Organisation of risk management

Key risk management bodies and responsibilities


Group Board of Directors

Responsible for the Group’s governance principles and policies, acting through the Finance and Risk Committee, the Investment Committee and the Audit Committee









Group Executive Committee


Group CRO


Central Risk


Group Internal Audit

Develops and implements the risk management framework, sets and monitors risk capacity limits; some responsibilities are delegated to the Group CRO and major legal entities.


Principal independent risk controller; leads the Risk Management function, represents it within the Group Executive Committee, and reports to the Board’s Finance and Risk Committee as well as to the Group CEO.


Management units Oversight of financial market and credit risk as well as liquidity risk; provide shared risk management expertise such as risk modelling, risk governance, political risks, sustainability and emerging risk; provide strategic control services such as operational and regulatory risk management.


Performs independent, objective assessments of adequacy and effectiveness of internal control systems.








Legal entity management


Legal entity CROs





Responsible for managing underwriting decisions and operational risks in their area.


Responsible for risk oversight and establishing risk governance in their respective legal entities; supported by functional, regional and subsidiary CROs as well as dedicated risk teams.


Oversees compliance with applicable laws and Code of Conduct and manages compliance risks.








The Group Board of Directors (Group Board, the Board) is ultimately responsible for Swiss Re’s overall risk governance principles and policies. It defines basic risk management principles and the risk appetite framework, including the Group’s risk appetite and risk tolerance; in addition, it approves the Group’s risk strategy. The Group Board mainly performs risk oversight and governance through three committees:

  • Finance and Risk Committee − defines the Group Risk Policy, reviews risk capacity limits, monitors adherence to risk tolerance, and reviews top risk issues and exposures.
  • Investment Committee − reviews the financial risk analysis methodology and valuation related to each asset class, and ensures that the relevant management processes and controlling mechanisms are in place.
  • Audit Committee − oversees internal controls and compliance procedures.

The Group Executive Committee is responsible for developing and implementing Swiss Re’s Group-wide risk management framework. It also sets and monitors risk capacity limits, oversees the Economic Value Management framework (see EVM performance), determines product policy and underwriting standards, and manages regulatory interactions and legal obligations. The Group Executive Committee has delegated various risk management responsibilities to the Group Chief Risk Officer (Group CRO) as well as to certain legal entity CROs, in particular the CROs of the legal entities SRZ, SRCS and SRLC.

The Group CRO is appointed as the principal independent risk controller of Swiss Re. He is a member of the Group Executive Committee and reports directly to the Group CEO as well as to the Board’s Finance and Risk Committee. The Group CRO also advises the Group Executive Committee, the Chairman or the respective Group Board Committees, in particular the Finance and Risk Committee, on significant matters arising in his area of responsibility.

The Group CRO leads the independent Risk Management function, which is responsible for risk oversight and control across Swiss Re. It thus forms an integral part of Swiss Re’s business model and risk management framework. The Risk Management function comprises dedicated risk teams for legal entities and regions, as well as central teams that provide specialised risk expertise and oversight.

While the Risk Management organisation is closely aligned to Swiss Re’s business structure, in order to ensure effective risk oversight, all embedded teams and CROs remain part of the Group Risk Management function under the Group CRO, thus ensuring their independence as well as a consistent Group-wide approach to overseeing and controlling risks.

Legal entity risk teams are led by dedicated CROs who report directly or indirectly to their top-level entity CRO, with a secondary reporting line to their respective legal entity CEO. These legal entity CROs are responsible for risk oversight in their respective entities, as well as for establishing the proper risk governance to ensure efficient risk identification, assessment and control. They are supported by functional, regional and subsidiary CROs who are responsible for overseeing risk management issues that arise at regional or subsidiary level.

The central risk teams oversee Group liquidity and capital adequacy and maintain the Group frameworks for controlling these risks throughout Swiss Re. They also support CROs at Group and legal entity level in discharging their oversight responsibilities. They do so by providing services, such as:

  • Financial risk management
  • Specialised risk category expertise and accumulation control
  • Risk modelling and analytics
  • Regulatory relations management
  • Maintaining the central risk governance framework

Risk Management is also in charge of actuarial reserving and monitoring of reserve holdings for SRCS and SRLC as well as their subsidiaries, while for SRZ and its subsidiaries the setting of the reserves is performed by valuation actuaries within the P&C and L&H Business Management units.

Risk management activities are complemented by Swiss Re’s Group Internal Audit and Compliance units:

  • Group Internal Audit performs independent, objective assessments of the adequacy and effectiveness of internal control systems. It evaluates the execution of processes within Swiss Re, including those within Risk Management.
  • The Compliance function oversees Swiss Re’s compliance with applicable laws, regulations, rules, and the Code of Conduct. It also assists the Group Board, Group Executive Committee and other management bodies in identifying, mitigating and managing compliance risks.