities to the parent to
service this debt (as to interest and principal payments). Depending on the local laws, the
insurance entities that received the debt issuance proceeds may be under no contractual
obligation to dividend up the necessary funds to repay the debt, and may be prevented from
doing so by local laws and/or regulations. Hence the solvency of the group holding company
may (in some jurisdictions) be separable from the solvency of the insurance members of the
group.
Insurance groups also need to consider the optimal positioning of quality assets within the
group. High quality assets may attract lower capital requirements, tend to be highly liquid and
fungible, but tend to offer lower yields than other asset classes. As a result, a number of these
features may be of greater benefit to insurance legal entities than to the head of the group,
which may or may not be an insurance legal entity itself.
5. Other Important Aspects of Insurance Groups

I. Multiplicity of Jurisdictional Regimes
The management and supervision of insurance groups is frequently complicated by the
multiplicity of jurisdictional regimes in which the various members of the group may operate.
Due to their diverse activities (e.g., different businesses and geographies) groups are brought
into contact with multiple regulators, each operating within its own jurisdictional authority
(e.g., bank vs. insurer; prudential vs. market conduct supervision; country vs. state, etc.).
Members of a group may operate in a variety of business sectors, industry segments, markets,
geographies, product lines, etc., according to the groups overall business strategy. Beyond
operations in the insurance sector, member entities may operate in the banking or
investment/securities sectors. Each of these three sectors has its own regulatory and
supervisory requirements.
The legislative, regulatory, and/or supervisory requirements on insurers operating in different
geographies can result in the localized needs to structure that part of the insurance groups
operations in a specific manner (e.g., subsidiary, branch, captive, ring-fenced, etc.).
II. Multiple Origins/Background
Groups may grow organically or via mergers and acquisitions. Such growth can be the result
of careful planning, or opportunistic, or some combination of the two. The result can bring
efficiencies to the operations of the group and group members, but not always (such as
opportunistic growth via acquisition resulting in redundancies). In addition, a structure that is
8-11
optimum14 at one point in time will not always remain so in the future. Hence nearly all
groups are dynamic, changing their size and structure over time.
III. Multiple Environmental Pressures
A groups structure will also be impacted by various pressures in the environment. This can
include statutory restrictions, currency restrictions, insurance market, and financial market
realities. These help shape the structure of insurance groups.
6. Supervision/Regulation of Insurance Groups

I. Overview
As noted previously in this chapter, the members of an insurance group may be subject to
several types of supervision and regulation. For example, an insurance group with entities in
insurance and/or banking and securities/investment sectors is subject to multi-sectoral
supervision.
Financial sector supervisors are members of one or more of the International Association of
Insurance Supervisors (IAIS), the Basel Committee for Banking Supervision (BCBS), and the
International Organization for Securities Commissions (IOSCO). Members of the IAIS,
BCBS, and IOSCO develop and maintain their regulations and supervisory frameworks for
solo entities and groups in accordance with their jurisdictional authority and guided by their
relevant sectoral standards. Regular monitoring and assessment of each jurisdictions
substantial compliance with international regulatory standards (i.e., Financial Sector
Assessment Program or FSAP) is the joint responsibility of the International Monetary Fund
(IMF) and the World Bank (WB).
The individual legal entities within a group subject to regulation are generally subject to solo
supervision by their respective supervisors. Solo supervision can be challenging if
operationally the group is not run along legal entity lines. The group as a whole will also be
subject to supervision by a lead or group supervisor, frequently in conjunction with the
supervisors of the individual group members (crossing both geographic and sectorial
boundaries). Coordination among all involved supervisors, especially between the lead/group
supervisor and the local supervisor(s) is a necessity as the legal authority over firms resides
with the local supervisor/regulator, regardless of where the group is headquartered or whether
the groups principal domicile has enacted a group supervision statute.
The IAIS uses the term home supervisor to refer to the supervisor of the jurisdiction in
which the insurance entity is domiciled. The IAIS uses the term host supervisor to refer to
the supervisor in any other jurisdiction in which the entity or group operates. Note that in rare
circumstances the home supervisor of the head of the group may not be selected by the
involved supervisors as the group-wide supervisor. This might occur (for example) if the
domicile for the head of the group is different from the jurisdiction in which the majority of
the insurance business is conducted. In most situations, insurance supervisors conduct solo
supervision over the insurance operations in their jurisdiction, whether they are domestic or
14
There may also be numerous facets of the environment that affect how a group may attempt to optimize.
For example, the optimal structure for reacting quickly in the market may not be the optimal structure for capital
management.
8-12
foreign (via branch or subsidiary) in origin. Within the EU, member states have agreed that
the home supervisor is responsible for supervision of domestic as well as foreign (outside of
the home jurisdiction) branch operations.
The geographic bounds within which a regulator has authority are set by its enabling
legislation. Groups and their member entities tend to operate over different geographies and
can therefore be subject to regulation and supervision by multiple authorities. Insurance
supervision in the US is typically state-based although supervision at the federal level is
being developed for the largest systemically important insurance groups and those with a
banking affiliate. In Europe, multiple countries are members of the EU or EEA and are
subject to maximal harmonization of laws at the country level. In some respects, (but perhaps
not all), members of the EU might be considered to operate as if they were a single
jurisdiction.
While the insurance supervisor for a particular jurisdiction will generally handle all types of
insurance, there may be separate divisions or departments within that governmental agency
for different types of insurance (e.g., life versus health versus property/casualty). Hence there
may be a need for supervisory coordination even within the same insurance supervisory body.
Many regulatory authorities (and their accompanying legislation and/or regulation) require
that general insurance and life insurance business be conducted through separate legal
entities. Such separation, which frequently includes regulation unique to each of these
businesses, may or may not entail supervision by a common insurance supervisory
organization. While groups may choose to combine various aspects of their insurance
operations within a single entity, they may choose for business reasons to conduct certain
specialized activities (e.g., reinsurance, captives, Lloyds, other specialized sub-markets, etc.)
through separate legal entities.
The insurance market conduct supervisor may or may not be within the same insurance
supervisory authority that is responsible for prudential supervision. This distinction is
handled differently from jurisdiction to jurisdiction.
Within each jurisdiction, the authority responsible for insurance supervision may also be
responsible for other financial industry regulation, such as that for banks and/or investment
securities. In that case the supervisors responsibility may extend beyond policyholders,
including possibly a responsibility to capital providers (such as investors in the stocks and
bonds issued by the group members). This may require the supervisor to balance the needs of
various other stakeholders in addition to those of policyholders.
Where the supervisor has authority over both the solo entity and the group to which it
belongs, issues may arise as to whether the needs of the entity come first, or the needs of the
group come first. This prioritization may be a function of local law and authority. Some
jurisdictions focus on supervision from the bottom up (putting solo entity needs first), while
others may supervise from the top down (putting the group needs first, even if it could make a
single entity vulnerable).
8-13
II. Regulatory Standards
As noted earlier, financial sector supervisors develop and maintain their regulations and
supervisory frameworks for solo entities and groups in accordance with their jurisdictional
authority and guided by their relevant sectoral standards.
As the international setter of model standards for insurance supervisors, the IAIS has
established a set of 26 ICPs and associated standards and guidance for each ICP.15 As stated
in introductory paragraph 13 to the ICPs:
The ICPs and standards apply to the supervision of insurers at the legal entity and the
insurance group level, unless otherwise specified. The application of individual ICPs
and standards to insurance groups may vary and where appropriate, further guidance
is provided under individual ICPs and standards.
The implementation of the ICPs and standards relevant to group-wide supervision may vary
across jurisdictions depending on the supervisory powers and structure within a jurisdiction.
There are direct and indirect approaches to group-wide supervision, especially with regard to
supervision at the group level. As a result, introductory paragraph 15 of the ICPs states:
Regardless of the approach, the supervisor must be able to demonstrate that in effect,
the outcome is similar to having the supervisory requirements applied directly on those
entities within the insurance group from which the risks are emanating. This is to
ensure effective group-wide supervision, which includes ensuring that all relevant
group-wide risks impacting the insurance entities are addressed appropriately.
While many of the ICPs contain important standards applicable for both solo entity and group
supervision, ICP 23 Group-wide Supervision, and ICP 25 Supervisory Cooperation and
Coordination are of particular importance for the supervision of groups. To address the issues
related to large internationally active insurance groups (IAIGs) the IAIS is developing a
common framework (ComFrame), which builds and expands upon the high level
requirements and guidance of the ICPs. In response to G-20 and Financial Stability Board
(FSB) direction, the IAIS is also developing a series of measures, including capital
requirement for a few of the worlds largest insurance groups that have been deemed to be
global systemically important insurers (G-SIIs). The ICPs, as well as news on ComFrame and
G-SII related developments, can be accessed via the IAIS website16
IAIS standards include those related to prudential as well as for market conduct supervision.
Insurance groups may be part of a larger cross-sectoral group known as a financial
conglomerate (FC). To address some of the complexities arising from FCs, the Joint Forum
(JF) of international financial regulators published in 2012 an influential paper titled
Principles for the Supervision of Financial Conglomerates.17 As a result some regulators
have developed their own standards and guidance for FCs in their jurisdictions (e.g., FICOD
in the EU).
15
www.iaisweb.org.
16
Ibid.
17
Principles for the supervision of financial conglomerates, 2012, Joint Forum, www.bis.org.
8-14
The key principles arising from the JF paper, while addressed to supervisors, have obvious
direct implications for insurance groups and the head of the insurance group in particular.
The key principles are:
1. Supervisors should take steps, directly or through regulated entities, to provide that
conglomerates have adequate risk management processes in place, including those
pertaining to [Intra-Group Exposures] ITEs, for the conglomerate as a whole.
Where necessary the supervisors should consider appropriate measures, such as
reinforcing these processes with supervisory limits.
2. Supervisors should monitor material ITEs of the regulated financial entities on a
timely basis, as needed, through regular reporting or by other means to help form a
clear understanding of the ITEs of the financial conglomerate.
3. Supervisors should encourage public disclosure of ITEs.
4. Supervisors should liaise closely with one another to ascertain each others
concerns and coordinate as deemed appropriate any supervisory action relative to
ITEs within the group.
5. Supervisors should deal effectively and appropriately with material ITEs that are
considered to have a detrimental effect on the regulated entities, either directly or
through an overall detrimental effect on the group.
7. Issues for the Management of Insurance Groups

Building on the preceding background surrounding the nature of insurance groups and their
supervision, this section highlights issues for the management of insurance groups.
I. Need for Group Level ERM
The formation of an insurance group creates risk exposures unique to the formation of the
group itself and distinct from the stand-alone risk exposures of the member entities. These
risk exposures arise from the various linkages between the member entities as well as from
the head of the group itself. They can best (and in some cases solely) be managed by the head
of the group.
As a consequence, an ERM function is needed at the head of group level. This is
consistent with having various key leadership and control functions within the head of the
group.
In addition, identification of all the linkages between members of the insurance group
and their associated risks, including concentration or accumulation of risk exposures, is
very important for the risk and capital management of the group as well as its
prudential supervision.
Involved prudential supervisors for the insurance group will expect the group to demonstrate
sound risk and capital management for the solo insurance entities and the group as a whole
reflective of all relevant group linkages. Prudential supervisors may also expect insurance
groups to develop contingency recovery plans in preparation for possible crises. Also, at least
for G-SII groups, resolvability considerations may require an explicit determination of
whether particular entities may be allowed to fail (a wider discussion on single point of entry
8-15
(SPE) or multiple point of entry (MPE) is included in the chapter on Resolution). Prudent
disclosures of the groups risk exposures due to its various linkages will be of interest to
various other stakeholders such as rating agencies.
Specific examples of the importance of ERM at the group level are as follows:
A. Group Risk Concentrations
Insurance groups assess the development of risk concentrations across the group and in
aggregate as part of sound ERM practice. Examples of types of concentrations to be
considered (among many) might include undue concentration of insurance risk, counterparty
credit risk, and specific credit risk exposures (i.e., to certain geographies, industries, asset
classes, etc.). A very specific concentration example involving ceded reinsurance catastrophe
treaties would consider how best to allocate recoveries to the various legal entities in the
group. A similar issue may apply to direct insurance exposures where the groups maximum
retained limits are based on net of quota-share pooled or net of intercompany reinsurance
results. Exposures that may be overwhelming relative to an entitys size may be easily
tolerable after such intercompany reinsurance. Further, one event may impact many different
pieces of the group but in different ways across the grouphence complicating any analysis
focused on concentrations.
B. Group Risk Diversification
Diversification is generally perceived as a beneficial aspect and can be reflected in
calculations of required capital. However, there can be much debate about the quantification
of these benefits across groups during periods of stress. Diversification is a natural outcome
of the pooling of independent risks but becomes more difficult to assess with risks that
become correlated in their tails. Diversification is at least partly related to the issue of capital
fungibility between entities or between jurisdictions.
C. Group Reputational and/or Operational Risk
There are some sources of risk to the group that may not be subject to reliable quantification.
Group reputation risk is an example whereby adverse results or publicity for one member of
the group may negatively impact the business model for many or all other members of the
group. Consideration should be taken of the events that could give rise to a reputation-driven
contagion and ensure the effect is properly (not double) counted. Other group risks can
include intellectual property and operational risk such as those related to computer systems
and cyber risks. (See the Operational Risk section of this publication.)
D. Group Level Risk Appetite Statements and Other ERM Controls
While not precluding separate legal entity views as well as having separate ERM resources at
the local level, it is beneficial for their efforts to be coordinated with the group level ERM
function18 in addition to having a level of controls applied at the group level.
18
Areas of group and local ERM coordination include risk tolerance and risk limits. Risk appetite would
generally be established at the level at which capital is managed, typically at the group level.
8-16
E. Group-Wide Data Standardization
Centralized ERM efforts (or group level coordination of ERM) benefit from some degree of
data standardization. Aggregation of risk across entities can be problematic if databases have
inconsistent naming conventions or if data for evaluation of risk concentrations are captured
within some legal entities but not others. Standardized data also allow for maximizing the use
of various risk management tools and other resources. Some groups have a strong group
data language (GDL), which every entity uses. This makes it possible to add numbers
together from different regions knowing that they are consistent, but other groups have issues
because, for example, "written premium" can mean different things in different places. Such
standardization is of assistance to insurance groups as well as their supervisors. Care is
needed to ensure the GDL is sufficiently granular and understood to prevent suppression of
key risk characteristics.
F. Group Level Stress Tests
Given the complexity and varying significance of the various types of linkages between
members of the insurance group, it is necessary that they be properly considered as part of the
groups risk and capital management, both in the evaluation of group level solvency and for
single entity solvency.
In the event of a serious stress (i.e., one that affects the viability of a member or perhaps is a
broad-based stress affecting various members of the group) it is possible that several of the
linkages in the group cease to function as expected and that some linkages are broken. Stress
and scenario testing can be effective tools for identifying, analysing, managing and
communicating the risks to the group as a whole as well as to its member entities.
In some cases, stress tests on a group basis may be difficult to conduct on a legal entity basis,
especially if a group has not set up its stress testing models to operate at a granular entity
level. This may especially be true where the group or a portion of a group is managed as if it
were a single entity (such as via a quota-share pooling agreement or extensive internal
reinsurance). Similarly, it may be difficult to aggregate a collection of legal entity stress tests
(based on local assumptions and views of risks) into a single stress test result at the group
level.19
Risk management requires an understanding of the behaviors of these linkages according to
various adverse scenarios and levels of stress. Some of the possible aspects to be considered
may include the following within and across the group:
Risk positions (e.g., exceedances with respect to risk appetite, risk limits, etc.)
Risk concentrations
Diversification benefits
Fungibility of capital; capital support/guarantees; capital positions
19
Note that some legal entity stresses have limited impact on other group members, such as that from a local
natural disaster that only directly impacts one group entity. While the local stress testing for such events may
need to be somewhat sophisticated, it may be possible to evaluate the stress to the rest of the group in a more
simplified fashion.
8-17
Liquidity management and positions
Risk management agreements and exposures
Service contracts/agreements
Contingency and recovery plans
Ability to meet rating agency expectations
Ability to meet regulatory requirements and supervisory expectations
II. Understanding Supervisory Expectations
The presence of the various regulatory authorities across a group creates complexity in the
operation, governance and management of members of the insurance group, the head of the
group, and for the involved supervisors.
As a result, members of the insurance group and its head need to understand the roles,
expectations, and requirements of their respective involved supervisors.
For example, when business management structures cross legal entity lines, careful
management is needed as supervisors necessarily look at the legal entities they supervise, and
therefore it is important that persons taking responsibility for the management of each legal
entity are clearly identified and that they ensure the entitys interests are appropriately
protected when business decisions are made.
To coordinate the groups regulatory initiatives and to provide a focal point of leadership to
the group-wide supervisor, the head of the insurance group has ultimate responsibility within
the group for meeting the expectations and requirements of the group-wide supervisor.
8. Issues for the Supervision/Regulation of Groups

I. Importance of the Group-Wide Supervisor
Given the variety of businesses and geographies in which an insurance group may be
involved as well as the variety of linkages that member entities of the group may have with
each other and/or external (to the group) contractual arrangements, it is important for
prudential supervision that there be effective group-wide supervision of an insurance group.
Since insurance groups can involve many supervisors (e.g., insurance supervisors from the
various jurisdictions in which the group operates; other sectoral supervisors if the group
conducts business in those sectors; market conduct supervisors if they are separate from the
prudential insurance supervisors, etc.) it is important that involved supervisors determine the
need for a group-wide supervisor and agree on which supervisor will take on that role20. The
group-wide supervisor, in cooperation and coordination with involved supervisors,
plays a lead role in effective group-wide supervision, including any resolvability issues.
II. Importance of Supervisory Cooperation and Coordination
Each involved supervisor in an insurance group provides a unique perspective into the
groups operations. Whether their role is as an insurance or banking supervisor, or as a home
20
IAIS ICP 25.3; ComFrame requires a group-wide supervisor for an IAIG.
8-18
versus host supervisor for one or more entities in the group, their coordinated and combined
efforts are needed to provide effective group-wide supervision. Some components to group-
wide supervision21 include:
Selection of the group-wide supervisor
Formation of a supervisory college
Allocation of supervisory responsibilities among the involved supervisors
Recognition and reflection of differing supervisory approaches
In addition, for G-SIIs, there may be a defined Crisis Management Group, which will
typically consist of the supervisors of material insurance entities in the group.
The cooperation and coordination of all involved supervisors, in carrying out their roles
as local supervisors and as members of the supervisory college, are important to the
effective supervision of the group.
Some of the specific issues involved with group supervision are:
Determining the scope of the group
Supervisory college effectiveness
Group level governance
Group recovery and resolution
A. Determining the Scope of the Group
One of the responsibilities of the involved supervisors of the insurance group is to
collectively define the scope of the group to be subject to group-wide supervision.22 Involved
supervisors consult and agree amongst themselves on the scope of the group to be subject
to group-wide supervision to ensure no gaps or unnecessary duplication in regulatory
oversight between jurisdictions occurs. Consideration of the scope of the group to be subject
to group-wide supervision should be undertaken on a case-by-case basis.
This decision may be forced to some extent on the supervisors based on the limits of their
authority, yet it should at least consider any entity that can materially impact the solvency of
another group member for solo supervision, and the solvency of the insurance group for
group supervision.
There are also issues with regard to entities not wholly owned (including joint ventures,
minority ownership, and those where there is common management). It is not always clear as
to when such entities should or should not be included in the group, although the decision
will be influenced by the degree to which such entities impact the rest of the group.
Additional issues arise as to whether branches should be viewed as separate entities for the
purposes of solvency supervision, or addressed (if at all) as part of the review of the entity
they belong to. The decision may be a function of local law and supervisory authority where
21
See also IAIS ICPs 3, 23, and 25.
22
IAIS ICP 23.1.
8-19
the branch is located, as well as the extent of ring-fencing of branch assetswhether they are
equally available to all policyholders or they are restricted such that they generally support
only the branchs policyholders.
B. Supervisory College Effectiveness
A fundamental duty of a supervisory college is for the involved supervisors to work
effectively together under the leadership of the group-wide supervisor to supervise the
insurance group. Standards and guidance for insurance supervisors relating to supervisory
colleges are contained in the IAIS ICPs as well as ComFrame for IAIGs.
One of the challenges in conducting an effective supervisory college is the recognition by
involved supervisors that their supervisory approaches are likely to have differences that will
need to be addressed during the course of the college. For example, some supervisors may
manage on a top-down basis, such that they can force the group head to take actions with
respect to subsidiaries (subs) within that jurisdiction (e.g., by forcing movement of capital
from sub A to sub B, even if it can endanger sub A's solvency). Others manage from a
bottom-up basis, such that they focus on solvency on a legal-entity-by-legal-entity basis, able
to restrict capital flows up to a parent to protect the sub, even if it results in a parent's
insolvency. This can differ by industry sector within a jurisdiction. (Example: U.S. banking
regulation is top-down; while U.S. insurance regulation is largely bottom-up.) Difficulties can
arise if the approach/authority among the various supervisors for a group is not consistent.
Supervisors benefit from addressing any differences in supervisory approaches in advance,
finding a way to cooperate and coordinate their actions in both normal and crisis conditions.
This may be addressed via a supervisory college, treaties, or other mechanisms. ICPs 23
(Group Supervision) and 25 (Supervisory Cooperation and Coordination) address some of
these issues.
C. Group Level Governance
The evaluation of corporate governance is generally a major part of solvency supervision. For
stand-alone entities, this requires communication with the senior management and possibly
the oversight board of the entity. For group members, there may be a local entity senior
management team and a local oversight board, but those local bodies may or may not be the
most relevant bodies with which either the local or group-wide supervisor should
communicate.
In some cases, the group will give its entities a relatively free hand to organise themselves,
set strategic direction, and determine how best to deliver required financial performance. In
others there will be a number of criteria set by the group and the group will maintain a strong
influential role both during strategy and business planning phases but also on a regular basis
during the year. In the former case (strong local or decentralized control) supervisors may
focus their communications on the local bodies, while in the latter case (strong centralized
control) supervisors may be more effective by focusing on communications with group
management and board.
Some supervisors are also interested in the governance arrangements of group subsidiaries
looking for a balance between group executives providing the link to the group itself but also
ensuring there are sufficient independent board members to challenge on issues where the
8-20
subsidiarys interest and the groups interest may not be fully aligned. A good example of this
is the tension that may arise in paying dividends to the group, which might undermine the
capital position of the subsidiary.
Under either scenario (decentralized or centralized) group members will need to comply with
local legal requirements. This can be challenging especially where operational structures do
not readily align with legal structures.
Operational structures that do not align with legal structures have additional issues with
regard to legal entity supervision. This is because any attempt to affect a legal entitys
solvency via restrictions or changes in its operations will affect multiple business units. This
may limit pinpointed regulation or risk management by entity.
D. Capital Adequacy
As noted earlier in this chapter, the assessment of the sufficiency of capital at the group level
can be complex due to the various linkages among the members of the group as well as the
unique risks presented solely due to the formation of the group itself. As a result, capital
adequacy at the group level requires the active involvement of members of the supervisory
college to develop an understanding of the valuation and stress testing approaches used to
examine the capital adequacy of the group at the entity and group level under varying levels
and types of stress. ORSA processes and reports are likely to be most helpful in this regard.
E. Group Recovery and Resolution
Regulatory capital requirements are generally established with multiple action levels; capital
below the highest regulatory level generally results in some increased level of
supervisor/regulator and/or company action, while capital below the lowest level generally
results in a resolution situation in which the supervisor/regulator takes over the entity23. In
general terms, a supervisor will seek to assume control of an insurer only after all other
avenues of recovery have been pursued with management and while there remain sufficient
funds to satisfy its policyholder obligations. Local rules may also dictate at what point any
policyholder protection powers become enacted.
In some jurisdictions these regulatory capital requirements exist only at the legal entity level,
while in others they exist at both the legal entity and group level. Regardless, it is possible for
a group (or the holding company) to become insolvent while the entity (or entities) within the
group remain solvent, and vice versa. A groups insolvency is a separate event from a group
members insolvency. This can be observed in the following three examples:
1. In 2008, the AIG group was perceived to be insolvent even while the insurance
entity members of the group remained solvent. In that situation, discussions were
occurring among the legal entity regulators concerning possible movement of
23
This takeover of the entity in a resolution situation does not immediately result in liquidation. The insurance
supervisor typically has the authority to first attempt rehabilitation of the entity, allowing certain functions to
continue in partial or total runoff mode while such a rehabilitation is considered or attempted. It is typically only
after such a rehabilitation is considered or attempted unsuccessfully that an entity is transitioned to orderly
runoff or liquidation. Hence in many jurisdictions the insolvency does not result in loss of policy benefits for
many policy beneficiaries, as their obligations are either met via a supervised runoff, transition of the claims to a
guarantee fund, or transfer of their obligation to a solvent insurer.
8-21
funds to the parent holding company, prior to the U.S. banking regulators
determining that the parent needed an immediate bailout.
2. A somewhat similar situation occurred in the US with regard to Monarch Life in
the early 1990s.24 In that instance the parent company went insolvent, and the
regulator spent several years working to rehabilitate one of the subsidiary entities
(with another of the subsidiary entities not being impaired).
3. A third example occurred with Fortis in Europe. The Fortis group contained both
banking and insurance operations. In October 2007, Fortis (along with two other
partners) acquired portions of another bank just before the global financial crisis.
[T]he large debt created to fund the takeover had depleted the banks' reserves just
as the financial crisis of 20072010 started. As a result, the Dutch government
stepped-in and bailed out Fortis in October 2008.25 The insurance operations were
not the cause of the crisis at Fortis, although the difficulties arising from the
groups banking acquisition did change the ownership of the insurance entities.
It is possible for the group to be technically solvent but cash insolvent, due to the inability to
access cash or liquid assets held by lower-tier members of the group. This can occur due to
issued debt or other cash obligations that are legally only the obligation of the parent entity.
Hence the parent of a consolidated group can have assets greater than liabilities, but liquid
assets less than immediate parent entity cash demands.
In some jurisdictions the group supervisor can force up-streaming of cash or other liquid
assets from the subsidiaries to the parent entity, but this authority generally only extends to
the subsidiaries in the same jurisdiction as the parent.
It is also possible for a group to be solvent but one member of a group to be insolvent. This
raises the issue of whether a solvent group would/should be allowed to let its insolvent
subsidiary remain insolvent, despite having sufficient assets within the group to rectify the
situation.
These issues of solvent groups with insolvent members and solvent members with an
insolvent parent are some of the reasons why supervisory colleges and crisis management
groups are needed. These avenues for regulatory cooperation, as well as group supervision
legal frameworks, need to contain mechanisms that address these mixed solvency/insolvency
possibilities for groups.
Increasingly supervisors look for group and consistent solo level recovery/resolution plans
that have anticipated potential crises and examined the tools available to management to deal
with the situation.
The degree of interconnectedness among the group members and overall organizational
complexity can have significant implications for the orderly runoff or rehabilitation of a
group, as one portion of the group may not be viable but may be inseparable (or separable
only with great difficulty) from the viable sections of a group. Similarly, one portion of the
group may be viable for sale to generate needed capital for the remaining portion of the
24
www.gao.gov/assets/230/220977.pdf.
25
http://en.wikipedia.org/wiki/ABN_AMRO17 February 2015.
8-22
group, if not for those interconnections that complicate such a sale. Complexities and
connections that create these problems can include shared resources (e.g., shared accounting
systems, shared staff functions, shared investment staff), intragroup guarantees, shared
investments, cross-ownerships, etc.
Resolution is covered more fully in Chapter 11.
III. Issues for Actuaries
Actuaries fulfil a variety of roles within an insurance group, particularly (but not exclusively)
within the insurance entities. As described more fully in IAA Risk Book chapter 2, actuaries
may contribute to one or more of the three lines of defence within the entities of an insurance
group. In addition, actuaries may be involved with insurance groups through their
employment with consulting firms, rating agencies, regulators, etc.
Regardless of their employment, in conducting their work, each actuary should clearly
identify their target audience and the scope for their work. In working with insurance groups,
the actuary understands and appropriately takes into account the various issues outlined in
this chapter that are relevant to their work. Even though the focus of the actuarys work may
be restricted to a single legal entity of the insurance group, the work may require assumptions
regarding services, capital, investment return, etc. provided by other members in the group.
Actuaries have the skills to assess the risks to an insurers operations and to report on things
such as expected present value, the nature of risks, their uncertainty, confidence levels, the
results of stress testing, and scenario analysisnot just for the entity in question but also
more broadly for the group after taking into account the types of group risks described in this
chapter.
When participating in work that is group-wide in nature, it is important that the relevant
stakeholders have a clear view of the risk issues involved with complex activities and
interactions of an insurance group. Actuaries involved with risk management generally
and control functions specifically (i.e., those identified by the IAIS in ICP 8 with respect
to actuarial matters and risk management control functions), throughout the insurance
group, have appropriate regard not only to their entity-specific responsibilities/risks but
also for the wider group context/risks within which their work is conducted.
In addition, the head of the group benefits from having adequate access to actuarial
expertise (e.g., group level ORSA). For some insurance groups, supervisors may require
the establishment of an actuarial function at the group level.
Alan Joynes, FIA, is retired life reinsurance actuary with experience in group risk
management, financial reporting, and, most recently, assessment of regulatory developments.
He can be contacted at ajoynes62@gmail.com.
Ralph Blanchard, FCAS, MAAA, is Vice President & Actuary for the Accounting Policy
Department at The Travelers Companies, Inc. He is located in Hartford, Connecticut, USA.
His area of expertise is property/casualty insurance, particularly those areas involving
financial reporting (including U.S. GAAP, U.S. statutory and fair value estimates), asbestos
claim liabilities, Risk Based Capital measurements, and capital management issues. He is
also a past president of the Casualty Actuarial Society. He can be contacted at
rblancha@travelers.com.
8-23
Stuart Wason, FSA, FCIA, MAAA, Hon FIA, CERA, is Senior Director, Office of the
Superintendent of Financial Institutions (OSFI). He is located in Toronto, Canada. His
principal areas of expertise include life insurance and enterprise risk management. He can be
contacted at stuart.wason@osfi-bsif.gc.ca.
8-24
IAA Risk Book
Chapter 9Distribution Risks
Sam Gutterman
Each insurer uses one or more distribution channels to sell its productsinsurance policies.
These channels and their relationships with customers and potential customers represent a
significant intangible asset of the insurer. Nevertheless, risks associated with the distribution
process, including inappropriate marketing practices, create conduct of business risks. From a
prudential perspective, these practices can pose a material risk to an insurers sustainability,
brand value, and income-generating potential. The objective of this chapter is to describe and
assess the major sources of these risks to which insurers may be exposed and the processes
used to address them.
The key messages of this chapter include:
1. Although financial sustainability of an insurer is not often threatened by risks
associated with its distribution system and marketing practices, these risks can lead
to significant financial and reputational harm from lack of new business or poor
quality of business, which can in turn adversely affect its income, brand value, and
value as a going concern.
2. Distribution risks can result in risks to a distribution channel, to the insurers
business, and ultimately to its financial sustainability.
3. Some types of distribution risks are similar to operational risks, which are
unpredictable in nature, but can represent significant reputation and financial risks
to the insurer.
4. Perceived concerns regarding sustainability or brand impairment of an insurer can
result in a rapid deterioration of the size and effectiveness of the insurers
distribution system.
5. Insurance market conduct supervisors are charged with ensuring that sales and
service of insurance policies are made in a manner that delivers acceptable value to
the consumer. Their policies and actions can include a range of consumer
protection requirements such as suitability standards and disclosure requirements.
In some countries, it is common for actuaries to sign off on the accuracy of
illustrations of new sales/in-force insurance policies that clearly explain the
mechanics of complex or long-term products and provide advice on the suitability
of sales to customers.
6. Because of the importance of this risk, actuaries are involved in estimating the
quality of sales, assessing policy performance in pricing insurance products, and
helping to identify and measure distribution and conduct of business risks as part
of the assessment of overall enterprise risk management (ERM) for the effective
management of these risks.
IAA on 8 March 2016
2. Introduction
Although sales are important in every industry, due to the complex nature of many insurance
products and that in many cases they are sold rather than bought, they are especially full of
opportunities and risks. Distribution risks are ultimately the responsibility of the insurer.
Effective new sales to and continuation of coverage of an insurers customers are vital in
enhancing the value of both insurers and their distribution channels, enabling them to operate
soundly as effective and sustainable going concerns. Their customers may include individuals
and commercial companies. Insurers conduct sales through one or more distribution channels
(methods or processes of distributing an insurers products), either (1) by agents1 that
represent a single or multiple insurers or (2) through other means, such as a website, mobile
phone, or mail. Individuals involved in the selling process are often compensated through
commissions and/or incentive rewards, often a percentage of the premiums paid or assets
under management, or pre-set salary, possibly supplemented by bonuses or other incentives.
Agents that sell longer-duration insurance policies, some of which are complex and involve
savings accumulation, are often paid more during the first policy year to reward successful
new sales to customers or new policies to existing policyholders. There are also shorter-
duration insurance policies, such as policies that provide group and short-term life insurance,
motor, property, and other casualty insurance. Insurance can also be sold directly through
partners (e.g., banks, micro-insurance institutions, and postal services) or other means (e.g.,
websites, phones, mail, or advertising).
There are many marketing methods used by insurers, nuances of which vary by market,
coverage, country, technology available, and historical development of the insurer. In
addition, an insurer can utilize multiple or hybrid forms of distribution methods. The
appendix to this chapter provides a description of some of the most significant methods used
in many countries.
1
This chapter uses the term agent in a broad sense, including agents, brokers, and employees. In its Insurance
Core Principle (ICP) 18, the International Association of Insurance Supervisors (IAIS) identifies this category as
intermediaries. They might also be distribution partners or sponsors that are responsible for or are involved in
the distribution process, but whose primary business is not insurance and may not be licensed as an agent. They
may be individuals or entities.
Differences between these types of agents can arise because an agent may be viewed legally as representing
only one of the parties, typically the insurer, while a broker may be viewed legally as more independent,
possibly having some level of fiduciary responsibility to the potential customer. ICP 18.0.9 indicates that (1)
where the intermediary acts primarily on behalf of the insurer, the intermediary sells products for and on behalf
of one or more insurers, they are often referred to as agent or producer. Intermediaries may act for a single
insurer (sometimes referred to as tied) or represent several. The products they can offer may be restricted by
agency agreements with the insurer(s) concerned. (2) Where the intermediary acts primarily on behalf of the
customer, the intermediary of the insurer(s) whose products he sells. Often referred to as a broker, or
independent financial adviser, they are able to select products from those available across the market. As a
result, many jurisdictions differentiate between the requirements of intermediates defined in the supervisory
framework as agents and those of brokers.
9-2
There are three primary forms of distribution risk:
1. Risks to the distribution channel itself. The quality and sustainability of a
distribution channel are subject to a range of risks, which in turn can affect the
earnings and sustainability of relevant insurers.
2. Risks to the quality or volume of the insurers insurance policies caused by actions
of the distribution channel.
3. Risks to the insurer as a company and to its future sales capacity caused by the
actions of the distribution channel. These can include decreased volume and
quality of business, misselling (i.e., selling an insurance policy inappropriate for
the policyholders situation), and moving books of business in a way that may be
inconsistent with the policyholders interests.
Insurance supervisors are also concerned with the effect an insurer and the distribution of its
products has on the citizens of their jurisdiction. Distribution risks (such as inappropriate
agent behaviour) and marketing risks (such as inaccurate marketing materials) are referred to
together in this chapter as distribution risks. The distribution channel provides the
connection between the insurer and its customers, with its attendant risks of unacceptable
sales and marketing practice, especially with respect to those who are not financially or
insurance savvy. Insurance supervisors are usually charged with oversight of appropriate
product design and rates, including ensuring that insurance policies satisfy the needs intended
and treat the insurers customers fairly. This is in addition to ensuring the sustainability of the
insurance system and the insurers that make up that system. The complex nature and
perceived lack of transparency of many insurance products, as well as the relative lack of
knowledge regarding insurance risks and policy features, have resulted in the need for
consumer protection, especially relating to sales of insurance to individuals. These consumer
concerns have led, among other requirements, to the licensing of insurance agents, insurance
rate regulation, and in some cases regulatory review of insurance products prior to their sale.
In some insurers, the marketing process is viewed as encompassing all elements of the
development, maintenance, and management of new business and continuation of existing
business of an insurer, from designing and rating its insurance products; growing, managing,
and providing incentives for the insurers distribution channel(s); and communicating with
and educating its agents and its customers, as applicable. In contrast, in other insurers the
marketing function is distinct from the sales function, which has a separate organizational
structure devoted to overseeing operations relating to the insurers distribution channels. In
either case, marketing is involved with, if not responsible for, the development and
management of its brand through such approaches as partnering, advertising, sales promotion,
and sponsorships.
Some risks are joint risks between the insurer and its distribution channels, especially in the
case of agents who are tied to a single insurer, whether as independents or as employees. For
example, adverse events or publicity can affect both the insurer and the distribution channel,
either directly as a result of data risks (such as cyber-risks or customer file hacking, or
inadvertent incorrectly recorded transactions, not uncommon when the Internet or phone is
9-3
involved) or in the extreme through criminal activity (such as fraud). If trust in the industry is
adversely affected, both the insurer and the insurance distribution channel are negatively
affected as well.
Although the emphasis of this chapter is focused on the risks associated with an insurers
distribution channel(s), it is important to note that the benefits of an effective distribution
channel are quite significant to the success of the insurer. These risks can be assessed on a
qualitative as well as a quantitative manner. Not only does the distribution channel(s)
constitute the source of ongoing business and in some cases base from which policyholder
services are provided, it can also serve as an effective mitigation tool against other business
risks, including field underwriting, communicating the value of the insurers brand, a positive
relationship between the insurer and its customers, and positive influences with respect to
market conduct.
3. Risks to the Distribution Channel

Given that effective and efficient distribution channels are of crucial importance to the
generation of the future business of an insurer (including in some cases the continued
profitability of existing business), risks to one of the insurers distribution channels can in
turn represent a substantial source of risk to the insurer.
Examples of such risks include a deterioration of agent continuity resulting from an aging
sales force (for instance, in some developed countries a concentration of post-World War II
baby boomers who are currently retiring); skilled salespeople who may not be skilled at being
managers of field relationships and operations but have been placed or are chosen to serve as
such managers; a poor reputation of its agents due to past inappropriate or fraudulent sales
practices; new sources of competition to agents including mobile/Internet-based sales; more
intense competition in the same type of distribution channel; poor sales management as
evidenced by uncompetitive pricing, compensation, or support services; overconcentration of
sales in a single agent or customer; managing general agents that are more focused on
generating high sales volume than on generating quality or profitable (to the insurer) sales;
and more modern technology that diminishes the relative effectiveness or efficiency of the
current distribution channel.
Reputation risk to the insurer can, of course, arise from many sources in addition to the
insurers agents. For example, it can also arise from adverse publicity generated by agents of
other insurers (the industry), bad claim practices, intense competition, government actions, or
bad media relations.
Especially if the agent is tied to a single insurer, a negative reputation event will also likely
lead to adverse publicity to the agent. A related example is that if an insurers client data file
is hacked, not only will there be a loss of customer privacy and possible adverse
consequences to the policyholder, but the agents relation with the policyholder may also be
negatively affected.
9-4
4. Risks to the Quality or Volume of the Insurers Policies Caused by the
Distribution Channel
The distribution channel(s) and target market(s) of the insurer can significantly influence the
type of insureds an insurer will provide insurance to, which consequentially results in
different levels of expected insurance cost. Field underwriting2 may influence the nature and
type of exposures to risk that the insurer will be subject to. Examples of concerns include
quality of insurance risks covered in relation to what is anticipated in the insurers pricing
assumptions and policyholder behaviour (e.g., applications not placed, policyholder
terminations prior to the policys expiry) and move business away from the insurer.
1. Risk selection. Often, but not always, agents directly or indirectly participate in the
risk selection process through identification of customers and field underwriting,
which may result in experience inconsistent with pricing assumptions due to
potential anti-selection, policyholder moral hazard, or even fraud by applicants.
Agents can be more focused on maximizing their personal revenue than
maximizing profitable salesparticularly a concern with managing general agents
who have been given significant autonomy with respect to the field underwriting
and management of their individual agents. If an independent agent splits its
business between more than one insurer, the business directed to a particular
insurer might be of worse quality, representing adverse risk selection against that
insurer. In addition, if an agent gathers incorrect or incomplete information
regarding the quality of the risk, the insurer may as a result make incorrect
underwriting decisions.
2. Policyholder behaviour. Although often thought of solely in relation to premature
voluntary policy terminations and nonpayment of premiums relative to pricing
expectations, policyholder behaviour also can result in moral hazard with respect
to the expected amount of claims or in fraud. Agents can also influence
inappropriate exercise of policy optionsfor instance, the exchange of one policy
for another, especially one of another insurer, is often referred to as replacement.
Such a replacement may not be in the best financial interest of the policyholder, as
it might be the result of an agent more incented by large front-end commissions on
long-term insurance policies or by a bonus for block-transfers of a book of short-
duration insurance policies such as automobile or personal property insurance, than
by the best interest of the policyholder. In fact, a replacement can indicate a
situation in which a conflict of interest3 or misselling may be present. In some
cases it may not be evident who owns the insurance policyholder relationship
2
Selection of potential insured risks by agents in the field, either judgmentally or in accordance with rules set by
the insurer, often confirmed by an insurers underwriter.
3
A conflict of interest can arise where compensation is paid by the insurer for a sale of an insurance policy by
an agent. Such compensation may incent an agent to steer a sale toward a product that provides a larger amount
of compensation. It may especially arise where it is not clear whether the agent is working primarily on behalf
of the insurer or the insured. This has led in some jurisdictions to a greater use of fees payable by the customer
for the service of the agent or of required disclosures of the amount of compensation provided.
9-5
this may result in alternative service responsibilities and movement of insureds
between companies. In summary, agents can influence policy lapse or non-
continuation behaviour counter to the best interest of the policyholders, which at
the same time can impair the recovery of acquisition expenses or increase anti-
selection against the insurer.
3. Policyholder interfaces. A lack of effective and convenient customer interface,
whether via technology (website, mobile phone, or toll-free call-in number) can
cause significant brand (and even industry) damage for an insurer and its
distribution channels.
Actuaries regularly monitor policy experience and develop expectations regarding policy
performance and policyholder behaviour, indicated by such experience as high policy lapse
and low policy continuation; agent retention; and claim approval rates, changes in sales
volume, and expense margins, which are incorporated in premium rates and valuation
assumptions. Whether through internally tracked or external customer complaint sources
(e.g., sponsored by regulators, independent firm or social network), complaint resolution
metrics (by type, resolution percent, and timeliness) can provide useful feedback information
to the insurer and supervisor. These are suggestive of distribution issues needing immediate
insurer attention. As deviations from these expectations emerge, the insurer assesses whether
its expectations need to be revised or corrective action is needed with respect to the insurers
distribution channel or underwriting.
5. Risks to the Insurer Caused by Distribution Channel Activities

The characteristics and quality of a distribution channel, or the effects of management
decisions relating to a distribution channel, can also expose the insurer to direct damage in
several ways.
Risks resulting from the operation of a distribution channel can include:
1. Concentration riskthat is, overreliance on a single distribution channel, a few
agents, or a few insureds. In the extreme, this can be the result of over-dependence
on the insurer on a single agent or relationship that could (1) adversely influence
corporate policy, pricing levels or underwriting decisions; (2) adversely affect
profitability; or (3) terminate a significant amount of business from the insurer if
corporate decisions dont go its way. Alternatively, if, for example, a large portion
of an insurers sales are from agents located in a particular retail chain (such as a
bank or department store), a decision by that retail chain to end the relationship
may materially impact the insurers financial position.
2. Outsourcing risk. If the management of a distribution channel has been outsourced
to an intermediary (e.g., to a managing general agent) or to a partner (see
partnering risk below), the insurer usually has less control of the channel and its
business. Although this can result in high acquisition costs because of relatively
high commissions/fees, this may be offset by the functions and services provided
that the insurer no longer has to fund directly. The outsourced entity may be able to
provide immediate scale or recruit more agents more quickly through which higher
9-6
volume might be able to be achieved and access to new markets might be obtained,
although the arrangement might at the same time contribute to increased
concentration risk. Careful ongoing oversight may be required to overcome the
direct loss of control.
3. Partnering risk. This can result from partnership with other firms, possibly with a
bank (Bancassurance), a retail network, or micro-finance institution, with the
responsibility for various functions, including distribution, split between the
partiesthe relationship involved is usually similar to the outsourcing situation. It
should be noted that the more parties involved in the acquisition and servicing
processes, the greater the likelihood of inadvertent or intended risks. In addition to
the obvious risk of the partner becoming bankrupt, misaligned motivation and
incentives, ineffective coordination, and a lack of an exit strategy may harm the
insurer. In fact, the partner may be more involved with promoting itself than the
success/profitability of the insurance co-venture; if, for example, a representative
of the partner sits on the board of the insurer, that representative might influence
the decisions of the insurer to favor the partner (as a result, many jurisdictions
forbid agency firms to be on the insurers board). In the case of a bank partner that
acted as a corporate agent, the partner could exert undue pressure and influence on
the banks customers to purchase insurance policies passed off as investment
products. If inadequately monitored and managed, a potential for misselling and
fraud exists, which is bad for business both in the short and long term, representing
brand and reputation risk for the insurer.
If the partner is responsible for collecting premiums, the insurer needs to monitor
the delivery of premium payments directly to the agent or other intermediary,
because they might never reach the insurer, resulting in loss of coverage by the
policyholder and ultimately a loss of reputation by the insurer. This could also lead
to significant increases in internal and external cost, including litigation costs. This
type of risk, which may be widespread among insurers across a particular
marketplace or isolated to a particular insurer, is similar to other types of
operational risks, leading to loss of future new business. This risk can be
exacerbated if the insurer delegates control and inadequately monitors the actions
of the agents or managing general agent, as applicable. See Section 6 for further
discussion of these risks and related issues of supervisory concern.
4. Cost versus control. The choice of a particular type of distribution channel requires
an assessment of the risk of higher compensation, support cost, and effective
oversight. Sudden changes in the cost, quality, or number of agents, especially
involving a particular product or sector, have to be monitored on a regular basis.
Indicators of such a change include unexpected changes in new business, not
placement or lapse/continuation rates, outsourcer fees, or bankruptcy of outsourced
agents. In any case, the actuary is sensitive to the level of expenses involved in the
insurers operations, including the cost of acquisitionto assess relative
competitiveness and the cost and success of agent recruitmentand care is needed
to ensure that the agent does not benefit more than the policyholders.
9-7
5. Up-front compensation. Insurers in many countries pay significantly greater
compensation (to those generating the sales or those who are compensated by
additional sales) at policy origination than at the time of renewal, e.g., long-
duration life insurance sold to individuals. On the one hand this can align the
interests of the agent and the insurer because in both cases a profitable product can
create long-term capital/value for the insurer while providing capital to the agent to
build and invest in the business of the agent. On the other hand, it can negatively
affect the sustainability of agents as they can become dependent on new sales for
cash flows and do not build up a continuing stream of income. In addition, it is
important to recognize that this can create a conflict of interest as a result of an
over-emphasis on placing new business by agents and on moving (replacing)
blocks of business between insurers or between products of the same insurer, a
reduced ability to recover acquisition expense, moral hazard, and, in the extreme
cases, fraud. Whereas the insurer has an interest in retaining policies and
policyholders to ensure recovery of its up-front costs, up-front compensation
reduces the incentive for the agent to keep a policy in force, increasing the
incentives for selling policies with higher compensation and for churning
(replacing) the policy that may not be in the policyholders best interest. Excessive
compensation can prove to be a long-term detriment to consumers, especially for
policies with a heavy investment component, e.g., privatized pension products
previously sold in Latin America.
6. Expense recovery risks. Both greater expenses and inadequate new or total
business volume relative to pricing assumptions can lead to a reduction in
profitability. Although potentially caused by inaccurate actuarial estimates, this
risk can also be caused by a sudden adverse change in distribution channel quality
or effectiveness. This impaired expense recovery results from fixed or non-variable
expenses or lack of new business or greater than expected policy lapse or non-
renewal rates. Larger unit expenses are typically included as part of a stress test to
assess the magnitude of its possible impact.
7. Rogue agents. In certain cases, an individual agent could act in a manner
inconsistent with an insurers policies and rules, or collude with a third party to
take advantage of the insurer, another party, or society. The action might be illegal,
such as modifying an insurance policy without the consent of the insurer, charging
unauthorized fees, or acting in a fraudulent manner. Such action, once identified
and reported to the supervisor or communicated to the public, can cause irreparable
harm to the insurers brand/reputation and cost the insurer a great amount of
resources. This can be identified through monitoring of individual agents business
for early lapses, poor placement rates, or missold policies. An insurer can also
inquire of peer companies or an applicable supervisor whether a prospective agent
has been terminated with cause.
8. Tax payments. In some countries, the tax status of agents might change
retroactively (e.g., from being an independent contractor to an employee), possibly
resulting in considerable tax payments or penalties for the insurer and restructuring
of its distribution strategy.
9-8
9. Technology/regulations. New technology or new regulations can make the current
distribution process irrelevant or overly expensive. An example of the use of new
technology includes mobile phone apps used to purchase or pay premiums for
insurance. For instance, new regulations may require additional continuing
education requirements or fiduciary responsibilities, which may result in increased
cost or inability to recover previous sunk cost.
10. Uncollected chargebacks. In some cases, commission will be charged back to an
agent out of future commissions if long-duration policies lapse in their first policy
year. However, if an agent severs its relationship with the insurer, the chargeback
may become uncollectable.
11. Multi-level marketing. Ponzi, or pyramid schemes, where agents are compensated
upon recruitment of additional agents, might arise, although rare in insurance.
These situations, banned in several jurisdictions, can benefit agents, but eventually
run their course to the benefit of no one, other than the first few participants in the
scheme.
12. Political risk. If the agent or sponsorship is provided by a government or
governmental agency, if the head of that government or governmental agency
changes or changes policy, or if fraud or kick-backs are proven, the relationship
and business can be adversely affected, especially if a large part of the business of
the insurer.
Poor management governance practices related to its distribution can also weaken insurer
performance. These can include:
1. Ineffective or unsuitable distribution channel. A poorly designed or managed
distribution channel can develop a low quantity or quality of insurance sales and
create a poor public image for the insurer. It can be unsuitable if it is not
appropriate for the needs, knowledge, or culture of the target market. This may be
as or more important than unsuitable products in providing quality products.
2. Management resource risk. It is often a priority to maintain the loyalty of top
agents. This may require considerable time by top management and its employees
in agent relationships to maintain their loyalty. Although this may be a consciously
chosen business priority, it also might divert an inordinate amount of top
management time from important strategic issues and toward quantity rather than
quality of business.
a. Over-emphasis on gaining market share. In some cases, the emphasis of
management can be so focused on gaining or defending market share that the
quality of its distribution channel, agents, and insurance risks suffers. This can
arise when staff in charge of sales or marketing emphasizes increases in sales
at the expense of quality of agents, sound underwriting practices, or premium
adequacy. An early warning signal of this happening might be a surge in
market share that cannot be explained by another factor. Regular discussions
with agents can provide insight into the underlying reasons for such a change,
which can then lead to appropriate corrective actions.
9-9
3. Inappropriate product and pricing governance. Mitigation efforts include the
design of products suitable to the distribution channels used and target markets,
and costs consistent with desired level of competition and risk tolerance.
4. Sponsorship risks. Advertisements and sales can be augmented through the
endorsement or other use of sponsors and brand salespeople, such as a celebrity.
As with any marketing effort, a deterioration in the reputation of the sponsor,
celebrity, or agent can result in a significant reduction in the marketing potential of
the insurer, although that might prove temporary with timely action by the insurer.
Because of the importance of these risks to the insurer, actuaries are involved in estimating
the quality of sales and policy performance in the pricing and valuation of insurance
products, as well as in the ERM assessment of the effective management of these risks and
distribution performance. Effectiveness and accuracy of sales material, whether in sales
brochures, presentations, policy illustrations, website, or mobile phone apps, can be pre-
screened or audited, as applicable and needed. Although not normally involved in agent
training, actuaries can be involved in the development of educational material regarding the
products and needs addressed by the products. This involvement not only enables insurers to
better identify these risks, but to also develop or enhance the mitigation tools that can reduce
the incidence and management of the severity of these risks.
6. Consumer Protection/Selling Risks

Insurers owe their customers a duty of care, which goes beyond simple compliance with laws
and regulations. Since either their agents or other contacts with customers are usually
provided indirectly through others or by means of technology, distribution and sales risks
need to be soundly managed. As a result, the protection of consumers against inappropriate
market conduct risks is quite important and should be within the scope of an insurers ERM.
A culture of fair business conduct, responsible pricing, and claims management is a key
element of this area of risk managementboth top-down and bottom-up methods and
emphasis are needed to properly fulfil this important function.
In addition to assuring that contractual promises made by an insurer are kept by means of
regulatory standards and supervision of those insurers, insurance supervisors are also often
charged with ensuring that the customers of an insurer are treated fairly and are sold policies
that meet their insurance needs. In some jurisdictions this supervision is conducted by the
same supervisory authority as the supervisor charged with ensuring the solvency of insurers,
while in others they are separate.
As a result, supervisors may regulate and monitor certain aspects of rates, products, and
agents. This can be done, for instance, in areas such as rate and policy form approvals,
minimum standards for policy illustrations and disclosure, remuneration limitations, and
agent licensing.
It should be noted that certain regulatory rules designed for agent-based distribution may not
be suitable for situations in which an agent is not involved. Supervisors in some less
developed jurisdictions may not have adequate resources, rules, or ability to assess penalties
for noncompliance. In addition, the regulation of distribution of insurance sales or products
9-10
may fall in the cracks between supervisors with specified responsibilitiesfor example,
between different industries/products or solvency/distribution. In some cases, not all those
involved in the selling process may be required to satisfy minimum knowledge and
experience in the insurance area.
Insurers are subject to conduct of business risk.4 Effective management of this risk consists of
both operational (process) and strategic (determining the business model followed, including
distribution and marketing objectives) elements. A key component of this management is
early identification and avoidance of inappropriate market conduct, which can ultimately lead
to or be suggestive of future lack of sustainability and sound financial condition, which in
turn represents a prudential solvency risk. In addition, they may be a symptom of ineffective
governance and lack of internal controls over an insurers distribution process.
Inappropriate market conduct and lack of consumer protection can result partly from an
asymmetry of knowledge regarding insurance and insurance policy features and practice that
may be complex and include many technical aspects. This asymmetry is presumed to be more
pronounced where the buyer is an individual (such as in the purchase of individual life
insurance, micro-insurance, and personal automobile insurance) rather than where the
buyer/sponsor is a commercial enterprise (such as is the case for group insurance, commercial
liability, or reinsurance). This concern may also arise in less developed markets and
jurisdictions. More consumer protection is needed where greater asymmetry exists.
Risks relating to a failure to adhere to regulatory-mandated or generally accepted behaviours,
particularly if an insurer or its distribution channels take advantage of this asymmetry to the
detriment of customers, are referred to as conduct risks in many jurisdictions. In this century
some financial services companies, especially but not exclusively banks, have incurred large
fines due to inadequate management of conduct risks. In some cases, conduct risks have been
a significant driver of operational risk losses.
Insurance market conduct supervisors are charged with ensuring that sales of insurance
policies are conducted in a manner that delivers acceptable value to the consumer, often
resulting in consumer protection requirements, including relating to policy features and
illustrations of new sales and in-force policies. In some jurisdictions the content of policy
illustrations is highly regulated, while in others it is primarily self-policed.
In highly regulated jurisdictions, actuaries are often involved in preparing the values and
descriptions of the content of policy illustrations and may be subject to actuarial standards. In
self-policed jurisdictions it is especially important that objective advice be provided to those
preparing the illustrations, particularly in jurisdictions with less developed insurance markets,
where actuarial involvement can be beneficial to help ensure that they are objectively and
accurately prepared and are accompanied by understandable information and education,
which should be conveniently accessible.
4
Risks to customers, insurers, the insurance industry, or the insurance market that arise from the conduct of
insurers and/or their distribution channels in developing and managing their business in a manner that may not
fairly treat their customers. For further discussion, see the IAIS Issues Paper on Conduct of Business Risk and
its Management: http://iaisweb.org/index.cfm?event=getPage&nodeId=25244.
9-11
User-friendly educational information and clear and concise disclosure suitable to the market
concerning the workings of insurance (not excessive, as that will likely be ignored by most
consumers), provided by insurers, agents, supervisors, schools, or the media can help mitigate
any asymmetry and enable consumers to make more well-informed insurance decisions. The
sophistication of disclosures should be tailored, where possible, to the knowledge of the
usersthis is valuable even when middle- and upper-income individuals have enhanced their
knowledge through readings about insurance from the Internet or from price comparison
websites. Less complex and clearly written policies and policy features can help, especially in
less developed markets and jurisdictions. This is particularly important where investment risk
is not transferred to the insurer, where there are benefit deductibles and exclusions and
possible rate increases, or where the policyholder may not understand all available benefits.
Fairness in treatment may include ensuring that rates charged are not unfairly discriminatory
among classes of consumers and that the insurance policies offered adequately meet the
needs of the consumers and that they are not overcharged. Concerns over excessive premium
rates have arisen for products such as credit life/health insurance (where the consumer is
more interested in the loan than in the insurance, so may be subject to excessive premiums in
relation to the cost of insurance) and extended warranty coverage, while also for policy fine
print, which are inconsistent with policyholder expectations and may affect benefits and
claims. Such situations may result from ineffective competition at the consumer level and a
lack of informed choice.
Since the distribution system plays an important role in the effective delivery of insurance
policies, insurance supervisors are concerned with the effectiveness of the distribution system
in soliciting new customers and servicing existing customers. This has led to the licensing of
insurance agents to help ensure that these agents have achieved and maintain an acceptable
level of knowledge of insurance policies and insurance and financial needsput in place to
provide a framework for regulatory compliance and supervisory oversight.
In response to situations where insurance policies have been missold to consumers (that is,
they are not suitable to satisfy the specific consumer needs for which the product was
designed), possibly due to the incentives that led to up-front compensation to agents,
supervisors have enforced certain consumer protection rules and, in extreme cases, redress.
Depending on the market, type of insurance purchased, and individual involved, an insurance
consumer may not have sufficient knowledge to completely understand the insurance policy,
including its benefits and obligations. In certain cases, an agent or sales information might
suggest, through explicit or implicit means, an insurance policy or amount of insurance that is
inappropriate for a particular consumer. In others, benefit/claim limitations or exclusions are
not clear. In some cases, a pattern of misselling has resulted in substantial fines of insurers or
compensation to consumers, which can also result in a significant reduction in the insurers
brand value.
Examples of misselling include: pension misselling in the United Kingdom, credit and
payment protection insurance, selling a payout annuity to someone who is seriously ill,
inappropriate tax advice or use of a policy designed to dodge a tax rule, the sale of a product
designed to help customers in a different income tax category, and inadequate disclosure of
9-12
the need for a separate flood or earthquake policy to a customer with material exposure to
such a hazard.
As mentioned above, historically, compensation provided by the insurer to agents who sell
long-duration insurance policies, especially permanent life insurance, has been front-ended
that is, agent compensation in the first year of the insurance policy is much larger than in
subsequent years. This has generally reflected the significantly larger investment of time
needed to sell these policies than needed to service them. This can create a conflict of interest
that can incent the agent to churn the business and has led to cases of misselling, or even
fraud.
In some jurisdictions there has been a recent move toward increased disclosure of agent
compensation and in some cases has led to the use of fees charged to the insurers customer
instead of compensation provided by the insurer. Advocates of this change have claimed that
this will contribute to more objective advice. In several areas, some supervisors have limited
insurer expensesfor example, the state of New York in the United States has limited the
expenses of insurers in an attempt to provide more value to consumers, while in the United
Kingdom the insurance supervisor has conducted a review of "value for money" across
numerous life and pension products. Due in part to concern with potential conflicts of
interest, other supervisors have capped agent commissions at a certain maximum percentage,
possibly a function of services provided, have banned or restricted certain commissions or
other incentives, or required disclosure of commissions received.
Insurers, through a range of techniques, provide consumer protection that at the same time
manages sales risks. For instance, these controls can include initial agent screening, training
and continuing education programs regarding product features and proper sales techniques
and sales process rules and requirements, agent compensation and sales targets that consider
the implied incentives, agent discipline, periodic audit of sales processes, legal review of all
advertising and sales promotional material, and consumer education programs. For
distribution channels that do not involve agents, these include technology-efficient and
consumer-sensitive information. Various techniques are available to ensure high quality
distribution process, including the use of sales audits, customer satisfaction surveys, and a
responsive independent sales ombudsmen function.
These techniques not only provide consumer protection, but also protect the insurer from
harm from distribution risks. In particular, they are managed and monitored by the insurers
sales management and on the whole as part of insurers internal audit and ERM processes.
Consumer recourse, redress, or consequential adverse publicity, a full discussion of which is
outside the scope of this chapter, can be provided by many means, including through
consumer complaint services such as a supervisory or other consumer entity or reported on an
Internet website set up for this purpose.
Actuaries have also been involved in helping to control these risks. In some jurisdictions
these activities have included signing off on the accuracy of illustrations of new sales/in-force
policies that clearly explain the mechanics of long-term products and provide advice on the
suitability of sales to customers.
9-13
7. Conclusion
Distribution- and marketing-related activities, although not often thought of as serious
solvency risks, can represent significant financial risks to an insurer, as well as to its
customers. In particular, inadequate management of an insurers distribution channel and
agents can lead to situations with adverse consequences to an insurers sustainability, brand
value, and income-generating potential. In addition, supervisors are concerned with
inappropriate sales and service, which require consumer protection and consequential action
against sales practices and ultimately affect the advisability of allowing the insurer to operate
as a going concern.
Sound management of distribution risks will enhance and maintain the value of and trust in
the insurer as an ongoing concern. These risks have to be protected against, using such
elements as:
1. Key performance indicators of the performance of individual agents,
intermediaries, and distribution channels addressing the number of customer
complaints by type, retention rates of written business, surges in sales not seen
company-wide, and possible fraudulent red and yellow flags seen in new business;
2. Use of actuarial standards for suitable policy illustrations of long-term products,
where applicable;
3. Agent and consumer education as to suitable consumer needs for the offered
products;
4. A possible independent, accountable function (such as ERM) including the
monitoring of sales practices and suitability processes and their risks; and
5. Regulatory requirements that govern market conduct and sales practices, as well as
reviews that can assess the effectiveness of the insurer with respect to
disciplining/educating/managing its distribution systems.
9-14
AppendixTypes of Distribution Methods
There is a wide range of distribution methods in use by insurers, the relative importance of
which depends upon the market, the coverage, available resources, technology, and historical
development. An insurer can utilize multiple channels, often one for each business unit,
although some business units also utilize multiple distribution channels. Agents (see footnote
1) serve as intermediaries between the insurer and the ultimate insurance consumer, and can
be an individual or take the form of an agency, a group of individuals. An agent can
specialize in a particular type of insurance product or sell many types. In addition, an insurer
may use a combination of these methods in a particular market, e.g., through leads generated
by direct or website contacts, followed up by contact from independent agents or insurer
employees.
A distribution channel may involve more than one distribution approach or a hybrid method,
and that any categorization represents an overlap of approaches, e.g., a full-time career agent
may be an employee of an insurer or independent, and a sale may involve both website and
agent. The following is one categorization of distribution channels:
1. Full-time (tied or captive) career agents. They can be employees or independent
contractors who represent a single insurer, primarily involved in selling that
insurers products. The classification as an employee or independent contractor can
result from tradition or tax laws. A new agent can be subsidized for a period to
allow for training and development of customer relations.
2. Salaried employees. They sell products directly to the customers of the insurer.
This approach is often used in sales to large accountsfor instance, selling group
life/health or commercial property/casualty insurance to large corporations, or
direct insurers in the case of reinsurers. Salaries can be fixed or can include
incentives /bonuses as a reward for successful sales.
3. Independent agents. These are not employees of the insurer. They can be brokers,
who can represent multiple numbers of insurers, or those who only sell insurance
provided by a single insurer. Their primary business may or may not be to sell
insurance products.
4. Consultant-led agents. In some market segments, particularly institutional ones,
clients employ specialist consultants or advisers to help consumers select between
competing providers. Regulatory trends tend to differentiate between agents
remunerated solely by the client and the sorts of independent agents referred to
above who may traditionally have been remunerated primarily by the insurer.
Some insurers distribution risks diminish if the gatekeeper to the client is
remunerated by the client rather than the insurer, but other risks increase, such as
the risk of falling out of favor with leading consultants for that market segment.
5. Partners. Sales can be generated by or as a result of a partnership with a wide
variety of industries that would not otherwise specialize in selling any insurance or
the insurance of the type sold. This can involve working with partners or sponsors,
sometimes with their own existing networks, whose primary business is not
insurance. In some cases, they may not be licensed as an agent. This may provide
9-15
an entre, possibly in the form of bundled products, to potential customers that
they would not otherwise be able to access. In some jurisdictions, this includes
Bancassurance, in which banks participate, either as an affiliate, partner, or
distributor of an insurers products. Other examples include retail chains,
telecommunications entities, micro-finance institutions, trade unions, and post
office outlets. Others can sell insurance:
a. As a consequence or coordinated with the sale of related products, e.g.,
financial institutions at the time loans are provided and mortuaries (e.g., pre-
need insurance) in anticipation of a future burial.
b. That specialize in other types of insurance. For example, sales of life insurance
by those who primarily sell property and casualty insurance.
c. As part of a broader portfolio of products, e.g., other financial institutions and
asset managers, especially for wealth products such as annuity, pension, life
insurance, and savings products, by employees of the financial institution or
the insurer embedded in that related or unrelated companies operations.
6. No agent involvement. Many variations of distribution channels that do not involve
or require sales representatives of an insurer exist. In some cases, particularly
where a method does not involve an agent to attract a potential customer, an agent
who may specialize in insurance will become involved to provide advice or close
the sale. They include:
a. Website. Sales are obtained through use of a website, often from customers
searching for a suitable insurer or insurance policy. In some jurisdictions, an
increasing percentage of sales are conducted through the Internet (for
example, based on price comparison websites5 (PCWs), which may not be
able to match needs with product, and may increase the risk that a
policyholder decides on a policy solely on price rather than quality or
consistency with the individuals needs). Needs for insurance may be
established through information obtained on the website or exchanged through
social media.
b. Mobile phone. Insurance is sold through or with some assistance provided by
a mobile network operator, which may pay premiums on behalf of its
customer as long as there is a minimum amount of phone usage in the period.
c. Advertisements. This method can either be aimed at enhancing an insurers
brand or enticing potential customers to inquire about the insurers specific
products.
d. Direct. Sales through this approach can be made through the mail (post),
phone solicitation, or through various technologies.
5
In the European Union, the Insurance Distribution directive considers PCWs to be an insurance intermediary.
9-16
e. Affinity/loyalty. Sales are made through an affiliation of the customer, for
example, through an association, labour union or cooperative where the
customer is a member or through workplace schemes.
Some insurers have bought blocks of business from other insurers, if not through acquisition
of an entire insurer, sometimes obtained through the use of an investment banker. In some
cases this block of business or insurer is put into run-off modethat is, the distribution
system used to produce the business does not actively pursue new business for the insurer.
Not only are the normal risks associated with deviations from expected experience (e.g.,
policyholder behaviour, mortality, or claims), but if inadequate due diligence was performed,
they might include the cost associated with selling risks including misselling practices
generated under prior management.
A managing general agent is a company or agency that controls the means of distribution,
usually by means of multiple sub-agents. In some cases, in return for additional compensation
it is responsible for specified marketing or other servicing functions.
Sam Gutterman, FSA, FCAS, MAAA, Hon FIA, CERA, FCA, is a consulting actuary,
located in Glencoe, Illinois, USA. His areas of expertise include financial reporting for all
lines of insurance, social insurance, demographics, and the environment. He can be contacted
at sam.gutterman1@gmail.com.
9-17
IAA Risk Book
Chapter 10Own Risk and Solvency Assessment (ORSA)
Maryellen Coggins
Nick Dexter
Malcolm Kemp
John Oost
Own Risk and Solvency Assessment (ORSA) processes sit at the heart of effective enterprise
risk management (ERM). While regulators worldwide understand the value of the
information communicated as a result of ORSA processes, ORSA is best thought of not as a
regulatory requirement but as a collection of internal own processes, highly tailored to the
nature, scale, and complexity of an insurer, that result in key strategic information for senior
management and the board.
Key observations/findings from the chapter include:
ORSA is an ongoing part of risk and capital management practices and has merit
beyond any regulatory requirement;
ORSA is not a one-size-fits-all process. Significant variations occur from
company to company, and even within different organizational units of large
groups;
Both quantitative and qualitative analyses support ORSA processes;
ORSA processes are most effective when integrated within other business
processes, particularly strategic and business planning, capital management, and,
as appropriate, product pricing and underwriting;
Promoting ORSA disciplines has value at both a macro (i.e., industry-wide) and at
a micro (i.e., company- or group-specific) level; and
Actuaries are highly experienced in assessing complex topics and have the skills
and professional processes and perspective needed to create valuable risk analysis
frameworks for management, boards, and regulators.
2. Introduction
The last decade has seen some important advances in the development, use, and application
of sustainable enterprise risk management (ERM) frameworks within insurance
organizations. As the insurance supervisory community observed the benefits of ERM, many
key ERM practices were incorporated into Insurance Core Principle (ICP) 16 Enterprise Risk
Management for Solvency Purposes, promulgated by the International Association of
Insurance Supervisors (IAIS) during 2011. Likewise, more general core risk management
principles have been codified in ICP 8 Risk Management and Internal Controls. ICP 16
IAA on 8 March 2016
reaffirmed for insurance and reinsurance companies the key elements needed for strong and
effective ERM practices, and reminds regulators and supervisors worldwide of the need to
encourage strong ERM practices within their regulated entities.
ICP 16 requires that a company (defined as either a solo entity or group) establish an ERM
framework that specifies the processes and techniques the company will use to maintain its
risk exposures within predefined risk limits, and states that a companys risk management
framework is to include several key elements, with each element operating in a manner that is
consistent with the companys nature, scale, and complexity. Some of the key elements
identified within ICP 16 for an insurers ERM framework include:
1. It must provide for the identification and quantification of risk;
2. It must include risk management policies to guide the company;
3. It must establish and maintain risk tolerances setting out overall quantitative and
qualitative levels within which the company assumes and manages risk; and
4. It must be responsive to changes in the risk profile and the environment through
the periodic conduct and communication of ORSA results, and managements
strategic response to these results.
Specifically, ORSA is the ongoing process by which a company's senior management and
board routinely assess the key risks to which the company is exposed and the adequacy of
capital held to support the risks underwritten or accepted after mitigation and management
activities have taken effect, both now and in the future, under different scenarios and relative
to the company's appetite for risk. Periodic discussions of ORSA results provide benefits to
senior management and the board. Effective use of the ORSA also has wider implications for
effective regulatory review and oversight.
The primary objective of the ORSA is to support the company's strategic decision-making, by
providing insights into the risks the company chooses to accept in return for the reward that
can be expected over the business planning horizon. Specifically, the ORSA will:
1. Enhance the information basis for board decisions;
2. Provide senior management with an understanding of the company's current and
evolving risk profile relative to the companys appetite for risk under the various
stress events or scenarios and an understanding of the adequacy of the capital
resources to support both current and emerging risks;
3. Help build/maintain risk awareness throughout the company; and
4. Increase credibility and insight with regulators or supervisors.
Elements of the ORSA may also help supervisors better understand the companys risk
profile, risk management framework, and capacity to face the risks to which the company is
or may become exposed. More broadly, promoting sound ERM and specifically ORSA
disciplines across the insurance industry is considered by many to likely result in businesses
that are better able to face current and future risks and uncertainties that will, in aggregate,
lead to better and more robustly managed outcomes for policyholders.
10-2
3. The ORSA Process
The assessment of key risks and capital adequacy, both current and prospective, under both
anticipated (or baseline) and stressed conditions is fundamental to the ORSA process.
While these assessments must pay close attention to regulatory requirements, they
fundamentally represent a company's own view of the key risks and the level of capital it
needs and the risk management framework it will use to achieve its strategic objectives. It
thus goes well beyond the capital required to satisfy rating agencies (i.e., capital sufficient to
maintain a targeted financial strength or credit rating) or to satisfy regulators that capital,
together with the underlying risk mitigation strategies and control framework, is sufficient to
mitigate the risk of insolvency.
The ORSA process generally consists of a variety of assessments that result in an overall
understanding of a companys key risks leading to decisions regarding the management of
these risks and an understanding of capital adequacy at a given point in time, all
communicated through ORSA reporting. The process is expected to be carried out using an
overall approach selected by the company that it believes to be appropriate and adequate for
its own risk profile and strategic objectives. The ORSA approach is part of the companys
risk management framework and needs to fit the companys organizational structure and take
into account the nature, scale, and complexity of the risks the company faces and its appetite
for risk.
ORSA processes and techniques, which are part of the risk management system of the
company, consist typically of the following basic steps that need to be carried out on a
periodic basis and upon significant changes to the companys risk profile:
1. Identification of key risks, including:
a. Identification of the gross (inherent) and net (residual) risk profile of the
company; and
b. Identification and prioritization of material risks and emerging risks, that is,
specific risk events with a potential for having a significant impact on business
performance.
2. Risk and capital adequacy assessments, including:
a. Stress and scenario testing for assessing the financial effect of the quantifiable
material known and emerging risks identified, complemented by qualitative
techniques for assessing non-quantifiable material and emerging risks;
b. Quantification of required capital using an own risk measure (e.g., economic
capital), required regulatory capital, and other relevant risk measures such as
required rating agency capital;
c. Identification and acceptance of the principal expert judgements underlying
the assessments including the key weaknesses and limitations in the data and
models used;
d. Assessment of the resultant individual and aggregate risk profile relative to the
companys risk appetite framework; and
10-3
e. Assessment of the adequacy of available resources to meet the required capital
obligations.
3. Communication and reporting of ORSA results, including:
a. The results of key risk and aggregate risk assessments relative to the risk
appetite framework; and
b. An ORSA summary report, prepared with the main findings of the different
assessments and a description of the ORSA process.
4. Assessments of the ORSA process itself, identifying key expert judgements,
potential weaknesses, and points of improvement.
It is important to emphasize that an ORSA is not just a report or an outcome. It is an ongoing
process that a company carries out on a periodic basis and whenever the company
experiences a significant change in its risk profile or before major strategic decisions are
made. The true value of the ORSA can only be realized when ORSA becomes integral to
management's strategic decision-making.
Complementing the basic steps of the internal ORSA process, the following regulatory
expectations for the ORSA generally apply:
1. The ORSA is expected to include an assessment of the companys overall solvency
needs (both regulatory requirement and the companys own capital standard);
2. The ORSA is expected to be forward-looking, i.e., not merely assessing current
solvency needs but also adopting a medium- or longer-term, forward-looking
perspective where appropriate;
3. ORSAs take into account the companys risk appetite, tolerance, and limits;
4. In certain jurisdictions, the ORSA is expected to explain any divergence between
how assets and liabilities are valued and recognized in the ORSA and how they are
valued and recognized in the companys regulatory capital computations;
5. The results of the ORSA are expected to be taken into account in business
decisions, including decisions relating to capital management, business planning,
and product pricing and underwriting;
6. Group-wide ORSAs consider group-specific considerations, such as liquidity and
fungibility of capital; and
7. The ORSA is expected to be adequately documented such that a third party of the
appropriate level of expertise can understand the principal methodologies,
processes, key assumptions made, and judgments applied in the ORSA process.
4. Conducting an ORSA
ORSAs are conducted on all material and relevant (key) risks; utilize appropriate processes
for assessing risk and capital adequacy, both as of the evaluation or assessment date and over
the business planning horizon; and are to be clearly and appropriately communicated to
senior management, the board, and regulators.
10-4
I. Identification of Key Risks
The risk profiles of insurance companies vary widely from company to company as a result
of the significant variability in business models that they adopt and environments in which
they operate. This means that the types of risks to which a specific insurer or reinsurer is most
exposed can vary significantly. In general, insurance companies are exposed to different
combinations of market, credit, insurance (e.g., premium, reserve, catastrophe, mortality,
morbidity, expense, and lapse), and operational risks based upon the products they
underwrite, the investments they hold, and the quality of and control over their operations.
For example, a pure unit linked life insurance company (writing savings products that do
not include any embedded guarantees and with minimal protection cover) may be, relatively
speaking, heavily exposed to operational risk (and possibly lapse risk) but may only be
relatively indirectly exposed to market risk via the fees it collects on the assets being built up
by its policyholders. In contrast a long-tail property-casualty (i.e., nonlife) insurer may be
more heavily exposed to insurance risk.
Given the heterogeneous nature of risks a specific insurer or reinsurer may face, qualitative
methods for identifying the risks that are most significant to the insurer, both currently and
prospectively, include:
Discussions with senior management and the board, revealing the type of risks that
are most likely to keep senior leaders awake at night;
Workshops (usually facilitated by risk managers) during which business leaders
explore and rank a range of risks they think are important to their businesses or
functional areas;
Review of risks that other similar companies believe they are exposed to or have
suffered loss from, possibly supported by external advisers or data sources;
Consideration of scientific and environmental reports; and
Review of the companys own past losses and near misses to understand past
risk drivers, causes, and impacts.
The processes involved can often be iterative in nature and would include consideration of
risks, both gross and net of risk mitigation (e.g., before and after reinsurance). The risks
identified will range from those risks amenable to quantitative assessment to those that are
more difficult to quantify.
Within all risk assessment methods, it is important to take into account a consideration of
known or potential changes to the environment in which the company operates that might
have a significant impact on the risks to which the company may be exposed. Typically, an
assessment of the potential changes to the environment will include some form of horizon
scanning for emerging risks, bearing in mind that the environment in which the company
operates is rarely static.
II. Assessing Key Risks and Capital AdequacyCurrent and Future
Risk and capital adequacy assessments involve the analysis of all material risks the company
faces. As a result, companies apply an assessment technique or combination of techniques
that are most appropriate for each key risk and for all risks in aggregate, understanding
10-5
correlations between risks, the indicated levels of required capital relative to established
capital targets, and the adequacy of available capital relative to both own and regulatory
measures of required capital.
A. Techniques for Assessing Risk and Capital Adequacy
Risk and capital adequacy assessments may be conducted using a variety of quantitative
techniques and tools, such as economic capital modeling and stress and scenario testing. Each
type of quantitative approach has its strengths and weaknesses:
Economic capital models (ECMs) can provide a robust view of a companys future
financial condition, and ability to fulfil obligations to policyholders. An ECM
depends on a set of assumptions about the general economy, the environment in
which the company operates, and the companys operating situation. Economic
assumptions are often derived from stochastic generators using parameters based
on either historical experience or on current or recent conditions. The resulting
models can be extremely complex. Assessing their reliability and validity can be a
significant challenge.
Stress and scenario testing is used either instead of or along with an ECM as part
of the capital adequacy assessment process. These techniques can be critical in
helping identify potential threats and developing resulting management actions. In
contrast to economic capital models, scenario analysis and stress testing assess the
financial effect of specific events. They can be used to enhance the understanding
of a companys vulnerability to highly uncertain tail risks, and develop suitable
mitigating actions. Stress tests can be easier to communicate and be more easily
understood by management, board members, and other stakeholders than the
output of ECMs. Their use can enhance the risk culture of a company, as they can
alert decision-makers to potentially problematic areas and provide a framework to
enable companies to base their business strategies and risk mitigation activities on
a range of forecasts, rather than on a single best-estimate projected result or an
average of stochastic results. Insurers would typically supplement traditional types
of stress tests with reverse stress tests that are designed to explore scenarios that
result in the companys business model being fatally damaged. One aim of reverse
stress tests is to identify business models that are more robust to such scenarios,
and also to develop triggers for mitigating actions when a potential threatening
scenario may be developing.
Factor-based models, which rely upon capital factors that are calibrated to a
selected return period and applied to financial statement data, are straightforward
to use, and can be beneficial for quick assessments of trends. However, they
generally rely upon capital factors that have been developed considering industry
experience as a whole, and therefore may not fully reflect the risk profile of any
individual company.
While it is within the companys discretion to determine the techniques and tools to be used
for their own assessments of risk and capital, many regulatory regimes either require that
companies perform stress and scenario testing for regulatory purposes (e.g., Australia,
European Economic Area, Canada), prescribe certain stress tests and scenarios (e.g.,
10-6
Bermuda, Canada), or strongly encourage stress testing as a means to communicate the
potential impact of the most significant risks and vulnerabilities to which a company is
exposed. In addition, companies of a certain size are subjected to stress testing by regulatory
bodies (e.g., European Insurance and Occupational Pensions Authority (EIOPA), through
National Supervisors), and those insurance companies in the United States that operate within
a bank holding company or own a thrift will be subjected to Federal Reserve Board stress
testing. Given the sharp increase in regulatory use of stress testing, companies may need to
consider how best to incorporate this testing into their ORSA processes.
In addition, in certain regulatory regimes (e.g., Solvency II) the ORSA also needs to include
an assessment of the appropriateness of the methodology the company has selected to
determine its regulatory capital requirements. Companies subject to this particular regulatory
framework can select different approaches for their regulatory capital computations (e.g.,
standard formula approaches versus internal models and/or use of undertaking-specific
factors). Regulators expect the company to justify why the selected approach is reasonable.
B. Establishing Capital Targets
As an integral part of a risk appetite framework, companies establish capital targets that
consider the adequacy of own levels of required capital, regulatory required capital, and in
certain circumstances rating agency or other measures of required capital. Differences
between these capital measures are often based upon different valuation or accounting bases,
or are based upon varying time horizons (e.g., one year of new business) and risk measures
(e.g., 99.5 Value at Risk). Companies need to understand and be able to reconcile between
valuation differences in measures of available capital and defined differences in measures of
required capital when establishing capital targets and performing capital adequacy
assessments relative to these targets.
Typically, capital targets reflect capital buffers above certain binding capital constraints to
allow for loss absorption capacity in the event of a significant stress and in consideration of
volatility of profits, uncertainty in the models and data, dividend policies, access to capital,
and the overall quality of capital. In certain jurisdictions, ORSA regulatory requirements
include the justification that the company will continuously comply with regulatory capital
requirements and with other elements (such as computation of liabilities) that influence the
companys overall regulatory capital position, i.e., it is not just a point-in-time exercise. The
principle underlying this requirement is that companies will not want to be so thinly
capitalized (versus their capital risk appetite, as well as regulatory minimum levels, relative
to the risks that they face) that they risk becoming undercapitalized just a short time after any
capital assessment is carried out.
C. Forward-Looking Assessments
ORSA processes generally consider capital adequacy over the business planning horizon
from a given evaluation date, in addition to a point-in-time assessment of risk and capital
adequacy. While many companies utilize sophisticated methods and tools that allow for
detailed assessment of capital adequacy over a one-year horizon, conducting ORSAs beyond
one year requires the design and implementation of approaches that reflect key risk behaviors
and likely management responses to risk events when they occur while limiting the additional
uncertainty with projecting potential outcomes over multiple years.
10-7
There are several methods that can be used for performing multiyear assessments, including
multiyear stochastic models, applying stress scenarios to the results of one-year models to
reflect an additional year or years of stress events and the development of factor-based
approaches based on more complex and granular one-year stochastic model results.
III. Communicating and Reporting ORSA Results
Although the risk and solvency assessments themselves, including the use of modelling and
forecasting tools to support them, represent a significant part of the overall ORSA process,
ORSAs will be conducted in vain if the results are not communicated and reported effectively
and relied upon.
Communicating and reporting ORSA results require companies to distinguish between
several distinct groups of users, all of whom may have different needs, both as a result of
their own knowledge and the intended uses they have for the information received:
A. Senior Management, the Board, and the Business
To ensure effective communication of ORSA results, companies start by working with
the ultimate owner(s) of the ORSA process so that the end results meet their needs. The
owner may be designated by local legislationfor example, under Solvency II it is the
company boardhowever, independent of who the owners are, the findings and insights
developed through ORSA are carefully designed to meet the needs of the users. In
addition to the structure and level of detail provided within ORSA reporting, the owners
also approve key aspects of the methodology being used including the key judgements
made (e.g., the design of the stress and scenario testing to be carried out).
As usage is not limited to board- or senior-management-level decisions, it is likely that
business units may also want to/need to use certain ORSA results for their own decision-
making and ORSA communications to satisfy the needs of the business may need to be
taken into account.
The process of reporting to the board and senior management is likely to happen at
multiple points in the year as various ORSA and other business processes are completed.
Companies will need to develop communication plans that are responsive to the timing of
ORSA processes, taking advantage of the opportunities to discuss various results more
fully as they become available. This ORSA communication plan may need to include a
final report that brings all the results together, ideally with references to any supporting
documents so these can be accessed as required.
B. Supervisors
Where there may be a requirement, either formally or informally, to provide an ORSA
summary report to the supervisor, use of internal reports generated for senior
management or the board may be favored to encourage companies to avoid creating
separate reports strictly for compliance purposes. However, as the supervisors typically
do not have access to day-to-day ORSA processes and internal reporting of ORSA results,
they will likely need to reference supporting documentation or the ORSA summary
reports themselves will need to include some of this support.
10-8
C. Other External Parties
Because the ORSA delivers significant valuable information, such as the business
strategy and analysis of key risks, external parties such as rating agencies (and even
shareholders and policyholders if they have access to ORSA results) would find the
information highly beneficial. However, given that the ORSA report will likely contain
proprietary information that management would not want to disclose to competitors,
confidentiality of the information must be given the highest priority. External disclosures
are likely to be driven by any minimum regulatory requirements, and these may be
consistent with the risk disclosures under accounting or investment securities standards.
ORSA internal reporting will aim to communicate at least the main conclusions of the ORSA
to all relevant staff. An ORSA supervisory report (if different from internal reports) may need
to be more highly tailored to the needs of the supervisor.
Key attributes of any ORSA report include:
A succinct overview of all key insights arising from the ORSA and how they fit
together;
Analyses of the key scenarios considered, including any management actions that
are assumed and confirmation of whether or not these have been approved by the
board;
Where there is "use test" as part of the local regulations, information on where the
board has been consulted;
Either explicitly within the report, or documented separately, descriptions of the
methodology and key assumptions underlying ORSA results, including
information on the principal limitations and judgements made in the assessment;
and
Cross-referencing to any relevant supporting documents so that additional
supporting detail can be obtained if required.
5. Integration with Other Business Processes

The results of ORSA processes are to be taken into consideration in strategic and business
decision-making, subsequently reflected in capital management plans, business plans, and
decisions regarding product pricing and underwriting (where appropriate and relevant). The
most significant phases of the integrated process are depicted in Figure 1 below.
10-9
Figure 1
Although the timing of the phases within the integrated process identified in Figure 1 appear
to identify a single cyclical process, ORSA processes are to be integrated within the business
cycle, e.g., risk and capital assessments are carried out in developing capital management
plans. ORSAs are conducted both on a periodic, planned time frame as well as an ad hoc time
frame, aligned with potential changes to business strategy or sudden changes to the
companys underlying risk profile.
This linkage between a companys business strategy and decision-making processes with its
ERM framework including ORSA processes is often referred to as the use test by
independent reviewers of the ORSA process, including regulators. Ultimately, a strong ERM
framework is dependent upon the companys ability and willingness to take action based on
the results of the ORSA process. Regulators would view a companys ORSA process as less
desirable if that company focuses strictly on understanding risks including implications for
their capital and solvency position, but then ignores the insights uncovered in the process.
Regulators often value the use test because it incentivizes companies to continue to enhance
their risk management disciplines and processes, ultimately leading to further protections for
policyholders.
The scope of the use test includes, but is not limited to, senior management and the board
responsible for company oversight. Under the use test, senior management is expected to
10-10
actively consider ORSA results when developing future strategies, and reliance upon ORSA
results is to be clearly evidenced. Boards are expected to be actively involved in framing and
overseeing how the companys ORSA is to be carried out, and ORSA results provide
valuable information for helping the board oversee the business, challenge activities that
seem inappropriate in the context of the companys overall risk appetite, and generally hold
senior management accountable. Engaging the board in the ORSA process makes it more
likely that the ORSA will address the needs of all stakeholders and not just those most closely
associated with the perspectives of senior management.
6. Other Group Considerations

Group-wide ORSAs will need to reflect potentially differing risk perspectives arising from
different parts of the group, including risks arising from exposures that one member of the
group may have relative to other group members, and group-wide exposure to risks that could
impact multiple entities at the same time. Group-wide ORSAs would be expected to consider
the extent to which capital is available to, and fungible and transferable between, different
companies within the group (including exposure to foreign exchange risk), as well as the
impact of any planned transfers of capital around the group or other planned risk
redistribution activities. Group-wide ORSAs would also be expected to cover the extent to
which business strategy and risk management disciplines were aligned across the group.
As groups can span many different jurisdictions and business types, regulatory reporting of
group-wide ORSAs clearly identifies the companies that are within or excluded from the
scope of the ORSA. If applicable, group ORSAs need to spell out how any governance
requirements and variations in risk management perspectives applicable to individual
companies within the group have been addressed. For multinational groups some more
practical administrative issues would also typically be specified by regulation, e.g., the
language(s) in which regulatory reporting of group-wide ORSAs need to be prepared and
how the group-wide ORSA addresses any differences in supervisory needs across the
different jurisdictions involved.
If the head (or other significant part) of the group is not an insurer then the intrinsic merits of
a group ORSA are not diminished. However, the details might need adapting to address any
regulatory requirements applicable to non-insurer elements of the group.
7. Guiding the ORSA Process

Companies develop policies and procedures related to key business processes, and for
Solvency II, ORSA processes will be captured within a documented ORSA policy that
articulates how the ORSA is to be carried out, a record of each ORSA conducted, and both an
internal and a supervisory report on the ORSA (although these two reports may be the same).
Solvency II also requires a summary of the ORSA approach to be made publicly available, so
that customers and other external stakeholders can better understand the companys risk
management disciplines and solvency needs. The ORSA policy is expected to include
descriptions of the processes, procedures, methodologies, and data quality standards used by
the company. This would typically include information on the frequency and timing of the
ORSA and how associated stress tests, sensitivity analyses, reverse stress tests, and other
10-11
relevant analyses are to be carried out. This ORSA policy is also expected to justify why the
selected approach is suitable, given the companys risk profile and how this profile might
vary through time.
Public disclosures may also help to promote wider adoption of best practice ORSA
disciplines, benefiting the industry and customers more generally. However, as stated earlier,
since the ORSA reports would likely contain proprietary information that management would
not want to disclose to competitors, confidentiality of the information must be given the
highest priority.
8. Insurance Supervision and ORSA

In certain regulatory regimes, supervisors may have the authority to require enhancements to
ORSA approaches if they be deemed to be deficient, or to penalize companies in specified
ways.
Supervisors have the general authority to request information from insurers where that
information is deemed important to understand the nature of the risks assumed and the
adequacy of capital to provide for those risks. Supervisors may ask for additional information
or analysis sufficient for this purpose if it is not already contained within the ORSA, or other
relevant risk and capital assessment processes of the insurer. In some circumstances
supervisors may also exercise their authority to affect capital targets by imposing additional
external constraints to be taken into account by the insurer in its own capital identification
process.
9. Actuaries and ORSA

Since the conduct of ORSAs is often highly technical, companies are likely to rely on
actuaries and other professionals to lead or provide support for ORSA processes. While
actuaries have a key part to play in ORSA processes, it is important that they work with other
professionals who will also have a part to play, including other colleagues in risk, finance,
legal, claims, and underwriting. In addition it is important actuaries in solo companies
interact with their colleagues in group roles when applicable.
Actuaries are highly experienced in assessing complex topics, and have the skills and
professional processes and perspective needed to create valuable risk analysis frameworks for
management, boards, and regulators. Beyond their experience with ERM and ORSA,
actuaries have practiced in areas in which they commonly assess the impact of low-frequency
and high-severity events such as extreme market conditions, pandemics, or hurricanes.
Traditional actuarial functions, such as pricing and reserving for insurance companies,
include estimating the central tendencies of likely future outcomes and developing an
understanding of the variability around those estimates. Pricing and reserving may require the
estimation of margins for risk variability, and development of those margins requires a deep
understanding of risk. Further, actuaries apply risk assessment techniques that account for the
nature, scale, complexity, and correlation of a wide range of risks and that reflect risk-
mitigation strategies.
10-12
I. Recent Professional Milestones
1. In 2009, actuaries embraced tailored ERM education through the Chartered
Enterprise Risk Analyst (CERA) program, which expands on the existing risk
management education of actuaries. The CERA syllabus requires that the actuary
master such topics as the drivers and practical aspects of ERM, relevant regulation
and regulatory capital requirements, and ERM standards and leading practices that
are in use around the world.
2. In 2013, the U.S. Actuarial Standards Board (ASB) formally adopted Actuarial
Standards of Practice 46 and 47 in regard to actuarial services relating to the
evaluation and treatment of risk. The ASB is currently considering whether further
guidance is needed for the conduct of capital adequacy assessments, and expects to
publish an exposure draft in the second half of 2016.
3. The Actuarial Association of Europe (AAE) is preparing European Standard on
Actuarial Practice 3 on actuarial practices in relation to the ORSA process.
4. In 2014, a similar project was initiated by the International Actuarial Association
(IAA) to prepare an International Standard of Practice in relation to ERM.
5. In 2015, an issue brief developed by the IAA on the Value of the ORSA to a
board was formally approved for distribution.
Maryellen Coggins, FCAS, MAAA, CERA, is a Managing Director at PwC. She is located in
Boston, Massachusetts, USA. Her principal areas of expertise include enterprise risk
management and property & casualty insurance. She can be contacted at
mary.ellen.j.coggins@us.pwc.com.
Nick Dexter, FIA, FSA, is a Senior Advisor at the Prudential Regulation Authority and is
based in London, United Kingdom. His principal areas of expertise include life insurance and
enterprise risk management. He can be reached at Nick.Dexter@bankofengland.co.uk.
Malcolm Kemp, FIA, M.A., CERA, is Managing Director of Nematrian Limited and is based
in London, United Kingdom. His principal areas of expertise include risk, investment
management, and quantitative finance. He can be contacted at
malcolm.kemp@nematrian.com.
John Oost, AAG, RBA, is a Senior Risk Manager at Achmea. He is located in Zeist, The
Netherlands. His principal areas of expertise include enterprise risk management and
Solvency II. He can be contacted at john.oost@achmea.com.
10-13
IAA Risk Book
Chapter 11Resolution of Insolvencies
Nick Dexter
This chapter describes the Financial Stability Board (FSB)/International Association of
Insurance Supervisors (IAIS) requirements for designated Global Systemically Important
Insurers (G-SIIs), and how these have been applied in the United Kingdom. While the general
principles hold in most developed economies, details will (of necessity) differ. However, the
author believes it provides a good overview of the considerations for the management of an
insurance company, and its regulator, in developing recovery and resolution plans.
Since the financial crisis of 2008 there has been an increasing focus on what should happen if
a financial services company were to fail, and the implications on systemic risks to increase
the likelihood of multiple failures. Whilst the principal focus has been on the banking sector,
given the problems at AIG insurance companies have also been under scrutiny. This scrutiny
has been on those insurance companies (G-SIIs) adjudged to be globally systemically
important. But some regulators worldwide have, to a lesser extent, also been asking whether
the detailed stress testing and scenario planning required of G-SIIs, leading to some level of
recovery and resolution planning, should also apply to other insurers.
As a consequence, the FSB has issued various requirements for G-SIIs to develop, inter alia,
recovery and resolution plans. These requirements are designed to ensure that those insurers
that are perceived to pose the greatest systemic risks have plans in place that mitigate those
risks and/or remove the barriers to resolution, allowing for timely resolution in times of
trouble. A side benefit of this exercise should be to raise the awareness of possible adverse
scenarios for firms and hence enable firms to take action to reduce the possibility that those
scenarios arise. Supervisors may also wish to assess which firms are systemically important
in their domestic market and hence should also have resolution plans.
It should be noted that this is a complex area where supervisors and firms are still in the
process of identifying what the key issues are and what steps should be taken to address (or
even avoid) adverse events.
Key elements of U.K. recovery and resolution planning include the following:
Recovery
1. Recovery is the process by which actions are taken by the management of an
insurance company1 when in a stressed condition to try to prevent failure, by
remediation of operational and financial difficulties
2. In recovery mode the insurer is still a going concern and management is able to
take actions (hopefully) to remediate the situation.
1
In some jurisdictions the regulators may be part of this process, and in some instances in control of the process.
When the regulators have primary control of the process it is sometimes called rehabilitation, although a court
order may be required for this to occur.
IAA on 8 April 2016
3. Typically, as increasingly lower levels of capital are reached (or projected to be
reached in the near future), these will be triggers for different types of regulatory
and management actions.
4. A point of non-viability needs to be clearly set, at which point the recovery plan
needs to switch to a resolution plan. This means a transition of the authority and
governance of the organization from management to the supervisor.
5. The recovery plan will often cover a range of different actions that could be taken,
depending on the circumstances that led the insurer to be in a recovery situation.
These actions can be developed so that, if conditions do deteriorate, they make the
prospect of recovery more likely and the need for resolution more remote.
6. The various options need to be well-defined with a clear underlying action plan.
The plan needs to be sufficiently material and practical to enable the insurer to
survive a crisis. Recovery options can be considered to be different from business
as usual management actions, which are more routine in nature.
Resolution
7. Resolution is where recovery is no longer feasible and the principal objective is
to mitigate the impact of an actual or prospective failure by ensuring as far as is
possible that the companys claims/benefits can continue to be paid.
8. The FSB has published guidance2 on how the key attributes should be applied for
insurers, financial market infrastructures (FMIs), and the protection of client assets
in resolution, which applies to all insurers designated as G-SIIs.
9. Many companies will have considered how their business could run-off in certain
adverse situations. However, there still can be very short-term issues to consider.
In addition, there is value in considering the possibility of more remote adverse
situations to be better prepared for such situations if they were to arise (e.g., black
swans).
10. In resolution, control passes to the regulator, or regulators, concerned. If this
occurs, it is likely that most of the management team would no longer be in place.
The resolution plan is therefore constructed by the regulator(s), and approved by
the principal regulators together, based on information provided by the firm.
11. A key component of resolution planning is a strategic analysis that identifies the
firms essential and systemically important (or critical) functions that are linked
to how its aggregate business model creates value and the risks associated with its
value creation process.3
12. The contents of a typical resolution plan include, inter alia, details of the
companys structure, products, systems, and operations (in particular, details of its
2
www.fsb.org/wp-content/uploads/r_141015.pdf
3
This is a critical element that will be expanded on in the chapters on capital and stress testing as it will identify
the road map(s) that need to be followed for the wisest integration of capital and stress testing requirements for
the sustainability of the firm and its critical functions in the marketplace.
To submit comments about this paper or to report any problems with the website, please
send an email directly to riskbookcomments@actuaries.org.
11-2
interconnectedness, both with any other group companies and other service
providers).
Recovery and resolution planning is an important focus for insurers and regulators alike.
Therefore, this paper will cover:
What is resolution planning? What are the key concepts and requirements as
considered by the FSB and the IAIS, and how does resolution of banks differ from
that of insurers?
What is the value of resolution planning for insurers and the role of the actuary in
that process?
What are the outstanding philosophical, political, and practical implementation
issues?
Lastly, there is a series of appendices to document the application of
resolution/recovery requirements in several countries with an emphasis on the
United Kingdom.
2. Background
The financial crisis of 20082009 highlighted that risks are not necessarily contained within a
single company, sector, or even a single country. We live in a global economy that has
become ever more interconnectedthis means that the potential for widespread systemic risk
is greater than ever.
The initial drive to consider systemic risk has been focused on the banking sector. Clearly the
preference would be that financial institutions have an effective risk management framework
in place to avoid stresses in the first instance. However, it is recognized that steps taken to
strengthen financial institutions cannot guarantee that they will never fail; to attempt to
achieve this level of security is likely to be counterproductive. A key focus is therefore
planning for the possibility of severe stress and seeking the ability to resolve such stress
situations in an orderly manner without taxpayer exposure to loss, while maintaining
continuity of the failed financial firms vital economic functions.
The FSBs July 2011 consultation paper Effective Resolution of Systemically Important
Financial Institutions (SIFIs)4 stated: Many countries entered this crisis without a proper
resolution regime, and no country had a regime that could cope with failing SIFIs. Where
effective resolution tools existed, these did not address the cross-border dimension or
obstacles arising from within firms themselves. This meant that proper market discipline was
not in place in the years preceding the crisis and made the handling of the crisis more
difficult. The G20 called upon the FSB to address these challenges.
In November 2011 (and updated in October 2014), the FSB paper Key Attributes of
Effective Resolution Regimes for Financial Institutions5 was endorsed by the G20 leaders as
the international standard for resolution regimes. It was recognized that these key attributes
4
www.financialstabilityboard.org/2011/07/r_110719/
5
www.financialstabilityboard.org/2011/11/r_111104cc/
11-3
were an umbrella standard for resolution regimes for all types of financial institutions that
are potentially systemically significant or critical in failure and that further guidance was
required on how these should be implemented, taking into account sector-specific
considerations, including the issues specific to insurers.
In October 2014, the FSB published specific guidance on how the Key Attributes6 should be
applied for insurers, financial market infrastructure firms (FMIs), and the protection of client
assets in resolution. The updated Key Attributes apply to any insurer that could be
systemically significant or critical if it fails. In particular, all insurers designated as G-SIIs
will fall under the scope of the Key Attributes. The FSB issued a further consultation paper
on 3 November 2015 7 on Developing Effective Resolution Strategies and Plans for
Systemically Important Insurers; whilst this is aimed at supervisors of G-SIIs, it includes
useful guidance for anyone involved in developing a resolution plan.
In addition to the Key Attributes, the Solvency II Directive also covers requirements for
recovery planning and other areas that are relevant to resolution planning8. In particular,
firms are required to produce a recovery plan in the event they fail to cover their solvency
capital requirement (SCR) and/or minimum capital requirement (MCR) and are required to
carry out reverse stress tests that consider scenarios that would cause the business to fail
and the potential consequences of those scenarios. Solvency II also sets out responsibilities
on the local regulator to take all measures necessary to protect policyholders.
3. What Is Resolution Planning?

I. Resolution Planning vs. Recovery
As the capital position of an insurer deteriorates, the ability of management to take actions to
remediate the situation effectively diminishes and the intrusiveness and powers of regulators
becomes ever greater. Initially the situation often starts out as recovery, although it may
ultimately result in a company entering resolution:
1. Recovery actions try to prevent failure, by the actions taken by a firm to remediate
operational and financial capability to meet regulatory requirements, to continue
providing insurance current and future coverage, and to pay policyholder benefits
in full without financial assistance from any industry compensation scheme or
guarantee fund arrangement.
2. Resolution planning seeks to mitigate the impact of an actual or prospective failure
by ensuring as far as is possible that claims are paid. It should secure continuity of
insurance cover (possibly at reduced levels, subject to policyholder protection
minima) for the remaining period of the policy, or in some cases the insurer may
be wound up and compensation paid. Financial and/or operational assistance from
an industry or governmental compensation scheme may be required. Whilst the
6
www.financialstabilityboard.org/2014/10/r_141015/
7
www.fsb.org/2015/11/consultative-document-on-developing-effective-resolution-strategies-and-plans-for-
systemically-important-insurers/
8
Solvency II Directive Article 142.
11-4
recovery plan is the responsibility of the firm, the resolution plan is owned by the
regulator.
This leads to the concept of a continuum of actions (ladder of regulatory intervention) as
insolvency (and the accompanying bankruptcy framework) in the traditional business sense is
unlikely to be the trigger for recovery and resolution actions.
Regulators often have a proactive intervention frameworkin the United Kingdom the
prudential regulator, the PRA, sets out five levels of crisis where different recovery
options are considered with differing sets of regulatory tools and authorities being used
depending on the stage of crisis:
1. Low risk to viability of insurer: The insurer will be required to plan for stressed
conditions, to identify appropriate recovery actions and/or exit strategies with
resubmission every two years thereafter.
2. Moderate risk to viability of insurer: The insurer will be required to reassess
recovery actions and exit strategies. The PRA may set additional reporting
requirements and require realignment of capital and/or restrict activities.
3. Risk to viability of insurer, absent any action by the insurer: The insurer will be
required to submit a recovery plan in a timely manner and initiate recovery actions
that may include capital raising, asset disposal, sale/transfer of insurance business,
confirmation of the adequacy of property and casualty (P&C) loss reserves, and
changes to management. The PRA may restrict new business.
4. Imminent risk to viability of insurer: PRA will most likely remove all capability to
write new business. The insurer will be required to accelerate and complete all
recovery actions.
5. Insurer in resolution or being actively wound up: No recovery action applicable.
Management of the insurer is likely to have passed to the regulator or a court-
appointed individual.
The PRAs approach is designed to be proportionate to the size and complexity of the firm.
Because there is a continuum of actions from recovery through to resolution the chart below
is used to illustrate this continuum.
11-5
To submit comments about this paper or to report any problems with the website, please send an email directly to
riskbookcomments@actuaries.org.
11-6
It is also helpful to think of this continuum in light of the material included in Chapter 12
(CapitalA Regulatory and Management Tool).
The above chart illustrates that interventions occur to ensure as far as possible the timely and
orderly transition of authority from company management to supervisors as franchise value
approaches zero (or needs to be supplemented by any industry compensation schemes and/or
guarantee funds). Typically, as the level of capital reduces (or it is projected to reduce in the
near future), different regulatory and management actions will be triggered (including
restructuring or risk reduction exercises). However, the processes used to manage risk are
what ensure that capital or access to capital allow the organization to sustain its promises and
existence.
Many regulators, as a preliminary starting point, ask the insurers they supervise to establish
an internal minimum capital level. They may challenge an insurer on this if they feel the
insurer has misstated its risk exposure and ability to withstand shocks. The regulator would
then increase its regulatory activity as an insurer begins to fall further behind its minimum
capital level. If the insurer continues to experience stressed conditions, at some point its
capital level may fall sufficiently to threaten to breach the regulators well-defined minimum
capital requirement. At this point viability comes into question and the regulator would likely
enforce more stringent action as outlined above. Ultimately, in many jurisdictions, the
authority to oversee the resolution process will be transferred to a resolution authority distinct
from the supervisory authority. This resolution authority can have three distinct aspects
conservation, rehabilitation, and liquidation.
II. Overview of Key FSB/IAIS Proposals
The financial crisis in 20082009 highlighted the complexity and interconnectedness of
banks and the potential systemic impact of a failure. Consequently, in November 2011, the
IAIS published its Insurance and Financial Stability report.9 This stated that insurers
carrying out traditional insurance activities were largely not a concern from a systemic risk
perspective in the financial crisis of 20082009. In particular, key reasons why the business
model of insurers typically differs from banks are:
Insurers have wider, more diversified risks (and underwriting risks tend not to be
correlated with market risks).
Insurers tend to have long-term illiquid liabilities, so are not susceptible to runs
in the same way as banks.
Insurers are less interconnected than banks with the broader economic cycle and
with each other.
Within the insurance sector competition and hence substitutability is often high,
and so it is likely that business can be transferred away from insurers in trouble , or
run-off with the existing assets of the insurer.
9
http://iaisweb.org/index.cfm?event=getPage&nodeId=25255
11-7
But there continue to be some potential areas of concern for regulators:
1. Are there activities for which insurers are more vulnerable and more likely to
amplify, or contribute to, systemic risk? These have been generically labelled
Non-Traditional or Non-Insurance (NTNI) activities, but the term needs more
clarification. For example, the failure of AIG during the financial crisis was widely
thought to be a result of its NTNI activities, which meant it was highly
interconnected with other (non-insurance) financial institutions. Note that some
feel that products with banking activity elements or that have complex guarantees,
like some variable annuity products, should also be labelled as NTNI.
2. Could the failure of a dominant insurer in certain market niches be systemic?
3. Should one try to prevent price volatility in the wake of large natural catastrophes?
4. What are the important connections with the financial marketse.g., through
guarantees that are sold to financial institutions, through the investments an insurer
makes, or through capital raising or debt issuance?
Part of the challenge in addressing these concerns is that they reflect different kinds of
systemic catastrophes that may differ from the catastrophe experience of the liquidity and
credit crisis of 20082009.10 The above concerns could add price volatility and lack of access
to insurance as another systemic catastrophe, along with the uncertainty caused by large
changes in balance sheet values that may or may not be reflective of the underlying liquidity
needs of the firm due to the time horizon (sometimes referred to as procyclical measures).
Just as preparation for resolution as a result of various natural catastrophes requires different
emergency preparedness, so will the preparation for resolution as a result of various systemic
breakdowns, and this will require specific adaptations of regulatory policy and management
action plans.
In November 2011, the FSB paper Key Attributes of Effective Resolution Regimes for
Financial Institutions11 was endorsed by the G20 leaders as the international standard for
resolution regimes. The Key Attributes were updated in October 2014 to include an annex on
the resolution of insurers.
It is intended that the Key Attributes should apply to any insurer that could be systemically
significant or critical if it fails. In particular, all insurers designated as G-SIIs will fall under
the scope of the Key Attributes. Typically the regulator will have two primary objectives for
insurersto promote safety and soundness of the insurer, and policyholder protection. To
meet these objectives, it is important that insurers can regain capital stability and maintain
needed liquidity. Alternatively, insurers need to be able to exit the market in an orderly
manner, preserving their critical economic functions and minimizing adverse effects on
10
For example, a December 2015 paper by the European Systemic Risk Board (ESRB) has identified possible
areas of systemic contagion for European insurers where they may engage in herd-like behaviours that
contribute to financial instability (https://www.esrb.europa.eu/pub/pdf/other/2015-12-16-
esrb_report_systemic_risks_EU_insurance_sector.en.pdf).
11 www.financialstabilityboard.org/wp-content/uploads/r_141015.pdf
11-8
financial stability and the wider economy. These actions should be taken without exposing
taxpayers to loss.
The FSB issued a further consultation paper on 3 November 201512 on Developing Effective
Resolution Strategies and Plans for Systemically Important Insurers. Whilst this is aimed at
supervisors of G-SIIs, it includes useful guidance for anyone involved in developing a
resolution plan.
The options for resolving an insurer as identified in the August 2015 paper on Principles of
Funding for an Insurance Guarantee Scheme from the International Forum of Insurance
Guarantee Schemes13 include:
1. A transfer of the policies by transferring the whole business to a third party
through the sale of the shares of the company or through the sale of the assets and
liabilities.
2. The transfer of single lines of the business such as wealth management, automobile
insurance, individual life, group life, retirement products, or other specialist
portfolios to a third party. Transfers can be effected by assumption reinsurance or
by the provision of substitute policies.
3. Providing guarantees such as on asset or liability values or providing stop loss
reinsurance on certain blocks of problematic business. This can facilitate the
transfer of the whole business or individual portfolios by lowering the risk to the
acquiring third party.
4. A transfer of the whole or individual portfolios to a company related to the
insurance guarantee scheme (IGS). This might be a bridge institution or a work
out corporation.
5. The run-off of the business by paying the claims or benefits as they come due and
collecting premiums until the renewal date.
6. A refund of premium on some policies, in particular non-life policies.
7. The termination of policies and payout of assessed policy values.
The appendices include some examples of country-specific resolution frameworks, with some
practical experience in recovery and resolution planning from the United Kingdom.
III. Why Resolution of Insurers Is Different to That of Banks (This reflects material
found in Why Insurers Differ from Banks by Insurance Europe,14 October 2014.)
The unique characteristics of the insurance business model (long time horizon, illiquidity, and
contingency of liabilities) stand in clear contrast to those of banks. Many insurance
practitioners believe that resolution regimes should reflect these differences. For banks, the
value of their liabilities (deposits) is easily quantified but highly liquid. Developing values of
12
www.fsb.org/2015/11/consultative-document-on-developing-effective-resolution-strategies-and-plans-for-
systemically-important-insurers/
13
www.ifigs.org/wp-content/uploads/Funding-an-IGS.pdf
14
www.insuranceeurope.eu/sites/default/files/attachments/Why insurers differ from banks.pdf
11-9
their assets (loans) involves a much more difficult estimation process and is in stark contrast
to the liquidity right held by the depositor. For insurers, the asset values are almost always
readily available and, typically, have a high degree of liquidity. In contrast, the liabilities
(with some exceptions) tend to be illiquid with more uncertainty surrounding the estimates of
their value (obligations).
Thus, a key difference between a banks resolution and an insurers resolution is that the
latter can occur over an extended period of time. Given that insurers cannot generally be
subject to a run as banks can be, there is no need to rush into resolution, particularly
because this could generate avoidable losses for policyholders. When devising resolution
rules or guidelines for insurers the focus should therefore not be on speed, as this could in
fact be detrimental to policyholders/claimants, but instead on protecting
policyholders/claimants from the adverse effects of the resolution. Hence the toolkit made
available to resolution authorities should be tailored to the specicities of insurance.
A. Bank Resolution
There are various ways in which banks finances can be adversely impacted:
1. Maturity transformation. Banks act as intermediaries between savers who deposit
money into generally liquid accounts and borrowers in need of loans with typically
long maturities. This maturity transformation is an important aspect of the role of
banks in the economy, as it frees up funds for investment projects with a long-term
horizon, while still offering liquidity to depositors. A banks business model relies
on a key assumption: All depositors will not be asking for their money back at the
same time, since depositors needs for cash are unlikely to occur at the same time.
In other words, even though in principle most depositors enjoy a right of instant
withdrawal, only a fraction of them will act upon this right.
2. Run on the bank. If condence in a banks ability to repay its obligations is lost,
there is a chance that most or all of its depositors will suddenly and simultaneously
attempt to withdraw their funds, giving rise to a bank run. The bank will be able
to repay the rst depositors who request it, but given its inability to realize its
illiquid assets in a short period of time, it will run out of money long before all its
liabilities toward all its creditors are repaid.
3. In principle, nothing fundamental needs to go wrong within the bank for a bank
run to occur. The underlying health of a bank is irrelevant if all depositors believe
that the other depositors will withdraw funds. A liquidity problem can in theory
occur even in the absence of an underlying solvency issue.
4. Interconnectedness. Another feature of banking is that the lack of condence in
one bank can be transmitted to others, given the high level of interconnectedness
within that sector. This so-called contagion threatens the whole nancial system.
5. Rapid resolution. When a bank run is triggered, normal insolvency procedures are
not fast enough to preserve nancial stability. Therefore, rapid resolution is needed
to protect critical stakeholders and payment systems and to ensure the continuing
stability of the entire nancial system.
11-10
Speed is therefore critical in the resolution of a bank in order to limit to the extent possible
the damage to the institution itself, while also avoiding the contagion phenomenon described
above. As a consequence, resolutions (especially those of large banks) typically happen over
a weekend (from the closing of nancial markets Friday evening to their re-opening on
Monday morning). This is the so-called weekend of resolution. Precisely for this reason,
the EU opted to include in the new Bank Recovery and Resolution Directive rules that would
allow for resolution to occur over the weekend. It should be noted that in reality resolution is
a much longer processin the U.K. framework, for example, over the resolution weekend
there would be an issuance of certificates to creditors who are potentially in the scope of the
bail-in (whereby debt is converted to equity), bonds would be blocked from trading, and
shares suspended. It usually takes at least three months to finalise the terms of the bail-in.
B. Insurance Resolution
The essential role of insurers is to provide policyholders15 protection from risk. In exchange
for premiums, insurers promise to compensate policyholders should certain events occur.
They achieve this by pooling and transforming different types of risk. Insurers need to retain
sufficient funds to allow them to pay claims and benefits on existing policies as they fall due,
as well as to cover their operating and capital costs.
1. Illiquidity. There are two key characteristics of the insurance business model that
need to be taken into consideration when devising insurance resolution regimes:
a. For long-duration insurance contracts (and short-duration contracts with a long
payment tail), there is an extended period of time between when an insurer
receives premiums and when it is asked to pay a related claim (e.g., life
insurance, especially pension products). This extended time horizon means
that insurers liabilities for these types of contracts are typically paid over a
period of decades.
b. Insurance liabilities are generally illiquid. For example, paying an annuity
entails predictable, long-term payments to policyholders; or for non-life,
claims arise on the occurrence of a specied event, and generally are only paid
after a sufficient investigation, and potentially contentious, negotiation
process. Unlike banks, insurance liabilities are therefore a contingent rather
than an unconditional claim. In most cases, the policyholder/claimant may
only demand payment if the insured event has occurred, and even then only
after an appropriate investigation (and for some claims) negotiation process.
Therefore, if an insurer fails, these characteristics can allow for resolution to take
place over a long period of time. Arguably a run or a liquidity crunch is unlikely
to occur in insurance, since many policyholders cannot simply withdraw their
money from the insurance policy on demand (at least without significant
penalties). However, with a trend to lower early surrender penalties, and
intermediaries advising blocks of policyholders, it may be expected that a spike in
15
And their third-party claimants in the case of liability insurance. In the rest of this chapter, the term
policyholders will be used to represent both the policyholders and these third-party claimants or other
similarly situated beneficiaries.
11-11
surrenders/lapses would occur but the extent of the spike will vary from company
to company, and by type of product.
2. Contagion. For the same reason, there is typically a much lower risk of contagion
than is true for banks in trouble. For those lines of insurance that can expose them
to less predictable and potential sudden large claims (e.g., catastrophe insurance16),
insurers almost always rely on reinsurance to transfer some of the risk. In addition,
certain types of insurance have an inherent loss absorbency capacity in the form of
beneciary participation to gains and losses (e.g., participating life insurance
contracts).
3. Easier orderly resolution. Consequently, there is less need for a weekend of
resolution if a traditional insurer fails. In the case of AIG, resolution needed to
occur over the weekend, but this was in effect not the resolution of an insurer, but
the resolution of non-insurance entities and the parent holding company, triggered
by activities that could be classied as NTNI and that were undertaken on a large
scale without proper risk management. For insurers, a court-led insolvency process
retains the risk that legal challenges lead to disruption to the continuity of
payments made to policyholders; for insurers with a million-plus annuitants any
disruption to payments is likely to be politically unacceptable. Another rationale
for the resolution authority to use stabilization tools on a G-SII is that entry into a
court-led administration procedure may trigger contractual rights for counterparties
to exercise early termination rights and close out contracts, which is problematic
for insurers with large derivative and securities lending programs.
The FSBs Key Attributes state that a temporary stay on termination rights should
be strictly limited in time (for example, for a period not exceeding two business
days). This means that stabilization tools need to be exercised over a resolution
weekend. This does not mean that the valuation has to happen over a resolution
weekend. For banks, it would take approximately three months to undertake a
valuation between the resolution weekend and the bail-in terms being announced.
It would be reasonable to expect that the resolution of an insurer would be carried
out over a similar timeline. If a transfer were envisaged, a bridge insurer could
provide time for due diligence to be carried out before the liabilities are
subsequently transferred to another insurer, or failing that any industry
compensation scheme or guarantee fund.
Because there should be no sense of emergency, resolution authorities and insurers

can take the necessary time needed to come up with the resolution process that
ensures the best outcome for all parties involved. For instance, the decision of
entry into resolution is made after an assessment of when the insurers liabilities
16
Even catastrophes do not generate the immediate cash liquidity calls similar to banks. In general, the larger
the natural catastrophe the slower the payout, with the largest events taking years to pay out. This is due to the
severe disruption of infrastructure and overwhelming of local rebuilding resources that occur during such an
event. For the largest events, it may take weeks before the claim adjusters are even allowed to inspect the
insureds damaged property. Even the smallest catastrophes can take many months to pay out.
11-12
exceed its assets or are likely to exceed its assets in the near future; this requires
signicant judgment on the part of the resolution authority simply because both
asset values and liabilities uctuate and liabilities are merely best estimates of
expected claims/benets rather than certain amounts. So a correct assessment of
the situation takes time (even for some of the shorter-tailed general insurance
classes), given that the judgment should take full account of the time available
before liabilities have to be met. Making ample use of the time available for insurer
resolution should help avoid suboptimal results such as unnecessary losses being
imposed on policyholders.
4. Exceptions. However, there are quite a few types of insurance business for which
clear protocols must be in place quite quickly (perhaps within days of an insurer
resolution). Clients of any insurance product with short-term/quick-pay claims
(e.g., group health benefits, certain general insurance personal lines products) will
seek quick assurance that their coverage remains in effect. Liquidators would seek
to avoid such a situation. Further, any policyholders with payment streams
underway will require quick reassurance of their continuity (e.g., annuity
payments, long-term disability payments).
IV. The Requirements for G-SIIs
In 2011, the FSB published an international standard for resolutionKey Attributes of
Effective Resolution Regimes for Financial Institutions (Key Attributes), which were updated
in October 2014.17 It is intended that Key Attributes should apply to "any insurer that could
be systemically significant or critical if it fails". In particular, all insurers designated as G-
SIIs will fall under the scope of the Key Attributes.
The supervisors of G-SIIs, and G-SIIs themselves, are expected to comply with the Key
Attributes. This standard sets out a range of specific requirements that should apply to any
financial institution that could be systemically significant or critical if it were to fail. The
requirements that apply to G-SIIs include the:
1. Establishment of Crisis Management Groups (CMGs), which will include the
supervisors of the principal entities in the Groupsee section V below;
2. Elaboration of recovery and resolution plans (RRPs), including supporting
documents such as the liquidity plan;
3. Carrying out of resolvability assessments; and
4. Adoption of institution-specific, cross-border cooperation agreements between
supervisors.
The desired outcomes of effective resolution as outlined by the FSB are to:
Ensure the resolution of G-SIIs can take place without severe systemic disruption
and without increasing taxpayers exposure to loss;
17
www.financialstabilityboard.org/2014/10/r_141015
11-13
Protect vital economic functions through mechanisms that make it possible for
shareholders and unsecured creditors to absorb losses in a manner that respects the
hierarchy of claims in liquidation;
Ensure that policyholder protection arrangements remain as effective as possible;
Avoid unnecessary destruction of value and ensure that non-viable G-SIIs can exit
the market in an orderly way; and
Identify and remove impediments to smooth resolution.
According to this FSB standard on resolutions, G-SII measures on enhanced supervision
(including the development of a systemic risk management plan, the SRMP) and effective
resolution should begin to be implemented immediately after designation. RRPs should be
developed and agreed by CMGs (by the end of 2015 for the initially designated group of G-
SIIs). The SRMP should include the following elements:
1. A reference to its liquidity management planning (e.g., as documented in a
liquidity management plan) in order to explain how the G-SII intends to manage
potential higher liquidity risks;
2. A reference to its recovery plan and how that plan would mitigate the systemic
risks in a potential recovery situation;
3. An outline of its intra-group financial transactions, including especially guarantees
as well as reinsurance/retrocession granted within a group, with respect to its
effects on the overall risk and risk distribution;
4. A description of linkages to other measures that are related to the plans to manage,
mitigate, or reduce its systemic risk;
5. A brief explanation of the recovery triggers that require a reassessment of recovery
plans (see the FSBs Guidance on Recovery Triggers and Stress Scenarios16
July 201318); and
6. A statement that G-SIIs board of directors, supervisory board (if relevant), and
their relevant subcommittees have approved the plan.
In addition, the following elements should be addressed in the SRMP, depending on the G-
SIIs decisions:
If the G-SII decides to continue or grow any or all of the systemically risky
activities, then it will provide an explanation of how these activities, and the
amount of those activities, are adequately managed or mitigated, so as to address
their potential for resulting in a systemic impact on the financial system or the
overall economy.
If the G-SII decides to reduce or discontinue any or all of the systemically risky
activities, an outline of the planned timeline for that is needed.
18
www.financialstabilityboard.org/2013/07/cos_130716b/
11-14
If the G-SIIs strategy is to raise additional capital, then it should provide a plan for
how and when it will accomplish this objective.
If the G-SIIs strategy involves the effective separation of its nontraditional, non-
insurance activities, then it should provide details about the envisaged timeline and
the measures to be taken in order to achieve the separation. In particular, the
relevant IAIS criteria on effective separation should be addressed, including how
the G-SII will treat the systemic activities in the new separated entity.
V. Resolution PlanningSome Key Concepts
There are some key concepts that need to be considered in resolution planning:
A. Crisis Management Group, CMG
The FSB requires home and key host supervisors of all G-SIIs to maintain CMGs,19 with the
objective of enhancing preparedness for, and facilitating the management and resolution of, a
cross-border financial crisis affecting the firm. CMGs should include the supervisory
authorities, central banks, resolution authorities, finance ministries, and the public authorities
responsible for guarantee schemes of jurisdictions that are home or host to entities of the
group that are material to its resolution, and should cooperate closely with authorities in other
jurisdictions where firms have a systemic presence.
B. MPE vs. SPE
There are two general regulatory options for resolution intervention:
Single point of entry (SPE or top-down): This is resolution of the group at the
level of its ultimate parent, rather than the operating company in difficulty (bearing
in mind that the operating company in question may be located in a different
country to the ultimate parent company). This enables continuity of service on the
part of the insurer, avoids disrupting the insurers balance sheet, and keeps the
group together (this is generally the preferred approach for banks but has capital
implications as it means that the group is saying it will stand behind all group
member companies in stressed scenarios). SPE is difficult to achieve in the current
state of cross-border cooperation and often national priorities of supervisors. Also
absent SPE there can be a number of sub-SPEs addressing parts of a group on
national/regional or product groupings.
Multiple point of entry (MPE or bottom-up): This refers to resolution of the
group at the level of the entity or entities in difficulty, possibly involving multiple
resolution authorities (this approach is possibly more appropriate for some large
firms where the parent company can insulate the rest of the group if one entity is in
difficulty and can be let go).
19
FSB Key Attributes of Effective Resolution Regimes for Financial Institutions Ch 8.
11-15
C. Critical Economic Functions and Critical Shared Services
The FSB Consultation Paper20 on Identification of Critical Functions and Critical Shared
Services outlines two concepts that are relevant to resolution planning, critical economic
functions, and critical shared services:
Critical Economic Functions
Critical economic functions are activities performed for third parties where failure would lead
to the disruption of services that are vital for financial stability and the real economy due to
the insurers size or market share, external and internal interconnectedness, complexity, or
cross-border activities. Examples might include insurance cover that is mandated by statute,
or insurance cover that participants require in order to provide essential services or to
undertake activities that underlie the functioning of the real economy. Fulfilling disability or
annuity claim payments to policyholders or related beneficiaries/claimants may also be a
critical function if those payments are necessary for the policyholder to meet day-to-day
living expenses, although the systemic implications of a reduction in payments versus no
access to payments will be an important consideration here.
The identification of a function as critical is meant to assist authorities in developing

resolution strategies that minimize systemic disruption and preserve value. The identification
of a particular function as critical does not generally imply that the function and all related
liabilities will be protected in a resolution and should not lead market participants of that
function to rely more than before on the assumption that the function will be maintained
under all circumstances and that they will be immune from losses if the firm providing the
function fails.
A resolution strategy should take into account the materiality and the potential impact that the
failure to provide a certain function could have on the financial system and the functioning of
the real economya firm may provide certain economic functions that are so elemental that
they will need to be preserved in all circumstances. Resolution strategies therefore need to
20
www.financialstabilityboard.org/2014/10/c_141016/
11-16
include essential options that identify those most elemental functions and the conditions that
need to be in place to ensure continuity of those functions in all resolution scenarios.
Authorities need to undertake their own assessment for each firm that takes into account
aspects of the market and the firm, the characteristics of a jurisdictions financial system, the
economic and competitive landscape, and the range of functions provided by other firms. As
a result, the functions and services may be, but are not necessarily, critical for different firms
in different markets. The firm- or jurisdiction-specific lists of critical functions will be one
important input into the resolution planning process and the resolvability assessments.
Criticality is considered in the context of a firms threat to financial stability. For insurers,
this includes an assessment of the potential impact on policyholders.
Key considerations for an assessment of criticality are:
1. The size, interconnectedness, complexity, and business type.
2. The nature of business carried out by the firm, in particular details of any NTNI
activities.
3. Substitutability of products. Would it be difficult for policyholders to protect
themselves through alternative means? This should include a consideration of the
extent to which substitutes would be available during stressed circumstances and
the impact if the firm were to exit the market of certain products.
4. How easily can business be transferred to another insurer?
5. What is the impact on policyholders in terms of severity and consequences of a
lack of cover?
6. Does the firm have a concentration of policyholders by market or geography?
7. What are the key risks to the firm and how interconnected is it with other insurers
and financial institutions?
8. What is the corporate structure and how fungible is capital? Can capital be
transferred to areas of need? How critical are the most susceptible areas?
9. Have potential failure scenarios been considered in detail and, if so, are those
potential failure scenarios recoverable?
10. What is the current capital strength of the firm and what is its ability to raise more,
including in times of stress? How material and credible are the identified recovery
actions?
Firms may have a different view of what they consider to be critical and may undertake
different methods for determining criticality. For example, a firm may prioritize its franchise
value or profitable business lines. While such considerations can play a role in recovery and
may be relevant in terms of internal business planning and long-term restructuring, they are
not expected to be the main focus of resolution planning which must target promoting
financial stability and reducing adverse impacts on external parties including policyholders.
A critical function has the following two elements:
It is provided by an insurer to third parties not affiliated to the firm; and
11-17
The sudden failure to provide that function would be likely to have a material
impact on the financial system and the real economy, give rise to contagion, or
undermine the general confidence of market participants.
In an insurance context, the sudden failure to provide a particular function may have a
material impact on third parties if:
No mechanisms that ensure the continuity of certain functions are in place;
The insurance coverage is vital for third parties to carry out economic activity or to
go about their daily lives;
Policyholders are dependent on insurance payments being made to them;
The failure of an insurer may cause it to dispose of large quantities of investment
assets quickly at fire-sale prices, or cause liquidity or funding strains on borrowers
before they can find alternative sources of credit; and
The insurer plays a critical role as a counterparty in the derivatives, repo, or
securities lending markets such that its sudden failure would impact the normal
functioning of the markets or cause significant disruption or contagion.
This failure may also have a material impact through the pooling of risk. The
pooling of risk, particularly reinsurance, is a sufficiently important economic
function in its own right such that there could be an effect on the economy if the
activity was no longer performed.
Critical Shared Services
Critical shared services are activities performed within the firm or outsourced to third parties
where failure would lead to the inability to perform critical functions and, therefore, to the
disruption of functions vital for financial stability and the real economy. Examples may
include the provision of information technology and other services such as facility
management and administrative services.
A critical shared service has the following elements:
An activity, function, or service is performed by either an internal unit, a separate
legal entity within the group, or an external provider;
That activity, function, or service is performed for one or more business units or
legal entities of the group; and
The sudden and disorderly failure or malfunction would lead to the collapse of or
present a serious impediment to the performance of critical functions.
If one of the above elements is absent, this suggests that the shared service is not critical. For
example, if an internal activity, function, or service, such as facilities management, can easily
be substituted from other external sources, then that shared service is not critical, even if it is
necessary for maintaining the critical functions of the company.
Again, a three-part assessment can be used as summarised below:
11-18
4. Why Should Insurers Undertake Resolution Planning?
I. There Are Several Reasons Insurers Should Undertake Resolution Planning Before
It Might Be Needed
Continuity of insurance cover for policyholders is important for certain types of insurance:
1. For life insurers, rearranging coverage of long-term commitments is difficult and
expensivesecuring long-term continuity of coverage is subject to a range of
potential obstacles. Retirement pension or annuity income is also critical for the
welfare of the population, and is a politically sensitive matter.
2. For P&C insurance, short-term continuity of cover is normally sufficient given the
competitive market for renewals, but the payment of outstanding claims and
maintenance of payments under long tail claims (such as Periodical Payment
Orders (PPOs) in the United Kingdom) is also important, as these payments are
designed to cover the needs ofoften vulnerableindividuals.
3. Ensuring that substitute cover is available for statutory covers (for example, in the
United Kingdom, employers liability and third party motor) is also important. The
example of HIH in Australia shows the potential disruption caused where an
insurer has a substantial market share of a statutory cover and other market players
are unable to provide sufficient capacity over the short term.
4. There may well be additional complexities for subsidiaries, or branches of foreign
insurers. If continuity cannot be secured (more likely if the failed insurer is based
outside the country), then what compensation is due may become an issue.
5. Valuing any lost cover is non-trivial for certain long-duration liabilities and certain
guaranteed-renewable contracts (e.g., it should reflect individual policyholder
circumstances, including health and any tax impact).
6. Policyholder protection needs to be readily achievable in practice; otherwise this
will exacerbate a failure as well as hitting confidence and bringing the insurance
industry into disrepute.
11-19
7. Tax issues and occupational pension regulations can complicate matters when
dealing with stressed circumstances because of the uncertainties surrounding the
particular situation, so it helps to have considered these issues in advance.
A clearly defined trigger for what constitutes a need to invoke the recovery plan in each
country will enable firms to prepare better and respond. A point of non-viability needs to
be clearly set, at which point the recovery plan needs to switch to a resolution plan and the
authority and tools to manage the organization switch from control by management to control
by the supervisor. However, whilst the certainty of triggers can be helpful in the planning
process, in practice there does need to be some flexibility as circumstances can vary greatly.
Recovery can take a number of forms. For example, it could be that recovery is possible at a
group level but certain subsidiaries may require solvent or insolvent closure, possibly
requiring a restructuring of liabilities and financial support from any policyholder protection
scheme. However, resolution is likely to involve restructuring liabilities as well as financial
support from any policyholder protection schemethis may include the sale of parts of the
business to other parties or run-off.
For international groups, with an international liquidation, the differences between
jurisdictions typically lead to very different views on the urgency to act and the types of
intervention and resolution actions that should be undertaken (as well as the ability of pre-
existing frameworks to handle the resolution). It is almost a certainty that one jurisdiction
will have a different view than another over the quantum of assets it needs to protect
policyholders (i.e., assets being trapped in some cases and therefore unavailable to other
jurisdictions). In the worst case, the respective jurisdictions dig in for a costly litigious battle.
However, in many cases, the various parties can make accommodations so that the global
resolution can proceed. This is why it is important for the groups supervisors (or CMG for
G-SIIs) to work together on developing and agreeing on the resolution plan.
II. Resolution Is a Relevant Concept to Address an Extreme Combination of Events
(or Gross Mismanagement)
For most firms the current insurance company capital regime means that it would take an
event that may be considered to be very extreme to burn through the existing capital
resources and get a company into a resolution situation. Hence this may seem to be an
unnecessary piece of work. However, that is not necessarily the case:
1. There is value in considering more remote situations to be more prepared for (e.g.,
black swans). A number of insurance companies have gotten into problems
despite their apparent capital resources because their models were inadequately
calibrated or they did not take account of certain risks. Hence it cannot always be
assumed that insolvency-triggering events are as far in the tail as may be assumed.
2. A tool box of mitigating actions can be developed so that if conditions
deteriorate, actions can be taken that make the prospect of recovery more likely
and the need for resolution more remote. This would include more than just
devising the actionsit may not only include detailed planning but may, for
example, entail contingency planning with third parties and the implementation of
actions now in order to enhance the resolvability of the firm.
11-20
3. Given the uncertainty over the occurrence or impact of certain events, companies
can be better prepared to react should they occur, and trigger points and
management information can be developed to forewarn management and initiate
escalation.
Insurers should be mindful of political imperatives. Insurance companies are part of the wider
financial sector and it should be recognized that the taxpayer has limited/no appetite for
future bailouts of financial firms.
III. Access to Actuarial Services
There are a lot of tasks that are already undertaken by actuarial (and other) insurance
functions that can be developed to cover key parts of the resolution planning process.
Actuaries are well-placed to lead on the development of these tasks and coordinate the
production of the RRP. These tasks include:
1. Stress and scenario testing;
2. Reverse stress testing;
3. Emerging risk assessment;
4. Economic capital assessments;
5. Detailed liquidity plans;
6. Development of management actions; and
7. Overarching Own Risk and Solvency Assessment (ORSA) process.
Whilst there are many aspects of recovery and resolution planning that are not directly
actuarial in nature, particularly much of the operational aspects, the core actuarial processes
and analysis, along with the intrinsic understanding of the business that the actuaries have,
make the actuarial team well-positioned to be involved in coordinating this workin
practice, the operational elements of resolution are very heavy and require a well-coordinated
effort by many functions across an organization.
During intervention the actuaries are typically involved both with the insurer and the
regulator. As the situation worsens toward resolution, the field of participants (and hence
employers of actuaries) expands and may include the professional firm retained as liquidator
(if required), resolution authority (if not the regulator), the policyholder protection fund,
various consultancies retained to assist any of the preceding parties, etc. At this latter stage
actuaries are needed to:
1. Advise on favourable terms for any buyers of the liquidated business;
2. Advise the liquidator on possible values for blocks of business; and
3. Advise the liquidator and the policyholder protection fund on assets needed to
support any business that may be retained in run-off mode, etc.
IV. Uncertainties Associated with Resolution Planning
Resolution planning for insurers remains a developing concept. Consequently, there are
inevitably some uncertainties attached to the concept and how it will apply in practice,
including:
11-21
Understanding of what are necessary, desirable, or achievable outcomes from
resolution planning continues to evolve in all stakeholder groups.
Recovery and resolution will always need periodic reassessment in the context of
the evolving economic and societal environments in which financial institutions
operate.
Most countries already have laws that apply to all insurance company insolvencies
that may override some of the FSBs recommendations.
There may be gaps and or overlaps in a countrys application of bankruptcy laws
and insurer resolution requirements.
There may already exist resolution authorities and policyholder protection funds
and their powers may also not be in accordance with the FSBs recommendations
or be well-coordinated with the powers of the supervisory authorities.
It is likely that some or all of the existing resolution powers may be untested in
practice so there may well be uncertainty of how they will actually apply.
There often isnt a precise point at which a company would move from recovery
into resolution, and how the resolution authority would work with the local
policyholder protection fund and/or any insolvency practitioner.
For larger insurers the policyholder protection fund may be exhausted by the
insolvency and there will be uncertainty over the extent that benefits have to be
reduced or there is government intervention. Different considerations may apply if
the circumstances of the resolution impact are systemic and impact a number of
insurers.
For internationally active groups, there may be uncertainty over whether some
subsidiaries would be allowed to fail to enable the recovery or orderly resolution of
other entities (as often resolution will be on an MPE basis). Even for G-SIIs the
operation of the CMG will have been planned but depending on the circumstances
of the resolution may require plans to be amended.
As with all forward-planning exercises based on tail scenarios, inevitably resolution plans
will need to be reviewed on a regular basis by the regulator(s)/CMG in conjunction with the
insurer as circumstances change and as regulation/practice develops.
Nick Dexter, FIA, FSA, is a senior advisor at the Prudential Regulation Authority and is
based in London, United Kingdom. His principal areas of expertise include life insurance and
enterprise risk management. He can be reached at Nick.Dexter@bankofengland.co.uk.
11-22
AppendicesExamples of Country-Specific Resolution Proposals
Appendix I: United Kingdom
In the United Kingdom, from 2014, the high-level requirements for firms relating to recovery
and resolution are set out in Fundamental Rule 8 (FR8) in the Prudential Regulation
Authority (PRA) Rulebook, which requires all U.K. insurers to have a recovery plan
(although this is not being enforced currently but is seen as best practice).21 Thus Recovery
and Resolution Planning applies to all PRA-regulated insurance firms in meeting the
fundamental rules set out by the PRA; however, it should be noted that there are differing
degrees of detail required by a firm dependent upon its potential impact on financial stability
and on policyholders in the event of failure.
There is a requirement for a proportionate approach under FR8the manner in which a firm
is expected to show compliance with FR8 will be determined by the type of business it carries
on. The PRA have said that what constitutes a critical service for resolution purposes will
be determined by reference to the PRAs general objective and, for insurers, its insurance
objective. The amount of information a firm is required to provide under FR8 will therefore
vary depending on an assessment of that firms criticality.
It should be noted, as described above, that the crucial difference between recovery and
resolution in the United Kingdom is that in recovery mode the insurer is still a going concern
and management is able to take actions (hopefully) to remediate the situation. However, in
resolution, control passes to the regulator, or regulators, concerned and it is likely that most
of the management team is no longer in place. The resolution plan is therefore constructed by
the regulator(s), and approved by the CMG, based on information provided by the firm.
A. Key Elements of a U.K. Recovery Plan
The key elements that would typically be expected to be covered in a recovery plan are:
1. The identification of two to four principal scenarios, including idiosyncratic and
sector-wide or market-wide stress situations that create significant capital or
liquidity shortfalls;
2. Detailed quantitative and qualitative description of the scenarios;
3. A description of the principal recovery options that are likely to have a material
impact on the firm in at least one of the scenarios considered, including an
assessment of each option in detail;
4. Valuation and impact analysis (capital, liquidity, franchise);
5. Speed and timing of actions;
6. Suitability and feasibility in each recovery scenario;
7. Operational aspects and responsibilities, including dependencies on outside
suppliers;
8. Impediments and constraints;
21 www.bankofengland.co.uk/pra/Documents/publications/ps/2014/ps514.pdf
11-23
9. Internal and external risks and issues;
10. Credibility and necessary preparations; and
11. Maintenance of the recovery plan, including the process by which the recovery
plan is refreshed and aligned to the changing shape of the business.
Recovery options need to be well-defined with a clear underlying action plan. They also need
to be sufficiently material and practical to enable the insurer to survive a crisis. Recovery
options can be considered to be different from business as usual management actions,
which are more routine in nature.
The recovery plan will often cover a range of different actions that could be taken, depending
on the circumstances that have led the insurer to be in a recovery situation. Examples of the
recovery options that might be employed by insurers are:
1. Capital raising (equity and/or debt);
2. De-risking the investment portfolio;
3. Enhanced use of reinsurance;
4. Reduce the volume of new business written/transition into run-off;
5. Proactive run-off by actively commuting policies;
6. Disposal of subsidiaries or blocks of business; and
7. Scheme of arrangementuse the U.K. Companies Act or similar to agree on a
compromise that binds all parties.
Note that a number of the above actions may also be taken as part of a resolution plan. These
options are not mutually exclusive, and an insurer suffering from an extreme stress will often
undertake multiple actions.
The effectiveness of the identified recovery options considered can be reviewed using a
number of different lenses:
Reputation: What impact will the proposed action have on the reputation of the
insurer in connection with its various stakeholders (e.g., policyholders, regulators,
and media)?
Value: What value can be realized (vs. current value) and what difference does this
make in dealing with specific issues?
Speed: How quickly can the recovery option be implemented?
Execution risk: How risky is the proposed option and how vulnerable is it to
outside parties (e.g., lack of buyers) even with substantial price cuts?
B. Key Elements of a U.K. Resolution Plan
Many companies will have considered how the firm would run-off in certain adverse
situations. Indeed it may be part of setting capital requirements that the costs of running-off
the portfolio should be allowed for in calculating technical provisions. However, even if the
firm does have sufficient capital resources so that, ultimately, all policyholders (and other
11-24
creditors) are likely to be paid in full except in very extreme circumstances, there still can be
very short-term issues to consider.
In the first few days following a black swan event, there can be critical actions that need to
be taken and these need to be considered and mitigated where possible. Broadly these fall
into three categories:
Financial: There may be some immediate actions that may be taken to mitigate the
change in financial position, e.g., realigning the companys investment mix.
Liquidity: There may be liquidity concerns if the deterioration in the companys
financial position triggers covenants, or large numbers of policyholders (or other
creditors) require payment.
Other operational considerations: Depending on the circumstance of the event
there may be operational issues that need to be addressed, e.g., if there is a cyber-
attack, failure of a third-party supplier, etc. (see some practical comments on
operational issues in the following section).
Typically, the regulator will have two primary objectives for insurersto promote safety and
soundness of the insurer, and policyholder protection. To meet these objectives, it is
important that insurers can recover capital and liquidity stability, or exit the market in an
orderly manner, preserving their critical economic functions and minimizing adverse effects
on financial stability and the wider economy. This should be done without exposing
taxpayers to loss.
In assessing an insurers resolvability, the regulator will take into account many factors,
including:
The structure of the group to which a firm belongs;
The various ways in which value is being generated (or lost) through the various
business models being used by the company;22
The critical economic functions carried out; and
The robustness and feasibility of the recovery options identified.
The regulator will expect insurers to have:
Completed and signed off a robust recovery planwithin this plan, to have agreed
on a potential point (or points) of non-viability and identified scenarios that get the
insurer close to that point;
Identified a number of recovery/resolution options, and assessed the benefit and
feasibility of each option;
Provided clarity on the constraints and dependencies that may limit any freedom of
action;
22
For example, beyond the traditional pooling of risk, one could be loaning out ones balance sheet for rents
as was done by AIG. Or, one could be providing business continuation coverage functions or other
administrative services.
11-25
Analyzed the critical economic functions provided by the insurer and the potential
consequences if these were disrupted;
Identified the business models being used to generate value and the risks
associated with those models;
Collected information on any shared services that are necessary to maintain those
critical economic functions;
Collated information on any non-traditional insurance activities undertaken by the
firm that could lead to contagion elsewhere in the financial system; and
Set up credible steps to maintain or restore their business to a stable and
sustainable condition in the event of stress.
The more serious the impact is, the greater the degree of supervisory focus that will be
applied as set out in the regulators intervention framework.
To expand on the typical resolution plan contents this would probably include:
1. Company/Group Background and Structure: It is expected that this section would
normally include:
a. General overview and history of the company;
b. Company structure, subsidiaries (home country and overseas) and activities
within the subsidiaries;
c. Corporate overview, legal entities, and structure;
d. Information on interconnectedness and reparability of entities, from a
financial, legal, and operational perspective;
e. Extent of major reinsurance arrangements, counterparty risks, intra-group
loans, guarantees, etc., split between direct and inwards reinsurance
policyholders and assets backing policyholders;
f. Level of new business ;
g. Main methods of distribution, including key advisors;
h. Operational matters (including joint ventures, etc.); and
i. Major financial and operational risks and uncertainties.
2. Product Types and Volumes, including:
a. Undertakings given to policyholders e.g., in the United Kingdom, the
Principles and Practices of Financial Management (PPFM);
b. Types of products in force and volumes; and
c. Premium and claims payments profile by product.
3. Principal systems and processes, including:
a. IT systems, processes, and controls;
b. Investment management arrangements;
11-26
c. Outsourcing arrangements;
d. Internal and external audit recommendations ;
e. Recovery governance;
f. Triggers, thresholds, impacts;
g. Early warning indicators/triggers; and
h. Triggers for escalation, triggering formal adoption of recovery plan and
options.
4. Operational considerations:
a. Internal financial/structural/operational dependencies;
b. Reliance on third-party service providers, independent or within Group;
c. Availability and cooperation of management and key staff;
5. Business model considerations:
a. Bancassurers, potentially bringing together multiple (bank and insurer)
resolution plans; and
b. Life, P&C, and composite insurers have specific business model
considerations.
The plan would also likely consider
1. Potential contagion stemming from reinsurance
Direct policyholders rank above inwards reinsurance within a firm in an insolvency

(due to EU Directive). Therefore, the more inwards reinsurance an insurer has, the
better its direct policyholders are protected. However, there is a risk of contagion
to the reinsurers clients, and policyholder protection schemes may not protect
reinsurance buyers.
2. Priorities
Depending on local legislation, some large policyholders such as pensions trustees

may have agreements with the insurer that effectively give them priority if the
insurer fails, thus leveraging the risk for other policyholders. Thus the solvency
position in default and the impact on individual policies will need to be
determined at an early stage. Intra-group loans and warranties may pose complex
issues in default.
3. Responsibilities in default
Cross-border transfers of portfolios raise questions as to where protection

responsibility lies if the receiving insurer subsequently fails. There may be a need
to make final settlement of claims below 100 percent if necessary in a continuity
situation, because the solvency level will fluctuate over time.
There is a need to clarify the roles and responsibilities of any insolvency

practitioner, any policyholder protection scheme, management, regulator, etc. so
11-27
that resolution can be managed in practice, as in a resolution situation control of
the firm will have passed from the board and management to another party. The
need to maintain confidence and avoid panic after a failure means that devices such
as suspending surrender rights are to be avoided if possible.
4. Other practical aspects
There have been numerous insurance companies that have had near-death
experience and some practical lessons can be learnt from these case studies about
other elements that should be covered by the plan.
C. Policyholders InterestsShort-Term Plans vs. Long-Term Run-off
Given liquidity constraints and the uncertain financial position of the company in a resolution
situation, it may not be possible to continue to pay claims as they fall due. There may need to
be a balance between maintaining urgent payments where policyholders are dependent on
claims being paid (e.g., to finance house repairs or dependence on pension payments) versus
damaging the interest of other policyholders in the longer term. In these situations there is
often short-term uncertainty relating to any potential shortfalls (e.g., due to uncertainty in
data, asset values, or extent of liabilities) even though ultimately the policyholder protection
funds will mitigate this.
D. Public Relations
With any form of crisis there is bound to be interaction with the press. The senior
management team may not be used to the intense publicity and may need media training
Media may well also approach staff and so it is helpful to have plans to prepare/warn them. It
was not appreciated for some cases in the past that media would infiltrate staff briefings.
E. Operational Aspects
Often, with the benefit of hindsight, overall planning is found to be inadequate and not
pessimistic enough. Some contingency planning may be in place but specific (framework)
agreements need to be put in place with third-party firms to supply staff or services in the
event of a crisis. For example, IT and phone systems need to be able to cope with the
demand/changes requiredif manual processes have to be introduced they can exacerbate
the situation. In one actual case the increased levels of policyholder communications took
four to five years to sort out.
Disgruntled policyholders can prove to be an issuein the past media/policyholders have
managed to get into buildings/meetings, and the physical security of staff in such situations
can be an issue.
F. Personnel Aspects
It can be a challenge to know how much to tell staff (in hindsight, management was in denial
that the problems were as bad as they were). There can be a lack of appreciation of how the
culture may need to change in order to cope with new (resolution) environment. Short-term
staff performance levels may drop due to the shock of change and demotivated staff, so
training would be required to prepare staff for dealing with an abnormal situation.
Consequently, management needs to be aware of the time that may need to be devoted to
being supportive of staff. In addition, management may need to be alert to the increased
11-28
possibility of fraud. Finally, consideration needs to be given to the skills that may be needed
in the transition to new business models and structure.
G. Approaches to Resolution Planning that U.K. Companies Have Used in Practice
Whilst the resolution plan is owned by the regulator, clearly the bulk of the development
work is inevitably undertaken by the companies themselves. Resolution planning can be a
major project but the work involved can be reduced by carefully planning and focusing the
worknote the key steps that may arise in a resolution situation:
1. Barriers to resolution will need to be addressed;
2. Deterioration of company profitability, solvency or liquidity (which may vary by
line of business);
3. Recovery and resolution plan refreshed to reflect the current (adverse) position;
4. Supervisory monitoring by regulator;
5. Relevant recovery action invoked, if appropriate;
6. Recovery action failed, if appropriate;
7. Threshold point for trigger of resolution actions breached, regulator informed;
8. Appropriate resolution response identified from resolution plan;
9. Relevant resolution action invoked, solvency position assessed; and
10. Policyholder Protection Scheme cooperation initiated, if required.
The U.K. G-SIIs (and other major U.K. insurers) have spent a lot of time developing their
approaches and there are some key lessons that can be learned from their work to date.
1. Form a small, senior central team with access to the very top of the institution.
2. Determine the balance of home and host regulatory focus, and seek to agree this
with the key regulators/CMG.
3. Allow for effective recovery without significant assistance from the authorities.
4. Ensure that it is possible to reconcile the business easily to legal entities and
economic functions.
5. Get clarity over interdependencies throughout the global firm.
6. Identify the potential point(s) of non-viability and scale of recovery required.
7. Build on existing stress testing experience, but focus on macro-level scenarios and
impactsavoid detailed economic analysis if possible (existing stress testing may
be less extreme, so existing management actions may not be material enough to
recover from the near death crisis approaching the point of non-viability).
8. Know when to declare a crisis and have documented individual responsibilities,
including company directors.
9. Focus recovery on a relatively short menu of truly material, practical actions.
10. Agree what will not be volunteered as a potential action.
11-29
11. Overcome internal and external confidentiality concerns.
12. Establish strong governance and crisis management structure within the Plan and
within defined parameters.
The governance for the position where the Resolution Plan is formally invoked will look very
similar to the version noted in the Recovery Plan. The main difference will be the level of
attention/ownership by the regulator. In formal resolution, the Resolution Plan is owned by
the regulator, but in a formal invocation of the Recovery Plan, the directors remain in charge
but with significantly greater attention from the regulator.
Potential conflicts should be noted, particularly when action is taking place that impacts a
subsidiary, and directors of that subsidiary need to consider the position for that subsidiary
and not necessarily the wider group.
Note that recovery may well be to a different business model; it is less likely that the pre-
crisis status quo can be returned to. A key element in recovery and resolution planning is to
have carefully examined the communication strategy. There are many stakeholders to address
and mis-communication can be viral and lethal. Stakeholders can include: employees,
advisors, service providers, policyholders, non-executives, creditors, reinsurers,
agents/distributors, media, social media comment, shareholders, bond holders, and capital
markets.
11-30
Appendix II: United States23
In the United States there are hazardous financial condition laws that allow a regulator to
take over an insurer that is operating in a hazardous manner. This can include taking over and
shutting down a company with positive net assets, but that is at risk for insolvency due to a
single event such as a future hurricane or windstorm.
As stated previously, three distinct formsconservation, rehabilitation, and liquidationcan
be distinguished in the receivership proceedings. Most states have enacted statutes that
govern the conservation, rehabilitation, and liquidation of insurance companies and are
patterned after three model acts (the Uniform Insurers Liquidation Act, the Insurers
Rehabilitation and Liquidation Model Act, and the Insurer Receivership Model Act) that have
been adopted by the National Association of Insurance Commissioners (NAIC).
Conservation allows the receiver a period of time in which to analyze the company and its
financial condition and determine whether the policyholders and creditors will be best served
by liquidation, rehabilitation, or returning the company to private management.
If rehabilitation is warranted, state regulators must allege and prove a specific statutory
ground in order to proceed. In rehabilitation, a plan is devised to correct the difficulties that
led to the insurer being placed in receivership and return it to the marketplace.
The regulator must determine whether a rehabilitation of the company is likely to be
successful, or if its problems are so severe that they would significantly increase the risk of
loss to policyholders. If the latter is true, the appropriate course of action is to liquidate the
insurer. Courts have held the order of liquidation effectively cancels outstanding policies and
fixes the date for ascertaining debts and claims against the insolvent insurer. However, the
insolvency of a life insurer presents a unique situation. The NAIC Model Acts provide for the
continuation of life, health, and annuity policies.
23 www.naic.org/cipr_topics/topic_troubled_companies_and_receivership.htm
11-31
Appendix III: Japan
In Japan there are two ways insurers can enter resolution, and the focus of the resolution is on
ensuring the continuity of existing insurance contracts and restructuring of insurance
liabilities.24 The Financial Services Agency (FSA) monitors sufficiency of reserves and
solvency margin ratio of insurers. The FSA has a ladder of intervention depending on but
not limited to the levels of solvency margin ratio. Each of the two Policyholders Protection
Corporations (regarding life and non-life, collectively PPC) play an important role in
resolution.
One route for resolution is through the Insurance Business Act. Insurers are required to report
to the FSA when continuing their insurance business is difficult in light of the state of their
business or property. FSA will order the insurer to suspend all or part of its business and the
insurer will be put under the control of Insurance Administrators. The PPC will make
financial aid to find a successor institution. The PPC, through establishment of its subsidiary
company, will be allowed to be a bridge insurer when no successor institution can be found.
The second way is a court-led process by the Act on Special Treatment of Corporate
Reorganization Proceedings and Other Insolvency Proceedings of Financial Institutions. Not
only an insurer but also the FSA can file a petition for the rehabilitation of the insurer when
there is a risk of bankruptcy caused by excessive debts or insolvency. Application of
reorganization proceedings is allowed for both mutual and stock insurers. A reduction in
reserves is allowed basically to 90 percent, with the help of funding from the PPC.
Reorganization plan may include differentiation of terms and conditions between
policyholders (e.g. reduction in guaranteed interest rates), introduction of early surrender
charges, and conversion from a mutual company to a stock company.
All insurers except for reinsurers need to be a member of the PPC. All life insurance and
most lines of non-life insurance (such as automobile insurance, retail fire insurance,
earthquake insurance, etc.) are covered by compensation upon insurer failure. Basically 90
percent of the policy reserve will be compensated. One hundred percent of the claim for non-
life insurance will be compensated for accidents within three months after the insurer failure.
To cover the cost of the future failure member insurers of the PPC need to contribute to the
fund in advance up to a certain amount. If the cost of financial aid exceeds the accumulated
amount, a guarantee by government for borrowing or government subsidies can be applied.
Reflecting the global trend, a framework for an orderly resolution regime of financial
institutions (including insurers) was established in 2013 in order to address risks that may
spread across financial markets.25
24
Shinya Kobayashi, How Should Resolution Regimes for Insurers Be Established? Experiences in Japan and
Implications for Global Standard Setting, Regulation and Supervision Newsletter SC5 October 2014, The
Geneva Association.: https://www.genevaassociation.org/media/905874/ga2014-progres_sc5.pdf
25
www.fsa.go.jp/en/refer/legislation/20130416/02.pdf
11-32
IAA Risk Book
Chapter 12 - Capital A Regulatory Management Tool
Dave Sandberg
The overriding purpose of capital requirements for an insurer is to support the sustainability of
the business and fulfilment of its obligations. The comparison of actual capital levels with risk-
sensitive capital requirements can act as an appropriate signal or trigger for needed management
and supervisory actions.
This chapter addresses the key considerations used in the establishment of capital requirements
and links them to other tools, actions and authorities available to supervisors1 and to
management. It is a basic introduction to the design and use of an international insurance capital
standard and an aid to understand capital regimes across regulatory jurisdictions such as in
supervisory colleges and for investors.
To be effective across all financial entities, actions or triggers need to reflect the actual risk
profiles of the specific financial entity in a realistic manner2. When using simplified or factor-
based minimums set by supervisors, the limitations and objectives of this approach need to be
well understood.
A risk-sensitive capital requirement represents a valuable tool to help a company understand and
manage actual capital in relation to desired capital and for a supervisor to assess the soundness of
the companys actual capital. Such a requirement should effectively address the following
fundamental questions:
1. What is capital? This includes the purpose of required capital (reflecting the context in
which it will be used and the sources of the firms capital, whether internal/external or
current and future).
2. What level(s) of capital should be held? While in most cases general purpose financial
statements focus on value as a going concern, the level of required/desired capital
needs to be a function of the underlying risks, the financial statement basis, the time
horizon of the risk management/recovery framework (if any) used and the larger
context of the supervisory and capital market structure.
1
Firms in the financial services industry are typically considered to be relatively heavily regulated, i.e. subject to
rules on how they must structure their balance sheets and business behaviors if they are to be allowed to continue
to operate in a specific field. These rules are set by regulators and monitored by supervisors (although colloquially
either term is often applied to either role. There is no universally applied terminology to differentiate between
these two activities though we have tended us use supervisor throughout this chapter.
2
This is of particular importance as concepts like debt, capital, liquidity and resolution have very different
meanings and significance depending on the regulatory and business model environment.
on 16 August 2017
2017 International Actuarial Association / Association Actuarielle International
3. What method(s) can be used to determine the level of required capital? An appropriate
level of required capital can be based on factors, historical averages, stress tests,
standardized models and/or external/internal capital models. This level will be a
function of the desired risk tolerance/appetite, recovery/resolution objectives and
available management and supervisory options/tools.
4. What actions are available to the Board/management3 and/or the supervisor if current
capital falls short of the level desired by management or required by a supervisor?
What are the methods that can be used to access existing capital or obtain additional
capital when needed, or to reduce risk exposures?
5. What actions are needed to ensure that sufficient capital is available at differing times
and types of stress whether the stress is a one-time shock or a long term bleed? Should
quality limits be placed on assets and their location, and if so, can these limits be
prescribed without unduly affecting business management?
These five questions highlight the key issues that need to be addressed to ensure that desired
capital and required capital are of use to the applicable stakeholder. In any case, it is important
for this information to be prepared in a consistent manner to be responsive to the risks of the
insurer.
The information in financial reports (including reported and required capital) must address what
in some cases are divergent needs of key stakeholders (including shareholders, rating agencies,
supervisors, and policyholders). As a result, the quantification of reported capital amounts may
be better addressed through the use of a specific-purpose, but still comprehensive, set of financial
statements that can enable stakeholders to better assess the current financial strength and
soundness of an entity or a group.
Capital level reporting represents only one type of information needed by an insurers
stakeholders to assess its financial sustainability. Its relevance is constrained by the underlying
business model of the insurer, the group structure, and the accounting framework applied.
This chapter also includes five appendices that highlight, in some depth, related topics that need
to be considered in order to appropriately and consistently apply and coordinate meaningful
elements of capital measures for different business models. These considerations may differ for
short- and long-duration insurance contracts and for groups versus legal entities4. Not addressed
here are specifics on coordinating the needed interdependencies for a robust solvency framework
3
The term management used hereafter is meant to include both board and senior management.
4
For example, in evaluating capital for an insurance group, it is important to understand the scope of the
insurance group includes any non-insurance entities within the group or operating as holding companies for the
group. This includes whether non-insurance entities are seen as additional resources to the group or as potential
risks to the insurance operations. Supervisors tend to focus on the capital needed to provide for the risks to
policyholders faced by the group and its insurance entities. Non-insurance holding companies may hold capital to
address other stakeholders interests such as protecting the interests of the capital providers and other direct
stakeholders of the holding company. Similar issues may exist with regard to non-insurance entities within the
insurance group.
12 - 2
that exist between other key Risk Book chapters like Resolution of Insolvencies, Stress Testing
and Risk & Uncertainty. They will be explored at a later time. The important specifics that are
covered in the appendices to this chapter include:
1. Key Elements That Affect the Meaning and Usefulness of Capital Detail beyond that
provided in the main body of this chapter
2. Building Blocks of Financial & Intellectual Capital
3. Capital Issues for Certain Life (Long-Duration) Business
4. Comparability of Property & Casualty (Short-Duration) Capital
5. Solvency II & U.S. Classifications of Capital
2. What is Capital?
I. Definition & Purpose of Requirements
An insurers reported capital is a combination of paid-in capital (e.g., through common equity
and preferred share offerings), accumulated retained earnings, and in a regulatory context may
include subordinated debt5. An important question is whether holding company debt and surplus
notes are part of capital. For holding company debt, what is the level of consolidation used in
financial statements? The conceptual issue is whether the holding company is a fundamental part
of the insurance operations, serves as the head of the insurance group or as a resource of the
insurance operations. See Appendix 5 for a fuller treatment of this topic. Unlike a manufacturer
whose working capital takes the form of physical assets such as machinery and inventory and
holds very little risk capital, the insurers capital is primarily risk capital that is invested
principally in financial assets.
Reported equity is, by definition, the excess of assets over liabilities. But, the amount of reported
capital will differ depending on the financial statement framework (i.e., the definition of assets
and liabilities6) and its objectives7. The significance and relevance of the amount of reported
capital will depend on the business model of the insurer, the nature of that capital, and the
objectives (and regulatory environment) of the user of the statements. The extent to which
financial statements convey the underlying adequacy of an insurers capital is dependent on the
methods used to value its underlying assets and liabilities.
5
Note that reported capital contrasts with the financial economic view, which favors the market valuation of the
firms equity (via share prices) over the equity reported in an accounting statement. For a further discussion of this
issue, see Appendix 2.
6
Although equity is a form of capital, there are other forms. Subordinated debt is a usually accounted for as a
liability but is capable of being classified as a lesser quality (Tier 2) of capital. See Appendix 5 for a further
discussion of this topic.
7
See Chapter 14 of this Risk Book for a further overview of this topic.
12 - 3
To this end, actuaries often prefer a more holistic approach, known as a total balance sheet
approach. This requires that assets, liabilities and capital cannot be viewed individually any
capital evaluation needs to comprehensively assess the combined effect of all these valuations.
One way to evaluate capital levels is to base the desired amount of capital as a function of the
underlying economic values of the assets and liabilities, and all the risks to which they are
exposed. In this context, although reported assets or liabilities may be calculated on bases that
are more or less conservative, the assessment of capital must appropriately consider the basis
applied to both the assets and the liabilities to understand what is meant by the level of reported
and/or targeted capital. While it is desirable to have all elements of the balance sheet valued
consistently, some amount of valuation inconsistency can be addressed by the capital framework
as long as it is identifiable, capable of assessment and has a manageable effect on capital
requirements. Other methods to assess/estimate capital sufficiency such as through cash flow
testing can also be useful.
Each type of financial statement is designed with certain objectives in mind. Insurer stakeholders
will use the financial statement that best addresses their own purposes or needs. The use of a
different lens, presumably for another purpose (e.g., regulatory versus public reporting), will
yield a different reported amount of capital on which to assess capital adequacy.8 This in turn
may impact the regulatory decision regarding the desired required levels of capital. These
various definitions and purposes of capital measures may be used to indicate:
Financial strength used by investors, rating agencies etc. to assess relative strength
among insurers, often at capital levels well above minimum regulatory requirements.
Both the management of a company and its supervisors share the objective that the
firm be able to fulfill its obligations (benefits, claims and expenses). Given that
certainty is not possible, the real issue is what levels of relative assurance (whether
expressed in terms of VaR, T-VaR or other quantitative and/or qualitative measures)
are desired by the company and/or the supervisor9.
Degree of a solvency buffer to assess whether an insurer has a sufficient level of
available capital to meet policyholder obligations with a high level of confidence over
a pre-determined risk shock horizon. Liabilities are inherently uncertain because of the
nature of the insurance business i.e., the assumptions underlying the provisions
being promised cannot be known (only estimated) in advance. Historically, liability
requirements were set in many accounting paradigms at a level to provide for
reasonable/plausible deviations due to uncertain assumptions. Capital requirements
were then set to address very unlikely, but possible outcomes.
Since outcomes are uncertain, capital is required to increase the probability that the
company will be able to fulfill its obligations, including the payment of future benefits
8
Some classes of assets (capitalized software, over-concentrations, various forms of debt, internal investments,
etc.) may be routinely disallowed for supervisory purposes.
9
A secondary concern in some jurisdictions is that increasing capital requirements will also result in higher
premium rates or a lessening of the coverage offered.
12 - 4
and claims. This enhances policyholder security. Two ways of thinking about choices
made to assess capital are that the capital determination needs to consider the possible
deviations between (1) the current estimates of assets and liabilities on the current
balance sheet and (2) their continued uncertainty and volatility over future time
horizons10. Whatever measurement method and target are selected, the calculations
can never be as precise as implied by a specific number determined as an x% or y%
confidence level. For this reason, an important consideration is whether the measure
used can correctly identify companies that are at an unacceptably high-risk of not
being able to meet their future obligations and so enable supervisors to intervene
before that becomes a reality. This differs from merely wanting to rank the relative
strength across insurers.
Amount of funds available for future growth, limited liquidity needs and/or
fluctuations in earnings. While under normal circumstances an increase in capital can
be obtained when needed, the ease of access to additional capital under stressed
situations is an important consideration.
A source of future shareholder dividends and (in the case of surplus capital held on
behalf of with-profits or participating policyholders) a source of support for future
bonuses (i.e., policyholder dividends/bonuses). Both management and supervisors of
insurers distinguish between balance sheet capital which reflects the excess value of
assets over liabilities11 and required capital. Required capital is the minimum
amount of admissible regulatory capital that has to be held to offset and safeguard
against significant adverse events, including the potential inadequacy of currently
reported liabilities and possible worse-than-expected experience on policy liabilities.
The excess of reported capital over a required capital floor is usually referred to as
distributable capital or surplus. If companies keep what is seen by its shareholders
as "excess capital" on their balance sheet, that company will often be pressured to
invest/use it for an enhanced risk return or return it to its shareholders.
Determining the adequacy of the insurers capital is a primary responsibility of the insurer. It is
the insurer that prices and underwrites/selects the specific risks it will cover, typically based on
specific models for those risks. However, as a safeguard, supervisors often define standardized
(perhaps stress-level or factor-based) capital requirements as a basis from which to trigger
important intervention and control measures. Thus, smaller insurers may evaluate capital relative
to only supervisory or rating agency requirements/demands, but larger insurers may have the
resources to consider a variety of perspectives, some of which may require more complex
10
A further question to explore is whether a more helpful measure of capital resiliency could be how to determine
capital for these two methods separately instead of combining all risks into one aggregate number.
11
As mentioned previously, this also needs to consider whether holding company debt/surplus notes are
considered capital or a liability. For example, for a gone concern objective, a surplus note would not be repaid. But,
for a going concern objective, it would typically be expected that the assessment consider it will be repaid.
12 - 5
measurements. For example, larger insurers generally try to develop their own internal view of
capital adequacy. In theory, such an insurer considers the economic value of its assets and
liabilities on a consistent basis as part of its internal analysis, such as through an economic
capital model. Many insurers use pragmatic approximations that make use of values in their
financial statements (which may or may not use consistent valuation bases and/or include
explicit or implicit conservatism) as a base from which to assess the adequacy of their capital.
It can be important to demonstrate capital adequacy, not just in the near term but also over the
life of the insurers policyholder obligations and business plan. These different time periods are
sometimes referred to as current financial position assessments in contrast with future financial
condition assessments. There are important differences between these two perspectives on
capital. The latter is typically focused on how to best manage and maintain the entity as a going
concern. The former may be focused on a gone concern (or runoff) perspective to ensure all
benefits and claims can be paid if the company is closed for new business.
II. Time Horizon of Liquidity, Required Capital & Instruments Eligible to Meet Those
Needs
Historically, insurance capital requirements have been telescoped into a current date
requirement for all future shocks, whether they may be due in days, years or decades. Unlike
banking, there has not been (with some notable exceptions) a specific regulatory requirement for
liquidity12. The exploration of (and possible future specific requirements for) insurer liquidity
requirements contrasts with required capital, which requires a more nuanced recognition of the
investment time horizon needed for various types of risk capital and the potential timing of
insurance demands for cash. In addition to liquidity concerns, possible concerns relating to time
horizons with regard to risk capital requirements include as considerations (a) the number of
years of new/renewal business, (b) the number of years of low interest rates or high inflation, (c)
the number of years of mortality improvement assumed, and (d) the number of years of exposure
to natural disasters.
For example, in the case of life insurers (and other long-term insurance commitments), adversity
may arise from one or more factors with distinct implications for the needed type of capital.
They include:
1. Situations of increased surrenders, where assets supporting liabilities may not be
sufficiently liquid to provide funding for a few weeks or months. Only recently have
some firms begun to separately test for liquidity risk as distinct from their risks for
longer term capital needs;
12
U.S. NAIC IRIS ratios for P&C companies do assess liquidity. (IRIS ratio 9 is adjusted liabilities divided by liquid
assets.) Hence, while there may not be a liquidity regulatory requirement, there is ongoing supervisory monitoring
of this risk. In addition, Solvency 2 includes a liquidity test.
12 - 6
2. Use of capital to address (and recover from) rare insurance events like the Spanish flu
epidemic or an unusual combination of events (whether insurance, operational and/or
economic related over periods of months or several years); and
3. Financing the present value of cash flows due to the impact of adverse development in
long-duration options and guarantees (which can exceed 30 years beyond the present
date).
For property/casualty insurers (and other short-term insurance commitments), such adversity
may arise from one or more factors, including:
1. Medium-term needs due to the underwriting cycle, operational risks, a paradigm shift
in the business model or competitive environment, and mass tort or other slowly
developing or emerging issues (that may include unexpected legal rulings).
2. Short-term needs typically from catastrophes, weather, or other event-driven items.
Even here, these are typically medium-term cash needs (as payouts usually occur as
property is rebuilt over time, not at the time of the incident)13. However, establishing
liabilities for the incurred, but not yet paid, claims will reduce the next periods
reported capital with the possible need to then access additional capital.
And finally, both types of insurers may have to maintain sufficient short-term liquidity or
funding for obligations due to:
1. Required posting of collateral triggered by external events or changes in ratings of
firms;
2. Securities lending activities; and
3. The repayment of debt to a bond holder and/or parent company. This is typically
subject to regulatory approval if solvency levels are not above minimum
requirements14.
The above distinctions in time horizons are rarely reflected in current insurance capital
requirements15. Although liquidity can be a distinct feature in Enterprise Risk Management
(ERM) frameworks where it may be a significant issue, the distinctions are also sometimes
13
An example of this from one P&C company shows that the average payment lag for their events ranged from 3
months to 12 months, with the bigger and more concentrated events having longer average time until final
payment periods. Commercial lines also have average payment dates about 3 months or longer than personal
lines. These are also averages for large tropical windstorms major earthquakes tend to have longer average
payment dates (due in part to more delayed discovery of damage). These are average payment dates some
payments take place several years after the event for the largest events, generally for commercial property lines.
Hence, while some payments do occur before construction is complete, payments do not occur in full the instant
the event happens. The quickest payments are for emergency living expenses, with construction costs strung out
over the period of construction in many cases.
14
This issue can be significant for firms (either life or non-life) that invest in more illiquid assets in the search for
yield, invest in financial instruments to hedge or reinsure risks which lead to large capital requirements.
15
One exception was a decision by OSFI (Canada) in late 2008 to modify required capital for long-duration options
embedded in segregated funds/variable annuities.
12 - 7
addressed in other regulatory requirements such as restrictions on the use of certain asset classes
or their admissibility as capital. This chapter further discusses the fine-tuning and interaction of
liquidity risks, the time horizon of the liability risk exposures, the financial capital allowed to be
used to address them and the management and regulatory options needed for their interactions.
This includes the means to replenish capital and the type of instruments actually held to address
the capital needs of the organization based on the above exposures. (See Appendix 5 for how this
is dealt with in the EU and the US)
3. Levels of Capital
There are several balance sheet elements subject to risk and uncertainty which are reported on
and need to be monitored, reflective of different stakeholder objectives:
1. Liabilities. They use a baseline of the expected obligations and the uncertainty of their
estimate. This may be determined as a single conservatively-set liability or a
calculation of a best estimate plus an explicit reflection of a risk-based or
conservatively prescribed margin. Alternatively, this may be done by focusing only on
expected cash flows for the liability with any risk and uncertainty in the liability
considered in the other element (i.e., capital).
2. Required Capital. This is held to reasonably ensure that obligations can be fulfilled
(even in unusual and/or stressed circumstances). Open to clarification is the time
horizon for which this needs to be calculated. For example, it could also be used to
address recapitalization to cover future risk events based on todays market
parameters. Capital provides a buffer against tail risks risks that have a low
probability of occurrence. Some of these (e.g., severe weather events, pandemics) can
manifest themselves catastrophically over relatively short periods of time with little
effect in later periods. Other tail events may manifest themselves through a material
change in a key assumption in the insurers business16. While these two examples of
tail risk are not exhaustive of all possibilities, they can be helpful to visualize the
implications of a time horizon for a capital requirement. Additional considerations
include:
a. Risk horizon of one year. It is frequently chosen by insurance supervisors for
setting capital requirements, as this time period is felt to coincide with the length
of time it might take for all parties (insurer and supervisor) to identify and deal
with a solvency-threatening situation. The capital requirement must therefore
consider tail risks that present themselves as material economic losses within the
risk horizon of one year, regardless of when the adverse cashflows are expected to
16
Examples include mortality or disability/recovery rates, policyholder behavior assumptions, claim development
or asset yields, to name a few significant ones.
12 - 8
occur.17 How does this include impacts of the risk after one year? Whether or not
the troubled insurers business is to be transferred to another insurer, the entity
would need sufficient assets to provide for the post-shock assumptions, some of
which (as noted above) may have suffered continuing impairment due to the tail
event. Broadly, this is achieved by modelling changes in assumptions whose
impact goes well beyond the end of the current period18. To the extent that further
impairment of an assumption is likely, it should be reflected in revised current
reported numbers or be smoothed/graded in over time.
b. A market-based credit risk capital charge for a thirty-year obligation. In the event
of an immediate market crisis, should the application of capital to cover todays
credit risk event(s) be accompanied by an immediate need to require additional
capital (in case there is another major crisis that lasts over the remaining 30 year
period of the obligations)? Or, should the capital charge only reflect perceived
changes in the long-run default rates and their volatility? In the former case, it
means that capital is actually never used; it must continue to be replenished.
Typically, the determination of a required capital level involves determining a level at
which the legal authority to run a company may be transferred from management to a
supervisor. As such, there is a need to have an objective basis for its determination,
often more focused on the runoff value needed for an orderly resolution19. An
important specification to be addressed is whether there is a single goal of the process
i.e., is the liquidation meant to only run off existing obligations or is it to attract
another investor to take over the ongoing operations (and distribution networks of a
legal entity)? Or (in the case of a group), is the goal to sell the group as a whole or to
just sell certain segments of the group?
3. Internal target capital is held by management above a supervisory standard to avoid
supervisory intervention and to enhance public trust in the promises made in inforce
and future products/sales. Desired public trust is often reflected in and managed by
focusing on and addressing rating agency requirements. This includes assessing
managements ability to continue to add value (i.e., a going concern objective).
4. Additional free/excess capital is available for new business, acquisitions or
distribution to shareholders.
17
Unfortunately, future economic losses can only be estimated, and the size of the estimated loss will vary as the
market changes. Thus, an important consideration is to look past the economics to the underlying extent the asset
and liability cash flows diverge.
18
It may not be reasonable or practical to expect one risk measure (i.e., capital requirement based on a one year
time horizon) to capture all the nuances of risk. Other tools can and should be used to enhance the understanding
of the longer-term impacts of various risk scenarios and their associated uncertainties on an insurers solvency.
These tools include stress/scenario testing and ORSA, among others. The capital requirement alone is not the
optimal solution to certain types of risk, where requirements for mitigation systems (e.g., cyber security or
effective management of policy options) may be a more effective regulatory requirement.
19
It is often referred to as the liquidation value.
12 - 9
These four levels to assess liability risk and uncertainty are not necessarily additive, with
additional nuances for capital at a group versus a subsidiary level, since where the capital is held
and the ease of raising additional capital (whether internal to a group or in the external market)
are important factors. Capital expected to be used to cover possible increases in current liabilities
can also be used to pay higher than expected future benefits or claims instead of being used to
support an expansion of new business or an acquisition. In addition, regulatory focus on a
required capital target will focus on the ability to pay benefits or claims and, possibly (in certain
jurisdictions), to provide enough of a margin for a risk premium sufficient to allow another
company to take over the obligations while assuming the assets backing the liabilities and
capital.20 This will typically be a lower aggregate required capital amount than what management
would focus on in order to maintain and/or increase a rating or to ensure desired growth.
The sole purpose of some regulatory capital requirements is to identify insurance legal entities
that are poorly capitalized and at risk of failure. As such, those systems have not been designed
to evaluate groups, rank companies or assess how much capital is redundant - relying on other
supervisory metrics or tools for those tasks. This allows for a greater relative acceptance of
imprecision in the use of calibration, factors and methods where approximations and/or
simplifications may be used.
Typically, different capital levels are used as triggers or guideposts for appropriate regulatory
actions and may also be used to initiate management actions. Their calibration and calculation
depend on the methods used to calculate the value of assets and liabilities, as well as the agreed
upon risk tolerance of the regulatory body21. Thus, the following (shown from highest to lowest
capital level) illustrates the wide diversity of required capital purposes, goals and definitions for
capital adequacy and what capital might signify.
1. Shareholder Perspective - Sufficient22 assets to continue operations as a going concern
and to maintain (or enhance) the insurers internal capital target. Typically, such a
target would meet or exceed any supervisory expectation and desired rating by a rating
agency and would be managed along with other shareholder objectives.
2. Supervisory Scrutiny Trigger - assets relative to liabilities and ongoing business
operations are sufficient to continue operations, but accompanied by specified
minimum levels, that if breached, invite/require supervisory scrutiny.23 Typically,
20
This is often addressed through requiring a Margin Over Current Estimates (MOCE) or a risk adjustment. Issues
associated with this topic will be addressed more fully in a separate IAA project.
21
The efforts at international financial reform and standards include discussions on the risk tolerance of
supervisors based on size of regulated entity and type of business.
22
An informal acceptable definition of sufficient is that with a high level of certainty, the future cash
flows/benefit obligations can be paid at (or perhaps very close to) full value
23
Scrutiny is warranted not only when a certain level is reached based on the insurer specifics (i.e., not just a broad
average ratio applied across the industry) but also when an insurers ratio shows a noticeable unexplained drop in
the recent period that is out of synch with the market or a risk adjusted benchmark.
12 - 10
management and shareholders are strongly incentivized to hold capital in excess of
this early warning trigger level.
3. Supervisors Level of Mandatory Direct Intervention/Control typically based on the
ability to provide for the technical provisions and a supervisory minimum amount of
required capital. This reflects the supervisory risk appetite to avoid failure of firms to
meet their obligations, whether as a legal entity or as a group.
The following are examples of historically used measures of degree of sufficiency for capital
and balance sheet resources. They differ based on the accounting/capital framework and on the
supervisors philosophy and the resolution tools that accompany the framework. They all have
value in some situations and they each have unique limitations which need to be addressed via
the larger supervisory governance framework:
Regulatory Benchmarks:
1. 99% TVAR over a 1-year risk horizon (OSFI);
2. 99.5% VAR over a 1-year risk horizon (Solvency 2);
3. Cover 2-3 standard deviations over a 5-year period (some aspects of the NAIC):
Management Benchmarks
1. No more than 5% chance of a loss greater than 10% of surplus in any one year;
2. Probability of ruin (or business model failure) less than or equal to 5%;
3. Whatever capital it takes to get an acceptable rating from one or more rating
agencies;
4. Whatever capital it takes to satisfy the regulatory regime such as the Bermuda
Monetary Authority, OSFI, or Solvency II;
5. Whatever specified level of capital is required to avoid increased regulatory scrutiny
(a higher standard than regulatory intervention); or to reduce the probability of
regulatory scrutiny to a low level (further margin);
6. Operating requirements specified by management over a short-term period, during
which fluctuations in material external and internal variables are within a desired
range;
7. Specific operational goals under extreme stresses as proposed by management or
supervisors; and
8. Assets greater than or equal to liabilities after extreme, improbable events (e.g.,
through stress testing).
12 - 11
Additional questions or considerations that influence what capital requirement is
measured/assessed include:
1. Is the debt issued by a non-insurance holding company treated as a liability or as
capital that has been contributed by a parent with no legal requirement for the
subsidiary to repay? (See Appendix 5 for further details.)
2. Is the required capital level meant to ignore or give credit to diversification (whether
within an entity or a group)?
3. The important legal and operational differences between required capital at a legal
entity level and at a group level where fungibility and the trade-off between the value
of increased diversification and increased systemic importance will come into play.
4. If adjustable insurance products (e.g., participating with bonuses or dividends or loss
sensitive non-life products) pose reduced risk to the insurer, how should this be
reflected in the determination of technical provisions or capital requirements in
comparison with similarly designed, but fully guaranteed, products? For adjustable
business with mitigation features, valuation assumptions for technical provisions
(especially for discounting) need to be consistent with the basis used to project future
policyholder premiums and benefits. To do otherwise produces nonsensical results.
When bonuses (policyholder dividends) are, or may be likely to be reduced, to zero or
close to zero, the technical provisions must be sufficient to provide at least the
guaranteed benefits, which may imply use of a discounting basis appropriate to
guaranteed benefits, with little allowance for adjustability. Equally, capital
requirements for adjustable products with mitigation features, while they should
usually be less than those for similar fully guaranteed products, may need to reflect
real world constraints on the full usefulness of their adjustability. Those constraints
might include, for example, the need for regulatory approvals in some cases for
premium adjustability; and/or competitive pressures from other insurers which might
inhibit drastic action in (say) reducing bonuses or dividends. The ability of insurers to
reduce benefits, or increase charges, may also need to take into account relevant
conduct of business legislation, and the current views of conduct of business
supervisors, which may mean that there are constraints compared to what was
envisaged when the product was sold. (See Appendix 3 for a further discussion of
these products).
5. Should liabilities be valued on a guaranteed basis using risk-free discount rates, or on
a real world/fair value basis based on portfolio yields for products with bonuses or
dividends?
12 - 12
How each question is answered will then determine the most effective qualitative assessments
and processes needed to complement and mitigate the strengths and weaknesses of the chosen
framework.24
4. Methods to Calculate Required Capital

Once the objective(s) and basis for capital are agreed on, the needed criteria and parameters for
setting a required/desired capital level (whether for supervisors or management) can then be
determined using the following considerations.
1. The point in time at which capital adequacy is measured. Typically, this is at the
financial statement valuation/reporting date, but it may include a projection of possible
capital needs at future points in time.
2. The time horizon over which capital adequacy is measured.
3. The specific entity, subsidiary(-ies), branches, non-financial entities and conglomerate
for which capital adequacy will be measured.
4. The criteria by which capital adequacy and available capital will be determined. The
definitions used for the baseline liabilities (and assets) in the balance sheet will affect
the corresponding basis and meaning of the required capital. There can be important
differences for reflecting the level of risk and/or types of uncertainty in the liabilities
and assets held by the company. For example,
a. IFRS and U.S. GAAP Historically these general purpose financial reporting
standards have been income statement focused, to reflect a companys revenues
and expenses within a reporting period and to allow performance comparisons to
be made with other companies and industries. Depending on the accounting
standard used, liabilities for long-duration contracts may be book-value based,
market-value based or based on account or surrender values. An adjustment for
risk may be included in the value of insurance liabilities. Assets are typically
valued at fair or market value (unless designated as Held to Maturity, for
example). There may be greater or lesser inconsistencies between the valuation of
assets and liabilities as a result of the options within the various systems. The
24
In concept, companies and supervisors want to have similar conceptual levels of provisions and capital.
Where this begins to diverge rests on several risk-related topics, such as:
- Available capital (i.e., different components not viewed as having the same strength in times of crisis,
such as deferred tax assets);
- Risk diversification (i.e., supervisors may take a range of views on the appropriate treatment of
diversification either within risk or across risk categories);
- Capital fungibility (e.g., across companies, geographies, and currencies); and
- Whether margins over current margins (or risk margins) are considered liabilities or part of available
capital.
12 - 13
impact of these options needs to be addressed if the baseline is to be made
consistent between entities and groups.
b. Market value balance sheet The focus is on the balance sheet where equity is
defined as the result of reflecting current market values of assets, liabilities and
guarantees. Here, the consistency of valuation is relevant for participating/
discretionary value products and for benefits not exposed to liquidity calls.
Insurance liability values typically include a risk margin for the cost of holding
capital due to the possibility for adverse experience and the uncertainty associated
with the liability estimate. There may be some circularity here, as the cost of
capital that may be included in the measurement of the liability will be a function
of the chosen capital target. (This issue is typically addressed through the use of a
few simplifying assumptions). The concept of a risk margin can be theoretically
similar to that of a MOCE, but its application in an income statement may be to
reliably report its release into income as opposed to a true measure of the transfer
value.
c. US statutory Typically for life insurance, both assets and liabilities have been
valued on a book value basis. However, to the extent that cash flow testing leads
to larger liabilities, the liabilities have been based on best estimate assumptions
with additional conservatism built in to hold more assets to back the liabilities.
Recently introduced Principle Based Reserves for life insurance incorporate
liabilities based on best estimate assumptions with additional conservatism in all
cases. General insurance claim liabilities are valued on a best estimate,
undiscounted, basis, implicitly reflecting a risk margin (which may range from
immaterial to significant depending on the length of the discounting) to the extent
the time value of money effect exists.
Each framework has its own unique (and overlapping) areas of greater and more
material impact. For example, historically, liabilities for life/annuity products have
been estimated by means of factors reflecting conservatism (in policy assumptions and
interest rates) based on past aggregate industry experience (with actuarial experts
determining if and when more is needed). Or the liabilities may be based on risk-
specific internal models25. These liabilities may then be reported as book values,
account values or market values, with varying levels of discount rates.
5. The capital calculation itself. Typically, required and/or target capital is based on a
measurement of the potential adverse deviation in assets and liabilities in stressed
conditions and future underwriting experience (in the case of non-life business).
This is typically carried out by modelling, designed to test the adequacy of capital in
terms of the chosen target level of sufficiency. Alternatively, the calculation may be
25
These models will be exposed to varying degrees of model risk based on the soundness (or lack thereof) of the
modeling process.
12 - 14
based on a simplified formula intended to produce amounts that more broadly
correspond to simple measures of risk. However, the parameters of such formula-
based systems are usually calibrated by reference to results of more complex
modelling work on an industry-wide basis.
In all but the simplest formula-based approaches, calculation techniques for testing
capital adequacy involve assessment of the impact of a range of stresses on the entity
concerned. This assessment usually includes a range of stochastic components.
Simulation techniques are often used, especially in cases where options exist in either
the liabilities or the assets or for low frequency/high severity risks such as catastrophe
exposures. These calculations can involve modeling the impact of significant adverse
deviations in many of the assumptions on which current estimates of the assets and
liabilities are based, and can take into account observed risk distributions and
correlations between risks, as well as secondary impacts such as taxation.
The deviation of the net asset position of the entity resulting from the adverse stresses
is a measure of how much loss the entity would incur in materially adverse, but
plausible, conditions, and hence gives some measure of what level of capital would
satisfy the chosen sufficiency criteria, within the specified time horizon.
6. Assessment of the level of aggregation used in capital requirements. For example, can
one or more subsidiaries individually fail a capital adequacy test, while the overall
group passes? Or can the overall group fail when each subsidiary passes?26 And, how
can/should differing local regulatory regime capital requirements aggregate at a group
level?
7. If required, determination of where the additional required group capital should be
held and under what circumstances it could be available to be used by other entities
within the group.27
26
For example, in 2008 AIG failed at a legal, non-insurance, entity level, but likely had adequate group capital. Also,
at what level should the aggregation occur for the group, since a conglomerate may well have little need to do
this at the ultimate holding company/ownership level? More discussion of this topic occurs in Chapter 8 of the Risk
Book (on Groups) and in Chapter 11 (on Resolution of Insolvencies).
27
See chapter 8 on Groups and Chapter 11 on Resolution of Insolvencies for further considerations.
12 - 15
5. Actions Linked to Lack of Achievement of Required Levels
B. Regulatory Powers
The following regulatory powers are often linked to situations in which certain levels of
supervisory target and/or required capital are not achieved. They are described more fully in
Chapter 11 - Resolution of Insolvencies:
1. Require management to develop an action plan that includes actions to increase capital
and/or de-risk the firm (e.g., by selling assets or lines of business, by raising external
capital or buying a catastrophe reinsurance policy);
2. Require additional reporting and supervision;
3. Limit or discontinue sales and approve revised products and/or pricing targets;
4. Eliminate/reduce dividends to shareholders;
5. Modify required levels of capital or classifications of capital ;
6. Liquidate/runoff (resolution) the insurance company and its obligations. This is
usually seen as the last step in an escalating series of supervisory actions as capital
weakens. This may include or be preceded by a temporary suspension of benefits
and/or an adjustment of the amount of benefits to be paid;
7. Identify and negotiate a change of management for the company with the possible aim
of taking over the management and administration of the failed insurance block or
company; and
8. Transfer the assets and liabilities to a compensation or policyholder guarantee scheme.
The intervention level required by insurance supervisors for each of its multiple regulatory
options is a function of the level of capital that must be held by the insurer. These levels reflect
the additional risk elements/factors related to the risks of the insurers assets and liabilities and
ongoing operations. Typically, this is meant to ensure that in most scenarios (the level of
uncertainty of which will depend on the risk tolerance or supervisors preference), there will be
sufficient funds to meet all applicable obligations considered essential by the supervisor and/or
resolution authority28. One possible result is that shareholders are left with no funds after all
policyholder obligations are met. Another possible objective could be to ensure the continued
survival of the firm on an ongoing basis to help ensure a competitive market; with or without a
transfer of business to another insurer.
The above actions focus on what supervisors can do if capital falls short of targets. In addition,
the following preventative measures can be used by supervisors to assess ahead of time an
insurers ability to maintain adequate capital in times of stress:
28
While each jurisdictions insolvency/bankruptcy laws vary, a likely order of priority might be: (1) Policyholder
guarantees, (2) Margins for an assuming company while paying off the future claims, (3) Policyholder dividends or
non-guaranteed elements, (4) Creditors, and (5) Shareholders)
12 - 16
1. Define the types of capital instruments (and their tiering) allowed in the determination
of available capital resources
2. Review relevant insurer materials (e.g. ORSA and other materials) used by
management
3. Supervisor initiated stress tests, either on the industry or on specific insurers
4. Supervisory direction to insurer(s) to maintain higher capital levels due to risks not
adequately captured in current capital requirements
C. Management Actions/Powers
For its part, management will want to use the following actions to avoid triggering the regulatory
powers and actions listed above:
1. Target how much capital is desired above regulatory required capital for it to remain
an ongoing operation (not just a runoff operation) and to be in a financial position to
attract or qualify for additional capital;
2. Manage the available options to raise capital or reduce capital requirements (e.g., from
its parent, the capital markets, sale or reinsurance of existing blocks of business and by
control of new premiums/sales);
3. Assess which lines of business provide the optimal amount of profitable (or less risky)
return on their invested capital;
4. Manage each individual line of business product and asset levers in a changing risk
environment;
5. Understand how volatile are the risk measures for capital charges in dynamic
economic environments; and
6. Determine the level of sustainable shareholder dividends and policyholder variable
bonuses or dividends that can be declared without impairing the desired level of
retained capital.
Management typically targets a level of capital to avoid regulatory intervention or to meet a
rating agency target. However, management also has a responsibility to communicate to
shareholders how they will receive a reasonable return on their invested funds through the
emergence of profits on profitable policies sold by the company.
12 - 17
APPENDIX 1
Key Elements that Affect the Meaning and Usefulness of Capital

Capital is one of several essential tools used to help ensure, to the extent possible, sustainability
and it needs to be considered in that context. Capital is not the answer to every risk management
situation.
Key elements and considerations that go into a sound program of capital management include the
following:
1. Solvency measurement reflecting a policyholder perspective should reflect real
economic risks29. Only risks that affect the insurers ability to meet its policy
obligations should be provided through required capital, e.g., where assets are held to
provide cash flows arising from long-term illiquid liabilities, these assets are typically
not subject to forced sales; therefore, while spread risk may not be economically
relevant, asset default risk is. Reflection of risks that are relevant to the particular
insurers business model contributes to efficient regulation in a macroeconomic sense
and also provides adequate risk management incentives. This topic is extensively
covered in the IAA Blue Book (2004).
2. What is the risk appetite of the supervisor and/or management? For management this
means to have a clear view of their risk appetite for such factors as business failure,
risk type, regulatory intervention, and loss of franchise value (See Chapter 4 on
Operational Risk for more details). This may be specified in terms of the measure of
adequacy to be used, the timeframe, and a basis for the stressed risk parameters that
drive the calculation. For the supervisor this includes the question of whether its
objectives for intervention include a going- or gone-concern solution and the
combination of quantitative and qualitative requirements used to support that
intervention objective.
3. Distinguish inadequacy of required capital from cash insolvency. A failure to satisfy a
regulatory required capital target represents an early warning marker for more
intensive oversight or action. It would very rarely indicate that the company is
insolvent on a cash/liquidity basis. Rather, it means that additional capital may be
needed, now or at a future date, for the possibility that assets currently held for future
risk(s) are not ultimately sufficient to meet policyholder obligations.
29
One complicating factor with systemic implications beyond the risks to the entity is the ability for a solo entity to
upstream cash to repay debt that was originally down streamed may be a risk to its parent and the larger
economy. This question needs to be addressed for its possible implications for financial stability, not in terms of
policyholder protections.
12 - 18
4. Address the pro-cyclical nature of market based capital requirements. Market based
capital for financial risks mirrors the riskiness of the market and thus is pro-cyclical,
indicating that, in times of stress, more capital will be needed, particularly if the major
risk faced is financial risk. This need therefore tends to arise when capital is more
expensive (or more difficult) to obtain. If liquidity risk is of minor importance, this
indicates that some countercyclical or smoothing approaches might be valuable. One
driver of this pro-cyclicality is credit spread changes impacting market values. For
illiquid liabilities with longer horizons, a more appropriate charge for credit risk
represents a prudent level of default costs, since ultimate asset values, absent a forced
liquidation, are not impacted by credit spread changes over the life of assets.
5. Understand the uncertainty of capital estimates. As mentioned earlier, the use of
models can often provide more relevant and reliable measures of exposed risks than
historical averages or factors. This is because models provide insightful
approximations to the range of plausible values around the estimate, as well as the
drivers of the range. This includes unlikely, but still possible, results; and it is based
on estimates of future risk and volatility rather than past experience. This information
is often more important than current best estimates. For well-defined and stable
distributions of risk, there has been a progression in risk assessment over the last
decade from the use of VaR to TVaR (to understand the likelihood and significance of
the tail risk beyond the cut-off point). A caution is that in the tail, the distributions and
correlations are often less defined and stable. Hence, for solvency purposes, there is an
increased need undergo specific scenario analysis of the tails to isolate and assess the
key drivers of that result. Thus, setting legally binding capital intervention levels
works well for more easily determined capital charges, while stress/scenario testing
(see Chapter 20) and the use of catastrophe models (see Chapter 5) may be more
appropriate for tail events with uncertain probabilities. Stress test results could then be
linked to either product limitations or resolution/recovery options. This concept is also
touched on in Chapter 17 Risk & Uncertainty.
6. Recognize that well-designed capital requirements lead to better risk management
practices. For example, market value based capital measures encourage the use of
effective hedges. Operational risk capital charges based on historical events alone may
lead to pro-cyclical charges, typically misaligned with the actual risk exposures and
practices of a company (See the Operational Risk chapter 4 for more insight on this).
7. Coordinate treatment of Deferred Tax Assets (DTAs) with the rest of the solvency and
tax framework being applied
Are DTAs a dependable asset in the case of a troubled company? Maybe. Some of
these DTAs arise from the use of discounted claim liabilities for tax purposes. In some
jurisdictions there are statutes that claim these DTAs do not expire or can be converted
to cash after a certain number of years, although it is not known whether these are
reliably tested in a troubled insurer situation. Some jurisdictions have what is known
12 - 19
as tax carrybacks that allow a previous payer of tax to recover previously paid
amounts in the event of taxable loss the following year. Tax carrybacks would appear
to be potentially available even in a troubled company situation. It is less clear
whether DTAs that rely on future taxable income are a viable asset for a future
troubled company. In summary, it may be appropriate to allow reflection of DTAs in
the calculation of capital to the extent they can be converted to cash in the future
despite unfavourable results. DTAs that require future earnings to be recoverable as
cash could be disallowed as part of capital unless they could be recovered in a runoff
scenario. . Similarly there may be restrictions on assuming recovery of DTAs against
profits from future new business or profits in another group company.
8. Distinguish group vs. legal entity capital. What are the important considerations and
differences between required capital for a legal entity and required capital for a group
which may cross several regulatory jurisdictions and may contain more than insurance
entities? The early development of required capital looked for objective measures to
facilitate a legal right to transfer management of a company from the shareholders to
the supervisor. However, entities have grown in complexity and in diversity across
countries. This has several implications, including:
a. Capital calculated at a group level will not usually capture the extent that capital
may not be fungible across the organization when it is held in different
jurisdictions around the world, instead of at a parental level. Regulatory actions
may have also an impact on its fungibility.
b. A consideration for this issue is the location of the DTAs within the group and the
extent to which the group files consolidated tax returns. Where a consolidated
group tax return exists for a jurisdiction, tax treaties may exist among group
members such those with a stand-alone tax liability would pay part of that tax
liability to other group members with negative tax liability. This would make
DTAs for those group members more likely to be recovered. In contrast, a DTA
might exist in a jurisdiction within the group that does not contain other group
members with probably future tax liabilities; hence the group may have a more
difficult time recognizing the tax liability. In short, the recoverability of a DTA
may be a function of its fungibility across jurisdictions/entities based on its
location by jurisdiction within a group.
c. There may be a potential for raising capital through the sale of specific subsidiary
entities while still retaining the viability of the parent (as was done at AIG in 2009
by selling off subsidiaries in Asia).
d. The ability to legally transfer ownership of the entire group across regulatory
jurisdictions may be difficult to achieve at a group level.
e. The possible required use of more individualized risk models may be of greatest
benefit to supervisory colleges which oversee the diverse entities of a group so
12 - 20
they could more proactively assess and manage fungibility in stressed
environments and then apply the appropriate set of regulatory powers to various
stress events to the group.
9. Reflect Business Model Considerations
a. Capital Backing General Insurance. Setting capital requirements for short-term
insurance liabilities has additional considerations to be aware of, which are
discussed in more detail in Appendix 4.
b. Capital Backing Participating Life Insurance Products and Products with Non-
Guaranteed Elements. These considerations are discussed in more detail in
Appendix 3.
c. Capital Backing Insurance vs. Banking.
Conceptually, capital requirements for banks seek similar outcomes to those for
insurers, i.e., some high likelihood that promises made to customers will be
honoured. However, there are differences in practice reflecting the different
business models adopted. Historically, bank capital may have been viewed as a
first line of defence against liquidity risk. But nowadays the tendency is to rely on
specific additional liquidity requirements / buffers, e.g., the Liquidity Coverage
Ratio and the Net Stable Funding Ratio, that are designed to ensure that banks
have sufficient liquid assets available to meet all but very onerous liquidity
stresses.
Some features of regulatory capital requirements for banks are conceptually like
those applicable to insurers. For example, both often include some scope for firms
to develop internal regulatory capital models rather than merely using
standardised formulae, although the exact terms used differ. Both also include, as
part of their Pillar 2 requirements, an onus on firms to explore their own intrinsic
capital needs in the context of the risks that they face (typically called ORSA
(Own Risk & Solvency Assessment) in an insurance context and ICAAP (Internal
Capital Adequacy Process) in a banking context, although there are some
jurisdictions where such assessments are called ICAAP for both types of
business).
In contrast, there are some features where capital requirements typically differ,
often reflecting the different business models involved. These include:
i. Greater international banking convergence due to the work of the Basel
Committee on Banking Supervision (BCBS);
12 - 21
ii. Terminology and computations for banks that focus on risk weighted assets,
a concept which was originally introduced by BCBS to reflect some inherent
differences in the risk characteristics of different types of assets30;
iii. Different valuation approaches used within the same bank for parts of the
bank that are run using different business models - e.g., held-to-maturity
loans in the banks banking book are typically valued using amortised cost
methodologies (the theory being that such methodologies are more consistent
with the way in which the liabilities associated with these books are also
valued) versus securities held in available-for-sale or trading books typically
valued at mark-to-market (or mark-to-model). Where risks are not perceived
to be effectively captured by such approaches, supervisors often mandate that
firms carry out additional disciplines such as stress testing and reverse stress
testing and other forward-looking assessments of assets and liabilities under
both expected and stressed circumstances (sometimes, for larger firms, with
summaries of the results then made public).
iv. A more developed linkage between capital requirements and resolution
planning including an additional Total Loss Absorbing Capacity (TLAC)
requirement for larger international banks;
v. Greater sophistication in some areas such as derivatives where banks are
typically more active than insurers31;
vi. Greater adoption of macroprudential elements (i.e., elements specifically
targeting the stability of the whole financial system rather than the robustness
of individual firms) reflecting the typical view that financial crises are more
usually associated with banking than with insurance and given the lender of
last resort role typically played by a countrys central bank;
vii. For banks, the loan portfolio contains maturity transformation risk which
means the assets are long and illiquid in comparison to the demand deposit
liabilities. Capital is coupled with the central banking system as a resource
for additional cash borrowing. Thus, capital needs to be invested in assets not
subject to market/credit risk vulnerabilities that will impair its liquidity
and/or value in a moment of crisis. In addition, default capital
30
Note that the Basel framework that focuses on risk weighted assets does not readily address risks that dont
come from assets. Risks arising from liabilities or contingencies not on the balance sheet have to be converted to a
risk weighted asset equivalent, which can be an awkward exercise.
31
An example of this is the Jan 2016 BCBS standard on Minimum capital requirements for market risk, i.e.,
http://www.bis.org/bcbs/publ/d352.pdf (effectively how under Basel banks will need to handle market risks in
their trading books). Elements in this standard include greater detail on treatment of vega risk, curvature risk,
instruments with exotic underlyings, etc. Though again, key differences in business models should be noted. In
insurance, the predominant, almost exclusive use of derivatives is for hedging promised liabilities. They are not
intended or used for trading purposes.
12 - 22
charges/assessments rest almost exclusively on the nature and quality of the
asset loan portfolio, tempered by broader macro-economic factors.
viii. It may be assumed that to avoid loss of control or intervention, any insurance
company assets (including lines of business and/or subsidiaries) can and will
be sold (if need be) to back an unexpected change in liability payments due.
Capital is then available in the event that the amount paid out in a runoff
mode (over three to perhaps 30 years) exceeds the original estimates.
ix. For insurers, liabilities (and their accompanying assets), in most jurisdictions,
are annually re-estimated though projected cash flow assessments under both
expected and stressed future states to ascertain that the assets are still
sufficient to meet the liabilities over time horizons that may be from a few
years to thirty plus years. For banks, the traditional focus has been on
stressing the balance sheet for impacts over time horizons of days and/or
months.
d. Role/purpose of debt in insurance vs. banking.
i. Commercial banks extend credit to acquire what are often illiquid assets
(loans) and then look to secure funding via a blend of deposits, and debt and
equity offerings, at times supported by credit advances by central banks.
Leverage, (direct) interconnectedness, liquidity and maturity transformation
are key vulnerabilities. If failure occurs due to these risks, it can be rapid and
has the potential to ripple quickly to others, often in a timeframe of days. For
insurance business, most risk exposures and their implications take months or
years to unfold (except in those rare instances where maturity transformation
risk has also been taken on32).
ii. In contrast, insurers secure much of the funding for their liabilities up front
through premiums and then look to acquire assets that are relatively liquid
and, at least partly, duration-matched. Taking on new liabilities is not a
leveraging action for insurers as it is for banks, unless interest rate guarantees
are onerous. Underwriting risks, liability estimation risk, early surrenders,
excessive lapsation, interest rates and key regulatory/judicial disruptions are
the key vulnerabilities. Resolution of a failure typically occurs over an
extended period of time with little direct interconnection to other firms
(except for reinsurers of the failed firm). There may be time, if needed, to
typically raise/secure extra capital to cover the event that conceptually, at the
end of the runoff additional assets are more likely to be needed. Thus, if bank
depositors and bondholders could not lay claim to their deposits until all the
32
Two notable examples are General American, a U.S. based company in 1999 and AIG in 2008
12 - 23
loans were settled (or defaulted), then required capital for banks and insurers
would be more similar33.
iii. While modern banking regulatory capital requirements are increasingly
emphasising capital in the form of common equity Tier 1 (CET1) and
deemphasising Tier 2 capital such as debt issuance, it is an open question
whether insurance should converge to this approach, given different risks and
business models. The risk to a bank in holding a certain bond, which has on-
demand liabilities, is very different from the risk to an insurer with illiquid
liabilities.
e. Dependency between value placed on assets and value placed on liabilities
In life/annuity contracts, the value of the liabilities is often dependent on the
future performance of the assets, thus it is crucial to arrive at a consistent way of
valuing/discounting/projecting the asset and liability cash flows. See Appendix 3
for a further discussion of the impact of this significant feature of many insurance
liabilities.
f. Role/purpose of a Margin Over Current Estimate (MOCE):
What is a MOCE versus a risk adjustment? The use of MOCE is being considered
by supervisors and shares some similarities with the accounting (IASB)
introduction of a risk adjustment in IFRS 17.
The IASB risk adjustment increases the liability based on the companys
viewpoint toward risk and is released over time. However, there is a question
whether the treatment of MOCE should be different for supervisory purposes and
should a MOCE be part of the liability, or a component of required capital.
When the failure of an insurance company results in the transfer of a set of assets
along with the liabilities to another carrier, the determination of the value of assets
to transfer includes not just the expected value of the liabilities but a risk margin
to cover the cost of capital needed to hold the additional amount above an
expected value to cover the uncertainty of the full liability until is paid. However,
for many P&C liabilities such a transfer of the held assets and liabilities to
another party is rare and problematic in many jurisdictions (and hence rarely if
ever occurs in a troubled company situation), which introduces additional nuances
to this topic.34 The complex issues associated with MOCE will be addressed more
fully in a separate IAA project.
33
Left unaddressed is to consider that banks finance their growth in assets through two sources of debt that of
their demand depositors and through issuing corporate debt (bonds). What is the priority of that debt in the event
of resolution (and does corporate debt get counted as capital)? And how does this occur in the insurance context?
34
In this case, there is no value or profit to be gained from just paying off the residual claims as there is no market
for selling off the inforce claims.
12 - 24
g. Impact on Leverage and Comparative Surplus Ratios.
Assuming that capital is uniform across time horizons and business models leads
to a common misapplication of leverage and capital ratios.
i. For example, in the US, life insurance companies may typically report a
surplus of approximately 5% of total assets, non-life companies report about
one third of their total assets as capital35 and mortgage companies usually
report about two thirds of their total assets as capital. This reflects both the
lack of any prefunding needed for short-term insurance and the volatility of
its short-term capital needs. In fact, in the US, one feature of the required
capital charge is based on the volatility of past reported results
ii. Translating these ratios into a view that life insurance is much more highly
leveraged than other business models is to misunderstand the impact that
volatility of capital needs has on these ratios.
35
Per the 2016 Bests Aggregates & Averages, the year-end 2015 U.S. P&C industry surplus was 38% of assets.
Removing the two largest P&C groups (Berkshire and State Farm); the value drops to 34%. Mutual companies tend
to hold more capital than stock companies, perhaps due to their restricted access to capital markets.
12 - 25
APPENDIX 2
Building Blocks of Financial & Franchise Capital
A common conceptual approach to set a minimum solvency requirement is the level of capital
below which the supervisor can take control of the insurer. That level is often set such that, after
significant adversity, within a reasonable time horizon (e.g., perhaps 1 year) it is expected that
the entity will still have sufficient funds to (a) run off or (b) transfer or sell the business. The
intention would be that the level of assets transferred would include sufficient margins, so that
another entity would be willing to assume the risk of managing the business.
How do these concepts relate to the idea of a Market Value (or going concern) view of the firm?
One important conceptual development in moving some jurisdictions from a book basis to a
market value basis for required capital needs was described by Babbel and Merrill in a (March
2005) paper Real and Illusory Value Creation by Insurance Companies in the Journal of Risk
and Finance. The article was written to point out flaws in the historical use of more book value
based accounting methods. The article dissects the value of a firm by including that in the case of
bankruptcy, the owners can put their unfunded liabilities onto the policyholders or a
government/regulatory entity and thus may be blind to risks that pose a danger to the firm. This
was summarized in the following equation36.
What is Franchise Value?

Typically, required regulatory capital and financial disclosures are mandated through the
traditional foundation of required accounting and additional required disclosures (which may be
a mix of public and confidential information). But the observed market value of the firm is also
driven by the perceived qualitative processes used by the firm to manage its existing inforce
business and to write [profitable] new business. And this observed market value of the firm is
almost always different from the equity/market value reported on the balance sheet. The above
formulation suggests a helpful reconciliation for this discrepancy. It provides a more transparent
36
Value of Firm = (1) Value of Tangible/Financial Assets (2) Value of Liabilities + (3) Value of the Management
Put Option + (4) Management/Franchise Value (including frictional costs).
12 - 26
understanding of the components of capital37, because (1) traditional amortized cost methods of
accounting ignore the value of guarantees embedded in applicable contracts and (2) organizing it
in this manner illustrates how important it is to capture value-based aspects of the business.
Building on this framework, by definition, the market value of the stock (i.e., value of the firm)
less the value of quantitative reporting requirements (as shown above) represents the perceived
value of the companys management/franchise value. The components of this franchise value
incorporate the value of the companys culture and processes it uses to execute, refine and
manage its business strategy. Thus, in addition to the capital of a firm, the intellectual and
cultural capital of its employees, distribution channels, relationships, reputation and management
are important ingredients in assessing the franchise value of the firm. All are essential for the
long-run sustainability of an insurer. This franchise value is how the firm creates value through
its operations of:
1. Growth (new business)
2. Operating efficiency
3. Underwriting effectiveness
4. Capital efficiency (liquidity + required capital)
5. Financial market alpha.
It is commonly held that the share price times the number of shares gives the market
capitalization of a firm and represents the value of capital that could be raised by all shareholders
selling their shares in a deep and liquid market to new shareholders. In 2008, the stock price of
AIG was close to zero, reflecting that investors placed no value on the firm, and as a result were
not willing to contribute any additional capital. The equation shown here posits the Value of the
Firm (as reflected by the value of the market capitalization) as a function of the value of financial
assets and liabilities and the soft capital attributed to processes and franchise value.
While this chapter is focused on the measurement of capital, the above equation illustrates a
purpose and role of capital as it relates to the value of the firm. Although the levels of required
capital can serve as triggers for appropriate regulatory and management actions, the processes
(and regulatory oversight) used to manage the firm are a major driver of current and future
franchise value. They ensure that capital or access to capital will allow the company to sustain its
promises and existence. The quantitative reporting and disclosure typically required are
determined through counting, calculation and/or modeling. But, the qualitative measures
largely represent the realizable value of processes, relationships and reputation that are often
classified as accounting intangibles.
The point made is that both the market and the supervisor apply a qualitative assessment of the
firm to assess its resiliency and strength to continue as a going concern. To the extent that the
supervisor is focused on going versus gone concern basis, this is helpful to keep in mind.
37
It was also a major motivator in the last 20 years for moving away from traditional book based reporting for
insurance, which ignored the value of this put option.
12 - 27
The measurement of capital, as well as the companys tangible assets and liabilities, only reflects
the companys financial condition at a point in time. It is the value of the franchise processes that
will be used to manage future uncertainties not apparent today that will help ensure the future
sustainability of the company38.
While the quantitative metrics of Solvency II in Europe and similar efforts by Singapore,
Bermuda, Mexico, the IAIS and others have focused on the development of more refined market
metrics, the last fifteen years has also seen the development of ERM and model governance tools
to manage, preserve and enhance the qualitative or value creation processes of insurance. History
provides examples of firms that showed strong financial balance sheets, yet their franchise value
was found to be negative while other firms with less robust balance sheets had positive franchise
value that continued to enhance future balance sheets39. There were mutual companies in the
70s who did not understand their ALM risk due to a book based accounting framework while
AIG had poor risk oversight of an overseas subsidiary.
However, one of the fundamental reasons why insurers avoided the major financial hits of the
recent financial crisis is because this risk management aspect was embedded into the culture of
the regulatory and professional oversight recommended by the actuarial profession and the
actuaries that support the insurance sector to manage the business model of most insurers.40
One of the primary motivations and assumptions behind the drive to increase the transparency of
the market values of an insurers balance sheet over the last fifteen years has been the belief that
it will motivate management to enhance the franchise value of the firm by better disclosure and
consideration of the market risks of the firm.
What is the Value of Liabilities (With MOCE)?
There can be considerable uncertainty associated with the obligations involved in fulfilling
insurance contracts. Anyone that undertakes insurance obligations would expect to be
compensated for this responsibility, whether on an ongoing or a runoff basis. In addition,
because everyone is risk averse, this aversion should be recognized in market value estimates. As
38
As a further example and comparison, in a medical exam, taking measures of vital signs/indicators is important
in assessing the relative degree of stress or illness. However, a proper diagnosis needs to determine how to treat
the underlying processes needed for improved health.
39
Two empirical papers have demonstrated that careful management increases the value of the firm. K. Staking
and D. F. Babbel, The Relation between Capital Structure, Interest Rate Sensitivity, and Market Value in the
Property-Liability Insurance Industry. Journal of Risk and Insurance, December 1995.
K. Staking and D. F. Babbel, Insurer Surplus Duration and Market Value Revisited. Journal of Risk and Insurance,
March 1998.
40
This suggests that part of the perceived Franchise value is also impacted by macro factors beyond the firm
such as a strong professional and/or regulatory presence. In addition, traditionally, some economic theory would
argue that shareholders desire higher leverage and less capital. A shallow look at a life companys balance sheet
lends credence to this misperception as much of the risk margin is buried in the liabilities so it appears the firm is
highly leveraged compared to other financial firms. However, it has also been shown by Babbel, Merrill and Staking
that shareholders value this embedded value if the firm has a lot of franchise value which is captured by running
the firm in a safe manner.
12 - 28
a result, in assigning a value to liabilities, it is appropriate to reflect this uncertainty. In addition,
if risk & uncertainty is not recorded, the timing of recognition of income may be significantly
misleading. This last point has been the focus of the IASB work on this topic how and when to
recognize, via a risk margin, into income the amount earned for that period by accepting the
uncertainty of the risk? Without a risk margin income will be prematurely recognized in the
income statement. It is inappropriate to measure a liability for insurance contracts at the level of
the present value of their expected cash flows, for the cost of bearing risk and uncertainty is
always in excess of their expected value41.
However, no single method can meet the needs of all stakeholder objectives. It is therefore to be
expected that a MOCE designed to reflect the economic value of risk and uncertainty in solvency
calculations would not usually be identical to the risk margin used for profit reporting.
Indeed, since there is no unique best MOCE method, it will be necessary to have the MOCE
method correspond to the perspective and objectives of the user, as applicable. For example:
1. For claim liabilities, methods might be focused on a level of policyholder protection or
exit value deemed most consistent with the runoff of these claims, as they cannot be
assumed by a third party.
2. In contrast, in a going concern with long-duration contracts, a cost of conducting
ongoing business (e.g., using regulatory required capital if a regulatory viewpoint is
taken or economic capital if a market value is applied) may be appropriate.
3. In any case, a confidence interval technique would most likely not be appropriate for
coverage with an asymmetric probability distribution. In addition, each of these can be
applied in different manners, e.g., the cost of capital method can use regulatory
required capital or economic capital; the quantile method can use a confidence interval
or conditional tail expectation (CTE) technique.
Thus, the application of a MOCE for solvency purposes has a different objective than to reflect
an income release mechanism and will be addressed in a separate IAA project, intended to
supplement its work on risk margins for income statement purposes.
41
Taking an alternative view, the latest FASB proposal for long-duration contracts does not desire an economic
value, but desires a useful and reliable value for the users of the financial information. If a component of an
economic value is not reliably estimable (as they define that term) they would say that the estimate should be
made by the user of the information and not the presenter of the information.
12 - 29
APPENDIX 3
Capital issues for Certain Life (Long-Duration) Business
Contributed by Stuart Wason, and David Sandberg
1. Participating (with dividends) Products

There are several complex issues associated with assessing required capital for participating
individual life insurance business as sold in North America and other jurisdictions (hereafter
called par business for simplicity). There are other types of par business such as par individual
and group annuities. However, their capital related issues (unless related to higher guarantees)
are of less importance and will not be further considered here. To the extent that products have
some form/blend of guarantees and risk sharing then these comments would apply to them as
well.42
Par insurance usually requires the insured to pay higher premiums than a similarly designed non-
par product in exchange for a combination of policyholder and/or terminal dividends, voting
rights in the operations of the par fund and possibly ownership rights if the company is organized
as a mutual insurer. Some insurers choose to design and sell par products with higher premiums
and hence higher dividends than other insurers par products.
Par business has historically been an important individual life insurance product, especially for
mutual insurers. It remains a key product for some insurers, whether mutual or stock. Some
insurers have a significant amount of par liabilities on their books. Note that North American life
insurers also sell other types of long-term life insurance products which include various
adjustable features (e.g., non-guaranteed elements), but which are not sold as being par (e.g.,
non-par universal life insurance). The capital considerations associated with these non-par
adjustable products are discussed later.
Dividends (known as bonuses in many jurisdictions) are typically paid or accrued annually on
par policies and represent, in theory, a return to policyholders of the gains due to actual
experience of those policies in their dividend class, over the conservatism inherent in their
guaranteed premiums. The manner of allocating dividends uses well known actuarial concepts
such as asset shares and contribution principles.
Dividends frequently have more than one component in their determination, the largest of which
can often be the excess interest component (the excess of the asset earned rate over the cash
surrender value (CSV) interest rate multiplied by the CSV). Other components relate to mortality
and expense savings, or other miscellaneous sources.
There are unique challenges in the setting of capital requirements posed by par products, which
typically feature the presence of dividends (or the equivalent) paid to policyholders. Par business
42
For example, par business which includes a specific reference to participation (i.e., x% of something). Here, the
prior references to a dividend would not apply, but they share some common risk characteristics.
12 - 30
has a much greater ability to manage shocks and adverse experience than non-par business, due
to the ability to modify these dividends. As a result, capital requirements for par business should
be (and usually are) lower than a similarly designed non-par fully guaranteed product.
The supervisory requirements regarding the separation of par business (i.e., assets, liabilities,
revenue and expenditures) from other insurance operations varies by jurisdiction, but the
following are common in North America:
1. The accounting for par business tends to be included in the general account of the
insurer (i.e., not subject to separate account or segregated fund accounting, except to
the extent that the policyholder directs that dividends are to be invested in such
accounts at their discretion). This contrasts with the practice in other parts of the world
where explicit allocation of assets are made for this business.
2. Par surplus (not permissible for demutualized closed blocks) supports the objectives of
the par block such as policyholder reasonable expectations, but is also available in
the event of insurer insolvency. Consequently, capital metrics (e.g., RBC ratios)
include both par and non-par operations.
I. Issues in setting par capital requirements
One approach to setting capital requirements for par business is to 1) set the requirements as if
the business was non-par and non-adjustable and 2) apply a credit to the non-par requirement
based on the adjustability inherent in the dividends (i.e., in simple terms, the present value of
future dividends).
For additional context, this appendix assumes that the policy liability for par business is
determined using a cash flow valuation method (i.e., premiums, cash surrender benefits, death
benefits, maintenance expenses and dividends) with assumptions which are current estimates and
include limited margins for adverse deviation.
The two most difficult issues which serve to complicate this (presumed to be) straightforward 2-
step process are:
1. Investment return congruence; and
2. Real adjustability in dividends
Before describing these issues in more depth, it is important to clarify that it is important
1. to keep clear and separate the issues relating to the fair treatment of par policyholders
and capital metrics; and
2. to understand how par policies are treated in insolvency in each jurisdiction and the
impact that those differences may have on the capital framework.
A. Investment return congruence
As previously mentioned and in most cases, a large (if not) majority portion of the annual
dividends result from investment returns in the underlying asset portfolio which are, for
12 - 31
examples, in excess of the rate of interest anticipated in the premium basis in the U.K. or the
contracts cash surrender guarantees or statutory reserve in the US. Typically, the scale of
dividends is reviewed on an annual basis as a result of emerging experience (including
investment returns). If investment returns weaken, it would be expected that the dividend scale
would be correspondingly reduced to offset such reduced returns.
Therefore, a valuation of par business (or as part of the 2-step capital calculation previously
mentioned) which uses the current dividend scale as an input (i.e., as a series of cash flows to be
paid out), must similarly use a discount rate assumption consistent with that scale. The use of a
discount rate assumption inconsistent with the expected investment return underlying the
dividend scale used in the valuation misrepresents the adjustable nature of the product. Of
course, a par product for which the insurer has no intention of adjusting the dividends based on
emerging experience should be valued as if it were a non-par (non-adjustable) product.
Another way in which dividend/investment congruence can be maintained and useful valuation
results achieved, is through a valuation process that tests the impact of various future interest rate
scenarios (either deterministic or stochastic) along with a series of dividends which vary
depending on the scenario. This valuation method requires that dividends are not input into the
valuation as constants, but as variables calculated by formula which take into account changing
investment returns. Such a multi-scenario par valuation provides much more useful information
to the valuation actuary regarding the impact of varying scenarios on the par business. In setting
the capital requirement for par, the supervisor may ask the insurer to use the most adverse
scenario or meet some defined degree of severity.
B. Real adjustability in dividends
In theory, the full amount of future dividends is available to absorb adverse experience. In
practice, however, the adjustability of future dividends may be more limited, as one or more of
the following situations may occur or apply:
1. Through past practice the insurer has not varied the dividends with emerging experience
this sets the policyholder reasonable expectation that this practice will continue in the
future;
2. The change in emerging experience (say, investment return) is much larger than the
dividend formula can absorb; dividends cannot fall below zero;
3. The insurer is subject to competitive pressures such that it is unwilling to pass along the
full extent of adverse experience through dividend reductions43; or
4. The insurer is slow to react to emerging experience by means of changes to the dividends.
In recognition of the preceding practical issues, supervisors may therefore wish to set an upper
limit on the level of liability or capital credit (say x% of the present value of dividends) to ensure
that there is some prudent, but practical floor being established for reserves and/or capital.
43
This situation may not exist if the adverse experience is brought by the movement of the market as a whole.
12 - 32
II. Par Products Conclusion
These issues (investment return congruence and real adjustability in the dividends) are important
for (and make more complex) the setting of capital requirements for par business because,
1. Modern capital requirements usually begin with a realistic valuation of the insurance
obligations as their foundation. Without proper consideration in the valuation of the
congruence and adjustability issues, the determination of capital requirements for par
will not be realistic
2. Appropriate capital requirements for par business should be no higher than those for
comparable non-par products. In many cases the requirements can be considerably
lower however the amount of credit given must recognize the real adjustability of the
dividends, but no more.
2. Non-participating individual insurance products which include

non-guaranteed values
There are also significant capital issues associated with non-participating individual insurance
business with non-guaranteed values sold in North America (hereafter called adjustable non-
par business for simplicity). One of the most recognizable life insurance products in this
category is Universal Life. Many deferred annuity products also feature significant adjustable
features.
Similar to participating products with dividends, adjustable non-par products contain features
which enable the emerging experience from one or more pricing elements to be shared with the
insurance consumer. Consequently, adjustable non-par products also require less required capital
than a similar non-par fully guaranteed product. Similar to par, capital requirements should
provide a credit for the adjustability inherent in the product design. Unlike par, adjustable non-
par products are not sold as being par and they do not include policyholder dividends.
Adjustable non-par products typically offer weaker guarantees in order to allow modestly greater
risk taking by the insurer (and shared with the policyholder), for example, through greater credit
risk (via corporate bonds) or equity risk (via equity indexed options). This allows the company
and the policyholder to share in a credit and equity risk premium44. If this premium is accepted
as a reality, then in the long-run, weaker guarantees will allow a higher long-term return than an
initial, stronger lifetime guaranteed rate, while also requiring less capital than a fully guaranteed
product. So, while their initial design is different from a par product, they both reduce the risk
compared to similar products with either stronger guarantees or lower required premiums and
will likely provide higher values to the policyholder.
44
. In addition, if there are product designs such as surrender charges, then while the charges are in effect, there is
a liquidity risk premium that can also be captured. But this extra yield is there whether there are guaranteed or
non-guaranteed values.
12 - 33
For adjustable non-par products there is an important choice that needs to be linked to the
purpose of the valuation. The requirements could be set to value:
1. The guaranteed values only and discount them using risk free rates with only a
liquidity spread adjustment, or
2. The expected payments discounted based on expected portfolio yields (less a prudent
default cost/charge) and crediting methods. This is sometimes referred to and valued
by using a real world set of stochastically generated future scenarios.
Valuation basis 1) reveals the cost to fully hedge the guaranteed payments with risk free assets
available at the time of the valuation. Valuation basis 2) assesses the cost of funding the expected
series of payments that are likely to be paid based on the current portfolio of assets.
3. Implications for Both Product Types

Trust by policyholders in the company to manage these discretionary elements in a long-term fair
and balanced manner is essential for the company to sustain new sales. Future sales and the field
force will be significantly compromised if the products are either irresponsibly priced and/or
unable to be managed in a credible and sustainable manner.
Valuing guaranteed benefits at relatively risk-free discount rates is what a supervisor would need
to provide for the promises in a runoff situation. Valuing the expected benefits based on current
yield rates less expected default rates results in the amount of assets needed to maintain the
inforce business on a going concern basis.
12 - 34
APPENDIX 4
Comparability of Property & Casualty (Short-Duration Contract) Capital
Contributed by Ralph Blanchard
This appendix covers the comparability considerations for premium, catastrophe and claim
Liability estimation risks.
A. Premium risk (underwriting/pricing/event)
This risk exists for all lines, so a charge for this risk is always appropriate to apply. It represents
the risk from unfavourable results arising from future years earned premium. Typically, only one
years future earned premium is considered in regulatory capital requirements.
Many capital approaches use the most recent years net written premium (NWP) as the exposure
base for this risk, with factors or model-calculated charges applied to determine the capital need
for this risk45.
These risks can vary dramatically from one jurisdiction to another and even from one insurer to
another and from one product to another within the same line/jurisdiction.
1. Jurisdiction Examples. One of the biggest P&C lines in nearly all jurisdictions is
auto/motor insurance, particularly the liability component of that coverage. There are
no policy limits for U.K. motor policies. In contrast, all U.S. auto policies have
coverage limits, typically $500,000 or less. Hence, a catastrophic at-fault injury that
would result in an insured liability greater than a million Pounds Sterling in the U.K.,
payable over a lifetime, would typically results in a relatively quick payment of the
full policy limit in the U.S. This implies materially different risk from what at first
appears to be the same product but written in different jurisdictions. As another
example, flood is a covered peril for the typical residential property policy in some
jurisdictions, but is an excluded peril in other jurisdictions. Hence premium risk
measurement may need to reflect material flood risk in some jurisdictions, but should
not reflect flood risk in other jurisdictions. Hence the risk factors applying to
premiums for similar sounding products in different jurisdictions should vary
materially if they are to produce comparable capital requirements.
2. Insurer-by Insurer Differences. Actual experience for a given product line in a given
jurisdiction can vary materially from one insurer to another. Those charged with
45
There are implicitly (at least) three components to this risk category pricing risk, underwriting risk and event
risk. Pricing risk represents the risk from misestimating the future expected loss costs that will result, given certain
characteristics of an insured. Underwriting risk results from misapplying the pricing plan or underwriting a
different mix of business than that assumed in the pricing. Event risk comes from natural volatility in events from
one year to another (e.g., weather volatility) - even if the underwriting matched the pricing assumptions and the
pricing assumptions were accurate, natural volatility in events from one year to another could result in unfavorable
experience in a future year.
12 - 35
evaluating solvency or financial strength for P&C insurers generally incorporate the
insurers actual experience relative to the industry in their analysis. Publicly available
data in several jurisdictions make this possible, although it may not be available in all
jurisdictions. (These differences can be observed from public disclosures available in
at least one jurisdiction. Some insurers have a history of re-estimations that typically
result in reductions in past estimates, while others have a history of increasing past
estimates, even for the same lines of business in the same jurisdiction(s). Similarly,
some have a history of continued profitability for certain lines in a certain jurisdiction,
while some of their competitors have a history of questionable profitability or
unprofitability for the same lines in the same jurisdictions.)
3. Product Line Differences. While premium is a reasonably useful exposure and
practical basis for determining the amount of required capital for most lines, special
problems can occur for high level excess products that may be reported in the same
line as lower risk first-dollar products. Similarly, some products within a certain line
may be dominated by very low frequency and high severity (such as earthquake
insurance within the commercial property line), in contrast to other products in that
line that are high frequency/low severity (such as insurance on properties with theft
and tree damage as the major hazards). If premium is used as the exposure basis for
required capital for these products, then to the extent possible it would be helpful to
separate high-risk products from others in the product line segmentation used. (This is
just one example of product difference within a line resulting in very different
underlying risks relative to premium volume.)
In summary, jurisdictional differences in the insurance risks for various products and differences
in experience across insurers writing the same products in the same jurisdiction (or similar
sounding products in the same jurisdiction) should be reflected in risk factors or model
assumptions in order to produce comparable premium risk capital requirements. These
factors/assumptions may vary considerably between insurers, products, and jurisdictions46.
B. Catastrophe risk (property insurance)
The risk from catastrophes (cats) is a material portion of many P&C insurers risk profile,
depending on the products they write and the jurisdictions where they write them. As these
events are relatively rare, measurement of their risks are not amenable to historic data capture.
The only feasible way of measuring those risks are via models (Chapter 5 Catastrophe Models
contains a fuller treatment of this topic).
Rating agencies have had the most experience in evaluating these risks for P&C insurers, with
many years experience in data capture and comparative evaluation for this industry. The format
of their rating questionnaires identifies many of the key issues related to obtaining relevant data
46
Local capital requirements may provide insights on how this might be accomplished.
12 - 36
for this risk exposure47. However, even with these questionnaires, there are still many potential
sources of non-comparability in the reported exposures (which typically take the form of the
amount of loss for a given return period, such as 1-in-100 years). These include:48
1. The particular vendor model used (most insurers use one of the limited number of
well-known third-party vendor Cat models, such as RMS and AIR).
2. The various switches turned on or off in those model runs (e.g., fire following for
earthquakes, and storm surges for hurricanes). The use of different switch settings by
different insurers may be entirely justified, as different settings may reflect different
product characteristics by insurer.
3. Data quality. The models can produce different results for different levels of
granularity in input (e.g., GPS coded vs. mail code precision vs. town/city/county
coding).
4. Data & Stress Testing Implications. When capturing data on these exposures, it is
generally helpful to frame the data request based on existing model functionality. Data
collection can be problematic if the catastrophe scenario specifications dont match
existing model functionality. The resulting data submissions will likely contain
guestimates as to what the models would produce if they were able to handle the
request, with higher risks of non-comparability. For example, when asking for the
impact of a certain size bomb for terrorism insurance, the scenario should match those
already run for other purposes.
5. Reflection of residual market pooling mechanisms (such as windstorm pools or other
mechanisms to address the lack of available or affordable insurance in high-risk
areas). In some jurisdictions, this risk pooling is in the form of mandatory assumed
reinsurance of a share of the high-risk pool (which may be written at a rate insufficient
to cover the risk over time). In other jurisdictions, this is handled via a tax or other
surcharge/assessment to bail out the high-risk pool when the pool has a deficit in the
pooled high-risk account.
6. Customization of the third-party vendor models. Some insurers perform this
customization due to observed or perceived biases in certain vendor models output
based on past experience, or that reflect ceded reinsurance programs that are more
complicated or nuanced than the vendor model can handle.
47
This does not necessarily imply that all rating agencies are experts in this area, but their questionnaires would be
a good indication of the capabilities of existing cat models.
48
The order of significance of the items listed below can vary dramatically based on the particular facts and
circumstances. For hurricane risk for inland areas, there may be material variation by model vendor, but the
variation for a coastline state may be minimal. Similarly, in markets where residual markets cover most of the high-
risk cat properties the treatment of those residual market impacts might be a huge issue, but it may be largely
immaterial where such residual markets are not big.
12 - 37
7. Treatment of non-modeled losses. Although existing cat models generally model those
items that are most amenable to modeling given the data captured, they do not model
all potential exposures to loss. Non-modeled exposures can include small buildings
(e.g., supply sheds) that may also be covered. This can be significant for those who
specialize in insuring risks with such out-buildings and other non-modeled items, or a
small issue if the covered book rarely has these.
8. Estimation of occurrence probabilities vs. annual aggregate probabilities, also known
as OEP (Occurrence Exceedance Probability Curve) vs. AEP (Aggregate Exceedance
Probability Curve). AEP deals with the annual aggregate losses from cats during the
year, allowing for multiple events in the same year, with a 1-in-100 AEP signifying
the 99% VAR level of cat losses during a year for the hazard/peril measured.
9. The types of perils measured. Modeling of hurricane and earthquake perils is common.
Many insurers also model terrorism peril. Other perils may also be modeled (such as a
result of winter storms, floods, non-tropical windstorms and fires), but, in general,
those models have not been tested for as long and hence their tail estimates may not be
as reliable49. Most of these other perils are also more of an annual earnings variability
issue than a solvency issue. Flood risks may be an exception in some jurisdictions,
although the coverage of this hazard can vary drastically by jurisdiction it is
commonly excluded from most U.S. property policies. The problems with obtaining
reliable tail estimates for these other perils will vary in significance from one insurer
to another. For example, problems with the reliability of hail models may be a material
issue for an insurer concentrated in areas where hail hazard is high, but may be
immaterial for insurers not writing in such areas.
10. The ability to model the catastrophe hazard for pricing does not necessarily mean there
is also an ability to reliably model the hazard for solvency purposes, for pricing usage
may focus on estimating the average annual losses, not the size of rare tail event
losses. In contrast, solvency usage focuses on modeling these rare tail events. By
definition, it takes a long experience period to obtain a certain number of observations
of rare tail events, and these observations are critical to model validation and re-
parameterization of the model. Models of the rarest events tend to be the least
validated.
49
When the first hurricane (and earthquake) models were produced, the tail estimates for a given event in a given
location from one vendors model tended to materially differ from that produced by another vendors model. This
was partially due to differing approaches used in estimating the potential losses, and partially due to different
assumptions used in the modeling for the same phenomena. Each event after the models were created allowed
each vendor to update, enhance and re-parameterize their models. Hurricane and earthquake models from
different vendors now generally produce comparable estimates for a given tail event in a given location, although
differences remain in estimates from one vendor model to another. Hence models for those perils are now
considered to be somewhat mature. In contrast, models for other perils (as of mid-2017) have yet to experience
the same convergence across vendors and have yet to go through the learnings experience and re-
parameterization arising from new events (when modeled results can be tested against actual claims experience).
12 - 38
11. Whether mandatory reinstatement premiums are reflected. Where reinstatement of the
catastrophe reinsurance limits after a covered event is part of the contract and requires
the payment of additional premium to reinstate such limits, payment of that premium
is generally mandatory and not an option.
Solutions. The NAIC (U.S.) has addressed some of the above issues by restricting the allowable
models to the most commonly used ones in the market, but with the switches set at the same
values as used for internal risk management (which assumes that internal risk management
would use the best match of the switch settings to the insurers actual products and exposures).
Usually, the more infrequent the return period under consideration, the less reliable is the
estimate. In other words, estimates for values at the extreme tail are less reliable, and the farther
out on the tail the less reliable the estimate. Values for 1-in-50, 1-in-100 and 1-in-200 or 250 are
frequently discussed. Values much farther on the tail become increasingly speculative, although
even the values mentioned earlier are largely guestimates and can contain significant
uncertainty.50
In summary:
1. The focus should be on perils that create solvency risk, not earnings risk.
2. Annual aggregate risk is also more relevant than single event occurrence risk, but on
an all-major-perils combined basis rather than on a peril-by-peril basis.
3. There is no realistic alternative to the use of cat models, but there needs to be a general
understanding that this is not a precise exercise.
4. The return periods chosen for a capital standard should not be too far out on the tail,
reflecting the greater uncertainty the farther out on the tail one goes. 1-in-1,000 values
are purely speculative. Values ranging from 1-in-50 to 1-in-250 might serve as a
reasonable range for the selection of the desired return period, with the shorter return
periods more advisable the greater the concern with model accuracy.
5. Concerns with model uncertainty can be alleviated somewhat by relying on models
that have been vetted (either through their common use in the industry as in the case
of third party vendor models, or through their evaluation by an outside party with
sufficient expertise to test the model for the given hazard and geographic area).
6. The use of various model switches can be tied to what is done for internal risk
management purposes. To the extent periodic testing of this and an insurers internal
risk management is conducted, it may be deemed to be a sufficiently reliable
50
These return period values are generally measured on a VaR basis using what are termed loss exceedance
curves. Loss exceedance curves are generated by running the cat models for multiple scenarios in a stochastic
manner, then sorting the resulting values by size. If 10,000 scenarios were run, then the 1-in-50 value would be the
200th value when the results are sorted from largest to smallest. Values could be calculated on a TVaR basis,
although such values would then be relying on the estimates for the tail values that are less reliable.
12 - 39
approach. Annual ORSAs, supervisory colleges and periodic financial exams can be
utilized for this work.
C. Claim liability estimation risk
As in premium risk, all lines need to have risk charges applied for this risk. Estimates are
established for unpaid claim liabilities for events that have already happened. Depending on the
product line and jurisdiction, these can be subject to significant uncertainty in both amount and
timing, with potentially lifetime payment patterns. Other claim liabilities can be subject to very
little uncertainty with very fast payment, depending on the product line and jurisdiction. The
same issues regarding jurisdiction variability and insurer-by-insurer differences in the premium
discussion above also apply here. In addition, just because a product line has a high premium risk
in a given jurisdiction for a given insurer doesnt mean that it will present a high claim liability
estimation risk, and vice versa. In short, jurisdictional and insurer differences from industry
averages are important to reflect to obtain comparable risk measures.
Some claim liabilities are subject to inflation risk, but not all. Whether inflation is a risk to the
claim liability estimate depends on whether the liability is for past or current/future economic
costs51. An additional consideration regarding inflation risk is the currency applicable to the
policy coverage. Insurance coverage may not be expressed in terms of the local currency,
especially if that country is in a hyper-inflation environment. In those cases, the insurance
coverage may be expressed in terms of a non-local currency with lower inflation risk.
Some third-party lines also have exposure to mass torts or phenomena that impact multiple
policies at the same time. Whether this is a risk worth measuring may depend on the jurisdiction
and market reactions52.
In summary:
1. Conclusions are similar to those of premium risk (item I.A above) for the
jurisdictional and insurer-by-insurer variability issues.
51
Third party liability lines with low policy limits generally have less exposure to future inflation, as injured parties
typically do not wait for a court or legal process to repair damaged property or seek medical treatment. Hence
payments made several years after the claim event for such policies may be largely for past economic costs (plus
potential pain and suffering awards). In contrast, liability lines with high limits or unlimited benefits (e.g., U.K.
period payment obligations or U.S. workers compensation lifetime medical claims) are subject to current and
future inflation, as many payments are made contemporaneously with the purchase of medical services. While
claim liabilities for these lines may include an inflation assumption, it may not be possible or feasible to isolate the
inflation component entirely in estimates of future estimation risk. Hence it may be more of a consideration in
stress testing than in capital standards.
52
For example, certain U.S. mass torts caused policies from multiple years for a given insured to be triggered by
the same claim or event. The market reacted by moving insureds and products with the most obvious mass tort
risk to claims made policy forms, essentially limiting future mass tort risk. Similarly, the risk of multiple insureds
being exposed to losses from the same event is typically addressed by means of underwriting guidelines (as well as
certain reinsurance policies designed to cover such a risk). Thus, as for operational failures, once the risk has
occurred it typically leads to important structural/process change which means there is less risk going forward
than was there historically.
12 - 40
2. Inflation does not apply to all lines and to all jurisdictions (due to contract
differences); hence it may be more of a consideration in stress testing than in capital
standards.
3. Regarding mass tort-type risks, estimation of the risk for future mass torts is highly
speculative. Past mass torts have generally led to changes in coverage terms and
underwriting so as to prevent a reoccurrence of similar mass torts, making history
from past mass torts of questionable relevance for the future. As such, this risk may be
better addressed through stress testing. The speculative nature may be mitigated by
focusing on potential variability to the estimate for currently known mass torts, rather
than the risk of future mass torts53. In addition, these risks can vary significantly by
country.
53
The risk for future mass torts has also been reduced to some extent by the internet. The rationale for this
statement is as follows:
The largest mass tort to-date has generally been asbestos. This is partially due to the lag in the general public
becoming aware of the risks of asbestos. Asbestos had been in widespread usage for decades before the dangers
were widely known, allowing the list of potential defendants and claimants to become very large. If instead the
danger had become known or suspected a few years after the product started being used, the list of potential
defendants and claimants would be far smaller. Hence the faster a potential danger is publicized the smaller the
potential ultimate claim activity. The internet and the rush to file lawsuits by attorneys in certain jurisdictions leads
to faster dissemination of information on a products potential risks and hence to lower mass tort risk.
12 - 41
Appendix 5
Solvency II & U.S. Classifications of Capital
Contributed by Dave Sandberg & Ralph Blanchard
1. Solvency II
This is an example of tiered capital requirements, largely consistent with banking definitions
under Basel III. Instruments allowed to meet the Solvency II capital requirement are divided into
three 'tiers' based on both 'permanence' and 'loss absorbency'. The permanence must be defined
in the contractual terms of the instrument that may have been used to generate the insurance
working capital. The rules impose limits on the amount of each tier that can be held to cover
capital requirements with the aim of ensuring that the items will be available if needed to absorb
any losses that might arise. This means that they need to be sufficient in amount, quality and
liquidity to be available when the liabilities they are to cover arise.
Eligible items under Solvency II must be loss absorbing on both an ongoing and a winding up
basis - it is also a requirement that such instruments should not include terms which could cause
or accelerate the insurer's insolvency. There are also limits on the amount of Tier 1, Tier 2 and
Tier 3 internal funds that can be used to cover the firms solvency capital requirements, the SCR.
Tier 1 is the highest quality and is also divided into 'restricted' and 'unrestricted' Tier 1. Tier 1
includes ordinary share capital and retained earnings, non-cumulative preference shares and
relevant subordinated liabilities. Preference shares and subordinated debt will be subject to a
'loss absorption' requirement which could involve writing off all amounts owed by the insurer. At
least 80 per cent of total Tier 1 funds have to be unrestricted Tier 1 own funds, which are made
up of ordinary shares (i.e., those with full subordination) plus share premium and the equivalent
paid up members contributions for mutuals. Unrestricted Tier 1 items include paid in
subordinated preference shares/members contribution and paid in subordinated liabilities.
Tier 2 includes cumulative preference shares, and subordinated liabilities with a shorter-duration.
Unlike Tier 1 instruments, the principal need not be written down or converted following a
serious breach of the Solvency Capital Requirement. Tier 2 may therefore also include shares or
long-term debts which do not comply with the Tier 1 requirements.
Tier 3 is intended to catch eligible items which do not satisfy the Tier 1 or Tier 2 requirements.
2. U.S. Capital
There is no tiering of capital for U.S. solvency purposes. The closest analogous situation is the
limit placed on the amount of a particular asset that can be recognized based on the impact on
statutory surplus or capital. For example, recognized goodwill arising from an acquisition is
capped for statutory accounting purposes at 10% of the amount of statutory surplus adjusted to
exclude goodwill, computer equipment, software and net deferred tax assets.
12 - 42
Regarding debt instruments issued by an insurance company, U.S. statutory accounting would
generally not recognize those as capital unless debt holders interests are subordinated to
policyholders, claimants and all other classes of creditors, and payment of the debt interest and
principal requires the domiciliary supervisors prior approval. Debt instruments that meet those
criteria are called surplus notes.
Debt issued by a non-insurance parent company that is then contributed to a U.S. insurer is not
an obligation of the insurer, and laws prevent the U.S. subsidiary insurer from being forced to
pay the parent companys debt. Hence such contributed cash would also become capital for the
insurance subsidiary. This limitation on the priority of the debt is not written into the terms of the
debt contract, but is written into the statutory legal requirements of the regulatory framework.
Issues Surrounding Classification of Capital
Whether U.S. subordinated debt should be recognized as Tier 1 capital was being vigorously
discussed at the IAIS in 2017. A summary of views of IAIS member supervisors was shared
early in 2017 by the IAIS54. They demonstrate how important it is to consider the implications of
each jurisdictions legal, regulatory and business model. While many jurisdictions have the same
supervisor overseeing banks and insurers, regulation at a holding company level for banks whose
major risk is liquidity also needs to address the needs of a business typically regulated at a legal
entity level with very different, longer-term risk exposures and where laws and taxation will vary
by country.
54
Slides 5-9 from the following presentation on Capital Resources found at
https://www.iaisweb.org/page/events/stakeholder-meetings//file/64275/agenda-item-2a-capital-resources-
slides-for-la-jolla-stakeholder-meeting
12 - 43
IAA Risk Book
Chapter 13 - Asset Liability Management
Techniques and Practices for Insurance Companies
Charles Gilbert
This chapter provides the reader with practical insights into ALM techniques and practices for
insurance companies. Key messages include:
1. Insurance companies face various financial risks associated with assets backing
liability cash flows. How these risks are managed vary by company and jurisdiction
and are largely influenced by the regulatory environment.
2. Asset liability management (ALM) is a fundamental element of life insurer strategy
and operations. It is also important to the operations of other types of insurers. The
importance of ALM to insurers results from insurance being primarily a liability
driven business with assets purchased to match1, in a risk efficient manner, the
estimated insurance obligation cash flows, which may be uncertain for various reasons
such as policyholder options.
3. Life insurance companies with long liability durations can be exposed to significant
interest rate risk exposure. Inadequate ALM, ignoring the economic risk exposure
and/or using only simple risk metrics such as duration has resulted in, and will
continue to result in, insolvencies. For life insurance companies with long liability
durations, it is important to understand the multiple dimensions of the interest rate risk
exposure. P&C insurance companies with short liability durations have less exposure
to interest rate risk and the focus is more on managing liquidity. P&C insurance
companies with long-tailed liabilities can be exposed in a similar way to life
companies.
4. One of the greatest challenges facing life insurance companies selling long duration
contracts, and non-life companies with long-tailed liabilities, has been the prolonged
1
Note that it may not be necessary or even possible as in the case of uncertain liability cash flows to exactly match the
asset and liability cash flows. ALM strategies oftentimes seek to match the sensitivity of the value of the assets to the value
of the liabilities to changes in a given financial variable such as interest rates based on expected liability cash flows. It
should be noted that on most long-tailed liabilities insurers can only match the expected cash flows. If and when the
expectations change so the expected cash flows change this will result in the assets not being as well-matched as they were
previously.
on 24 October 2016
extreme low interest rate environment2. Traditional guaranteed products with long
durations have been difficult to immunize with available fixed income assets.
5. Many insurance company portfolios are suboptimal. There is an opportunity for
insurance companies to improve the risk efficiency of their portfolios; in some cases,
simultaneously increasing portfolio yield, increasing net income and adding positive
convexity3 to the portfolio while decreasing risk. Asset management approaches that
manage assets separately against a benchmark rather than directly against the
liabilities, or ignore the impact on capital requirements if they are risk-sensitive, do
not support effective ALM.
6. Effective governance is a key part of ALM, one of the most vital functions related to
many insurers long term financial health. Effective governance provides a clear
objective for the ALM function and ensures there is a framework in place for making
decisions, the organizational structure supports effective ALM, there is accountability
in respect of taking market views and that senior management and/or the board are
aware of and fully understand the risk exposures and uncertainties, associated with the
assets and liabilities.
7. ALM requires a variety of expertise and should be performed by professionals
knowledgeable in the characteristics of both the assets and liabilities. Based on their
expertise and knowledge of both, actuaries play key roles in ALM.
2. Introduction4
The aim of this chapter is provide the reader with practical insights into ALM techniques and
practices for insurance companies. One of the first things a decision maker or risk professional
comes to appreciate when first encountering ALM is that practices vary widely by company, by
industry and by jurisdiction and that textbook theory does not provide the answers to many of the
questions facing insurance companies implementing ALM.
Company culture, the nature of the liabilities as well as the regulatory and accounting regime all
influence how the financial risks associated with the assets and liabilities are measured and
managed. An important distinction must be made between ALM for property and casualty
(P&C ) and life insurance companies. For life insurers with longer duration liabilities, while
the scope of ALM includes all financial risks associated with the assets and liabilities, interest
rate risk is often the focus of ALM. This has been mostly due to the fact that life insurer
2
The low interest rate environment is not as material a challenge for property/casualty insurers as witnessed by their
continued profitability and satisfactory returns on equity. This is because their business model is not dependent on
investment income if investment return expectations are low then the price goes up accordingly. The low interest rate
environment is only a risk to the extent that liabilities have longer tails than the available asset durations.
3
See Appendix A for a definition of convexity and other technical terms.
4
Definitions of various technical terms are provided in Appendix A.
an email directly to riskbookcomments@actuaries.org
13-2
portfolios are often heavily weighted with fixed income securities because of the greater
certainty in the asset cash flows.
P&C insurance companies, which generally have shorter term liabilities, have less exposure to
interest rate risk and more exposure to catastrophes, mis-pricing and mis-estimating claim
liabilities. For P&C insurers, ALM has historically tended to be very focused on maintaining a
certain level of liquidity, given the uncertainty of the cash outflows (as to both amount and
timing). With more long tail liabilities in jurisdictions such as the UK5 and the advent of
discounted liabilities and risk based capital requirements, ALM with a focus on interest rates is
becoming more important in those jurisdictions.
I. Definition of ALM
The Society of Actuaries ALM Principles Task Force provided the following definition for
ALM.
Asset Liability Management is the ongoing process of formulating, implementing,
monitoring, and revising strategies related to assets and liabilities to achieve financial
objectives, for a given set of risk tolerances and constraints6.
While managing the risks associated with the assets and liabilities remains a key focus of ALM,
the task force recognized that ALM had a more strategic role to achieve the financial objectives
of an entity. This is in contrast to the view of ALM as solely a compliance exercise where the
only goal is risk mitigation.
II. Relative Risk
The risk exposure of an insurer is a function of the assets and the liabilities. ALM is less
concerned with absolute risk than relative risk. Consider a highly volatile asset portfolio whose
market value is subject to large swings. On a standalone basis, this portfolio may have a high
absolute risk. However, if this portfolio is backing liabilities whose value changes by the same
amount for a given change in a financial variable, then the relative risk associated with the assets
and liabilities is what matters. This is the reason why an asset-only asset management
approach for insurance portfolios is inappropriate. It is better to have a portfolio with a lower or
even negative return on assets than a portfolio with a higher return on assets if in the former case
the liabilities and possibly the capital requirements increased by less and in the latter case the
liabilities and capital requirements increased by more.
One ALM strategy, which can be executed on many different bases, is immunization. The
concept of immunization is to rebalance the asset portfolio as necessary so that the change in the
value of the assets on some basis (economic, market value or book value) will be equal to the
change in the liabilities within some tolerance level. Immunization is only possible for those
5
UK motor insurance exposes P&C insurers to the risk of Periodic Payment Orders lifetime benefits for those permanently
disabled as the result of an automobile accident.
https://www.actuaries.org.uk/documents/periodic-payment-orders-revisited-paper
6
Principles Underlying Asset Liability Management 2004 Society of Actuaries. All rights reserved.
13-3
liabilities that are predictable and largely impacted only by the same financial variables that
impact the assets.
III. Key Elements of ALM: Measurement and Management of Risk
Two key elements of ALM include: 1) measurement of the risk exposure and 2) management of
the risk exposure.
Measurement of the risk exposure can be done in a number of ways:
1. Calculating the sensitivity of the assets and liabilities7 to changes in financial
variables. This can be done using traditional ALM metrics such as duration and
convexity, the greeks8 or scenario testing.
2. Calculating the risk distribution of the assets and liabilities9. This is done using
stochastic simulation and can be expressed using various measures such as value at
risk (VAR) and conditional tail expectation (CTE).
In some jurisdictions where the capital requirements are risk-sensitive, the impact on the capital
requirements would also be considered. This is not always intuitive as it may be that interest rate
risk, or market risk, may diversify against the capital required to be held against other risks, and
hence the aggregate capital required may be insensitive to increasing risk exposure until the
diversification benefit is used up.
The above ways of measuring risk can be classified as either measuring the sensitivity to a
change in financial variable at a point in time versus the sensitivity to a change in financial
variable over time. For example, duration, convexity, delta, gamma and rho all measure the
exposure to an immediate shock in the financial variable on the price of the underlying asset or
present value of a series of cash flows and assumes that shock persists indefinitely into the
future. Scenario testing and stochastic simulation can also look at future economic scenarios
over time and test the impact under the ALM strategy or reinvestment assumption.
Monitoring of the risk can be performed intra-day, weekly, monthly or quarterly - often
depending on how volatile the results are and the extent of surplus funds to absorb any mis-
match. Measurement of the risk exposure and the impact of potential ALM strategies provides
valuable decision support to an insurer.
Management of the risk exposure involves formulating and executing ALM strategies. Many
companies use traditional ALM metrics such as duration and convexity to manage the risk
exposure, set risk limits and rebalance the portfolio and then measure the resulting risk
distribution using stochastic simulation.
7
This can refer to the market values, present value of cash flows or financial statement impact on reserves, net income,
capital ratio, etc.
8
See Appendix B for a description of the greeks.
9
Note that calculating the risk distribution for some liabilities is problematic. E.g., no one yet has a reliable risk distribution
for US asbestos liabilities.
13-4
IV. Influence of Regulatory Regime on ALM practice
Supervisory and financial reporting trends that value all elements of the balance sheet
independently may not sufficiently consider ALM exposures. Accounting rules have sometimes
encouraged mismanagement of risk as a result of a disconnect between the accounting treatment
and economic reality.
Many of the large losses and failures suffered by insurance companies with long duration
liabilities could have been avoided by applying basic ALM techniques. Failures and near
failures of life insurance companies as a result of asset liability mismatches continue today.
Accounting rules10 in some jurisdictions have encouraged mismanagement by ignoring the
economic risk exposure and rewarding companies for taking mismatch risk. In countries where
the reserve and capital requirements do not reflect the interest rate risk exposure associated with
a mismatch of the asset and liability cash flows, and/or where there is a large disconnect between
the exposure on an accounting basis and risk exposure on an economic basis, insurers have had
less motivation to implement effective ALM.
V. Unique Considerations and Challenges for Insurance Companies in a Low Interest
Rate Environment
ALM for life insurers can be complex due to the long term nature of some product guarantees
(e.g. for the lifetime of insured/annuitant) extending beyond the term to maturity of available
fixed income assets, the presence of optionality in either or both of the asset and liability cash
flows (e.g. resets, ratchets in variable annuities with guarantees), the presence of adjustable
features in some products (e.g. participating insurance with dividends) and the dependence on
demographic assumptions which can undermine the matching as assumptions change.
One of the greatest challenges facing life insurance companies has been the prolonged extreme
low interest rate environment11. Life insurers who were short asset duration were not able to
earn the returns assumed in pricing of the liabilities. This has resulted in lower earned rates on
insurer portfolios, decreased investment income, higher reserves, spread compression on
products offering minimum credited rate guarantees and reduced ability to support dividend
scales. Even those insurers who were immunized on a duration basis and within their board
approved risk limits for the maximum allowable mismatch between the duration of assets and
duration of liabilities found themselves offside as a result of their convexity exposure (see
appendix); as interest rates declined, the duration of liabilities increased by a greater amount than
the duration of assets. Many of these insurers started chasing yield, decreasing the credit quality
10
In the US, accounting rules played major role in savings and loan crisis in the 1980s and 1990s. Assets were valued at
cost and reinvestment risk associated with short term deposits backed by longer term mortgages was ignored. When
interest rates increased in the 1980s the earned rate on the longer term mortgages was less than the rate paid on short term
deposits. This was exacerbated by severe disintermediation and weakening of the portfolios consisting of assets that were
held at book values higher than their market value. US GAAP does not capture the interest rate risk exposure of life
insurance companies and economic losses due to interest rates are not immediately revealed.
11
The sustained low interest rate environment has not hurt most P&C companies without long tail business as they can
adjust prices for new business for the change in interest rates.
13-5
of their portfolios and increasing the allocation to riskier asset classes. The resulting pressure for
higher yield has resulted in more risk being taken.
Traditional guaranteed products with long durations have been difficult to immunize with
available fixed income assets. Many insurers have assets backing liabilities that have a shorter
duration either because longer duration fixed income assets are not available or because they do
not want to invest in long low yielding bonds and lock in losses. Insurers who have taken a
market view on the direction of future interest rate changes and have not lengthened their assets
to match the duration of the liabilities have essentially taken a bet that interest rates will not fall
further in the medium to long term.
Life insurers are faced with the prospect of having to rebalance their portfolios to lengthen the
duration of their assets by purchasing longer term bonds and locking in unattractive yields in a
low rate environment. Because of a growing disconnect in Canada between the accounting and
economic results, some Canadian insurers were further penalized with an increase in reserves if
they immunized their portfolio on an economic basis.
There have been three main ways that insurers have sought to increase the yield on their
portfolios.
1. Add credit spread12. This is achieved by decreasing the credit quality of the portfolio
and taking on more credit risk exposure, and often aiming to capture the illiquidity
premium where they are intending to hold assets to maturity.
2. Increase expected return. This is achieved by increasing the allocation to riskier assets
classes such as equities, real estate and other non-fixed income assets.
3. Increase yield to maturity in an upward sloping term structure. This is achieved by
selling shorter assets that have a lower yield to maturity and buying longer assets that
have a higher yield to maturity. In some cases, for life insurance companies that had
assets shorter than the liabilities to begin with, this increases yield and decreases the
interest rate risk. Albeit the insurance company is giving up both the downside risk if
rates fall as well as the upside gain if interest rate rise.
European insurers have looked to transfer risk to new policyholders in this low rate environment
by replacing sales of traditional guaranteed products with unit linked products. This has
principally been driven by recognition of the cost of guarantees in Solvency II (as well as earlier
versions of Risk Based Capital (RBC) in countries like UK), although the risk-based capital
approach of Solvency II has typically resulted in the increased asset risk increasing capital
requirements. Low interest rates have served to emphasize those costs.
Life insurance products with minimum crediting rate guarantees represent an embedded option in
the liabilities. As interest rates fell, spread compression or margin squeeze resulted from the
portfolio earned rate falling below the crediting rate plus the required margin. Few insurance
12
Companies may use risk-adjusted yields but may for example seek to exploit the illiquidity premium.
13-6
companies outside of the UK hedged these guarantees explicitly using dynamic hedging or
purchasing interest rate floors. Once interest rates fell, the guarantees became prohibitively
expensive to hedge. If the hedging of the guarantee is managed explicitly, it may be possible for
the liabilities to be immunized as if the cash flows were fixed. Otherwise insurance companies
will look to immunize the effective duration and effective convexity that take into account the
interest rate sensitivity of the cash flows.
It should also be noted that there are ALM issues associated with high interest rates due to hyper-
inflation such as seen in Venezuela or Brazil.
3. Objectives for the ALM Function

At its most fundamental level, the goal of ALM is to manage the financial risk exposure
associated with the assets backing liabilities. While this seems straightforward enough, several
basic questions need to be answered before ALM can be properly performed. For example:
What sources of financial risk should fall within the scope of ALM?
Which risk exposure matters and which does not?
On what basis should risk be measured and managed?
What assets and what liabilities should be included and which, if any, should be
excluded?
At what aggregation level should ALM be performed?
Getting any of these basic questions wrong can have disastrous results for a financial institution,
potentially doing more harm than not doing ALM at all.
Once the insurer has defined what risk will be managed, it needs to determine how this will be
done. Before this question can be answered, the objectives for the ALM function need to be
determined. In some insurance companies, ALM is viewed as a risk mitigation exercise
primarily and the objective is simply to ensure all risk exposures are within the board approved
risk limits. Other insurers have integrated ALM within their broader Enterprise Risk
Management (ERM) to be executed as a strategic decision-making framework to run the
company by formulating, implementing and executing investment strategies related to the assets
and liabilities that achieve the financial objectives and setting this up as an optimization
program. The objectives for the ALM function will determine how asset management is
performed. Other objectives for the ALM function may include
Demonstrating to internal and external stakeholders that the company is being well
managed
Minimizing capital requirements, especially RBC
Determining how much interest should be credited to policyholders
13-7
Determining impact on account items which have immediate impact on earnings (e.g.
FAS97 DAC and shadow DAC calculations in the US)
One complication that arises in RBC regimes, such as Solvency II, is that interest-rate and
market capital requirements interact with the capital arising from other risks when they are
aggregated. Hence the ALM function needs to work closely with the team responsible for overall
capital management. Another complication is the increasing need to look at the future liability
and capital requirements in the ORSA, rather than simply looking at the current balance sheet.
I. Strategic Use vs. Mitigation Only
In practice, some insurance companies execute ALM as a risk mitigation exercise where the goal
is simply to keep the risk exposure within the specified risk limits. For other insurance
companies the goal is not to eliminate or minimize risk, the goal is to formulate ALM strategies
to achieve the financial objectives subject to the risk tolerances and constraints.
The ALM definition presented in the previous section, contemplates that ALM will be executed
as a strategic decision making framework to achieve financial objectives subject to risk
tolerances and constraints.
II. Economic vs. Accounting
The risk exposure can be measured on different bases. There is a wide range of practice within
the insurance industry globally regarding the basis the risk should be managed on. One of the
first steps in defining the ALM objectives is to determine what interest rate risk to manage. Is it
the interest rate risk associated with the long term future cash flows, the market value of the
assets and liabilities or the financial statement results? Figure 1 below lists these three
objectives.
Figure 1 - ALM Objectives13
13
It is possible for some companies to have other ALM objectives such as regulatory and/or economic capital.
13-8
In general, it will not be possible to manage the risk exposure on all three bases perfectly.
Insurance companies must choose on what basis the risk will be managed. Best practice is to
measure the exposure on multiple bases and use this to inform decisions regarding risk / reward
tradeoffs.
A challenge for insurance companies that can threaten solvency and the financial health of the
company occurs when there is a disconnect between the economic and accounting or regulatory
results. Many insurance company executives will say that they are focused on the long term
economic value. However, they are reluctant to immunize the interest rate risk exposure on an
economic basis (e.g. lengthening duration) when that creates losses on a financial statement
basis. The accounting regime can encourage the whole industry to systematically take on interest
rate risk.
The basis for managing interest rate risk will determine which yield curve14 should be used for
calculating present values of cash flows and the various ALM metrics such as duration,
convexity etc.
One challenge facing insurance companies wishing to manage the economic risk exposure is that
the very long term end of the yield curve may not be observable or be available for investment.
4. Scope
I. Sources of Risk
The scope of ALM varies from company to company. While historically, at least for the life
insurance industry, ALM has been synonymous with interest rate risk management, there are
many financial risks associated with the assets and liabilities including liquidity risk, credit risk,
market risk, currency risk. For some insurers, the scope encompasses most if not all sources of
financial risk associated with the assets backing the liabilities.
A. Interest Rate Risk
Interest rate risk manifests itself in many ways: market value risk associated with the market
value of the assets, economic risk associated with the present value of the cash flows or
accounting risk associated with the financial statement value of assets and liabilities. Ultimately
the interest rate risk will be a function of the gains and/losses on reinvestment and disinvestment
of the actual cash flows that are realized in future. This is what measuring the economic risk
exposure by projecting best estimate cash flows and calculating economic surplus15 seeks to
capture. Best estimate cash flows may include investment expenses, expected asset defaults,
margins for adverse deviations and future income taxes depending on various considerations16.
14
For example, government yield curve, swap curve, credit curve.
15
Economic surplus or excess assets equals the difference between the present value of the asset cash flows and the
present value of the liability cash flows.
16
For example, whether the interest rate risk is managed on an accounting or economic basis, whether income taxes are
paid from the corporate surplus account or the assets backing the liabilities, etc.
13-9
Risk limits for interest rate risk can be expressed in terms of duration17, cash flow match
analysis, and worst-case scenario testing.
As part of the ALM strategy for life insurance companies, the net dollar duration exposure may
be managed at a total company level including surplus assets. Risk limits may include:
DDA DDL < X% of present value of assets
Partial duration sensitivity < Y% of present value of assets at all points along
the yield curve
Worst case scenario < Z% of present value of assets
But even if a company were perfectly matched on both a first and second order basis, this would
not be sufficient to protect against non-parallel shifts in interest rates18. It is possible for an
insurance company to realize the same loss from a 7 basis point tilt in the yield curve (short rates
up 7 basis points, long rates down 7 basis points) as from a 100 basis point decrease across the
yield curve. Companies wishing to protect against non-parallel changes in the yield curve would
immunize on a partial duration19 basis. However, even being perfectly immunized on a partial
duration basis would not be sufficient to protect against interest rate changes where there are
embedded options in the assets or liabilities and/or other interest sensitive cash flows. Insurers
wishing to protect against the interest rate risk associated with interest rate sensitive cash flows
would either explicitly hedge the embedded option or immunize on an effective duration and
effective convexity basis. Unfortunately, this too would not be sufficient to protect against all
possible changes in interest rates. Other techniques including stochastic simulation, value at risk,
economic capital and principal component analysis will measure the extent to which all the
multiple dimensions of the interest rate risk exposure are effectively managed.
17
In North America, Dollar Duration is commonly used.
18
If a company were perfectly matched on duration (i.e. first order) basis, this would only protect against small parallel shifts
in the yield curve. If a company were perfectly matched on a convexity (i.e. second order) basis, this would protect against
larger parallel shifts in the yield curve.
19
Key rate duration, which measures the exposure to changes in the zero-coupon bond yields or spot rates rather than the
changes in market yields, is a similar metric which is also used.
13-10
Figure 2 - Risk Metrics Measure Multiple Dimensions of Interest Rate Risk
Large Changes
Present Value
Market Value
Point in Time
Book Value
Regulatory
Over Time
Non-Level
Embedded
Economic
2nd Order
Earnings
1st Order
Options
Capital
Capital
Shifts
Risk Metric
Duration ?
Effective Duration ?
Dollar Duration ?
Partial Duration ?
Convexity (all) ?
CALM C3
Deterministic

Scenario Testing
Stochastic Modeling
Earnings at Risk
B. Liquidity Risk
Liquidity risk is the exposure to the illiquidity of the assets and liabilities. An insurance
company could have no interest rate risk exposure if all the assets and liabilities were held to
maturity but be exposed to loss in the event that illiquid assets needed to be sold to cover a
demand liability or meet the mark-to-market cash flow requirements of a derivatives position.
Liquidity risk is managed by maintaining some level of liquid assets or cash so that liquidity risk
exposure is not material or is tolerably low. This is commonly managed by the Treasury
function.
13-11
C. Credit Risk
Credit risk is the exposure associated with the default of principal and/or coupon payments
and/or the decrease in market value resulting from an increase in credit spread20. There are
various approaches for taking into account the credit risk exposure in the asset cash flows. One
approach is to adjust the cash flows for credit risk. If a best estimate is used for expected
defaults however, the present value of the resulting risk adjusted cash flows discounted using a
risk free interest rate curve will tend to be greater than the market value of the instrument. If the
adjustment to the cash flows is solved for so that the resulting present value is equal to the
market value, the cash flows will not reflect the actual expected asset cash flows. Another
approach is to use an interest rate curve that reflects the credit spread for discounting. This will
help ensure the present value of the cash flows equals the market value but ignores expected
defaults in the cash flows. To the extent that the assets are matching liability cash flows, there is
debate regarding how to adjust the cash flows for credit risk and take credit for the illiquidity
premium.
The oversight of credit risk is sometimes a contentious issue for insurance companies. While the
investment department has the expertise to analyze credit quality and credit risk exposure, a best
practice is to have oversight of credit risk as part of the scope of ALM in order to ensure
monitoring of the risk is independent from the area that is taking the risk.
D. Market Risk
Market risk associated with equities and other non-fixed income asset classes especially when
these asset classes are backing insurance liabilities includes not just the exposure to losses in
market value but also the mismatch risk associated with backing insurance liabilities with non-
fixed income assets. Market risk associated with variable annuity or segregated fund guarantees
tends to be managed as part of an insurance companys dynamic hedging program. In practice,
these dynamic hedging programs tend to be separate functions and may or may not be considered
part of the overall scope of ALM.
Variable products and associated dynamic hedging tend to be viewed separately and managed by
a different team within an insurance company.
Non-Fixed Income Assets Backing Liabilities
Many insurance companies in Canada back insurance liabilities with both fixed income and non-
fixed income (NFI) assets. Backing insurance liabilities with NFI assets introduces mismatch
risk arising from the market risk of the NFI assets and the interest rate risk associated with the
liability cash flows. It can result in higher financial statement volatility or higher capital
requirements, and reserves could be higher or lower. The expected return on NFI assets such as
equities and real estate is generally thought to be higher than fixed income assets over the long
20
This latter item is a risk only if the asset would need to be liquidated before maturity. Credit risk is tied to liquidity risk and
interest rate risk.
13-12
run. However, it is critical for insurance companies to explicitly measure their exposure
including the effect on capital and have a strategy in place to appropriately manage this risk.
For any strategy involving NFI assets, accurate measurement of the interest rate risk exposure is
complicated by the existence of NFI assets along with liability cash flows that may vary with
interest rates and equity returns. The resulting exposure calculated is a function of the
approximation methods and assumptions used. Companies need to take this into account when
making ALM and trading decisions based on the duration of the assets and liabilities.
Some companies project cash flows for NFI assets corresponding to an assumed buy and hold
strategy and will rebalance and immunize the portfolio based on the resulting interest rate
sensitivity that is calculated for these assumed fixed cash flows. Some companies have modeled
real estate and equities as 30 year strip bonds with a fixed equity risk premium when calculating
duration. While the value of equities has some correlation to interest rates, assuming that
equities have a duration other than zero can be misleading and can distort the duration results.
Duration specifies the change in the price of an asset for a given change in interest rates. The
change in the price of equities will not necessarily move in the direction predicted using
duration.
Another practice is to assume NFI assets have no interest rate sensitivity (i.e. duration of zero),
model the cash flows as cash and perform sensitivity analysis for various combinations of
interest rate and equity return scenarios.
A third approach is to project the NFI assets and liability cash flows using a stochastic model
that generates economic scenarios for all financial variables under question (e.g. yield curve,
credit spreads, equity returns, real estate gains, etc.), and analyze the resulting risk distribution.
In contrast to notionally backing long term liability cash flows with NFI assets, many life
insurance companies in Canada explicitly carve-out the long term liability cash flows after a
certain number of years and back these with real estate and equity assets. An immunization or
other matching strategy is typically used for the shorter term cash flows using fixed income
securities.
Carve-out Strategy
A carve-out strategy whereby the long term liability cash flows after a certain number of years
are carved out and backed with NFI assets will enable an insurer to explicitly measure and
manage the risk exposure associated with using NFI assets to back insurance liabilities, and will
enable the insurer to assess whether the company is comfortable with the associated mismatch
and market risk to ultimately meet the future insurance obligations21.
21
This can be done using deterministic scenario testing or by performing a stochastic analysis for the NFIs backing the
carved out liabilities, projecting both NFI returns and interest rates under a large number of future return and interest rate
scenarios. A shortfall measure can be used to determine the amount of NFI assets that would be required to meet carved-
out liability cash flows under a variety scenarios, and to measure the likelihood and severity of a shortfall. In addition to the
ultimate risk of shortfall, companies need to also assess the volatility of the projected economic surplus for the carved out
assets and liabilities over key projection horizons, such as one and five years.
13-13
The first step in a carve-out strategy is to determine the carve-out point and/or amount of NFI
assets. In general, one of the following methods is used:
In the first method, the carve-out point is determined first, immunization is performed up to the
carve-out point, and then the remaining amount of assets is invested in non-fixed income
securities.
In the second method, the amount of equities or other NFI assets is determined first (either as a
dollar amount or percentage of assets), the carve-out point is then determined based on how
many years of cash flows the fixed income and NFI assets can support, respectively; and finally
immunization is performed up to the carve-out point.
The amount of NFI assets backing insurance liabilities varies from company to company based
on many factors including impact on reserves and capital ratio, potential earnings volatility, and
overall comfort with the amount of equity and interest rate risk being assumed. Once the desired
amount of NFI assets is determined, some companies use a stochastic approach to determine the
confidence level at which the current amount of NFI assets will be sufficient to provide for the
present value of the long term cash flows after the carve-out point.
In the first method described above, the carve-out point is typically determined by looking at the
latest date where all of the liability cash flows up to that point can be effectively immunized
using available fixed income assets. The remaining assets in the segment are then invested in
NFI assets.
In the second method described above, the carve-out point is solved for based on the liability
cash flows that can be immunized with the remaining amount invested in fixed income assets.
It is typical for the carve-out point determined above to be in the range of 30 to 45 years,
depending on the amount of NFI assets and the liability cash flow profile.
Companies using carve-out strategies can perform stochastic analysis to assess the sufficiency of
its NFI assets to meet the long term liability cash flows, as well as the ongoing risk associated
with its allocation to NFI across various scenarios.
Variable Annuities and Segregated Funds
Risks associated with guaranteed minimum benefits provided by variable annuities and
segregated funds are oftentimes managed using dynamic hedging programs. The aim of dynamic
hedging is to rebalance the hedge portfolio so that the sensitivity of the embedded options in the
liabilities to changes in financial variables such as 1) underlying stock price, 2) implied volatility
surface and 3) term structure of interest rates are matched by the sensitivity in the hedge
portfolio. This is done using price sensitivity metrics similar to those related to those used in
ALM related to interest rates called greeks. See Appendix B for a definition of the greeks.
E. Currency Risk
Currency risk associated with backing liabilities with assets in a different currency has usually
been avoided. It generally is not possible to completely hedge this risk unless the liability
13-14
duration is short. Increasingly in the search for yield insurers do this and do hedge the foreign
exchange rate risk as far as possible.
5. Governance and Framework

Governance is a vital part of effective ALM. Best practices with respect to ALM governance
start with the organizational structure:
The board and senior management demonstrate a strong commitment to ALM, are
involved and actively promote risk management culture.
The ALM Committee has a senior composition and is a forum for strategic decision
making.
The person responsible for ALM has the necessary professional expertise.
There is an adequate level of resources and well-trained professionals dedicated to the
ALM function.
Roles and responsibilities are well-defined with clear accountability for the ALM
function.
The ALM policy statement and procedures are well documented and approved by the
Board.
Measurement and monitoring of exposure; reports clearly communicate the risk
profile that supports decision making.
Risk is consolidated at total company level and understood by board and senior
management.
I. Board of Directors
The board of directors is ultimately responsible for the risk management of an insurance
company and ensures that key elements required for effective governance are in place including
an organization structure that supports the execution of ALM, a senior level ALM Committee
with a board approved mandate, a board approved ALM Policy with clearly defined roles and
responsibility, risk limits and ALM Conceptual Framework. The board should also be satisfied
that there is a strategic decision making framework in place for ALM and accountability for any
management decisions to take market views or interest rate bets.
For life insurance companies where ALM issues are material, boards of directors and other
decision-makers of insurance companies need to be well educated on ALM. Simplistic yet
popular duration-matching strategies are not enough to protect and insurance companies writing
long duration contracts from the multiple dimensions of the interest rate risk exposure they face.
As interest rates have fallen, such insurance companies who may have been perfectly duration
matched found themselves offside their risk limits because they had large convexity22 exposure.
22
See Appendix A for a definition of convexity and other technical terms.
13-15
Other life insurers who thought they did not have interest rate risk found themselves having to
explain to equity analysts why they had such a loss due to interest rate when rates barely moved.
The role of ALM is more important than ever in these conditions to provide effective decision
support.
II. ALM Policy
The ALM Policy that is reviewed and approved annually by the board is an important
governance tool for the Board.
A. ALM Conceptual Framework
This forms part of strong governance for the ALM function. Insurance companies who try to
execute ALM without having a formal framework in place lack a proper decision making
framework to manage the risk exposure and may position the company in an unintended
direction.
Financial objectives, risk tolerances and constraints define the conceptual framework for ALM.
This is part of a strategic decision making framework in which ALM serves as a tool to achieve
the organizations financial objectives subject to its risk tolerances and constraints.
Financial Objectives
Within an ALM framework, the financial objectives that are specified determine how risk is
defined for the organization. Some examples of financial objectives include maximizing
shareholder wealth, economic value, embedded value, earnings, Risk Adjusted Return on Capital
(RAROC), Return on Equity (ROE), future earnings, etc. One of the key considerations in
selecting the appropriate financial objectives is the balance between economic and accounting
results (both regulatory accounting and shareholder accounting). Focusing on economic reality
(i.e. the actual cash flows) ensures that the organization will ultimately realize superior earnings
in future (on any basis). This tends to be a long term focus. Focusing on accounting results on
the other hand tends to have a short term focus. However, these are the results that get reported
to shareholders, policyholders, rating agencies, analysts, and regulators. Arguments against
focusing on the long term economic results include
Future long term economic earnings may not be realized due to forced actions caused
by violating regulatory or rating agency constraints.
Economic results depend on future projections that may not be reliable; economic
valuations may be more susceptible to speculative assumptions than accounting
valuations.
Long term interest rates used to discount long term liability cash flows may not be
observable.
Arguments against focusing on the accounting results include
Short term focus.
13-16
Accounting treatment and emergence of earnings may mask interest rate and other
financial risks.
Changes to accounting rules may give a very different financial picture and risk
exposure.
Focusing on accounting results can run counter to capital objectives in some regimes.
ALM strategies are formulated to achieve the financial objectives that are specified. It is
possible to have more than one financial objective. A risk adjusted measure would ensure the
financial objectives are defined relative to the amount of risk assumed.
Risk Tolerances
Financial institutions such as insurance companies are in the business of assuming risks. In
general, only those risks that help the company achieve its financial objectives and for which the
company is fairly compensated should be assumed (e.g. if the risk profile is desirable). All other
risks should be eliminated or minimized to the extent possible.
Risk for the insurer is the exposure of its stated financial objectives to changes in financial or
other variables. For example, interest rate risk for a company whose financial objective is to
maximize economic value is the exposure of that economic value to a change in interest rates.
This is also the case when the financial objectives are based on accounting measures, except that
the economic impact of a change in a financial variable may be masked or altered by the
accounting rules.
The companys risk tolerance is used to establish specific risk limits for each material financial
variable. These risk limits should be defined in terms of appropriate risk metrics and analyses
that properly capture the true risk exposure on the desired basis (i.e. economic or accounting).
There may be times when an insurer may find itself in breach of these limits, for example, if the
cost of eliminating or minimizing an existing risk is too great (e.g. locking in a loss, hedging
when implied volatility is trading high, etc.) compared to the risk exposure.
Constraints
In addition to an insurers risk tolerances, there may be a number of internal or external
constraints that must be considered (e.g. minimum capital ratio, maximum volatility of earnings,
various investment guidelines, debt covenants23, etc.)
Surplus Management Philosophy
Depending on the ALM objectives, not all assets and liabilities will be included in managing the
interest rate risk and/or will be treated differently. In some cases only general account assets and
liabilities are included for purposes of ALM. Separate account assets and liabilities such as
23
Debt covenants may be triggered by regulatory accounting results that are not severe enough to cause regulator action.
13-17
segregated fund and variable annuities are managed separately24 and have separate hedging
programs. Some insurance companies include all assets backing interest bearing liabilities only.
Aside from these two decisions, insurance companies must decide whether the interest rate risk
that will be managed is
1. the interest rate risk associated with only the assets backing the liabilities,
2. the total interest rate risk that the company is exposed to including all the assets, i.e.
including surplus assets, and /or
3. the interest rate risk associated with the capital requirements.
Many insurance companies manage the interest rate risk associated with the assets backing
liabilities only and manage surplus on a total return basis. I.e. any interest rate risk exposure
associated with the surplus assets is ignored. A key question for ALM for P&C and other
insurers is the treatment of net assets (i.e. surplus) as final cash payments will be higher or lower
than the estimate and new / renewal business may lead to payments higher than premium income
for some period. Some insurers do not segment their assets and have one asset portfolio. In this
case, the interest rate risk associated with fixed income assets relative to the liabilities is
managed. Other objectives/metrics are used to manage NFI assets.
There are two ALM issues that arise in practice that relate to the surplus management philosophy
of the company: 1) how to treat excess assets25, and 2) what to do with margins for adverse
deviations that are included in the projected liability cash flows for valuation purposes.
Some companies implement ALM by requiring that the book value of assets equal the book
value of liabilities in each segment (and do not allocate required surplus to the lines of business).
In this case, the present value of the asset cash flows will generally be greater than the present
value of the liability cash flows26. These excess assets in the line of business represent economic
surplus. If the strategy is to match the modified duration of the assets and liabilities, the
economic surplus in the line will be exposed to changes in interest rates27. On the other hand, if
the strategy is to match the dollar duration of the assets and liabilities, the present value of the
assets and liabilities will change by the same absolute amount for a given change in interest rates
and the economic surplus will be immunized. This approach has been described as equivalent to
24
Segregated funds and variable annuities are not always managed separately. Some insurers have internal hedging
arrangements to reduce external hedging costs.
25
Excess assets or economic surplus equals the difference between the present value of the asset cash flows and the
present value of the liability cash flows. Or could be net of capital requirements
26
This is because the interest rate risk provision and the Provisions for Adverse Deviations (PfADs) under CALM are non-
cash flow items.
27
This is because the present value of the assets and liabilities will change by the same percentage amount when their
(modified or Macaulay) durations are the same. Since the present value of the assets is greater than the liabilities, the
assets will experience a greater change in absolute terms.
13-18
immunizing the present value of assets that are equal to the liabilities and investing the excess
assets (or economic surplus) in cash (i.e. with a duration of 0)28.
As an example, in the same way that European companies would be required to hold more
capital for an interest rate mismatch, Canadian life insurance companies are penalized under the
Canadian Asset Liability Method (CALM) if they do not match asset and liability cash flows
with Margins for Adverse Deviations (MfADs) included because the interest rate risk
provision required under CALM is calculated with MfADs included in the cash flows.
An argument that has been put forth by some practitioners that matching with MfADs in the cash
flows ensures smoother emergence of earnings. This argument asserts that to the extent that the
release of MfADs represents the emergence of earnings, including the MfADs in the cash flows
immunizes future earnings. This argument treats MfADs as if they were a real cash flow item
and actually increases the companys exposure to interest rate changes.
The surplus management philosophy becomes an important driver of how interest rate risk will
be managed. Appendix C provides an example illustrating this.
B. Organization Structure
Within an insurance company, where ALM resides is often a function of the organizational
structure, the expertise of personnel and what area within the company they work. It is not
uncommon for the ALM function to reside within Actuarial, Investments, Finance or to report to
the Chief Risk Officer.
C. ALM Committee
Some insurers have a formal, board approved, ALM Committee Mandate that sets out the terms
of reference for the ALM Committee, which in many cases includes oversight for the risks
associated with the assets and liabilities.
D. Roles and Responsibilities
A best practice for insurers is having clearly defined roles and responsibilities in respect of
ALM.
E. Asset Management within an ALM Framework
It is not uncommon within insurance companies for internal conflicts to arise between the
execution of ALM and asset management when assets are managed separately and the portfolio
managers performance is measured against a benchmark. Executing an ALM strategy to
achieve the financial objectives or performing a risk optimization will be met with resistance and
the role of the asset manager versus ALM will be called into question. Many life insurance
company CEOs have been dissatisfied that although the company has bright investment
managers who achieve the investment objectives, beat the benchmark, and stay within the risk
28
Because of the shape of the yield curve, investing the assets in a lower average duration may result in a higher yield since
the YTM of a 30 year bond is lower than the YTM of a 25 year bond, for example.
13-19
limits and constraints; they destroy value against the companys financial objective (e.g. the
resulting increase in actuarial reserves was greater than the increase in investment income).
There are two general approaches used in the insurance industry to manage insurance company
assets. One approach is to manage the assets separately against a benchmark within specified
risk limits to achieve a specified investment objective. In the other approach, asset management
is executed within an ALM framework. ALM drives the investment process. The assets are
managed directly against the liability cash flows rather than a benchmark in such a way as to
achieve the financial objectives rather than the investment objectives. For some companies,
especially P&C, the ALM process may also include liquidity targets (both for the simplistic
approaches and the more sophisticated approaches).
6. Measurement of Risk Exposures

I. Risk Metrics
ALM metrics for longer duration portfolios include various duration and convexity measures that
capture the first and second order sensitivity of the present value of the asset and liability cash
flows to changes in the level of interest rates, the shape of the term structure of rates and the
corresponding change in the cash flows to changes in interest rates. These metrics may or may
not correspond to the interest rates risk exposure the financial institution wishes to manage.
Appendix A provides a description of various risk metrics used in ALM.
II. Scenario Testing
In addition to risk metrics, deterministic scenarios are used to measure the impact of either 1) an
instantaneous shock to the yield curve or other financial variable, or 2) a change in interest rates
or other financial variable over time - along with the impact of other aspects of the scenario and
in particular their capital impacts.
III. Stochastic Analysis
Stochastic simulation is used to generate a risk distribution for the assets, liabilities, and capital
requirements using stochastically generated scenarios for interest rates, equity returns and other
financial variables.
IV. Decision Support
ALM is a powerful tool to help run an insurance company. Beyond risk mitigation, ALM can
provide valuable decision support to help insurers determine whether they are taking an
appropriate amount of risk and whether they are sufficiently compensated for the risk they are
taking. Ensuring that the portfolio is risk efficient is the first step. A portfolio is said to be risk
efficient if the financial objective is maximized for the level of risk taken. The next step is to
assess whether the level of risk is appropriate. The amount of risk taken needs to be consistent
with the insurers risk appetite. Taking too little risk may be inconsistent with the risk capacity
and risk strategy of the company.
13-20
It is important for an insurer to know how much a particular ALM strategy and/or risk limits are
costing. A horizon matching strategy whereby cash flows are matched for the first 10 or 15
years may be taking on more risk and giving up more yield than an immunization strategy that is
less constrained.
But even if a risk is within an insurers risk appetite, it may not be advisable if the insurer is not
being compensated for the amount of risk taken. ALM can quantify how much additional
income / value can be added for some measure of additional risk.
Insurance companies have a choice in how they implement ALM. ALM can be implemented
primarily as a risk mitigation function. Alternatively, ALM can be executed as part of a strategic
decision making framework by formulating ALM strategies to control risk and achieve the
companys financial objectives.
Figure 3 - ALM Executed As Part of a Strategic Decision Making Framework
7. Execution of ALM Strategies

Most ALM strategies will involve rebalancing of the asset and/or hedge portfolio as needed.
Rebalancing can be performed as frequently as daily in real time or as infrequently as monthly or
quarterly. The objective of periodic rebalancing is to ensure that the risk exposure associated
with the assets backing the liabilities is kept within some target or risk limit. There are
transaction costs associated with buying and selling assets which are sometimes taken into
account when deciding how frequently to rebalance the portfolio. Hedging costs are also a
function of rebalancing. Delta hedging, for example, is a buy high sell low strategy whose cost
stems from the realized volatility and frequency of rebalancing. In periods of illiquidity, it may
be difficult or expensive to rebalance as required. The accounting and tax treatment of realized
gains and losses oftentimes influences rebalancing decisions.
I. Segmentation
Portfolio segmentation is used to explicitly back a block or segment of liabilities with certain
assets. This can be helpful for profitability measurement and pricing. As noted above, not all
P&C insurers have multiple segments.
Segmentation is suboptimal from an ALM perspective. In the early days of ALM
implementation many North American life insurance companies started by immunizing certain
13-21
lines of business separately. While they increased in sophistication and succeeded in reducing
the interest rate risk exposure on those lines of business they actually increased the interest rate
risk for the company overall as the interest rate risk exposure that was eliminated was offsetting
interest rate risk of another line of business. A best practice is to aggregate risk exposures and
manage at a total company or group level.
II. Dedication and Horizon Matching
Dedication and horizon matching are both forms of cash flow matching strategies. Insurance
companies project the liability cash flows and, usually working backwards, find bonds with
maturity and coupon payments to match the projected liability cash flows. Complete cash flow
matching is not possible for portfolios with long duration liabilities. Some insurance companies
will match cash flows within some tolerance level over some shorter term horizon period such as
5 or 10 years.
III. Immunization
For life insurance companies, the concept of ALM has been around since the 1950s when Frank
Redington wrote his seminal paper on immunization theory. The basic principle was that if what
insurance companies were most interested in was protecting economic surplus, then it was not
necessary to exactly match the asset and liability cash flows. For P&C companies in the US
there was no concern with interest risk until the late 1970s, when rates increased drastically after
a long period of relative stability. Many insurers before then had longer asset durations than
liability durations to take advantage of higher yields.
IV. Portfolio Replication
A replicating portfolio is a portfolio of capital market instruments that seeks to replicate either
the cash flows or market value of the liabilities for a given set of stochastic scenarios. Instead of
re-running an insurers actuarial models to project the liability cash flows, the replicating
portfolio is used as a proxy to predict the change in the value of insurance liabilities under
different economic conditions. The goal is for the replicating portfolio to equal the value the
liabilities would have under a wide range of economic conditions. If close replication is
achieved, then an estimate for liabilities can be calculated more quickly under changing market
conditions, stress testing or other deterministic scenarios. The behavior of insurance liabilities
will be easier to understand by investment managers and the insurer will avoid the need to re-run
actuarial models and dramatically improve the speed of calculations.
V. Carve Out Strategy
The extent to which mismatch risk can be mitigated depends on the available assets as well as
the reliability and accuracy of the projected future liability cash flows. Increasingly, following
the quest for yield, insurers are using alternative non-fixed income assets29 to increase the
29
This is not the case for P&C insurers in the US, as equity investments are usually restricted to a fraction of the insurers
equity. Use of equities may be a function of the available asset markets in the subject currency. Equity investments are
more common in the US P&C market for mutuals and others without ready access to capital markets hence not because
of the liabilities.
13-22
expected return of the assets backing the liabilities. A robust ALM framework will allow
companies to understand how best to reach their financial objectives and maintain portfolio risks
within set limits given the assets available.
VI. Interest Rate Swap Overlay
Interest rate swaps are an effective tool to execute ALM strategies and facilitate risk optimization
of a portfolio. An interest rate swap overlay can be used to adjust the interest rate risk exposure
and extend the duration beyond what could be achieved using cash assets.
VII. Reinsurance
Reinsurance is used by some insurers to manage the risks associated with both the liabilities and
the corresponding assets.
VIII. Taking Market Views
Many insurers have made a management decision not to lengthen an asset portfolio that has a
duration shorter than the duration of the liabilities. One reason is that the insurer is taking a view
on the market and does not want to lock in rates in a low interest rate environment. In some
cases companies have taken large interest rate bets with no accountability surrounding the
decision. One best practice is to measure the gains or losses that result over time from taking
any market view / interest rate bet and report this at each ALM Committee meeting.
IX. Risk Optimization
Many insurance company portfolios may be risk inefficient. Financial objectives are not
maximized for the amount of risk being taken. In some cases financial objectives are not well
defined. As a result it is not clear what risk should be managed.
A portfolio is risk efficient if the financial objective is maximized for a given level of risk and set
of constraints.
13-23
Figure 4 - Three Ways to Optimize a Portfolio Include
Optimization Basis Object Value Added
Actual return not necessarily maximized

Asset Mix Expected Return High dependency on assumptions
Mismatch risk
Credit risk premia front ended

Credit Spreads Portfolio Yield No free lunch higher credit risk taken in order to get higher
yield
Yield maximized on default-free basis

Yield Curve Portfolio Yield
Real value added
Figure 5 below illustrates the risk efficiency frontier of an insurance company. The frontier
measures the increase in portfolio yield above the current portfolio for various levels of risk.
Risk can be measured using CTE, VAR, worst case loss, etc. The current portfolio is shown in
the gray box.
13-24
Figure 5 - Risk Efficiency Frontier
In the example above the insurer can decrease risk (in this case the worst case scenario) from 662
million to 366 million and increase portfolio yield by 45 basis points. This is accomplished by
buying and selling government bonds. Alternatively, an interest rate swap can be used. In either
case, the rebalancing is done on a credit neutral basis.
Charles Gilbert, FSA, FCIA, CERA, is president and founder of Nexus Risk Management. He is
located in Toronto, Canada. He works with insurance and reinsurance companies worldwide to
implement and execute dynamic hedging programs, asset liability management (ALM), and
enterprise risk management (ERM).
13-25
Appendix A Interest Rate Risk Metrics and Analytics
This section defines risk metrics and analytics used in measuring the exposure to interest rate
risk.
Macaulay Duration is the time weighted present value of cash flows divided by the present
value of the cash flows. Macaulay Duration gives an indication of the interest rate sensitivity of
the present value of a future stream of cash flows but is rarely used in practice.
Modified Duration provides a provides a measure of the interest rate sensitivity in percentage
terms of the present value of a series of fixed cash flows assuming a level term structure for a
parallel change in interest rates. For example, if the Modified Duration of an asset is 10, then for
a 1 basis point increase in interest rates the market value of the asset will decline by
approximately 0.1%. Modified Duration can be calculated by dividing Macaulay Duration by 1
+ i(n) / n, where n is the compounding frequency.
Effective Duration provides a measure of the interest rate sensitivity in percentage terms of the
present value of a series of interest rate sensitive cash flows assuming a parallel shift in the yield
curve. Effective Duration can be calculated by shocking the yield curve up and down by some
change in interest rates, projecting the cash flows under the shocked yield curves and using a
central difference approximation.
Dollar Duration provides a measure of the interest rate sensitivity in dollar terms of the present
value of cash flows for a parallel change in interest rates. For example, if the dollar duration of
assets is $100,000,000 greater than the dollar duration of liabilities, then for a 1 basis point
increase in interest rates for all terms to maturity across the yield curve, the present value of
assets will decrease by approximately $10,000 more than the present value of liabilities.
Partial Duration provides a measure of the interest rate sensitivity in percentage terms of the
present value of a series of fixed cash flows for a change in the yield for a given term to
maturity. Partial Duration can be calculated by partitioning the yield curve by term to maturity
and for each term to maturity shocking the yield to maturity up and down, linearly interpolating
to the next term to maturity and the prior term to maturity.
The partial duration sensitivity analysis shown in figure 6 below measures the impact on
economic surplus for a 1 basis point change in interest rates at each term to maturity along the
term structure. This is a valuable tool as interest rates seldom move in a parallel fashion.
13-26
Figure 6 - Partial Duration Sensitivity Analysis
Convexity measures the rate of change of duration. Duration only provides an approximation of
the price sensitivity to changes in interest rates. The precision of the approximation deteriorates
as the change in interest rates increases. Including convexity improves the approximation. In
general, assets with greater convexity are more desirable than assets with less convexity. This is
because as interest rates decrease the increase in the market value of the assets increase at a
faster rate. Conversely, as interest rates increase the decrease in the market value of the assets
decreases. It is therefore desirable to have assets that have higher convexity than the liabilities.
Convexity is a second-order sensitivity measure to changes in interest rates. It is the rate of
change in duration for a change in interest rates. In general, duration provides a good first-order
approximation to a small parallel shift in the yield curve. As the change in interest rates
increases, duration will understate the increase in present value of cash flows as rates decrease
and overstate the decrease in present value of cash flows as rates increase. Positive convexity
results in a higher present value of cash flows than duration alone would predict for an increase
or decrease in rates. Negative convexity results is a lower present value of cash flows than
duration alone would predict for an increase or decrease in rates.
Figure 7 - Convexity Exposure
Prese Presen
nt t Value
Value Net
Assets Cash
/ Flow
Liabiliti
es
Interest Rate Shock
13-27
Scenario testing involves measuring the sensitivity of economic surplus to both parallel and
non-parallel yield curve shifts both at a point in time and out into the future. Deterministic
scenario testing is a valuable tool to analyze what if type scenarios.
Figure 8 - Deterministic Scenario Testing
Cash flow analysis examines how well matched the asset and liability cash flows are and
provides insight into the liquidity exposure.
Net cumulative cash flows can also be studied after reinvestment under different interest
scenarios.
Figure 9 net cash flow
13-28
Appendix B The Greeks
The greeks are price sensitivity metrics similar to those related to those used in ALM related to
interest rates.
13-29
Appendix C Surplus Management Philosophy
Consider a company matches the modified duration of the assets and liabilities. This strategy
exposes economic surplus to interest rate risk. Figure 10 below shows how an increase in
interest rates of 1% results in the same percentage change in assets and liabilities and a resulting
decrease in economic surplus from 10 to 7.5 due to the excess present value of assets backing the
liabilities.
Figure 10 - Immunization on a Modified Duration30 Basis
A company wishing to immunize economic surplus would immunize on a dollar duration31 basis.
Figure 11 below shows how an increase in interest rates of 1% results in the same dollar change
in assets and liabilities and therefore no change in economic surplus.
Figure 11- Immunization on a Dollar Duration Basis
30
Modified duration measures the first order sensitivity of the present value of cash flows to a change in interest rates.
31
Dollar duration equals the modified duration times the present value of the cash flows.
13-30
The reader may be tempted to observe that immunizing on a dollar duration basis is equivalent to
investing economic surplus or excess present value of assets in cash or some other asset with
duration zero and question whether that is how surplus should be invested. In fact, depending on
the shape of the yield curve and the asset liability profile, immunizing on a dollar duration basis
in this example could increase portfolio yield. But the underlying question remains, what should
the duration of surplus be?
Insurance companies are exposed to significant interest rate risk which has multiple dimensions.
As we saw in the example above, immunizing on a duration basis is not sufficient to protect
economic surplus against a change in interest rates if the present value of assets is greater than
the present value of liabilities. Immunizing on a dollar duration basis is also not sufficient.
Many life insurance companies with long duration liabilities were immunized on a first order,
dollar duration basis and were not protected against large changes in interest rates. As a result
second order, convexity exposure these companies found themselves offside of their board
approved risk limits as the duration of the liabilities increased at a greater rate than the duration
of assets as interest rates fell.
Appendix D Evolution of ALM Practices
Interest rate risk remains a significant challenge for many insurance companies with long
duration liabilities. Long bond rates have been decreasing for the past two decades. For the last
10 years, we have been in a prolonged low interest rate environment with interest rates below
what used to be considered an overly conservative ultimate reinvestment rate of 5%.
The decrease in interest rates has caused a number of life insurance companies with long
duration liabilities to be outside of their interest rate risk limits, some with still large duration
mismatches.
Convexity exposure, prevailing view on interest rates since the early 1990s has been that interest
rates will increase.
Figure 12 - Historical Timeline for Life Insurance Companies in Canada
13-31
IAA Risk Book
Chapter 14 - Financial Statements
Michael Eves
R. Thomas Herget
Francis de Regnaucourt
Stuart Wason
This paper has been produced to help readers unfamiliar with insurer financial statements
gain some knowledge of the different types of financial statements insurers produce as well
as to understand their purpose. The paper is limited in that it does not go into great detail
concerning the elements of the financial statements but rather keeps at a level that enables a
high level understanding. It is focussed on the more general components of financial
statements rather than on items specifically related to risk or risk margins. This paper should
be read by anyone who wishes to have this overview.
Financial statements provide insurer stakeholders with information useful for making
business decisions and to give insights into the development of the Company. Financial
statements are prepared in several different forms and according to many different design
concepts according to the needs of each stakeholder. Common components include (but are
not limited to),
Statement of financial position also known as a balance sheet; provides assets,
liabilities and equity at a given date
Income statement also known as a profit and loss statement or statement of
revenue and expenditure; provides the profits of the business between two dates
Cash flow statement movement of cash over a period
Change in equity movement in equity over a period
Financial statements are frequently accompanied by various forms of supporting disclosures.
Insurer stakeholders include supervisors, policyholders, owners, investors, rating agencies,
tax authorities, employees etc. Each stakeholder has their own objectives in selecting
financial statements useful for their purposes. These objectives may dictate the form of
statement that is most useful to them (e.g., supervisors may make greater use of the statement
of financial position while tax authorities may use the income statement) as well as the design
concepts that underlie those financial statements (e.g., supervisors may require that financial
statements useful for their purposes use specific valuation methods for assets and liabilities).
A useful quality of financial statements for some insurer stakeholders (e.g., supervisors,
rating agencies etc.) is their ability to compare the results of entities conducting similar types
of business (e.g. insurers as distinct from manufacturers) within a jurisdiction as well as
globally.
IAA on 5 November 2016
Standard setters play an important role in developing financial statement standards. They may
include professional accountancy organizations (e.g. the International Accounting Standards
Board or the Financial Accounting Standards Board), financial sector supervisors and, in the
case of insurance and pensions, professional actuarial organizations.
This chapter focuses on the specific financial statement issues faced by insurers as seen from
an actuarial perspective.
The key messages of interest to stakeholders interested in insurer financial statements are:
1. Unique features of insurance make the financial statements for insurers highly
sensitive to the design concepts employed in those statements, particularly with
respect to the valuation of insurance obligations and assets, as well as the
components of the income statement and the presentation of equity.
2. Unique features of insurance include the (frequently) long term nature of its
insurance obligations; the need for professional actuarial judgement in the
valuation of future insurance obligations taking into account (among other things)
the timing, amount, variability/uncertainty etc. of the underlying risk exposures;
and the rate of return expected from the supporting assets.
3. Stakeholders most interested in insurer financial strength, sale and/or solvency tend
to focus on financial statement design concepts that include the following (not all
are mutually consistent):
a. Economic valuation methods
b. Valuation of all guarantees and options including policyholder behaviour and
product adjustability
c. Ability to discern separately best estimates and any associated margins of
conservatism
d. Consistency of valuing both assets and liabilities
e. The availability and quality of the capital resources
f. Shocks/stress tests/capital requirements to illustrate the capital needed to
protect against adversity
4. Stakeholders most interested in the performance of insurers tend to focus on
financial statement design concepts that include the following:
a. Definition of what constitutes profit
b. Emergence of profit over time (i.e., What is the proper emergence of profit for
long duration insurance contracts? At issue? Over the length of the contract?)
5. Actuaries assist stakeholders in the design, preparation and use of insurer financial
statements in many ways including,
a. The development, selection and analysis of financial statement design choices
b. The preparation of various actuarial related estimates involved in financial
statements including the projection of future cash flows on policies in force.
send an email directly to riskbookcomments@actuaries.org
14-2
Actuarial estimates need to be updated regularly as new experience or
information regarding the performance of the policies and their underlying
risks becomes available.
c. The interpretation of various financial statement estimates for relevant
stakeholders, not only their current view but also as to their possible future
values.
2. Purposes of Financial Statements

Financial statements provide insurer stakeholders with information useful for making
business decisions. Such decisions typically include consideration of a wide variety of other
information and analysis (e.g., risk management, capital management, strategic, economic,
operational, legal etc. input) relevant to the decisions being made.
Financial statements are prepared in several different forms and according to many different
design concepts according to the needs of each stakeholder. Common components include
(but are not limited to),
Statement of financial position also known as a balance sheet; statement of
assets, liabilities and equity at a given date
Income statement also known as a profit and loss statement or statement of
revenue and expenditure
Cash flow statement movement of cash over a period
Change in equity movement in equity over a period
The statement of financial position presents information about the financial strength (the
excess of assets over liabilities) of the insurer. The income statement presents the profit (or
loss) that was made in the reporting period. The cash flow statement is useful in presenting
the movement of cash as distinct from the many non-cash accruals and changes to asset and
liability provisions common in insurer operations. This information is used by stakeholders,
which include investors, regulators, management, employees and policyholders, to make
decisions relevant to their role.
Financial statements are frequently accompanied by various forms of supporting disclosures.
Accounting standard setters in some jurisdictions may deem certain forms of disclosure to be
a formal part of the financial statements and therefore be subject to audit. Disclosures
typically provide additional, more detailed, information about the information in the financial
statements as well as additional information regarding the nature of expenses, assets,
liabilities and risks to which the company is exposed. Management may also prepare a
commentary which will include more details on the underlying business such as sales
volumes, sources of earnings, line of business performance, geographic distributions, critical
accounting estimates and other elements of interest to readers.
Financial statements are prepared as frequently as is expected by various stakeholders.
Depending on jurisdiction, they may be prepared annually, half-yearly, quarterly and/or
monthly. When viewed over multiple time periods, the financial statements can be used to
analyze trends in the results of company operations.
14-3
Due to the many different perspectives of insurer stakeholders, as well as differing
geographic views on these matters, there are many different sets of financial statements, each
employing unique sets of design concepts chosen by or for their particular stakeholders.
Many stakeholders value being able to compare insurer financial results among their peers
and across those conducting similar business. The need for comparability is particularly
strong among stakeholders interested in public reporting (e.g., investors, policyholders,
analysts, rating agencies, auditors etc.) and supervisory reporting (e.g., financial sector
supervisors, rating agencies etc.). In recent decades, insurer stakeholders are seeking greater
international comparability of insurer financial statements (for both public and supervisory
reporting purposes). The advances by the IASB in insurer public reporting and the IAIS with
respect to insurer capital requirements (a form of supervisory reporting) signal the heightened
focus on the need for international insurer financial statement comparability.
The financial statements employed by different stakeholders use (in whole or in part) the
design concepts codified by various accounting standard setters (e.g., IASB, FASB etc.). The
design concepts used for different purposes (e.g., public versus supervisory reporting) may
differ.
One of the significant elements of insurer financial statements is the amount of insurance
obligations (e.g., also called insurance liability, reserves, technical provisions or other similar
terms). Due to the specialized nature of these obligations they are frequently subject to
accounting standards specific to their determination.
Their determination also requires specialized actuarial expertise. The work of actuaries is
governed by a professional code of conduct, standards of practice and continuing education
requirements. Their work is subject to a disciplinary process and in many cases, to peer
review. Actuaries are subject to actuarial standards in the determination of amounts related to
insurance obligations within a set of financial statements. These standards may be tailored to
the intended financial statement purpose (e.g. public versus supervisory reporting) or they
may be more general in nature.
The preparation of public insurer financial statements also involves auditing professionals
who are subject to their own set of professional standards.
While the various accounting standard setters are prominent in codifying the design concepts
to be used in financial statements for some purposes (e.g., public financial reporting), specific
stakeholders may require that the forms of financial statements prepared for their purposes be
subject to additional or different design concepts/requirements (e.g. for supervisory
reporting). Some examples of the various reporting purposes include:
Public reporting: For the larger insurance groups this will normally be on one of
the two globally used accounting bases, International Financial Reporting
Standards (IFRS) or US Generally Accepted Accounting Concepts (US GAAP).
The rules and concepts for these accounting bases are established by specific
accounting bodies, namely the International Accounting Standards Board (IASB)
for IFRS and the Financial Accounting Standards Board (FASB) for US GAAP.
Tax reporting: Accounts on which a company pays tax which will normally be
based on the location of the legal entity writing the business. Governments
14-4
frequently establish their own accounting basis for determining taxable income but
often these are simply adjustments to existing bases, such as US statutory, IFRS,
UK GAAP, Swiss FER, etc.
Supervisory reporting: Supervisory financial reporting provides the supervisor
with a clear view of the financial strength of the insurer. Not surprisingly, the
supervisors will focus on the statement of financial position form of the financial
statements. Due to this focus, the supervisor will often require that one or more
aspects of the financial statements be prepared on a more conservative basis than
public financial reporting. Frequently, it is the policyholder obligations which are
to be more conservatively valued by the actuary. In almost all jurisdictions
(Canada is one exception) the supervisory and public reporting are separate.
Supervisory reporting differs from jurisdiction to jurisdiction although with the
introduction of Solvency II in the European Union and the ICS by the IAIS, a
greater commonality across jurisdictions than is currently the case may be
anticipated. Important in the development of useful supervisory reporting is that
the design concepts they employ be consistent with (or integrated with) their
associated supervisory solvency reporting (e.g. capital requirements).
Solvency reporting. The purpose of solvency reporting is to explicitly measure the
financial strength of a company and its ability to meet policyholder obligations,
particularly in significantly stressed conditions. Typically, this reporting builds
from the statement of financial position and features a determination and
comparison of available versus required capital, a key measure of financial
strength. Increasing levels of supervisory attention, action and or intervention are
triggered as the financial strength of an insurer falls below insurer/supervisor
agreed upon levels. Increasingly, the design of solvency reporting is being
integrated with the design of overall supervisory reporting so that the two work
together as an integrated view of financial strength. Originally designed for
supervisory purposes only, such reporting is increasingly being used publicly by
insurers. Examples of solvency reporting include US RBC (risk based capital),
Solvency II for the European Union, the Swiss Solvency Test in Switzerland, C-
ROSS for China etc. In addition, Companies may internally look at their solvency
position under different measures such as the bases used by rating agencies or
using their own economic capital methodology.
Economic reporting: In addition, insurers may present a financial statement based
on economic concepts. This is particularly true for life companies as the
traditional accounting methods described above do not recognize the "hidden
value" of their in-force business. Many life companies publish a set of accounts
under Market Consistent Embedded Value (MCEV) concepts which are designed
to show market based economic values. Some companies produce economic
financial statements using their own economic accounting concepts.
14-5
3. Financial reporting principles
Financial reporting principles vary to meet the needs of its key users and stakeholders. In this
section the needs for public and supervisory (and solvency) reporting will be outlined along
with actuarial involvement with each.
I. Public reporting
For example, public reporting is subject to the standards set by an independent accounting
standards body. Two well recognized bodies include the International Accounting Standards
Board (IASB) and the Financial Accounting Standards Board (FASB).
On the other hand, the financial reporting design of both supervisory and solvency reporting
are driven by the needs of the relevant supervisors of the jurisdictions in which the insurer
operates. In setting their supervisory reporting requirements, some supervisors find the public
financial reporting standards (in whole or in part) useful as a reference point from which to
build their requirements.
The actuarial profession has been active and influential in the design of financial reporting for
insurers, both internationally through the IAA and locally in each jurisdiction through the
various member actuarial associations of the IAA. Within the IAA, the Insurance Accounting
Committee (IAC) and the Insurance Regulation Committee (IRC) are active in developing
actuarial views on financial reporting design. The IAC tends to focus on public reporting
while IRC focuses on supervisory and solvency reporting.
Some examples of the IAAs contributions to financial reporting design include,
A Global Framework for Insurer Solvency Assessment (2004)
Measurement of Liabilities for Insurance Contracts: Current Estimates and Risk
Margins (2009)
Development of International Actuarial Standards of Practice (ISAPs) for IFRS
reporting (ongoing)
Consultation and feedback to the IAIS on its proposals for an International Capital
Standard (ICS) (ongoing).
In building a public financial reporting framework, major accounting standard setters make
use of common concepts such as relevance, faithful presentation, comparability, verifiability,
timeliness, understandability etc., to provide a basic framework so that users of the financial
statements are not misled. In designing a financial reporting framework, stakeholders will
place greater importance on the concepts which are of greater relevance to them.
Both the IASB and FASB have been working to develop a conceptual framework for
financial reporting. For illustration (and brevity), this chapter references the Conceptual
Framework as published by the IASB1. Readers are encouraged to review FASBs own work
on the Conceptual Framework2.
1
Conceptual Framework for Financial Reporting, Exposure Draft, May 2015, IASB, www.ifrs.org
2
www.fasb.org
14-6
The application of the Conceptual Framework (CF) topics to insurance and insurers, either
for reporting income or inclusion of the value of insurance liabilities in the statement of
financial position, has long been a complex topic for all public (and supervisory as well)
financial statement standard setters. Consequently, some of these CF topics will be explored
further in this IAA Risk Book chapter due to their relevance to insurer financial reporting
including,
qualitative characteristics of useful financial information
role of financial statements
elements of financial statements
measurement.
A. Qualitative characteristics of useful financial information
The CF describes relevance (includes materiality) and faithful presentation as being
fundamental qualities for useful financial information. The latter quality refers to the need to
represent the economic substance not just the legal form of an accounting entry. In turn, this
invokes the need for completeness, neutrality and freedom from bias.
Further, the CF lists enhancing qualitative characteristics as including, comparability (i.e.,
between similar items and entities with similar items), verifiability, timeliness and
understandability.
The connection of some of these characteristics to the actuarys work may be summarized as
follows;
1. Relevance (including materiality) - The estimates prepared by the actuary (e.g.
technical provisions) should be used in the financial statements and be relevant to
the user of the financial statements. If the user is expecting a forward looking view
of the risks of the insurer then the actuarys assumptions should not be solely based
on past experience but also incorporate the impact of trends, loss development etc
beyond the valuation date and/or date of last experience. Relevance also requires
the actuary to consider whether the experience studies being considered are fully
relevant to the risks undertaken by their specific insurer. Materiality is a commonly
used term within accounting circles but it is also meaningful for actuaries in their
work as well to ensure that due care is afforded to estimates of risks which are of
significance to the insurer. Other associated terms may be proportionality (how
much work to employ in preparing an estimate) and risk-based (greater attention
paid to larger more impactful risks). Another chapter in this risk book explores the
similarities, differences and importance of these related terms.
2. Economic substance - This characteristic requires the actuary to consider all
aspects of the contracts being valued (i.e., technical provisions) including such
things as policy guarantees, policyholder behavior, policy options, contract
renewability, adjustability features etc.
3. Neutrality and freedom from bias (including verifiability) - Many actuarial
estimates (e.g., present value of future policy obligations) cannot be determined
14-7
with precision as considerable uncertainty surrounds some combination of the
probability, timing and amount of payments under each insurance contract.
Regardless, actuaries select methods according to their professional judgement and
expertise which are best suited to provide useful estimates of value. Frequently,
actuaries can inform users of the financial statements as to the expected value and
current estimate as well as additional information regarding uncertainty risk.
Freedom from bias and verifiability require that another actuary might reach
similar conclusions if armed with the same information about the risks. In addition
to adherence to actuarial standards, actuaries use peer review to ensure their work
is free from bias and can be verified by others. An extreme view of this
characteristic is that it can also be achieved by strictly mandating the methods and
assumptions to be used. This extreme view is not generally observed as its
adoption would be contrary to other characteristics of the CF.
B. Role of financial statements
The Conceptual Framework is based on the fundamental assumption that the entity will
continue as a going concern for the foreseeable future. Should this not be the case the
financial statements may need to be prepared on a different basis. The use of the going
concern assumption for insurer financial statements can be complex to implement by the
actuary. Typically, the going concern assumption entails the insurer continuing in business
but future new sales are not included in the financial statement estimates. This distinction can
be complex for the actuary to implement throughout their work. Some examples of the
actuarys considerations include,
Contractual renewal premiums will continue to be paid when due
Continued on-going management of the policies by the insurer is assumed (e.g.,
investment management, expense management, management of adjustable product
elements by the insurer etc.)
Policyholder behavior (e.g., lapses, surrenders) will continue consistent with the
going concern assumption
C. Elements of financial statements
Financial statements provide information about the financial effect of transactions and other
events by grouping them into various elements of the financial statements. Of particular
relevance to insurance is the definition of a liability, especially for an insurance contract.
Indicative of the difficulty in distinguishing between insurance and other sorts of financial
business, the IASB concluded in IFRS 4, Insurance Contracts that,
An insurance contract is a contract under which one party (the insurer) accepts
significant insurance type risk from another party (the policyholder) by agreeing to
compensate the policyholder if a specified uncertain future event (the insured event)
adversely affects the policyholder.
Other difficult elements within insurer financial statements relate to the definitions of income
and expenses, reporting the substance of contractual rights and obligations and the unit of
14-8
account. These elements have been subject to further elaboration by the IASB in IFRS 4,
Insurance Contracts.
The accounting bases of IFRS and US GAAP are focused on the emergence of profit and
attempt to show profit emerging over the duration of the underlying business. This is done by
either (i) locking in slightly conservative assumptions at contract inception such that no profit
at inception occurs but then emerges gradually over the duration of the underlying contracts
or by (ii) including risk type margins on top of best estimates which also avoids taking any
profit at contract inception and profits emerge as the risk margin reduces over the policy
term. In both cases actual experience which differs from the underlying assumptions will be
immediately reported as profit or loss. The determination of investment profits is rather
complex and there are various rules for how assets are valued. In certain instances, gains are
only recorded when they are actually realised but unrealised losses may go through the profit
and loss account once the value of an asset is considered to be permanently impaired.
D. Measurement
The CF describes two broad approaches to measuring value as being either historical cost or
current value. In turn, the latter category is considered to consist of fair value as well as value
in use (fulfilment value). This topic is likely the most challenging subject for insurance
obligations since historical cost and fair value are not viable measurement options. Current
thinking as contained in IFRS 4 is that some sort of fulfilment value determined by
discounting projected cash flows should be used. Such a value requires complex
consideration of prudence in assumptions, contract boundaries, inclusion of all options and
appropriate rates of discount to name but a few. Given the nature of the contingencies to
which insurance contracts are subject as well as the length of some types of contracts, the
value of insurance obligations is materially sensitive to the assumptions used.
Due to their expertise in this area, actuaries and actuarial standards bodies have been engaged
with accounting standard setters for many years on the best approaches to use for
measurement3. The CF reminds the preparers of financial statements that the measurement
approach chosen should meet the qualitative characteristics of relevance and faithful
representation.
The issues surrounding measurement are important for both public and supervisory reporting
although supervisors have a keen interest in adequate provision for risk and uncertainty. On
the other hand, prudence for public reporting is limited, assets and income are not overstated
and liabilities and expenses are not understated.4
This is best illustrated by considering the present value of future claims to be paid from
business already written. This value is normally not known with certainty but can be
estimated. In the case of life insurance, it is a question of estimating the number of future
deaths in each future period and the amounts that will be paid. For motor insurance it is the
claim amounts yet to be paid from events that have already occurred and again is a question
of estimating when the claims will be paid and for how much. With life insurance there is
normally a known policy amount whereas for motor insurance it will depend on the cost of
3
Measurement of Liabilities for Insurance Contracts: Current Estimates and Risk Margins, IAA 2009
4
IASB Conceptual Framework para 2.18
14-9
repairs at the time of settlement or the cost of providing long term care in the case where
there is a serious injury.
As these amounts are unknown they have to be estimated and this is usually done by using
past experience, current knowledge and allowing for any likely future trends. In the vast
majority of cases the evidence does not lead to a single definitive answer but rather a
plausible range of answers depending on one's view of the data considered and one's wish or
natural inclination to be optimistic or pessimistic. Hence there is usually a range of plausible
estimates and the different financial reporting bases lead companies to select estimates at
different positions in this range.
Within the range just described there is the concept of a "best estimate" or "current estimate"
which is the mean of the distribution of plausible estimates. The selection of the "current
estimate" is dependent on actuarial judgement. As such the current estimate choice will vary
depending upon the view of the actual person providing the estimate. However, the range of
answers should be within a plausible range and be able to withstand the scrutiny of peer
review.
II. Supervisory and solvency reporting
Insurance supervisors in each jurisdiction develop and maintain supervisory and solvency
reporting that meets their needs and authorities granted to them under their enabling
legislation. The combination of supervisory and solvency reporting is used in combination to
help the supervisor assess the financial strength of the insurer. Of course, the full range of
supervisory tools, including ORSA5, are available to support that assessment process.
The International Association of Insurance Supervisors (IAIS) maintains standards which
serve as a safe harbour for its member supervisory bodies. Only one of these Insurance Core
Principles (ICPs) relates to financial reporting for supervisory purposes (i.e., ICP 14,
Valuation). ICP 16, ERM for Solvency Purposes and ICP 17, Capital Adequacy focus on
supervisory expectations related to solvency. At the present time the IAIS is in the process of
developing an International Capital Standard (ICS) for internationally active insurance groups
(IAIGs).
Supervisory reporting by insurers typically includes a set of financial statements which meets
their needs. In almost all jurisdictions the design of this set of financial statements is
determined by the supervisor6. Supervisors also set capital requirements which when taken
together with the statement of financial position (supervisory reporting basis) provide the
supervisor with sufficient advance warning of insurer difficulty and help to ensure that
policyholders are protected at an appropriate level of confidence7.
Common valuation concepts sought by supervisors are included in the standards of ICP 14.
The first 3 standards relate to both assets and liabilities:
The valuation of assets and liabilities is undertaken on consistent bases
5
See Chapter 10 of the IAA Risk Book for more information on ORSA
6
Canada uses IFRS statements for supervisory purposes as well as public reporting
7
For additional background see the IAA publication, A global framework for insurer solvency assessment,
2004
14-10
The valuation of assets and liabilities is an economic valuation
An economic valuation of assets and liabilities reflects the risk-adjusted present
values of their cash flows
The remaining standards relate specifically to the technical provisions:
The valuation of technical provisions exceeds the Current estimate by a margin
(Margin over the Current estimate or MOCE).
The Current estimate reflects the expected present value of all relevant future cash
flows that arise in fulfilling insurance obligations, using unbiased, current
assumptions
The MOCE reflects the inherent uncertainty related to all relevant future cash
flows that arise in fulfilling insurance obligations over the full time horizon thereof
The valuation of technical provisions allows for the time value of money. The
supervisor establishes criteria for the determination of appropriate rates to be used
in the discounting of technical provisions.
The supervisor requires the valuation of technical provisions to make appropriate
allowance for embedded options and guarantees.
This requirement for the consistent treatment of the assets and liabilities is very important to
supervisors to help ensure that the capital position of the insurer is meaningfully determined
and matches the primary need of the supervisor to protect policyholders. This requirement for
valuation on consistent bases may be similar to the CF concept of comparability but the
IAIS standard is very clear.
The emphasis in supervisory and solvency reporting is on the ability of the insurer to be able
to meet policyholder obligations with a high degree of confidence and therefore tends to use
more conservative assumptions either in statement of financial position (for supervisory
purposes) or via the capital requirements, or in combination. This frequently results in a
higher level of conservatism in the statement of financial position for supervisory purposes
than for public reporting. In public reporting, actual performance over a period is usually
more important than financial strength.
While the IAIS standards represent a safe harbor for the supervisors in each jurisdiction,
and supervisory and solvency reporting requirements currently exhibit considerable variety
globally, there is growing supervisory momentum to supervise insurance groups more
effectively using more comparable methods.
As previously mentioned in this chapter, the actuarial profession has contributed and
continues to contribute to the needs of supervisors for supervisory financial reporting and
solvency reporting design. Beyond the contributions of the professional actuarial
associations, individual actuaries are active contributors through their roles as supervisors and
within the insurance industry itself.
A unique aspect of the combined supervisory and solvency reporting bases is that the total
balance sheet, including the solvency buffer must be sufficiently prudent, consider all risks in
the short and long term, and be balanced in terms of not being unduly conservative nor
14-11
offering arbitrage opportunities with other financial sectors. This concern for the tail of the
distribution, Black Swan scenarios and systemic risk provides most interesting challenges
and debate among and between actuaries and supervisors. Distinct from public financial
reporting, supervisory financial reporting tends to be more focused on the statement of
financial position than the statement of income. In addition, it tends to be more future focused
(i.e., use of realistic values) than some aspects of public reporting which may retain reference
to historical values.
Excellent techniques for assisting insurers and supervisors alike in understanding the strength
of their solvency position lie in stress testing8 and ORSA9. The complexities of insurance
group risks are the subject of another IAA Risk Book chapter10. A further challenge for
supervisory and solvency reporting is to appropriately recognize risks in the short term (say a
one-year time horizon as this is frequently regarded as a target horizon for supervisory action
in the event of severe insurer weakness) while retaining appropriate vigilance (i.e., not
ignoring or minimizing) over risks that may emerge in the medium to longer term. This last
topic is covered separately in other chapters of this Risk Book11.
III. Economic reporting
Economic reporting is still very much in a development stage. There are as yet no set of
independent standards and the accounts are generally subject to an entity's own decisions.
For economic reporting all future cash flows are valued using best estimate assumptions but
including a risk margin to allow for the uncertainty in the estimates. There is no restriction on
taking profits up front and value is created when business is written rather than over the
period when risk is actually covered. Assets are valued by reference to observable market
prices or estimated to the same standard where there is no such observable price. Economic
based accounts, where the emphasis is to produce a profit and loss statement together with a
balance sheet based on observable current market conditions, tend to use assumptions which
are best estimates and then allow for a separately identified risk margin or risk capital to
value the uncertainty around the best estimate assumptions.
Actuaries play a key role in the development of key values in economic reporting. They also
play a key role in helping insurer management and Boards understand the differences
between economic reporting capital levels and those required by supervisors. It is important
as well that the sensitivities of each approach to key risks be understood, compared, analyzed
and justified appropriately.
IV. Summary
In summary, supervisory financial statements are based on the theme of policyholder
protection while economic accounts are based on the theme of market value and economic
wealth generation. As a result, readers of these financial statements need to bear in mind that
supervisory financial statements tend to provide a conservative view of an insurer while
economic accounts may give a market type value but this comes with short term volatility in
8
IAA paper Stress Testing and Scenario Analysis 2013
9
Chapter 10 of this IAA Risk Book, ORSA
10
Chapter 8 of this IAA Risk Book, Addressing the consequences of groups
11
Chapters x and y of this IAA Risk Book
14-12
line with market volatility. Public financial reporting fit somewhere in the middle and do
somewhat dampen volatility as well as producing a more even emergence of profit.
4. Components of Financial Statements

The principal components of financial statements include a statement of financial position (or
balance sheet), an income statement, a cash flow statement and a series of disclosures giving
further or supplementary information.
I. Balance Sheet
The balance sheet is a financial assessment at a particular point in time of the value of assets
held by a company as well as the value of its liabilities. The difference in value between the
assets and liabilities is the capital/equity of the company.
A. Assets
For insurance accounting purposes assets are resources owned by a company which have
future economic value that can be measured and can be expressed as a monetary value in a
currency. The emphasis is on assets that can be reasonably measured in financial terms,
which therefore exclude some items that are valuable but cannot be easily or reliably
measured, such as the companys reputation, customer base, brands and management team. A
precise definition of an asset must exist in order for consistent identification and
measurement.
The main types of assets that are normally included on insurer balance sheets are investments
such as bonds, mortgages, property and equities. There are various methods prescribed for
determining the value of assets reported in the financial statements. The amortized cost
method for a bond increases or decreases the initial purchase price to the maturity value
rateably over time. It has no relationship to any subsequent market value. Market values
may be used for assets where there is a broad and liquid market based on actual prices for
recent transactions. If there is a thin and illiquid market, mathematical models may have to
be used to ascribe a reported value. Alternatively, values for comparable instruments may
provide input to determine a reported value.
Other types of assets are cash, premiums receivable from policyholders, other receivables,
reinsurance recoverables, deferred tax assets and deferred acquisition costs (DAC).
Deferred tax assets arise when liabilities exist that are not immediately deductible for the
calculation of taxable income, but eventually will be a tax deduction. When that occurs they
will lower the otherwise payable income tax.
DAC assets arise from the payment of acquisition expenses up front. Some accounting
systems allow deferring the recognition of those expenses until the related income is
recognized. For example, an insurer of long duration contracts may pay a large commission
up front, in anticipation of a long stream of renewal premiums. The DAC asset is set up when
the up-front commission is paid, and then expensed over time as the renewal premiums come
in.
Financial reporting under GAAP or IFRS may allow for intangible assets to be reported, such
as the Value of Inforce business which represents the present value of profits on existing
14-13
business. Many of these intangible assets are only recognized as a result of an acquisition,
when the unrecognized intangibles of an acquired business are required to be recognized and
measured at their estimated market value (i.e., fair value)
In a company or portfolio purchase situation, goodwill may also appear as an asset. The
original goodwill is the excess of the amount paid over the estimated fair value of the net
assets of the company or portfolio. This most often represents the value of business yet to be
written.
In an economic framework the assets are valued at market value where there is an available
market price. Where there is no readily available price, including incoming insurance related
cash flows then the values are estimated. The economic balance sheet may, or may not,
include a value for future new business yet to be written.
B. Liabilities
Liabilities are debts or obligations that arise during the course of business. In a financial
accounting sense, liabilities are the future sacrifices of economic benefits that the entity is
obliged to make to others as a result of past transactions or events, the settlement of which
may result in the transfer or use of assets or provision of services at specified dates or in the
determinable future. Some liabilities, such as the amount owed under a loan, are known
amounts. For insurers, most liabilities are not known but are estimates.
The main types of liabilities that are included on the balance sheet of an insurer are:
The liability for already incurred but unpaid claims. These liabilities generally include the
costs of adjusting and settling these unpaid claims. This includes the liability for claims that
have already been reported, and those incurred but not yet reported
Liability for claims incurred beyond the reporting date which relates to future exposure on
policies already written.
1. For non-life companies, the liability is generally the proportion of premium yet to
be earned, ie for a policy written July 1 for twelve months this will be 50% as at
year-end.
2. For life companies, the largest liability on the balance sheet will be the
consideration for claims to be incurred in the future. This reserve can be thought
of as the present value of future claims minus the present value of future
premiums. (In some accounting regimes the value of future premiums is reported
on the asset side of the balance sheet rather than a deduction from the present value
of claims)
a. The types of future benefits and types of decrement/incident rates to be
considered are normally prescribed by the accounting basis.
b. The premium deducted may be either a net premium which provides for
only the coverages specified by the accounting basis or a gross premium.
c. The assumptions used in the calculations may be prescribed by the accounting
basis; alternatively, the accounting basis may leave the choice of assumptions
14-14
up to the actuary but often with some guidance on how prudent they should
be.
d. Assumptions may be locked in at policy inception or revised over the policy
duration as experience emerges which indicates that the initial assumptions are
no longer appropriate. Assumptions are based on the actuarys or
managements current best estimate with or without a provision for adverse
deviation.
e. If assumptions are locked in, the accounting basis usually calls for verification
that the liability remains adequate. In US GAAP, this is called loss
recognition. In US statutory, this is called asset adequacy analysis or cash
flow testing. Most other jurisdictions adopt a principles based approach to the
setting of assumptions with regular reassessment.
Liabilities may or may not contain a margin for future experience adverse to the assumptions
used to generate the basic liability (sometimes called a risk margin or margin for adverse
deviation). If such a margin exists, it may be implicit or explicit. Implicit margins occur
when the underlying assumptions, e.g., mortality or lapse are set conservatively. Examples of
where margin are set explicitly are economic balance sheets which normally include a
specific risk margin as part of the liabilities. This is true for a Solvency 2 balance sheet and is
also the direction that IFRS is taking. Swiss Solvency test uses a concept called market value
margin which is similar to risk margin but calculated differently.
Other liabilities included on the balance sheet would include accounts payable, taxes owed,
deferred taxes12 and any debt incurred by the reporting entity.
The following graph illustrates the variation in liability that different accounting bases can
produce for long duration contracts. The underlying product is a twenty year (two
consecutive ten-year level premium periods) term insurance policy, which pays out the sum
assured on the death of the policyholder. The accounting bases are US statutory, US GAAP,
Canadian (CALM), IFRS and Solvency II. The item displayed is the total reported liability
(net of Deferred Acquisition Costs (DAC) where applicable). While not all readers will be
familiar with the nature of two ten-year products appended into one, the resulting disparity
between accounting bases would also exist for a level premium twenty-year product.
The US statutory is an example of a supervisory reporting accounting regime; it establishes
the largest initial liability. The US GAAP and IFRS are public reporting accounting regimes;
its smaller initial reserves enable a more uniform reporting of earnings. The CALM and
Solvency II are more economic bases and display the lowest initial reserves.
12
For example, the insurer may own publicly traded common stock that has appreciated since first purchased.
When or if sold, a related tax payment would be due on the realized gain. That future tax liability is called a
Deferred Tax Liability.
14-15
Source: Earnings Emergence: Insurance Accounting under Multiple Financial Reporting
Bases. 2015 Society of Actuaries. Reproduced with permission.
Differences between the different accounting bases are less pronounced for Property and
Casualty business. The common theme across all bases is the current estimate of the future
claims to be paid. Some bases allow for the discounting of the expected future claim
payments whilst others do not and some bases require a level of prudency in the estimates
either by increasing actual estimates or by selecting a certain percentile from the distribution
of expected future claims. Where best estimates liabilities are discounted an explicit risk
margin will be included.
C. Capital
Capital is the difference between reported assets and reported liabilities and is usually the
term used in regulatory accounting. Other accounting bases will refer to this concept as
surplus, equity, economic net worth, retained earnings, owners equity, own funds or net
assets.
Capital is a major topic and hence forms its own chapter within the IAA risk book. No further
comment is made here except to outline a particular point with regard to some regulatory
financial statements. Under supervisory reporting in certain countries, there are two types of
financial statements, firstly one set financial statements prepared on a conservative basis such
that there is a good likelihood that the policyholder obligations over the whole contract term
will be met with reasonable expectations without the need to resource new capital. Secondly
a solvency statement where assets and liabilities are valued on an economic basis using
current market assumptions with the resultant capital able to withstand a very severe event
(such as a one in two hundred-year event) in the following 12 months without needing to
raise more capital in order to remain solvent. It is important that companies manage to both
sets of regulatory financial statements.
14-16
II. Income Statement
The income statement measures performance during the period for which the accounts are
being presented. It comprises inflows (revenue), outflows (expense) and the difference,
profit. Profit is often differentiated into regular and other or "one-off" items.
Another way of looking at an income statement is that it is essentially what takes one from
the balance sheet at the start of the accounting period to the balance sheet at the end of the
accounting period. This is rather a simplistic view as not all the changes between the two
balance sheets will necessarily be included as income - this depends upon the rules of the
accounting bases being used. Examples would include changes in unrealized gains or the
impact of movements in foreign currencies. As a result, there can be a distinction between the
income which can be counted as profit and that of total or comprehensive income which
would include all items.
A statement of cash flows provides a view of sources and uses of cash. It serves as a
reconciliation of opening and closing cash balances.
A. Revenue
Revenue is the compensation for products sold or services provided. This distinguishes
revenue from deposits, such as bank deposits[1], which must be returned and borrowings
where cash is also received but must be paid back with interest. This simple description is
difficult to implement for any product or service where the delivery of the product or service
(such as insurance risk coverage) is spread out over several accounting periods.
A major consideration of any accounting paradigm is the timing of revenue recognition, i.e.,
when should revenue be recognized in a financial statement. The simplest approach may be
to recognize or record revenue when the cash is received, which is commonly the basis for
recognizing premium revenue for traditional life insurance products. Another approach may
be to recognize premium revenue over the period where the service is performed or the
product is transferred, which is a common accounting approach for short duration general
insurance[2] and for Universal Life style life insurance products. Either approach may be
complicated by the existence of asset accruals (such as for amounts due but not yet received),
or various estimates (such as for possible audit adjustments for certain insurance products
sold to businesses).
The main items normally included as revenues are:
Premiums: Premium revenue may be reduced by amounts ceded to reinsurers.
Alternatively, the accounting system may treat ceded reinsurance premiums as an expense.
Investment income: This sometimes includes realized capital gains and losses and may or
may not be net of expenses.
[1]
Contracts that fail to meet risk transfer rules may also be labeled as deposits.
[2]
Under this approach many insurers also report an item called written premium, which represents the
amount of insurance premiums sold during the period, whether or not it has been earned yet via the provision
of services during the period. Written premium that is not earned during the period is deferred through the
establishment of an unearned premium liability.
14-17
Fee income: This can include membership fees and various service fees (such as for
investment services for life insurance/annuities or risk inspections for various general
insurance products sold to businesses).
B. Expense
The expense component of the income statement in its simplest form is cash outflow (items
such as operating expenses, claims, taxes, dividends) plus/minus the increase/decrease in
liability accruals. An expense may be recognized when an obligation is created, even if the
cash flow occurs later. The elements of expense must correlate to the definition used for its
revenue counterparts.
The main items normally considered as expense in the income statement are:
Claims and claim adjustment expenses. This includes both claims paid and changes
in claim reserves.
Life and health policy benefits. This also includes benefits which are paid and
changes in reserves.
Return (revenue) credited to policyholders (for unit linked and participating
business)
Acquisition costs
Other underwriting expenses
Other (non-underwriting) expenses
(Where premium is recognized as revenue up front, such as for long duration
contracts) the increase in liabilities established for any type of future claim
Income taxes, though they are contingent on the above-mentioned revenues and
expenses.
An economic valuation would also include changes to risk margins.
C. Profit
The difference between revenues and expenses has several names: profit, net income,
earnings, comprehensive income and others. Before profit can inure to its ultimate
destination of retained earnings (capital), consideration needs to be made for shareholder
dividends, capital contributions, taxes incurred, unrealized capital gains or losses and effects
of change in accounting. These net earnings are the primary reconciling item between prior
year and current year capital.
The following graph shows the emergence of earnings for the same term life insurance policy
illustrated previously under the five different accounting bases: US Statutory, US GAAP,
Canadian CALM, IFRS and Solvency II:
14-18
Source: Earnings Emergence: Insurance Accounting under Multiple Financial Reporting
Bases. 2015 Society of Actuaries. Reproduced with permission.
It can be seen that different accounting bases can produce very different earnings results for
the same product and experience. An economic basis of accounting will realize all profits on
day one (except for any risk margin that is reflected); an accounting basis with prudent
assumptions will defer most of the profits to later periods. Shareholder accounting reveals a
more level expected emergence of earnings.
On Property and Casualty business there is much less difference between the different bases
but the same concepts apply, i.e., under economic reporting profits emerge sooner than under
the shareholding and statutory accounting bases.
Financial statements are interpreted by different users in different ways, depending on their
interests. Owners, shareholders, and potential buyers look at different profitability metrics to
assess how well the Company is performing:
Return on Equity (ROE) is a common measure and is generally defined as the profit/loss
during the period divided by the average equity (capital) for the period. This return can then
be compared to those of other companies and to other types of investment. Earnings per share
(EPS) is another commonly used metric for quoted companies and here the growth from
period to period is the most important consideration. For those companies reporting economic
figures then Economic Net Growth is a key measure as it shows how the company is adding
to its value on an economic basis. Such a method needs to satisfactorily allow for outflows
from the company, such as dividend payments.
Distributable earnings are the projected amounts that can be paid as a dividend by the entity,
taking into account regulatory limits on shareholder dividends.
Regulators and rating agencies (for financial strength ratings) are usually focused on the
insurers ability to pay its claims through good and bad business cycles. Their analyses
14-19
include the use of risk based capital or other solvency ratios that compare the insurers capital
to estimates of adverse scenarios and/or to regulatory requirements.
Regulators and rating agencies also look at earnings/profit to show that the company has a
viable business and to act as a cushion against future adverse events.
III. Disclosures
Disclosures provide users of financial statements with additional information regarding a
companys operations. Disclosures may be mandatory or voluntary; they may be footnotes,
texts or exhibits. Disclosures typically include statements of accounting policy,
organizational overview, information on board and senior management including their
remuneration, areas of significant uncertainty, critical accounting estimates and changes in
accounting among others. The disclosures may be subject to audit.
Disclosures should assist investors, lenders, creditors, regulators and others in understanding
the basis and context of the financial data and in assessing both historical performance and
future prospects. Due to the choices made in the accounting bases coupled with the
complexity of insurance these disclosures are essential to provide a more complete
understanding of the company's performance.
5. Insurance-Specific Challenges to Creating and Interpreting Financial Statements

The previous sections have described the main types of financial statements produced by
insurance companies as well as going into more detail on the actual items of a balance sheet
and income statement. This section highlights the major considerations for preparing and
interpreting insurance company financial statements.
Interpreting the financial statements is a challenge and this can even be so for readers who are
familiar with the insurance industry. A detailed understanding of the basis on which a set of
statements is produced is necessary. The following is a list of some the major challenges:
1. The largest liability for most insurers is the insurance contract liability. This is
normally an estimate, or series of estimates, based on actuarial analyses for which
there may be a range of plausible and hence acceptable numbers. Often actuaries
must use significant judgment in their analyses and production of these liabilities.
These actuarial estimates are often a critical element of the profit or loss which is
recorded in the income statement.
2. Many long-duration insurance products, particularly those with investment
components, are inherently complex; the accounting rules and concepts follow suit.
Understanding the accounting entries related to these products also requires a good
understanding of the associated accounting rules.
3. Accounting guidance provides rules, concepts, or sometimes both. There will be
variations in interpretation of the same rules or concepts from one company to the
next. This is mainly an issue for longer duration products.
4. Insurers may access funds by issuing capital instruments that have provisions
stating that repayment is not mandatory until all policyholder obligations have
been extinguished or, in other cases, until payments are approved by the regulator.
14-20
These obligations (sometimes called surplus notes) may not be explicitly
identified as a liability and thus are represented in capital. Capital Tiering has
evolved to identify amounts of capital that are totally unencumbered. Capital
Tiering may also requalify the nature of the asset held.
5. For general insurance, the recorded claim liability is generally the result of a
selection from a given a range of estimates using multiple methods of valuation,
with the responsibility for the final selection in the hands of senior management
and not necessarily an actuary (although there generally is a requirement for an
actuary to opine on whether managements selection is reasonable). For life
insurance the methods are fairly standard and it is the assumptions underlying the
methods that are subject to intense consideration, but with the final determination
typically the responsibility of an actuary.
6. Given the amount of discretion and judgement involved in the production of the
financial statements, particularly in respect of reserves for contract liability there is
a danger that management incentives can impact the ultimate decisions. Companies
need to have good governance in place and controls in place to avoid undue bias.
Good governance and controls will help in avoiding situations of under or over
reserving because of other influences on either the company or the senior
management. Examples are where a lower estimate of liabilities would result in i)
higher immediate earnings leading to higher employee bonuses and a more
favorable view of the company than is justified, ii) creating a higher surplus which
supports more growth capacity or less need for capital and iii) an unwillingness to
admit mistakes in pricing or underwriting.
7. There is increased uncertainty for general insurance claim estimates as the claim
environment continuously changes and evolves as regulation and court rulings
develop. New claim types may also emerge over time (e.g., repair of green
buildings, over-prescription of pain-killers, asbestos).
8. The insurance company financial statements reflect the use of counterparties, such
as reinsurers and providers of hedges, which may be an important element of
reported revenues and liabilities. Thus the financial statement reflects not only the
interactions between the insurer and its policyholders, but between the insurer and
its counterparties.
9. The actuary must be able to measure experience and detect shifts in order to
establish assumptions appropriate for the current period. Different actuaries can
have legitimately different viewpoints on whether an observation or event is a one-
time event or is establishing a shift in expectations.
10. The ability to predict earnings and capital or to meet earnings and capital
predictions is significantly impacted by the use of assumptions. There is a natural
lag for reflecting experience, as the implication of recent events is not always
immediately apparent. Thus, a part of earnings is the impact of changes in
assumptions and delayed recognition of shifts and trends.
14-21
To summarize, actuaries play an important part in the preparation of financial statements for
insurers. Measurable quantities, including cash items and market values of assets and certain
liabilities are traditionally within the domain of accountants. Items based on estimates of
future events, including policy reserves, future premiums or income streams for purposes of
amortizing intangibles are often the responsibility of actuaries or have heavy actuarial
involvement.
Actuarial organizations around the world promulgate actuarial standards of practice (ASOPs)
to guide actuaries in the various aspects of their participation in the financial reporting
process.
Bibliography
The reader will find more background on financial statements and accounting from these
sources:
Accounting Practices and Procedures Manual, National Association of Insurance

Commissioners
CICA Handbook, Canadian Institute of Chartered Accountants, Toronto, ON, The Institute
U.S. GAAP for Life Insurers, Herget, T. (Ed.), et al, 2nd Edition, 2006, Society of Actuaries
The Reckoning: Financial Accountability and the Making and Breaking of Nations, Jacob
Soll
Double Entry: How the Merchants of Venice shaped the Modern World, Jane Gleeson-White
Michael Eves, FIA, Actuary SAA, UK qualified actuary, member of SAV, is the group chief
actuary of Swiss Re. He is chairman of the Reinsurance Subcommittee of the International
Actuarial Association (IAA).
Tom Herget, FSA, MAAA, CERA is a retired actuary who has served the life industry in an
actuarial software firm and advisory capacity. He is a frequent author and speaker on
financial reporting topics.
Francis de Regnaucourt, FSA, FCIA, MAAA, CERA, CFA is Director, Actuarial Services,
KPMG LLP in the US. He has over 35 years of industry experience in consulting.
Stuart Wason, FSA, FCIA, MAAA, CERA, Hon FIA is a retired actuary who has served the
insurance industry via roles in companies, a major consultancy and with Canadas federal
insurance regulator.
14-22
IAA Risk Book
Chapter 15 Governance of Models
Trevor Howes
Godfrey Perrott
Sheldon Selby
David Sherwood
1. Overview
Models have become increasingly important for the financial reporting, management, and
regulation of insurance enterprises and for their effective risk management. This chapter
explores the meaning and function of model governance as it relates to insurance enterprises;
and describe the fundamental concepts behind, and main components of, effective model risk
management and model governance.
Model governance is essential to all who rely on the information produced by models,
directly or indirectly, either to carry out their function or because they are concerned with the
continuing health and solvency of the entity being modeled (such as management, boards,
and regulators of insurance enterprises and pension funds).
1. Models are critical to the financial and risk management of insurance enterprises.
This requires a governance structure to manage their limitations and weaknesses so
that the results of the model can be relied upon by its users.
2. Model governance is an ongoing process, not an end point.
3. The nature of insurance risks and their level of complexity must be specifically
considered both in the design and application of the model risk management
policy, and in designing appropriate model governance.
4. Actuaries and other modeling professionals serve a vital role in governance of
insurer financial models,
This chapter touches on several key elements of model risk and model governance. There is
a large and growing library of material developed by a variety of interested parties which
provides more detailed information and guidance. The bibliography at the end of this chapter
provides a selected set of references for readers who wish to expand their knowledge of
model risk and model governance.
2. Definitions
The terms model, model governance and model risk mean different things to different
people. In this paper they have the following meanings which are consistent with the
definitions adopted in emerging actuarial standards of practice:
IAA on 9 September 2016
Model a practical representation of relationships among entities or events using
statistical, financial, economic, or mathematical concepts. A model uses assumptions, data,
and algorithms that simplify a more complex system, and produces results that are
intended to provide useful information on that system.
Model governance - a comprehensive set of principles, roles, responsibilities and

processes that provide comfort to the intended users of the model results that model risk is
understood and being effectively managed.
Model risk - the risk of adverse consequences from reliance on a model which is flawed
or misused.
3. Background
Models are used extensively within insurance enterprises for critical purposes, including
pricing, financial reporting, risk analysis and capital assessment, planning, and general
decision making. Some insurer models are simple in their construct and purpose, but some
insurer models have evolved from simple spreadsheets to complex systems designed,
maintained and operated by many professionals, including actuaries, accountants,
economists, statisticians and software engineers.
As the business and external environment evolves, models must be continually refined and
improved so they continue to meet the needs of management and external stakeholders.
This reliance on models also brings exposure to model risk and thus management of model
risk is a critical issue. Insurance enterprises and their governing bodies need a proportionate
and effective system of governance over such models to ensure that results from the use of
models can be relied upon for their purposes on an ongoing basis.
Historically, within insurance companies the actuary was considered as the model expert and
users assumed that the results of the actuaries models could be relied on. But in todays
environment, there is a need to demonstrate formally to boards, rating agencies and other
users that model risk is being actively managed throughout the insurance company.
Actuaries have recognized a professional obligation to consider, manage and disclose model
risk where appropriate in the models they use and to work collaboratively with other
professionals as models get more complex and their value, scope and use increases.
4. Introduction to Models and Model Risk

Models are pervasive and critical to financial institutions in general and insurance entities in
particular. What is a model? A model is defined as a practical representation of relationships
among entities or events. While the conceptual aspect of models is fundamental to their
selection and use, models are used to simplify, and in some cases enable simulation of,
complicated real-life systems. This simulation may be enabled through complex software
and multiple component computer-based systems that attempt to accurately reflect the
conceptual definition and provide answers to difficult questions. The twin aspects of models
15-2
- conceptual representations vs. system based tools - must be understood whenever the word
model is used in this chapter.
In insurance enterprises, many different models may be needed according to the system
which the model is attempting to represent and the function of the model:
1. Some models address a specific risk, insurance feature or assumption, or
environmental element impacting the business. For example, a model may be
needed to simulate future patterns of gains and losses from a given insured risk, or
economic variable such as interest rates.
2. Other models, including financial models, attempt to simulate the financial
operation of some portion of the business itself at various levels from a single
policy contract or invested asset up to the entire insurance entity. Financial models
thus tend to incorporate and aggregate a number of component risk models and
other financial models as sub-models. Risk management actions should address
both relevant sub-models, and the models themselves, in a proportionate way.
Model risk arises from reliance on model outputs in situations where the model is flawed, or
is used inappropriately. Consequences can include material misstatements, poor business
decisions and failure to seize opportunity or prepare for adversity, with all the financial and
reputational implications that may arise. Sources of model risk include:
use of inappropriate model parameters;
bad data;
data manipulation errors;
inappropriate assumptions;
flawed or inappropriate methodology;
calculation errors in the model;
failure to present the model results clearly including their uncertainty; and
user error in the choice or operation of the model. An important type of user error
is the use of a model beyond its limitations, whether these limitations may have
been known but ignored, or not fully appreciated. An example of this is relying on
model results dependant on extreme tail events where the model parameterization
may be based on assumed distributions rather than observed data.1
While there are many excellent references available addressing model risk and its
management in general, the nature and characteristics of insurance models justify a careful
and appropriate application of model risk management theory within an insurance enterprise
that appropriately reflects both the models themselves and the resources available to manage
the models and their risks.
A useful description of models is found in the guidance issued by the Federal Reserve Board
to banks (refer to bibliography reference SR 11-7):
1
See for example Black Swans or The plight of the fortune tellers listed in Bibliography
15-3
All models consist of three components: an information input component, which
delivers assumptions and data to the model; a processing component, which
transforms inputs into estimates; and a reporting component, which translates the
estimates into useful business information. In practice the various model components
may be implemented through a single platform or a complex system of connected
processes.
This observation is especially relevant to financial models of insurance enterprises, where the
selection and manipulation of source data, both for purposes of creating assumptions and for
actual model input, may require extensive, detailed and frequently updated processes. These
can include independent systems and computing platforms and can rely on manual
interventions and judgement of modellers. Similarly, the presentation of meaningful results
from more complex models usually requires further analysis and rearrangement to produce
useful information. Accordingly, model risk should be considered throughout the entire
scope of a model including the assumption development, data extract and transformation and
report generation processes.
There are three different aspects of models which may contribute independently and in
combination to model risk: (1) specification, (2) implementation, and (3) one or more
model runs.
The model specification is the full conceptual description of the input, processing and output
components of a model as described above and the interrelationship of those components
with each other and with other models. (A model may provide input to, or use the output
from, other models.) The interrelationships between components will include methods,
algorithms, and data transformations that in total produce outputs from the inputs. Output
specifications will detail the granularity and format of the information available from the
model processing that can be used to produce reports of the results of the model.
Specifications should be documented:
1. to provide an accessible picture of the capabilities and weaknesses, limitations, and
intended purpose of the model, and
2. to allow an informed assessment of the potential fitness of the model for actual use
for a specific purpose.
The implementation of a model is the creation of a working system or process based on the
specifications. The implementation must accept, store and process input data, execute the
processing methods and algorithms to generate more information up to the maximum time
horizon of the model, and produce the output data in the specified forms and formats. The
implementation could involve one or more computer programs, spreadsheets and databases,
and may require a specific technology infrastructure to support its operation.
Model implementations therefore rely on technical expertise and skill to accurately reflect the
approved model specifications and to fulfill the models intended purpose. That expertise
may be applied, where appropriate, to design a system that accepts, manages and processes
large volumes of input data, and potentially even larger volumes of results being generated
while supporting the necessary validation work to prove its quality.
15-4
A model run consists of the execution of the model using a set of data together with
assumptions. The assumptions should be appropriate to those data, and to the date and
circumstances of the run. The model run will also probably be controlled by model run
parameters that allow flexibility as to specific assumption, processing and output choices for
the given run.
A model that is run repeatedly over time will almost certainly involve new input data and
changes in the assumptions and parameters input to reflect the ongoing changes in the
liability portfolio of the enterprise, the external environment and new management demands
for information. This requires additional control steps to verify that the model
implementation retains its integrity.
Finally, insurance models, and particularly the complex computer systems that may result
from their implementation, may be sourced and/or maintained either internally or from
external third parties which will impact the ways in which model risk can be investigated,
documented and mitigated, but does not necessarily change the fundamental nature and
extent of that risk.
The nature of insurance models, including the components, levels, sources, and uses
described above, need to be considered in the design and application of the overall model risk
management policy and in the model governance that is most appropriate taking into account
the materiality and complexity of what is being modelled.
5. Model Governance
Model governance is a critical oversight function. It provides a framework through which an
insurer can effectively oversee the development, implementation, maintenance, enhancement,
use and retirement of models, understand model risk throughout this model lifecycle and
provide those who use the results of the model with the confirmation of fitness and quality
needed. Model governance provides structure, authority and direction for the needed model
risk management. A well-designed and operating governance framework provides comfort to
users that model output can be relied upon for an intended purpose and highlights its
limitations.
An effective model governance framework will include three essential components: A model
governance owner, a model governance structure, and a model governance policy.
A. Model Governance Owner
The documentation of the model governance owner identifies roles and responsibilities. It
outlines who will own model governance activities and where they will sit in the
organization; it should be clear on expertise required, authority, reporting lines, and
continuity.
B. Model Governance Structure
The model governance structure refers to the specific duties of the board and/or senior
management, its various committees and management forums that oversee the management
of model risk within an organization. The model governance structure should be reflective of
the organizational structure and business activities. This should include roles and
15-5
responsibilities of the board and/or senior management, committees and working groups, and
the reporting processes between each of them.
C. Model Governance Policy
The model governance policy sets forth the guiding principles for the various governance
activities that apply to models and related systems and processes. The model governance
policy defines roles and responsibilities for the execution of model governance, and
establishes conditions on the use of newly developed or modified models and required
actions and limitations on model use when those conditions have not been met.
The model governance policy may also outline and mandate the organizations use of
important risk management tools such as inventories of all models used in important
processes (e.g. financial statement preparation) and may direct that a proportionate process of
model validation be performed. However, these important tools are typically not specified in
detail within the governance policy but rather within the model risk management function
itself.
It is important to differentiate model governance from model management. Model
governance consists of ensuring the necessary processes are in place so that model risk
throughout the insurance entity can be understood and appropriately managed. Model
management is the day to day operational activities of creating, implementing, adapting and
using models throughout their lifetime, all with an appropriate strategy of comprehensive
controls, including for example, reviewing error logs, reconciling results, and reasonability
checks applied to model output before the results of the model are passed on.
Of primary importance, therefore, will be the development and application by the company
management of a comprehensive process of model management that appropriately reflects
and addresses model risk from the ground up, and ensures robust model development,
implementation, modification and use.
6. Model Inventory
A critical tool in model governance is the model inventory, which should provide a clear,
consolidated and accessible record of all models that are relied on by the company, with
information as to their type and significance, their risk rating within the company, the status
of validation exercises recently performed and identification of any outstanding deficiencies
that need to be understood and mitigated where possible. The model inventory should
capture and reveal the current level of success in addressing model risk throughout the
organization.
Refer to the Appendix for additional comment about the design and contents of the model
inventory.
The overall governance process should also define who has authority to update the model
inventory. The model inventory file itself, should have sufficient audit controls attached to
permit audits to ensure that the model inventory updates and maintenance has complied with
model governance policy. Properly developed and updated, the model inventory can provide
useful model risk exposure data on an enterprise wide basis in a consistent manner.
15-6
7. Model Validation
Model validation is the process of reviewing and examining all aspects of a model in order to
confirm that the model is fit for its purpose. As such validation is probably the single most
important tool in the mitigation of model risk. Model governance does not define the
approach to model validation. It is vitally concerned with the ongoing assessment of its
effectiveness.
Model validation must focus on all stages of a models life cycle, including the validation of
the conceptual specifications behind the model, the implementation of those specifications
and the ongoing modification and operation of that model implementation to produce actual
model runs. This is necessary to confirm:
1. the appropriateness of the models theoretical design for its intended purpose, and
2. the accurate translation of that design in the working model.
These two separate objectives of model validation are equally important and are relatively
independent. In some instances, the confirmation of the accurate implementation of a model
is referred to as model verification to distinguish it from conceptual validation. In addressing
the conceptual validation, it is important to understand any weaknesses and limitations in the
model so as to insure that conclusions drawn from the model results are properly informed.
These two facets of model construction must further be examined in all of the components of
the model: the input data and assumptions, the calculation engine, and the output and
reporting of model results.
As insurance models are dynamic and must be updated to be repeatedly used, validation must
be an effective combination of initial model validation along with periodic reviews and
reconfirmations of continued fitness. Model validation must thus be viewed from the start as
a continual and ongoing process, and not merely a part of implementation that may be
occasionally revisited. This is particularly true where simple models are used for complex
risks. A subtle change in the risk might render the simple model inappropriate.
Effective model validation depends on independence from the process of model development
and modification in a variety of ways. For example, the people who perform validation tests
should typically be different people from those who created, selected, developed and
maintain the model in order to provide an effective and objective test of all aspects of the
model. Verification of model calculations and results are most usefully achieved by use of a
fully independent model run in parallel, or if this is not practical by performing independent
calculations on isolated elements of the full model. While it may not be practical to use fully
independent external resources, it is important to assure independence of ownership and of
financial interest in order to fully benefit from independent objectivity.
As noted above, where possible, validation should be done by an independent team. This can
be a challenge for a complex insurance model requiring many person hours of development
and possibly incorporating numerous sub-models. Proper validation requires expertise in all
facets of the model (understanding the business written by the insurer over a long period, the
market forces impacting on the insurer, and the model framework and technology used for its
15-7
implementation) which may only be found within the insurance company itself. However,
the judicious use of:
an independent team who designs and oversees the validation process while the
actual testing is done by people who are not independent;
independent employees or advisers conducting thorough reviews of calculation
accuracy and reasonableness of results, or
external experts examining the documented internal reviews
can still provide sufficient comfort without compromising the independence principle. The
goal of validation is to demonstrate to the stakeholders that the results of the model can be
relied upon (subject to identified and disclosed limitations). Use of external or vendor
models may bring additional challenges pertaining to validation since critical model elements
including conceptual design, software coding and/or assumptions may be inaccessible to the
users. Therefore, other approaches are needed to ensure that the results are fit for purpose.
ASOP 38 (see Bibliography) addresses this issue for P&C cat models, but the concepts may
have wider application.
Good model validation enhances the transparency of the models uses and limitations for all
those who may rely on, or be affected by, the results of the model. A sole focus on validating
the correctness of numerical results will miss the most valuable part of this exercise.
8. Summary and Conclusions

Model governance and the management of model risk are critical considerations within the
insurance industry. A formal governance structure is necessary to mitigate both operational
risk and reputation risk which might arise from financial misstatements, or inappropriate
reliance on model results for both strategic and operational decisions. The financial crisis of
2008 intensely focused regulators and shareholders attention on inappropriate model
reliance and the need for more formal governance and validation practices.
Model governance is both complex and broad. It should be proportional to the potential risks
of the models. It has to address models (many of them highly-sophisticated) that support
internal capital, reserve, valuation, and design and pricing of insurance contracts. Its scope
extends beyond the realm of purely actuarial models to enterprise models such as asset
allocation models and general financial models used by insurers.
The level of complexity of insurance models used, including all the components, levels,
sources, and uses described above, should be considered both in the design and application of
the overall model risk management policy, and in the model governance that is most
appropriate.
As the discipline of model governance and model risk management matures and is further
codified, we can expect a further tightening of both the language and the expectations
concerning the approach to the subject. It is incumbent upon insurers to keep abreast of
developments and update frameworks and processes accordingly.
15-8
Trevor Howes, FCIA, FSA, MAAA is Vice President & Actuary at GGY, a Moodys
Analytics company. He has over 40 years combined experience working in the Canadian
Life Insurance industry and at GGY which serves the life insurance industry around the
globe.
Godfrey Perrott, FSA, MAAA, is retired. He was a principal at Milliman in its Boston,
London, and Philadelphia offices. His primary area of practice is life insurance financial
reporting.
Sheldon Selby, FSA, FCIA is an actuary working with the Canadian Regulator. He has over
25 years combined regulatory experience in insurance supervision and review of regulatory
capital models.
David Sherwood, ASIP (and member of the CFA) is a Senior Manager at Deloitte & Touche
LLP. He has over 20 years industry experience as a regulator, consultant and commercially
working in both in the United Kingdom and United States.
15-9
Appendix Model Inventory
The risk management significance of a given model will be driven by a risk rating approach
that will generally utilize a combination of materiality, complexity, and stability to assign a
model risk rating. The risk rating in turn will trigger various levels of control procedures and
determine the priority and frequency of validation and re-validation. The model inventory
should support a regular reporting and review of the status of model risk management within
the company.
The level of complexity and sophistication of the model inventory will depend upon the
needs of the users, the number of and complexity of the models and their significance to the
management of the enterprise. The inventory can include:
model name and general description of function
model risk rating
model owner and purposes for which the model is approved for use
individuals with the authorization to change the model
reference to completed audit/peer review/technical reports and status of findings
summary of approved changes to model
In some instances, it is also useful to link model documentation, data sources and review
reports back to the model inventory.
15-10
Bibliography
Reference Document Author/Source URL Link
ASOP 38 - Using Models Actuarial Standards Board (US) http://www.actuarialstanda

Outside the Actuarys Area rdsboard.org/asops/using-
of Expertise (Property and models-outside-actuarys-
Casualty) area-expertise-property-
casualty/
Nichols Taleb (Random House)
Black Swan: The Impact of
the Highly Improbable
April 2007
Draft Educational Note - Canadian Institute of Actuaries www.cia-

Use of Models October Modelling Task Force ica.ca/docs/default-
2015 source/2015/215078e.pdf
Exposure Draft - Modeling Actuarial Standards Board (US) http://www.actuarialstanda

rdsboard.org/asops/modeli
ng-second-exposure-draft/
Exposure Draft for Actuarial Standards Board www.asb-cna.ca

Standards of Practice Use (Canada)
of Models
Exposure Draft of INTERNATIONAL http://www.actuaries.org/i

Proposed International ACTUARIAL ASSOCIATION ndex.cfm?lang=EN&DSP
Standard of Actuarial =PUBLICATIONS&ACT
Practice 1A Governance of =STANDARDS_ISAP1A
Models October 1st, 2015
Model Risk - Daring to Institute and Faculty of Actuaries https://www.researchgate.

Open up the Black Box - (London) Model Risk Working net/publication/277138848
March 23, 2015 Party _Model_Risk_Daring_to_
Open_the_Black_Box
Society of Actuaries. Research
Model Validation for https://www.soa.org/Resea
Report Sponsored by:
Insurance Enterprise Risk rch/Research-
and Capital Models CAS, CIA, SOA Joint Risk Projects/Risk-
April, 2014 Management Section Management/research-
2014-model-valid-ins.aspx
15-11
Reference Document Author/Source URL Link
Model Validation North American CRO Council crocouncil.org/images/CR

Principles Applied to Risk O_Council_-
and Capital Models in the _Model_Validation_Princi
Insurance Industry - 2012 ples.pdf
Note on the use of Internal INTERNATIONAL http://www.actuaries.org/C

Models for Risk and ACTUARIAL ASSOCIATION TTEES_SOLV/Document
Capital Management s/Internal_Models_EN.pdf
Purposes by Insurers
November, 2010
Riccardo Rebonato (Princeton
Plight of the Fortune
University Press)
Tellers: Why We Need to
Manage Financial Risk
Differently November
2010
SR 11-7 Attachment - Board of Governors of the http://www.federalreserve.

Supervisory Guidance on Federal Reserve System gov/bankinforeg/srletters/s
Model Risk Management r1107.pdf
April 4 2011
TAS M: Modelling: Financial Reporting Council https://www.frc.org.uk/Ou

Version 1 (April 2010) (UK) r-Work/Codes-
Standards/Actuarial-
Policy/Technical-
Actuarial-Standards/TAS-
M-Modelling.aspx
http://actuary.org/files/RMF
Use of Models for the American Academy of Actuaries,
RC_IAISICS_Modeling_Prese
Supervision of Regulatory May 6th, 2015 ntation_050615_0.pdf
Capital
15-12
IAA Risk Book
Chapter 16Proportionality, Materiality, Etc.
Ralph Blanchard
1. Introduction
In many places where analysis is performed there is a tendency to apply as much as possible a set
template or process. This is true within regulation, as well as within insurers subject to
supervision or oversight (whether by supervisors/regulators, external auditors or others
performing oversight analysis). Yet the use of a set template or process assumes one size fits
all, even though it rarely does.
The solution to the one size does not fit all issue is generally to allow exceptions to the
template based on the individual facts & circumstances. Various approaches have been
developed and are in use for creating this flexibility. These include the concepts of:
Proportionality
Materiality
Cost-benefit
Risk-focused
While many of these terms and concepts are not unfamiliar to most actuaries and others
performing analysis, the understanding of them is frequently incomplete. In addition, the
application of them is not without risk.
This chapter addresses these concerns by outlining the current definition(s) of these items, then
discusses issues with their use and possible pitfalls. The goal is to make those applying or
considering application of these concepts more aware of how they might be used, and to avoid
their possible misuse.
Key Findings:
1. All these concepts provide for greater flexibility in the application of rule-based
templates via the application of principles for when or how much to modify a
template.
2. All these include some component of a cost-benefit tradeoff.
3. Being principle-based, they are all dependent on a common understand of the ultimate
objective (or desired benefit) for consistent application, and to a lesser extent on the
importance of various options towards fulfillment of those objectives.
4. They are all subject to imperfect application, especially when the principle is turned
into a rule.
IAA on 10 October 2016
5. As principle-based approaches, they generally require that the person applying them
have a certain level of experience or expertise for best application.
6. When subject to oversight, they are also heavily dependent on a common
understanding between the applier of the concept and the overseer (on items such as
the overall objective and the risk inherent in various items). This creates a need for
effective documentation and communication (which can be difficult if the experience
levels or backgrounds of the two parties are very different).
2. Proportionality
I. Definition
The proportionality concept in the legal environment has been around since at least the 1800s
(when German courts introduced it as a tool for reviewing actions by police)1 , although there are
those that place its origins with the ancient Greeks. The definition seems to vary with the
context, as seen from the following examples (with the first three from Wikipedia).
Civil Law Discovery actions - whether the burden or expense of the proposed
discovery outweighs its likely benefit
Criminal Law the punishment should fit the crime
Warfare harm caused to civilians or civilian property must be proportional and not
excessive in relation to the concrete and direct military advantage anticipated by an
attack on a military objective.
European Union treaty - Under the principle of proportionality, the content and form
of Union action shall not exceed what is necessary to achieve the objectives of the
Treaties.2
1
Wikipedia (November 30, 2015 extract) https://en.wikipedia.org/wiki/Proportionality_(law)
2
EU Lisbon Treaty under Article 3 b, per a paper at http://www.eciroa.org/wp/wp-
content/uploads/2010/09/ECIROA-Solvency-II-The-Principle-of-Proportionality-and-its-Application.pdf
A longer description of the concepts application under European Union law can be found in wikipedia,
where it says: In European Union law there are generally acknowledged to be four stages to a
proportionality test, namely,
there must be a legitimate aim for a measure
the measure must be suitable to achieve the aim (potentially with a requirement of evidence to
show it will have that effect)
the measure must be necessary to achieve the aim, that there cannot be any less onerous way
of doing it
the measure must be reasonable, considering the competing interests of different groups at
hand
.Continued on next page
16-2
In short, these definitions all concern some sort of balancing (akin to a cost vs. benefit
balancing). They also frequently phrase the benefit in the context of a desired objective.
The IAIS ICPs do not define Proportionality, although the term is mentioned once in the
November 2015 version of the ICPs. That reference is in ICP 25 (Supervisory Cooperation and
Coordination) where it says in paragraph 25.5.4 that the principle of materiality and
proportionality should be applied in [determining whether and when to establish a supervisory
college].
The Solvency II directives also do not include a definition of Proportionality, but they include a
phrase similar to the following in many places
[actions should be proportionate to] the nature, scale and complexity of the risks inherent
in the business of an insurance or reinsurance undertaking3
Solvency II directives add that the above valuation should be done regardless of the importance
of the undertaking concerned for the overall financial stability of the market4, although in
several other places there is specific mention that the principle should be applied so as to avoid
the rules being too burdensome for small or specialty insurers.
Lastly (for the purposes of this chapter) in its discussion of Actuarial Services in Inclusive
Markets, a joint IAIS-IAA group was provided the following with regard to the definition of
proportionality:
A proportionate outcome, relative to a standard accepted approach, is a valid outcome
if, from the perspective of the assessor, the proportionate outcome is attained at a lower
cost (broadly interpreted) and remains sufficiently close to the standard accepted outcome
that the assessor would, under normal circumstances, not change a decision that depended
on outcome.
This approach focuses on outcomes, not on the process by which they are achieved.5
II. Discussion
The various definitions of proportionality all relate balancing (1) the costs of an action to achieve
an objective against (2) the degree to which the action accomplishes the objective. This implies
that any application of proportionality must involve an understanding of the purpose or objective
of the action. If the objective of the action is unclear or not sufficiently defined then it is unclear
how to apply the principle of proportionality (PoP) to the action.
3
Commission Delegated Regulation (EU) 2015/35 of 10 October 2014, Section 6, Article 56, 2a..
4
Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the
taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II), recital (18)
(http://eur-lex.europa.eu/legal-content/en/ALL/?uri=CELEX%3A32009L0138)
5
Draft for discussion, dated 29 January 2016 by Jules Gribble.
16-3
The PoP is also a principle, not a rule, hence its application requires the use of judgment. The
application of judgment requires a value system of some sort, as judgment generally has to weigh
the value of competing options. Judgment also requires some level of experience or training.
Many places where the PoP is applied the entity applying the principle (and hence making a
judgment call) has another party reviewing that judgment. Possible reviewing parties include
insurance supervisors and external auditors. This creates a need for clear communication
between the party applying the principle and the party reviewing the judgment call. It also
creates a documentation requirement of some degree wherever the application of the PoP leads to
a third party review6.
In the Solvency II context, there is mention (in Directive Recital 16) that [t]he main objective of
insurance and reinsurance regulation and supervision is the adequate protection of policy holders
and beneficiaries, but what level of protection is adequate? Is there a common understanding
among the Solvency II jurisdictions on what is adequate?
The proportionality principle is also generally thought of applying to analyses or methods, as
opposed to items or amounts. The final measuring stick in applying the PoP, however, may be
whether a different or more sophisticated method would produce a different end result (such as a
different decision from a user or a different final outcome).
Lastly, application of the proportionality principle to a requirement or task could theoretically
lead to either more work or less work being performed than specified in the template. In
practice, however, the PoP is generally used only to provide for possible reduction in workload
from that described, rather than a potential increase in workload.
III. Potential Pitfalls
Any consistent application of the PoP requires clear understanding of the objective/purpose, and
a consistent value system for those applying the concept. Where this objective is unclear or
where different people have different value systems the application can be inconsistent.
When the PoP application is subject to external review, there is also the risk that reviewer will
not agree with the application due to a different value system or a different experience level. In
the extreme, the reviewer may require such a high level of documentation that any savings from
application of the PoP may be entirely negated.
For Solvency II, the principle is frequently required to be applied based on the nature,
complexity and scale of the [insurance] risk, but this statement does not describe the ultimate
objective. Is the objective
Minimizing the size of insolvencies?
6
Depending on the local requirements, lack of adequate documentation or communication may lead to
a claim of non-compliance with the applicable standard or rule.
16-4
Minimizing the number of insolvencies?
The avoidance of burdensome requirements for small and/or specialty insurers?
The minimization of unpaid insurance obligations?
The avoidance of market disruptions?
A viable, competitive market?
Some other objective?
Which of these (or combinations of these) would best describe adequate policyholder
protection. Some jurisdictions may focus mostly on avoiding large insolvencies while others
may have an objective of having no insolvencies. Some of the possible objectives mentioned
above may also be conflicting, as minimizing the number of insolvencies may not be consistent
with a competitive market.7 Hence the fact that two regimes (or two supervisors within the same
regime) are both applying the PoP does not necessarily guarantee that they are consistent in their
actions.
Under Solvency II8 the scale component of the phrase nature, complexity and scale of the
risks is not meant to override or dominate the other components. Complex risks of small
companies may require detailed risk analysis, while simple risks of large companies may justify
a simplified analysis. Too much focus on the scale component of that phrase could lead to a
lack of supervisory/regulatory controls regarding risk management for small insurers, and
unnecessarily burdensome controls for large insurers.9.
The proper application of PoP can require a high level of experience or familiarity, but there is
no guarantee that such a level of experience/familiarity will always exist. As stated above, when
the PoP is applied correctly, the action shall not exceed what is necessary to achieve the
objectives. Knowing what is necessary and what is excessive with regard to achieving an
objective implies prior experience. If this does not exist the practitioner may be flying blind.
Given a lack of knowledge, the safest course of action may be to require too much rather than
too little. Hence the PoP may be very dependent on an experienced regulator for the concept to
work as envisioned.
7
A competitive market usually requires some incentive for market innovation and some penalty for
those firms that do not innovate. The elimination of insolvency risk can lead to stagnant markets with
no incentive to innovate, hence a less competitive market than would otherwise exist.
8
EIOPA-BoS-14/166 EN, Guidelines on the valuation of technical provisions, Guideline 47, available at:
https://eiopa.europa.eu/Publications/Guidelines/TP_Final_document_EN.pdf
9
Some have stated that a firm too small to afford a risk analysis for a certain risk is too small to take on
that risk.
16-5
Lastly, heavy reliance on the PoP by standard setters may lead to a standard designed for the
largest and most complex situation, requiring the greatest use of resources. The standard setter
may assume that in most situations some more simplified approach may be applied, but this may
rely heavily on the experience level of those applying it and those reviewing the principles
application. When those applying it and/or those reviewing are not sufficiently experienced the
result could be an expensive over-application of unnecessarily complicated approaches. Hence
overreliance on the PoP when designing a standard could lead to significant inefficiencies in the
final standard.
3. Materiality
I. Definition
The IFRS Conceptual Framework and the U.S. Securities and Exchange Commission have
similar definitions of this concept, which is essentially that something is material if mentioning
it, omitting it or misstating it would affect a decision10.
The concept is sometimes also applied to analysis, such as when determining if a more
complicated, sophisticated or resource-intensive analysis would make a material difference in the
outcome. The use of a simplified approach would not make a material difference if the result of
using the more involved analysis would not affect the outcome or decision.
II. Discussion
In practice, many applying this principle have tried relying on rules of thumb, such as by saying
that amounts less than some percentage (e.g., 5%) of a certain value are deemed to be non-
material11. In a solvency context, the basis of this rule of thumb may be an insurers equity.
Most standard setters, however, have argued that these rules of thumb are only initial screens or
ways of flagging issues for future evaluation, and are not definitive equivalents to the definition
mentioned above. As one example, consider an apartment complex in a major city with a
10
See https://en.wikipedia.org/wiki/Materiality_(auditing) and
https://www.sec.gov/interps/account/sab99.htm#foot3
The US Financial Accounting Standards Board (FASB) also defines the term in its Statement of Financial
Accounting Concepts No. 8, where it says Information is material if omitting it or misstating it could
influence decisions that users make on the basis of the financial information of a specific reporting entity.
In other words, materiality is an entity-specific aspect of relevance based on the nature or magnitude or
both of the items to which the information relates in the context of an individual entitys financial
report.
11
When applied to analysis, the rule of thumb would be that a simplified analysis is sufficient if the
estimated impact of a more involved analysis is unlikely to change the answer by the rule of thumb
amount threshold.
16-6
potential insect problem. In that environment, the sighting of even one cockroach would be
considered material, regardless of how large the apartment is.
Application of the true definition of materiality also requires knowing who is making the
decision, and for what purpose. The evaluation of materiality cannot be separated from the
person/entity making the decision and the purpose of that decision. For example, an item on a
firms balance sheet may be immaterial from the view of a holder of that firms short term debt,
but very material from the viewpoint of a long term equity investor. Hence the materiality of an
item is not an absolute, it is a relative quality.
The materiality of an item is also a judgment call that can change over time (as the environment
changes and risk preferences change)12. This change in materiality determination may not be
not purely rational, as markets in panic may sometimes overreact to things with no practical
impact on future cash flows.
Lastly, the decisions on when or how to apply the materiality principle may be subject to
oversight (e.g., by a supervisor or external auditor), similar to the oversight experienced in some
applications of the PoP. This leads to the same communication and documentation issues
mentioned earlier for the PoP.
III. Potential pitfalls
A common danger with regard to materiality is applying it in too granular a fashion. Many times
in the insurance context, individual claims or policies are unlikely to be material by themselves
it is only the portfolio of similar claims/policies that rise to the level of materiality. Hence the
need to look at materiality with regard to both individual items and the aggregation of items.
The aggregation of several immaterial items may be very material to the users of the information.
Another danger in the application of materiality is not knowing what you dont know, and not
wanting to expend the effort required to determine the boundaries of your knowledge. If one is
only aware of a single instance of a certain kind of event or item, it may be easy to dismiss it a
one-off, and not material by itself. But knowledge of only one instance of an item is not proof
that others dont exist. Hence knowing about a single instance of a situation that is immaterial
but could be material if larger may suggest a duty to investigate further before declaring it to be
immaterial.
A third pitfall is assuming that an item considered immaterial in the past will remain immaterial.
As mentioned earlier, the materiality of an item can change over time due to legal decisions,
laws, investor and/or societal views, or a number of other factors.
Application of this principle has the same experience requirement that the PoP has namely that
it requires some experience to apply it effectively. It can be difficult to evaluate the materiality
12
It is a requirement under SII that where materiality calls are made the weaknesses in the approach are
identified and triggers for when the judgment would need to be revisited.
16-7
of an item without sufficient experience and/or research13, and performing extensive research to
prove an items immateriality can erase or reverse any benefit to be gained by labeling it
immaterial. Hence the effective application of this principle requires some level of
regulator/supervisor experience and reliance on expert judgement.
Lastly, as with the PoP, overreliance on the application of the principle may cause a new
standard to be based on the largest and most complicated situation. Such a standard may be
established with the expectation that it would only be fully applied where the risk is material, but
this may overestimate the ability of (1) users to perform this materiality analysis or of (2) those
performing oversight to recognize when something really is immaterial.
4. Cost-benefit
I. Definition
Under cost-benefit analysis, the benefits of an action are summed up and compared to the costs
of the action14.
II. Discussion
This concept is typically described in quantitative terms, but it is also applied in some principle-
based concepts (such as proportionality and materiality) in qualitative or subjective terms. When
applied in a subjective manner or for items not generally measured in financial terms (such as the
value of a human life, the quality of life, or the avoidance of a complicated process to file a
claim) it requires the application of some value system. Disagreements over the results of a
cost-benefit analysis can result from disagreements in the assumptions underlying the analysis,
or in the value systems underlying the relative weights given to the results.
III. Pitfalls
Cost-benefit analysis is mathematically easier to apply to items that are directly quantifiable.
This may lead to omission or underestimation of items that are not directly or easily quantifiable.
For example, many cost-benefit analyses in an economic sense find it difficult to measure items
such as convenience or peace-of-mind, hence these items may be ignored or undervalued in
some analyses. Given the importance of peace-of-mind in the insurance context, this omission
may be material to some insurance solvency-related analyses as well as some analyses of pricing
actions.
It is also valuable to know the source of disagreements that may arise from such analyses.
Disagreements arising from the use of different assumptions can sometimes be resolved more
13
Support for an items immateriality may be qualitative or quantitative, with qualitative arguments
more likely to require prior experience in the field. It may be difficult to obtain signoff of a qualitative
argument for immateriality from someone with no experience in the field.
14
http://www.investopedia.com/terms/c/cost-benefitanalysis.asp
16-8
easily than those arising from different value systems. It is also valuable to be aware of the
various parties value systems before any cost-benefit analyses are performed.
5. Risk-focused (and Risk-based)

I. Definition
This is a concept applied to U.S. insurer financial exams such that the focus of the effort will be
on the risks to an insurer solvency, and not on line-by-line compliance with balance sheet rules.
Hence it includes a prospective review of risks rather than a strictly point-in-time evaluation of
risks. A similar mindset can be applied to other work or projects, so as to focus or prioritize the
work to those areas where the greatest risks exist (and away from areas where the lack of
additional work is least likely to impact the desired outcome).
The IAIS Insurance Core Principles use a similar term labeled risk-based. That term generally
refers to focusing work on the most important or biggest risks.
II. Discussion
The U.S. risk-focused concept as applied to solvency financial examinations is essentially the
same as the proportionality standard, but with perhaps a clearer statement of the objective.
Financial exams following this concept have generally started with an identification of the
largest risks inherent in the enterprise, analyzed the degree to which those risks are mitigated via
the insurers control environment, with additional analysis directed and performed for those
items with high residual risk. It is intended to make more effective use out of limited resources,
and is frequently used where the level of resources is constrained or capped at a certain level.
When applied to other areas the intent is similar, i.e., to make the most effective use of limited
existing resources.
The risk-based concept is somewhat ambiguous as it does not clarify whose risks are being
evaluated for relative size the individual insurer being supervised, the overall insurance
industry, or the financial system as a whole.
III. Pitfalls
In the regulatory financial exam context, the evaluation of an insurers risks in a risk-focused
environment may require a higher level of sophistication and resources than the available
resources can provide. One approach sometimes taken is to translate the risk-focused (principle-
based) examination tasks into a checklist that the current resources can address. This can
eliminate the potential benefits of the original principle (sometimes even at greater expense than
the compliance-based system it replaced), while misleading those applying it by convincing them
that the original benefit are being met. As such, it can lead to a false sense of security that fails
to uncover true risks that exist, or the creation of new inefficiencies to replace the old
inefficiencies of the old process.
16-9
Outside the regulatory context a similar issue exists in that it requires some pre-existing
knowledge about where the largest risks are, or the experience/ability to quickly make such a
determination. Hence it generally requires more than an entry level experience in the area of
application. Attempts to apply it to less experienced staff may lead to a series of rules or
checklists that can defeat any efficiencies.
With regard to the risk-based concept, a focus on systemic risks (i.e., the biggest risks to the
financial system as a whole) may lead to fewer resources being available for basic policyholder
protection. A similar focus on the biggest insurers in the industry may lead to reduced oversight
(and greater risk to policyholders) of smaller insurers.
6. Commonalities and Differences

Three of these concepts/approaches (proportionality, materiality, risk-focused) clearly rely on
judgment. The other (cost/benefit) may seem to be an exception, but this can be deceiving as the
valuation of many costs or benefits can be highly judgmental. Cost/benefit analyses can also be
subject to less-than-transparent manipulation, as the details underlying the cost/benefit analysis
may be buried within the underlying analysis and various implicit assumptions.
Regarding controls on the use of these concepts/approaches, materiality applications may face
the most external scrutiny. This may be because of the potential for abuse if insurers are not
required to justify their decisions that something is immaterial. PoP applications may face
similar scrutiny when applied at the insurer level.
It is not clear that the same scrutiny is applied to the application of the proportionality or
materiality concept when they are applied by a supervisor, external auditor or other reviewing
party (unless they themselves are also subject to external review.) One reason for this may be
that when an overseer applies the PoP or materiality to a situation, it results in less work both for
the overseer and the subject of the oversight. It is unlikely that the parties benefiting from the
reduced workload would complain.
Proportionality and materiality are typically discussed in terms of reducing workload rather than
justifying an increased workload, although there is conceptually no reason why they couldnt
apply in that other direction (i.e., in justifying an increased workload above the normal
requirement).
Where oversight or review exists for the application of the PoP or materiality, there is need for
clear communication and documentation of the application to the overseer. This requires that
both parties involved (applier and reviewer) have sufficient levels of experience and similar
understandings of the overall objective. Otherwise the documentation effort can be more
onerous than full application of the original requirement or standard template.
The risk-focused and risk-based concepts are somewhat different from proportionality and
materiality in that they are designed to provide a focus among potentially competing alternatives
or areas of focus, as opposed to increasing or decreasing the effort required for a particular focus.
16-10
7. Concluding comments
The concepts or principle-based approaches discussed in this chapter all attempt to provide for
needed flexibility in applying various standards or rules. Unfortunately, even the best concepts
can fail in implementation, hence how the concept is applied is as important as how the concept
is defined.
These concepts/approaches also require a greater level of sophistication or experience in their
application than rules-based approaches, hence they are dependent on sufficiently experienced
(and generally more well compensated) individuals for their successful application. These
resources may or may not currently exist in sufficient numbers where these concepts are to be
applied.
Ralph Blanchard, FCAS, MAAA, is Vice President & Actuary for the Accounting Policy
Department at The Travelers Companies, Inc. He is located in Hartford, Connecticut, USA. His
area of expertise is property/casualty insurance, particularly those areas involving financial
reporting (including U.S. GAAP, U.S. statutory and fair value estimates), asbestos claim
liabilities, Risk Based Capital measurements, and capital management issues. He is also a past
president of the Casualty Actuarial Society.
16-11
IAA Risk Book
Chapter 17Risk and Uncertainty
Quantification, Communication and Management
Sam Gutterman
The recognition and management of the distinctive features of risk and uncertainty underlie both
the purpose of insurance1 and steer managements actions, affecting all its stakeholders. The
management of risk and uncertainty is a central function of an insurance company. As such, the
issues addressed in this chapter are important to its many stakeholders, including boards,
insurance supervisors and rating agencies, as well as to its Chief Risk Officer, the actuarial
function and other insurance management.
Sound application of risk and uncertainty management concepts will lead to more effective
governance of an insurance company and its business, including their identification,
quantification, management and communication.
To highlight their differences, this chapter uses the following definitions:
Risk is the effect of variation that results from the random nature of the outcomes
being studied (i.e., a quantity susceptible of measurement).
Uncertainty involves the degree of confidence in understanding the effect of perils or
hazards not easily susceptible to measurement.
1. Consideration of risk and uncertainty on an updated basis is needed to effectively
assess and manage the current and future responsibilities and performance of the
insurer. This includes:
a. the valuation and testing of the adequacy of assets and liabilities;
b. the determination of required (or target) capital;
c. the roles that risk and uncertainty play in stress testing; and
d. the most appropriate ways to manage insurance in a sustainable manner.
2. Risk and uncertainty as reflected in required capital calculations address only adverse
consequences, while provision for uncertainty in the valuation of liabilities or in
premiums generally consider both positive and negative effects. Expectations
1
To reduce adverse financial consequences of insured risks by reducing the uncertainty of financial fluctuations of
its purchasers
This paper has been produced and approved by the Insurance Regulation Committee
of the IAA on 6 June 2017
regarding future cash flows will in practice always represent a combination of risk and
uncertainty.
3. Effective communication of the extent and possible effects of the risks and
uncertainties involved is important for all stakeholders, although the form and content
of such communication may differ by type of stakeholder. Its content may be
numerical or visual displays of a range of metrics, the enumeration of alternative
outcomes or scenarios, or a set of management implications and choices. Alternative
scenario assessment may provide useful and understandable illustrations, especially
through graphical displays of the range of performance and possible future scenarios.
4. Although assessment of risk and uncertainty regarding individual assumptions has
value, enhanced value may be derived from the study of the validity of actuarial
models on an aggregate basis through a comprehensive set of assumptions, including
their inter-relationships.
5. Metrics, such as actual-to-expected indices, provide insightful comparative
information for the operation of an insurer, including trends, planning/budgeting and
liability/capital/pricing adequacy.
6. The sense of false precision when presenting single number results can be addressed
by clarifying the basis of results and using ranges and scenario analysis.
2. Introduction / Background
Insurance provides financial security against unlikely losses related to specific events which may
occur to a policyholder. It is a complex, yet adaptive system. Through the principle of the law of
large numbers and risk pooling, insurance spreads the adverse financial effects of such losses
over a pool of similar risks and over time.
Since the future is uncertain, there remains the possibility of loss both to the insured (to the
extent the risk is not insured) and to the insurer. This possibility of loss is due to both risk and
uncertainty. Note that in many cases, risk is used as shorthand for both risk and uncertainty,
although the distinction between them as discussed in this chapter is quite important.
The modern distinction between economic risk and uncertainty was presented by the economist
Frank Knight. His 1921 book, Risk, Uncertainty, and Profit, distinguished between situations
under risk where the outcomes were unknown but governed by probability distributions known
at the onset (such as tossing a fair coin), in contrast to uncertainty situations where the outcomes,
although likewise random in nature, are governed by an unknown probability distribution or
model. The essential fact is that risk means in some cases a quantity susceptible of
measurement, while at other times it is something distinctly not of this character; and there are
far-reaching and crucial differences in the bearings of the phenomena depending on which of the
two is really present and operating. It will appear that a measurable uncertainty, or risk proper
is so far different from an unmeasurable one that it is not in effect an uncertainty at all.2
2
F. H. Knight. (1921) 19-20
17-2
Knightian uncertainty is often referred to as uncertainty about the extent to which the expected
mean (a key parameter) of the probability distribution is incorrect.
Some examples include:
1. Aspects of the future that are not considered by the parameters or the model structure.
There is always uncertainty regarding the true value of parameters regarding the
future, no matter the historical data available. In some cases, the volume of available
and relevant data may not be sufficient to develop a model structure or reliable
estimates of its parameters, while in others, conditions will differ between the past and
the future.
2. A particularly adverse future may be the result of what has been referred to as an
unknown-unknown (also called a paradigm shift or black swan). Such uncertainty can
affect what is being estimated/projected. Some examples include:
a. Changes in mortality that can result from either a medical breakthrough that
affects the level of mortality in all future periods or a pandemic that is a one-time
occurrence;
b. A novel court decision that can change the liability of an insurer;
c. New information gathered during the claims process; or
d. An event (e.g., the 2008 financial crash and asset bubbles) that affects one or
more economic assumptions such as inflation or credit risk.
When there is limited relevant and reliable data, there can be a great deal of uncertainty about the
actual nature of the underlying probability distributions. This uncertainty due to ambiguous data
can lead to indecision, precluding effective responsibility, impeding learning, inaccurate
forecasts and incorrect decisions. This highlights the possible effect of a lack of sufficient
understanding of the past or the drivers of future scenarios. Professional judgement and effective
quantitative techniques can provide insight into the issue and the nature of those distributions.
Almost all actuarial applications involve looking ahead to the future and therefore are affected by
both risk and uncertainty. There are limited circumstances in which a controlled experiment can
be conducted that provides findings that can be reproduced or validated based on underlying
exposure changes in volume and characteristics. But in many cases, the incidence rate is so small
that reliable experience cannot be obtained and judgment has to be applied.
In summary, questions that need to be addressed to assess whether risk or uncertainty are more
dominant include (1) can accurate and reliable historical information (data) be obtained, (2) can a
model/set of assumptions be developed consistent with the historical information and (3) can the
model/set of assumptions be applied or adjusted to characterize a reasonable representation of
the future?
The purpose of risk management is to quantify risks and identify the actions needed to eliminate
or reduce the adverse effects of their consequences. Just because something is uncertain doesnt
mean that it cant be managed it may be able to be avoided, controlled or its adverse
consequences minimized.
17-3
3. The nature of and distinction between uncertainty and risk
Since contingencies covered by insurance policies are exposed to significant risks and
uncertainties, margins are included in the premiums for these policies. Margins are also included
in prices charged by a third party if the risks are transferred to that party through reinsurance,
business combinations (i.e., mergers or acquisitions), or portfolio transfers. Methods chosen to
set and release those margins will affect reported earnings timing and volatility. Earnings
volatility that is not understood or is a surprise the result of emerging risks or uncertainty
may result in decreased market valuations of the company.
Determining how much reliance should be placed on observed experience is a significant
challenge. To do so, experience should be decomposed where possible to help distinguish how
much volatility is due to risk or uncertainty. Analysis and comparison of trends and patterns
observed between actual and expected experience can help distinguish between risk and
uncertainty. Significant one-off or systematic deviations in the same direction can also help
provide insight. In many cases, however, it can be difficult to distinguish between the two
nevertheless, the determination of whether to modify prior expected probability distributions and
other estimates is a necessary step in revising expectations (a feedback loop) and developing risk
plans to help avoid or reduce the effects of an adverse future.
Volatility in an insurers financial results generally reflects the results of a combination of the
risks and uncertainties involved in its operations, although the reported volatility can either be
smoothed over time or be exacerbated by the method of accounting used. It is important to
distinguish the effect of a deviation from expected performance and the effect of the financial
reporting framework3. The disentanglement of performance reporting is especially challenging in
product lines whose results tend to evolve over a lengthy period and that are expected to
experience volatile results. Interpreting deviations from expected is difficult enough, let alone
determining whether these deviations will continue over the long-term life of the business or
claims. An effective insurance risk management process thus applies feedback loops and
dynamic risk mitigation/control techniques to address this issue. Favorable results may lead to
taking on new risks and opportunities in applying a risk and reward trade-off approach, which
may facilitate obtaining a competitive advantage while maintaining financial sustainability.
The risks and uncertainties associated with insurance follow the life-cycles of insurance coverage
and claims. For example, prior to business being sold and claims incurred, there is uncertainty
associated with the future or emerging mix of insureds covered or the types of claims that will be
made. As more information is gathered, e.g., as the portfolio of life insurance policies matures or
information regarding new claims is reported, the uncertainties diminish and resulting risks
become dominant as they become more estimable/measurable.
3
Therefore, a deep understanding of the effects of the accounting system is necessary for actuarial assessment and
financial planning and review.
17-4
Sound application of risk and uncertainty management concepts will lead to more effective
governance embedded into the corporate culture of an insurance company and its business that
is, the identification, quantification, management and communication of risk and uncertainty.4
Premiums and other considerations incorporate the aggregate effect of bearing both risk and
uncertainty, which reflect the overall expected sources of volatility that economically justify an
inherent reward for conducting an insurance business. Capital provides for a level of risk and
uncertainty greater than moderately adverse. In reality, a perfectly competitive market (where,
according to economic theory, excess profits would be driven down to a minimal level) does not
exist. Arguably, because insurance policies, with few exceptions, have not been bought and sold
in a perfect market, such profits can be assumed to arise, but are usually difficult to isolate and
quantify.
Knights distinction between uncertainty and risk, mentioned previously, has been used by some
commentators to differentiate between measurability and immeasurability, objective and
subjective probabilities, and insurable and uninsurable probabilities of probabilistic outcomes.
Knight went on to indicate that judgment, common sense, or intuition5 is used for
business decision-making relating to those items that are immeasurable through formal processes
of logic and model-building. A more practical and useful distinction may be drawn between
process risk and parameter/model risks (see section II for a discussion of these concepts) that
does not attempt to deal with whether uncertainty is measurable.
According to Langlois and Cosgel (1993), one interpretation of Knight represents an
understanding that an agent can form subjective probability assessments of any situation, so that
the distinction that Knight intended to make was between situations in which insurance markets
can operate smoothly (where risk exists) and situations in which insurance markets become
unsustainable because of moral hazard and adverse selection (with associated uncertainty and
internal imbalances).
Except in unusual and laboratory situations (e.g., tossing a coin) rarely encountered in the real
world, partial information or suppositions will always exist; thus the expectations regarding
future cash flows will in practice always be a combination of risk and uncertainty. In addition,
since future conditions will always be at least partially different than those of the past, a
distinction between objective/subjective probabilities is rarely distinguishable, and as a result
judgment will always be needed.
Consistent with this distinction, Karl Popper noted that outcomes of physical experiments are
produced by a set of generating conditions. When an experiment is repeated, it is independent
with a similar set of generating conditions. Such conditions with a propensity p of producing the
outcome E means that those exact conditions, if repeated indefinitely, would produce a sequence
in which E occurs with limiting relative frequency p. However, this only occurs if future
conditions are identical to those in an earlier experiment. Therefore, because of differing
4
This doesnt mean total avoidance of risk and uncertainty (as that is impossible), but it does point to the importance
of understanding and management of the risks and uncertainties involved.
5
F. H. Knight. (1921) 211
17-5
conditions, conclusions reached based on past events cannot be automatically assumed to be
applicable in the future.
Differences from a base set of expectations can emerge as a result of many factors, including (1)
a lack of proper understanding of the underlying coverage or insureds and (2) changes in
conditions, especially discontinuities in experience or performance, some of which are referred
to as black swans (deemed highly improbable on an individual basis and outside the range of
preconceived notions, but as a group happen far more often than expected although often
thought of as negative or adverse, they can also be beneficial). The most obvious of these black
swans are catastrophic events not previously envisioned as being possible such as an earthquake
occurring along a previously unknown fault line, either of natural causes or man-made.
Less obvious, but of greater likelihood and cumulative importance in some long-term insurance
policies than one-time discontinuities in experience, are significant but gradual differences in
trend in one or more underlying factors. A grey swan event (also referred to as grey rhinos
the obvious, predictable, risks that are consistently neglected) is something that could be
anticipated, but is considered at the time to be unlikely to occur; if it does occur, its effect is
difficult to quantify. But not all discontinuities in experience are due to black swan-type
sourcesfor example, expected changes can manifest themselves quickly, result from changes
in the interrelationship between factors such as lapse and mortality because of changed or
temporarily stressed conditions, or be simply the result of statistical fluctuations either prior to or
after the point of discontinuity.
In some insurance coverages, both gradual (trend) and sudden (discontinuity) changes in
conditions can be difficult to identify, predict, and distinguish from a process (statistical
fluctuation) risk. Examples of these changes include broader environmental changes as a sudden
advancement in medical technology or in social attitude toward utilization of some insurance
benefits, applicable regulation, and change in the nature of the services provided or service
providers.
Donald Rumsfeld, a former U.S. Secretary of Defense, distinguished6 between known knowns,
known unknowns (grey swans), and unknown unknowns (black swan) risks. Of course, little if
anything about the future is certain nevertheless, the first category refers to circumstances with
estimable outcomes. The sources of volatility can be (1) inherent in past or current conditions,
but not yet quantified or understood or (2) did not exist in the past, such as a disease that had
never before been identified or a reinterpretation of an existing law/regulation that is applied
retroactively. Both black and grey swan events can be categorized as uncertainties, with grey
swan events likely not to be quite as catastrophic, but possibly more frequent. Swan-type
situations may be a one-off change in conditions or a permanent discontinuity.
The concept of risk as used in finance is primarily concerned with process risk (see section 4.I.A)
for a discussion). In contrast, actuaries are more concerned with processes that are relatively
long-term in nature, with shorter term fluctuations not especially significant relative to overall
adequacy or appropriateness. As the period observed lengthens and the number of independent
6
D.H. Rumsfeld (2002). Speech at a U.S. Department of Defense New Briefing, February 2002
17-6
insured exposures increase, perceived process risk tends to decrease with the reduction in effect
of short-term fluctuations. Nevertheless, both risk and uncertainty are of concern, because
management, regulators, and investors need to make decisions based on understanding reported
performance that reflects longer-term volatility and the value of an insurers future obligations.
It is important to attempt to distinguish between the effects of risk and uncertainty. Methods that
have been used to test for the existence of uncertainty include:
Statistical significance testing, which determines whether observed differences in
predicted experience are statistically significant.
Confidence intervals that provide a measure of limits within which the actual
outcomes are expected to lie with a certain degree of confidence.
Use of the formula: variance (actual expected) = variance (actual) + variance
(expected) 2 x covariance (actual, expected). This relationship describes the effect of
the correlation between actual and expected experience; when actual and expected
experience are independent, then the variance is the sum of the two variances, while if
actual and expected are perfectly correlated, then naturally there is no uncertainty.
Pervasiveness and consistency of differences between actual and expected experience.
For example, if these differences arise in all significant categories (e.g., geographical
regions, period of issue, risk classifications) it is more likely to be due to a period
effect, although analysis may be needed to ensure it is not due to unrecognized
changes in claims management or data coding.
Smoothed results over time (using rolling periods of, say, one or three years,
depending on the amount of experience) rather than monthly reporting periods that
often contain a significant amount of statistical noise. Outliers or discontinuities may
be the result of changes in conditions and past uncertainties, which may or may not
lead to subsequent changes.
Expert knowledge. This can help to identify drivers of future outliers or discontinuities
and changes in the existence or significance of underlying drivers of experience that
would not be expected based on simple extrapolation from the past.
Possibly a more pragmatic distinction of use to actuaries is between the ability to quantitatively
model or estimate future events or conditions based on relevant and reliable experience data and
in turn validate the results based on actual experience. Future results or their drivers that cannot
be so derived with a given level of confidence would fall into the uncertainty area. In some
cases, actuaries have been known to attempt to measure everything to the extent possible and to
incorporate the effects of risk and uncertainty into their estimates. As can be seen, boundaries
may not be perfectly distinct in some cases as some risks can be difficult to cubbyhole whether
resulting in discontinuities or unexpected results. An example of how these factors can be
illustrated in Figure 1, including the degree of actuarial risk aversion inherent in actuarial
17-7
approaches. As experience is gained in an area of uncertainty, the applicable aspect of the future
can move downward, if not to the left, in the chart7.
Figure 1 Risk/uncertainty continuum
Between the issuance of some long-duration insurance policies and the recognized emergence of
adverse experience, one of the major concerns is whether volatility, that is, divergence between
actual and expected experience, is due to temporary (i.e., involving risk) or permanent (i.e.,
involving uncertainty) conditions expected to continue or evolve that should be reflected in
changes to future premium rates. Rigorous analysis of emerging experience will help identify
leading indicators of adverse experience and provide better criteria to assist both insurers and
insurance supervisors to evaluate rate increase requests and inforce management decisions such
as policyholder dividends/bonuses/profit participation.
4. Characteristics of risk and uncertainty

The following are several key characteristics and elements of risk and uncertainty.
I. Process, parameter and model risks
Classical actuarial decomposition of risk and uncertainty is based on the following three
categories: process risk (due to stochastic processes), parameter risk (if the variables chosen in a
7
An example of a future condition that was not contemplated is the emergence of negative interest rates, which up
until the 2010s was almost unthinkable and was widely discounted in most financial models, which just a few years
later was common, even in corporate bonds in certain countries.
17-8
model dont have the right values) and model risk (if the model structure is appropriate and the
variables in it have been selected and whose relationships are recognized properly). This
decomposition is performed from the perspective of the user of a particular model, given the
model and risks being assessed. This decomposition can change from time-to-time as
understanding and experience is enhanced, conditions change, or differing stakeholder views are
taken. These three aspects are all subject to differing degrees of risk and uncertainty.
A. Process risk.
Process risk, sometimes referred to as statistical risk, is the risk of unavoidable random statistical
fluctuations that occur in any stochastic process. It will occur even if the insurer has chosen a
model that is totally accurate and has accurately estimated the parameters of the distribution
under that model.
Insurance risks often cover many relatively homogeneous but independent risks. The aggregate
process risk of a portfolio of insurance policies (measured on a per policy basis) can be reduced
by increasing the number of policies in an insurance portfolio or the period over which
observations are made, since the process risk decreases as the square root of the number of
policies exposed increases.
However, the extent to which pooling (i.e., aggregating many policies) reduces insurance risk
can be limited by not only the uncertainty regarding the true expected values and shapes of the
applicable probability distributions, but also because of the uncertain relationship between
factors that affect experience. For example, a trend or discontinuity (e.g., whether referred to as
structural, black swans, non-linearity, tipping point, unknown-unknowns or systemic condition)
affecting the incidence or severity of benefits/claims potentially affects all insureds, but more
likely only affects certain subgroups of policies, insureds or claimants.
One view is that it is inappropriate to reflect homogeneous and independent risks in a provision
for risk and uncertainty because the risk and uncertainty involved could effectively be eliminated
by insuring a sufficiently large number of independent insured risks. This view is similar to the
concept of not requiring a provision for diversifiable risk (see section 4II). Despite this,
conditions sometimes exist for which an insurance risk is not sufficiently stable, nor is an
insurance market sufficiently efficient and independent8, to eliminate the need for a provision for
risks and uncertainties.
B. Parameter risk.
Parameter risk arises because information regarding an underlying probability distribution is, by
necessity, incomplete, with the resulting distribution being inadequate or incorrect. It is the risk
that the parameter estimates in the model are incorrect. It has also been referred to as
measurement risk and can be viewed as the uncertainty that the expectation (mean) is accurately
estimated (the range of uncertainty involved is not necessarily the same as that of the process risk
involved).
8
There have been numerous situations where independence was assumed but did not exist. For example, the recent
financial crisis where mortgage risks were not independent and residual value insurance on car leases where resale
values were at times highly correlated.
17-9
Mis-estimation and data risks. Historical data represent necessarily incomplete information,
since it is obtained from conditions different from the period for which the estimates will be
applied to. However, most actuaries take a Bayesian approach with respect to the parameters
used as input to their models; that is, they develop an initial set of assumptions that they modify
as better experience and enhanced understanding are obtained, thus gradually reducing parameter
risk in the case where the underlying environment is stable. Generally, a set of observations
constitute only one realization out of an infinite range of might have been scenarios.
As a result, it is subject to random sampling error. Other reasons include inaccurately reported or
otherwise available data, and variations between insurance risks that are not intuitively obvious
until appropriately distinguished experience data becomes available.
Many variables that require estimation, e.g., mortality rates or claim development, involve
several components. Take mortality rates several factors can contribute to mis-estimation of the
current level of a portfolio, such as using population mortality when a lower-income market is
involved, new claims management has just been installed so old loss development factors are not
relevant, in general that future exposure or conditions being different than the future or that the
portfolio of an insurer is a new line of business. In addition, long-term mortality improvement or
long-term health care or automobile damage costs may be mis-estimated or the possibility of a
one-time pandemic, sudden increase in antimicrobial resistance or the effect of a sudden increase
in self-driving cars or other new car models.
Aggregation and inter-action. It is common to aggregate the effects of multiple variables into a
major component of a model an advantage of this process is to reduce the models complexity.
Despite this advantage, such aggregation can reduce the reliability and accuracy of the model. In
any event, it is important to understand and recognize the inter-action, correlation and patterns
between the variables, especially if there is a cause-and-effect relation. For example, for a
variable/unit-linked annuity a sudden shift in the economic or political environment may induce
significant policyholder behavior such as lapsation of the better annuity risks from the insurers
perspective. The more that the correlation is due to cause-and-effect, the better the model will
tend to perform and the extent of uncertainty tempered. In contrast, if it assumed to be due to
cause-and-effect and it isnt, the level of uncertainty can increase.
Exposure mix. Not only experience can change, but also the composition of insureds covered
may change or become different than what the pricing assumptions were based on. This risk can
be due to different characteristics or behavior between cohorts or generations, different market
segments from which insureds are drawn for an insurer, different choices made by insureds or
insurers, or different underwriting rules or risk classification categories applied. The cost of
insurance can be significantly affected by selection (due to the markets targeted and underwriting
procedures followed) and anti-selection (on the part of applicants at the time of and after
application), which in some cases have arisen from inadequate market penetration. These factors
have led to a deviation of industry mortality or morbidity experience from that of the general
population. Prior to a book of business being written, the distribution of exposure characteristics
is not known, thus resulting in potential moral hazard and anti-selection risk, although usually
reasonably estimable based on prior writings or on expected target market penetration. This mix
can subsequently change to reflect subsequent terminations
17-10
Change in conditions. Future experience will differ from that of the past, in part because future
conditions will be different. Some of these changes arise due to a gradual or sudden change in
conditions (of a temporary or permanent nature), which can be due to a paradigm shift, such as
when legislative, business model, and social attitudes change. Examples of paradigm shifts that
have arisen in the past have been when (1) the business model for the subjective nature of certain
health coverages change and (2) society realized that second-hand smoke was dangerous, which
resulted in changes in smoking prevalence and restrictions in locations where people could
smoke. Both examples were unforeseen and not reflected in available experience as input to the
basis of insurance premiums.
Other examples of changed conditions that have resulted in actual experience being different
from that previously expected have included: more robust economic growth, lower market
interest or equity growth rates, onset of climate change, better health conditions and more
stringent safety rules. Other examples of possible sources of uncertainties include a cure for all
cancers, impact of self-driving cars, new government programs or court rulings, and delayed
adverse effect of increased obesity prevalence.
C. Model risk.
Models by definition are simplified representations of reality. There are two types of model risk:
(1) the identification of the proper variables (parameters) in a given model and (2) the structure
of the model, i.e., whether the correct model has been selected. Model risk arises when an
incorrect representation of the future is reflected in the model, improper parameters (variables)
are used or the wrong model structure is applied. This can arise from under- or over-specification
of the variables (specification risk) used in the model. Under-specification occurs when a model
is over-simplified, in an extreme example, mortality rates that are independent of age. Over-
specification (or over-fitting) occurs when there is too much concern about fitting parameters to
non-statistically credible or irrelevant data, incorrect variables are applied, over-extrapolation
(e.g., linear extrapolation when not appropriate), or an incorrect underlying structure has been
applied. Either problem can result in inaccurate or biased projections.
Unless a pre-determined factor or formula-based model is used, uncertainty models can be quite
complicated. Models should be subject to proper governance and controls, as described in
chapter 15 Governance of Models. They should also be validated, and subjected to sensitivity
and stress testing, where practical.
There is no single accepted model for any aspect of the insurance business, although adaptation
and refinement of the model used should occur as more information and insight becomes
available. The use of multiple models can often be useful especially recognizing that they are
representations of reality, which may be refined or modified over time, and that primary reliance
on a single model should only be made when it is determined that the model is sufficiently useful
and good enough to move outcomes from known unknowns to known known risks.
Nevertheless, it has to be realized that any model has strengths and weaknesses.
Multiple risks
The period observed can change the mix between process and parameter risks. For example, if
reporting or experience is measured on a daily, weekly or even monthly basis, the volatility due
17-11
to process risk for those short periods should be expected to dominate. The longer the period
studied, the more the underlying reality would be expected to be revealed, in which case
parameter risk will likely dominate. In addition, to study whether a trend is occurring may
require an even longer observation period. Nevertheless, the use of a long observation period can
raise the possibility that the earliest experience is no longer relevant, which may lead to a
misleading trend. One approach to determining whether a trend exists is to study experience on a
rolling basis, which tends to smooth the contribution of process risk to volatility. Understanding
the conditions over the period study is necessary to determine whether the trend is trustworthy.
Some believe that even though it is conceptually preferable to reflect parameter risk and model
risk, it is not necessary to include an adjustment for the sources of these risks until persuasive
evidence is available to enable an insurer to quantify their effects by reference to observable
data. Nonetheless, as long as these risks are estimable, it is appropriate and indeed necessary to
include them. In fact, not including a provision for parameter and model risks (i.e., only
including a provision for process risk) is tantamount to unsound pricing by ignoring economic
reality, which may lead to inappropriate business decisions (in the extreme case, capital
inadequacy). Thus, it is appropriate to consider all the relevant process, parameter and model
risks in pricing, valuation, capital assessment and management decision-making.
Actuarial practice dictates that a sound and sustainable process should be followed with respect
to the consideration of applicable risks and uncertainties. This may involve the inclusion of
appropriate margins (e.g., risk adjustments or in required/economic capital calculations) or
testing relative to the objectives of the application. Actuarial work in these areas is covered by
applicable actuarial standards of practice and codes of professional conduct, supplemented where
applicable with appropriate peer review procedures. Consistent with such standards, an
understanding of the context of risks and uncertainties involved goes beyond the application of
applicable formulas, but to the application of actuarial analysis and judgment regarding the
overall soundness of the entity.
II. Diversifiable and non-diversifiable (or insurable and uninsurable) risks
Risks may also be characterized as being either diversifiable or non-diversifiable. For example,
market risk for stocks (shares) can be diversified by aggregating stocks (shares) from different
industry sectors, as in most cases they are unlikely to all move in the same direction. In fact, the
risk of any stock has a diversifiable and a non-diversifiable (or systemic) component. The non-
diversifiable component can be characterized by the trend line in the relationship between that
stock and the market, representing risks shared with all elements in the market. The diversifiable
component is the variation around that trend line. Similar analysis can in many cases be applied
to each risk factor that affects an insurance premium.
There is a limit to the diversification benefit, beyond which the marginal benefit of risk reduction
is smaller than the loss of potential returns. Some risk factors impact nearly all insurance policies
or stocks, as applicable, and are non-diversifiable. Factors unique to a particular stock are largely
diversifiable. Most risk factors fall between these extremes.
Risks may be described as either market-based or independent of market (also known as
orthogonal). In the context of investment risks, market risk can be understood by considering
17-12
risky assets such as stocks. In capital asset pricing model (CAPM) terms, the return from each
stock has a (positive or negative) correlation with the return from every other stock. The
regression coefficient between the individual stock and the market is called the beta of the
stock. Risks that are uncorrelated with a market are independent of that market and have a beta
of zero, although if a stock is included in what is measured as the market, it likely has at least
some (albeit quite likely small) correlation to the market by virtue of its inclusion as part of the
market.
Similar to the above capital markets example, morbidity and mortality rates of individuals in a
pool are usually considered independent of the corresponding rates of the others in the pool.
They may, however, not be independent, as they may be subject to similar environmental and
provider conditions, as well as similar habitational attitudes and insurers claims management
processes, some of which may be correlated to changes in market, economic or demographic
conditions. An assessment of the mix of risks involved may be needed to confirm such an
assumption.
While some believe that diversifiable risk should not impact the amount of provision for risk and
uncertainty, others believe that since no market is perfect, all investors require some risk premia
for all risks, whether diversifiable or non-diversifiable. Since insurance markets are not perfectly
efficient and complete diversification of many relevant risks is not practical, a provision would
be correspondingly appropriate for all insurance risk. Market prices reflect both diversifiable and
non-diversifiable risks as both types of risk are always present and can be estimated. Thus, both
types of risk should be considered.
III. Hedgeable and non-hedgeable risks
The discussion so far has assumed that all relevant risks and uncertainties are reflected or
considered in the development of applicable risk distributions. For the purpose of a provision for
risk and uncertainty, risks reflected in the risk distribution include all their non-hedgeable
aspects. A risk is hedgeable if an active market exists in which the risk can be traded, such as via
derivatives. Hedgeability derives from the existence of a relevant market and not directly from
the characteristics of the risk. Insurance-related risks normally considered to be non-hedgeable,
include the risk of variability in the amount of settlement obligations, operational risk, the risks
associated with the runoff of claims/satisfaction of policy obligations and reinsurer counter-party
credit risk (although this could theoretically be hedged by means of a financial instrument of the
applicable reinsurer). Risks normally determined to be hedgeable include market or credit risk of
invested assets.
Risks that are not completely hedgeable are considered in the determination of liabilities and
required (or desired) capital. For example, these also may include interest rate risk for very long
durations or market and currency risk in thinly traded markets, such as those in developing
economies.
IV. Time it takes risks to emerge and be recognized
Many insurance policies and claim provisions provide for benefits or claim payments over a
lengthy period. The timeframes involved can range from the extremely short (e.g., dental or most
property insurance) to the extremely long (e.g., long-term care insurance or annuities offered to
17-13
the young, which can last fifty or more years). In most cases, the longer the period of coverage,
the larger the uncertainty. Dynamic influences over time represent second and third order
parameter risk. While over a short period their effects may not be significant, they may represent
a significant source of uncertainty over a longer-term horizon, especially where the effects
accumulate over time. They thus fatten the probability tails involved.
Even without these dynamic changes, the forces affecting the sources of uncertainty may be
time-dependent. In other words, certain ongoing trends such as mortality improvement or
inflationary effects on certain claims/benefits and expenses may continue and accumulate over
time in a serial manner, without necessarily reverting to an earlier expected mean, as might be
expected for some economic variables, such as, arguably, interest rates.
Many risks take a complex form in these cases, the composition and interaction among the
risks can take an extra period to become observable, as deviations from expected may offset each
other. For example, in the early policy years a portfolio of life insurance may in the aggregate
appear to be consistent with initial expectations, while the ultimate level of mortality might be
misestimated, the absolute and timing effect of underwriting or market selection might be
misestimated and anti-selection resulting from policyholder behavior might be misestimated. In
addition, in this example the number of deaths in these early policy years may be too small to
represent statistically reliable data to draw a conclusion. Thus, the degree of risk aversion is
likely to increase as the time horizon increases9.
However, as more useful information becomes available, the amount of uncertainty will
decrease. And, to the extent that effective non-guaranteed elements or other management
discretion is available, the risks and uncertainties are shared with the policyholders. In addition,
effective asset/liability management techniques will reduce the level of uncertainty.
V. Risk concentration
An elevated level of risk concentration exists when a sizable percentage of an insurer's risks
(e.g., coverage, market segment, geographic area of insureds or assets are in a certain category of
exposures. For example, although the management of a mono-line insurer or one dealing with a
single market can provide focused attention on and specialized expertise, it can simultaneously
suffer from a lack of diversification of risks. Even here, caution should be exercised since there
have been occasions where an insurer was forced or advised, by a rating agency, investors,
supervisor or overly aggressive marketing staff to diversify their markets or products. As a result,
the company was put at financial risk when there was a downturn in areas where management
was not properly prepared.
Achievement of economies of scale (through greater business volumes) can enable spreading
overhead or fixed operating expenses over a larger number of units. However, it carries with it a
potential increase in the aggregate effect of catastrophe and operational risks to the insurer,
thereby at least somewhat offsetting the beneficial effect of risk diversification and risk pooling.
9
As well as possibly increasing the capital charge.
17-14
A significant risk concentration can result in greater volatility, in part due to the potential for
large catastrophic losses. More capital may be required to absorb the effect of certain operational
risks (events) or catastrophes with low probability and high severity, resulting in a greater degree
of financial uncertainty than would be the case had there be less concentration. Nevertheless, the
question of how to quantify the degree of concentration or tail risk that would be significant
enough to qualify as a catastrophe remains an issue for continuing study and debate. This also
depends upon the size of the insurer and its capital resources.
The aggregate effect of concentration of risks is one example for which the expected experience
of a group of insureds may not be independent and can be inter-related. Concentration of
exposures usually affects the volatility of results, as a result of an increase in severity of loss in a
portfolio (as a result of a significant increase in the number of claims). While the resulting loss to
the insurer would usually be categorized as risk, it might also be thought of as uncertainty if, for
example, the cause was sufficiently unrecognized.
5. Basis for assumptions/expectations

To the extent that a perfect market is available, a calibration of the amount of risk and
uncertainty could be performed with respect to market prices. However, such a deep and liquid
market never seems to exist in insurance risk applications. Valuation techniques need to be
applied in almost all cases. The following is one categorization of the types of input that form the
basis for assumptions or expectations of risk and uncertainty involved in modeling. The risk
criteria applied are based on the valuation basis / quantification applied.
Market observations. This approach estimates the economic value of risk implied by
market prices, the credibility of which may depend upon the size and robustness of the
market. A given degree of risk can have different values to different individuals,
depending on the extent of their risk aversion. Prices of risk and uncertainty in the market
reflect a consensus of (or negotiation between) the views of market participants,
including aggregate amount of risk aversion.
Of course, just because risk exists and market participants charge for the risks undertaken
does not by itself mean that the resulting prices are correct, as they are influenced by
such factors as the current market risk aversion, misinformation, and herd mentality.
Model/estimations. Examples include a margin over current estimates (MOCE) in
regulatory accounting and in the revisions to insurance accounting of insurance policies
(IFRS 17), which provide for expected outcomes reflecting estimates of risk and
uncertainty that are based on non-market based factors. A MOCE is usually based on
probability distributions relating to the risks undertaken, using confidence intervals, cost
of capital or similar measures. The extent of the provision may differ between pricing,
valuation of liabilities or capital, as each has a different purpose.
The most relevant and reliable observable experience should form the basis for the
experience assumptions, although it is uncommon to observe enough sufficiently relevant
data to base a full probability distribution, especially extreme (tail) probabilities. Under
17-15
normal circumstances, the best source would be derived from policies and claims from
the same product and insurer, for which experience and volatility of this experience are
most relevant (i.e., including where available the same market segment, underwriting
screens, policy features and claims management). However, in some cases, such as if the
coverage offered by an insurer is a new or immature line of business or if the frequency
of the event is sufficiently small, external data10 or professional judgment will be needed
either as a substitute for, or a supplement to, the insurers experience data.
The blend of experience used as inputs depend on the amount of data with characteristics
similar to the business being assessed or the reliance that can be placed on either external
or other internal sources. For example, for a new line of business, no internal data would
be available. Data from the central portion of the probability distributions may have to be
used as a base to estimate complete probability distributions. Unadjusted industry data or
public data without any selection or insurance-affected constraints may not be relevant to
the business being studied.
Just as there can be a herd risk inherent in market-based measures, there is a consensus
risk in non-market based measures. That is, when there appears to be an overwhelming
consensus of a given area of uncertainty or trend the risk of everyone being wrong, when
ignoring either a black swan event or condition or an event or condition that is not
recognized because there is a consensus. Examples might be mortality risk, where a
consensus has been reached that the current level of mortality improvement will continue
forever and it doesnt, and interest rate risk where the consensus is that interest rates
continue forever at historically low levels, where it turns out that a reversion to the long-
term historical mean is ultimately experienced.
The use of historical experience requires an understanding of the conditions under which that
historical information was obtained and estimates of the expected effect of changes in those
conditions. Historical experience is, at best, a sampling from the underlying actual experience,
which is not known for certain and will probably change over time.
Expected experience is generally driven by a set of variables (parameters), in some cases
determined with respect to the policy features and demographics of the insureds and their
environment and behavior, as well as characteristics of the portfolio of claims, where applicable.
A common approach is to analyze the characteristics either one at a time or in aggregate. Newer
techniques, including predictive analytics, can be used to study the drivers simultaneously,
reducing the uncertainty with respect to the interaction, correlation and patterns between the
variables. An easy trap to fall into is to assume that the characteristics are independentan
example is where it is assumed that a specific cause of death or morbidity is curedthis
elimination usually in turn affects the size of the parameters or even introduces additional
variables into the model of mortality being used.
10
For example, aggregate insurance industry experience or general population data, although caution needs to be
applied if not adjusted to be consistent with the insurers product features, underwriting, market segment, and effects
of the existence of insurance.
17-16
The level of aversion to risk reflected may differ by the stakeholder and application. For
example, for IFRS 17, the aversion inherent in the risk adjustment is taken from the viewpoint of
the insurer. For fair values the aversion is based on the implied values derived from observed
prices or estimated views of market participants. And, for required capital or stress tests, levels
may be based upon the perspective of the supervisor or the insurer.
6. Sources of exposure to risk and timing of its management

Risk and uncertainty associated with a portfolio of policies or a company/group can arise from
multiple sources. These sources may or may not be related or inter-dependent. Their
relationships create dependency uncertainty, which may differ depending on the situation (e.g.,
the correlation between sources in situations such as asset credit default and policyholder lapse
rates can increase significantly under adverse conditions such as a recession).
These sources of risk and uncertainty differ by coverage, market, distribution system, and
jurisdiction. Some may vary every year as external conditions or internal decisions may change
quickly; other tend to change slowly, such as mortality or inflation trends. Examples are
described in Appendix 1.
The permanence and severity of risk and uncertain conditions differs widely by coverage and
situation. It may be a one-time shock, a part of cyclical experience or a permanent change in
conditions. Although usually obvious in hindsight, during volatile conditions, it can be difficult
to differentiate them. Inferences can be drawn from historical experience, for example from a
violent storm, heat surge or epidemic. However, there are other situations where definitive
identification is not possible, e.g., during the second year of especially low or high interest rates
(e.g., Japan over the past two decades) or if mortality has deteriorated in two consecutive years
with no obvious direct cause. Although stochastic/probabilistic modeling can be useful in
estimating one-off or even cyclical changes in conditions, scenario testing might be a better
approach to develop contingency plans in preparation for the future.
In conducting experience studies, the selection of longer study periods increases the data points
and hence the credibility of the study (unless conditions or the mix of exposures change during
the period). In contrast, it can include experience generated under conditions different than that
expected to exist in the future. Inclusion of earlier periods can mask underlying trends or changes
in fundamental conditions. Actuaries often deal with the trade-off between reliability (the
accuracy and statistical credibility of the data) and relevance to the period of concern, supported
where possible with analysis of drivers of experience and relevant trends.11
Timing of the emergence and severity of risks can therefore be important to recognize. Although
risks can be characterized in many ways, one approach to risk management is to categorize them
in terms of their short-, medium- and long-term natures. Different types of supervisory action
relate to the immediacy or severity of these adverse effects, as they impact the sustainability of
an insurer and the time needed to rectify them. The applicable period will depend on the risk
structure of the insurer, types of insurance involved and supervisory tool chosen:
11
This is particularly relevant when setting parameters for equity returns and volatility.
17-17
3-90 days. The primary concern regarding an extreme condition during this short
period is a lack of adequate liquidity and cash. In contrast to some banks, such
liquidity risk will rarely be of concern to most insurers. Nevertheless, exceptions may
exist if there is improper short-term risk management, if asset-liability matching is not
maintained or where a significant concentration or pricing or policyholder behavior
risk emerges quickly, especially if extreme economic conditions arise suddenly. Rapid
management and supervisory action may be needed in such a case. This might affect
an insurers investments, e.g., margin calls on financial instruments or precipice
conditions on external debt that trigger immediate repayment. An example of
mitigation against such risks include a constraint on accessing policyholders accounts
that during normal circumstances would not be called for.
90 days-3 years. Risks likely to arise during this timeframe may result from
operational (e.g., significant underpricing, mismanagement, economic or catastrophic
shocks). A one-year period is often used as a benchmark timeframe over which a
supervisor can attempt to take remedial action (which could include beginning a run-
off or sale or merger of a troubled insurer with a stronger one). This period can also
allow for the re-pricing or re-underwriting of policies with one year. Even catastrophic
insured events will often even take more than one year to fully pay claims.
3 years+. An insurer may become unsustainable over this longer period due to several
conditions, including slow-developing actual or expected experience significantly
worse than expectations, or significant adverse trends that lead to sustainability
concerns. It is also the likely timeframe for failure due to mismanagement, as it
usually takes some time for its effects to become material.
This is also be the timeframe for a decline due to a paradigm shift, e.g., delayed use of
big data for competitive pricing that an insurer is unable to achieve because of
insufficient investment in resources or staff. Another example is political risk a
government takeover of a key line of business of the insurer that takes away their main
competitive advantage, thus leaving them with business they cant manage well.
Although a significant issue can lead to sustainability concerns over any of these time categories,
the assignment to a shorter time category can be caused by either the type of the problem, who is
affected, the severity of the problem, the availability of and ability to apply relevant and
available mitigation tools such as reinsurance, or the extent of the insurers adequacy of capital.
The time frame over which stressed conditions apply is an important assumption in many
important calculations, such as the determination of minimum required capital. Two general
approaches have been taken:
One year stress (uncertainty) assumptions, followed for subsequent periods by risk
assumptions that would be expected to be relevant over the lifetime of the liabilities.
This has, for example, been the approach taken by Solvency II. The use of this
timeframe assumes that, subsequent to the occurrence or emergence of an adverse risk
situation, a supervisor will take no longer than one year to manage the insurers
17-18
condition, e.g., exiting from an insurance market or implementing rate increases, or in
the extreme through selling it to or merging with another insurer or putting into a
runoff mode. This presumption may not always be achievable, depending on factors
that include the extent of the problem, the risk event that generated the problem and
whether the risk event affects only that insurer or its entire industry. A one-year time
horizon has usually been applied on the presumption that this aligns with supervisory
action in dealing with a troubled insurer, such as arranged reinsurance, resolution or
liquidation. However, such an approach should not ignore continuing provision
needed for future risk and uncertainty at the end of the one year shock horizon.
Lifetime stress assumptions (for the life of the inforce policies or claims) relating to a
structural change. This approach is often taken for liability (MOCE) determination. It
also may be more applicable if the adverse condition is an ongoing one, e.g., mortality
improvement trend which is often of a much longer-term nature or is a one-time
problem that cannot be easily addressed in a short-term period. In addition, it is highly
likely that a purchasing/merging insurer who has been encouraged to take part in a
rescue would demand to be compensated for the probable effects of continuing risk
and uncertainty conditions.
There is a range of processes and actions that an insurer can take to effectively manage adverse
cash flows and associated risks and uncertainties. Some techniques are automatically generated,
while others result from management action. In some cases, the application of management
action (e.g., reduction in excess interest or management-based bonus/dividend/profit
participation policy) may be constrained by competition, especially if the insurer is the only
entity within the industry that has to make such a change, e.g., anti-selection as a result of
policyholder behavior can result from an impairment of the insurers brand, which may be
accompanied by further adverse financial effects.
To the extent that such mitigation (e.g., automatic based on policy features or through
management discretionary) is available and can be expected to be applied under adverse
conditions, both the expected adverse consequences and the effects of corresponding mitigation
actions that can be realistically taken should be reflected. If the mitigation actions rely on third
party (i.e., supervisory) actions, its likelihood (and uncertainty) might also be considered.
7. Application and uses based on the viewpoint taken

The purpose of the analysis and stakeholder viewpoint taken can influence the basis
(methodology and considerations) of recognizing uncertainty.
Although insurance accounting systems can differ significantly around the world, most
incorporate either explicit or implicit provision for uncertainty. General purpose accounting
tends to stress transparency or explicit provision for disclosure purposes. Such a system can
combine a reflection of risk in a general margin that aggregates the effect of risk, uncertainty and
profit, or can be presented as an implicit offset in the situation where the time value of money is
not explicitly reflected (discounting).
17-19
Inclusion of provision12 for risk and uncertainty serves multiple purposes, including the
avoidance of premature reporting of income in light of the risks and uncertainties involved, an
incentive to avoid over-optimistic-reporting of new business, and a metric that can facilitate the
communication of the degree of risk and uncertainty involved with the fulfillment of the
insurance obligations.
Especially in the case of long-term obligations, the adjustment for the value of time and for risk
and uncertainty can be entangled. It is important to avoid double-counting or ignoring provision
for risk and uncertainty.
The approach taken may be based on a set of historical parameter averages or be limited to only
the most currently observed values of the parameter(s). While market values reflect currently
observed costs of trading, they do not reflect the effect of implementing trades on the subsequent
values available in the market place.13
Risk tolerance reflects the risk appetite of the stakeholder for different levels of loss (e.g., by
management or the supervisor or the market, depending on the application), which can differ
depending on types and levels of risks and uncertainty. For example, a supervisor may focus
primary attention on different degrees of adequacy of capital. As a result, the supervisor may be
more risk averse than management or the market, although in some cases management may be
even more conservative to maintain their employment. Actuaries tend to be aware of risk, in
large part due to their concern with the sustainability of the applicable block of business and the
entity as a whole.
I. One-sided or two-sided risk
Conceptually, a decision has to be made regarding whether to consider favorable, as well as
adverse developments. Although risk is two-sided, in many cases insurance stakeholders are only
concerned with the effect of downside deviations and in the risk tolerance of adverse deviations.
Whether to reflect favorable experience developments in the assessment, valuation and
communication of uncertainty depends on the application and perspective of the application and
stakeholder. For example, an insurance supervisor is concerned with adverse developments. As a
result, supervisory emphasis is based upon a one-sided uncertainty, the adverse implications of
future events.
In contrast, it is usually more appropriate in pricing or in valuing a policy or claim to consider
both sides of an insurance risk. However, because (1) loss aversion is usually stronger than risk
12
In some regulatory systems an explicit recognition is referred to as a margin over current estimate (MOCE); in
international financial reporting it is referred to as a risk adjustment.
13
For example, prior to 1991 Executive Life (U.S.) had invested in a significant amount of junk bonds whose
market value, where there was one, and interest rates earned were sufficient for it to offer competitive prices and
remain a going concern. However, when the value of these bonds dropped as a result of defaults emanating from a
deteriorating economy, their value plummeted, with the result that it was unable to continue as a going concern.
Prior to this time, the company had relied upon the favorable credit history of these bonds and their then market
value achieved during good economic times. But, the decision to sell all those bonds after being taken over by
supervisors, further depressed this security market so that the values obtained by selling the bonds were less than the
reported value at the time of the companys takeover. In other words, the decision to sell due to their lower prices
meant they had to be sold at even lower prices.
17-20
aversion and (2) most consequences of insurance risk are asymmetric, that is the right tail of cost
or loss functions are generally thicker than the left tail outcomes, the value of a liability or
premium may over-emphasize the possibility of an adverse development, especially if it might
impair sustainability or generate a loss, rather than a profitable development. A provision for risk
and uncertainty in a liability, asset or premium that considers both favorable and unfavorable
situations may be relatively smaller than for such a provision for required capital, which may
only consider unfavorable effects. Required capital is as a metric used to assess the likelihood
that an insurer will be able to fulfil the promises it has made and in some cases survive as a going
concern. Note that, especially for a life insurer, effective asset/liability management maintained
in a dynamic manner can reduce or even eliminate the risk and uncertainty and therefore the need
for such a provision.
8. Quantification of risk and uncertainty

An essential element in risk and uncertainty management is the assessment and, where possible,
estimation of the effect of risk and uncertainty involved in an insurers operations and decision-
making. In some cases, such an assessment can be as crude as rank ordering the sources of risk
and uncertainty, e.g., asset credit risk, mortality improvement and policyholder behavior. In
others, e.g., for establishing a minimum or target level of capital, a quantification of the effects
of individual circumstances is needed.
Risk and uncertainty can conceptually be included or be expressed in terms of either expected
cash flows, discount (or cost of capital) rates or a combination. The approach taken is usually
inherent in the method used. For example, for the valuation of liabilities, it may be appropriate to
directly relate risk and uncertainty to what is at risk, i.e., risks and uncertainties associated with
the insurance obligations based on the expected cash flows and those associated with investment
risks based on the discount rate (e.g., use of a risk-adjusted discount rate). However, when
assessing an insurer as a whole, e.g., for company / group level capital assessment, an aggregate
measure such as a cost of capital may be appropriate.
A description of some of the primary approaches to measure risk are included in Appendix 2.
They include the quantile, explicit assumptions, cost of capital and discount rate related methods.
Each quantification method requires certain parameters that are also described in general in
Appendix 2.
With respect to the applicable parameters,
They need to be reassessed on a regular basis. This does not mean that they must be
revised, but periodic monitoring is appropriate to ensure that they are reasonable, both
regarding whether the parameters applied are up-to-date and responsive to underlying
conditions and business, but also whether the parameters, and indeed the models used
remain reasonable. Expectations should be dynamic in nature, just as the risks and
uncertainties change over time.
Both disclosure of and supervisory or professional guidance regarding methods,
assumptions, and the resulting valuation tend to produce more consistency between
17-21
insurers over time. Although outliers may continue due to different management or
circumstances, peer or external pressures may contribute to convergence in practice
over time.
For all approaches, calibration to market-based values (i.e., actual transfer values) is
problematic, as there are few, if any, transfers with observable prices that provide
reliable calibration benchmarks. Even if such cases were to occur, such prices are not
usually publicly available, involve special circumstances, or refer to such complex
accumulations of transferred business that it is not practical to derive prices for
specific relevant components.
Because stochastic methods or use of probability distributions normally focus on
process risk, increased confidence may be required to reflect uncertainty, that is, the
effect of parameter and model risks, although moderated somewhat due to the extent
of the inter-relationships as evidenced by the correlation between the factors. In
certain cases, a flatter/wider distribution might be developed through a regime
switching model, which assumes that there is a random switch between the dual
statistical means. The level of confidence used is normally at least in part set by
regulators, rating agencies or the insurer (as designated in regulation, professional
standards, or professional judgment) through use of judgment, in part because of the
difficulty in validating or calibrating the probability distribution(s) used against
historical experience or market prices. Validation of a particular distribution(s) is often
challenging, in part because historical volatility is not necessarily relevant to the
perception of risk and uncertainty related to future conditions.
It is sometimes assumed that the only way by which probability or stochastic methods can be
applied is by means of Monte Carlo simulation (i.e., a method that applies many randomly
generated parameters that are applied in an actuarial model). That is not necessarily the case
for example, if the probability distribution is symmetrical and risk aversion is not incorporated,
such an approach may not add much value. Even if asymmetric distributions are involved, a
sufficient number of discretely determined parameters may be used, if they capture the general
shape of the distribution, i.e., capture scenarios in the tail of the distribution.
Various practical methods have also been used, including:
Factors applied to one or more assumptions. For example, a percentage factor based
on a confidence interval for the claim incidence rate distribution might be applied to
the expected number of new claims assumption.
Scenario testing (viewed as being either sensitivity or stress tests), possibly using a
weighted set of deterministic scenarios selected to be representative of stochastically
generated scenarios. A stress test is the result of a scenario of significant size. This
approach is especially useful for asymmetric risks, options, guarantees, or
policyholder behavior.
Percentages, depending on the class of business and/or other characteristics, based on
perceived riskiness applied to the expected value or loss ratio, determined by sub-
models.
17-22
The use of a wider range of confidence than if just process risk was involved, to reflect
the impact of parameter and model risks.
With respect to these methods, it has to be remembered that no model is perfect, and is limited
by the availability of relevant assumptions and parameters, especially with respect to the many
unknowns involved in the specific identification of sources of and quantification of uncertainty.
As a result, some humility in applying quantitative methods is needed, with actuarial judgment
applied at critical junctures in any such quantification.
In some cases in which even crude probabilities or scenarios cannot be reasonably constructed, a
qualitative description of the uncertainty involved may be the only approach that can provide
useful information.
9. Communication of uncertainty and metrics

Clear communication of expected and actual deviations from the insurers
objectives/expectations and their causes/drivers is crucial to effective governance, proper
assessment of the effects of human behavior and incentives, and the objective setting process
(including how compensation incentivizes management). The term risk can also be used in the
sense of not achieving an objective, such as a given degree of profitability or financial
soundness. A decision regarding how to respond to a deviation or an expected deviation will
depend upon the situation and the financial significance of the deviation as well as a
determination of whether it is just a random statistical deviation or a realization of a
condition/event that was not anticipated and is actionable.
Successful communication entails an effective connection between stakeholders (and the
business decisions they make) to experts in risk and uncertainty (such as actuaries). An important
consideration in this communication is its purpose and users. The primary purposes considered in
this chapter include management decision-making, supervisory action and investor decisions.
Risk is often measured by means of stochastic models or an assessment of a range of
representative scenarios that capture a reasonable range of experience in the context of an
objective or subjective probability distribution. Uncertainty is often assessed by means of a study
of the possible effect of alternative scenarios.
With respect to risk, comparisons to both the mean and the mean plus or minus one (or multiple)
standard deviation(s). Alternatively, performance outside a specified benchmark consisting of a
pre-specified band around expected performance may be useful where performance outside that
band would be intensively study to enable better insight into its sources (e.g., for a very large
portfolio, a smaller band would typically be used because of limited expected statistical
fluctuation).
Charts showing actual-to-expected values, together with probable ranges, possibly based on a
specified percentage of a standard deviation of expected experience, recent experience or
informed judgment, can provide a better understanding of whether a deviation from expected
represents a cause for concern or further investigation. A regular report on the key variables
17-23
(sometimes referred to as key performance indicators that drive profitability and risk) is
important, especially to top management and board members.
A good question is how uncertainty be communicated if the parameters/variables/alternative
model cannot be identified. Emerging risk/uncertainty scanning can useful to help identify areas
of possible future change approaches such as development of a watch list or contingency
planning can prove helpful. In those areas, a model and/or scenarios that consider historical
variations and informed judgment need to be developed, as well as reflect expected deviations
based on the resulting distributions. Although detailed documentation is necessary for external
review and continuity of the risk management process (especially important when staff turns
over), effective communication involves an understanding of the users attitude toward detail
information provided will likely focus on key indicators, focusing on the extent of deviations
from benchmarks and emerging patterns.
There is a danger when an uncertain risk seems to have an exact number representation. Results
of models are not sure things and their estimates will be wrong because of the uncertain nature
of the future. Due to the refinements involved in many models, those involved can easily be
persuaded by the accuracy of the models and their embedded parameters the risks,
uncertainties and messiness of the real world should be recognized in their derivation and the
communication of their results. An unthinking focus on predictive accuracy runs the risk of over-
fitting the past, while ignoring past sampling errors and overlooking the conditions that may
affect the future. Users must be able to understand the basis of results and a range or probability
statements since a single number/result can give a sense of false precision.
Nevertheless, it is often difficult to assess whether a short-term deviation from expectation
represents a random fluctuation, a paradigm shift or an indication that initial expectations were
incorrect. In some cases, additional experience is needed to come up with an answer, while in
others drilling down into the data or further research may help.
The choice and regular communication of metrics sensitive to significant elements of corporate
performance provides an indication of the historical volatility and risks inherent in the operation.
Often a set of key performance indicators (KPIs) are developed to communicate this
performancebut they also can provide an indicator of the uncertainty involved. Outliers, often
ignored, may be able to provide useful insight into possible uncertainties involved. They can
either be ignored, monitored for repeated occurrence or analyzed to understand their
significance.
The most useful method of communication is determined by the needs of the user and user
preferences, including the level of detail and form provided. Typical actuarial
assessments/validations may consist of actual-to-expected analysis over time. This can be used to
determine the extent an observed deviation represents a one-time blip or an early warning of a
structural change to a new level or a new trend. This can help modify current expected
assumptions, improve assessments of future possible deviations or uncertainties and lead to a
better decision-making process. Transparent and interpretable disclosures of future expectations
and outstanding risks and uncertainties is valuable to all stakeholders.
17-24
As indicated above, uncertainty is not the random deviation around a set of expected values.
Although it can extend to a less-than rigorous understanding of current conditions and
underlying trends, it is more often associated with a change in conditions and enhanced
understanding of the drivers of future experience. Such changes may be difficult to easily grasp,
as it is human nature to think that everything will, at least in expected value terms, remain the
same, can be linearly extrapolated or revert to an historical mean. Here, a variety of approaches
may be useful. They include:
Pictures or charts. It has been said that a picture may be worth a thousand words; for
many it is more understandable than a huge table filled with numbers. Heat maps, fan
charts or similar clear visual techniques that provide insight into experience patterns
and deviations from expectations are examples of tools that can be used.
Scenarios. In some cases, a quantitative assessment may not sufficiently convey a
sense of the potential uncertainties involved. As a result, one or more scenarios,
representing a story of possible deviations could be developed. The story can focus on
a single condition or assumption (e.g., mortality improvement or deterioration,
epidemic or natural catastrophe) or alternatively represent a comprehensive story
reflecting all major assumptions and their interrelationships.
As discussed in Chapter 20 on stress testing, the use of scenario analysis can help
assess appropriate levels of required capital and provide useful disclosure to assess the
sustainability of the insurer or adequacy of liabilities. The use of scenarios can add
value in any analysis in which a quantification of and distinction between risk and
uncertainty is called for. The quantification of risk is usually most reliable when
estimating its mean, but becomes more uncertain when quantifying/targeting the level
of tail risk, which is the focus of management and regulatory required capital. Since
the degree of stress considered in stress testing and in levels of required capital are
necessarily linked to supervisory and management actions, the triggers for, and the
actions themselves should be structured based on the relative blend of risk and
uncertainty contained in the assessment/measurements. Thus, the assessments
themselves will be a blend of a quantitative and qualitative review. The conclusions
will need well thought out communication of how the metrics clarify the needed
management awareness and any corresponding recommendations, as further explained
in the immediately following section on metrics.
Metrics. There is a wide variety of effective performance metrics to measure volatility
of experience. For example, actual-to-expected indices related to key drivers of
performance or evidence of the existence or size of historical deviations from
expectations can be developed. They can be applied to budgets, long-term plans,
prices, liability or capital valuation, with baselines set based on changes from prior
history and trends, industry averages or stakeholder expectations.
Setting the expected (baseline) amount can be quite important to trigger the right type
of action. They could be directly based on pricing or liability assumptions or industry
17-25
benchmarks, where available and applicable. Depending on the indicator, they can
also be based on budgeted or trended values.
It is important to select a relevant set of metrics both short-term and long-term
indicators can be useful (e.g., using monthly or rolling-average data), not only to
assess performance, but also to use them to better understand the reasons for deviation
in the context of historical volatility.
They can be used as an early warning tool to trigger further study and if appropriate to
take preventive actions and for incentive compensation purposes. No action might
for instance, especially if the metric is not controllable by management only a limited
deviation (cap) might be used for compensation purposes.
Metrics that are overly complex should generally be avoided, as they can deliver
mixed messages to management, although they might be useful for analytical
purposes.
Outliers. Based on the metrics used, it may be necessary to assess outliers, especially
if not a single one-off. As indicated above, it is important to understand whether it
should have been anticipated or indicate a possibility of a change in internal or
external conditions that might reoccur.
Assumption trends. Changes in expected conditions often arise, especially over a
lengthy period. A look-back of change in assumptions over time can provide some
perspective into changes into possible future changes in conditions/expectations.
The most appropriate level of aggregation of results will depend upon the experience being
analyzed (e.g., mortality might be assessed with underwriting type and era categorized while
market segment and product might be appropriate for policy lapsation) and the application. To
assess the overall extent of adequacy of capital of a company / group, higher levels of
aggregation may be appropriate.
11. Conclusion
Risk and uncertainty are fundamental to the operation of insurance. Their sources need to be
understood and recognized to properly perform the risk management function of an insurer. It is
important to distinguish between the concepts of risk and uncertainty, with risk being the effect
of actual results differing from expected results due to the stochastic nature of outcomes,
whereas uncertainty represents unmeasurable or unknowable variation in outcomes.
The aim is not to eliminate risks and uncertainties, as they are inherent in the insurance business
it is to manage them in a financially sound manner, through mitigation techniques such as risk
sharing, benefit and product design (such as participating, unit-linked and experience-rating
features), reinsurance, required capital targets, and asset/liability management. Assessment of
deviations from expectations in a balanced and timely manner demands a focus on the credibility
and drivers of these deviations. A decision regarding how to respond to a deviation will usually
depend upon the situation and the financial significance of the deviation as well as a
17-26
determination of whether it is just a result of stochastic randomness (process risk) or a realization
of a condition/event that was not anticipated and is actionable.
Risk and uncertainty should be considered when determining the appropriateness of the value of
an insurers liabilities, assets and required capital, as well as the most appropriate manner to
manage an insurer and its business in a sustainable manner. They play a role in developing
appropriate scenarios used in stress testing and in communicating the appropriate level of
premiums, liabilities and capital. Uncertainty as reflected in required capital reflects only adverse
consequences, while provision for uncertainty in the valuation of liabilities or in prices generally
considers both positive and negative effects.
Communication of the extent and effects of the risks and uncertainties involved are important for
all stakeholders, although the form of such communication may differ by type of stakeholder. Its
content may be a number, a range of numbers, or a set of management implications and choices.
Alternative scenario assessment may provide useful and understandable illustrations, especially
graphical ones of the range of possible scenarios.
These concepts and their models are central to the practice and management of the business of
insurance.
Sam Gutterman, FSA, FCAS, MAAA, Hon FIA, CERA, FCA, is a consulting actuary, located in
Glencoe, Illinois, USA. His areas of expertise include financial reporting for all lines of
insurance, social insurance, demographics, and the environment.
References
R. Brewster, S. Gutterman (2014). The Volatility in Long-Term Care Insurance. Society of
Actuaries.
F. H. Knight (1921). Risk, Uncertainty, and Profit. Boston, MA: Hart, Schaffner & Marx;
Houghton Mifflin Company. ISBN 978-0-9840614-2-6.
R.N. Langlois, M.M. Cosgel (1993). Frank Knight on Risk, Uncertainty, and the Firm: a New
Interpretation. Economic Inquiry. Vol. XXXI, July 1993, 456-465.
17-27
Appendix 1
The insurance business is subject to general risks and uncertainties, including governance, brand,
operational (see chapter 4 Operational Risk), distribution (see chapter 9 Distribution Risks),
competition and other third-party risks. In addition, an insurer is subject to insurance and
investment related risks, which can differ depending on the coverages and the company
involved, may include some of the following:
1. Pricing/underwriting risk. If overly-aggressive pricing or underwriting strategy is
implemented in which over-optimistic assumptions are applied, financial distress can
emerge relatively quickly (usually expressed in terms of years).
2. Mortality/morbidity claims and benefits. These are payments associated with adverse
perils insured against. These risks can take the form of the deviations from
expectations relating to the current level, the trend, and sudden favorable or
unfavorable permanent or temporary spikes in experience. They can result from
changes in marketing, underwriting or program/policy features, environmental effects,
policyholder behavior and the tension between possible selection of risks by the
insurer and anti-selection by the policyholder. The risk and uncertainty may consist of
their frequency (incidence of claims/benefits, sometimes involving multiple
claims/benefits of varying size, even within the same insurance policy) and financial
amount (if not of an indemnity basis, i.e., if the policys exposure to loss is a fixed
amount).
3. Catastrophe (calamity) risk. The possible very large loss that can jeopardize the future
soundness of a company, involving a catastrophic amount of losses in a specific
geographic of demographic exposures, such as epidemics, natural disasters. One
source of this risk is over-concentration in exposures in a particular business segment
or weak corporate governance. The longer the period covered, the more likely it is that
such an unexpected set of conditions could arise.
4. Policyholder behavior (see chapter 18 Policyholder Behaviour and Management
Actions). The resulting risks include voluntary lapse and mortality/morbidity/claim
anti-selection/policy mix, which may affect the amount of claim/benefits and degree
of continuance of insurance policies, due to anti-selection or moral hazard. They
usually are a result of options provided to the policyholder through various policy
provisions, such policy termination or filing a health claim. Rate spirals, where
premium rate increases cannot catch up with corresponding increase in average costs,
can get out of the insurers control and cause serious financial damage to the insurer.
5. Changes in economic / legal conditions. These can affect the ultimate payout of claims
or benefits.
6. Mis-estimation, e.g., of level, trend or frequency and severity of any parameter. The
object of the estimate could be the number or amount of claims incurred, to be
incurred during the remaining coverage period or the development of those losses (i.e.,
17-28
claim liability estimates). To the extent an insurer does not recognize the uncertainty
underlying the insurance or investment perils, the premiums may be under-estimated.
Although this may be the result of process, parameter or model risk or uncertainty, it
could also be the result of such factors as inaccurate data or inappropriate data sample
used as a basis for assumptions, incorrect models or change in conditions from the
time the data was obtained.
7. Investment and counterparty risks. All insurers have investments of various sorts (e.g.,
financial instruments or real estate). These are associated with classic financial risk,
including market, credit and interest rate risks. Because of the long time frame of
many insurance coverages and claims, reinvestment risk can also be significant.
Counterparty risk can include such situations as the bankruptcy of a reinsurer, fraud
committed by a third-party administrator or inadequate security resulting in computer
hacking of policyholder records.
8. Regulatory, legal or political risks. These risks can include unanticipated adverse
effects of changes in regulation, imposed supervisory action or retrospective
application of changes in law or taxes.
9. Asset / liability mismanagement. Examples or asset / liability management tools
include derivatives, reinsurance and other hedging techniques. Cash flow projections
under a range of scenarios can provide relevant information, as can such metrics as
key rate durations. Since not all such techniques are perfect, the extent of lack of
hedge effectiveness remains a risk. (see chapters 13 Asset / Liability Management
Risk and 19 Dynamic Derivatives)
10. Expenses. Operating or acquisition costs can be in excess of those expected. This
might arise from conditions such as a lower number of units (e.g., sold or inforce) over
which to spread fixed costs or higher cost inflation than anticipated or that fixed costs
are treated as if they were variable.
11. A combination of risks. Although it is tempting to place a risk in a silo, their effects
can become more severe when they are interrelated. Variable annuities with
guarantees is an example of policy features that created a large bubble of risk exposure
for several insurers14.
12. The ability of an insurer to provide sufficient funds to pay benefits. This could include
illiquidity risk in periods of unusually concentrated cash outflow demands relative to
assets on hand, over-leverage in the case it has an over-reliance on much debt, and
asset/liability mismatch where an investment loss arises during periods in which
invested assets would have to be liquidated at a value that would be lower than their
reported value.
14
This rose to near-crisis proportions over the last decade. Dynamic hedging has been used to help mitigate some of
these risks, although it can exchange one type of risk for another to the extent that the hedge used is not perfect. This
highlights the distinction (and combinatorial effects) of non-diversifiable risks partially mitigated by dynamic
hedging with short term contracts.
17-29
13. Uncertainty as to the actual operation of the larger financial system in times of stress.
Markets may shut down, governments may change rules or intervene or policyholders
may change their behavior. These may result in a breakdown of normal pricing and
liquidity expectations and risks. These are examples of the uncertainty associated with
changes in correlations between drivers or inter-relationships between key risks that
change unexpectedly under extreme conditions.
These examples may be mitigated by one or more techniques, some automatically called upon,
while others might be evoked under a set of conditions by management action. Examples of the
former include (1) risk transfer techniques such as ceded reinsurance or catastrophe bonds, (2)
hedges such as derivatives, (3) risk sharing such as policyholder sharing of risks in applicable
types of certain participating, variable/unit-linked or experience-rated policies, or (4) negatively
correlated obligations (e.g., having a book of annuity payout risks that also contain life insurance
risks on the same lives). Examples of the latter include amounts of policyholder
dividends/bonuses/non-guaranteed amounts that are determined through management discretion
and situations where management can reduce operating expenses or enhance investment income
levels.
17-30
Appendix 2
Major categories of methods that have been used to quantify insurance-related risks and
uncertainties include:
1. Quantile. Quantile methods are expressed in terms of a degree of confidence that the
liability or capital is sufficient to provide for a designated amount of adverse
experience. Each variation applies a model to determine applicable risk distributions,
so that the level of margins (or amount of assets if assessing reserves) required to
achieve the desired level of confidence in meeting policy obligations can be
determined. The techniques within this family include:
a. Confidence levels (Value at Risk, VaR). A given probability of sufficiency leads
to a value at risk.
b. Conditional tail expectation (CTE or Tail-Value at Risk (T-VaR or Tail-VaR)).
This is equivalent to the expected present value of the cost of claims or benefits
greater than a threshold value.
c. Moment methods. A multiple of standard deviation, variance, semi-variance, or
higher moment(s). These require the entire shape of the probability distribution
(statistical or empirically derived) to be estimated, either based on a model, on
observed data or other related experience.
2. Explicit assumptions. Although not a totally separate approach, this variation of a
quantile method used for long-duration policies separately assesses each major
assumption separately, including a reflection of interactions. It usually applies
professional actuarial standards that specify ranges within which the liability lies.
Canadian actuarial standards currently require the actuary to add an explicit margin for
each assumption. The minimum level of the Canadian ranges provides for a minimal
amount of conservatism, while the maximum is at a level that still is not so
conservative as to distort income. Although not explicitly based on a quantile method,
these ranges have been developed based on practice, with the expectation that actuarial
judgment will be applied in the context of applicable actuarial standards about the
business being valued. It applies the correlations among the assumptions, as they may
be inter-related.
For example, (1) mortality and policyholder behavior, (2) policyholder behavior and
economic conditions or (3) frequency and severity of claims, may or may not be
related or trends may or may not offset each other. Although they are not likely to all
go sour at the same time, for certain extreme scenarios, it may be appropriate to
assume that they do. In contrast, aggregate methods usually reflect correlation
implicitly, as they usually treat all the individual experience assumptions on a
combined or aggregated basis.
3. Cost of capital. The cost of capital approach expresses risk as a function of both the
passage of time and costs associated with assessments against capital made on a
17-31
continuous basis. Evidence regarding the cost of holding this capital is provided by
prices in a market. It refers to the amount of return demanded by the marketplace on
an investment of capital that enables an insurer to fulfill its policy obligations after
payment of income tax.
4. Discount rate. A discount rate approach focuses on the effects of risk and uncertainty
as they occur over time. Unless constrained by rules associated with financial
reporting rules, actuarial practice may consider the extent of uncertainty through an
adjustment to the expected cash flows or through the discount rate the approach used
depends upon the type of application and common practice. The important
consideration is to reflect uncertainty in one of the two and to not double-count it.
Although there is no unique accepted method for determining the discount rate
adjustment, the following techniques have been used in various applications:
a. Risk adjusted discount rate. Usually a level but subjectively selected margin
applied to the discount rate for risk.
b. Deflator adjusted cash flows. Deflators are usually applied to asset values,
constructed using market price information. As such, there are currently no
practical examples in the literature on how to apply them to non-hedgeable risks
where there is no relevant market information available.
c. Capital asset pricing model (CAPM). Although CAPM was developed for the
analysis of asset values, it has also been used to allocate capital. It has been used
as a method for determining the cost in a rate of return method. It may be more
appropriate to apply in determining parameters for other methods, rather than as a
method itself.
Each method requires parameters, possibly directly considering regulatory requirements, re-
engineering, scenario analysis including stress or sensitivity testing, stochastic modeling,
judgment or a combination. The parameters needed differ for each method, including:
The cost and amount of capital (including its runoff pattern) in the cost of capital
method;
Confidence level or other quantile level for quantile methods;
Multiple of higher moments;
A basis point adjustment in the risk adjusted discount methods; and
Margins for each or selected explicit assumption.
The parameters used may incorporate several possible elements, including, for example:
The characteristics of the product being priced, the liability being estimated or the
company whose required capital is being assessed.
The actuarys interpretation of the regulatory or financial reporting requirement, which
may be stated differently, for example for liability measurement, moderately adverse
experience;
17-32
The actuarys degree of confidence in the underlying assumptions;
The sensitivity of results to variations in the assumptions;
The actuarys judgment as to the effect of combinations of various assumptions, their
degree, and the likelihood of them being adverse;
The severity of the issue and the timing of resolution of the amount;
The insurers tolerance of adverse financial results before considering an increase of
inforce premiums; and
Subject to approval or specification by a regulator, if applicable.
17-33
IAA Risk Book
Chapter 18 Policyholder Behaviour and Management Actions
Jari Niittuinper
Business planning is based on assumptions about the future. In practice these assumptions involve
many sources of uncertainties. A key example is policyholders' future behaviour that can have a
significant effect on the amount and timing of insurable risks and costs of the company. To the
extent that policyholder1 behaviour (or because of other reasons) will lead to adverse results, the
company may have to take measures to change its strategies and policies accordingly. A company
needs to anticipate the potential range of policyholder behaviour and its financial impact.
The utilization of options embedded in insurance contracts may affect both the cash inflows and
cash outflows of the company. Actions taken by management to mitigate policyholder action (or
inaction) are called management actions. This chapter addresses only those management actions
that can influence policyholder behaviour or its effects, both through the design of the products and
subsequently.
1. The companies have traditionally understood the existence of policyholder behaviour and
taken it into account in product design and business planning. However, due to change of
business environment and new solvency and accounting regulation it has become more
important to understand the behaviour better.
2. Policyholder behaviour depends on the type of insurance. There are for example
differences in behaviour of life and non-life policyholders.
3. The exercise of certain policyholder options can significantly affect the insurers
solvency. Proper risk management of these options can impact pricing, valuation hedging
and solvency in a material manner.
4. Managing policyholder behaviour risks requires co-ordination within the company from
actuaries, risk managers, investment personnel and lawyers, as well as those in marketing
and who have day-to-day contact with policyholders and their advisors.
5. Policyholder behaviour affects both the quantity and quality of the companys liabilities
resulting that the liabilities become less-profitable. In some cases it affects the capital
requirements, relating to the insurance portfolios and the claims payable. This behaviour
may affect the company in either a positive or negative manner.
6. Legal requirements should be taken into account when anticipating policyholder
behaviour in certain situations, such as when calculating technical provisions.
Policyholder behaviour should be taken into account during the entire policy cycle as
well as in the product design phase.
1
Policyholder in this chapter refers not only to policyholders but in some cases also to the insured and the
beneficiaries.
IAA on 14 February 2017
7. Actuarial modelling is often required to estimate the impact of policyholder behaviour
and to understand its impact on cash flows. The models can be simple ones, having only
one parameter; they can also be complicated stochastic models. Effective modeling
requires statistical analysis and understanding the drivers of policyholder behaviour.
This chapter, rather than concentrating on alternative modeling techniques, focuses on the dynamics
of policyholder behaviour and related management actions, as well as tools that can be used by the
companys management and board and its supervisors to better understand the sensitivity of
company results to policyholder behaviour and to challenge the assumptions made.2
2. Identification of Policyholder Behaviour

Policyholder behaviour should be considered during the product design phase. The assumptions
made during this phase should be assessed and verified later during the product management cycle.
In product development, it is not essential to design products so that policyholder behaviour does
not impact profitability. However, it should recognize and estimate its potential impact so as to
avoid options which could be too costly relative to the products price and market.
To this end, the company should identify the options available in the policies and the range of
expected outcomes of both rational and irrational behaviour of the policyholders.
There is normally a trigger that results in the exercise of rational behaviour. If a mathematical
model includes the same trigger, then the expected exercise can be incorporated in the assumption
used.
Rational behaviour can arise, for example, when a policyholder terminates his motor insurance
policy because he is able to obtain the same cover from another insurance company at a lower price.
It also occurs where a policyholder surrenders her life insurance policy when the surrender value is
greater than the value of continuing the policy in force to the policyholder at the end of the policy
period.
The first example above illustrates the competitive pressure companies face. However, it may be
difficult to forecast the extent of this occurring, policyholders reaction and any consequential
adverse effect on the renewing in-force business of potential anti-selection. The second example
illustrates an example that companies have even now normally taken into account in determining
the premiums and designing the terms and conditions of their policies.
Policyholders can also exhibit what appears to be irrational behaviour. This can occur when a
policyholder terminates a policy, even though the guaranteed interest is higher than the expected
yield from alternative investments. Irrational policyholder behaviour is common. This has been
studied by actuaries and behavioural economists which will be discussed later in this chapter. When
modelling policyholder behaviour, also irrational behaviour should be anticipated and modelled.
One reason irrational behaviour arises is that policyholders often do not have enough information
available to make rational decisions. Irrational behaviour in general reduces as market information
regarding the option and other market data becomes well known. It also arises when factors such as
convenience or value of a brand exist. Seemingly irrational behaviour can also occur as a result of
2
Discussion of modeling techniques can be found in IAA: Stochastic Modeling - Theory and Reality from an Actuarial
Perspective, pp. 145 147.
email directly to riskbookcomments@actuaries.org
18-2
policyholder circumstances independent of the contract itself (e.g., a need for cash, or reaction to
media coverage of the company).
Moral hazard, anti-selection and insurance fraud will impact policyholder behaviour. The effect of
moral hazard and insurance fraud can also represent operational risks.
3. Recognition of Policyholder Behaviour

The effect of the use of policyholder options should be assessed during the product design and
pricing phases of product development because they can affect the profitability of the product and
the business decision-making. For instance, their impacts on the expected cost of guarantees and the
cost and feasibility of proposed hedging arrangements should be analyzed. Special attention to
terms and conditions is needed in order to reduce the effect of moral hazard and anti-selection.
Policyholder behaviour should be taken into account when projecting future cash flows. This
applies not only to the calculation of premiums and technical provisions, but also to the
development of stress tests, sensitivity tests, ALM calculations, replicating portfolios and market
consistent economic values.
When calculating technical provisions for accounting and solvency requirement purposes, there
may be rules regarding whether policyholder behaviour can be or has to be taken into account in the
estimation of cash flows; for example, whether policy lapses can be incorporated in these
calculations. In some jurisdictions these rules include the anticipation of policyholder behaviour.
For example, Solvency II regulation3 requires explicitly that policyholder behaviour has to be taken
into account: "When determining the likelihood that policy holders will exercise contractual
options, including lapses and surrenders, insurance and reinsurance undertakings shall conduct an
analysis of past policyholder behaviour and a prospective assessment of expected policyholder
behaviour."
IFRS ED 4 mentions in the article 22 (d) that the estimates of cash inflows and cash outflows shall
"incorporate, in an unbiased way, all of the available information about the amount, timing and
uncertainty of all of the cash inflows and cash outflows that are expected to arise as the entity fulfils
the insurance contracts in the portfolio". Further, the IFRS application guidance states in paragraph
B63 that "the measurement of an insurance contract shall reflect, on an expected value basis, the
entitys view of how the policyholders in the portfolio that contains the contract will exercise
options available to them, and the risk adjustment shall reflect the entitys view of how the actual
behaviour of the policyholders in the portfolio of contracts may differ from the expected
behaviour". It is anticipated that the IASB will require recognition of policyholder behaviour in
IFRS 17.4
Accounting and regulatory rules also include provisions relating to contract boundaries 5. The
contract boundary is the point after which premium cash flows associated with insurance coverage
may not be recognized. It is a contract level boundary between existing and future business. Current
contract boundary regulations usually take into account both policyholder behaviour and eventual
3
See Commission Delegated Regulation (EU) 2015/35), art 26 (implementing measures on Solvency II)
4
Insurance Contracts Exposure Draft ED/2013/7, IFRS IFRS 17 will be published in the second half of 1917.
5
E.g. IFRS ED 4 art. 22 (e), 23, 24 and B62 64 and Commission Delegated Regulation (EU) 2015/35 art 18
(implementing measures on Solvency II)
18-3
management actions. For example, if the company can terminate a contract, reject premiums or
amend the premiums or benefits, then the expected reactions of the policyholder must be anticipated
and reflected.
In the case of some ORSA scenarios, ALM models and calculations of market consistent economic
value, it may be appropriate to ignore regulatory or accounting based contract boundary limitations
and apply assumptions of policyholder behaviour until the risks have expired. Especially when the
contract boundary is one year or less and the company wants to include the new sales in the
scenarios, other contract boundary definitions may be used.
4. Typical Policyholder Options

Policyholder options affect the policyholder behaviour.
Policyholder options depend on the terms and conditions of the products involved. The longer the
guaranteed coverage period of the contract, the more likely that the contract contains options that
need special attention.
In insurance lines where the contracts are renewed regularly (usually annually), the main concern is
the extent to which the policyholders renew or continue their contracts.
The following is a non-exhaustive list of common options in life insurance and annuity policies:
1. lapses and surrenders
2. changes of insurance cover or change in other features
3. changes or payments of premiums/contributions to the policy
4. alternative indemnities (lump sum/annuities)
5. loyalty bonuses (within a company or a group)
6. paid-up policy options
7. taking out or repaying policy loans
8. continued insurance
9. flexible pension start and end age
10. at end of savings period, payment as lump sum or as an annuity
11. selection and change of funds in unit linked policies
12. switch-option (reallocation of underlying assets between funds and with profit reserves)
13. options embedded in variable annuities
14. settlement options at death, maturity or surrender.
Many options are of great financial importance for the companies because of the guarantees
embedded in the future premiums of a policy. Such options are especially the switch-option and
option to continue the policy after the original maturity date.
18-4
5. Triggers Affecting Utilization of Options Embedded in the Policies
The following are some of the reasons why a policyholder exercises options:
1. Change in need for coverage: The policyholder sells his car or after a divorce there is no
need for a mutual (joint) life insurance policy.
2. Mortality anti-selection: The policyholder chooses between alternative indemnities, e.g.
pension and lump sum.
3. Immediate need for money: The policyholder builds a house or her financial situation
deteriorates.
4. An increase in premium or decrease of benefits, especially when compared to significant
guarantees by competitors.
5. Change in economic environment: The policyholder alters his choice of the economic
options available in the contract based on a perception of improved economic value (e.g.
an increase or decrease in rate of contributions).
6. It is beneficial to use the option: Expectation of projected future development of the
surrender value is less than the current surrender value, e.g. the case in variable annuities.
7. Change in regulation, tax-deductibility, or state or employer benefit provisions.
8. Influence of the distribution channel: influence and recommendations of the sales agent
affect the decisions of the policyholders.
9. Change in competition: Competitors start selling the cover at a lower premium;
newcomers offer more competitive premiums or contractual features; or substitute
investment products become available.
10. Claims practices: Rejection of a claim may cause dissatisfaction, leading to switches in
company.
11. Change in insurers reputation: news of unethical practices of the company or poor
financial situation.
To model the potential cost of these options it is necessary to understand the underlying triggers.
Sometimes the primary trigger can be quite unexpected. For example, SARS (severe acute
respiratory syndrome) caused people to cancel trips to Singapore which caused an economic
downturn with lay-offs. As a result, laid-off employees then lapsed their policies. While the reason
for the massive number of lapses was the change in the economic environment, the trigger was
SARS.
A health insurance example is where a company could give policyholders a company card for
paying health-related expenses. This made it easier for the policyholders to see a doctor, which
increased the number of claim events. In this special case the change in behaviour of the doctors
caused an increase in claim expenses because the doctors knew that the patients did not need cash to
make additional medical appointments and examinations. This option increased claims paid as a
whole; as a result, the company took the management action to terminate the use of company cards.
18-5
It should be noted that the use of an option can result in either positive or negative financial results.
For example, in a low interest rate environment lapsation of a policy may benefit the company
because it loses an unprofitable contract. However, quite often the use of the option is adverse.
6. Lessons Learned
Some options have turned out in the long run to be quite costly for insurers. Here we present some
examples:
Long term guarantees
During the current low interest rate environment some companies have found out that
interest guarantee provided in some of their long-term life and annuity products with
profit participation features was too aggressive. For example, ten years ago 4 5 %
interest guarantees were not considered unusual, while currently even a 0 % guarantee
represents a guarantee with value and possible cost. Even though the companies may have
hedged their interest rate risks, the policies may have had options that allow future
premiums and deferred annuities to be entitled to the same guarantees. Also, an option to
amend the annuity period by postponing the timing of annuitization has proven costly.
Many companies no longer offer such investment risks and sell unit linked products
instead.
Universal Life
Highly flexible universal life policies have created the situation where premiums
combined with remaining funds have been insufficient to cover the mortality costs of the
insurance and the policies have lapsed.
Variable annuities
Another set of products that may become costly have been variable annuity products with
special rider guarantees. The following set gives a good picture of the many products in
the market:
GMDB Guaranteed Minimum Death Benefit
GMWB Guaranteed Minimum Withdrawal Benefit
GMAB Guaranteed Minimum Accumulation Benefit
GMIB Guaranteed Minimum Income Benefit
The guarantee itself varies by product, such as a return of paid premiums with/without
loadings or with bonuses and possibly with a ratchet provision.
Because policyholders can make decisions regarding the type of assets invested and the
guarantees provided result in the companies bearing some of the investment risks for
these assets, the products can be costly for the companies. There is also an eventual
18-6
possibility for anti-selection if the value of the linked investments is below the guaranteed
minimum.
Managing the risks of variable annuity products quite often requires stochastic
calculations. However, e.g., the death cover of GMDB product may be charged annually
and its annual premium equals the economic cost to the company. This aspect of the
contract can be compared with annual term life insurance.
Health insurance
The claims ratio of health insurance can become higher than expected if the premiums are
fixed and the policyholder has the option to renew the policy. In other similar cases,
premium increases have not kept up with the claims (sometimes resulting in an
assessment spiral). Those whose health has declined tend to automatically renew the
policy while healthier insured may be able to obtain less expensive, freshly underwritten
contracts, leaving the remaining policies to be of less than expected health.
Household insurance
Policyholders can't always value the risks they are exposed to properly. For example, after
a flood people recognize their need for insurance covers that reimburse losses due to
flooding; in contrast after ten years without such a flood, those who live further away
from the water may underestimate the risk and terminate their insurance contracts.
7. Management of Policyholder Options Before the Policy is In Force

The effects of use of policyholder options, as well as any resultant management actions, should be
considered during the product design and pricing phases or product management.
Once policyholder options have been identified, their utilization and impact on expected cash flows
and capital requirements should be estimated. If they are exercised in an adverse manner from the
perspective of the insurer, the need for, feasibility of, and desirability of additional charges
(including such actions as asset reallocation or amendment of annuity period) should also be
considered.
Limiting the available options may also be possible in setting the terms and conditions of the policy.
However, competitive reasons may also need to be considered. For example, in variable annuity
products, funds available in variable annuities may be managed by the insurance company itself
rather than being outsourced to asset managers. Another option would be to reduce the level of or
type of guarantees provided in the initial product design.
Many actions especially for non-life insurance occur prior to the issuance of the contract. These
actions can include:
1. Changing the contract terms to restrict coverage or to require certain policyholder actions
for the insured, including:
a. Timely notice of an event that may lead to a claim
b. Timely remediation to limit the size of a loss (e.g., covering up a hole in a roof)
c. Required duty of care prior to a loss
18-7
d. Required purchase commensurate with the value of a property (for property
insurance) or face mandatory co-insurance to the extent the property is underinsured
2. Investigating the exposure before writing the policy (e.g., seeing if the house or car to be
insured actually exists and is currently undamaged)
3. Buying facultative reinsurance
4. Underwriting (e.g. to evaluate the likelihood of moral hazard with a particular client).
Some companies have experienced problems when allowing switches into funds whose
performance cannot be easily hedged. This has resulted in onerous costs resulting from the
guarantees.
8. Typical Management Actions

Management action is conceptually linked to calculation of best estimates. In order to be able to
calculate the effect of management actions, assumptions as to what management actions are
possible or probable have to be made. However, there are also some other measures that the
management should consider as described below.
In addition, the company management needs to consider whether current terms or management
behaviour as to claims practices (such as claim expenses) and/or renewal rights impacts
policyholder behaviour.
Though the management of the company has to consider in each case what would be most
appropriate action, for calculation purposes a realistic management action plan is needed. The
management action plan should be revisited regularly, especially where such actions have or are
expected to deviate from the plan. This management action plan is the basis for the cash flow
calculations.
Examples of the types of management action referred to here include:
Annual bonuses determination. Companies may have a bonus (policyholder dividend)
policy or practice which can be modelled. In some countries there is a requirement to
have a written bonus policy.
Significantly adverse policyholder behaviour can trigger management actions. For
example, if the policies become unprofitable, some jurisdictions permit the amendment
of premiums and terms of the policies. Sometimes this action requires the consent of the
supervisor. How to take into account in the calculation of solvency requirements depends
on the jurisdiction.
A reallocation of assets. For example, there can be legal restrictions regarding how large
an equity exposure the company can have in its asset portfolio or a company might hedge
certain assets.
Changing reinsurance strategies.
Companies can change its approach to settling including the type of claims that should be
rejected under the terms of a contract. Some claims practices are very liberal with regards
to contract terms while others are very restrictive. A change in claims management or
18-8
claims policy may be a possibility, but policyholder expectations at time of sale need to
be considered as well.
Change in selling strategies can also be considered. Expenses can be cut, especially if the
volumes of the product decrease. Some product lines can be put into run-off position.
If the policyholder behaviour has been affected by the distribution channel, management
may consider restructuring the commission policy.
9. Assumptions
Modeling policyholder behaviour and management actions is based on assumptions that require
expert judgment.
For example, Solvency II requires that the assumptions used for calculating the best estimate shall
be based upon up-to-date and credible information and realistic assumptions6. The delegated acts
have additional provisions regarding assumption setting.
There are many drivers that affect the policyholder behaviour simultaneously that affect
assumptions. For example, lapsation may depend on the age of the insured, type of policy and
duration in force. Some findings show that lapsation of investment products has a peak
approximately at the age of 30 and then at the retirement age. On the other hand, lapsation in
general may slow down gradually over the policy term.
Age dependence suggests that policyholders have competing needs for money during their life
cycle, although lapsation in general tends to decrease after age 30. At the age of 30 the young
families buy or build their houses; after retirement age, people may prefer travel. Quite often the
option to withdraw money from the policy is used as a selling argument. Other drivers for lapses are
given in the list in Section 5.
As shown in this lapsation example, the challenge is to determine the different drivers and quantify
the sensitivity of policyholder behaviour. Both statistical methods and expert judgement can be used
for this purpose. In order to better assess policyholder behaviour for the purpose of setting
assumptions and modeling cash flows, surveys targeted to the policyholders and questionnaires in
the event of claims can provide valuable information. Useful are also retrospective studies of past
behaviour under different circumstances where available. Because of the many drivers of the use of
policyholder options, predictive modeling, using big data approaches and advanced algorithms
might be prove useful.
Possible adverse effects of policyholder behaviour should be assessed and reflected. One approach
is taken by Solvency II which has laid a separate solvency capital requirement for mass lapsation. 7
6
Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and
pursuit of the business of Insurance and Reinsurance (Solvency II), art 77 (2)
(http://eur-lex.europa.eu/legal-content/en/ALL/?uri=CELEX%3A32009L0138)
7
See Commission Delegated Regulation (EU) 2015/35 art 142 (6) (implementing measures on Solvency II)
18-9
10. Application of Behavioural Economics
In modelling it is necessary to understand policyholder behaviour. In this process history data and
also methods of behavioural economics may be used.
Utilizing policy options constitutes a part of a personal decision-making process. Behavioural
economics studies the problem of the factors behind peoples financial decisions. The application of
behavioural economics helps to better understand policyholder behaviour. Useful references to this
subject are Daniel Kahneman's and Richard H. Thalers books. From an insurance industry point of
view there is also a paper on this topic published by Society of Actuaries 8. The following describes
a few findings from behavioural economics.
Behavioural economics questions whether people always act rationally. Insurance companies
should ask the same question in regard to their policyholders. Some but not all policyholders behave
irrationally.
Behavioural economics has found that people tend to be risk-averse for gains and risk-seeking for
losses. Risk aversion is often in fact the ultimate incentive to purchase insurance coverage. When
having to make a choice between a sure gain and an uncertain higher gain, people tend to choose
the sure gain. If a choice has to be made between a sure loss and uncertain bigger loss with a
possibility to reduce the loss, people tend to choose the riskier option. In other words, if at all
possible they try to avoid a loss. As a result, people tend to sell those investments from where they
gain profits rather than those from where they make losses.
Because of the so-called anchoring effect people may value the loss by comparing it to the purchase
price or a later higher value. People tend to consider that there they make a loss if the value of
shares has once been 400 though it was bought at 300 and the current price is 350.
This behaviour also affects lapsation of different types of savings policies and deferred annuities.
Not all people are risk and loss averse to the same extent. The mixture of types of policyholders
affects the size and quality of the insurance portfolios, as will be discussed in the next paragraph.
Also the existence of an endowment, which is basically inertia, reduces lapsation rates. When
people have bought insurance, most tend not to want to lapse it, even when lapsation represents
financially rational behaviour, though some of this inertia may be due to different products not
easily compared. In addition, in life and health insurance surrendering a policy may be irrational if
it is not possible to agree on another contract in another company due to health reasons.
Products may be bought to ensure continuation of coverage (and hence, peace of mind), not
necessarily for an investment. Thus although rationality is valid, it takes into account broader
considerations than just looking at the financial impacts.
There are some findings that in financial conglomerates that manage the same funds in mutual fund
companies and life insurance companies, the customers of life insurance companies tend to be more
inertial.
8
Daniel Kahneman: Thinking, fast and slow, 2011, Farrar, Straus and Giroux;
Richard H. Thaler: Misbehaving, 2015, W. W. Norton & Company, Inc.
Society of Actuaries: Modeling of Policyholder Behavior for Life Insurance and Annuity Products
18-10
It is also worth noting that those who are wealthy do not react as strongly to the loss of equivalent
amount of money as do those who are not. Thus, the characteristics of the policyholders also affects
the extent of lapsation.
11. Modeling Dynamic Policyholder Behaviour

Dynamic lapsation models can be used to model policyholder behaviour, as addressed in the IAAs
book on Stochastic Modeling.9 The book proposes to link the lapsation rate to a dynamic factor
which depends on the product in concern and one or more external factors, like changes in
investment markets and bonus rates.
In life insurance the dynamic factor is often more complicated because there are several drivers that
simultaneously affect lapsation, including policyholders health condition, changes in competitive
position (including in some cases products offered by non-insurance companies), age, size of the
policy, policy duration, guaranteed interest and extent of surrender charge, if any. Some life
companies have not found a significant correlation between lapsation rates and economic cycles.
Possibly some auto-correlation exists so that in the start of economic cycles there are more lapses
than normal. The dynamic factor also often depends on the terms of the policy. For example, in a
low interest rate environment, the guaranteed interest rate and possible bonus policy should be
taken into account.
Policyholders can be classified into those who are risk-averse and loss-averse and those who are
not. 10 Depending on the mix of policyholders, the effect of the aggregate behaviour between two
groups of policyholders may go in opposite directions. It is relatively easy to show that under some
assumptions the lapsation rate of the whole portfolio may vary in an unexpected way and also that
aggregate behaviour can change from year to year.
Thus, policyholder behaviour depends not only on the products involved and the financial markets,
but also on the economic and personal situations. As a result, testing the validity of the assumptions
and models used should be conducted on an ongoing basis, using alternative assumptions.
12. Summary
Policyholder behaviour and management actions are important factors to be considered by an
insurer. They should be taken into account not only during the product design phase, but through
the entire policy cycle. Modeling is often required, especially in life insurance and deferred
annuities.
Modeling and estimating policyholder behaviour is challenging and requires a thorough
understanding of the company's policyholders and their behaviour for each contract type. If relevant
data are not available, the actuaries may use simpler methods and expert judgement, but should test
results using a range rather than only a single set of policyholder behaviour assumptions. Even here,
those methods need to lay the groundwork for better understanding of the drivers of the
policyholder behaviour so that the company management and the insurance supervisors can
9
IAA: Stochastic Modeling - Theory and Reality from an Actuarial Perspective, pp. 145 147
10
See: Daniel Kahneman: Thinking, fast and slow, Prospect Theory, pp. 278 288, 2011, Farrar, Straus and Giroux;
Richard, H. Thaler: Misbehaving , Value Theory, pp. 25 34, 2015, W. W. Norton & Company, Inc.
18-11
challenge the assumptions used in actuarial calculations and the degree to which the modeled
behaviour are validated by emerging experience.
There are multiple heterogeneous set of policyholder behaviours. In addition, behaviour and actions
vary geographically and by distribution systems.
Cash in a policyholders pocket and certainty have great value. Policyholders and shareholders may
not be economically rational in the classical sense and may act on other reasons including inertia,
suspicion, misinformation, short term horizons of self-interest or longer term tax and/or estate need.
An increase in the rate of lapsation used to value insurance liabilities (notably life insurance and
annuities) may increase the value for some contracts and decrease it for others at the same time.
Providing for adversity in the valuation of insurance liabilities frequently requires consideration of
the direction of the lapse adversity at the contract and duration level. A mass lapse assumption (as
part of stress testing or a solvency shock test), triggered perhaps as a result of a loss of confidence
in the insurer, will therefore affect the value of insurance liabilities in an uneven and possibly
unexpected fashion. The value of insurance liabilities (notably life insurance and annuities) can be
very sensitive to the policyholder behaviour assumption, especially in the presence of significant
policyholder options.
Jari Niittuinper, M.Sc, LL.M., FASC, is the Chief Actuary in the Financial Supervisory Authority
in Finland where he is responsible for life insurance companies. He can be contacted at
jari.niittuinpera@gmail.com.
18-12
IAA Risk Book
Governance, Management and Regulation
of Insurance Operations
Presented by Contributors to IAA Risk Book of Insurance

Regulation Committee
At the IAA Life Section Webinar March 22, 2016
Foreword
The goal of this presentation is two fold:
Provide concise overview of the IAA Risk Book rather than teach the
concepts
Encourage audience engagement via further reading, feedback and
critiques of this project
Each chapter is summarized in 2 3 slides
Speakers today:
Life Section: Marc Slutzky, Pedro Pacheco Villagrn
IRC: Dave Sandberg, Stuart Wason, Godfrey Perrott, Toshihiro Kawano,
Ralph Blanchard, Eberhard Mller
2
About the IAA Risk Book
Background
IRC published Blue Book on Insurer Solvency Assessment in 2004
The Blue Book described the then current "best practice" elements of a
framework for insurer solvency assessment for international consideration
The Risk Book has been a two+ year project to update our prior work to
reflect current perspectives on risk
No single risk measure provides the full video picture of risk. The Risk
Book reviews the multiple tools available to a company and to a supervisor
to manage risk in a sustainable manner
3
Contributors
Risk Book steering committee includes regulators, current practitioners and
retirees
Individual authors from around the world
Many more contributing to review
Objective = write each chapter in 20 pages or less
Geared more to practice than theory
4
How it works (on the website), how it gets updated and how to access
Chapters being submitted as they are completed (10 out of 21 @ Mar 2016)
Located at IAA website under PUBLICATIONS, pull down to RISK BOOK
Or
http://www.actuaries.org/index.cfm?lang=EN&DSP=PUBLICATIONS&ACT=RISKBOOK
Will accept and respond to comments
Intend to update chapters as needed
5
Table of contents
1. Introduction 6. Non-Proportional Reinsurance

2. Actuarial Function 7. Intra-Group Reinsurance
3. Professional Standards 8. Addressing the Consequences of
Insurance Groups
4. Operational Risk
9. Distribution Risk
5. Catastrophe Risk 10. ORSA
6
Chapters under construction
Resolution of Insolvencies
Role of Capital
ALM
Derivatives
Financial Statements
Governance of Models
Communicating Uncertainty
Materiality & Proportionality
One year vs. Multi-year Valuation
Policyholder Behaviour & Management Actions
Stress Testing
7
8
Chapter 1 Introduction
Key messages include:
Managing and Communicating Uncertainty Our Professional
Opportunity & Responsibility
ERM Is the Core Franchise Value of Insurance
What is the Important Problem?

What Pillar 2 (ERM) processes and tools can be used to sustain
the Balance Sheet before Pillar 1 indicates the ship has sunk.
And, are they robust or smoke and mirrors?
9
Chapter 1 Introduction
What are the Important Solutions?
To manage and communicate uncertainty, processes are
essential
Can the Actuarial Function step into and/or assist these roles
more directly?
ORSA
Model governance
Stress testing
ERM
Recovery and resolution planning oversight
Micro (firm specific) vs macro (sector specific) implications
10
Chapter 2 Actuarial Function (AF)
Key messages:
Insurance supervisors are focusing on oversight role of AF as
part of second of the traditional three lines of defence in
ERM.
Lines of defence:
1. Functions that own, manage, and report on risks (e.g.,
operational management);
2. Functions (and processes) that oversee risks (e.g., AF, risk
management, compliance, risk committees, and sign-off
requirements); and
3. Functions that provide independent assurance (e.g.,
internal and/or external audit).
11
Chapter 2 Actuarial Function
Key messages (continued):
Actuaries are not restricted to providing the oversight of risk
(i.e., second line of defence), but are active in some or all of the
three lines of defence within an insurer.
Independent risk oversight by AF is important to boards, senior
management, and supervisors because of unique actuarial
perspective on insurers risks. Effective AF oversight can
facilitate less intrusive supervision.
12
Chapter 2 Actuarial Function
AF frequently expected to make material contributions to ERM
AF must be organized & operate within insurer/insurance group
in clear, effective & transparent manner
Insurance supervisors develop & maintain confidence in work of
AF through:
Validation of important aspects of work of AF
Presence of strong professionalism
Presence of effective feedback loops between the
supervisor, profession, standard setters, and the disciplinary
process.
13
Chapter 3 Professional Standards
Key messages:
Actuarial standards:
assure the public that actuaries are professionally accountable
gives the users of actuarial work confidence that the work has
been performed appropriately
provide practicing actuaries with a basis for assuring their work will
conform to appropriate practice.
can be of significant value to regulators
Members of Full Member associations (FMAs) must comply
with applicable actuarial standards.
14
Chapter 3 Professional Standards
The scope of actuarial standards includes the process of setting
assumptions, selecting methodologies, and disclosure.
Actuarial standards and regulations complement each other.
Actuarial standards guide actuarial work:
usually principle-based, rather than prescriptive
permit departures from the standards guidance if justified.
Regulations are usually prescriptive and mandatory.
Model actuarial standards are adopted in a particular
jurisdiction by the entity entitled to enact standards.
15
Chapter 4 Operational Risk
Key messages:
Quality & maturity of risk management process are key
indicators that can impact potential losses arising from
operational risk (OR) events.
OR is closely linked to the risk culture of an insurer; qualitative
issues (such as strength of governance processes and oversight
functions) play large role in management of OR.
Reliability of any OR modelling exercise is strictly connected
with actual quality of the overall data (internal or external data)
- generally an unknown.
16
Appropriate model calibration in the data-poor environment of
operational risk is one of the most significant and persistent
challenges for insurers.
Typically a capital charge or other mitigation method acts to
reduce risk exposure, but adding an operational risk charge
based on past losses (or the lack thereof) can be pro-cyclical.
17
Operational risk events for high-frequency/low-severity events
can be captured & modelled; tail events that are low
frequency/high severity are where a qualitative scaling
assessment can be most effective.
Credible approach for OR should include a blend of qualitative
and quantitative assessments to evaluate the effectiveness of
management processes to address OR exposures to both low
and high-severity events.
18
Chapter 5 Catastrophe Risk
Key messages:
Catastrophes result in a sudden and mass destruction of
property, lives, environment, and/or the economy.
Catastrophes can be natural or man-made (e.g., terrorism).
The frequency and severity of catastrophe losses have been
increasing over past several decades primarily due to increasing
concentrations of population and property in geographical
areas prone to disasters.
19
Catastrophes impact society first, and insurers only to the
extent that the damages are insured.
Due to their infrequent nature, analysis of past losses cant
sufficiently measure catastrophe risk, so many insurers use
catastrophe models to estimate potential losses.
Catastrophe models are based on four primary components
event catalogs, intensity formulas, damage functions and a
financial module.
20
Model uncertainty is unavoidable and is impacted by both data
issues (related to quality and availability) and political issues
(influencing how events will unfold in times of stress). This is in
addition to the uncertainty related to random events.
Model development and usage is evolving, including a trend
towards open models (as opposed to closed proprietary
models) and their use for scenario analysis.
Catastrophe models are part of the risk management process
both in terms of pricing/underwriting and in terms of
solvency/capital management.
21
Chapter 6 Non-Proportional Reinsurance
Key messages:
Non-proportional reinsurance (NPR) is a very powerful tool in
spreading risk, diversifying risk and managing the dangerous
tail of loss distributions.
NPR is used extensively in P&C reinsurance , but is less common
for life and health insurance where proportional reinsurance
continues to dominate.
In addition to risk and capital considerations, NPR is used
extensively to reduce the potential volatility of a company's
quarterly or yearly earnings.
22
Chapter 6 Non-Proportional Reinsurance
The risk assessment and the pricing of NPR products are reliant
upon having good meaningful data.
As regulatory capital regimes become more risk-based it is likely
that NPR solutions will become more common across all lines of
business.
NPR structures, and reinsurance in general, carry a risk in
respect of a failure of the reinsurer which needs to be reflected
in the capital requirements.
23
Thank you
www.actuaries.org
Moving the profession forward internationally

24

Iaa Risk Book

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Iaa Risk Book

Enviado por

Direitos autorais:

Formatos disponíveis

IAA Risk Book

Chapter 1 - Introduction to the IAA Risk Book

DEPICTION OF THE ACTUARIAL CONTROL CYCLE

5. Stakeholders Tools Supervisors

6. Stakeholders Tools - Insurers

7. Actuarial Tools and Processes

4. Setting Expectations for the Competencies of the AF

5. Structural Considerations of the AF

6. Reliance on the Competency of the AF

7. Provision of Effective Actuarial Oversight

4. Benefits of Actuarial Standards

5. Standard-Setters and Regulators

2 CIA Research Paper on Operational Risk, November 2014.

3 CIA Research Paper on Operational Risk, November 2014.

3. Operational and Other Risks

9 Milliman, Operational Risk Modelling Framework, February 2013.

Insurance Banking Mining Energy

Low Claims processing, ATM failures Transport Meter reading

Medium Fraud, regulatory Online security Environmental Environmental

High Mis-selling, Rogue trader Mine collapse Oil spill, gas

Source: Milliman (2013), p. 13 with modifications by author

4. Prerequisites for the Quantification of Operational Risk

5. Assessment of Operational Risk

Measure Approach, Journal of Risk and Insurance, June 2014.

32 FINMA, Swiss Solvency Test, Circular 2008/44 SST.

Chapter 4Operational Risk

Key messages of this chapter include:

2016 International Actuarial Association / Association Actuarielle Internationale

The processes and methodology followed to determine the required capital;

The relevance and quality of the data used for modelling;

2 CIA Research Paper on Operational Risk, November 2014.

The reliability of the derived value.

Stakeholders must recognize the significantly greater uncertainty in modelled results of

3 CIA Research Paper on Operational Risk, November 2014.

Legal risk is also defined within Basel II:

II. Importance of Risk Culture

It is critical to recognize that a mechanical use of quantitative methods to determine required

3. Operational and Other Risks

The CIA research paper is focused on:

Definitions of operational risk terminology;

Categorization of operational risk;

Identification and description of quantification methods; and

Details of existing regulatory requirements related to operational risk.

Millimans paper, Operational Risk Modelling Framework,9 summarizes the current

II. A Point of Reference: Operational Risk in Other Sectors

9 Milliman, Operational Risk Modelling Framework, February 2013.

Enhance the implementation of change management programs;

Improve board and senior management oversight; and

Strengthen the implementation of the three lines of defense, especially by refining

Insurance Banking Mining Energy

Low Claims processing, ATM Transport Meter reading

Medium Fraud, regulatory Online Environmental Environmental

High Mis-selling, Rogue trader Mine collapse Oil spill, gas

Source: Milliman (2013), p. 13 with modifications by author

III. Common Factors and General Approach to Operational RiskSummary of

a. Land, labor, and capital;

b. Processes used, regulations, legal and political events/environment, and

a. High frequency/low severity;

b. Medium frequency/medium severity; and

c. Low frequency/high severity.

5. The need to blend qualitative and quantitative assessments.

Thus, to address operational risk, the following items need to be considered:

The management and governance of behaviours need to be a primary focus to reduce/mitigate

Data sources can be internal or external to the insurer.