A survey of chief risk officers (CRO) at insurers in the Asia-Pacific region has revealed that developing a risk culture at their organisations will be a top priority in the coming year.
The APAC Insurance CRO survey 2017-2018, by global advisory firm EY, found that only 45% of insurers in the region have a risk culture or risk conduct framework in place, but many CROs have made it a top area of focus in the next 12 months.
The survey, which involved insurance CROs from the Greater China, Southeast Asia, and Australia markets, said that while the banking sector has already widely adopted risk frameworks, the insurance industry is lagging behind. The only exception to this is Australia, which demonstrates the market’s relative maturity compared to that of Asia.
According to Jonathan Zhao, EY’s Asia-Pacific insurance leader, differing regulatory expectations and approaches to conduct risk are the main cause of the gap between markets.
“When it comes to implementing risk culture frameworks, Australian CROs are leading the way, while those in other Asian markets, such as China and Singapore, will need to focus on this over the coming 12 months,” Zhao said. “It’s also fair to say that larger firms operating in the region, with headquarters in the US or Europe where regulators have set high-conduct risk management benchmarks, tend to have more advanced practices.”
Asia-Pacific insurers are also struggling to integrate cyber expertise into their risk functions, due to a skillset shortage in the region. Almost half (45%) of survey respondents across the region have yet to allocate a devoted risk resource toward managing cyber risk.
“The CROs in our survey are especially looking for expertise in cyber and IT security, data analytics and big data, machine learning, anti-money laundering, and artificial intelligence (AI),” said Sumit Narayanan, EY’s ASEAN insurance leader. “Finding the budget and resources to invest in these areas is proving problematic. Risk functions must therefore find the right balance between securing scarce talent and investing in new technologies.”
Naranayan also noted that the insurance CRO’s role is evolving by shifting away from traditional risk and regulatory compliance to becoming a partner within the business, with greater influence over the company’s strategic direction.
More than 70% of respondents said that they have a 70:30 ratio of attention given to business and regulatory matters. Most have reported an increased say in key processes.