2 minute read
Risk Management
Introduction
Effective risk management is fundamental to the long-term success and sustainability of the Society. Inherent in the Society’s business model, is the assessment and transfer of risk and therefore prudent risk management is key to ensuring strategic objectives can be delivered in a controlled, responsible and sustainable manner. Effective risk management is also a key contributor in delivering good outcomes for members.
Risk Appetite
The Society’s risk appetite defines the level of risk the Society is prepared to accept, taking into consideration our strategic objectives and business change initiatives.
The Society’s risk appetite is agreed by the Board and sets the type and levels of risk the Society is willing to accept. These qualitative statements are underpinned by quantitative measures aligned to our principal risks and key risk types. These risks are linked to the centralised risk register, are continuously monitored, and reported to the Board and Risk and Investment Committee.
Risk Management Framework
Through the Society’s Risk Management Framework, risks are identified, assessed, monitored, and managed which support the Society in driving a strong and proactive risk management culture. The Risk Management Framework is underpinned by risk management policies that have been approved by the Society’s Board.
Key Risks
There are 3 key risks inherent to our business model:
Insurance Risks:
These risks include the assessment of risk being transferred from the member in relation to the premiums paid, assumed claims and policy tenure. This includes morbidity (sickness), mortality (life expectancy) and persistency (lapsing of policies).
Operational And Business Risks:
These include the risk of losses directly or indirectly, resulting from inadequate or failed processes, or systems, such as models and forecasts, human error, or external events such as changes in the regulatory environment. This also includes risks associated with third parties, achieving our strategic objectives and conduct risk.
Financial Risks:
These include deviations from expected returns, or defaults arising from investments due to market fluctuations and the risk of the asset issuer, reinsurer or distribution partner not being able to make payments when they fall due. This also includes liquidity risk and associated risks that could impact the Society’s financial position.
Risk Governance
The Society operates a three lines of defence model which ensures accountability, oversight, and transparency in risk management. The Board delegates oversight of risk to the Risk and Investment Committee.
The first line of defence is comprised of the operational areas such as Claims, Underwriting and Member Services and support functions such as Finance, IT and HR.
The first line, led by the Chief Executive and supported by the senior management team is responsible for the day to day running of the Society, identifying and managing risks and ensuring their processes and controls remain effective.
The second line of defence is made up of Risk and Compliance. These functions are led by the Chief Risk Officer and ensure the first line are appropriately managing risk and conforming with legislative and regulatory requirements. Risk and Compliance also provide oversight through policies, frameworks, tools, and techniques and are responsible for advice, oversight, and challenge.
The third line of defence provides objective and independent assurance to the Board ensuring the first and second lines of defence are effectively managing risk. The outsourced Internal Audit function reviews and reports on systems of risk management and internal controls to the Audit and Compliance Committee.
