Hostname: page-component-78c5997874-ndw9j Total loading time: 0 Render date: 2024-11-05T21:21:23.937Z Has data issue: false hasContentIssue false

Risk and Regulation – a broader view on their consistency

Published online by Cambridge University Press:  22 August 2013

Zhigang Xie*
Affiliation:
School of Finance, Shanghai University of Finance and Economics, China
*
*Correspondence to: Dr Zhigang Xie, Professor, Insurance & Actuarial Studies, School of Finance, Shanghai University of Finance & Economics, 100 Wudong Road, Shanghai 200433, China. E-mail: [email protected]
Rights & Permissions [Opens in a new window]

Abstract

Type
Guest Editorial
Copyright
Copyright © Institute and Faculty of Actuaries 2013 

The global trend of reforming insurance regulation and supervision regimes has provided actuarial professionals with great opportunities to expand their work fields and contribute their expertise to societies. Following on from the EU Solvency II project that started in 2001, other markets have been also embarking on similar routines of reviewing, evaluating and improving their existing systems. Typical examples include the Solvency Modernization Initiative (SMI) of the United States (2008), the “RBC II Review” of Singapore (2012), and the China Risk-oriented Solvency System (C-ROSS, 2013) etc. It is a common agreement that the above and other similar efforts are consistent to the core principles and the framework of insurance regulation and supervision proposed by the International Association of Insurance Supervisors (IAIS), see the framework paper (2005) of IAIS, which is influenced by and developed parallel to that of Basel II in the banking industry.

As an actuarial academic and being interested in this area, I was involved in several study projects of building a solvency supervision system in China during the last decade. For instance in 2005, I was the only local member participating in the EU-China Financial Services Co-operation Project (EuropeAid/112901/C/SV/CN), Solvency Assessment Standards and Regulation Regimes, led by Dr. Helmut Müller. Mentioning this, I actually want to state my personal judgment on the current global efforts of reforming insurance and solvency supervisory regimes, and then to share with readers some of my studies and points of view on relevant issues of the topic.

1 Judgment

All the efforts mentioned above are based on three fundamental concepts: solvency, risk and uncertainty. But none of these 3 concepts are clearly defined, nor their logical relations. As a consequence, actuaries and other professionals seem to work on a huge construction project without concrete building components.

The first concept of solvency is usually described as the insurer's capability of meeting financial obligations. As it is only a description rather than a scientific definition, the term of solvency supervision is used either with a narrower meaning of supervising the insurer's financial condition, or with a broader meaning of supervising all the risks having an impact on the insurer's financial condition. We can see this difference clearly if we compare what the term solvency means in EU Solvency I/0 and in EU Solvency II. The latter has the same meaning of the European new regime of insurance regulation and supervision, while the former is a pure financial concept.

The second concept of risk is core in the field of insurance and finance. It is also the foundation and the reason to have an actuarial profession in our society. However, it is right to say either that there is no generally agreed definition or to say that there are too many definitions of the concept of risk. The most classical definitions are given by the International Organization for Standardization (ISO, IEC Guide 73: Risk Management – vocabulary) in the years 2002 and 2009 respectively. I quote them below:

Version 2002: the combination of the probability of an event and its consequences.

Version 2009: effect of uncertainty on objectives.

After reviewing various existing definitions of risk, we summarize their 3 common characteristics as follows:

  1. 1) The definitions of risk depend on the definition of uncertainty, as it is in ISO version 2009 and in others.

  2. 2) The definitions are either not referring to a certain principal or risk owner, or not referring to a risk owner's decision objectives. The definition of version 2009 of ISO is an improvement on the previous one because it implicitly mentions risk principal and its objectives.

  3. 3) The definitions are static, and emphasizing on (negative) consequences or effect of risk, such as that in ISO version 2002.

The first characteristic is quite common in various definitions of risk, and it implies that we have to define term uncertainty first before defining risk. As to the second and third characteristics, we may understand them better through a brief analysis of the relationship between solvency and risk.

If we regard an insurer as a natural person and regard the insurer's solvency as his health condition, then the risks facing the insurer may be regarded as potential diseases he may catch. The insurer may catch various diseases, some have appeared in society and been registered before (known diseases) and some may not yet appear (unknown diseases). Every type of potential disease, either known or unknown, will have a negative impact on the insurer's health condition. To design a control mechanism for the insurer's health condition from an external or regulatory perspective, we may let the insurer inject specific vaccine or antibiotics for each type of registered potential disease, or to prepare a certain amount of money for possible treatment costs.

There is no doubt that this approach is neither reasonable nor fair for the insurer. But in a sense it is what the effort of insurance regime follows.

A more reasonable and practical way is to investigate the potential diseases further, particularly to study and to identify the driving causes of catching each type of disease, whether the causes are internal or external, direct or indirect. Aiming towards this, we have to refine the concept of risk, and then the concept of uncertainty, as well as to clarify their mutual relations.

2 New Definitions of Risk and Uncertainty

By reviewing various existing definitions of risk and using the basic framework of the decision making theory of Savage (Reference Savage1954), we provide an alternative definition below which defines risk as a dynamic cause-effect process and regards uncertainty as to its extrinsic driving cause.

Risk, referring to a principal or decision maker and referring to the principal's decision objectives, is a Cause-Effect Process which consists of 3 key elements: 1) external cause; 2) internal cause; and 3) combined effect. In form, risk can be denoted by

$$Risk\, = \,{\rm{(}}External\,cause;\,Internal\,cause;\,Combined\,effect)$$

Where the external cause of a risk is called uncertainty or uncertain states, which is a set of natural states that the principal or decision maker does not know in advance or is not able to control.

The internal cause of a risk is a set of alternatives or actions that the principal or decision maker can choose or can control. As shown in Figure 1, the principal or decision maker can choose or make decisions at three stages: 1) setting up expected decision objectives; 2) making decision strategies for achieving expected objectives; and 3) implementing the strategies.

Figure 1 Cause-effect mechanism of risk

Because the external cause or uncertainty has impact on the risk principal at each of the decision making and implementation stages, and because there exists time lapses between different stages, and meanwhile the uncertainty keeps changing, the final decision consequences may deviate from the principal's initial expectation. With the notations used in Figure 1, the potential deviation is measured and defined as combined effect, which may be denoted by

$${ Combined\,effect\, = \,decision\,consequences\, \odot \,corresponding\,possibilities \cr & = \,\mathop{\sum}{f(|xi\,{\rm{ - }}\,oi|,\,pi)} \cr}$$

It is notable that the combined effect, as one of 3 components consisting of a risk, is exactly the definition of risk in the 2002 version of ISO.

It is also notable that the definition of uncertainty, included in that of risk, is initially given by Savage (Reference Savage1954). But we further clarify those uncertain states into two cases: what has already happened but the decision maker has not been aware of it, and what has not happened but the decision maker cannot control or can do nothing about it. In the words of Donald Henry Rumsfeld (2002), the uncertainty in our definition has the same meaning as the term of unknowns which consists of known unknowns and unknown unknowns. (Note: readers may google the background story of this.)

3 Possible applications

With our new definitions of risk and uncertainty, and particularly our clarification of their mutual relations, we can directly achieve a series of application consequences, both on theoretical and practical senses.

3.1 Risk measurement

A risk is measurable or quantifiable if the combined effect, both the deviation between decision consequences and objectives and the corresponding probabilities, is measurable or quantifiable. Otherwise, that risk is non-measurable or qualitative.

We classify the problem of risk measurement into two types:

The first type of risk measurement: referring to a specific decision maker and his decision objectives, we are to measure the riskiness of each decision alternative. Most existing risk measures belong to this type.

The second type of risk measurement: referring to a specific set of decision consequences and the same decision objective from a certain decision problem, we are to measure different decision makers’ attitudes on these consequences. Examples of this type of risk measurement include Pratt (Reference Pratt1964) and Arrow (Reference Arrow1965).

This classification helps to understand the meaning of quantitative risk and qualitative risk.

3.2 Risk classification

The way of dividing external and internal driving causes in defining risk provides a new horizon to the current context of risk classifications, and may significantly help insurance and solvency regulation practice.

As shown in Table 1, risks facing an insurer may be listed vertically with four levels from macro, industrial, institutional and business, and then to analyse them laterally with their properties of measurability and major driving causes.

Table 1 Risk classification and characteristic analysis

With the help of Table 1, we have the following direct conclusions about risk:

  • By regarding an insurer as risk principal or decision maker, the traditional names of “risks” on macro and industrial levels, such as the fluctuation risk of central bank interest rates and the risk of regulation changes, become the external causes of insurer's risks. Oppositely, if we are to study systemic risks on industrial and macro levels, we may regard designer, policy maker or regulator of that system, instead of insurers, as risk principal. The internal cause driving risks of the insurer, whether material or not, may only be regarded as external causes of systemic risk. As a logical consequence, it may not be reasonable nor fair to charge an insurer with additional capital for solvency supervision purpose with the excuse of systemically important financial institutions (SIFI) like that suggested in the C-ROSS and others.

  • The current definitions and names of “operational risk” and “credit risk” may not be good for investigating their major driving causes and may not fit for regulatory and management purpose. It is worthwhile to further identify their major causes and rename these two important types of risk. For instance with credit risk, as it is mainly an external cause driving risk, we may rename it further as “reinsurer default risk”, “broker or agent default risk” and so on. For the other instance of operational risk, we may also further identify their driving causes either by external or by internal and then rename it as “XX causing risk”.

  • For an individual risk, the insurer may either regard it as internal cause driven and then name it investment risk, or regard it as external cause driven and then call it market risk or asset risk. It all depends on the insurer's investigation purpose.

  • Checking with each item of registered risk in the existing context and considering about measurability, we may believe that most quantitative risks facing an insurer are on micro business level. The measurability of risk depends both on the maturity of the market and on technologies of risk aggregation.

3.3 Solvency regulation and supervision

As a direct application of risk measurement and classification discussed above, we may compare various risks facing an insurer with the 3 regulatory Pillars in the framework of insurance regulation and supervision of the IAIS (2005), and then combine them in Table 2.

Table 2 Risks and their regulatory measures in 3 Pillars

With a simple comparison in Table 2, we may have the following conclusions and suggestions on the current design of regulation and supervision.

  • The current design of insurance regimes needs to identify risk principal or risk owner for the risks on each level of their construction and then to investigate their major driving causes, rather than just simply dividing all the risks into quantitative and qualitative groups by assessing their combined effects.

  • The non-measurable or qualitative risks are distributed on macro, industrial, institutional and to business levels, while quantitative risks may be mainly on micro business level. For the risks on macro and on industrial levels, either quantitative or qualitative, there exists a need of adding extra control functions beyond those in the current 3 pillars, including functions to supervise regulatory policies and supervise supervisors.

  • In the current design of regulatory regimes, the measurable or quantitative risks are controlled by requiring regulatory capital (pillar 1) through calculating each individual risk and aggregating them together. But the matrix of risk dependence for aggregating risk measurement may not be reliable and even more difficult than investigating the driving causes of each risk.

4 Concluding remarks

It is quite true that the concept of risk plays a central role in the work areas of the actuarial profession, and particularly in the recent global effort of reforming insurance and solvency regulatory and supervisory systems. In addition to contributing their expertise on data modelling and providing their professional judgement, actuaries may also need to do some fundamental studies, including the concepts of risk, uncertainty, solvency and their relations. This article is one of the attempts towards that.

Acknowledgement

The author wants to thank David Hare, President of the Institute and Faculty of Actuaries, for his discussion and constructive advice on this paper.

References

Arrow, K.J. (1965). Aspects of the Theory of Risk Bearing. Academic Book Store.Google Scholar
China Insurance Regulatory Commission (CIRC). The Framework of China Risk Oriented Solvency System, 14 May 2013.Google Scholar
International Association of Insurance Supervisors (IAIS). Towards a common structure and common standards for the assessment of insurer solvency, October 2005.Google Scholar
International Organization for Standardization (ISO, 31000) Guide 73: 2009 - Risk Management – Vocabulary.Google Scholar
Monetary Authority of Singapore (MAS): Review on Risk-based Capital Framework for Insurers in Singapore (“RBC 2 Review”), MAS Consultation Paper P011-2012, June 2012.Google Scholar
National Association of Insurance Commissioners (NAIC), The U.S. National State-based system of insurance financial regulation, Draft of NAIC White Paper, 1 April 2013.Google Scholar
Pratt, J.W. (1964). Risk aversion in the small and in the large. Econometrica, 32, 122136.Google Scholar
Savage, L.J. (1954). The Foundation of Statistics. Wiley, New York.Google Scholar
Figure 0

Figure 1 Cause-effect mechanism of risk

Figure 1

Table 1 Risk classification and characteristic analysis

Figure 2

Table 2 Risks and their regulatory measures in 3 Pillars