Highlights from the Risk Management Perspectives Conference organised by the Society of Actuaries in Ireland (SAI) in November 2014.
For more information on the SAI, go to: www.actuaries.ie
Please feel free to share this presentation and connect with me in LinkedIn.
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Risk Management Perspectives Conference 2014
1. “Doing
RISK MANAGEMENT
is not the
WORST CASE SCENARIO”
Highlights from the RISK MANAGEMENT PERSPECTIVES CONFERENCE
2. Risk Management Perspectives Conference
Society of Actuaries in Ireland, 18 November 2014
As it happened ……………………………............ 4
Exploring common threads ………………...... 69
About ………………………………………............... 90
Important note: This presentation is entirely my own work (derived from my own notes of the day) and
does not necessarily represent the views of the presenters or any other party. I have tried to make
it as accurate as possible, but there may be errors (including the quotes). By its nature, this is a
summary so cannot include all the details – you should have been there for that!
3. Risk Management Perspectives Conference
Society of Actuaries in Ireland, 18 November 2014
All the action
As it happened ……………………………............ 4
Exploring common threads ………………...... 69
Do not miss this!
About ………………………………………............... 90
Important note: This presentation is entirely my own work (derived from my own notes of the day) and
does not necessarily represent the views of the presenters or any other party. I have tried to make
it as accurate as possible, but there may be errors (including the quotes). By its nature, this is a
summary so cannot include all the details – you should have been there for that!
4. Coming up…
As it happened
SII
Banking
Whistleblowing
Cyber risk
Culture and
communication
Pharmaceutical
industry
Solvency II
A banker’s perspective
5. As it happened
A banker’s perspective on risk management
Peter Rossiter, Chief Risk Officer, AIB
What have we learnt
from the crisis?
There are 4 PHASES…
6. DIAGNOSIS
“Should be a FORMAL LINK:
‘I understand what went
wrong, here’s what I’m doing
QUANTIFICATION
CORRECTION
PREVENTION
to avoid it’”
As it happened
7. DIAGNOSIS
“Should be a FORMAL LINK:
‘I understand what went
wrong, here’s what I’m doing
QUANTIFICATION
CORRECTION
PREVENTION
to avoid it’”
As it happened
Ireland has got to
this stage
Policy response
from regulator
8. DIAGNOSIS
“Should be a FORMAL LINK:
‘I understand what went
wrong, here’s what I’m doing
QUANTIFICATION
CORRECTION
PREVENTION
to avoid it’”
As it happened
Cyber risk
Ireland has got to
this stage
Policy response
from regulator
Look out for common “threads” in the presentations
9. As it happened
Cyber risk
Philip Whittingham, Deputy, Enterprise Risk Management, XL Group
TRADITIONAL VIEW: Someone else
dealt with cyber risk – it is not a business risk
WRONG! You can no longer ignore it…
10. Types
“Cyber risk is NOT new or
emerging… but its RISK
PROFILE is changing rapidly”
As it happened
Physical loss
Phishing
Data transmission
Cloud computing
Hacking
11. Types
“Cyber risk is NOT new or
emerging… but its RISK
PROFILE is changing rapidly”
As it happened
Physical loss
Phishing
Data transmission
Cloud computing
Hacking
“You’re only as
effective as the
techniques you
know about”
To define risk appetite / tolerances…
…need to categorise types of attacks:
Known Unknown
Monitor and record breaches
12. Types
“Cyber risk is NOT new or
emerging… but its RISK
PROFILE is changing rapidly”
As it happened
Whistleblowing
Physical loss
Phishing
Data transmission
Cloud computing
Hacking
“You’re only as
effective as the
techniques you
know about”
To define risk appetite / tolerances…
…need to categorise types of attacks:
Known Unknown
Monitor and record breaches
Innovative
approach!
13. As it happened
Whistleblowing
Joe Gavin, General Counsel, Central Bank of Ireland
Previously, there were NO
whistleblowing regulations
14. As it happened
Whistleblowing
Joe Gavin, General Counsel, Central Bank of Ireland
Previously, there were NO
whistleblowing regulations
Would the financial crisis have been
mitigated if there had been a
‘protected disclosures’ regime?
15. As it happened
Whistleblowing
Joe Gavin, General Counsel, Central Bank of Ireland
Previously, there were NO
whistleblowing regulations
Would the financial crisis have been
mitigated if there had been a
‘protected disclosures’ regime?
A lot to be said
for it
16. As it happened
Definition of protected disclosure:
1. To the CBI (Central Bank of Ireland)
2. In GOOD FAITH
3. Reasonable basis to believe a BREACH in financial
services law or DESTRUCTION of evidence
Risk management in pharmaceuticals
17. As it happened
Definition of protected disclosure:
1. To the CBI (Central Bank of Ireland)
2. In GOOD FAITH
3. Reasonable basis to believe a BREACH in financial
services law or DESTRUCTION of evidence
Difficult to
balance:
Risk management in pharmaceuticals
18. As it happened
Definition of protected disclosure:
1. To the CBI (Central Bank of Ireland)
2. In GOOD FAITH
3. Reasonable basis to believe a BREACH in financial
services law or DESTRUCTION of evidence
Difficult to
balance:
protection
of identity…
…effectiveness
of investigation
Risk management in pharmaceuticals
19. As it happened
Risk management as a competitive
advantage in the pharmaceutical industry
David Staunton, Site Risk Lead, Amgen
Risk management is a
DECISION MAKING PROCESS…
20. As it happened
Risk management as a competitive
advantage in the pharmaceutical industry
David Staunton, Site Risk Lead, Amgen
Risk management is a
DECISION MAKING PROCESS…
…if not, then DON’T BOTHER!
21. As it happened
Risk management as a competitive
advantage in the pharmaceutical industry
David Staunton, Site Risk Lead, Amgen
Risk management is a
DECISION MAKING PROCESS…
…if not, then DON’T BOTHER!
22. As it happened
COMPETITIVE ADVANTAGE in pharma…
Takes
$3-5 bn to
develop a drug
Governments
only tend to
buy drugs
once
23. Crucial to
develop
fast
As it happened
COMPETITIVE ADVANTAGE in pharma…
Takes
$3-5 bn to
develop a drug
Governments
only tend to
buy drugs
once
24. COMPETITIVE ADVANTAGE in pharma…
Crucial to
develop
fast
As it happened
Want to
fail fast and
cheap
Focus on what
is difficult
Takes
$3-5 bn to
develop a drug
Governments
only tend to
buy drugs
once
25. COMPETITIVE ADVANTAGE in pharma…
Crucial to
develop
fast
As it happened
Want to
fail fast and
cheap
Focus on what
is difficult
Takes
$3-5 bn to
develop a drug
Governments
only tend to
buy drugs
once
Risk management is ESSENTIAL -> LIVES ARE AT STAKE!
26. As it happened
…so you need to ASSESS RISKS to find
those that REALLY MATTER…
At what “tipping point” does
a risk actually become
relevant?
27. As it happened
…so you need to ASSESS RISKS to find
those that REALLY MATTER…
At what “tipping point” does
a risk actually become
relevant?
Example:
Richter scale
28. As it happened
…so you need to ASSESS RISKS to find
those that REALLY MATTER…
At what “tipping point” does
a risk actually become
relevant?
Example:
Richter scale
Real damage
29. As it happened
…how can you decide which risks
matter? “FORGET probability-impact
matrices!”
30. As it happened
…how can you decide which risks
matter? “FORGET probability-impact
Ask 7 QUESTIONS:
If the risk
occurred…
…what is a surprisingly GOOD scenario?
…what is a surprisingly BAD scenario?
…what is the MOST LIKELY scenario?
matrices!”
31. As it happened
…how can you decide which risks
matter? “FORGET probability-impact
Ask 7 QUESTIONS:
If the risk
occurred…
…what is a surprisingly GOOD scenario? Consider
effect on
SALES and
COSTS
…what is a surprisingly BAD scenario?
…what is the MOST LIKELY scenario?
matrices!”
32. As it happened
…how can you decide which risks
matter? “FORGET probability-impact
Ask 7 QUESTIONS:
If the risk
occurred…
…what is a surprisingly GOOD scenario? Consider
effect on
SALES and
COSTS
…what is a surprisingly BAD scenario?
…what is the MOST LIKELY scenario?
What is the PROBABILITY of occurrence?
matrices!”
33. As it happened
…how can you decide which risks
matter? “FORGET probability-impact
Ask 7 QUESTIONS:
If the risk
occurred…
…what is a surprisingly GOOD scenario? Consider
effect on
SALES and
COSTS
…what is a surprisingly BAD scenario?
…what is the MOST LIKELY scenario?
What is the PROBABILITY of occurrence?
matrices!”
Questions 1–3…
…4–6…
…7
34. As it happened
…and finally consider MITIGATION
OPTIONS
Value of mitigation = Effective risk before mitigation
- Effective risk after mitigation
VS
Cost of mitigation
35. As it happened
…and finally consider MITIGATION
OPTIONS
Value of mitigation = Effective risk before mitigation
- Effective risk after mitigation
Cost of mitigation
Then… MAKE A DECISION!
Risk culture and communication
VS
36. As it happened
Risk culture and communication
Brid Horan, INED, former Deputy Chief Executive, ESB
“CULTURE EATS STRATEGY FOR BREAKFAST”
– Peter Drucker
…so where does that leave
risk culture?
37. As it happened
Things that go wrong are often to do with
culture… so you need to ANALYSE it
38. As it happened
Things that go wrong are often to do with
culture… so you need to ANALYSE it
- Where do you sit on the SPECTRUM?
Collegiate /
risk-adverse
Aggressive
39. As it happened
Things that go wrong are often to do with
culture… so you need to ANALYSE it
- Where do you sit on the SPECTRUM?
Collegiate /
risk-adverse
Aggressive
- Crucial to LINK: risk culture strategy
40. As it happened
Things that go wrong are often to do with
culture… so you need to ANALYSE it
- Where do you sit on the SPECTRUM?
Collegiate /
risk-adverse
- How can you assess your culture?
- Good culture = Being able to learn from your mistakes
- “Huge value in working for a variety of companies”
Aggressive
- Crucial to LINK: risk culture strategy
“You find
out your CORE
VALUES in a
CRISIS”
41. As it happened
Things that go wrong are often to do with
culture… so you need to ANALYSE it
- Where do you sit on the SPECTRUM?
Collegiate /
risk-adverse
- How can you assess your culture?
- Good culture = Being able to learn from your mistakes
- “Huge value in working for a variety of companies”
Aggressive
- Crucial to LINK: risk culture strategy
- Communicating culture: Words are just a SMALL PART
- Actions from senior level / what people see from them
- Allocation of resources
“You find
out your CORE
VALUES in a
CRISIS”
42. As it happened
Things that go wrong are often to do with
culture… so you need to ANALYSE it
- Where do you sit on the SPECTRUM?
Collegiate /
risk-adverse
- How can you assess your culture?
- Good culture = Being able to learn from your mistakes
- “Huge value in working for a variety of companies”
Aggressive
- Crucial to LINK: risk culture strategy
- Communicating culture: Words are just a SMALL PART
- Actions from senior level / what people see from them
- Allocation of resources
“You find
out your CORE
VALUES in a
CRISIS”
43. As it happened
Things that go wrong are often to do with
culture… so you need to ANALYSE it
- Where do you sit on the SPECTRUM?
Collegiate /
risk-adverse
- How can you assess your culture?
- Good culture = Being able to learn from your mistakes
- “Huge value in working for a variety of companies”
Aggressive
- Crucial to LINK: risk culture strategy
- Communicating culture: Words are just a SMALL PART
- Actions from senior level / what people see from them
- Allocation of resources
“You find
out your CORE
VALUES in a
CRISIS”
Solvency II
44. As it happened
SII Solvency II - presenters
Lukas Ziewer
Chief Risk Officer and Director, MetLife Europe
Roy Keenan
Experienced INED, former CEO of Bank of Ireland in the UK
Ger Bradley
Principal and Head of Non-Life Practice Milliman Ireland
Mark Burke
Head of Life Insurance & Groups Supervision, Central Bank of Ireland
45. As it happened
SII Solvency II - presenters
Lukas Ziewer
Chief Risk Officer and Director, MetLife Europe
Roy Keenan
Highlights from
these presentations
coming right up…
Experienced INED, former CEO of Bank of Ireland in the UK
Ger Bradley
Principal and Head of Non-Life Practice Milliman Ireland
Mark Burke
Head of Life Insurance & Groups Supervision, Central Bank of Ireland
46. As it happened
What would be your DREAM
FEATURES of a prudential
regime for insurers?
47. As it happened
What would be your DREAM
FEATURES of a prudential
regime for insurers?
1. Capital as a single CURRENCY
FOR RISK to balance profit
2. Enterprise Risk Management
SOLIDLY EMBEDDED
3. AVOID information overload
48. SII
As it happened
What would be your DREAM
FEATURES of a prudential
regime for insurers?
1. Capital as a single CURRENCY
FOR RISK to balance profit
2. Enterprise Risk Management
SOLIDLY EMBEDDED
3. AVOID information overload
Can provide these?
49. SII
As it happened
Solvency II - Outline
The three
pillars:
Capital
adequacy
Risk
management
Reporting to
market
50. SII
As it happened
Solvency II - Outline
The three
pillars:
Capital
adequacy
Risk
management
Reporting to
market
OWN RISK and
SOLVENCY
ASSESSMENT (ORSA)
cuts across all three
Requirement for
European insurers from
1 January 2016
51. SII
As it happened
Solvency II - Outline
The three
pillars:
Capital
adequacy
Risk
management
Reporting to
market
OWN RISK and
SOLVENCY
ASSESSMENT (ORSA)
cuts across all three
Description of MATERIAL RISKS and changes
Qualitative and quantitative
STRESS and SCENARIO tests
Results shown in a report…
…but also an ONGOING PROCESS
Requirement for
European insurers from
1 January 2016
52. SII
As it happened
How to prepare an ORSA
Solid
foundations
Enough resources
Agree with
stakeholders
Capital
Drivers of change
Scenario assumptions
Team work
Stakeholders: Risk, Actuarial, Finance
Execute plan
Validate with business
Re-run scenarios
Communicate
to Board
Key drivers of future capital
Potential to release capital
53. SII
As it happened
How to prepare an ORSA
Solid
foundations
Enough resources
Agree with
stakeholders
Capital
Drivers of change
Scenario assumptions
Team work
Stakeholders: Risk, Actuarial, Finance
Execute plan
Validate with business
Re-run scenarios
Communicate
to Board
Key drivers of future capital
Potential to release capital
ORSA best
practice
Focus on
key risks
Integrated
into
strategy
Relate risks
to capital
54. SII
As it happened
How to prepare an ORSA
Solid
foundations
Enough resources
Agree with
stakeholders
Capital
Drivers of change
Scenario assumptions
Team work
Stakeholders: Risk, Actuarial, Finance
Execute plan
Validate with business
Re-run scenarios
Communicate
to Board
Key drivers of future capital
Potential to release capital
ORSA best
practice
Focus on
key risks
Integrated
into
strategy
Relate risks
to capital
55. SII
As it happened
Uses of ORSAs
P
R
O
D
U
C
T
BUSINESS PLANNING
DEVELOPMENT
CAPITAL MANAGEMENT
56. SII
As it happened
Uses of ORSAs
P
R
O
D
U
C
T
BUSINESS PLANNING
DEVELOPMENT
ALIGN capital
with GROWTH
of business and
RISKS
CAPITAL MANAGEMENT
57. SII
As it happened
People involved with SII and ORSAs:
ACTUARIAL function
VS
RISK MANAGEMENT function
58. SII
As it happened
People involved with SII and ORSAs:
2 of the 4 functions
required under SII
ACTUARIAL function
VS
Can be held by the
same person…
…and/or by others
in company (e.g.
RISK MANAGEMENT function
Director)…
…but could
some options
introduce
CONFLICTS OF
INTEREST?
59. SII
As it happened
People involved with SII and ORSAs:
2 of the 4 functions
required under SII
Responsibilities:
1. Technical provisions
2. Pricing opinion
3. Reinsurance opinion
3.5. Contribute to risk
management system
ACTUARIAL function
VS
Can be held by the
same person…
…and/or by others
in company (e.g.
RISK MANAGEMENT function
Director)…
…but could
some options
introduce
CONFLICTS OF
INTEREST?
60. SII
As it happened
People involved with SII and ORSAs:
2 of the 4 functions
required under SII
Responsibilities:
1. Technical provisions
2. Pricing opinion
3. Reinsurance opinion
3.5. Contribute to risk
management system
ACTUARIAL function
VS
Can be held by the
same person…
…and/or by others
in company (e.g.
RISK MANAGEMENT function
Balance between: having the right skill set
vs independent holders of the functions
Director)…
…but could
some options
introduce
CONFLICTS OF
INTEREST?
61. SII
As it happened
People involved with SII and ORSAs:
BOARD OF DIRECTORS
62. SII
As it happened
People involved with SII and ORSAs:
BOARD OF DIRECTORS
In the past, Boards worried about…
63. SII
As it happened
People involved with SII and ORSAs:
BOARD OF DIRECTORS
In the past, Boards worried about…
PROFITABILITY
64. SII
As it happened
People involved with SII and ORSAs:
BOARD OF DIRECTORS
Now, they are concerned about…
65. SII
As it happened
People involved with SII and ORSAs:
BOARD OF DIRECTORS
Now, they are concerned about…
CULTURE
BUSINESS MODEL
REPUTATION
STRATEGY
SOLVENCY II
66. SII
As it happened
People involved with SII and ORSAs:
BOARD OF DIRECTORS
Now, they are concerned about…
CULTURE
BUSINESS MODEL
REPUTATION
STRATEGY
SOLVENCY II
Need resources:
right people with
right skills
Link by ORSA
Need sufficient expertise on
Board to understand models
67. SII
As it happened
People involved with SII and ORSAs:
BOARD OF DIRECTORS
Now, they are concerned about…
CULTURE
BUSINESS MODEL
REPUTATION
STRATEGY
SOLVENCY II
Need resources:
right people with
right skills
Link by ORSA
Need sufficient expertise on
Board to understand models
End of presentations
68. So that was the Conference
IN A NUTSHELL…
…but what 3 COMMON THREADS
linked the presentations?
72. Common threads
SII
NOT CORRECT before “
Massive amount of REGULATION
is needed because culture was
”
1. RISK CULTURE
Where does it come from?
From
regulators
73. Common threads
1. RISK CULTURE
Where does it come from?
NOT CORRECT before “
Massive amount of REGULATION
is needed because culture was
Building an effective ORSA
culture is DIFFICULT… buy-in
starts from the BOARD
“
”
SII
” SII
From
regulators
Top-down…
74. Common threads
NOT CORRECT before “
Which PROFESSION has the most
effective whistleblowing culture?
Building an effective ORSA
culture is DIFFICULT… buy-in
starts from the BOARD
“
”
PILOTS
“
”
SII
Massive amount of REGULATION
is needed because culture was
”
1. RISK CULTURE
Where does it come from?
From
regulators
…bottom-up
Top-down…
75. Common threads
SII
1. RISK CULTURE
How can you assess it from the inside?
76. Common threads
SII
1. RISK CULTURE
How can you assess it from the inside?
“
Look at NEAR MISSES
If people are not raising issues, it is DANGEROUS
Surveys / measurement
What are the KEY PERFORMANCE INDICATORS?
LEVEL OF ENGAGEMENT at formal events
Uptake of TRAINING sessions / exit interviews
”
77. Common threads
SII
1. RISK CULTURE
How can you assess it from the inside?
“
Took a HUGE EFFORT [at ESB] to
encourage people to report failures
Look at NEAR MISSES
If people are not raising issues, it is DANGEROUS
Surveys / measurement
What are the KEY PERFORMANCE INDICATORS?
LEVEL OF ENGAGEMENT at formal events
Uptake of TRAINING sessions / exit interviews
Think of risk management ”
as an HR issue
79. 2. MEASURING SUCCESS OF RISK
MANAGEMENT
Common threads
SII
[For the regulator] MEASURING risk culture
is a CHALLENGE, e.g. if it is NOT part of the
[risk management] PROCESS
“
”
80. 2. MEASURING SUCCESS OF RISK
MANAGEMENT
Common threads
SII
[For the regulator] MEASURING risk culture
is a CHALLENGE, e.g. if it is NOT part of the
[risk management] PROCESS
“
”
SII
The BENEFITS of
risk management
come from the
JOURNEY…
“
”
…from risk
management as a
COMPLIANCE
EXERCISE to ERM
81. 2. MEASURING SUCCESS OF RISK
MANAGEMENT
Common threads
SII
[For the regulator] MEASURING risk culture
is a CHALLENGE, e.g. if it is NOT part of the
[risk management] PROCESS
“
”
SII
The BENEFITS of
risk management
come from the
JOURNEY…
“
”
…from risk
management as a
COMPLIANCE
EXERCISE to ERM
“
You know it is WORKING WELL when
FRONTLINE managers are talking about
ORSAs / suggestions for MANAGING CAPITAL ”
83. Common threads
3. HOW TO USE RISK MANAGEMENT
SII
PROCESS… if not, don’t bother! “
Risk management is a DECISION MAKING
” Recall the 7 QUESTIONS for
assessing risks that REALLY MATTER
84. Common threads
3. HOW TO USE RISK MANAGEMENT
SII
PROCESS… if not, don’t bother! “
Risk management is a DECISION MAKING
” Recall the 7 QUESTIONS for
assessing risks that REALLY MATTER
“Its like rally driving: The business is the
DRIVER, but it needs a co-driver
[i.e. risk management] to
WARN OF WHAT’S
COMING
”
85. Common threads
3. HOW TO USE RISK MANAGEMENT
SII
management “
Should avoid ‘TICK THE BOX’ risk
”
86. Common threads
3. HOW TO USE RISK MANAGEMENT
SII
management “
Should avoid ‘TICK THE BOX’ risk
”
SII
“
Use CAPITAL as the
CURRENCY OF RISK
as a BALANCE to profit
”
87. Common threads
3. HOW TO USE RISK MANAGEMENT
SII
Doing
“
RISK MANAGEMENT
is not the
WORST CASE SCENARIO
”
Summary
88. RECAP: Risk Management Perspectives Conference
Culture and
communication
SII
Banking
Whistleblowing
Cyber risk
Pharmaceutical
industry
Solvency II
PRESENTATIONS:
CONCLUSIONS:
1. Risk culture
2. Measuring success of risk management
3. How to use risk management
89. About
Hi,
Thanks for viewing my presentation!
For more details of RISK MANAGEMENT
EVENTS run by the Society of Actuaries in
Ireland, please contact me.
Yours riskily,
December 2014
Alex Breeze FSAI FIA CERA
Consultant Actuary
Towers Watson, Ireland
Connect with me on
90. Important information
The Risk Management Perspectives Conference on 18 November 2014 was run by
the Society of Actuaries in Ireland (SAI). It was a public event open to all industry
professionals.
I am a Fellow of the SAI and I sit on the SAI’s Enterprise Risk Management
Committee. I have not been commissioned to write this presentation either by my
employer or the SAI – it is purely for interest! However, as it could reasonably be
considered to reflect on the Actuarial Profession, this presentation has been
prepared in line with the Actuaries’ Code.
This presentation is entirely my own work and does not necessarily represent the
views of the presenters or any other party. I have tried to make it as accurate as
possible, but there may be errors (including the quotes). By its nature, this is a
summary so cannot include all the details – you should have been there for that!
If you have any comments, please contact me on