Select Page

Follow me for updates

Follow me to get a notification when I publish valuable articles and posts like this.

I share Thought Leadership on Enterprise Risk Management, Digital Transformation and my own Entrepreneurial journey.

Show your support with a like, comment and SHARE!

When you share, please tag me in the description so I can send you a thank you!


Rating agencies are increasingly recognising correlations between Enterprise Risk Management (ERM) strength and company performance. Many have introduced several iterations of ERM rating criteria, that will no doubt continue to evolve.

Whilst there might be a willingness to relax capital requirements when a firm demonstrates strong ERM and capital modelling capabilities, the insurers that will benefit the most will be those companies that use ERM as a strategic tool to inform risk-based decisions.

Some practical examples

To improve the S&P rating from ‘Strong to Very Strong’ the firm needs to achieve a positive score for all five sub-factors and the Economic Capital Model (ECM) should be assessed as either ‘Good’ or ‘Superior’ under the criteria.

(1) Risk management culture

A key criteria is for ERM to be well-entrenched in the business.

The challenge is moving from a Risk Strategy that comprises a list of high-level principles and actions, to one that is aligned with the industry’s Key Success Factors.

In moving from the former to the latter, the role of the CRO is to ensure the firm executes the right strategy. By mapping the current Business Strategy #5 – The Entrepreneurial CRO: An integrated approach to risk, capital management and strategy, or expressing your Business Plan through Strategic Narrative #22 – The Entrepreneurial CRO: Aligning Enterprise Risk Management and Business Planning, the CRO can identify the specific levers they can influence to promote innovation and create a competitive advantage.

(2) Risk control processes

A key criteria is for leading-edge/new technologies to be integrated and applied consistently and all material risks to be identified and exposures monitored.

One approach is to use multiple metrics that allow adaption to the changing environment. There are many examples of how emerging technologies can be integrated into the risk function to facilitate idea generation, work-flow automation etc. #20 – The Entrepreneurial CRO: How can the risk function harness the power of technology.

(3) Emerging risk management

A key criteria is the identification and monitoring of emerging risks, analysing their significance and preparing for and/or potentially mitigating them.

To meet this requirement requires moving from a list of emerging risks, or an Emerging Risk profile, to a Strategic Management Framework that comprises Horizon Scanning, Hypothesis Development and Trigger Analysis #9 – The Entrepreneurial CRO: Strategic and Emerging Risks

The output is a more comprehensive and useful Scenario Planning tool, that incorporates a short narrative plotted against two continuums that ‘tell a story’ about plausible outcomes.

(4) Risk models

A key criteria is that risk models capture all material risks and interrelations in the aggregation of exposures.

Whilst these can be addressed through the use of correlation matrices, choice of distribution curve and correlation coefficient, the process needs to be supported by robust validation completed under strict model governance.

Key challenges include; sensitivity analysis of coefficients to determine overall diversification benefit, parametrisation and the fungibility of capital (particularly at times of stress).

Model limitations must be understood and compensated for, and model results used extensively in the decision-making process.

(5) Strategic Risk Management

A key criteria is for optimised risk-adjusted return to significantly influence Strategic Planning decisions at an enterprise level. This may include the use of ECM results for portfolio optimisation, or comparison of different Strategic Options using various risk-adjusted return metrics.

The output is use of the ECM in making business decisions and the impact on an insurers performance and capital requirements. This could for example be achieved by:

  • Deploying capacity from a number of different capital sources (for example, from Trade Partners, Insurance-Linked Securities, Reinsurers, Shareholders)
  • Reducing volatility in business performance by adopting a portfolio of Business Models (Product, Solutions, Matching Making or Multisided Models Business Model Zoo)

Final comment

As the pressure on CROs to deliver tangible business outcomes intensifies, increasing your ERM rating score offers one possible solution.

The challenge is keep it simple as the interplay between Risk, ECM and Business Strategy can become complicated, very quickly. One way through this complexity is to use frameworks that help simplify and bring meaning.

If your focus is to increase revenue streams and the number of profitable customers, understanding your value vectors (price, product or relationship) and how you can make better use of customer data will be key.

Reciproco provides knowledge integration across risk, solvency and strategy, including digital transformation, leading complex and unique projects in regulated sectors. Helping senior executives and management teams focus on strategic challenges to create a competitive advantage.

Darren Munday is the founder and Managing Director of Reciproco. An experienced executive with over 20 years’ global experience with multinational companies, including Chief Risk Officer reporting to the Board.

Darren is an Honorary Visiting Fellow of the Digital Leadership Research Centre, Cass Business School where he also holds an Executive MBA.  Darren is a Certified Fellow of the Institute of Risk Management (CFIRM) and Chartered Insurance Risk Manager (ACII) of the Chartered Insurance Institute.

All rights reserved. Unauthorised use and/or duplication of this material without express written authorisation from Darren Munday is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Darren Munday with appropriate and specific direction to the original author and content.