«In order to drive sustainable development forward with conviction, the topic must be anchored and lived in the company. Thus, the integration of climate risks into our strategic risk management is an indispensable cornerstone.»
Our risk management is a uniform, Group-wide, strategic and operative system with the following areas: risk map, risk governance and risk culture, risk measurement, risk processes and strategic risk control.
The sustainable existence of Baloise and thus the goal of our insurance pool to provide a secure future for our customers, employees and investors is safeguarded by Baloise’s risk management. Our internal safeguards include considering natural catastrophes which could impact Baloise business activities as well as information security and IT compliance. External events are integrated in the risk map for various scenarios and the associated risk-minimising measures have been included.
In addition to safeguarding our business activities, our main focus is protecting our customers through the Simply Safe strategic focus. But it’s not just every customer that should feel more secure having Baloise as a partner. By dealing with topics such as environmental risks, cyber security and digitalisation, compliance, globalisation as well as social, ecological and economic megatrends, Baloise risk management contributes toward a secure future for society.
The risk map distinguishes between the following categories of risk to which Baloise is exposed:
- Actuarial risk
- Market risk
- Financial-structure risk
- Business-environment risk
- Operational risk
- Strategic & information risk
The risk map is firmly embedded in the organisational structure and responsibilities of the entire Baloise Group. Each risk is assigned to a risk owner (with overall responsibility) and to a separate risk controller (responsible for risk management and control).
The development and expansion of risk governance and risk culture has a long tradition at Baloise. We are constantly working to enhance this culture across the entire organisation. Designated risk owners and risk controllers dealing with specific risk issues are as much a part of this culture as committees that meet regularly to discuss risks. At the same time, our risk models and processes are continually refined. The internal control system (ICS) and the compliance function are further major planks of this strategy.
The most senior decision-making body in Baloise’s risk organisation is the Board of Directors of Baloise Holding Ltd, while ultimate responsibility for risk control lies with the Board of Directors’ Audit and Risk Committee. The Chief Risk Officer for the Baloise Group reports regularly to both of these bodies and is partly personally responsible for risk-related issues.
The Board of Directors is empowered to determine the risk strategy, which is derived from Baloise’s business strategy and objectives and addresses issues around the Company’s risk appetite and risk tolerance.
The Group Risk Committee and the local risk committees in each business unit – which comprise members of the Corporate Executive Committee and of the local senior management teams respectively – decide how the risk strategy is developed and designed and how the pertinent policies are implemented in day-to-day business. Bodies specially set up to examine specific risk areas such as asset/liability management, compliance, IT risk and the use of reserves also compile submissions for the committees to facilitate their decision-making on these issues. The Group Risk Management team works closely with the local risk experts to complete the picture. This inclusive risk organisation approach provides us with a platform for sharing and constantly refining best practice.
Group Risk Management is responsible for
- developing consistent, mandatory risk models for the entire Baloise Group,
- monitoring Group-wide standards,
- reporting risks,
- complying with risk processes and procedures, and
- communicating with external partners such as auditors, corporate supervisory bodies and credit rating agencies.
The business units are responsible for local implementation of the standards and requirements specified by the Baloise Group. Overall responsibility lies with the Baloise Group’s Chief Financial Officer, followed by its Chief Risk Officer.
Our risk model standardises the process of quantifying our business risks and financial market risks across all strategic business units. It is consistent with the principles and calculation methods applied by the Swiss Solvency Test and with the European Union’s Solvency II directives. As a ground-breaking risk management tool, it provides a firm foundation on which management can make strategic and operational decisions.
The economic risk capital derived from Baloise’s models is currently the most advanced market standard. To this end, risk measurement metrics alone are used to calculate a target capital figure – irrespective of any financial accounting treatment or regulatory capital requirements under Solvency I – to ensure that the Company remains solvent even in adverse circumstances and can meet its obligations to policyholders at all times. We constantly compare this target capital figure with the capital currently available (the “actual” capital).
In addition to this holistic risk model we use the risk map to identify, describe and evaluate specific risks in terms of their likely impact on our operating profit or loss. Our corporate database of specific risks – which contains a detailed description of the risks concerned, their classification on the risk map, and early-warning indicators – is generated from this standardised process. We use quantitative methods to supplement this description by measuring these risks’ probable financial impact on the Company’s balance sheet. Each risk is documented together with the measures needed to mitigate it. The database is updated every six months.
This combination of a holistic risk model with analysis of specific risks ensures that Baloise maintains an adequate overview of the prevailing risk situation at all times.
Our internal risk model, which uses standard methods to quantify all our business risks and financial market risks, forms the basis for strategic discussions about Baloise’s risk appetite. The capital requirements derived from this model constitute minimum requirements for our “actual” capital.
This process provides a 360-degree view of our key strategic risks and how they are managed. Our strategic risk management offers the clear prospect of penetrating new business lines and optimising the risk/return profile of our existing business.
Profit targets for individual business units that factor in their specific risk situation are a major aspect of this risk management system. These targets form part of the overall objectives agreed with local management teams.