Management of other significant risks
The Group has implemented an internal control system to mitigate operational risks through three lines of control. This system assigns primary responsibility for identifying and managing operational risks to individual risk takers (first line of control), with independent oversight and control by the Risk Management and Compliance functions (second line of control) as well as Group Internal Audit (third line of control). Members of the Group Executive Committee are required to certify the effectiveness of the internal control system for their area of responsibility on a quarterly basis.
Operational risk is inherent within Swiss Re’s business processes. As the company does not receive an explicit financial return for such risks, the approach to managing operational risk differs from the approach applied to other risk categories. The purpose of Operational Risk Management is not to eliminate risks but rather to identify and cost-effectively mitigate operational risks that approach or exceed Swiss Re’s tolerance.
Risk Management is responsible for monitoring and controlling operational risks based on a centrally coordinated methodology. This includes a pre-defined taxonomy that is used for identifying, classifying and reporting operational risks, as well as a matrix in which risks are assessed according to their estimated probability and impact. Risks are assessed for their residual economic, financial reporting, reputational and compliance impact, taking into account existing mitigation and controls.
The matrix is also used to assess residual exposures against Swiss Re’s tolerance limits for operational risk. This limit represents the level of operational risk that the Board of Directors and Executive Management teams are willing to accept. Material risks that exceed or are approaching risk tolerance are reported to Executive Management and Boards of Directors at Group and legal entity level. In addition, mitigation strategies are required for all risks that are outside of operational risk limits in order to bring them within tolerance.
Cyber risk and information security are a key focus of Swiss Re’s operational risk controls. The Group performs an annual cyber risk assessment to determine the current maturity of controls; this is based on internationally recognised standards defined by the Information Security Forum. The results of the assessment are shared with senior management and integrated into Swiss Re’s Group-wide cybersecurity programme. This programme focuses on five key areas: security culture, critical information, technology defence, incident response and supplier governance.
Operational events and issues are recorded and managed in a central Operational Risk Management system in order to address the identified problems and avoid the recurrence of similar events. The results are reviewed by the company’s CRO and reported to the Executive Management team and Board.
Overall responsibility for managing strategic risk lies with the Board, which establishes Swiss Re’s overall strategy. The Boards of legal entities are responsible for the strategic risk inherent in their specific strategy development and execution. Strategic risks are addressed by examining multi-year scenarios, considering the related risks, as well as monitoring the implementation of the chosen strategy year by year in terms of the annual business plan.
As part of their independent oversight role, Risk Management, Compliance and Group Internal Audit are responsible for controlling the risk-taking arising from the implementation of the strategy.
Regulatory developments and related risks that may affect Swiss Re and its subsidiaries are identified, assessed and monitored as part of regular oversight activities. Swiss Re is actively engaged in a dialogue with regulators to improve mutual understanding of the implications of new regulatory proposals. Periodic reports and recommendations on regulatory issues are provided to Executive Management and the Board at Group and legal entity level.
The regulatory environment of the insurance industry continues to evolve on the regional, national and international level. While some regulatory changes create new business opportunities, others come with significant costs and business restrictions. Growing regulatory complexity, increased national protectionism and a fragile global economy are persistent themes affecting regulation and the way Swiss Re operates worldwide.
Regulatory efforts are becoming increasingly forward-looking, aimed at a broad range of emerging risks, both actual and perceived. If new regulation is not based on clearly understood risks, the resulting requirements may create an excessive burden for both insurers and policyholders. It remains a key priority for Swiss Re to highlight the negative impacts of market entry restrictions or impediments to global diversification towards regulators. At the same time, we mitigate such risks by seeking solutions that reduce the negative impact on Swiss Re and its clients.
Several regulators in Europe and Asia have developed specific expectations of how climate risks should be managed and are translating these expectations into concrete regulations. New climate-related regulations are expected, even in jurisdictions that have thus far been hesitant to act. Swiss Re supports such measures but will continue to advocate for a harmonised and gradual implementation of the requirements recommended by the Financial Stability Board Task Force for Climate Disclosure in order to avoid regulatory fragmentation and ensure that requirements are appropriate.
Swiss Re consistently advocates for the removal or reduction of market access barriers, so that policyholders, governments, taxpayers and national economies can fully benefit from international diversification and therefore reliable, quality and affordable risk cover.
Political developments can threaten Swiss Re’s operating model but also open up opportunities for developing the business. The Group adopts a holistic view of political risk and analyses developments in individual markets and jurisdictions, as well as cross-border issues such as war, terrorism, energy-related issues and international trade controls.
A dedicated Political Risk team identifies, assesses and monitors political developments world-wide. Swiss Re’s political risk experts exercise oversight and control functions for named political risks, such as in the political risk insurance business; this includes monitoring political risk exposures, providing recommendations on particular transaction referrals and risk reporting. In addition, the Political Risk team provides specific country ratings that cover political, economic and security-related country risks; these ratings complement sovereign credit ratings and are used to support risk control activities and inform underwriting or other decision-making processes throughout the Group.
Swiss Re seeks to identify and assess the impact of political risk on its business. The Group raises awareness of political risk within the insurance industry and the broader public, and actively engages in dialogue with clients, the media and other stakeholders. The Group also builds relationships that expand the company’s access to information and intelligence, and allow Swiss Re to further enhance our methodologies and standards. For example, Swiss Re participates in specialist events hosted by institutions such as industry and risk management associations, and maintains relationships with political risk specialists in other industries, think tanks and universities, as well as with governmental and non-governmental organisations.
The UK has left the EU and the future trade relationship between the UK and EU remains unclear. Swiss Re operates in the UK through the UK branches of Swiss Re’s Luxembourg entities and some UK-domiciled entities. Swiss Re is actively engaging with the relevant UK and EEA regulators to mitigate any impacts on Swiss Re’s businesses or ability to service clients and customers from the negotiations on the new trade relationship between the UK and EU.
Swiss Re uses models throughout its business processes and operations, in particular to price insurance products, value financial assets and liabilities, assess reserves and portfolio cash flows, and estimate risk and capital requirements. Model owners have primary responsibility for model-related risks and are required to adhere to a robust tool development process, including testing, peer review, documentation and sign-off. A similar process also applies to model maintenance.
Swiss Re’s model governance is based on Group-wide standards for model assurance. These standards seek to ensure that each material model has a clear scope, is based on sound mathematical and scientific concepts, has been implemented correctly and produces appropriate results given the stated purpose. Furthermore, the calibration of model parameters (and the data on which calibration relies) must be trustworthy, while expert judgments are required to be sensible, documented and evidenced.
Analytical or financial models that are used for costing, valuation and risk capital calculations are governed by Swiss Re’s Model and Tool Assurance Framework. This requires the appropriateness of models to be assessed in an independent end-to-end validation process that includes specification, algorithms, calibration, implementation, results and testing. Material models used for costing, valuation of reserves and assets, as well as Swiss Re’s internal risk model, are validated by dedicated teams within Risk Management. These teams provide independent assurance that the framework has been adhered to, and also conduct independent validations. Swiss Re’s risk model is also subject to regulatory scrutiny.
Model-related incidents are captured within Swiss Re’s operational risk framework. In addition, material model developments, incidents and risks are reported in regular risk updates to Executive Management and the Board at Group and legal entity level.
Swiss Re works closely with industry peers to develop and share best practices for assessing and managing model-related risks. In this context, Swiss Re is actively participating in a CRO Forum working group that provides a platform for such exchanges and is working on frameworks for model risk.
Financial valuation risk is managed by internal and external portfolio managers, who ensure that valuations remain in line with the market. In addition, Swiss Re has a second line function within Financial Risk Management that independently assess valuations and valuation techniques; this team performs independent price verification for financial risk positions to confirm that valuations are reasonable and ensure there are no material misstatements of fair value in Swiss Re’s financial reports. The results of the independent price verification process are reviewed by the Asset Valuation Committee. Summary results are regularly reported to Executive Management and the Board at Group and legal entity level. In addition, Swiss Re’s external auditor conducts quarterly reviews as well as a comprehensive year-end audit of controls, methodology and results.
Reserve valuation risk is managed by Swiss Re’s Actuarial Control function, with dedicated teams for property and casualty, and for life and health valuations. These teams ensure that Swiss Re’s reserve setting process uses an appropriate governance framework, including defined accountabilities and decision-making processes for risk takers (as the first line of control) as well as for Actuarial Control. The framework ensures that there is independent assurance on the data, assumptions, models and processes used for valuation purposes; for all property and casualty business and selected life and health portfolios, it also includes an independent valuation of coverage provided to ensure that reserves are within an adequate range. Regular deep-dive investigations are performed into selected portfolios in order to review the appropriateness of both the reserves and the applied reserving approach.
Swiss Re’s continued business success depends on the successful management of sustainability risks, thus helping to maintain the trust of its stakeholders. The Group has a long-standing commitment to sustainable business practices, active corporate citizenship, as well as good, transparent governance. All employees are required to commit to and comply with Swiss Re’s values and sustainability policies.
Potential sustainability risks are mitigated through clear corporate values, active dialogue and engagement with affected external stakeholders, and robust internal controls. These include a Group-wide Sustainability Risk Framework to identify and address sustainability risks across Swiss Re’s business activities. The framework comprises sustainability-related policies − with pre-defined exclusions, underwriting criteria and quality standards − as well as a central due diligence process for related transactional risks.
Sustainability risks are monitored and managed by dedicated experts in Swiss Re’s Group Sustainability Risk team, which is also responsible for maintaining the Sustainability Risk Framework. In addition, this unit supports Swiss Re’s management and business strategy through tailored risk assessments and risk portfolio reviews. It fosters risk awareness through internal training, and facilitates development of innovative solutions to address sustainability issues. Finally, it represents and advocates Swiss Re’s position on selected sustainability risk topics to external stakeholders.
Swiss Re is a founding signatory to the UN Principles for Sustainable Insurance (UN PSI) and is currently a board member of this initiative. The UN PSI provide a global framework for managing environmental, social and governance challenges. Swiss Re has been actively contributing to the initiative for several years, co-chaired it from 2013 to 2015 and publicly reports progress against the principles in its annual Sustainability Report; the 2019 edition has been published together with the 2019 Financial Report.
Swiss Re is developing a carbon footprinting methodology, in collaboration with peers, as a basis for carbon risk steering that will help to guide the Group’s business towards a low-carbon world and support Swiss Re’s clients in their transition. At the UN Climate Action Summit in September 2019, Swiss Re was one of 87 companies to sign the “Business Ambition for 1.5°C”. The pledge is a logical further step in leading the way towards a low carbon future.
Reflecting the Group’s strong overall commitment to sustainability, Swiss Re continued to be included in leading sustainability indexes and rankings such as FTSE4Good, Euronext Vigeo World 120, Ethibel Excellence Global, oekom Prime Investment and the Dow Jones Sustainability Index. For more information on Swiss Re’s sustainability practices, see the 2019 Sustainability Report.
Anticipating possible developments in the risk landscape is a central element of Enterprise Risk Management. Swiss Re promotes pre-emptive thinking on risk in all areas of the business in order to reduce uncertainty and diminish the volatility of the Group’s results, while also identifying new business opportunities and raising awareness for emerging risks.
For this purpose, Swiss Re’s risk identification processes are supported by a systematic framework that identifies, assesses and monitors emerging risks and opportunities across all areas of Swiss Re’s risk landscape. This framework combines a bottom-up approach driven by employee input with central and regional experts on emerging risk. The resulting information is complemented with insights from external organisations such as think tanks, academic networks and international organisations, as well as from interaction with clients.
Findings are reported to management and internal stakeholders, including a prioritised overview of newly identified emerging risks and an estimate of their potential impact on Swiss Re’s business. Swiss Re also publishes an annual emerging risk report (Swiss Re SONAR) to raise awareness within the Group and across the industry, and initiate a risk dialogue with key external stakeholders.
To further advance risk awareness across the industry and beyond, Swiss Re maintains regular exchanges on emerging risks with its clients and continues to participate actively in strategic risk initiatives such as the CRO Forum’s Emerging Risk Initiative and the International Risk Governance Council.