a.s.r.’s risk priorities and emerging risks are defined annually by the Executive Board (EB), based on strategic risk analyses. a.s.r.’s risk priorities are defined as the main strategic risks which could materially affect its strategic and financial and non-financial targets. To gauge the degree of risk, a.s.r. uses a risk scale based on likelihood and impact (Level of Concern). For each risk priority, the degree of risk is determined for the gross and net risks. Gross risk is the degree of risk when no (control) measures are in place. Net risk is the degree of risk with mitigating (control) measures in place. Each of a.s.r.’s risk priorities has a gross and net risk Level of Concern 3 or 4, outside risk appetite boundaries. The risk priorities and emerging risks are described in Strategic risks and in Emerging risks.
a.s.r. aims for an optimum trade-off between capital, risk and return. Steering on capital, risk and return is done by decision-making throughout the entire product cycle from Product Approval & Review Process (PARP) to the payment of benefits and claims. At a more strategic level, decision-making takes place through balance sheet management. A robust solvency position takes precedence over profit, premium income and direct investment income. Risk tolerance levels and limits are disclosed in the financial risk appetite statements (RAS) and are monitored by the Financial Risk Committee (FRC). The FRC evaluates financial risk (FR) positions against the RAS on a monthly basis. Where appropriate, a.s.r. applies additional mitigating measures.
In 2021, the Actuarial Function (AF) performed its regulatory tasks by assessing the adequacy of the Solvency II technical provisions, giving an opinion on reinsurance and underwriting, and contributing to the Risk Management Framework (RMF). The AF report on these topics was discussed by the EB, FRC and A&RC. See chapter 6.8 for further information.
Non-financial risk appetite statements are in place to manage a.s.r.’s risk profile within the limits determined by the EB and approved by the Supervisory Board (SB); see chapter 188.8.131.52.1. The risk profile and internal control performance of each business is discussed with senior management in the business risk committees each quarter. The Non-Financial Risk Committee (NFRC) monitors and discusses on a quarterly basis whether non-financial risks (NFR) are adequately managed. Should the risk profile exceed the risk appetite, the NFRC will decide on the steps to be taken.
a.s.r. employees gain risk management knowledge and skills through the implementation of risk management policies, procedures and practices and the execution and testing of controls within business processes for sound and controlled business operations. Training courses that cover main risk-related topics, presentations, workshops, gamification and the use of governance, risk & compliance tooling also contribute to this. In addition, risk management employees keep their knowledge and skills up to date through training courses that cover specific risk-related topics and / or continuous education.