Respondents to a survey of board members and chief risk officers (CROs) reveals a "major strategic disruption” as the next significant threat to the insurance industry, ahead of another financial crisis.
Many insurers, especially life insurers have significantly reduced their market risk-taking, shifting more of their risk profile away from market and credit risk and toward insurance risk.
Virtually all survey respondents agreed that, in the future, enterprise risk management should focus more on using risk knowledge to improve insurance company performance.
The three lines of defense model falls short in addressing enterprise risk in some key areas:
More nuance is necessary to distinguish different types of risks and risk taking. A defensive model adequately addresses risks (like operational risks) that all companies, including insurers seek to avoid. However for risks intentionally taken in order to earn a profit, a more robust model is needed.
If insurers want to leverage risk management to improve business performance, then they would be wise to take a closer look at the roles that specific functions should play, and in doing so should assign clear responsibilities at a sufficiently detailed level to establish whose job is on the line in the event of a risk governance failure.