View
219
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Presentation on the proposed IASB standard on risk evaluaiton/ Présentation de la norme IASB de l'évaluation du risque
Citation preview
Enterprise Risk Advisory, LLC 1
Session 28PD
Mr. Michel Rochette Enterprise Risk Advisory,LLC
September 10th, 2012
Enterprise Risk Advisory, LLC 2
Topics Context Two proposed risk standards:
Risk Evaluation – covered in this presentation Risk Treatment – see ASB web site
Reactions Discussion Questions
Enterprise Risk Advisory, LLC 3
Risk Evaluation in Enterprise Risk Management
Enterprise Risk Advisory, LLC 4
Context
Enterprise Risk Advisory, LLC 5
Context
Source: INGRAM, Dave(2009), “ERM and Actuaries”, Casualty Actuarial Society E-Forum, WinterEdition, p.386-395
Enterprise Risk Advisory, LLC 6
Context Risk Controlling:
– Creation of comprehensive risk models: establish and monitor risk tolerance and limits
– Some existing ASOPs fall in this category but actuaries mostly absent
Risk Trading:– Pricing and valuation of risks– Most ASOPs pertain to this goal, mostly
insuranceRisk Steering:– EC, Risk-adjusted performance, Value
Enterprise Risk Advisory, LLC 7
Context
Copyright 2010 by the Society of Actuaries, Schaumburg, Illinois. .
RISK EVALUATION
RISK TREATMENT
Enterprise Risk Advisory, LLC 8
Context Most ERM standards usually apply at the
company level Most other ASB ASOPs are very specific,
although they also reference risk issues:– #7: Analysis of life, health, or property/casualty
insurer cash flows– #12: Risk classification (All practice areas)– #19: Appraisal of insurers– #35: Selection of demographic and other non
economic assumptions for measuring pension obligations
Enterprise Risk Advisory, LLC 9
Context
Source: INGRAM, Dave(2011), “ERM Standards of Practice: A Socratic Dialogue”, SOA Annual Meeting, p.11-22
Enterprise Risk Advisory, LLC 10
Context Other ERM ''Standards of practice” being
considered:– IAA: global standards initiative: Ex. Social
Security– Asset management industry: some initiatives at
the industry level– Auditors: some very specific individual risk
standards: risk audit and SOX.
Enterprise Risk Advisory, LLC 11
Standards in general
Enterprise Risk Advisory, LLC 12
Standards in general
Enterprise Risk Advisory, LLC 13
Ex. Components of Standards
Individual Risk Standards
Enterprise Risk Advisory, LLC 14
Risk standards Let's listen to Dave Ingram's presentation of the
context at the 2012 ERM Symposium
Source: ERM Symposium, 2012, session C9
http://www.ermsymposium.org/2012/audio/C9.mp3
Enterprise Risk Advisory, LLC 15
Risk standards
Source: ERM Symposium, 2012, session C9
Enterprise Risk Advisory, LLC 16
Risk standards
Source: ERM Symposium, 2012, session C9
Enterprise Risk Advisory, LLC 17
Risk standards
Source: ERM Symposium, 2012, session C9
Enterprise Risk Advisory, LLC 18
Risk standards
Source: ERM Symposium, 2012, session C9
Enterprise Risk Advisory, LLC 19
Risk standards
Source: ERM Symposium, 2012, session C9
Enterprise Risk Advisory, LLC 20
Risk Evaluation Standard Purpose: Provide guidance – not guidelines –
to actuaries – for the moment – as it pertains to risk evaluation – broader than measurement, quantification but smaller than analysis – systems: - not just a framework -– Design or Implement– Use or Review
Scope: apply to actuaries for any ERM phases: ERM control or compliance cycle, trading or steer objectives
Enterprise Risk Advisory, LLC 21
Risk Evaluation Standard Different categories of risk evaluations:
– Risk evaluation models: apply to 3 ERM phases– Economic Capital: mostly steer phase– Stress testing: trading & steer phases– Emerging risk: steer phase– Other risk evaluations: all 3 phases
Applies to an ERM type work, not pricing nor valuation as there are particular ASOPs.
Q: What about MAD in principles-based reserving?
Enterprise Risk Advisory, LLC 22
Risk Evaluation Standard: some definitions
Risk Evaluation System — A combination of practices, tools, and methodologies within a risk management system used to measure the potential impacts of risk events on the performance metrics of an organization.
Risk—The potential of future losses or shortfalls from expectations due to deviation of actual results from expected results.
Economic Capital—The amount of capital needed for an organization to survive or to meet a business objective over a specified period of time at a selected confidence level, given its risk profile.
Enterprise Risk Advisory, LLC 23
Standard doesn't use “standard” definitions for some components
Ex. Standard uses counterparty risk: risk that the party providing a risk offset or accepting a risk transfer does not fulfil its obligations. Missing some components. A counterparty is larger than credit risk.
Risk Management Terms Survey, SOA, 2007SOA (2006): Enterprise Risk Management Specialty Guide May 2006, SOACCRO (2002): Committee of Chief Risk Officers; Volume 6 of 6 Glossary, Nov 2002
Enterprise Risk Advisory, LLC 24
More “standard” risk definitions
Source: Risk Management Terms Survey, SOA, 2007
Enterprise Risk Advisory, LLC 25
Risk standard definitions
Source: Risk Management Terms Survey, SOA, 2007
Enterprise Risk Advisory, LLC 26
Risk standard definitions
Source: Risk Management Terms Survey, SOA, 2007
Source: Risk Management Terms Survey, SOA, 2007
Standard risk definition: deviation from expectations only. What about the average losses?
Enterprise Risk Advisory, LLC 27
Potential improvements Adopt industry specific risk definitions:
– Ex.http://ec.europa.eu/internal_market/insurance/docs/solvency/impactassess/annex-c08d_en.pdf
ISO Guide 73: Risk management vocabulary Rephrase the standard to propose that the
evaluation be adapted to the context of how risk definitions are actually used by practitioners
Create a risk taxonomy adapted to the context: Ex. If risk is evaluated and treated as a system –
systemic risk -, different from risk evaluation by source or cause – economic capital calculation-.
Enterprise Risk Advisory, LLC 28
Risk Evaluation Standardconsiderations
Financial resources and risk profile:– Financial strength of the organization – broader
than just capital– Risk profile, nature, scale and complexity– Current and long-term risk environments:
internal and external, own assessment or based on management's
– Organization's strategic goals including risk tolerance – desired volatility – of value
– Interests of various stakeholders
Enterprise Risk Advisory, LLC 29
Risk Evaluation Standardconsiderations
Financial resources and risk profile:– External risk evaluations: Ex., as done by rating
agencies ERM evaluation– Extent of dependencies, correlations,
interactions of risks– Fungibility of capital resources
Organization's own risk system:– Risk appetite, tolerance & management
involvement– Enterprise Risk Control Effectiveness:
management actions toward unexpected events
Enterprise Risk Advisory, LLC 30
Risk Evaluation Standardconsiderations
Interaction of financial resources, risk profile and risk system:– “If in the actuary’s professional judgement, as
appropriate to the assignment, a significant inconsistency exists, then that inconsistency should be reflected in the risk evaluation.”
– Important element to consider but criteria could be expanded to include other specific considerations like:• Looking at existing recent losses and how it was
managed, other professionals' report like Audit, financial analysts instead of only professional judgement
Enterprise Risk Advisory, LLC 31
Risk Evaluation Standardconsiderations
Risk Evaluation models: “Fit for the purpose:” – Sophistication of models & materiality of risks– Models reproducible & adaptable to new risks– Practical considerations: usability, reliability,
timeliness, process, cost effectiveness– Limitations: inherent & statistical. Ex. VAR – Model validation, calibration, sensitivity– Approaches to model correlations
Aspect missing: as in Solvency II, no “use test”
Enterprise Risk Advisory, LLC 32
Risk Evaluation Standardconsiderations
Risk Evaluation models: Assumptions– Assumptions supportable, documented & allow
for deviations from the expected– Regularly revisited to assess effectiveness– If assumptions reflect anticipated management
& actions are supportable by facts. Standard should capitalize on other work in this
area, particularly in the valuation area. Could also have assumptions as to the risk
control effectiveness, not just gross risk.
Enterprise Risk Advisory, LLC 33
Risk Evaluation Standardconsiderations
Risk Evaluation: Economic Capital models– Components: timeframe, basis to measure risk
– regulatory, reputation, earnings loss,.. -, confidence level
– Reflection of significant risks in a consistent and comprehensive manner
– Appropriateness of method to measure each risk
Standard could capitalize on the many economic capital requirements being developed for Solvency II, ICAP, Rating Agencies' EC requirements
Enterprise Risk Advisory, LLC 34
Risk Evaluation Standardconsiderations
Risk Evaluation: Economic Capital models– Reliance on consistent accounting framework– Somewhat inconsistent as the idea of an
“economic” capital model is to measure risks on an “economic”, not an accounting approach!
– Choice of appropriate methods:• Stochastic, stress tests, scenarios, standard
measures like “add-ons”– Validation of the models– Assumptions: remote & unlikely: historical,
market prices, experts, internal consistency, documented
Enterprise Risk Advisory, LLC 35
Risk Evaluation Standardconsiderations
Risk Evaluation: Stress & Scenario testing– Extent to which stress tests reflect similar
degree of adversity. Ex. 1 in 200 year event– How an organization will function during a
catastrophic event – I think it is the link to business continuity planning, if any -
– Extreme event may be part of many extreme events – all correlations go to one -. In other words, when things go bad, they all go bad at the same time and reactions by all stakeholders
– How to quantify non readily quantifiable risks and their potential total impact. Op risk + reputation
Enterprise Risk Advisory, LLC 36
Risk Evaluation Standardconsiderations
Risk Evaluation: Stress and Scenario testing– Methods and models to actually assess impact
on all organizations must be ascertained– Integrate disparate systems or build one
integrated model– Assumptions: Tests themselves.
• Effect on other assumptions• Management responses• Regulatory and market reactions• Risk mitigation and time horizon
– Scenarios: limited considerations
Enterprise Risk Advisory, LLC 37
Risk Evaluation Standardconsiderations
Risk Evaluation: Emerging risks– Impact of emerging risks over time– Limited considerations in the standard
Risk Evaluation: other risk evaluations– Used in risk monitoring, mitigation: compliance
and control ERM – Apply same considerations as in general risk
evaluation and risk evaluation models Data quality: ASOP 23 Documentation: ASOP 41
Enterprise Risk Advisory, LLC 38
Risk Evaluation Standardconsiderations
Risk Evaluation: Document and disclosure– Economic capital: models, results, limitations,
timeframe, measurement basis, confidence– Stress & scenarios: results, intended use &
limitations– Emerging risks: methods and sources– Major assumptions: as before– Risks included: risks excluded?– Model validation results– If major deviations from this standard: ASOP 41– What about other disclosure standards
Enterprise Risk Advisory, LLC 39
Risk Evaluation StandardPotential applications
IAIS Core Principles:16 and 20 NAIC ORSA NAIC Form F: Enterprise risk reports Solvency II, Pillar II, Pillar III and ORSA Rating agencies' ERM and EC assessments ComFrame IAA Care report
Enterprise Risk Advisory, LLC 40
Reactions Questions asked by the task force:
Enterprise Risk Advisory, LLC 41
Reactions Questions raised:
– Sufficient guidance for risk evaluation?– Flexible enough?– Explicit enough about the reliance on the work of
others?– ERM scope clear enough so that it doesn't extend
to other actuarial work? 25 comments, mostly by individuals, companies
and two organizations Review comments and get your input
Enterprise Risk Advisory, LLC 42
Reactions Comments so far:
– Pierson: guidance question. Should consider joining the two proposed standards as the risk evaluation and risk treatment are related. What is relevant is the net risk to the organization
– Bakos: scope questions.• Doesn't see difference between evaluation of risks
net of expectations covered by this standard and other “common actuarial tasks” like reserving and pricing, which also involve risk classification & evaluation.
• Only applies to CERA doing ERM work or any actuary?
Enterprise Risk Advisory, LLC 43
Reactions Blanchard III: guidance questions
– Comments on definitions and ERM cycle– Replace emerging by environmental scan– Risk modelling should be done only after
understanding materiality of risks, data sources and mitigation initiatives
Koller: guidance question– Align definitions with other more standard
definitions Zher: good start for guidance, flexible enough,
area of concern on the reliance on others
Enterprise Risk Advisory, LLC 44
Reactions Bradley:
– Make link with ORSA as risk evaluation will contribute to this process
– Should standard be rephrased ERM evaluation and not just “risk” evaluation as ERM considers risks and gains?
– Align “stress-test” definition with external definitions
Pfluger:– More emphasis on correlation, required capital,
not flexible enough to handle new standards, inevitable to integrate others
Enterprise Risk Advisory, LLC 45
Reactions Rochette:
– Is the purpose more “risk assessment” within ERM than an evaluation, which is a broader term?
– View proposed standard as a good start if goal is to review, not complete enough is goal is to design, implement, use
– To make it more flexible, should be more-principles based
– Inevitable to work with others. EC section should refer to that explicitly, otherwise, silo EC
– Should standard be ERM-context dependent?
Enterprise Risk Advisory, LLC 46
Reactions Hay: not enough guidance, flexible enough,
reliance inevitable as ERM is team-work, division of standard arbitrary – why exclude pricing, reserving, claims – not realistic to separate ERM from other “actuarial” activities
Financial Reporting Council: UK regulator for governance and reporting– Board responsible to assess risks– Risk evaluation is part of that role of Boards
Enterprise Risk Advisory, LLC 47
Reactions
Enterprise Risk Advisory, LLC 48
Reactions North American CRO Council:
– “We strongly believe that ERM is not an actuarial process and goes beyond an actuarial function.”
– “We believe it may be premature to develop a standard related to ERM and that expressing the ERM principles in the form of guidance document may be more appropriate at this time.”
– “This standard would be adding to existing and growing compliance requirements in the ERM landscape.”
Enterprise Risk Advisory, LLC 49
Your reactions?Outstanding issues related to any new ERM
standards:
Source: ERM Symposium, 2012, session C9
Enterprise Risk Advisory, LLC 50
Your reactions? Should we have such a standard? Do you
agree with the ERM standard task force's earlier conclusions or do you agree with NACRO's conclusions?
Your reactions to the standard itself: guidance, scope, flexible enough, interactions with non actuaries? Other issues?
Do you think that the actuarial profession should develop its own theoretical ERM Framework to position itself in the ERM space?
Should standards reflect “existing” practice or “best” practice?