Transcript Slide 1
Enterprise Risk Management
Assurity Life Insurance Company
KCAC Seminar
Kansas City, MO
June 24, 2009
Assurity Life Insurance Company Background
Mutual Holding Company structure
Merger of 3 companies: Woodmen Accident and Life, Security
Financial Life and Lincoln Direct Life
$2.2 billion in assets
$233 million in Surplus and AVR
Conservative investment portfolio
Focus on protection-based products
No Variable Life or Variable Annuity business
No secondary guarantees
No specific Risk Management Process concerns, but
management was concerned that the processes in place to
manage risk were not being communicated well enough to
stakeholders
2
Assurity’s ERM Process Goals
To understand and manage the risks being
taken
Strengthen a risk awareness culture throughout
the organization
Actively set appropriate “tone at the top”
Better communication both within the company
and with external parties regarding Assurity’s
risk profile
Establish clear risk ownership/accountability
Maintain the long-term view
3
Assurity’s ERM Process
Risk identification
Risk assessment
Risk limits/triggers
Risk management and mitigation
Risk monitoring/Key Risk Indicators
(KRI’s)
Risk reporting
Learn and adjust
4
Development of Assurity Life risk and opportunity
map, monitoring, and reporting tool…
Capture all key risks/opportunities
Develop a common language/understanding
of risk classifications and definitions
Show cause and effect relationships
Integrate risk management, corporate
governance, balanced scorecard
Paperless and scalable
Top risks assessed and monitored
Top down and bottom up risk assessment
5
6
7
Risk Decomposition
8
Risk Management
9
The Risk Intelligent Enterprise Maturity Model
How capable is your company today? How capable does it need to be?
Every industry, company and division is probably at a different stage of development.
Where should they be and how do they get there?
Built into
decision-making
Tone set at the
top
Adhoc/chaotic;
depends
primarily on
individual
heroics,
capabilities and
verbal wisdom
1. Tribal & Heroic
Reaction to
adverse events
by specialists
Discrete roles
established for
small set of risks
Typically
finance,
insurance,
compliance
2. Specialist Silos
Policies,
procedures, risk
authorities
defined and
communicated
Business function
Primarily
qualitative
Integrated
response to
adverse events
Performance
linked metrics
Rapid escalation
Cultural
transformation
underway
Conformance
with enterprise
risk management
processes is
incentivized
Intelligent risk
taking
Sustainable
Proactive
“Risk
management is
everyone’s job”
4. Systematic
5. Risk Intelligent
Bottom-up
Reactive
3. Top-Down
Rewarded Risk
Un-Rewarded Risk
Source: Deloitte
10
Some thoughts on developing a successful
risk-taking organization…
1. Know your appetite for risk and foster a culture that is in
tune with it.
2. Maintain a healthy dose of skepticism.
3. Don’t oversimplify risk – recognize that risk has many
dimensions.
4. Avoid “model fixation.”
5. Start preparing when times are good (and stable) for bad
and risky times.
6. Pick the right people.
7. Make sure the incentives for taking risk are set correctly.
8. Preserve your options.
11