[ Home ] [ About Our Firm ] [ La Compañía ]
[ Links ] [ News & Announcements ]
[ Newsletter ] [ Nuestro Equipo ] [ Our Team ]
[ Photo Album ] [ Presentations etc for Downloading ]
[ RADAR - An IT System Designed for Financial Supervisors ]
[ RADAR - Un Sistema IT Diseñado para Supervisores Financieros ]

Over the last several years risk based supervision has become recognized as an international standard, endorsed by the International Association of Insurance Supervisors, the World Bank, the Inter-American Development Bank and other international agencies.

The risk based approach requires the supervisor to monitor risks and to work with institutional management and boards of directors to reduce risk when prudent levels are being exceeded. With a risk based model the objective is to prevent problems from occurring in the first instance, rather than finding them and then endeavouring to fix them. It is clear that in terms of protecting the public interest, problem avoidance is a more desirable objective than problem rectification. Generally speaking, therefore, risk based supervision is more effective than the traditional compliance based approach.

An additional important benefit of the risk based approach is that it has the potential to be more efficient than compliance based supervision. This is because rather than allocating resources across the board in an effort to detect non-compliance, regulatory resources are focused on the areas of highest risk.

When we refer to "risk" we mean the extent to which there exists a potential for the occurrence of events which might adversely impact an institution's ability to meet its obligations. When the risk in a particular area is increasing and appears to be headed for higher than acceptable levels, the supervisory process comes into play and steps should be put in place to reduce risk.

However, terms such as "higher than acceptable levels" are subjective. We do not have any absolute scale by which risk can be measured. Nevertheless we can increase the degree of precision and make the measurement of risk as objective as possible through the use of tools such as risk benchmarking and the supervisory ladder. The supervisory ladder or risk matrix as it is sometimes called, can provide many concrete examples (i.e. benchmarks) of risk situations and the risk levels to which these situations will be assigned. For example, supervisory staff may, after discussion, come to the consensus that repeated late filing of required financial information and frequent inaccuracies in that information, will be considered to be characteristic of Level 4 Risk. The supervisory ladder also provides typical examples of supervisory responses that can be expected at different levels of risk, so we can see that an institution classified as "Level 4" might find itself subject to more frequent and extended on-site inspections, limitations on its ability to write new business, a requirement for additional capital and so on. From a transparency perspective, the supervisory ladder or a simplification thereof can be provided to the institutions so they can easily see and understand the rules of the game, governing themselves accordingly.

We know that financial institutions are extremely complex entities. Risks arise in virtually every area of their operations. Some types of risk are quite clear and well known. For example, a general insurer that sells homeowners policies in the northern Caribbean region, must have reinsurance coverage that will virtually guarantee that a hurricane will not leave it in a position where it is unable to pay all its claims. On the other hand, some risks are much more subtle and arise from combinations of events. For example, suppose that interest rates become very high and a life insurer has a large number of policies in force containing a policy loan provision at a fixed rate of interest, significantly below the new market rate. The company may have a sudden liquidity problem as a high percentage of policyholders take advantage of the guaranteed borrowing clause in their policies.

There are potential risks associated with everything that companies do. How can supervisors ensure that in their review of institutions, they do not overlook any risk areas which could turn out to have important implications for the entity's future?

To help deal with this critical question, supervisors often resort to acronyms such as CARAMELS for insurance (Capital, Asset quality, Reinsurance, Adequacy of claims and actuarial, Management, Earnings quality, Liquidity and Self-dealing and subsidiaries), or in the case of banking, to the definition of risk areas such as credit risk, country risk, interest rate risk, exchange rate risk and so on. These are all just techniques to help ensure that when we look at an institution, we don't leave out any important areas in our risk assessment process. There is no magic to the use of particular categories. The fundamental risk is that an institution will not have sufficient capital or sufficient liquidity to enable it to meet its obligations. However, we recognize that if we were to only think about "capital" or "liquidity" per se, we might overlook a lot of risks which could indirectly, but profoundly, affect the company's capital position or liquidity position. Therefore we also look, in the case of insurance, at all of the CARAMELS areas.

Broadly speaking, one can see two distinct approaches to the assessment of risk. One approach involves the disaggregation of risk into such categories as credit risk, interest rate risk and so on, as generally utilized by banking supervisors. In our view, the disadvantage of this approach for insurance, especially in the case of many supervisory organizations in emerging markets where they are just beginning to institute a risk based approach to insurance supervision, is that one has to review all parts of the supervised institution to find the different components of risk. For example, if we are assessing the credit risk for an insurer we will have to consider its reinsurance activities, its investment area, amounts due from brokers, amounts due from policyholders and so on. On the other hand, the use of the CARAMELS approach categorizes risk according to the way the supervisory work is actually carried out. For example, we are likely to have one person looking at the investment area and that person is able to assess all the investment risks, another person will be looking at the reinsurance arrangements and they will be assessing all the risks associated with that activity. In the case of deposit taking institutions it happens that business activities correspond reasonably closely with the disaggregated risk areas, e.g. the lending business gives rise to credit risk. Thus for deposit taking institutions the use of disaggregated risk categories is both convenient and effective.

Another well established international trend is towards the integration of supervisory agencies so that, for example, banking, insurance and securities regulation may be combined within a single supervisory agency. There are a number of important benefits to be gained by this process. However, the integration of supervisory agencies brings into focus the fact that banking supervisors have generally adopted the disaggregated approach to risk assessment whereas insurance supervisors are typically looking at CARAMELS or similar categories for the assessment of risk.

In our view an important aspect of any successful integration is to take account of what might be termed "pillar differences", that is the fact that although we see a certain amount of product convergence in today's financial world, the underlying businesses of insurance (especially general insurance) and deposit taking are fundamentally different and these differences should not be overlooked in establishing the supervisory procedures for the integrated supervisory agency. Thus rather than endeavouring to "force fit" all institutions into one mode for risk assessment, there may be important advantages to continuing to allow for somewhat different risk assessment approaches for different types of institutions.

The important point is that no matter how we decide to categorize risk, we want to feel confident that all the material risks are being dealt with systematically and consistently. However we decide to cut the pie and label it, the risks do not change. The above noted approaches are all just methodologies intended to help supervisors have confidence that we are comprehensively reviewing the risks underlying companies' businesses.