HomeRisk Report › Risk management

Risk management

Risk Management System | The ERM Policy

In the risk report the Group presents further information in order to enable the assessment of the significance of financial instruments and insurance contracts for an entity's financial position and performance.

Furthermore, the Group provides information about its exposure to risks arising from financial instruments and insurance contracts, and it discloses the management's objectives, policies and processes for managing those risks, in accordance with IFRS7, endorsed by Regulation (EC) No.108 of 11 January 2006.

In order to reach an integrated view, the Generali Group has implemented a unique internal control and risk management system which aims at identifying, evaluating and monitoring the most important risks to which the Group is exposed, that means the risks whose consequences could affect the solvency of the Company or the solvency of the single business units, or negatively hamper company goals. The main objectives of the internal control and risk management system of Generali Group is to maintain the identified risks below an acceptable level, to optimize the capital allocation and to improve the risk-adjusted performance of the Group.

The risk management processes apply to the whole Group, all the countries where it operates and each business unit. However, the degree of integration and depth varies with the complexity of the underlying risks. Integration of processes within the Group is fundamental to assure an efficient system of risk management and capital allocation for every business unit.

During the year many actions have been taken to further improve the methodology, to optimise the risk management processes and to spread across the business units the culture of making decisions aimed at optimising the risk adjusted performance.

Risk Management System

Risk management system is based on three main pillars:

  • process of risk measurement, aimed at assessing the solvency of the Company,

  • process of risk governance, aimed at defining and controlling the managerial decisions in relation with relevant risks,

  • risk management culture, aimed at increasing the value creation.

The model is based on a bottom up logic; the specific policies adopted by each Italian and foreign business unit are part of a main framework: the principles, the targets and the main risk management procedures defined by the Holding are spread and applied across the Group, with the purpose of maintaining a high degree of coherence and integration among the risk management systems of the different business units.

1.1  Roles and responsibility

The system is based on three different levels of responsibility:

  • Group: for every country, the Holding sets the targets in terms of solvency, results and risk exposure, moreover it defines the risk management policy through a list of Guidelines for acceptance of the main risks.
  • Country: the Regional Holding defines strategies and objectives for every firm, taking into account the local features and regulations, providing support for the implementation and controls the results. In particular, in order to assure a better solution to the specific features of local risks and changes in local regulation, the risk management responsibility and decisions are delegated to the Country Manager, respecting the Group policy framework. To whom are also assigned performance targets for their respective area.
  • Business Unit: every firm defines strategies and targets for the lines of business, in respect of the policy and the guidelines established by the Parent Company. The risk management involves the corporate governance of the Company and the operational and control structure, with defined responsibility levels, and aims to ensure in every moment the adequacy of the entire risk management system.

At Group level, the Parent Company Board of Directors approves the risk management policies and the strategies, as well as the risk tolerance level, defining performance targets coherent with the level of capital adequacy.

The Board of Directors is moreover committed to the creation of an organisational culture aimed at giving a high level of priority to the effective risk management and to the respect of strict controls on the operations.

The Board is constantly informed by the CEOs and also by the independent control department about the risk assessment of the Company and the Group, through periodical reports on results and the risk profile, or when it is necessary to intervene adopting corrective actions.

The Parent Company Top Management (composed by CEOs for the respective competence areas and by the General Manager) is responsible for the implementation of the risk management policy of the Company and the Group. In this role, the Top Management assigns the targets and the capital allocation to the Italian and foreign companies. Through Guidelines, it assures the implementation of operational limits by every single company and guarantees the prompt control and the constant monitoring of risk exposure.

The CEOs propose improvements to the risk management policy to the Board of Directors, or require specific actions to be taken by the country managers.

To this end, the Top Management is supported by the Group Risk Committee, composed by the heads of the main business areas (and also accountable for the related risks) and the Chief Risk Officer (CRO). The Committee ensures a fully integrated risk perspective (i.e. Enterprise Risk Management – ERM) across risk categories and countries, it evaluates the overall Group risk-exposure, it identifies risk-management opportunities and then recommends initiatives to the Top Management.

The CRO is responsible for monitoring and coordinating the overall ERM process, in particular, he provides information and suggestions to the Group Risk Committee and has strong relationship with Heads of the business areas. Moreover the CRO monitors ERM processes in the different Countries, supporting the CEOs in evaluating the effectiveness of the proposed plans developed and controlling the risk adjusted results.

A dedicated Risk Management and ALM Department supports the CRO in his duties.

The risk governance has been strengthen by establishing a Control Division, independent from operating functions. Within the Control Division, there are specific risk control Departments that, together with the Group Internal Audit Department, report to the Board of Directors

  • Compliance Department: responsible for identifying, evaluating and preventing risks related to failure to comply with lows and regulations;
  • Independent Risk Control Department: responsible for ensuring solidity of the whole risk management system also incompliance with ISVAP Regulation N°20.

Independent control activities are also performed by the Group Control Department, with regard to an analysis of the performance of the different countries.up.png

The ERM Policy

The Generali Group has developed the Enterprise Risk Management Policy to align the risk measurement methodology, the governance and the reporting of each company of the Group.

The governance of the Parent Company has been adopted, in its essential aspects, by each country and each company of the Group, considering their own features and regulations. A Risk Management Committee has been established in each company, made up of Chief Executive Officer (or General Manager), Heads of technical areas and, where present, Head of the local ERM.

The Risk Management Committee is in charge of supporting CEO in periodical reviews of the Company’s risk profile relating to the different risk categories, and in developing possible proposals to submit to the Board. Each Italian Company has created an independent risk control department in compliance with Italian regulation.

A set of Guidelines has been prepared by the technical departments of the Corporate Centre of the Parent Company to align the risk underwriting methods and to define the operating limits on insurance and financial risks.

Each Company implements these guidelines by preparing and updating an Operating Limits Handbook, that is submitted to the Risk Management Committee and approved by Company Top Management.

The ERM Policy defines the most suitable standard that each Company should adopt for both qualitative and quantitative evaluation of the risks and the reporting. The reports are submitted to the Risk Management Committee and sent to the Parent Company.

The deepest level of integration in the risk management processes across the Group is defined, in cooperation with each Country, in function of the risks arising in local activities and from the expected added value generated by reinsurance, asset allocation and capital allocation optimization.

Minimum requirements in the risk integrated approach have to be met within the Group, in particular:

  • implementation of Group Projects for the vertical integration (ALM, asset allocation);
  • setting-up of local ERM functions in order to ensure an integrated view of the risks at Country level and a strong relationship with the ERM of the Parent Company.

Moreover integration relates to principles, methodology and tools used for measuring and aggregating risks at different levels of responsibility. In order to align and optimise the whole process, a shared IT system for the aggregation of Economic Capital, common rules related to support Group programs; common principles and sharing of best practices for the quantitative evaluation of each risk class are used.

2.1 Development of the Risk Management System

Through its insurance activity the Group is naturally exposed to several types of risks, which are related to movements of financial markets, to adverse development of insurance related risks, both in life and non life business, and generally to all the risks that affect ongoing organized economic operations.

These risks can be grouped in the following four main categories which will be later detailed: market risk, credit risk, insurance risk and operational risk.

Along with the specific measures for the risk categories considered by the Group, the calculation of the Risk Capital represents a comprehensive measure of risk that can be aggregated at the different organizational levels (Group, country and operative entity) and at the main business lines (life, non-life and asset management).

The Risk Capital is a risk measure that corresponds to the amount of capital to be held so that the market value of assets is greater than the market value of liabilities in twelve months’ time, with a confidence level consistent with the target rating.

Risk management activities contribute to the goal of managing the enterprise performance on a risk-adjusted basis in all Group business units. The internal models of Risk Capital have been improved to maintain a state of the art approach to calculation.

In 2009 the ERM model scope has been enlarged involving also the minor Countries and achieving a satisfying level of coverage and homogenization of risk governance model within the Group. For the current it is planned to further finalize and optimize the model.up.png