APR was engaged by an Insurtech firm who were operating as a managing agent but in the process of applying for an insurance licence. As a managing agent, the client already had FCA authorisation and all of the risk policies and compliance processes required to get that approval.
Becoming an insurance company meant that the client needed a substantial expansion of their risk function. The client was in the process of recruiting a CRO, which meant that APR was engaged at a point when many risk decisions were still to be made.
APR’s task was to draft an Own Risk and Solvency Assessment (ORSA), but starting with a blank sheet of paper, there were a few other objectives to fulfil:
- Educate and get buy-in from management about the overall risk management framework, the myriad risk activities and the structure of the ORSA.
- Build a model and perform scenario analysis in order to demonstrate how the key risk exposures evolve as the insurance company grows over the first few years.
- Write a document in a style that aligns with the Client’s fresh, dynamic corporate culture.
The main output from this project was a concise 50-page ORSA, but as with most activities associated with the Risk function, the real value is added by going through the process. By gathering data, performing analysis, having regular discussions and workshops, the project led to many valuable insights and benefit, including:
- A wider appreciation for how risk management permeates an insurance company, from the pricing of risks in the insurance product, to the controls used to mitigate the risk of errors in every low level process.
- A structured risk management framework that helped management understand how each of the various activities achieve their individual aims and complement one another.
- An understanding of the key drivers of the capital requirements and an insight into how the choice of target demographic can have a significant impact on the risk profile.
- Insight into the optimal structure and level of reinsurance.
- An understanding of the various risk process and the implications on systems design and resourcing.