Page 51 - The Insurance Times October 2025
P. 51
2. Incentives vs. Prudence - Sales and underwriting in- Investment in risk analytics platforms, stress test-
centives rewarded growth, not sustainable risk prac- ing, and real-time risk dashboards.
tices.
Scenario planning and catastrophe modeling be-
3. Underestimation of Catastrophic Risks - Derivatives came routine decision-making tools.
and credit default swaps were taken on without ad-
equate modeling of tail risks. Results and Outcomes
4. Board and Management Disconnect - Risk commit- 1. Financial Stability Restored - AIG repaid its bailout
tees existed but lacked authority and comprehensive loans by 2012 and returned to profitability, backed by
data. stronger risk governance.
2. Improved Regulatory Standing - Regained credibility
Strategic Approach to Rebuilding Risk with U.S. Federal Reserve, NAIC, and global regulators.
Culture 3. Operational Resilience - Enhanced ability to respond
1. Leadership Commitment to new risks like cyber threats and climate change ex-
New leadership at AIG made risk culture a board- posures.
level priority. 4. Cultural Shift - Risk management became embedded
The Chief Risk Officer (CRO) role was elevated with into performance reviews, promotions, and strategic
direct reporting to the CEO and the Board Risk planning.
Committee.
Ongoing Challenges
2. Enterprise Risk Management (ERM) Frame-
Maintaining Vigilance - Risk culture is dynamic; com-
work placency after recovery could reintroduce old habits.
Adopted a holistic ERM approach covering under-
Balancing Innovation and Risk Control - Insurers must
writing, investment, operational, cyber, and
reputational risks. innovate (e.g., in digital insurance, AI underwriting)
without undermining prudence.
Framework aligned with COSO ERM and ISO 31000
Global Regulatory Complexity - Compliance with Sol-
standards.
vency II, IFRS 17, and regional rules requires continu-
ous adaptation.
3. Three Lines of Defence Model
First line: Business units responsible for identifying
and managing risks. Lessons for the Insurance Industry
1. Tone from the Top Matters
Second line: Risk and compliance teams provided
oversight and frameworks. Risk culture starts with leadership. Boards and CEOs
must visibly prioritize risk awareness, not just compli-
Third line: Internal audit provided independent as-
ance. They should act as role models, integrating risk
surance.
thinking into strategic decisions.
4. Embedding Risk Culture in Daily Operations
2. Embed Risk Culture into Incentives
Mandatory risk training across all levels, from un-
Compensation and bonuses must reward prudent un-
derwriters to senior executives.
derwriting, strong compliance, and long-term profitabil-
Revised incentive structures to balance growth with ity-not just sales volumes or market share.
prudent risk-taking.
"Speak-up" culture encouraged reporting of emerg- 3. Break Down Silos
ing risks without fear of retaliation. Enterprise Risk Management (ERM) frameworks must
create a 360-degree view of risk exposures across life,
5. Technology and Data Integration general, reinsurance, and investment arms. Risk dash-
The Insurance Times October 2025 47
