Record Detail Back
Enterprise Risk Management (ERM) Practice as applied to Health Insurers, Self-Insured Plans, and Health Finance Professionals
- Share to:
Executive Summary
Enterprise risk management (ERM) is an evolving field. It has been implemented to
various degrees at financial services firms such as banks and insurers as well as at
companies that focus on manufacturing and services. While having an ERM process is
not a guarantee of success, a solid risk culture and well-communicated process can
provide a competitive advantage that helps firms make better decisions. This research
project was undertaken to determine the current state of ERM at health insurance firms.
Included in the report are a literature search and review of pertinent material, results
from a survey of selected practitioners, a review of current and best ERM practices, and
recommendations for future research projects and other related activities.
In late 2008 health insurance risks that had previously been considered unrelated, proved
to be, in fact, strongly correlated. . Markets blew up, with balance sheet assets
pummeled by liquidity, interest rate, and credit risks. At some publicly traded
companies, stock prices dropped upwards of 50%. Furthermore, many of the companies
that health insurers provided coverage for through insurance or servicing self funded
plans significantly reduced staff, which, in turn, decreased the number of covered lives
and shaved insurer profit margins. As these risks impacted health insurers at the same
time, those with an ERM process in place that recognized the possible occurrence of a
combination of emerging risks were better able to anticipate them and respond in a
flexible manner.
Risk management has been practiced since the formation of the health insurance
industry. The key risks tend to be unique to the industry and, as a result, risk managers at
these organizations have tended to focus on issues related to pricing, operations, and
strategy. Those who responded to the survey issued in conjunction with this project
indicated that in many cases there are few actuaries participating in ERM
implementation. However, some health actuaries hold the Chief Risk Officer title and
over 30 have earned the CERA (Chartered Enterprise Risk Analyst) designation.
Financial services firms have always been subject to what have become known as Black
Swans - events that rarely occur, yet have material impact to an entity. As an example,
American International Group (AIG) required a federal bailout to avoid bankruptcy due
to its credit default swap positions during the recent financial crisis. In addition to credit
risk, regulatory risk and risk culture came into play in this situation. In another instance,
Enron combined an aggressive risk culture with aggressive reporting to build product
lines that were not based on economic fundamentals and eventually led to the company’s
demise.
Historically across all sectors, there has been little consistent implementation of either
combinations of these fundamental risks, emerging risks, or other risks which had been
dealt with using conservative policies in the past. Although some health insurers are
moving to this approach now, according to survey respondents few have shown the
©2009 Society of Actuaries, All Rights Reserved Page 5 Rudolph Financial Consulting, LLC
desire or ability to optimize the risk-return relationship across all risks. The survey, and
follow-up discussions, showed that company culture has not allowed full program
implementation. Truly best practice ERM merges results into incentive compensation.
To date, according to respondents in the survey described in this report, that is not
happening. This situation may change as existing ERM programs mature and fully
implemented programs demonstrate success relative to their peers. While larger health
insurers are creating a Chief Risk Officer position, many are adding the role and title to
the responsibilities of current executives.
ERM has a place at all companies, and health insurers are no exception. With risks
encompassing regulation, pricing, operations, strategy and assets, along with the
interaction between risks and potential emerging risks, there is no lack of activity. No
one profession can claim ownership of the ERM space. The need for general risk
management knowledge, along with specific industry knowledge for a given company,
makes it impossible to design an educational program that does it all. An effective ERM
specialist will likely have a general background regarding risk along with specific
expertise tied to the company’s primary risks. Actuaries have a broad set of skills that
make it appropriate for them to take a seat at the ERM table and be considered to head
the team. Few others have exposure to assets, liabilities, pricing, underwriting and
strategic planning. Especially if a company is optimizing the risk/return relationship
versus undertaking a perfunctory checklist exercise of basic operational risks, the
actuarial skill set can help a company meet its goals.
Considering that relatively few health insurers have implemented an ERM process, best
practices at those exceptions that have done so are quite good. Risks at a few firms have
been catalogued and attempts made to consider interactions and marginal impacts of
decisions. Risk culture and board interaction remain an issue even at best practice
companies, as is the case with firms in other industries. It remains challenging to have
the message heard. An enterprise risk management (ERM) process is an iterative
dynamic. The field is evolving as new issues and solutions arise. The recent financial
crisis taught many practitioners that an overreliance on quantitative solutions can be
problematic. Emerging risks such as global warming and technological advancements
are hard to anticipate but cause a need for rapid adjustments. Many emerging risks have
implications for health insurers. Some could reduce costs, such as a preventive vaccine
for cancer. Others are expected to increase costs, such as an influenza pandemic. Many
health insurers are performing the bare minimum ERM duties as they respond to rating
agency requests and prioritize the multitude of tasks required in today’s complex
industry. ERM as practiced by rating agencies continues to evolve, but it clearly is an
area to watch going forward as the recent financial crisis has focused rating agency
interest on this topic. Communication to external stakeholders must also be improved.
Each firm’s culture will drive the level of commitment to ERM.
The primary findings of this research project are
1. Health insurers are still getting their hands around what enterprise risk
management is. According to survey participants, they practice solid silo risk
©2009 Society of Actuaries, All Rights Reserved Page 6 Rudolph Financial Consulting, LLC
management but often struggle to implement risk interactions and discuss how
risk analysis can be used to make better decisions. Their responses indicate that
this is sometimes driven by poorly written but well meaning governmental
regulations.
2. Best practice enterprise risk management is a process, evolving iteratively, rather
than a one time project. Health companies are at various stages on this
continuum. Practices range from doing nothing beyond solid silo risk
management to fully implemented plans that collect data used to make decisions.
Few have a fully functioning risk culture that allows challenges of ideas coming
from the top of the organizational structure. Better practices are often driven by
company size. Larger firms have more resources and other processes are more
likely to be relatively sophisticated (e.g., a company with extensive systems
capabilities is more likely to practice strong ERM).
3. Most health insurers that have implemented best practice ERM have done so
internally with minimal external help.
4. Consultants, in general, are not encouraging health insurers to develop and
implement an ERM process. This seems to be based on a typical health
practitioner’s basic skill set which is strongly focused on pricing and financial
reporting. While a few consultant respondents shared how ERM has added value
for their clients, most did not understand the concept and how it could improve
the results of their clients.
A recommendation for future work includes a series of articles in Health Watch
discussing ERM as it applies to practitioners in the health insurance field. One such
article has already been written. In terms of future efforts, research that explores
correlations between risks, quantification of regulatory risk, and asset-liability
management projects to better facilitate assets backing health liabilities and surplus
would be valuable.
Max J. Rudolph, FSA CERA CFA RHU MAAA - Personal Name
NONE
Management
English
1-72
LOADING LIST...
LOADING LIST...