How Does Strategic Risk Management Relate to Insurance in 2021?

The insurance industry has been uniquely impacted by the ongoing COVID-19 pandemic. In times of economic stress, insurers play a critical role in helping businesses and households manage risks and buffer against shocks and losses. Yet, with a pandemic-related trend of rising claims and decreasing profits across areas of the sector, many insurers have found themselves in a precarious position of balancing financial risk and reputational risk while harboring major concerns over economic weakness, reduction in workforce productivity, and decrease in consumer confidence. Now, more than ever, strategic risk management is critical for business survival. 

Though some insurers may feel pressure to hold off on pursuing certain strategic projects or expansion plans in the beginning of 2021, now is not the time to be overly conservative. A recent report by Standard & Poor’s reveals that stress testing conducted since the pandemic’s onset found North America’s insurance market to be the most resilient region globally:  

S&P Global Ratings expect most COVID-19-related losses (business interruption, event cancellation, etc.) to be picked up by reinsurers, so primary insurers’ technical performance is unlikely to deteriorate materially.

- S&P Global Ratings, Top Risks For The Global Insurance Industry, November 2020. 

The same report also notes the impact of COVID-19 on global insurance markets will be felt largely through asset risks, especially capital markets volatility, and weaker premium growth prospects. 

As such, now is a critical time to invest in initiatives that will help your organization address its strategic risks and deliver value to the business, both in the short-term and the long-term. In this article, we will explore three impactful initiatives that support insurers’ ability to efficiently and effectively manage key risks in the new year. These initiatives are:

  1. Building efficiency into your enterprise risk management (ERM) practices
  2. Investing in technology initiatives.  
  3. Ramping up your information security compliance program.

Build Efficiency Into Your ERM Practices

Your key risks today may be different than originally forecasted at the start of 2020, especially as the insurance industry has undergone disruption in recent years that have brought new risks to the forefront of insurers’ priorities. Some examples of emerging risks facing the property and casualty sectors include: 

  • Material exposure to natural perils, especially hurricanes, tornadoes, and wildfires (which have become more prevalent in recent years).
  • The U.S. legal system is especially litigious - resulting in unpredictable claims settlements and related reserve volatility. 
  • Suppressed investment performance due to low interest rates and volatile equity markets.

Meanwhile, changes in market needs highlight the importance of reassessing business models and being open to differentiating and expanding product offerings in order to stay relevant. For example, according to a recent EY life insurance study, the overall trend in the life insurance market is moving toward favoring policies with greater flexibility for customers and insurers alike. Another example is the untapped potential of the cyber insurance market. According to a recent S&P Global Ratings cyber risk report, cyber insurance is poised to become one of the key growth areas for insurance in the next decade for most developed global markets, with predicted increases of 20%-30% per year on average in the near future. 

With so much change percolating in the industry, it is essential to have a mature and efficient enterprise risk management program in place that helps your organization effectively identify and accurately target your key risks. Focus now on building efficiency into your ERM program in 2021 through the following activities: 

  • Engage the C-Suite and Board in discussions about incorporating risk management into strategy setting and driving a healthy risk culture through tone-setting at the top. 
  • Focus on unifying risk management activities across siloed business groups, including internal audit, risk management, and compliance functions.
  • Invest in an enterprise risk management solution that can centralize your risks and controls in one single source of truth, promote collaboration among stakeholders, and reduce redundancies in risk management activities (discussed further in the next section).

Most importantly, understanding how to use risk assessments and business impact analyses to drive innovation and make forward-thinking decisions is key. Doing so can lead to benefits that will multiply well beyond 2021, including cost savings and gaining an advantage over competitors who are not thinking as strategically. 

Invest in Technology Initiatives

For organizations this has meant re-thinking digitalization strategies and doubling-down on information technology (IT) spending, cloud capacity, and infrastructure to boost bandwidth, ensure business continuity, and retain customers.

- S&P Global Ratings, How COVID-19 Has Changed Insurance, 2020. 

One unforeseen positive outcome of the mass shift to remote working has been the necessary digital transformation that has taken place in response to extended quarantines. According to recent KPMG insights, the pandemic has set the insurance industry on the fast-track to technology adoption. More and more insurers are shifting department operations — such as internal audit and SOX management, risk management, and compliance activities — to cloud-based technology platforms that, in addition to enabling business continuity and remote collaboration, are creating efficiencies by automating and streamlining what were once manual business processes. The long-term effect of adopting enterprise technology solutions will be creating a foundation for efficiency across business functions that will continue benefiting your insurance organization beyond the duration of the pandemic.

Consider prioritizing an investment in a cloud-based ERM solution that can help your organization centralize its risk management activities. Pandemic challenges aside, managing risk across a large organization is incredibly complex and involves countless moving parts. Trying to keep pace in a volatile risk environment, while keeping all stakeholders up to speed, can become a perilous feat without the right technology stack. The right ERM solution can help insurers maximize collaborative efforts between internal audit, risk management, and compliance groups by centralizing all risk management activities in one place. Seek out ERM solutions that clearly demonstrate the ability to:

  • Facilitate collaboration between different risk management stakeholders.
  • Drive user adoption through more intuitive user interfaces. 
  • Integrate risk activities to create greater alignment between audit, risk, and compliance groups and improve decision making.
  • Integrate with existing audit and control activities, saving time and eliminating duplicate records.

Ramp Up Your Information Security Compliance Program

One downside to the rapid digital transformation of the business landscape has been increased systemic vulnerabilities to cyber attacks. Even prior to the pandemic, cyber risk was considered one of the biggest threats to modern organizations. Now, if insurers are to be a part of the solution to growing cyber risk, as suggested by recent analysis, then insurers themselves must set the example of having strong infosecurity compliance practices. 

Now is the time to invest heavily in cybersecurity and privacy management initiatives, including ramping up your compliance program through adopting best practice information security frameworks. To go one step further, set a goal to obtain certifications for frameworks that are highly regarded by your industry, e.g. ISO, NIST, PCI DSS, and SOC 2 (if you have not already done so). Obtaining a certificate of compliance with any of these frameworks is one of the most impactful ways to protect your business’s data and network infrastructure — and the data and privacy of clients and partners — in addition to helping drive revenue

Managing your cyber controls and compliance program in a solution that fits your organization’s needs can be a cost-effective and efficient way to streamline your path to certification, while simultaneously reducing the challenges and risks of managing compliance frameworks using spreadsheets, email, and shared drives.

Conclusion: Insurance Risk Management Presents an Essential Opportunity

In short, a volatile risk environment in 2021 presents an essential opportunity for insurers to push strategic initiatives that will set them up for success this year and beyond. Forward-thinking insurance organizations will rise to the occasion to restrategize and innovate — putting them at a significant advantage over companies who do not.  


Learn how AuditBoard's integrated suite of easy-to-use software (audit management software, SOX compliance software, risk management software, audit workflow software, and compliance management software) can empower your team.