Our risk processes
The processes we use to identify, measure, manage, monitor and report risks, including the use of our risk models, and stress and scenario testing, are designed to enable dynamic risk-based decision-making and effective day-to-day risk management.
Having identified the risks to our business and measured their impact, depending on our risk appetite and desired risk culture, we either accept these risks or take action to reduce, transfer or mitigate them.
Identify and measure
We carry out regular risk identification including as part of our business planning process and any major business initiatives. We draw on internal and external data, covering both normal conditions and stressed environments.
We measure risks on the basis of Solvency II capital (and other bases if appropriate) to determine their significance, relative to the potential return and appropriately direct resources to their management. We also measure the impact and likelihood of risks against our predefined appetites, tolerances and limits.
Manage and monitor
Having identified the risks of our business and measured their impact, we either accept these risks or take action to reduce, transfer or mitigate them, considering the expected return, associated risk and position relative to risk appetite. Monitoring ensures that the risk management approaches (accept, avoid, transfer, control) in place are effective. Monitoring may also identify risk-taking opportunities.
Report
- material risks and trends
- performance and its impact on our risk profile, historical and prospective
- decisions, taking account of risk reward trade-offs
- projections/forward-looking views
- mitigating actions
- risk vs. appetite, preferences, limits and tolerances.