Managing risk

Risk management at Alexander Forbes is about protecting our ability to create value and ensuring we preserve that value for our stakeholders. In doing so we pursue opportunities, while minimising potential negative consequences. Sound risk management is an important enabler of our strategic intent, enhancing our ability to perform against our stated objectives.

The board of directors holds ultimate accountability for risk management; however senior management is responsible for developing and implementing risk strategy. This includes acting as the custodian of policies and procedures for risk mitigation, and ensuring compliance. The individuals heading various business units, lines or subsidiaries are held accountable for the risks they take.

Risk management is built into decision-making structures and processes at both the operational and top management levels. Independent parties (those who do not approve or take risk) review decisions around risk mitigation strategies within the constraints of the group’s risk appetite measures. These reviews include stress tests to key variables and systemic shocks.

Contingency plans are in place for unexpected or worst-case scenarios.

The group manages risk along three lines of defence:

• The first line of defence is centred on day-to-day management responsibility and accountability for managing risks. Management’s role, through various operational committees, is to provide oversight including strategy implementation, performance measurement, risk management, company controls and governance processes.
• The second line of defence comprises our formal enterprise risk management (ERM) framework, including our policies and minimum standards. Objective oversight provided by risk and independent audit committees continuously challenges risk management in terms of its performance and reporting.
• The third line of defence comes from the oversight and assurance provided by internal audit and external audit on the adequacy and effectiveness of risk management governance and internal control.

Risk appetite

Alexander Forbes’s risk appetite – the amount of risk we are willing to accept in pursuit of our objectives – defines parameters within which we can operate. Our risk appetite therefore serves as a valuable reference point for important business decisions and setting strategies. Our risk appetite has been broadly defined around four key risk measures, with thresholds and metrics agreed at a group level:

• Capital: The group will hold the larger of the economic capital requirement and the regulatory capital requirement.
• Earnings: The group’s earnings at risk will not exceed 20% of the earnings projected over a 12-month forward-looking period.
• Operational: The group will pursue a commercial balance between the costs of mitigating actions and the expected future financial and non-financial losses that may arise from the occurrence of operational risk events.
• Liquidity: The group’s liquidity requirements for each relevant business/entity will be based on the best operational cash flow estimates over a 12-month forward-looking period, taking into account any minimum regulatory capital requirements that may apply.

During the year these measures remained unchanged from previous years. However, we migrated to a new risk management system in order to improve the way the group tracks and reports on risk. The new system tracks a newly defined set of key risk indicators, flagging any material deviations and enabling us to identify and mitigate emerging risks more timeously. It also enables greater flexibility in setting tolerance thresholds according to changing circumstances and objectives.

Own risk and solvency assessment

The Financial Services Board (FSB) requires all insurance companies and insurance groups to complete an own risk and solvency assessment (ORSA) as part of the Comprehensive Parallel Run (CPR) of the proposed new insurance regulations, the Solvency Assessment and Management (SAM) regime. The ORSA process aims to investigate the adequacy of insurers and insurance groups’ risk management and assess the current and future solvency under normal and severe stress scenarios.

Key results

The Alexander Forbes group ORSA was conducted at group level and completed and submitted to the FSB in November 2016. The key findings of the ORSA are summarised below:

• The group’s risk management and governance practices reflect its ability to manage and contain risks in relation to meeting its strategic objectives and is sufficiently robust.
• The group (and its insurance entities) are expected to remain solvent over the business planning period.
• The group’s solvency is expected to remain above target solvency levels in the event of severe stressed events and maintain its ability to generate dividends.

Further developments

The ORSA revealed focus areas to be targeted in the foreseeable future, including:

• improved linkage of strategic aims and risk metrics to further enable risk-based decision-making;
• enhanced efficiency and consistency in the ORSA process through the centralisation of risk and capital functionality; and
• continuing embedding of the ORSA in the business.