What are the risk management challenges facing insurers today? According to our 2019 Global Risk Management Study, the 227 insurance risk leaders we surveyed grapple with evolving regulations, cyber threats and InsurTech (insurance technology). Many of these are not explicitly new—but are taking on a new urgency in today’s climate of fast-paced change.
Insurers also face a unique threat: Changing customer expectations alongside fundamental consumer shifts in some of the markets they serve, such as automotive.
Let’s take a closer look at what troubles today’s insurance risk leaders:
The regulatory challenge
For insurance risk managers surveyed, ever-changing regulations are the most troublesome risk concern they face. Requirements around data privacy and data protection are increasingly strict, particularly when it comes to the General Data Protection Regulation (GDPR) in Europe, combined with similar requirements around the world. Penalties for failing to meet requirements can be significant.
The regulatory threat is intertwined with other top concerns. A data privacy breach can not only mean hefty fines for failing to meet requirements, but also reputational damage and business disruption.
Worsening cyber threat
Cyber attacks are second on insurance risk managers’ list of worries. But why have these attacks worsened?
Insurance providers are exposed on more fronts as they rely more on new technologies such as the Internet of Things (IoT) and work more with InsurTechs. Meanwhile, cyber attackers have become more sophisticated in finding entry points. Finally, the threat of cyber attack has become intertwined with other risks, such as regulatory risks. A data breach can mean a GDPR regulatory failure, and the consequences begin to snowball.
Insurers say they are unprepared for these interconnected risks:
A new set of concerns
Opening the door to all-new risks are technology-based solutions provided by InsurTechs. While insurers know InsurTech solutions can pose new threats, they aren’t quite sure how.
Insurers that are adopting new technology have concerns on several fronts. How effective is artificial intelligence (AI) and machine learning for various activities, such as validating pricing or assessing claims? What are the potential business impacts? Less than 10 percent of surveyed risk managers feel fully capable of assessing the risks of AI, robotic process automation, machine learning or blockchain.
Customers are changing
Customer expectations are changing—sometimes dramatically—and this ranks as insurance risk leaders’ fourth biggest concern. Consider the many shifts in customer preferences:
These new expectations bring not only business challenges, but new threats. And only 10 percent of surveyed insurance risk managers feel highly confident in managing threats that stem from changing customer expectations.
LIBOR can’t be ignored
While insurers aren’t reporting dramatic concern over LIBOR, they likely should take a closer look. A first step might be identifying and quantifying the business’s exposure to specific LIBOR risks.
Next, risk leaders may want to build a framework for managing the risks that could arise from the transition, including how they impact operational and portfolio risk. A poorly timed and executed transition strategy could leave insurers exposed to significant operational risk.
Conduct risk is another factor: Insurance risk managers should protect clients and markets from possible abuse or mis-selling resulting from the LIBOR transition.
Establishing a sphere of control
For insurance risk managers, managing today’s complex, fast-changing risk environment begins by answering one question: What matters most? In an interconnected, volatile risk climate, insurance risk managers won’t be able to fend off every threat, so they should emphasize preparation and planning—not prediction. This is how they manage their sphere of control.
See the full report to learn more about next steps for insurance risk managers.