Insurers slow to meet impending ERM requirements: Report

Many U.S. insurers fall short of enterprise risk management requirements that regulators have slated to introduce in 2015, according to a study by PricewaterhouseCoopers L.L.P.

The requirements, which are included in the Risk Management and Own Risk and Solvency Assessment Model Act, were adopted by the National Association of Insurance Commissioners in 2011, with an effective date of Jan. 1, 2015.

RMORSA, which individual states or jurisdictions may implement, requires insurers to maintain a comprehensive enterprise risk management framework embodied in company operations. This includes current and prospective solvency position assessments under various scenarios.

The act requires insurers to file an “ORSA summary report” with the insurance regulator in their lead state of domicile. PwC notes that, despite the 2015 effective date, some regulators already are asking insurers for their own risk and solvency assessment report.

In its report, “PwC’s 2012 U.S. Insurance ERM & ORSA Readiness Survey,” PwC looked at four aspects of an ERM program: risk strategy, risk governance, risk management and risk quantification. Among other things, the survey of 65 companies from the property/casualty, life and health insurance sectors found that 25% reported that risk appetite metrics are not part of their business planning process, that more than 30% of respondents do not have a dedicated chief risk officer, and that 22% of the insurers lack a formal process to address risk identification.

The report says that insurers can realize “many important advantages” by having an embedded ERM framework. “Meeting regulatory requirements as a byproduct of an effective ERM framework and risk-aware culture, rather than seeing the RMORSA as a pure compliance requirement, will help differentiate tomorrow’s winners in the market.”