New risk governance models for insurance: The case for improvement

Start adding items to your reading lists:
Save this item to:
This item has been saved to your reading list.

"Three lines of defense” model

Any discussion about organizing and governing risk management in a financial services company typically includes the “three lines of defense” model. Regardless of how useful this model has been over the last fifteen years, it might need to change. The risks currently facing the insurance industry are different than they were ten or fifteen years ago and they continue to change. The existential threat that disruptive technologies pose looms much larger now than traditional risks like credit, market and insurance.

About PwC's survey

We recently surveyed over two dozen board members and CROs on risk strategy and organization topics CROs and risk committees. They noted a shift in focus to strategic risk and using risk to improve company performance, as well as taking advantage of newfound bandwidth to combine these new areas of focus with traditional solvency and regulatory ones. 

Very few, if any, models can expect to remain static for over 15 years. And the three lines of defense model is no exception. It’s time to consider: 

  • new and emerging risks, 
  • the application of risk metrics to business performance and solvency measurement, 
  • and new tools and techniques that are now part of the ERM landscape.

Contact us

Dana Hunt

Insurance Risk and Regulatory Services Partner, PwC US

Follow us