error
Subscriptions are not available for this site while you are logged into your current account.
close
Skip to main content
Submit RFP

      The responsibilities placed on Insurance Risk leaders are shifting rapidly as organisations respond to new forms of uncertainty, regulatory expectations and strategic pressures. These changes are reshaping both the expectations of the CRO and the capabilities required across the wider Risk function.

      This article sets out five tips for Insurance risk professionals to help think about the future of their roles and the wider Risk function and reflects on some of the changes we have seen in recent years.

      Charles Garthwaite
      Charles Garthwaite

      Director - Senior Adviser, Insurance Risk & Regulation

      KPMG in the UK

      CRO version 1.0

      The time for setting up risk frameworks, undertaking maturity assessments and providing top risk reports is long past. The expectations on the CRO have changed – and never more so than in the insurance sector.

      The insurance business is, fundamentally, about risk management – for customers, clients, businesses. Providing them with reassurance that, if something material goes wrong, we will be there. And for so much of the past 25 years, since the real inception of the role, the CRO has been there to set up the processes and reporting to reassure the Executive and the Board that they will indeed be there for customers (and shareholders) even if things do go wrong in the insurance business. At times the CRO could have been remarkably passive – no longer.

      What are the drivers of change?

      1. For a start, our business environment is much more complex, with greater volatility and, alarmingly, much higher velocity than in the early 2000s.

        a. The interconnectivity of business arrangements means there is far more potential for one of those links in the chain to create problems

        b. The geopolitical and macroeconomic environments are moving faster, more dramatically and with greater immediate global impact - as we have seen repeatedly in the last 18 months.

        c. Technological advances, and the potential for misuse, are moving faster and are much more pervasive

        d. Our climate is changing rapidly and in ways that are not fully understood – creating considerable uncertainty and hazard

      In this broader context, a reactive approach to risk management is simply unacceptable – particularly for businesses that exist to reduce risk for their customers.

      2. The role of the CRO, and the risk function, is now established, recognised and understood. And with that comes a much greater level of expectation from Boards, regulators and others (e.g. ratings agencies) who place reliance on the effective functioning of the role. In addition, there is a greater understanding in broader society of the role of risk management – the language has found its way into much of our day-to-day lives. Society in general has had expectations set – the bar has been raised.
       
      3. And finally, the developing use and sophistication of Artificial Intelligence (AI) applications will change dramatically the way insurance businesses operate and with that, the way risk functions capture, aggregate and analyse data. In a passive, data aggregation and reporting world, AI will be able to do almost all the work.

      What are the implications for the CRO and their team?

      CROs and their team must be, and need to demonstrate, more proactive and forward-thinking support and challenge. In this environment a key risk report is never always “green”; you are very unlikely to be on top of all regulatory issues and requirements; AI will turn the handle and deliver the reporting and analysis you need; and you will not be in a position where there is nothing material that you are concerned about. Furthermore, you need to be actively challenging your Executive colleagues and the Board on major decisions and discussions to make sure that all angles and outcomes are being taken into consideration. “It can’t happen here” as a form of group-think is dangerous – and the CRO’s role is to burst that bubble.

      What this does not mean is the CRO suddenly becomes “disrupter-in-chief” – being thoroughly awkward and whose interventions become the source of dread. But it does mean that the CRO takes nothing for granted; they constantly consider the wider business environment, the business’s own capacity and capability, the business culture and morale, and the stakeholder expectations; they question decisions and ideas from these perspectives to develop a better, more rounded and resilient approach. And to do this they need to have the respect of their peers and the influence (including through their team) to be heard and taken very seriously.

      An iron fist in a velvet glove? Probably more so than has been in the past – and with opinion and challenge supported by much more sophisticated data and analysis.

      What are the five tips to consider for the future of Insurance risk?

      To remain relevant and influential in this environment an insurance CRO must:

      1. Develop rapidly the tools and applications to support automated risk reporting and analysis.
      2. Review the risk function capabilities and what skills you need for the future – data analytics will be important but so will be having leaders who can hold their own in a debate.
      3. Ensure they are aware of the impact of AI, considering both risks and opportunities - on their own roles and on the risk profile of the business.
      4. Be prepared to put their heads above the parapet, questioning where needed, to support better decision-making and greater enterprise resilience.
      5. Get comfortable with being uncomfortable – the CRO role is not, and never was, for the faint-hearted.

      Please don’t hesitate to contact us if you have any questions or comments about this article, or if you would like to discuss how KPMG can help support your Risk function transformation.

      Our advisory insights

      Something went wrong

      Oops!! Something went wrong, please try again