Upload
lou-diserafino
View
126
Download
2
Tags:
Embed Size (px)
Citation preview
Leveraging ERM-ORSA for Strategic Value
Lou DiSerafinoFormer CRO Independent Health
Theme
“There is no security on this earth; there is only opportunity.”
Douglas MacArthur
Presentation Agenda• Why this matters• Increasing level of uncertainty• Changing business fundamentals
– increased need for integrated strategy and risk discipline
• ERM discipline to: reduce uncertainty & risk, understand opportunity– Capabilities maturity journey– Risk governance model– Risk Appetite Statement, supported by Risk Tolerance Guardrails (KRIs)– ERM model for risk assessment, treatment, reporting and monitoring
• ORSA: Links ERM to Capital planning, decision support, transparency– The ultimate risk management value proposition
• Use Test– “You were serious about that?”
CEB StudyCost of Inaction Energy Mismatch
PwC StudyHow risk management leads to increased profit margins
Companies that put a premium on risk management can cope with
ever-increasing business risks while seizing opportunities that present themselves.
By Thor Olavsrud
1. Risk management leaders understand how risks interconnect and impact business.
2. Risk management leaders have a strategic understanding of their risk appetite and are willing to take risks.
3. Risk management leaders are more aligned across business units.
4. Risk management leaders apply more sophisticated techniques.
http://www.cio.com/article/2910231/risk-management/how-risk-management-leads-to-increased-profit-margins.html
http://www.pwc.com/us/en/risk-assurance-services/risk-in-review/assets/executive-summary-
risk-management.pdf
http://www.cio.com/article/2910231/risk-management/how-risk-management-leads-to-increased-profit-margins.html http://www.pwc.com/us/en/risk-assurance-services/risk-in-review/assets/executive-summary-risk-management.pdf
Increasing Level of Uncertainty:Health Insurance Industry Example
Top Risks/Opportunities
• Unsustainable medical cost trend• Disruptive, uncertain regulatory environment
– Impact of the Affordable Care Act (ACA)• Implementation of Insurance exchanges
–Migration from employer based model to retail model (individual consumers)
• Increased reliance on web presence• Overhaul of reimbursement code model (ICD-10)• Fundamental changes in basic business model
–Care delivery integration • Aging population (increased utilization of medical care)• Alternate reimbursement methods - alignment of
incentives for member, provider, employer, broker• Increased cost transparency• Critical resource constraints
–Access vs. supply, especially primary care• Consolidation/M&A activity
Need Strong Risk Mgt. to Support Strategy
• Effective ERM discipline enables organization to:– Take the right risks needed for survival and value growth– Manage risk; reduce uncertainty of success– Transform the organization, focus on issues underlying reform effort
• Access, Affordability, Quality• Requires making bets, understanding and managing risks
– Strong link to strategic planning discipline; increased confidence in strategy• Requires confidence in risk management capabilities
– Risk identification– Resiliency, adaptability, rapid response capabilities– Contingency and scenario planning capabilities– Ability to absorb shock– Understanding of opportunity (Risk Aware)
– Enables risk taking to create value
• Strategy focused risk assessment aligns organizational direction– Identifies risks to future course, develops mitigations to reduce uncertainty– Increases relevance of ERM in daily strategic and business discussions
IH ERM Framework
ERM framework:
Designed to integrate risk management process with strategic, capital, and operational decision-making – for “risk-informed” decisions…
Supporting:
a) Sound Board risk governance
b) Risk intelligent business leader decision support process
Strategic planning “Risk aware” review of strategic
options Support acquisition and divestment
decisions Contingency planning
Performance measurement Risk-based metrics used to evaluate
performance, compensation Integrated into target setting
processes
Stakeholder communication Clear understanding of stakeholders’
risk appetite Communicate understanding of risk
exposure and inclusion of risk aware decision criteria
Operations management Consideration of risks in functional
operations
Integration and link to decision-making
Budgeting/Capital Expenditures• Risk-based review criteria in annual
budgeting Risk-return review for large capital
expenditure decisions
Risk management infrastructure
Appetite and tolerance
Governance and oversight
Measurement tools and techniques
Risk culture
Communication
Continuous improvement
Training, education and awareness
Risk management process
Analysis & measurement
Monitoring & reporting
Risk mgmt. strategies
Identification & assessment
Capital Impact Understanding
Capital Modeling
Stress Testing
Scenario Analysis
Enterprise Risk Management
Team – Cross functional
team led by CFO, no dedicated resources
– Individual issue risk assessments, prioritized by team
Hired dedicated CROCreated separate Board committee
–Consolidated operational risk areas into Risk Office
–Dedicated ERM function–Risk Governance Model created–Enterprise risk assessment (ERA) process established
• Outside-in view focused on universe of risk
• Results mixed… good for Risk Committee, but not relevant to daily strategic and business discussions
Office of Strategy Management (OSM) implementation
– Opportunity for alignment of risk and strategy
ERA revised to focus on strategy, & reducing
uncertainty of success– Increased relevance in daily
strategic and business decision process
– Enable risk taking by offering some control over uncertainty
– Consistently engaged by the business in key decisions
2005-6 2007-8 2009-10 2011-2 2013-4 2014-5
Linked ERM to Business Planning, Capital
Modeling– Capital modeling, stress
testing matured to complex model
– Incorporated risk adjusted planning results into strategic decision process
“He that will not apply new remedies must expect new evils;
for time is the greatest innovator.“
Francis Bacon, British author and statesman
ERM Capability Development at IH
Risk Appetite Statement
– Developed Risk Appetite Statement
– Risk Tolerance Guardrails– Risk Governance Ground
rules– Risk Culture
Communications– Risk Appetite Integration
info business operations
ERM capabilities matured past compliance, to strategic advantage– Risk-aware decision making– Drives resource allocation toward risk top
treatment plans – Increased integration with planning/strategic
objectives– Focus on Risk Appetite and risk culture– Developed Stress testing, capital impact
modeling capability– Realized achievement of ORSA objectives,
ERM link to Capital Planning, Strategy, decision support tool
Risk Governance Model: 3 Lines of Defense; “Risk Office” Concept
Risk Appetite
• Focus on Strategy• Focus on fundamental
economics of business model
• Risk Appetite Statement• Risk Tolerance Guardrails
– KRIs compliments, not copy KPIs
• Governance Ground rules• Integrate into business
units• Communications and
Awareness
Strategy Focused Enterprise Risk Assessment Process
Identify risks to the strategic drivers of organizational value
Prioritize top risks to strategic value – what could cause failure
Analyze, develop risk mgt. strategy, measure, report on top risks list
Top Risk Dashboard – for risk governance dialog & alignment
Risk Analysis- Individual Risk Summary
Illustrative purposes only
Example Top Risk Treatment Tool
KRI Dashboard• Improved risk governance view, tied to real economic drivers of risk and business results• Complement, not duplicate, existing KPIs, balanced scorecard• Incorporate risk tolerance guardrails• Map to existing Top Risk Status reporting• Improved risk dialog, and understanding at all levels of risk governance
ORSA Background
• Integration of robust risk management function a basic regulatory expectation• Responsible to determine capital standing and adequacy, Stress testing capability for decision support
• Leverage for value• Meaningful capital behind risks to offset downside• Stress test, scenarios analysis• Track loss events
• ORSA supports strong ERM capability & decision supt. capability
• “Confidential internal assessment … of material and relevant risks … associated with… current business plan, and the sufficiency of capital resources to support those risks”
• “Goal to foster effective level of ERM, through which insurer identifies, assesses, monitors, prioritizes and reports on its material and relevant risks… appropriate to the nature, scale and complexity of the insurer’s risk, in a manner that is adequate to support risk and capital decisions.”
ORSA Example: Table of Contents – Steering Team
Executive Summary
Legal Entity Structure
ORSA Strategy
Risk Appetite
Risk Governance Model
Risk Dashboard
Cap. Solvency Model & Forward Looking Results
Stress Testing Results
Capital Liquidity Plan
Evidence of “Use Test”
ORSA Position During Period
Risk Process & Framework
Top Risks Independent Review
Chief Financial Officer
Chief Risk Officer
Chief Audit Executive
Chief Actuarial Officer
General Counsel
EVP Strategy
Controller
Chief Information / Data Officer
“Use Test”• “You were serious about dat?”
• Joe Pesci “My Cousin Vinny”
• “Own” Risk and Solvency Assessment• How did you use it?
• ERM, Capital modeling, Stress testing, Scenario analysis
• What key decisions were made based on risk adjusted data analysis?
• What evidence do you have that an understanding of risk was effectively considered in key strategic decisions?
• Model, stress test results• Risk governance meeting(s) presentations, actions, minutes• Strategic changes, alignment subsequent to decision• Budget funding changes supporting risk informed decisions
• Description of how risk and capital modeling capability is integrated into business operations
Evidence of “Use Test”
ORSA: Links Risk Management with Strategy and Capital Planning
• Links ERM (i.e. Risk Appetite, Identification, Assessment, Prioritization, Measurement, Treatment,
Monitoring & Communication) to both Capital, and Strategic planning• Regulator looking for Non-prescriptive “Own” assessment• Need to staff and train assessors
– Layout report plainly– Must meet differing interpretations: Strategy, Capital modeling, Insurance, BC/DR,
Information Security… It’s all of these +
• Many components may already be in place for ORSA Report• Don’t underestimate “the lift”
– Capital model complexity, – More prep than expected
• Value for the effort– Move to more complex capital models, better Financial Planning, Financial
Statement modeling– Improve operations– Improve risk vs. reward decision support
Take A-way’s:• Move past compliance to decision support, for strategic
advantage– “Use Test” Evidence
• Top down appreciation, of ERM-ORSA value proposition for strategic advantage, needed– Investment in capabilities, tools development
• ORSA completes the value proposition– Rigor for Risk & Opportunity information assurance
• Look for effective level of ERM in place• Culture change the hardest part
– Transparency– Process discipline
• CRO - People skills important
Contact Info:
Lou DiSerafinoInfinitive Insight(703) 872-9001