Case Studies
A Large Mutual
Main sponsor: Chief Risk Officer
Premiofin were engaged to help the Group determine and implement its approach to Internal Control under Solvency II, as well as providing an overview and assurance of preparations to date.
- Determining a ‘target operating model’ for the Group’s Control Environment – encompassing Risk Strategy, Risk Culture, Framework, Policies, Internal Model Governance, Internal Model Validation and complete Internal Model control environment and ORSA.
- Undertaking a review of the Group’s approach to IMAP preparation and submission, including review and recommendations relating to proposed supporting documentary evidence.
- Enhancing approach to Enterprise Risk Management.
- Retained for a separate (side) engagement to help the Chief Risk Officer to assess current Risk Management capabilities, strengths and weaknesses and to develop and implement enhancement plans for Risk and Governance across the Group.
- Training and mentoring of several of the senior Risk Management team, including a development and mentoring programme for the CRO.
- Project Management of the above projects for delivery and approval.
Ecclesiastical
Main sponsor: Solvency II Programme Manager
- Premiofin were engaged to help the Group determine and implement its approach to Internal Model Validation under Solvency II:Determining a validation ‘target operating model’ for the Group’s Internal Model Control Environment – encompassing Internal Model Validation Policy, Internal Model Validation Standards (key controls and process documentation), Internal Model Governance and complete Internal Model control environment linking this control environment to the rest of the risk framework.
- Deliver an end to end Internal Model process cycle as part of the ‘target operating model’.
- Imbedded within the actuarial team and working directly with them to help evidence against the risks and controls identified in the Internal Model Validation process to reduce the probability of financial misstatement.
- Achieving agreement with Internal Audit on the roles and responsibilities of Internal Audit and their Independent Internal Model Validation report.
- Training and mentoring of several of the senior Risk Management team on internal controls including control testing, control design and performance assessment, including a development and mentoring programme for the CRO.
- Undertaking a review of the Group’s approach to IMAP preparation, including review and recommendations relating to proposed supporting documentary evidence.
- Enhancing approach to Enterprise Risk Management.
European Insurer and Lloyds Syndicate
Main sponsor: Head of Risk and Capital Modelling
The insurer was monitoring credit risk but this needed to be integrated into a new risk management framework:
“The task set the CFO and the Head of Risk Management and Capital Modelling was to rethink the approach the data feeds into the risk and ICA/ORSA reporting to produce a more meaningful and better-targeted management of the companies’ risks. The overall objective was to create Credit Risk report to GENPRU, INSPRU 2, SYSC, PRIN and Solvency II standards. There was also pressure from the PRA for Credit Risk to integrated into the Risk Management Framework.”
We suggested to them to construct the risk data feeds into Risk Management Information Packs and to start with Credit Risk as a Pilot.
We approached the Credit Risk Manager to establish what input and outputs, processes he was currently using for Credit Risk as the risks are aligned to the processes.
The Credit Risk framework was built after gap analysis between the current process and designed a “to be” process.
The new Credit Risk process took into account the following risk exposures at the insurer:
- Binder Exposure
- Broker Exposure
- Policyholder Exposure
- Reinsurance Exposure (internal and external including intercompany and fungibility)
- Pricing Exposure
- Credit Control (Booking delay, unallocated cash, Inadmissible premium and Average Collection Period)
- Investment Exposure
As these exposures were required as inputs to the Internal Model, all risks had their data sources identified; individual risk exposures were quantified and represented graphically in a risk map as below.
The overall risk exposure was then modelled to represent an upgrade or downgrade stress test using S&P probability defaults (giving LGD). Links to the Internal Model were built.
The individual risk exposures and overall Credit Risk exposure were built into a report to the discussed at the Bad Debt Committee.
The Pilot was deemed a success by the sponsor and CFO and the Risk MI concept was extended to the following risks:
- Underwriting (INSPRU 5)
- Reserving/ Mathematical Provisions (INSPRU 1)
- Market Risk (INSPRU 3)
- Operations and IT (INSPRU 5)
- HR (INSPRU 5)
- Compliance (INSPRU 5)
- Capital (INSPRU 7)
- Group Risk (INSPRU 6)
- Liquidity and Contagion (INSPRU 1 and INSPRU 4)
An Asset Manager
Main sponsor: Chief Financial Officer and Chief Risk Officer
Premiofin was tasked in completely redesigning a comprehensive risk management framework across the entire firm in the US, UK and other worldwide legal entities including:
- Complete restatement of risks and key control frameworks of the firm including the setting and managing of its risk exposures across all functions as exhaustive as the firm can manage. Complete review and redesign of risk governance to best practice
- New Risk Taxonomy and new control frameworks
Setting up dashboard and functional risk reporting to the Group Committee - Developing the firm’s Risk Appetite Statement based on actuarial analysis and methodologies on aggregate and by function
- Complete rewrite of the Enterprise Risk Management Framework policy, Risk Management Standards and procedures (including emerging risk, new/old product risk, Trading and conduct risk for example)
- Built a VaR/CoVaR model for aggregating operational and liquidity stress and scenarios.
- Designed and built the complete model validation framework
- Development of KRIs and EWIs are per new EBA guidance
- BCBS 239 and alignment of the risk management system to its requirements.
- Board Risk Management training
Redesign and authoring of the ICAAP and ILAAP documents
- Design and authoring of the 2015 Recovery and Resolution Submission
- Preparation of the Firm’s Pillar 3 disclosure and authoring of the Pillar 3 disclosure Standard
- Challenging any business strategic plans that exceed the firms’ risk appetite and tolerance
- Working with Compliance for a review policy and procedures for countering, money-laundering, terrorist financing, and financial crime
- Recommending a software Risk Management System to increase maturity at an accelerated pace.