CROs Today

ADVERTISEMENT

CROs TodayInterviewing Graham Handy, Partner, EMEIA Insurance – Risk Leader, EY, we find out what his perspective on the role of a CRO is today. How has the CRO’s role changed in the last year? There is a pivot-point right now: for European insurers, 2015 was the year to get everything ready for Solvency II – now we have a shift in focus from driving a multi-year Solvency II change programme to operating in a SII-as-business-as-usual world.  That’s likely to mean some increased focus on the value that Risk brings to the business; there’s going to be more challenge for instance when Risk headcount rises in the future; but that coincides with an opportunity for the Risk Officer to re-emphasise their wider role – for instance, how they contribute to the strategic agenda, how they look to use data and risk analytics to make insightful interventions across the wider business. And alongside an ongoing focus on financial risk, we’ll see operational themes – cyber, conduct to just pick two – coming to prominence. Which other industries can insurers look to change and improve how they manage risk? In many ways Financial Services, and insurance specifically, are leading by example. But looking wider, there is still progress to be made around deeper ownership of Risk in the first line. Oil and gas exploration, and aviation activities come to mind as areas where the first line lives and breathes risk ownership. And there are examples in the automative sector at present that show this isn’t just a challenge for our industry. What is the top universal priority for CROs across the industry? Our latest survey of global CROs shows there is no single consistent top priority. There is still a focus on strengthening ERM and compliance governance. What has stood out consistently is the focus on investing in people and skills, as opposed to infrastructure and IT. There is generally a priority around getting the right talent into key business units and central technical roles. And that talent is seen as much around individuals with emotional intelligence and credibility around the boardroom table as it is about technical excellence. How do you see Fintech impacting your business, profits and customers? Technology brings a number of threats around:
  • Enabling new or existing competitors to re-write the rules of engagement, so that a great historic business performance can’t be relied upon to continue – impacting persistency, customer transience, liquidity management, the need for operational flexibility and so on.
  • creating systemic concentration risks where these didn’t exist before: particularly around points-of-failure within the supply chain.
  • redressing the knowledge asymmetry that has always existed between the insurer and the customer, for instance allowing people to comparison shop, to self-select, and to diminishing the pooling of risk.
But of course there are fantastic opportunities for exactly the same reasons. We do need to think about who we have in our Risk teams – which skillset – that can usefully focus on these themes. An interesting example of how technology can mitigate conduct risk for instance is the ability to retain a really accurate audit trail for what you said and when and why to the customer What are your current biggest concerns as far as risk is concerned? The Risk function in many organisations straddles an uncomfortable position between maintaining independence from line 1, versus leveraging the valuable insight and experience that exists to exert influence and direction. There may not be a single ‘right’ answer to that but this is a theme that will resonate across the market. The Risk function is heavily involved in governance matters and report production – as it should be – but often in place of providing a system of operation and ensuring the first line owns and reports. In part as a consequence, reporting is often very backward looking with limited analytics. And we need to succeed in moving ORSA to being something useful in the business, not just a regulatory requirement. What are your current biggest challenges as far as technology is concerned? Our surveys have tended to identify that the Risk Function is often a stakeholder in technology, as opposed to the owner of the solution. As such, it becomes harder to control what is a material part of their overall budgetary spend. There is certainly a concern about existing systems being able to cope with the increased demands of IFRS 4 phase 2, CCAR, stress testing etc. If you could change one thing about the way the risk is managed in insurance companies, what would you do? We need to demystify “risk language” – to ensure that ownership of risk and controls sits clearly in first line, with activities seen as business-as-usual, not a compliance exercise. I would love risk to be seen as a better business partner. To bring the deep insight and data we have to bear in supporting key strategic business decisions. To achieve a trusted relationship with a first line that owns its risk profile and sees the second line as an expert advisor with which to consult. And to do that whilst maintaining an appropriate independence, rigour, and ability to challenge. Graham will be discussing this more at RiskMinds Insurance, 21-23 March in Amsterdam. Click here to for more information or to register.]]>