New survey uncovers insurance industry leaders’ perspectives on potential implications of the imminent Own Risk and Solvency Assessment requirements
A joint study conducted by global consulting firm Protiviti and St. John’s University’s School of Risk Management, Insurance and Actuarial Science found that although insurance companies are generally confident in their existing risk management and control processes, some firms still have work to do as they prepare to file a new regulatory requirement for the U.S. insurance industry, the 2015 Own Risk and Solvency Assessment (ORSA) Summary Reports.
Protiviti and St. John’s University teamed to assess the maturity of U.S. insurance companies’ current risk management policies and practices and their readiness to comply with the fast-approaching ORSA reporting requirement. The results are now available in a report titled, 2015 ORSA Study: The Journey to ORSA Begins.
“Increased consideration for emerging risks, greater transparency and an enhanced focus on education directed towards enterprise risk management at the Board level are only a few of the potential benefits of the ORSA reporting process for U.S. insurance companies,” said Dr. Paul Walker, the James J. Schiro/Zurich Chair in Enterprise Risk Management and Executive Director, Center for Excellence in Enterprise Risk Management, at St. John’s University. “Improvement of ERM processes was one of the National Association of Insurance Commissioners’ key objectives in setting the ORSA requirements.”
“Although insurance organizations are generally confident in their existing risk management and control processes, our survey results indicate that most companies have some work to do, particularly in their scenario stress-testing efforts. In fact, we found 54 percent of respondents claim their management teams are not comfortable that all risk outcomes have been examined in the stress tests the company performs. We think this figure is remarkably high,” said Shawn Seasongood, a managing director in Protiviti’s insurance industry practice. “Failure to enhance and invest in the necessary stress-testing could significantly hinder an organization’s ability to comply with ORSA requirements.” Stress-testing represents one of the key requirements of the ORSA summary report submission.
ORSA-related activities will also affect insurance companies’ IT systems. Nearly half (48 percent) of survey respondents noted that changes will be needed in their systems and data capabilities as a result of ORSA.
More Key Findings of the Protiviti-St. John’s University survey:
- Insurance offerings could change – Fifty-one percent of respondents indicate that the heightened regulatory scrutiny associated with ORSA could affect the nature and types of insurance products sold and the types of customers obtained.
- ORSA will change risk oversight, improve ERM (enterprise risk management) and help with the integration of risk and strategy – The results suggest that half of all insurance companies already recognize the benefits of ORSA in enhancing their ability to manage risk effectively. Among ORSA’s key perceived benefits are:
- identifying and managing emerging, financial and strategic risks
- improving and formalizing the ERM process
- integrating risk management with strategy
- measuring and quantifying operational risk
- enhancing risk oversight from the board and senior management.
- Many organizations need new controls and policies – Sixty percent of respondents believe ORSA creates the need for new risk management policies and internal controls.
- More education and training is needed at the Board and executive levels – New policies and controls will create opportunities for further education and training related to both ORSA and ERM. Respondents also believe that ORSA reporting will improve the risk oversight from the Board of Directors and senior management (69 percent).
According to Protiviti President and CEO, Joseph Tarantino, “Public companies have Sarbanes-Oxley with which to contend, financial services institutions have the Dodd-Frank Act and many other regulations, health care providers have HIPAA and now insurance companies face ORSA. One of the keys to long-term success for the insurance industry is the strength and maturity of each individual organization’s risk management structure and practices.”
About ORSA
U.S.-based insurance companies are required to produce and file their first Own Risk and Solvency Assessment (ORSA) Summary Report beginning in 2015. The filing of this report marks a key milestone of the Solvency Modernization Initiative. This initiative is the endeavor by the National Association of Insurance Commissioners (NAIC) to modernize the regulatory risk management framework used by state insurance departments to regulate the U.S. insurance industry and enhance the capability of insurance companies to weather economic storms similar to those that battered the broader financial services industry and contributed to the recent global financial crisis.
About the Protiviti-St. John’s University Study
The 2015 ORSA Study: The Journey to ORSA Begins examines the sentiments of more than 100 U.S. insurance industry executives, including Chief Risk Officers, Chief Financial Officers and Chief Audit Executives. Respondents included executives and leaders from insurance organizations ranging in size from less than$250 million to more than $3 billion in annual written premiums. The survey was fielded in the U.S. during the third quarter of 2014.
ORSA Study Resources Available: Survey Report, Infographic and Benchmarking Tool The 2015 ORSA Survey Report and an infographic of survey highlights are available for download at www.protiviti.com/ORSA.
Additionally, Protiviti is offering a free online benchmarking tool to enable insurance industry professionals to compare their organization’s readiness to prepare its first ORSA Summary Report with the survey findings. The tool is available at www.protiviti.com/ORSA.
About Protiviti
Protiviti is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit, and has served more than 40 percent of FORTUNE 1000® and FORTUNE Global 500® companies. Protiviti and its independently owned Member Firms serve clients through a network of more than 70 locations in over 20 countries. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index.
About the School of Risk Management, Insurance and Actuarial Science at St. John’s University
The School of Risk Management, Insurance and Actuarial Science (SRM) was founded in 1901 as the Insurance Society of New York and over the years evolved into The College of Insurance (TCI). In June 2001, TCI merged with St. John’s University, becoming a school of The Peter J. Tobin College of Business. From its new location at 101 Astor Place near Midtown South’s business district and the rapidly emerging technology corridor, SRM awards undergraduate, M.B.A., and M.S. degrees in the insurance, risk management and actuarial science disciplines. Through its Center for Professional Education, SRM also provides education, training and consulting services to the industry, governments and regulators worldwide.
Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.
