risk management: one cro’s thoughts
DESCRIPTION
This presentation was presented at the fourth annual conference of the Cass-Capco Institute Paper Series on Risk in London on April 14, 2011.TRANSCRIPT
Risk Management: One CRO’s thoughtsCASS-CAPCO Fourth Annual Risk Management ConferenceLondon, 14 April, 2011
Thomas C. Wilson, Chief Risk Officer
©A
llian
z S
E 2
009
22
How does Risk Management add value?Asking the right questions…
Risk communication
• Is Allianz’s risk profile and strategy understood by the market and reflected in our valuation multiple and required capital?
Risk strategy • Does Allianz have a clear risk and solvency strategy and optimize its risk / reward profile accordingly?
• Are delegated authorities set consistent with this strategy?
Risk controlling • Is the risk profile of Allianz transparent to management?
• Is it within delegated authorities?Risk underwriting
• Are the risks which we want to take appropriately structured, underwritten and priced?
• Are all other risks (e.g. operational / reputational risk) appropriately identified and managed?
©A
llian
z S
E 2
009
33
How does Risk Management add value?
Questions…
Risk communication
Risk strategy
Risk controlling
Risk underwriting
Processes
Information& Systems
Goverance
… answering them correctly, acting on the decisions
©A
llian
z S
E 2
009
Standard Committee Structure
Page 4* For details of standard local RiCo agenda see Appendix
©A
llian
z S
E 2
009
Target Operating Model for OE Risk Organization
Standard operating model to ensure that responsibilities and authorities of Risk function are adequate
23
Blueprint for risk management and recommendation for department organization
Source: OTP Finance
§ Scope of activities mandatory under the governance of the CFO§ Split by
department into sub-departments recommended, but not mandatory
§ In-depth understanding of risk profile§ Control of large risk acceptance, critical positions§ Commentary to risk reports
Risk controlling
§ SOX and ORM– Design
central processes
– Setup annual control plan
§ Management and develop-ment of credit risk models and mea-surement
§ Management and develop-ment of in-surance risk models and measurement§ Risk capital
calculation and allocation§ Risk
aggregation Life/Health and P&C§ Solvability
monitoring
§ Management and develop-ment of Fin-ancial risk models and measure-ment§ Limit setting
Risk policies and guide-lines
§ Exposure and limit controlling§ Satisfaction
of Reporting requirements– Group
interfaces– Local re-
quirements§ Reconcilia-
tion of input and output
§ Risk policy and guidelines development§ Risk
committee facilitation
Risk Management
ORM/SOX Credit risk Insurance risk
Financial risk
3Risk
Management3
Page 5
* For details please see separate TOM and relevant OTP documentation
©A
llian
z S
E 2
009
Group Risk Appetite and Limit Framework
Allianz Group’s Risk Appetite consists of three pillars outlined below:§ Allocating capital and defining minimum (target) capital ratios§ Defining risk tolerance and quantitative limits§ Managing liquidity to ensure flexibility
Examples OE limits set by GroupGroup limits
Solvency limits
Capital limits
Concentration limits
Investment limits
Nat Cat limits
Solvency Capital: Economic,Rating agency, Regulatory OE Risk Capital
Strategic Asset Allocation
Group-wideNat Cat limit
OE specific Nat Cat limits
Strategic Asset Allocation
Solvency target & corridor
Counterparty/Obligor exposure and VaR (Market and Credit Risk)
©A
llian
z S
E 2
009
Risk Identification and Assessment processes
Risk ControlledSelf-Assessment
Top Risk Assessment
Emerging Risk Initiative
COSO framework
1. Risk identification
2. Prioritization
3. Assessment (frequency, severity)
4. Mitigating controls
5. Testing
©A
llian
z S
E 2
009
Example: L/H product approval process
PASS
Gate 1: Acceptability
Checks on certain products (VA, EIA) and features (AL mismatches, riders, …)*
Gate 2: Profitability
NBM* check against
thresholds and approval of
limits if appropriate
All new products
Existing products with a low
or negative NBM*
PASS
FAIL FAIL
Escalation option
Escalation option
Launch new products / retain
or modify existing products
Local OE product approval and monitoring processesStart
* VA = Variable Annuities, FIA = Fixed Index Annuities, AL = Asset / liability, NBM = New Business Margin
©A
llian
z S
E 2
009
Financial & Risk ControllingPDSD
Embedding risk management in medium term planning
TDI
§ Capital requirements projected on a statutory, economic and rating agency basis
§ Guidance for cumul risk limits: NatCat, Country Risk, SAA risks, etc.
§ CapCo approval of Group cumulrisk limits
§ SD decisions reconfirmed
§ Lower level segment SAA approved by FiCo and CapCo
§ On-going monitoring of capital positions and limit adherence as part of controlling
©A
llian
z S
E 2
009
10
RAI - System Architecture Framework
Central Risk Platform Algorithmics
Market dataMinD
Valuation, Risk Capital, Scenarios, Sensitivities
Local Systems
ReplicatingScenarios
Feeder Systemsò Partially locally developed
and parameterized modelsò Centrally developed,
parameterized and controlled models
ò Centrally developed, locallyparameterized models
ALIM CFModels
Life/P&CAsset Input
MKMV
InvestmentData System
BusinessRisk
Web-based User Interface§ Market Value § Balance Sheet§ Available Capital§ Limits§ Hierarchies§ Tax calculation § Minorities
Market Risk Insur. Risk Credit Risk Oper. Risk Cost Risk
Replicatingportfolio tool/
Greeks
Marginaldist. /
Parameters
Marginaldist. /
Parameters
Marginaldist. /
Parameters
Marginaldist. /
Parameters
Risk Engine: MC-Simulation - Inter / Intra Risk-Aggregation Model
PRISM
PRISM R/I
OR System
©A
llian
z S
E 2
009
Qualitative Reporting
§ Standardized quarterly reporting on:
- Governance & Compliance with Group Standards
- General Risk Issues
- Regulatory & Legal Issues
- Market Environment & Competitive Risks
- New Product & Underwriting Approvals
- Financial Risk Exposure & Limit Adhere
- Solvency II Implementation
- L&H appendix: new product approvals, negative margin products, guarantee levels & new money rates
§ Progress on resolution of issues is tracked
§ Reports are circulated to OE and Group management ensuring transparency
Y Life Cancellation Option (New Issue):
n Deficiencies in the information provided to individual life policyholders in the past and a new insurance law enacted at the end of 2005 will require AGF to contact existing unit-linked policyholders and give them an option to cancel their policies. Policyholders will have 30 days to request a refund of their original premium.
n The worst case exposure, assuming 100% cancellation was estimated at EUR 315 mn at the end of Q1. AGF has booked a reserve of EUR 9.6 mn as of Q1, assuming a 3.6% cancellation rate would apply to a worst case exposure of EUR 260 mn (this value is lower than total unrealized losses on unit linked because policyholders have been identified to whom a letter had been sent). An action plan to send suitable information to policyholders by registered mail is being prepared. The plan may trigger higher cancellations in current market conditions ; therefore it will need to be monitored carefully.
n Group Risk is concerned that the actual lapse rate after the mailing campaign may be far higher than the expected 3.6%, although no action would potentially leave the worst case loss at much higher levels if markets deteriorate.
G
Regulatory Fines (New Issue):
n SOCA (an Oddo subsidiary) received a EUR 50k penalty for failing to comply with insurance law while acting as a broker. There is no immediate consequence for AGF entities.
4. Market Environment & Competitive Risks
R Financial Crisis Impact Update (Red in Q4)
n Equity risk remains high for L&H business, and real estate risk for P&C and L&H businesses. Liquidity is also under pressure due to money market fund support and surrenders for UL business where illiquid assets are backing some UL products. Structured credit exposures in the Allianz Banque trading portfolio are still on the balance sheet (with the risk mostly realized). The independent asset valuation review performed by Moody’s will be maintained in 2009 at the request of AGF and ABRM.
Y Hospitaliers Pension Scheme Update (Green in Q4)
n Initial decisions have been taken on 2009 annuity revaluation under planned targets and according to agreement governance. Projection updates to be produced in June. At present, equity losses and low interest rate levels have seriously damaged the capacity of the pension scheme to reach full life annuity coverage by 2028 as planned, though this is not an XXX liability (annuity rights generated before 2008 are currently limited to 8 years).
n AGF Vie exposure to market risks has also increased due to the low interest rate and equity environment, and transfer of buffers generated by new pension rights toward in-force ones.
5. New Products & Group Insurance Committee Approvals
R New Product Process Failure (New Issue)
n The new “Fipavie Diversifié” product (Generation Vie / Life Partnerships) was launched before risk review / approval with insufficient prior evidence that an appropriate process had been established to manage this completely new product. – Action 7: Product review to be completed post-launch with a local RiCo opinion. Proper
controls to be put in place before the next version of the product is launched.
– Q1 Status: Review is now 90% complete. The main risks identified to date are: (1) the
XXX Risk report – Q1 2009
2. General Risk Issues
R Internal Transactions Update (Red in Q4)
n Several XXX insurance entities have purchased shares of AZ money market funds at the official NAV price to support fund liquidity.
n In a second stage, AGF Vie purchased EUR 600mn of corporate bonds (floaters) from these funds at the mark-to-model price in December 2008, with a significant delta versus contributed market prices (the difference between the official NAV price and the model price being subsidized by AGI).
n Further support from AGF Vie was provided again in March 2009 due to growing redemptions, leading to an additional purchase of EUR 492mn of corporate bonds from these funds.
n Full liquidation of the AGI France Money Market funds could lead to an ultimate estimated need for EUR 733mn of additional liquidity support.
Y Crediting Strategy (New Issue)
n XXX has indicated to Group Risk that the current internal working assumption is for an average bonus of 3.50% in 2009. This assumption would mean paying out c. EUR 1,450mn to policyholders relative to a minimum guarantee cost of c. EUR 950mn.
n Group Risk recognizes that the French life insurance market is competitive and AGF is under pressure to maintain bonuses to attract new business and minimize surrenders.
n However, Group Risk is concerned that AGF may have reached a tipping point on bonus sustainability given the current market environment. In order to make the planned 3.50% payment, XXX would need to reduce current UAR reserves by EUR 500 mn (42% based on year-end 2008 UAR figures). This will have a material adverse impact on O&G costs, MCEV, NBM figures, Risk Capital, Statutory Solvency and the general sustainability of the traditional business.
– Action 4: Group Risk and Group Actuarial to work with AGF to quantify the impact on the above items of different crediting strategies.
Owners: Philippe Léglise CRO, GR, GA Due Date: End of Q2 2009
G Madoff Exposure Update (Red in Q4)
n Exposure in various AZ French entities has remained almost unchanged, estimated at EUR 47mn (30 November 2008), mainly through the AAAM alternative funds “Phenix Alternative Holding” and “Licorne”, and also through Oddo AM “GAP” funds. About half of this exposure is for UL assets (mostly Generation Vie and AVIP), and half for various Life and P&C portfolios.
n Decisions have been made during Q1 to notify UL clients of their entitlement to any recoverable assets from Madoff defeasance (side-pockets) extracted from some of their UL funds, and of the disappearance of several closed Madoff funds (Luxalpha, Thema). No subsidization of losses should be supported by Allianz Life Operating Entities in principle.
n Reputational risk is seen as moderate, but could increase due to some complaints already registered, as surrenders cannot be paid for a few suspended funds. Subsidization of Madoff losses even in one case might be an argument used for payment in all cases, which would result in a worst case loss of EUR 24mn for AGF France.
XXX Risk report – Q1 2009
XXX Risk report – Q1 2009
OE Contact: XXX
Group Risk Contacts: Stuart Robinson, Ioannis Kotsianos
1. Governance & Group Standards Compliance
Y Reserve Governance Update (Yellow in Q4)
n Group Actuarial has raised concerns that reserving decisions are effectively made at BU level and the Reserve Committee role and authority to challenge decisions needs to be strengthened. – Action 1: Completion of the Finance Unit organization project in order to better enhance
efficiency, including non-life actuarial reserving processes. – Q1 Status: Presentation on the Finance Unit organization project to union
representatives completed, enforcement decision still subject to union representative answer. Update on implementation to be included in Q2.
Owners: XXX Due Date: End of Q4 2009
Y
Product Approval Update (Yellow in Q4)
n A risk review of new products is always carried out, but process governance needs to be further reinforced in 2009 (risk review before launch, formalized sign-off process, independent actuarial review). – Action 2: Global process for new product design to be reengineered by Technical Area,
including Risk and Actuarial reviews before launch. – Q1 Status: Presentation on the new Product Process to Executive Committee
successfully completed. Practical set-up to be rolled-out. Update on implementation to be included in Q2.
Owners: XXX Due Date: End of Q2 2009
Y Partnerships Update (Red in Q4)
n Control of life JVs needs to be strengthened so that XXX can effectively monitor compliance and ensure governance is robust. Regulatory and reputational risks are the main concern. – Q1 Status: Local internal control position planned with 1 FTE. Agreement reached that
the general XXX product approval process will apply for JVs. Update on implementation to be included in Q2.
Owners: XXX Due Date: End of Q2 2009
G General Governance (Green in Q4)
n No major deviations from the Group Risk Policy
©A
llian
z S
E 2
009
1212
Addressing the issues
Examples
Risk communication
• Regulatory filings• Rating agency disclosures• Public disclosures: Annual Report, Investor Day
Risk strategy • Risk appetite: EaR, CaR, Risk Capital• Strategic Planning, not Budgeting: TDI, SD, PD
Risk controlling • Capital solvency, EaR and CaR reporting• Individual risk reporting• Associated limit systems • Separation of duties
Risk underwriting
• Product approval processes• A/L or Strategic Asset Allocation processes• Pricing guidelines, u/w minimum standards• Risk Controlled Self-Assessment, Top Risk
Assessment
- Examples -
©A
llian
z S
E 2
009
1313
Asking the right questions, answering them and acting on the decisionsExamples
Risk communication
Risk strategy
Risk controlling
Risk underwriting
Processes
Information& Systems
Goverance
Focusing on the foundations of good ERM is an important first step…but is it
sufficient?
©A
llian
z S
E 2
009
Outward signs of ERM: Necessary. . .but not sufficient!Warren Specter, co-COO Bear Stearns, to the Senate Financial Crisis Inquiry Committee
You have also asked me to address risk management practices. Risk at Bear Stearns was managed through a system of checks and balances. Each business unit was responsible for managing its risk, and the head of each division was then responsible for managing the aggregate risk within its units. The Executive Committee approved explicit limits for all areas of the firm - at the trading book level, and also by unit and by department - which were monitored by departmentheads. These limits were reviewed and monitored by the Risk Management Group, which was an independent unit that reported to the Executive Committee and met regularly with the Board's Risk Committee. This group, headed by Bear Stearns' Chief Risk Officer, served as an independent check on the business units' own risk management function. It distributed daily P&L statements that highlightedany significant gains and losses. It also provided daily written reports to senior managementcommenting on changes in exposure, any unusual trades, and any concentrated positions. The Risk Committee held weekly meetings, and the Risk Management Group made monthly presentations to the Executive Committee. At the weekly meetings, trading managers reported on their positions and theirrisk, and the risk management teams were present to verify the accuracy of these reports and to express their views. In this way, the Risk Committee and the business units served as constant checks on each other. There was an active dialogue among senior management about the firm's overall risk appetite, which we reviewed during both weekly and monthly meetings.In my opinion, Bear Stearns' risk management practices were robust and effective. During my tenure on the Executive Committee I found the Risk Management team to be highly trained and very experienced. Overall, I thoughtBear Stearns was well-managed, and I was saddened and disappointed whenthe firm collapsed.
©A
llian
z S
E 2
009
Signs of a dysfunctional risk culture:Golden Rule
Symptom: Make the gold, make the rules (and should not be challenged!)
Case study: AIG FP• PwC, AIG's auditor, concluded that the ability to access AIG FP by the risk
management and other control functions "may require strengthening". • Federal Office of Thrift Supervision (OTS), AIG FP’s regulator, sent a letter
which said that the unit "was allowed to limit access of key risk control groups while material questions relating to the valuation of the [swap portfolio] were mounting".
• Rep. Gary Peters (D., Mich.) asked AIG CEO Edward Liddy during a congressional hearing, "Where was the risk management of your company? Where was the failure of your own internal risk-management procedures?" Mr. Liddy’s response, "We had risk-management practices in place. They generally were not allowed to go up into the financial-products business.”
©A
llian
z S
E 2
009
Signs of a dysfunctional risk culture:„Dancing while the music is playing“
Symptom: Following the market, even when standards are deteriorating
Case study: US mortgage market• Chuck (Charles) Prince, ex-CEO of Citigroup: “When the music stops,
in terms of liquidity, things will be complicated. But as long as the music is playing, you've got to get up and dance. We're still dancing.”
• When compared to the behaviour of a lemming at an FCIC hearing, Mr. Prince’s reply was, "It would have been impossible to say to bankers, we’re not going to participate … and expect to have any people left."
©A
llian
z S
E 2
009
Signs of a dysfunctional risk culture:Arbitraging the system
Symptom: Building a business based on the flaws in our models
Case study: Lehman Brothers• ‘Repo 105’ transactions were considered a sale of the assets under English
law. • Court appointed examiner’s report said these deals created "a materially
misleading picture of the firm’s financial condition in late 2007 and 2008” and were “actionable balance sheet manipulation” and “nonculpable errors of business judgment”,
• Condoned by senior management of the firm, as the email excerpt illustrates: - “It’s basically window-dressing.”- “I see … so it’s legally do-able but doesn’t look good when we actually do it? Does
the rest of the street do it? Also is that why we have so much BS [balance sheet] to Rates Europe?”
- “Yes, No and yes. :)”
©A
llian
z S
E 2
009
How much can we rely on compensation to steerculture?
• „Dick Fuld (CEO) is also, in some sense, a victim. He’d held on to 10 million shares of Lehman stock until the end and lost almost $1 billion“
• „Mr Prince, whose exit was sealed late last week, already owns 1.61 million shares in Citi“ which decreased in value from USD 50 to USD 5 between 2007-2009.
• On March 14, 2008, CNBC reported that „the value of Jimmy Cayne's(CEO) holdings in Bear Stearns had declined from $993 million to …less than $15 million as a result, effectively removing him from the list of the wealthiest individuals in the country.“
©A
llian
z S
E 2
009
19
Three lines of defense
First line of defense:
Business isresponsible for both profit and loss, risk and
returns
OEs
Second line of defense:
Functions whichdefine framework
within whichbusiness is
allowed to work
Risk, Legal, Compliance
Third line of defense:
Ensure that the framework isadhered to
Audit
©A
llian
z S
E 2
009
20
Second line of defense:
Functions whichdefine framework
within whichbusiness is
allowed to work
Risk, Legal, Compliance
Three lines of defense
First line of defense:
Business isresponsible for both profit and loss, risk and
returns
OEs
e.g. pricing & underwriting guidelines, risk measures & limits, capital allocation
Third line of defense:
Ensure that the framework isadhered to
Audit
Management has to takeresponsibility, our frameworks have to be in place, butIn the next crisis, our models will be wrong with probability 1All frameworks can (and will) bearbitragedNo framework can anticipate all new businesses
©A
llian
z S
E 2
009
2121
Management lever Risk controlling Risk management Risk communication
Risk strategy
Risk controlling
Risk underwriting
What does „risk management“ really meanin the context of the second line of defense?
Risk controlling§ Define frameworks within which business can
be done§ Control risk and limits and provide transparency§ Provide technical analysis to support business
decisionsRisk management§ Have a deep, professional understanding of the
business (not just the models!)§ Be close to the business, discussing key
decisions before they are taken§ Exercise professional judgement, occasionally
saying „no“ if our frameworks are inadequate, ifthey are being arbitraged
©A
llian
z S
E 2
009
2222
Culture…the missing piece
Examples
Risk communication
Risk strategy
Risk controlling
Risk underwriting
Processes
Information& Systems
Culture
Goverance
US Supreme Court Justice Potter Stewart (on risk culture??), 1964 Jacobellis vs. Ohio“I shall not today attempt further to define the kinds of material I understand to be embraced within that shorthand description; and perhaps I could never succeed in intelligibly doing so. But I know it when I see it…”