As insurers evolve their business models to remain competitive in a digitally connected future, fresh operational risk exposures will emerge. Those increasingly critical risks will involve business processes, systems, project risks and external events.
Consider when an insurer adopts a new process or technology. With each, there is a period of unfamiliarity among staff. That can lead to errors—and new operational risk as a result. In addition, in developing digital offerings for customers, insurers will be exposed to risks they might not have encountered before, such as social media risks.
As noted in the Accenture 2015 Risk Management Study, North American Insurance Report, this situation demands attention from Chief Risk Officers (CROs). While senior management—with input from their risk function—strategizes about the operational changes needed to remain competitive, CROs ought to be establishing a robust operational risk framework, directing the greatest amount of attention to operational risk in those new areas. By acting now, CROs can give senior management greater confidence that their organizations are prepared to deal with the emerging risk related to their new operational strategies as those risks appear.
Another important benefit of establishing that framework now is that it will position insurers well for any potential regulatory requirements on operational risk. Unlike banks, insurers currently do not face the pressures of Basel III obligations mandating a specific approach to operational risk management. Therefore, insurers can adopt a more value-oriented approach to operational risk management. Even so, insurers also can pave the way for possible regulatory obligations.
We believe that Charlie Philbrook, CRO at John Hancock, is taking a wise approach to operational risk. “It’s not a given that we have to do anything like the banks have done, so we’ve got a lot of different views on how to implement it,” he says. “We’re now looking to refine our approach and make sure it’s comprehensive across the organization. That will include putting in place a robust, mature operational risk program. The operational risk management program needs to drive near-term business value in order to be sustainable.”
Next time: If CROs are going to provide senior management with insights on evolving risks, then risk functions must invest in data and analytics specialists.
- Read Accenture 2015 Risk Management Study, North American Insurance Report, part 1: Repositioning the risk function
- Read Accenture 2015 Risk Management Study, North American Insurance Report, part 2: Shaping digital decisions
- Read about the Accenture 2015 Risk Management Study and use our risk benchmarking diagnostic
- Download the North American Insurance Report
- Download the Global Insurance Report