Transformation of the Risk Landscape

Insurers of all sizes need to take note of changes in the risk landscape and continuously improve their ERM practices.


There is little doubt that the risk landscape has changed in the past few years. Natural catastrophes are increasing in number and severity, low probability risks are coming to fruition, higher probability risks (such as cyber) are looming larger and new risks are emerging. Here are some of the ways insurers can address the changing risk landscape.

From single-event scenarios to multiple-simultaneous-event scenarios

It has been common for insurers to test their solvency by creating several scenarios and estimating what each would do to capital levels. Typically, each scenario tested one variable at a time; for example, what would a 1-in-250-year event or an-XX basis point interest rate drop do to capital strength in a given year? However, as the risk landscape intensifies, single variable scenarios are no longer sufficient.

More robust and multi-event scenarios need to become the norm if the potential risk to capital is to be evaluated effectively. For example, what would the result be if 1-in-250-year event happened while equities plunged 35% in value? Or what would the effect be if two 1-in-250-year events occurred at the same time inflation rose by 40%? What would happen if three 1-in-150-year events happened in the same year? The macro-economic environment constantly changes, and individual company conditions are unique, so scenarios need to be tailored and updated as appropriate.

From virtually ignoring low probable risks to paying more attention to low probability risks 

Scoring risks is done on the basis of both their potential impact (dollar impact to profits, revenues, expenses) and their probability of occurring (high medium, low). Other things may come into play, too, such as how imminent the risks are (one year away, three years away, more than three years away). This kind of scoring makes it possible for companies to decide which risks should get the most focus and resources in an effort to mitigate their impact. The problem has been that the impact of low probability risks is hard to quantify and is often underestimated. Additionally, the very fact that their likelihood is not high means these risks tend to be taken less seriously than perhaps they should be.

The current pandemic — with all its ripple effects — has shown that low probability/high impact risks can and do happen. Some insurers realized the loss potential if a virus became widespread and incorporated virus exclusions in various policies. This has served them well, because those with such exclusions are better protected against claims for coverage that was never intended. 

Some low probability/high impact risks emanate from the broader environment and some come from a particular company’s business model or operations. In either case, the risks need to be properly vetted and commensurate mitigation plans need to be implemented. 

From focusing on current risks to focusing on both current and emerging risk

That there are so many current risks insurers must attend to leads to emerging risks not being identified or being pushed to the back burner.  Even though emerging risks can be hard to identify and assess and may not seem imminent, they should not be marginalized. Given the speed of change, these risks can emerge as full-blown risks sooner than might be anticipated. Significant ones can quickly cause serious consequences.  

Any insurer ignoring emerging risk identification and mitigation is opening itself up to potential loss or impairment that could have been minimized or avoided. Some emerging risk categories are: AI; cyber; environmental, social and governance (ESG) developments; and new energy sources.

See also: Building an Effective Risk Culture

From reality to perception 

Insurers’ perception of themselves can be quite different from the way they are perceived by stakeholders outside the industry. And it is the external perception that forms the basis of an insurers’ reputation. Any one insurer may have a better or worse reputation than the universe of insurers, but all are affected to some extent by the umbrella perception.  

Some of these negative aspects of insurers’ reputations stem from many retail buyers not always understanding the insurance mechanism and from thinking insurers make greater profits than they actually do. Some retail buyers would rather not buy insurance at all but are forced to by laws or lenders. Commercial buyers can find insurers slow, cumbersome and not very transparent.

In reality, insurers tend to be ethical in honoring their contractual obligations and are price competitive while also trying to improve processes and customer experience. This is largely true because insurers are heavily regulated, have publicly available ratings by rating agencies and exist in a competitive marketplace.   

Despite this reality, a poor reputation contributes to low customer loyalty, fraudulent claims, extra scrutiny by third parties and other risks or threats.  Now, insurers face more reputational risk than ever before as things like example, the legitimate, but unfortunate, denial of COVID-19 related business interruption claims has dented insurer reputations. How this will play out in the long run is unknown.

What this means in terms of insurers’ enterprise risk management (ERM) is that, when they look at their reputational risk picture, they need to assess the risks to their reputation from the outside in. They need to see how they appear in the eyes of customers, regulators and the community at large. Improvement can take the form of improved communication starting with clearer policy language but can move well beyond that to more frequent communication with customers, greater transparency and more responsible advertising.

All in all, insurers of all sizes need to take note of changes in the risk landscape and must continuously improve their ERM practices.

Donna Galer

Profile picture for user DonnaGaler

Donna Galer

Donna Galer is a consultant, author and lecturer. 

She has written three books on ERM: Enterprise Risk Management – Straight To The Point, Enterprise Risk Management – Straight To The Value and Enterprise Risk Management – Straight Talk For Nonprofits, with co-author Al Decker. She is an active contributor to the Insurance Thought Leadership website and other industry publications. In addition, she has given presentations at RIMS, CPCU, PCI (now APCIA) and university events.

Currently, she is an independent consultant on ERM, ESG and strategic planning. She was recently a senior adviser at Hanover Stone Solutions. She served as the chairwoman of the Spencer Educational Foundation from 2006-2010. From 1989 to 2006, she was with Zurich Insurance Group, where she held many positions both in the U.S. and in Switzerland, including: EVP corporate development, global head of investor relations, EVP compliance and governance and regional manager for North America. Her last position at Zurich was executive vice president and chief administrative officer for Zurich’s world-wide general insurance business ($36 Billion GWP), with responsibility for strategic planning and other areas. She began her insurance career at Crum & Forster Insurance.  

She has served on numerous industry and academic boards. Among these are: NC State’s Poole School of Business’ Enterprise Risk Management’s Advisory Board, Illinois State University’s Katie School of Insurance, Spencer Educational Foundation. She won “The Editor’s Choice Award” from the Society of Financial Examiners in 2017 for her co-written articles on KRIs/KPIs and related subjects. She was named among the “Top 100 Insurance Women” by Business Insurance in 2000.


Read More