Cognitive Dissonance and the CRO

Chief risk officers need to be able to accommodate two opposing views: the traditional approach, plus some important new tools.

Could F. Scott Fitzgerald have had chief risk officers (CROs) in mind when he wrote, “The test of a first rate intelligence is the ability to hold two opposed views in the mind at the same time and still retain the ability to function”? Probably not. But, based on recent discussions with some leading insurance CROs and my own experience in the industry, there are a surprising number of circumstances where a CRO needs to accommodate two opposing views. Exploring these circumstances can shed some interesting light on how the CRO role has evolved over the last several years and where it may be heading. CROs’ early focus was on the development and implementation of economic capital and a concerted effort to meet enhanced regulatory expectations. It is now more nuanced. Economic capital: A rule that needs to be followed and a model that needs to be questioned The development and utilization of economic capital (EC) is a good starting point to explore the CRO’s cognitive dissonance. Economic capital is a powerful and indispensable concept; arguably the most powerful weapon in the CRO’s arsenal. It allows insurers to quantify many of their most important risks in precise monetary terms that can be translated into precise actions. Like, “add this much to the product price to accommodate its risks” or “buy this asset not that asset because it has a better risk-adjusted return.” For economic capital to do its work, it needs to be a rule that is followed. From its most comprehensive manifestation – the expected level of capital that the insurer should hold – to the tolerances and limits that inform pricing decisions and individual asset transactions, insurers need to build economic capital values into their decision-making fabric. At the same time, the CRO recognizes that the economic capital values are model output. They depend on a lot of assumptions. And the underlying methodology, that risk is best quantified as the upper bound of a high confidence interval such as 99% or 99.5%, is only one of many meaningful options. The CRO should develop insight into how other assumptions and methodologies would affect business decision making. Furthermore, risk managers also need to employ completely different tools, like stress testing. And these could lead to new and conflicting insights that the CRO needs to reconcile with economic capital’s definitive outcomes. The dissonance engendered by economic capital presents a particular challenge for CROs with long experience in insurance ERM. More than any other development, economic capital was the progenitor of enterprise risk management (ERM). Before economic capital, ERM consisted primarily of risk lists and heat maps. Economic capital provided a solid foundation to decision making, particularly related to credit and market risks in the period leading up to and during the last recession. But, as the industry evolves, and credit and market risk taking has stabilized and often declined, new risk and new ways of managing risk need more attention. CROs who grew up with economic capital as the defining feature of their job may need to exert special effort to champion non-EC tools’ decision making potential. See also: Insurance CROs: Shifting to Offense   As Isaiah Berlin noted in "The Fox and the Hedgehog," “A fox knows many things but a hedgehog one important thing.” Considering the importance of EC in the emergence of ERM, it is reasonable to think of the risk function as a very quant-oriented one. Calculating EC is a complex undertaking requiring a high level of mathematical and financial acumen. Certainly it is a great example of “one important thing." However, other, equally important aspects of the CRO role need a much broader vision. In keeping an eye out for emerging sources of risk and new challenges, it would be good to know “many things.” We have noticed that successful operational risk management efforts feature a multifaceted mindset when helping businesses recognize and manage these risks. Contrast this with model risk management where a more singled-minded focus is required. Even within the narrow world of some traditional risk thinking, taking a broader view could yield innovative and profitable outcomes. For example, mortality and longevity risk is almost universally viewed one way: from a retrospective experience perspective, with mortality rates varying by age and gender. Risk values are generated by shocking these rates; upwards for mortality (representing the impact of a pandemic) and downward for longevity (representing significant medical advances in treating deadly diseases). But broader, informed thinking by someone or a group could find an alternative, likely one that looks at underlying fundamentals and uses advanced analytics to develop better and more actionable insight. As ERM continues to develop, both hedgehogs and foxes are necessary. And the CRO needs to be able to effectively communicate with and manage both. Putting a price on priceless information In a business that is all about taking risk, most senior management teams certainly would rank good information about risk as essential to the effective management of their business. To call this information “priceless” would not be an exaggeration. The last recession put great pressure on regulators and, through them, on insurance companies to quickly upgrade their risk capabilities. For many regulators, the cost of achieving these upgrades was much less of a concern than thoroughness and completeness. Both of these forces, business need and regulatory pressure, put significant demands on the risk function. Faced with these demands, it has been fairly easy to put programs and people in place that address acute needs without being unduly constrained by program price. However, the absence of price constraints has obvious negative implications. Any business has limited resources. And, for much of the insurance industry, the trends in customer demands and purchase/service platforms is away from high-margin options. Furthermore, the lack of spending discipline can easily lead to maintaining a status quo that overspends on some areas and ignores others. As priceless as good risk information can be, some is more valuable than others, and some can be produced with the same value but at a lower cost. Implications: Where is ERM heading and how can CROs prepare? The CRO’s role has evolved significantly over the last several years. CROs’ early focus was on the development and implementation of EC and a concerted effort to meet enhanced regulatory expectations. See also: Major Opportunities in Microinsurance   The trend now is more nuanced. CROS are trying to address more qualitative risks and incorporate a business-centric focus. With this in mind, we offer some suggestions:
  1. CROs would do well to take stock of their current ERM program inventory. What are the approximate costs of different programs? Are they meeting objectives and are those objectives still as important as when the programs were initially established? Is there an overlap? For example, does stress testing address only the same risks EC already covers effectively, and if so, would it make sense to deploy resources in a different way?
  2. In taking stock of current benefits, ERM efforts that enhance shareholder value should be receiving high priority. Considerations focused on pricing and new business challenges present a good opportunity to use risk knowledge to add value, not just conserve it.
  3. Lastly, consider if reshaping emphasis across the program portfolio requires some ERM team members to alter their orientation, e.g. behave more like “foxes.” Or, if there’s a need, consider adding new team members with the required skills and mindset.
As ERM continues to develop, both hedgehogs and foxes are necessary.

Henry Essert

Profile picture for user HenryEssert

Henry Essert

Henry Essert serves as managing director at PWC in New York. He spent the bulk of his career working for Marsh & McLennan. He served as the managing director from 1988-2000 and as president and CEO, MMC Enterprise Risk Consulting, from 2000-2003. Essert also has experience working with Ernst & Young, as well as MetLife.


Read More