Risk Management at Insurance Providers
The changing insurance sector
The growing demands on modern corporate governance are making enterprise management more complex than ever. The expectations for higher efficiency often clash with:
- Increasing regulatory pressure
- More interlinked global economy
- Digital transformation
- Higher requirements on management for transparency
- Internal and external motives for more transparency and
traceability in decision-making
The insurance industry, in particular, is subject to fast-changing legal regulations and dynamic capital markets. The new EU data protection regulations or Solvency II with its mandatory “own risk and solvency assessment” (ORSA) are just two examples why companies need to take action in the areas of data protection and risk management.
To address these challenges, insurance providers must develop processes and establish standards for modern, efficient enterprise management. Governance, risk and compliance (GRC) processes are taking on a more important role.
Core responsibilities of top management
GRC entails much more than individual processes such as an internal control system, compliance or risk management. It combines all capabilities that enable organizations to reliably achieve their goals, cope with uncertainty, and take action with integrity.
Establishing GRC processes and overseeing their ongoing development is one of the main responsibilities of top management – not only due to the clear benefits it can generate across the company. Andreas Wartenweiler, who as Director Risk Management was responsible for implementing an integrated GRC concept at the Swiss insurance company Helsana, confirms this: “Supporting and consulting the management team can lay a valuable foundation to build profitability, business value and corporate sustainability.”
These types of processes generate synergistic effects, promote collaboration, and ensure long-term performance. GRC sets the guidelines for transparent, sustainable enterprise and performance management that weighs risks and opportunities to generate value. Companies with a comprehensive GRC concept also have more resources to utilize opportunities because they have a better understanding of the risks and contingent liabilities.
Individual software solution
All companies want to differentiate themselves from competitors – in their market presence, product and service offerings, operational and organizational structures, but also their business and GRC processes. GRC software, therefore, must be very flexible in order to map the designated processes and grow with them over time.
As Director Risk & Compliance at the health insurance provider Visana, Bertrand Volken also served as project owner for the implementation of risk2value. He summed up the rollout as follows: “The specific customizing and configuration options of risk2value are outstanding. The tool has an intuitive design which makes it possible to make changes quickly and easily on our own. This was one of the decisive criteria that convinced us to choose [avedos as] the vendor.”
Many insurance companies are taking the first steps in implementing integrated GRC projects. The Swiss insurers, Helsana and Visana, are pioneers in this field and use risk2value from avedos to map their integrated GRC approaches. At UNIQA in Austria, risk2value lays the foundation for information security management and enterprise risk management. Vienna Insurance Group also uses risk2value to map various topics in the field of IT governance.
With over 1.1 million insured individuals, Visana Group is one of the biggest providers of health and casualty insurance in Switzerland. The company offers statutory basic health insurance as mandated by Swiss law, supplementary insurance as well as property and casualty insurance. The company has 1,300 employees and a nationwide sales network with approximately 120 offices.
With 23,000 employees and premium volumes of EUR 9.1 billion in 2014, Vienna Insurance Group is a leading insurance corporation in Austria as well as Central and Eastern Europe. Innovation, close customer ties and its strong service-driven approach back the company’s high-quality product portfolio of attractive solutions in the field of life and general insurance.
avedos GRC GmbH is a European software vendor that has specialized in developing integrated solutions for Governance, Risk und Compliance (GRC). avedos software solutions serve as a link between business operations and top management to enable risk-conscious, value-driven decisions in today’s complex business world. The software platform risk2value supports a wide range of GRC disciplines including enterprise risk management, internal control systems, compliance management, audit management and information security management. Its clients include the world’s largest and most successful automobile manufacturers, insurance companies, telecommunications providers and retailers.
Get in touch with our experts – personally or through our online contact form.
We look forward to hearing from you!