Financial Reporting Council - documenting 'principal risks' in Strategic Reports

I had recently spotted that the UK's Financial Reporting Council had issued draft guidance on the compilation of the Strategic Report for listed entities. This segment of a company's Annual Report and Accounts (currently called the 'Business Review') has been a rather ubiquitous and clunky affair regardless of industry, delivering little information to prospective and existing shareholders about how the company's risk profile, appetite, preferences etc. are catered for when executing its strategy.

Strategic reporting for UK companies 
- elimination of flannel?

Insurers have been prominent in efforts to improve this, though driven more by the need to pacify the FSA/PRA than by Parliament - see "risk appetite" break out from its box in  Aviva's AR&A between 2007 and 2012 for example - but the fact that a substantial piece of statutory reporting generally in the hands of executive management can potentially stray from the lexicon and structure of their increasingly professionalised Control Functions (and for banks and insurers, potentially their Internal Models), is clearly one that warrants some focus.

The Strategic Report will be compulsory content for Annual Reports and Accounts from October (Companies Act 2006 414C). The FRC's (non-mandatory) guidance regarding the incorporation of risk-related material into this section is to address the requirement on p2 that the Strategic Report;

...should include a description of the principal risks and uncertainties facing the company

The FRC's specific definition of Principal Risk is found on p35 of the draft guidance as;

A risk or combination of risks that can seriously affect the performance, future prospects or reputation of the entity. These should include those risks that affect the viability of an entity.

The draft guidance (p23) aims to tack on a few definitional aspects of how "risks and uncertainties" are reported in the context of strategy, most pointedly;

• [The risks] should be limited to those considered by the entity’s management to be the most important to the future development, performance or position of the entity. They will generally be matters that the directors regularly monitor and discuss because of their likelihood, the magnitude of their potential effect on the entity, or a combination of the two
• Principal risks or uncertainties with potential effects of such a magnitude that they may threaten the entity’s viability (ie its solvency and/or liquidity) should be explained fully and given due prominence
• Directors should consider the full range of business risks including commercial, operational and financial risks
• The descriptions...should be 
  sufficiently specific that a shareholder can understand why they are important to the 
  entity. This might include a description of the likelihood of the risk, an indication of when 
  the risk might be most relevant to the entity and its possible effects. Significant changes...

  such as a change in likelihood or possible effect, or the inclusion of new 

  risks, should be highlighted and explained. An explanation of how the principal risks and 
  uncertainties are managed or mitigated should also be included.
• 
  

  Where the risk or uncertainty is more generic, the description should make 

  clear how it might affect the entity specifically.

Prudential provide a good example here (from p72) of how this is currently done by an insurer - the fact that it is buried in 75 pages of 'Business Review' underlines why the streamlining of this work has become of statutory interest!

Interestingly, the FRC note that definition for "principal risks" has been developed/derived from previous FRC work, supplemented by work from the Sharman Inquiry - all of that therefore feels well divorced from anything produced by the IRM/Actuarial Profession/EIOPA around risk categorisation, and leads to the same bridging work I have been involved in previously; namely, reconciling how one manages and monitors risk within the business against what one reports externally. Might we have expected to see some kind of compulsory categorisation of "principal risks" in here that favours the financial services industry who arguably carry the largest set? 

Much of the other compulsory material in the Strategic Report (with exemptions) touches on other topical or sensitive matters such as;

• Inclusion of key performance indicators in the report ("...where possible, they should be accepted and widely used")
• Information on environmental matters, staff and social/community/human rights issues
• Information on gender splits at Board, Senior Management and All-company level

I may throw some feedback in to the FRC on this paper- comments welcome until late November. Externally, the main change for insurers will be trimming down some of the fluff and flannel already produced in the space. Internally, aligning the concept of "principal risks" with existing ERM programme/Internal Model lexicon may be a bigger job for anyone operating on a shoestring.

The Actuary magazine - QIS5, ERM, Risk Language and Land Grabbing

Busy day today, so apologies if you are not a fan of volume!

I went through a few articles in June edition of The Actuary magazine - as I had blogged earlier, there seems to be a Solvency II land grab exercise anticipated in which the Risk Management profession would lose out to their Actuarial counterparts, so it is good so see where the common ground is.

There are four articles this month which I strongly advise you give a once-over; my take on these was;

Risk Management - Defining Risk Language -  From premise to execution, there is almost nothing I can fault about this article, and I implore you to read it. I hasten to add that I had seen this (or an extract from it) on InsuranceERM, but this is gratis"! My highlights were;

• Ease at which the drill-down from key risks to sub-categories causes confusion in existing categories (project risk held up as a prime example)
• Their tie-in of "risk occurrence" impacting on "economic value", and using that to tie their premise in to impact on Embedded Value or prospective management actions.
• Illustrating the exact damage each of their categories could do to the different elements of the Embedded Value
• Their busting out of Liquidity, Strategy and Frictional risk, and the reasoning for it
• Their explicit inclusion of Diversification and Aggregation risk - I had blogged on how this area may get the 5 star treatment in Ireland, and seemingly, the actuaries behind this paper also acknowledge how the suite of assumptions made in a correlation matrix hold a risk in themselves
• Acknowledgement of the weaknesses in the scope - just for the benefit of actuaries, and only used 4 bodies to show differences in terminology.

A great effort, and worth 10 minutes of anyone's time.

ERM Strategy - Plan of Action - Stake in the ground for how the Actuarial profession can be properly harnessed for ERM, with the following of note;

• Call to arms for actuaries to make a name for themselves in ERM's "exciting and growing area"
• "Analytical skills, judgement and clear communication" attributes of actuaries positively highlighted
• Nice section on modelling Operational risks, including using the Delphi process ("incorporating expert judgement within risk modelling")

You can see why the Risk Profession may be feeling increasingly uncomfortable!


Solvency II QIS 5: The end of the beginning - Direct from the FSA QIS5 lead, he draws attention to a number of aspects which overstate the change in UK plc's capital under Solvency II (£62bn surplus down to £35bn);

• Change is measured against Solvency I, not the ICAS regime
• Surplus is based on Standard Formula, and UK is largest Internal Model market
• QIS5 takes no account of management actions which can easily and fairly be applied
• Transitionals (not that they are guaranteed) could have a massive impact on UK, with the prevalence of annuity providers - A nice example is included

He also notes 600 questions were fielded by the FSA resource - at £15m p.a for the model-specific industry levy, that is a pricey call centre! 

ERM - The Evolution of ERM - Cross references some Towers Watson Global ERM Surveys for 2008 and 2010, and good for general trends and benchmarking on Risk Appetite and ERM satisfaction.