The risks identified are clustered into:
Strategic risks (including emerging risks);
Financial risks;
Non-financial risks.
a.s.r.’s risk priorities and emerging risks are defined annually by the EB, based on strategic risk analyses. a.s.r.’s risk priorities and emerging risks are defined as the main strategic risks which could materially affect its strategic, financial and non-financial targets. To gauge the degree of risk, a.s.r. uses a risk scale (see image) based on likelihood and impact (Level of Concern). For each risk priority, the degree of risk is determined for the gross and net risks. Gross risk is the degree of risk when no (control) measures are in place. Net risk is the degree of risk with mitigating (control) measures in place. Each of a.s.r.’s risk priorities has a gross and net risk Level of Concern 3 or 4, outside risk appetite boundaries. a.s.r.’s risk priorities and emerging risks are described in Strategic risks and in Emerging risks.
Financial risk appetite statements (RAS) are in place to manage a.s.r.’s financial risk profile within the limits; see chapter 6.8.1.1.1. a.s.r. aims for an optimum trade-off between risk, return and capital. Steering on risk, return and capital is done by decision-making throughout the entire product cycle from the Product Approval & Review Process (PARP) to the payment of benefits and claims. At a more strategic level, decision-making takes place through balance sheet management. A robust solvency position takes precedence over profit, premium income and direct investment income. Risk tolerance levels and limits are disclosed in the financial RAS and are monitored by the Financial Risk Committee (FRC). The FRC evaluates financial risk (FR) positions against the RAS on a monthly basis. Where appropriate, a.s.r. applies additional mitigating measures. In 2022, the Actuarial Function (AF) performed its regulatory tasks by assessing the adequacy of the Solvency II technical provisions, giving an opinion on reinsurance and underwriting, contributing to the Risk Management Framework and supporting the Risk Management Function (RMF). The AF report on these topics was discussed by the EB, FRC and A&RC. See chapter 6.8 for further information.
Non-financial risk appetite statements (RAS) are in place to manage a.s.r.’s non financial risk profile within the limits. See chapter 6.8.1.1.1. The non financial risk profile and internal control performance of each business line is discussed with senior management in the business risk committees each quarter. The Non-Financial Risk Committee (NFRC) monitors and discusses on a quarterly basis whether non-financial risks (NFR) are adequately managed. Should the risk profile exceed the risk appetite, the NFRC will decide on the steps to be taken. a.s.r. employees gain risk management knowledge and skills through the implementation of risk management policies, procedures and practices and the execution and testing of controls within business processes for sound and controlled business operations. Training courses that cover the main risk-related topics, presentations, workshops, gamification and the use of governance, risk & compliance tooling also contribute to this. Courses include, for example, sustainability risk and more specifically ESG factors to better understand and identify material risks. In addition, risk management employees keep their knowledge and skills up to date through training courses - including in the context of permanent education - that cover specific risk-related topics.