Docstoc

November Currency Risk

Document Sample
November  Currency Risk Powered By Docstoc
					Enterprise Risk Management
        Symposium
    Chicago, April 26-27, 2004

        The New COSO
  Enterprise Risk Management
           Framework

   “How to Make it Relevant”

          Presented by:
      Doug Brooks, SunLife
     Joel Aronchick, Chubb
     Richard Reynolds, PwC




             PwC
    Agenda




        I.    Overview of COSO ERM Framework

        II.   Comments of the American Academy of Actuaries

        III. Perspectives on Applying ERM
              SunLife
              Chubb

        IV. Open Discussion




2
                                                 PwC
      Overview of COSO ERM Framework

    • COSO ERM project launched in 2001 (PwC Authored)
    • Builds on COSO Internal Control Framework (PwC Authored)
    • Consists of conceptual framework and application guidance




                                         Application
                 Framework
                                          Guidance




3
                                                       PwC
    Why ERM is Important



      Underlying principles:
         Every entity, whether for-profit or not, exists to realize
          value for its stakeholders.
         Value is created, preserved, or eroded by management
          decisions in all activities, from strategy setting to operating
          the enterprise day-to-day.

      ERM supports value creation by enabling management to:
         Deal effectively with potential future events that create
          uncertainty.
         Respond in a manner that reduces the likelihood of
          downside outcomes and increases the upside.


4
                                                        PwC
      Enhancing Management Capabilities


    Enterprise risk management provides enhanced capabilities to:

     Align risk appetite and strategy
     Link growth, risk and return
     Enhance risk response decisions
     Minimize operational surprises and losses
     Identify and manage cross-enterprise risks
     Provide integrated responses to multiple risks
     Seize Opportunities
     Rationalize capital


5
                                                            PwC
    Framework Components



      The Framework Has Eight Interrelated Components




6
                                          PwC
    Key Concepts – Categories of Objectives



     Entity objectives can be viewed in the context of four
     categories

      Strategic
      Operations
      Reporting
      Compliance




7
                                                   PwC
    Key Concepts – Entity-wide



     ERM considers activities at all levels of the organization

      Enterprise-level
      Division or subsidiary
      Business unit processes




8
                                                    PwC
    Key Concepts – Portfolio View



     Enterprise risk management requires an entity to take a
     portfolio view of risk.

      Management considers how individual risks interrelate.
      Management develops a portfolio view from two
        perspectives:
         Business unit level

         Entity level




9
                                                   PwC
     Internal Environment



       Establishes a philosophy regarding risk management. It
          recognizes that unexpected as well as expected events
          may occur.

       Establishes the entity’s risk culture.
       Considers all other aspects of the organizations actions,
          including:
          oversight by the board of     The organizational structure of the
           directors                      entity
          The integrity and ethical     Mechanisms used by management
           values                         to assign authority and
          Competence of the entity's     responsibility
           people                        Mechanisms used my
          Management's philosophy        management to organize and
           and operating style            develop its people.


10
                                                              PwC
     Objective Setting



       Is applied in objective-setting when management considers
          risks strategy in the setting of objectives.

       Forms a risk appetite at the entity level. This risk appetite
          is encompassed in policy, guidelines and procedures. It is
          a high-level view of how much risk management and the
          board are willing to accept.

       Establishes risk tolerances, which are the acceptable level
          of variation around objectives, and align with risk appetite.




11
                                                         PwC
     Event Identification



       Distinguishes risk and opportunity
           Events that may have a negative impact represent
            risks.
           Events that may have a positive impact represent
            natural offsets or, opportunities, which management
            channels back to strategy setting.

       Involves identifying those incidents, occurring internally
          or externally, that could affect strategy and achievement
          of objectives.
       Addresses how internal and external factors combine
          and interact to influence its risk profile.


12
                                                        PwC
     Risk Assessment



       Allows an entity to understand the extent to which
         potential events might impact objectives.

       Assesses risks from two perspectives – likelihood and
         impact.

       Normally assesses risks using the same unit of measure
         as that used to measure the related objectives.

       Employs a combination of both qualitative and
         quantitative risk assessment methodologies.

       Relates the time horizons to objective time horizons.
       Assesses risk on both an inherent and residual basis.


13
                                                       PwC
     Risk Response



       Identifies and evaluates possible responses to risk.
       Evaluates options in relation to entity’s risk appetite, cost
          vs. benefit of potential risk responses and degree to
          which a response will reduce impact and/or likelihood.

       Selects and executes its response based on evaluation
          of the portfolio of risks and responses.

       Assessment of and response to risks are integral
          components of ERM; which specific response is selected
          is not.




14
                                                        PwC
     Control Activities



       Control activities are the policies and procedures that
          help ensure that the risk responses, as well as other
          entity directives, are carried out.

       Occur throughout the organization, at all levels and in all
          functions.

       Includes application controls and general information
          technology controls.




15
                                                       PwC
     Information and Communication



       Information is needed at all levels of an entity in
          identifying, assessing, and responding to risk.

       Management identifies, captures and communicates
          pertinent information in a form and timeframe that
          enables people to carry out their responsibilities.

       Communication occurs in a broader sense, flowing down,
          across and up the organization.




16
                                                        PwC
     Monitoring



       Monitors the ongoing effectiveness of the other
         enterprise risk management components through
          Ongoing monitoring activities

          Separate evaluations
          A combination of the two




17
                                                     PwC
     Other Key Concepts - Roles and Responsibilities



      Four broad areas of roles and responsibilities:

       Management
       The Board of Directors
       Risk officers
       Internal auditors




18
                                                    PwC
     Relationship with Internal Control



      Relationship with Internal Control – Integrated
      Framework:

       ERM expands and elaborates on elements of internal
          control as set out in COSO’s Internal Control – Integrated
          Framework (IC-IF).

       ERM includes objective setting as a separate
          component. The IC-IF sets out that objectives as a
          prerequisite for internal control.

       The ERM framework’s “Reporting” category of objectives
          expands the IC-IF “Financial Reporting”.



19
                                                       PwC
     Relationship with Internal Control



       Effective internal control is necessary for effective
          enterprise risk management.

       The ERM framework expands on the “risk assessment”
          component of IC-IF, separating it into three ERM
          components.

       The ERM framework elaborates on other components of
          IC-IF as they relate to enterprise risk management.




20
                                                        PwC
     Leading organizations have many building blocks in place. The
     challenge is in creating seamless connectivity top to bottom.


                    SVA / Risk Adjusted             Link risk adjusted performance measurement to
                 Performance Measurement             shareholder value and planning processes
                                                    Align performance measures with desired behavior

                                                    Rebalance, hedge the portfolio (capital optimization)
                      Active PM                     Correlation, VaR, marginal contribution

                                                    Manage concentrations through limits




                                                                                                             Linking the Building Blocks
                    Traditional PM                  Establish allowances (capital preservation)

                                                    Portfolio reporting and analysis
                     Portfolio Risk                 Aggregation of exposure (notional & risk adjusted)
                     Identification                 Analysis of Loss & default experience
                                                    Data management / MIS

                                                    Relationship profitability analysis
                                                  Risk adjusted pricing (value creation - MTM / RAROC)
             Transactional risk management        Structuring individual transactions
                                                    Allocation of limits to clients / products

                                                    Risk Assessment
                                                  Risk Modeling
             Transactional risk identification    Pricing Analysis
                                                    Client, Industry and Market information


                 Data Management                    Data acquisition, maintenance and distribution




21
                                                                                           PwC
       We have utilized the following framework with several leading financial
       institutions to gain better role clarity, particularly around the integration of
       strategic, financial and risk management planning.

                                     Validate/refine strategy

     Business        Business Strategy           Business Process            Evaluation
      Cycle          and Planning                and Execution

                 Business mission and       Risk policies and       Value drivers
                  strategy                    procedures              Internal reporting
                 Value proposition and      Risk measurement        Performance
                  risk appetite               methodologies            measures
                 Organization and           Risk-based pricing      External disclosure
                  governance                  and customer
                 Business planning and       profitability
                  budgeting processes        Risk aggregation and
                 Capital allocation and      reporting
                  balance sheet              Active portfolio and
                  management                  balance sheet
                 Business and individual     management
                  performance objectives      strategies

                        Limits                     Procedures                      Analysis
      Key
                   Capital                        Policy                     Reporting
     Controls
                                               Re-allocate capital/limits

                        Risk Management Systems Infrastructure


22
                                                                                       PwC
              The first step toward implementation is ensuring the business units
              and support functions have clearly defined, collaborative roles
              supported by appropriate infrastructure elements.

                                                  Validate/refine strategy

          Business          Set            Budget/
                                                           Execute             Control         Evaluate
           Cycle         Strategy          Plan

                      Formulate       Formulate       Manage             Manage            Validate
     Business Units
                            Request         Request         Formulate          Formulate        Reconcile

       Financial       Review         Approve         Facilitate         Manage            Review
        Control             Request         Review           Review              Review          Produce

     Corporate Risk    Review          Review         Facilitate        Formulate          Analyze
      Management            Approve         Approve          Approve             Approve         Analyze

                       Review          Review            Test             Test             Review
       Corporate
        Audit               Review          Review              Test              Test                Test

                             Limits                         Procedures                              Analysis
         Key
                         Capital                           Policy                            Reporting
        Controls
                                                  Re-allocate capital/limits

                                            Risk Management Infrastructure

23
                                                                                             PwC
     Agenda




         I.    Overview of COSO ERM Framework

         II.   Comments of the American Academy of Actuaries

         III. Perspectives on Applying ERM
               SunLife
               Chubb

         IV. Open Discussion




24
                                                  PwC
       General


      COSO Framework is an important contribution to
       raising awareness of enterprise risk management

      Three-dimensional structure

      Valuable tool to assist auditors in assessment of
       nature of a company’s risk framework




25
                                                      PwC
      Framework Goals


      A risk management framework needs to include a
       continuous, comprehensive review of the risks facing an
       organization, and their interactions

      Reputation is a particularly significant concept that needs
       to be reflected in a framework; different companies will
       have very different exposures to reputational
       consequences




26
                                                      PwC
     Risk as Opportunity


      A risk management framework must recognize that
       risk is necessary and appropriate

      Risk management is not defensive in nature

      Risk-return tradeoffs are an integral part of the
       strategic management process of organizations

      Risk management should enhance profit




27
                                                    PwC
     The External Environment


      COSO framework primarily addresses internal issues,
       and only tangentially external risks

      Risk factors are often beyond management’s control

      External risks are particularly important in the
       insurance industry

      Importance of interaction of companies’ internal
       processes with external factors




28
                                                      PwC
     Other Issues


      Interdependencies of risks



      Long-Term vs. Short-Term focus



      Roles and Transparency



      Risk Quantification




29
                                        PwC
     Actuarial Expertise


      Risk management techniques: measurement;
       exposure reports; risk limits; risk controls

      Risk analysis of new products, investments and
       projects; risk-adjusted product pricing; risk mitigation
       strategies

      Earnings volatility analysis and subsequent risk
       mitigation strategies

      Risk adjusted financial measurement and reporting

      Economic capital measurement and management




30
                                                     PwC
     Actuarial Models


      Financial simulations based upon capital
       management strategy, asset/liability analysis

      Portfolio analysis systems

      Monte Carlo models and regime-switching models for
       interest rate scenario generation for financial
       reporting or strategic development of investment
       options

      Credit risk modeling and management; solvency-
       related; pricing of financial products

      Hedging and other risk management quantification
       techniques


31
                                                       PwC
     Agenda




         I.    Overview of COSO ERM Framework

         II.   Comments of the American Academy of Actuaries

         III. Perspectives on Applying ERM
               SunLife
               Chubb

         IV. Open Discussion




32
                                                  PwC
Perspectives on Applying
     ERM: SunLife
      Background


     Sun’s approach developed largely as the result of a
     number of serious issues


         Guaranteed Annuity Options in the UK

         Pension Misselling in the UK
         Reinsurance problems

         Trust Company

         Vanishing Premiums




34
                                                    PwC
     Risk Management Framework


                          RISK
                      COMMUNICATIONS




         RISK
        TOOLS                                 RISK
                   CULTURE   PHILOSOPHY    RESOURCES


                       OBJECTIVES

         RISK                               RISK
      TOLERANCES                          POLICIES
                   ACCOUNTABILITIES



                           RISK
                         PROCESSES


35
                                               PwC
     Objectives of Risk Management



      Avoid risks that could materially affect the value of
       the company

      Contribute to sustainable earnings

      Take risks that the company can manage in order to
       increase returns

      Provide transparency of the company’s risks through
       internal and external reporting




36
                                                     PwC
     Risk Philosophy



       Our business is accepting risks for appropriate
        returns

       Driven by shareholder and policyholder expectations,
        external ratings and positioning in market place, we
        will take on risks that meet the organization’s
        objectives

       Alignment with corporate vision and strategy

       Embedded into the business management practices
        of every Business Group leader




37
                                                  PwC
     Risk Culture


     Key components
         Risk Consciousness

         Accountabilities

         Discipline

         Collaboration

         Communication




38
                               PwC
         Risk Management Structure

     Board Risk      Requires management to identify and review the major areas of risk
     Review          Approves and reviews compliance with the policies implemented by the
                      Company
     Committee

     Executive       Provides oversight of risk globally
     Risk            Approves and reviews compliance with risk policies
     Committee       Monitors breaches of risk tolerance limits and directs action
                     Sponsors review and analysis on risk exposures related to specific issues


     Chief Risk      Develops and coordinates the Company’s enterprise risk management
     Officer          framework
                     Reports to the CFO
     Enterprise      Comprised of the chief risk officer, other corporate functional heads and the
     Risk Mgmt.       country risk leaders from the main operations
     Committee       Meets monthly and reports into the ERC


     Country risk    Country risk leader either chairs a risk management committee or reports
     leaders          on risk management to the senior management team
                     Country risk leaders report into, liase with, or participate directly on the
                      CRSC


39
                                                                            PwC
     Risk Categorization




               MARKET                    CREDIT
                RISK                      RISK


                           OPERATIONAL
                              RISK




                            INSURANCE
                               RISK




40
                                                  PwC
     Risk Categorization



       Categories

       Sub-categories

       Source

       Exposure Triggers

       Direct Consequences




41
                              PwC
     Desired Risk Profile



      Risk Filter

       return/volatility

       capability to manage risk
             – identify and understand risk

       appropriate level of monitoring and reporting as well
        as the infrastructure to support monitoring and
        reporting

       ability to act on mitigation plans




42
                                                   PwC
      Desired Risk Profile

     Category         Acceptable      Corporate      Unacceptable
                      within policy   Approval /     Risks
                      tolerances      Coordination
     Credit Risk      Risk A          Risk C

                      Risk B



     Market Risk      Risk D          Risk G         Risk H

                      Risk E                         Risk I

                      Risk F

     Insurance Risk   Risk J          Risk M         Risk N

                      Risk K

                      Risk L

     Operational      Risk O          Risk R

     Risk             Risk P          Risk S

                      Risk Q


43
                                                       PwC
     Risk Management Reporting


     Ongoing reporting processes
         Market Risk Tolerance Limits
         Earnings at Risks

         Top-10 Risk Report
         Regular Compliance Reports

     Regular reports on specific issues
         Equity-related Guarantees and Hedges
         Guaranteed Annuity Options (GAO)

     Ad hoc reports



44
                                                 PwC
      Market Risk Tolerance Limit (MRTL) Report



      Tests sensitivity of the company’s income to changes
       in the interest rate and equity market environments

      Results compared to tolerance limits




45
                                                   PwC
        MRTL Report - Interest Rates



     100
      80
      60
       40
       20
        0                                               Impact
      -20   -200bp    -100bp    +100bp   +200bp
      -40
      -60
      -80
     -100


46
                                                  PwC
        MRTL Report - Equity Markets



     150

     100

      50

       0
            -25%      -10%      10%    25%         Impact
      -50

     -100

     -150

     -200


47
                                             PwC
       Earnings-at-Risk (EaR) Report


      Looks at sensitivity of company’s income to interest
       rate, equity market and currency changes

      Tests sensitivity at the 95th percentile level based on
       10,000 scenarios

      Chart on next slide shows these sensitivities in the
       form of cones by risk and by business unit




48
                                                        PwC
     Earnings at Risk Report




       80
       60                               Equity
       40                               Interest
       20                               Currency
         0                     Equity
             BU#1   BU#3



49
                                        PwC
     Common Currency: Risk Distribution




     Regulatory                           Economic




                          Credit
                          Market
                          Insurance
                          Other




50
                                              PwC
     Top-10 Risk Process



     Bottom-up Process with Structure
         encourages discussion and learning

         provides focused and actionable results

         provides form and forum for follow-up
         information is accessible and understandable in
          addressing both financial and non-financial risks




51
                                                       PwC
     Worldwide Top Ten Risks


                    BU #1   BU #2   BU #3   BU #4   BU #5   BU #6


          Risk #1


          Risk #2                                                   PRIORITIZATION
                                                                        LEGEND
          Risk #3
                                                                          SIGNIFICANT

          Risk #4

                                                                            MAJOR
          Risk #5

                                                                          MODERATE
          Risk #6


          Risk #7                                                           MINOR


                                                                          NEGLIGIBLE
          Risk #8


          Risk #9


         Risk #10




52
                                                                    PwC
     Key Elements of ERM


     Development of a cohesive and integrated risk management
     framework
          A target risk profile

          A common language in which to discuss risk and return

          A common measurement framework for quantifiable risks

          Comprehensive risk reporting
          Policies and limits to guide business activities

     Risk/Return culture

     Continual development of technical tools and processes




53
                                                              PwC
Perspectives on Applying
      ERM: Chubb
        Chubb Snapshot

     Founded 1882--incorporated 1967

      Chubb Corp. is a holding company for various insurance companies

      (Federal, Vigilant, Pacific Indemnity, Chubb Europe, etc.)

      12th largest U.S. P&C group based on 2002 NWP

     At December 2003

      $8.5 billion shareholder’s equity

      $38.4 billion total assets

      12,300 people - over 5 continents

      $11.1 billion NWP (82% U.S., 18% Foreign)

      95.3% C/R; $1.4 billion pre-tax P&C income*

      A++ A. M. Best financial strength ratings (AA from S&P)

     *excl A&E


55
                                                                   PwC
        History of ERM at Chubb


      Conservative company rooted in matrix management and
       specialized underwriting culture, since 1882

      Senior Underwriting Officer typically set individual risk
       tolerances

      Creation of Strategic Business Unit concept 1999

      Enron-WTC et al. validates need for ERM

      Dis-establishment of Senior Underwriting Officer position 2002

      Sarbanes - Oxley enacted

      Chief Risk Officer position established Dec. 2003




56
                                                              PwC
         Laying the Foundation for ERM


      Strong emphasis from the Board Chairman

      Underwriting, asset and credit risks had been managed as
       single impact events

      Organizational complexity requires coordinated
       assessment and direction

      Evolving exposure patterns not readily adaptable to smoke
       stack management

      Varying levels of risk appetites exist within and across the
       company

      Scorekeeping issues can impede economic decisions on
       retained exposure



57
                                                              PwC
       Global ERM Process Challenges


      Identify-assess-value-prioritize major corporate risks

      Assure key risks and exposures are understood and
      mitigated

      Install monitoring and tracking tools for exception reporting

      Develop a volatility to earnings strategy; protect balance
      sheet

      Integrate a sensible risk taking approach across the
      organization

      Establish communication and information sharing

      Help support growth opportunities across the enterprise

      Watch the store


58
                                                              PwC
       Changes Made

      All operating units moved to a capital ownership-return model

      Formalized risk quantification process underway

      Exception routines established for Exec. Mgmt and Bd. Audit
      Committee

      Establishment of a risk volatility curve project

        – Individual and enterprise risk (underwriting-credit-asset exposure)
      Repositioning and hedging

        – Nat Cat PML, protections re-built (severity vs. frequency)
        – Credit limits established (customers and counter party)
      Usage of actuarial science in model building

      Reinsurance purchasing authority pulled from SBU’s


59
                                                                 PwC
       Examples of Live Issues

      Terrorism load after TRIA

      Systemic loss exposure
            – Professional liability risks

             –   Emerging risks (i.e. cyber hurricane, SARS, Mold)

      Country specific capital and earnings exposure

      New concentrations (Summer Olympics, GOP/DNC Conventions)

      Cross enterprise credit aggregation (Surety-Professional Liability-
       Asset)

      Electronic cross customer-exposure data base

      Newco vetting/approval

      Specific SBU gross and net limit re-structuring


60
                                                            PwC
     Agenda




         I.    Overview of COSO ERM Framework

         II.   Comments of the American Academy of Actuaries

         III. Perspectives on Applying ERM
               SunLife
               Chubb

         IV. Open Discussion




61
                                                  PwC

				
DOCUMENT INFO