鈥淲e build too many walls and not enough bridges.鈥 鈥 Isaac Newton
In 2013 the Australian life insurance industry reported losses of more than $1 billion on group risk business.
This was mainly from industry fund TPD business provided automatically as part of superannuation benefits. The market is still responding to the underlying causes of this horrific year with significant premium increases, shorter rate guarantee periods and changes in product design. So what should we learn from this and other experiences to try to avoid the mistakes of the past? This article discusses some lessons from this experience that every insurance professional should be aware of.
The first of these lessons is that managing risk effectively requires all areas of the insurer working together and all providing input and having a voice in the risk acceptance process. Next is that there are two fundamentally different types of risk: I鈥檒l call the first of these 鈥渞isk鈥 and the second 鈥渦ncertainty.鈥 (That seems confusing now, but I will explain later in the article.) The last is that data and monitoring need to be improved, which I think we can all agree has definitely been a weakness of the industry.
Yes, this is all about silos! I would rate silos as the number one barrier to good risk management. Insurance is a complex enough business with actuaries, underwriter, claims managers, lawyers and many other insurance professionals all playing different roles without all these people not talking to each other. To truly be able to identify and assess all the risks not only requires the whole organisation to be involved but requires all parts of the organisation to be actively involved with each other to manage these risks.
It is clear that in the past the life industry did not understand all the risks and had overlooked a few critical ones. This was due to the incomplete and inadequate assessment and awareness of risks, particularly economic influences (e.g. sensitivity to unemployment levels), lawyers鈥 involvement, members鈥 lack of awareness of insurance cover, and increasing moral hazard as benefits changed. Good communication between different parts of an organisation goes a long way to addressing this problem.
A specific example from group risk concerns the TPD definition and the different views held by lawyers and some claims managers, and the interpretation of the term 鈥渓ikely.鈥 During our examination into the causes of the poor TPD experience, we found that claims managers had very different interpretations of what 鈥榣ikely鈥 meant, which was different again from the interpretation that courts were placing on it. In response, the industry has now started using more objective words such as 鈥渦nable鈥 or 鈥渋ncapable,鈥 which are less subjective than 鈥渓ikely.鈥
So the lesson is to start building bridges with other functions and outside of your own company. And remember there are many other benefits to breaking down silos, including better decision making, more engaged employees and greater innovation.
If you were being generous you would say that what happened in the group risk market was an 鈥渦nknown unknown.鈥 If you were being less generous you may say that it was a 鈥渒nown unknown.鈥 What is clear is that the risks insurers and reinsurers took were not well understood and were impossible to quantify.
A critical part of the pricing process is to understand what the risks are and conduct analysis of sensitivities and shock scenarios to quantify these, or at least give some sense of their magnitude. In order to do so, it is vital that participants in group risk tenders are given sufficient time to be able to understand these risks. We are seeing evidence of this happening, and insurers and reinsurers are much more willing to request additional time.
Something that we have also learned when it comes to measuring and evaluating the risks is that, due to the nature of these risks, the past is not always a reliable predictor of the future. When considering and quantifying risks, it is important to draw the distinction between what is termed 鈥渞isk鈥 and what is termed 鈥渦ncertainty.鈥
Risk is the likelihood that the future outcome will be different than what is expected due to the variability in well-understood or recognised processes. This is usually well understood by actuaries, is readily quantifiable and sits within an actuary鈥檚 comfort zone. However, we actuaries have possibly been guilty of spending a disproportionate amount of our time worrying about risk and not paying as much attention to uncertainty as we should have.
Uncertainty is the fact that future outcomes aren鈥檛 predictable just by looking at the past and are largely composed of risks that cannot be quantified or foreseen. Uncertainty is the fact that some risks are just not assessable and in fact may not even be known or knowable (e.g. Black Swan events).
As noted above, although risk is important, we sometimes spend more time on analysing risk rather than uncertainty, when it is uncertainty that we should be most concerned about.
For both risk and uncertainty we should be looking for and including extreme events that will stress the business to failure, as these are the events that we should be genuinely concerned about. We should also consider various combinations of events rather than a single event in isolation, as these are often the scenarios that will cause our business real difficulties. If we haven鈥檛 identified what scenarios might lead to failure then our risk management process is incomplete. Once we have identified these, we need to consider these in relation to our risk appetite.
So we need to ask ourselves: Are we now identifying all possible risks? Where will the next TPD crisis come from?
Insurers and reinsurers often have not had adequate data to manage risks properly, and in the past they have not made obtaining data a priority. As the quote above implies, in the absence of good data all we have is the professional judgment of those involved in the decision making. Fortunately, this has begun changing since the Australian Prudential Regulatory Authority (APRA) introduced SPS250 and LPG270, which contain new data requirements and standards for superannuation funds and require certain data to be regularly made available to the insurer to monitor experience.
A key lesson from the recent group experience troubles is that if we had had the right information we may have been able to identify issues earlier. Having poor data also meant that many insurers and reinsurers conducted experience reviews relatively infrequently (e.g. yearly), with the result being that management reporting was poor and of minimal use. Consequently, some issues went unnoticed for up to a year or longer.
This is something that also applies to many areas outside of group risk. Not having adequate data hampers our ability to monitor and manage risks, and it should be addressed.
So while it is important to have good data, it is even more important that once we have good data we actually use it and continue to strive for more.
In summary
How well have we managed risks? The answer is poorly! But what is important now is what we take from the recent group experience. What we have learned is:
- Not working together is a barrier to good risk management.
- We need to take the time to look beyond our familiar list of risks.
- Without good data we are flying high up in the clouds with only the occasional glimpse of what鈥檚 happening on the ground.