As firms struggle to select winning competitive strategies in complex and uncertain markets, #digital transformation has played an increasingly important role.
The prevailing wisdom has been that incumbent firms should select and then execute the #strategy by allocating resources, building capabilities, focusing on business enablers, launching initiatives and implementing practical actions. In today’s complex and unpredictable world, is this approach realistic?
It has long been assumed that customers needs are stable and predictable and the technologies that deliver value don’t change either. In a market where firms must respond to #emerging but unpredictable events, an adaptive strategy that senses weak signals indicating changing trends and tastes may be more appropriate.
This adaptive approach, whilst highly responsive could present significant challenges to the Chief #Risk Officer and Board who are tasked to provide effective oversight and challenge.
All firms operate in complex ecosystems where each component of the system are highly interconnected – a network of business risks that are always evolving.
Digital transformation has created new, unforeseen and often unmanaged risks, as firms adopt the latest technological offerings (Artificial Intelligence (AI), Machine Learning, Robotic Process Automation (RPA), Algorithms).
For example, many firms have adopted RPA for the sole purpose of streamlining processes, driving efficiency and reducing costs across back office processes, whilst AI offers the opportunity to learn from a firm’s customer base in a way traditional systems do not.
This raises challenges for risk professionals, not only in terms of bottom-up data privacy and cybersecurity, but from a top-down corporate strategy perspective that raises questions about the development of innovative products and if customers perceive value that exceeds what they are willing to pay?
The value of customer data
The use of data and the customer’s right to privacy has gained prominence in recent years. Customers have become increasingly aware of the value of their data and the use of secret algorithms and concealed monitoring.
In the US, legislators are considering the introduction of federal privacy law to bring in protections similar to the European Union’s General Data Protection Regulations (GDPR) and ‘right to be forgotten’ laws whereby customers can demand that internet search engines hide information they have gained about customers. On 21st January 2019, France’s data-protection regulator, the Commission nationale de L’informatique et des libertés (CNIL), announced that it had found Google’s data-collection practices to be in breach of GDPR. CNIL hit Google with a €50m ($57m) fine.
It is inevitable we will see increasing requirements on firms to provide customers with more explicit information over how they store and use customer data, increased debate as to how much control customers retain over that data and the penalties firms face for data breaches. We might even see calls for firms to publish the value of the customer data held.
How society wants to buy insurance and interact with the insurance industry continues to evolve.
Whilst the industry has embraced live-streaming drones for claims management, live cargo tracking using the Internet of Things (IoT) and ‘on-demand’ insurance for the GIG economy, this has raised some interesting ethical questions that underlie the core legitimacy of firms.
AI has undoubtedly increased the complexity of systems and has created new risks, as algorithms have the potential to introduce and automate biases. There are increasing calls for firms to take responsibility for the outcomes of the technologies they are introducing.
At what point should governance frameworks be overhauled to include oversight of algorithm principles and Senior Managers and Certification Regime (SM&CR) governance maps updated to identify accountable individuals? Will this lead to the transparent use of technology and governance frameworks that enable us to understand, monitor and explain what the technology is doing and how it actually works?
Whilst the overriding responsibility of Independent Non-Executive Directors has historically been focused on shareholders, should this now be tilted towards all stakeholders?
As insurance firms continue to implement adaptive strategies, layering one initiative over another in an attempt to transform the legacy business model, the role of the Chief Risk Officer has become ever more challenging.
The introduction of the latest technological offerings has created connected business risks which have become difficult to predict with any degree of certainty.
It is therefore necessary for Chief Risk Officers to be engaged in the formulation and execution of their firms adaptive strategies.
This will require Risk Functions to turn-up the dial when building tools that ‘sense’ changes in external trends, incorporate rapid feedback, enhance operational #resilience, articulate the +/- of different competitive strategies and build capital buffers as a last resort.
Reciproco provides knowledge integration across risk, solvency and strategy, including digital transformation, leading complex and unique projects in regulated sectors. Helping senior executives and management teams focus on strategic challenges to create a competitive advantage.
Darren Munday is the founder and Managing Director of Reciproco. An experienced executive with over 20 years’ global experience with multinational companies, including Chief Risk Officer reporting to the Board.
Darren is an Honorary Visiting Fellow of the Digital Leadership Research Centre, Cass Business School where he also holds an Executive MBA. Darren is a Certified Fellow of the Institute of Risk Management (CFIRM) and Chartered Insurance Risk Manager (ACII) of the Chartered Insurance Institute.
All rights reserved. Unauthorised use and/or duplication of this material without express written authorisation from Darren Munday is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Darren Munday with appropriate and specific direction to the original author and content.