Property/casualty insurance company senior executives aren’t the only carrier leaders overwhelmed by multiple demands on their time. Members of P/C insurer boards of directors are similarly challenged, a recent report by PwC reveals.
The report published last month, titled “The role and function of insurance company board of directors’ risk committees,” notes that as directors try to stay current on reports from carrier management teams—many coming as the result of regulatory obligations—they have less time to proactively think about emerging and strategic risks.
Forming a risk committee with a primary focus on risk-related responsibilities is one of the best ways to deal with growing demands, PwC experts advise in the report, which summarizes results of interviews with 13 insurance company directors about the prevalence of risk committees and the responsibilities they take on.
Compiling responses from the 13 board member interviewees, representing 16 insurers (P/C and life insurers operating in the United States and ranking among the top 25 in their sectors), PwC found that only three did not have risk committees on their boards. At least two of the three interviewees who said their companies don’t have risk committees are in the process of creating them, the report says.
Seven of the 13 remaining companies identify their risk committees with the title “risk committee,” while the other six combine risk and other functions like finance, investments or compliance. In addition, respondents at all 16 companies—even the three without risk committees—said that audit committees are also responsible for all or some risks.
The PwC report notes, however, that even though risk committees or audit committees are taking on some of the tasks and duties to assist the full board, directors interviewed were clear to point out that “the full board retains ultimate responsibility for decisions.”
What do the risk committees do?
Even the committees spend little time on blue-sky thinking or free-form discussions about risk, devoting nearly half of their time to reviewing and discussing risk reports provided by insurance company management teams and another 40 percent taking deep dives into particular risk topics.
In addition to hearing that interviewees wanted to spend more time on emerging risks and strategy, the PwC survey found that the typical delegation of responsibilities between the full board and the risk committee was as follows:
- Defining the risk appetite—full board has strong direct role.
- Model risk management and stress testing—high degree of delegation; little direct board involvement.
- Risk management framework and policies; ORSA—mixed responses; full board approval often cited as needed.
- Risk identification, measuring, monitoring—heavy reliance on committees; full boards more involved in identifying emerging risks than measuring or monitoring.
The report also describes current insurance regulatory developments related to corporate governance and interactions between boards and regulators. Here, PwC reports that none of the board members surveyed for its report said they were required to meet with U.S. state regulators—a contrast to jurisdictions outside of the states where interactions between committee or board chairs and regulators were said to be required.
The report suggests that in the United States, the NAIC’s Corporate Governance Annual Disclosure Model Act and Regulations may encourage the trend of adding a risk committee to the board among medium and small insurers that haven’t done so already.
At one point, the report notes that those being interviewed had questions for PwC—about the role of chief risk officers throughout the insurance industry. To answer, PwC dug into a bigger pool of 50 top P/C and life insurers (including the 16 taking part in the survey) and found that 42 of the 50 have a CRO role. Clarifying this, the report notes that these companies—84 percent of the top 50—have an executive whose title includes the phrase “chief risk officer.” An additional seven insurers have a “CRO-like” role but not the title CRO. (These executives more typically have the term “ERM” in their titles.)
Only one unidentified company in the top 50 does not have a CRO or an executive with a similar role.