Accenture Global Risk Management Study 2011 - talking points

A rather lavish piece of research from Accenture on developments in using risk as a source of competitive advantage was pushed out yesterday - All industry version here, with Insurance-specific report here.

Solvency II doesn't really feature in the global study (which covered just under 400 risk execs), but some aggregate trends are worth noting (observations against their 2009 survey);

• Increased likelihood of execuitve-level oversight of the risk function
• Increased concern about coverage of the spectrum of risk (types and severity coverage)
• Almost half of respondents had "reducing costs" as one of their main challenges in next 2 years
• Vast majority have either a CRO or an executive with Risk responsibility
• Majority of medium term spend seems to be focused towards data and technological improvements
• 40% have responded that regulatory risk will be "significantly increasing" in next 2 years
• Integration of risk measure capture and use across busienss areas particularly poor (most categories of risk were under 50% rated as "highly integrated across business units".
• Some lareg gaps between the importance of the risk function's objectives against their achievement (worryingly large on the matter of ensuring sustainability of future profitability)

For Insurance-specific, I noted the following (around 50-odd companies by my count);

• 80% of respondentshave ERM program in place or in planning
• Top risk executive reports to CEO in almost 90% of respondents (a truly horrifying statistic, and the highest of all industries) 
• 81% of Life company respondents felt regulatory pressure is creating an increasing gap to achieving compliance
• 54% have a CRO who owns responsibility for Risk in their organisations (surely a massive no-no under Solvency II)
• Integration of Finance and Risk and improving reporting capabilities on risk-adjusted performance management are the highest Life company priorities for improving capabilities.
• To achieve "Risk Mastery", a rather anodyne list of enhancements are depicted - invest in analytic tools, integrate risk and finance, improve approaches to fraud and financial crime and leverage compliance initiatives (such as Solvency II I guess, though I wouldn't call it a compliance initiative!)

They create a sub-category of "Risk Masters", whose risk management capabilities are assumed to be superior to the crowd - these are the component parts of "risk mastery";

1. Creation of shareholder value from Risk Management
2. Risk Management involved in key decision making process
3. Improved sophiostication of measurement, monitoring and analysis
4. Going beyond a compliance mindset
5. Integration of risk management capabilities across business units and structures
6. Establishment of a "c-suite" role for Risk
7. Infusion of "|risk awareness" across the organisational culture
8. Investment in continuous improvement

Risk masters (around 40 of the respondents qualified) either have or are in the process of establishing ERM programs, and tend to use their Risk function outputs to achieve quantifiable business objectives considerably more than the pack. They also had significantly higher scores for having "highly integrated" risk measure capture and usage across business units (including using these measures in their decision making process), and the majority participate in most areas of the strategic decision making process.

Interestingly, almost 90% of Risk Masters said that they are active in influencing risk regulation in their relevant industry - Solvency II anyone?