Operational Resilience and Risk Culture 2020

PRESENTATION: WHAT DO WE MEAN BY RESILIENCE AND HAS OUR DEFINITION OF RESILIENCE CHANGED GIVEN OUR EXPERIENCES WITH COVID-19?

• Has the scope of what we (and external stakeholders) consider to be resilience changed in recent months?
• What impact does a revised definition of resilience have on decision-making and valuations?
• How will firms rebalance priorities as a result?

PANEL: IN LIGHT OF OUR EXPERIENCE WITH COVID 19, WHAT OTHER HIGH IMPACT, LOW PROBABILITY RISKS MIGHT WE BE NEGLECTING, AND HOW CAN/SHOULD OUR EMERGING RISK PROCESSES BE ADAPTED AND IMPROVED TO BETTER MANAGE THEM?

• Identifying potential systemic and extreme cyber risk scenarios
• How do we bolster the emerging risk process so that we are better prepared for the next "unprecedented event"?
• Defining and recognising trigger points
• Using results from the emerging risk process to inform and drive business strategy

Panellist: Michael Hosking, Chief Risk Officer, Faraday Underwriting Limited, Gen Re International P&C

Panellist: Caroline Coombe, Chief Executive, ORIC International

Panellist: Ruth Middleton, Chief Risk Officer, AIG Life UK

PRESENTATION: THE REGULATORS PERSPECTIVE ON LESSONS LEARNED FROM OPERATIONAL RESILIENCE IN PRACTICE

• Issues encountered with the rapid switch to remote working during the Covid-19 pandemic
• Did insurers meet expectations on operational resilience during the crisis?
• Improving operational resilience – what do insurers need to do better in the future?
• How will the Covid-19 experience help shape regulations and guidance on operational resilience?
• How insurers should demonstrate compliance with operational resilience requirements

PANEL: A REVIEW OF CRISIS AND BUSINESS CONTINUITY SCENARIOS

• What gaps were identified?
• How will risk scenarios and stress scenarios with regard to business continuity management change as a result of Covid-19 experience?

Panellist: Claire Weston, Chief Risk Officer, Munich Re UK & Ireland

Panellist: Russel Goldstein, Chief Risk Officer, Darta Saving Life Assurance

INTEGRATION OF BUSINESS CONTINUITY INTO ERM

• Joined up approach to achieving organisational resilience
• Governance and integration of business continuity activities in the overall ERM framework

PANEL DISCUSSION: HOW DO YOU CAPTURE THE EFFICIENCY GAINS AND MANAGE NEW OPERATIONAL RISKS

• What steps will firms be taking to "modernise" the business post crisis
• People used to video conferencing
• Deployment of more technology (electronic signatures, document management, collaboration software)
• Less travel
• Less need to be face to face in the office
• Process efficiency
• Reducing need for office space and financial savings
• Changes the nature of work and hence operational risk profile

Panellist: Simon Spurr, Chief Risk Officer, IGI

PANEL DISCUSSION: MANAGING 3RD PARTY OUTSOURCING RISK

• What did Covid-19 reveal about outsourcing risk?
• How well do we understand our supply chain and our place within it?
• How did the extended supply chain perform in a crisis?
• To what degree have we really considered the operational resilience of our supply chain / outsource providers?
• Onboarding new counterparties – what is the role of the risk team?
• When we transfer operations to an outsource provider do we do in a way that diversifies or concentrates risk (e.g. we move all our back office processing to a single vendor in a given country?)
• Monitoring the effectiveness and performance of 3rd party providers.
• Managing multiple contracts

Panellist: Claudia Meyer, Group Head of Operational and Reputational Risk Management, Allianz SE

Panellist: Jim Ewing, Chief Risk Officer, Aegon UK 

PANEL: AS CYBER THREATS BECOME INCREASINGLY SOPHISTICATED, WHAT DO INSURERS NEED TO DO TO ENHANCE THEIR CYBER RESILIENCE FRAMEWORKS?

• What steps are (re)insurers taking to counter the increasingly sophisticated attacks from hackers and to maintain data security?
• What trends have we experienced in regard to cyber activity during this vulnerable period of extensive remote working?
• How effective and resilient did cyber risk frameworks prove to be?
• What changes do we need to put in place to meet the new risks remote working brings?
• Managing outsourcing and 3rd party service provider cyber risk
• Demonstrating board level visibility and governance of cyber risk
• Determining priorities and risk appetite
• How are regulators stepping up their expectations on cyber resilience?
• What steps can be taken to further strengthen the resilience of the insurance sector against cyber vulnerabilities?
• Industry –wide collaboration: Harmonizing general requirements on governance of cyber security 

Panellist: Christian Dahmen, Chief Risk Officer, Member of the Board of Management, NewRe

PANEL DISCUSSION: THE COVID-19 CRISIS HAS ACCELERATED THE DIGITALIZATION OF THE ECONOMY. HOW DOES THE INSURANCE INDUSTRY NEED TO RAISE IT'S GAME TO MEET THE ADDITIONAL CYBER RISKS AND CHALLENGES THIS BRINGS AND TO OFFER A SOUND CYBER INSURANCE MARKET?

• The role of the cyber insurance market in enabling the transformation to the digital economy – what needs to change for this to happen?
• How well do we actually understand our exposure to cyber perils?
• Informing and determining cyber risk appetite
• Policy wording analysis and clarity of contract.
• Latest developments in understanding non-affirmative cyber exposures and accumulation of risk
• Best practice quantitative approaches to addressing non affirmative cyber exposures
• What further action is needed to address and mitigate silent cyber exposures
• How will EIOPA's strategies for cyber underwriting and SupTech assist in addressing the gaps?
• What might a standardized cyber incident reporting framework and taxonomy look like?