Insurers are increasingly operating on a shifting landscape across the world. From technological innovations, unconventional monetary policies, political upheavals to regulatory tweaking; the ground rules are being redefined.
Today, with technology-driven eco-system we see increased efficiencies, better economies of scale, quicker delivery and innovations. Traditional business models are being replaced by innovative tech-soul start-ups.
Markets have opened up worldwide and the emerging markets are driving business opportunities. The advancements in technology have brought along associated risks which are novel and rapidly evolving, difficult to spot and possibly immeasurable in impact.
While providing cover for risks is the core to the business of insurance, insurers themselves are not immune to risks. In fact, insurers are exposed to a number of financial and non-financial risks. The very nature of their business exposes General Insurers to multiple types of risks like insurance risk, asset (market and credit) risk, cyber security and operational risks; which they must deal with an ongoing basis.
While these risks aren’t new, they have also become more complicated to manage over the last few years. A 2017 Deloitte report mentions, a big part of the problem for insurers is the difficulty in underwriting a constantly evolving risk, along with the dearth of historical data.
Moreover, usage-based insurance policies like Telematics (that harvest actual driving performance data) are expected to grow rapidly over the next decade, requiring insurers to develop predictive underwriting models. This again is an unchartered territory.
Let’s understand different type of risks faced by insurers and how they have changed in the current globalised context.
1.Insurance Risk:It is the likelihood that an insured event will occur, requiring the insurer to pay a claim. Accordingly, Insurance risk can be divided into two parts –
•Re-insurance Risk: It refers to the inability of the primary insurer to obtain insurance from a reinsurer at the right time and at an appropriate cost. All insurers transfer a part of their portfolio to a reinsurer for a premium. However, the unavailability of reinsurance or inadequate reinsurance will have adverse ramifications for the primary insurer.
•Underwriting Risk: This refers to the risk of loss on underwriting activity of insurers. Underwriting Risk may either arise from an inaccurate assessment of the risks entailed in writing an insurance policy, or from factors entirely out of the underwriter's control. As a result, the policy may cost the insurer much more than what it has earned in premiums.
For example, with the new risks arising from distracted driving, in motor insurance, and the proliferation of expensive sensor-laden vehicles, the cost of their repairs, too are increasing. Improper underwriting of these new risks can have huge financial implications on the insurer’s profitability.
Therefore, data on a driver’s actual performance is critical for the Insurers to ensure the policy is priced correctly.
Underwriting Risks are an integral part of the insurance business. While it is impossible to eliminate them entirely, Underwriting Risk is a key focus for insurers’ risk mitigation efforts. The long-term profitability of an underwriter is directly proportional to its mitigation of Underwriting Risk.
2.Assets Risk: Asset risk of an insurer consists of:
•Credit Risk: Credit Risk is the risk due to uncertainty in the counterparty’s ability to meet its obligations. Investment income from the pool of investment is an important element of insurer’s profitability. Default in realisation of interest and /or principal poses credit risk for an insurer. A default on the part of the reinsurer could also lead to adverse impacts on the profitability and solvency of the primary insurer. This again is part of the credit risk faced by an insurer.
Practically, all businesses dealing in credit face this risk. In assessing Credit Risk from a single counterparty, an institution must consider:
I.Default Probability, i.e., the likelihood that the counterparty will default on its obligation either over the life of the obligation or over some specified horizon, such as a year
II.Credit Exposure, which is the quantum of the outstanding obligation when the default occurs
III.Recovery Rate, which is the fraction of the exposure that may be recovered through bankruptcy proceedings or some other form of settlement in the event of a default.
3.Liquidity Risk: In the course of business, a part of the investment book may need to be sold and realised to meet business requirements. An inadequate secondary market may prevent the liquidation or limit the funds that can be generated from the asset.
An institution might face liquidity crisis if its credit rating falls, it experiences sudden unexpected cash outflows, or some other event causes counterparties to avoid trading with or lending to the institution.
In the context of insurance, Liquidity Risk is an exposure to loss in the event that insufficient liquid assets will be available, from among the assets supporting the policy obligations, to meet the cash flow requirements of the policyholder obligations.
4.Market risk: Market Risk is the risk that the value of insurer’s investments will decrease due to changes in market factors. Typically, insurers invest bulk of its premium receipts in financial instruments with an objective of generating risk-aligned returns. Thanks to globalisation of economies and markets, Indian insurers are no longer immune to global shocks.
Indian monetary Policy makers – more than ever – are increasingly keeping an eye on global events before taking a call on interest rates. Insurers with its long-term liabilities and uncertain investment markets are facing higher market risk than ever.
5.Operational Risk: It is the risk of loss resulting from inadequate/failed internal processes and systems or from external events. This category of risks includes instances of employee errors, fraud, systems failures, fire, floods and so on. While operational risk is an important for insurers to manage, the challenge is in assessing it. For instance, insurer might need to quantify the portion of underwriting losses that are really due to ineffective or faulty underwriting processes.
Moreover, with the advent of fintech companies, underwriting has not only digitalized but also accelerated its processes. While brick-and-mortal companies have innovated and successfully adopted technology to fend competition, the challenges remain on creation of robust underwriting models that reflect the new risk parameters as well as in safe data warehousing and management.
6.Information&Cyber Security Risk: Cyber Security is all about security of anything in the cyber realm. It includes everything that can be accessed through cyberspace or through Information & Communication Technology (ICT). Modern business data resides electronically on servers, desktops, laptops, or somewhere on the internet. Cyber security is all about protecting that data. The important part of that is identifying what the critical data is, where it resides, and the technology available to implement in order to protect it.
Regulations around cyber security across the globe are getting stricter thereby leaving no margin for any omissions for combating the risks coupled with significant penalties for any failures. It is observed that the level of awareness of cyber threats and cyber security within the insurance sector, as well as supervisory approaches to combat the risks, appear to vary across organizations.
Apart from being exposed to cyber risks at entity level, General insurers also offer products covering cyber liability and cyber crime. It’s a constant challenge to develop a sustainable product which suits market needs and at the same time is commercially viable since cyber risk is constantly evolving.
However, nimble-footed insurers can stay ahead of the curve by taking appropriate steps to reduce business risks. One way is through geographical diversification of operations and by investing across industries and asset classes. Moreover, it can devise robust risk management policies that are regularly monitored by risk officers and reported at the appropriate levels.
In such cases, the sources and quantum of risk will need to be minutely tracked while procedures are put in place to track and report them on a regular basis.