21 Risk assessment

The Board of Directors is ultimately responsible for the Group’s governance principles and policies; these include the Group Risk Policy, which establishes both the guiding principles of risk management as well as the overall risk tolerance of the Group.

The Board of Directors generally deals with risk management through two committees:

The Group Executive Committee (Group EC) implements the risk management framework through four sub-committees:

The Group Chief Risk Officer (CRO), who is a member of the Group EC, reports directly to the Group CEO as well as to the Board’s Finance and Risk Committee. The Group CRO is a member of the four Group EC committees, serving as the chairman of both the Group Risk and Capital Committee and the Group Regulatory Committee. In addition, the Group CRO leads the Group’s Risk Management function, which is responsible for risk oversight and control across the Group.

The Group Risk Management function is comprised of central departments providing shared services (such as Risk Reporting), along with dedicated departments for the Reinsurance, Corporate Solutions, and Admin Re® Business Units.

Each of these Business Unit departments has a dedicated Chief Risk Officer who reports directly to the Group CRO, with a secondary reporting line to the respective Business Unit CEO. The Business Unit CROs are responsible for risk oversight in their respective Business Units, establishing the proper risk governance to ensure efficient risk identification, assessment, and control. There are also Regional CROs (Americas, Asia, and EMEA) with reporting duties to the Reinsurance regional management teams. They also provide functional support to the Regional Presidents.

For Swiss Re’s major legal entities, the Business Unit CROs are supported by designated legal entity CROs who are responsible for overseeing specific risk management issues that arise at the legal entity level.

The central departments support both the Group CRO and the Business Unit CROs in discharging their oversight responsibilities. They do so by providing specialised risk category expertise and accumulation control, risk modelling and reporting services, regulatory relations management, and central risk governance framework development. The central departments also oversee Group liquidity and capital adequacy and maintain the Group frameworks for controlling these risks throughout Swiss Re.

While in Reinsurance the setting of the reserves is performed by valuation actuaries working with the Business Management Unit, in Corporate Solutions and Admin Re® actuarial management is an integral part of Risk Management. The monitoring of reserves for the three Business Units is provided by a dedicated Actuarial Control Unit within Risk Management.

Senior managers of Business and corporate Units are responsible for managing operational risks in their areas of activity, based on a centrally coordinated methodology. Their self-assessments are reviewed and challenged by dedicated operational risk managers. Risk management experts also review Swiss Re’s underwriting decision processes.

Risk management activities are also supported by Group Internal Audit and Compliance. The Group Internal Audit department carries out independent, objective assessments of the adequacy and effectiveness of internal control systems. It evaluates the execution of processes within Swiss Re, including those within Risk Management.

The Compliance function is principally responsible for overseeing Swiss Re’s compliance with applicable laws, regulations, rules, and the Code of Conduct, as well as managing compliance risk. It assists the Board of Directors, the Group EC and management in discharging their respective duties to identify, mitigate, and manage compliance risks.