- New EY survey with IIF finds 79% of global CROs are concerned about the macroeconomic impact of geopolitical tensions
- Cybersecurity tops the agenda of near (53%) and long-term risk (68%), as heightened geopolitics increases the perceived threat of cyber warfare
- Political uncertainty, AI, fraud and a talent vacuum causes for concern for insurance carriers in 2024
Insurance chief risk officers (CROs) are optimistic about their ability to shore up their operational defenses in 2024 despite global economic headwinds and increased regularity scrutiny, according to the EY and Institute of International Finance (IIF) insurance risk management survey.
The inaugural edition of this joint report is based on survey data from 68 insurance carriers across 15 countries, and highlights the challenges and opportunities faced by insurance CROs in an increasingly volatile environment, while wrestling constraints in budget and a stubborn talent drought.
Almost three-quarters (72%) of CRO respondents are confident they have the capacity to manage change associated with increased risk, while 74% see budget as their biggest threat to accelerating critical digital transformation strategies.
Isabelle Santenac, EY Global Insurance Leader, says:
“Insurance CROs continue to hunt for opportunities to drive growth and reduce the operational risk associated with that, including third-party cyber risk. With record-breaking natural catastrophes in 2023, the pressure on carriers to tackle the increasing multibillion-dollar protection gap is compounded by shrinking budgets and scarce talent to tackle some of the most pressing climate-related disasters our generation has faced. Despite operating in a quicksand environment, CROs are meaningfully investing in ecosystems, utilizing AI to tackle the rise in fraud, and mitigating future risk by laying the groundwork to attract talent to an industry teeming with potential.”
Geopolitical risks take center stage, as world braces for political change
Geopolitical tensions, an election super cycle and the increased use of artificial intelligence (AI) accelerating misinformation is doing nothing to cool CROs’ concerns of disruption. CRO respondents see geopolitical risks mainly in terms of macroeconomic impact (79%), increased cyber warfare (67%) followed by regulatory changes (64%).
The threat of more sophisticated cyber attacks amid a turbulent economic backdrop emerged as the chief concern both near and long term; 53% of respondents think cybersecurity will be the biggest risk topic that requires attention from CROs in the next 12 months, and 68% see it as the most important risk for the next three years. Despite a reliance on growing ecosystems and alliances to drive efficiencies (43%) and acquire new customers (59%), almost half (46%) viewed managing third-party cyber risk as a threat to their operational resilience.
Mary Frances Monroe, Director, Insurance Regulation and Policy at the IIF, says:
“Faced with complex risks, rapid technological advancements and resource and talent constraints, our survey results highlight the resilience and adaptability of insurance CROs and their strong commitment to digital transformation. The insurance CRO community is also integral to companies’ ESG integration efforts, which are crucial for addressing climate-related risks."
Confidence remains, despite rapid increase in bolstering defenses
The events of 2023 have increased the pace at which insurance carriers have sought to strengthen their front line with risk management practices, with 59% of respondents improving their liquidity management policies, procedures and practices, and more than half (56%) updating their asset liability management (ALM) framework, in the last 12 months. This bullish trend is set to continue, with more than 90% of respondents planning to evaluate or implement both financial (e.g., credit, market, liquidity) and non-financial (e.g., operational) risk management over the next 12 months.
While confident managing emerging financial and regulatory risk, CROs are proceeding with more caution with emerging technology, with less than a quarter (22%) of respondents implementing AI, generative AI (Gen AI) and machine learning (ML). Of those surveyed adopting AI, they are doing so pragmatically with guardrails in place – with 50% establishing controls to help ensure the responsible use of AI and ML in decision-making. Trepidation is validated by CROs, with respondents citing heighted risk in modeling (including risk of hallucination and explainability) 61%, data privacy 49% and consumer fairness and algorithmic bias 37%.
Reducing protection gap a priority, as pressure builds on insurers to tackle climate risk
As the protection gap continues to grow, insurers are facing increasing pressure to address climate risk. And there are many constituent elements, from physical and transition risk to regulatory implications, and public perceptions regarding the industry’s commitment to provide protection, underpinning how environmental, social and governance (ESG) considerations are embedded into their organization. More than two-thirds (69%) of CROs surveyed are integrating ESG into their risk management framework, and 87% are incorporating ESG standards into investments.
While many CROs feel confident in their organization’s ability to integrate ESG into their decision-making, only 3% of respondents have a complete understanding of their climate-change risk exposure, and just over a third (36%) stated that climate risk is being integrated into business strategy – although positive action is forthcoming. More than half (53%) cited ESG-related investments and rewarding positive ESG behavior (34%) as the leading products or features with the most growth potential.
Additional notable findings from the survey include:
- While 55% of CROs surveyed say overall they are focused on embedding a strong risk culture, that number is significantly higher in the Asia-Pacific region (77%) and considerably lower in the Americas (43%) and Europe (38%). Meanwhile, only 38% of European CROs expect advising business leaders to be a key part of the evolution of their role, compared with 52% of CROs overall.
- CRO respondents in the Americas are most focused on model risk – 92% of them cited it as a top risk area, compared with 61% of all respondents. More than half of them (54%) are concerned about consumer fairness, versus just more than a third (37%) of all respondents. Given the focus of European regulators, it’s no surprise that more CROs in that region (61%) are focused on data privacy compared to their peers worldwide (49%).
- Results from the survey underscore the need for – and scarcity of – technical talent. Interestingly, European CRO respondents cite the greatest need for cyber skills (48% vs. 34% of their global peers), while CROs in the Asia-Pacific region prioritize operational risk talent (38% vs. 17%). CRO respondents in the Americas are seeking professionals to help manage AI-based model risk management (38% vs. 26%) and communication and leadership skills (31% vs. 21%).
For more information, read the full report.
###
Notes to editors
About EY
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. Information about how EY collects and uses personal data and a description of the rights individuals have under data protection legislation are available via ey.com/privacy. EY member firms do not practice law where prohibited by local laws. For more information about our organization, please visit ey.com.
This news release has been issued by EYGM Limited, a member of the global EY organization that also does not provide any services to clients.
About the Institute of International Finance (IIF)
The Institute of International Finance (IIF) is the global association of the financial industry, with about 400 members from more than 60 countries. The IIF provides its members with innovative research, unparalleled global advocacy, and access to leading industry events that leverage its influential network. Its mission is to support the financial industry in the prudent management of risks; to develop sound industry practices; and to advocate for regulatory, financial, and economic policies that are in the broad interests of its members and foster global financial stability and sustainable economic growth. IIF members include commercial and investment banks, asset managers, insurance companies, professional services firms, exchanges, sovereign wealth funds, hedge funds, central banks, and development banks. To learn more about IIF, please visit www.iif.com, follow us on Twitter, LinkedIn or YouTube, or check out IIF’s podcasts.
About the survey
The global EY organization, in conjunction with the IIF, surveyed IIF member firms and other insurance companies across four main regions globally (Asia-Pacific, Europe, Africa, and North America) from September 2023 through November 2023. Participating companies’ CROs or other senior risk executives were interviewed, completed a survey, or both. In total, 68 financial institutions across 15 countries participated.
Participating insurance companies were fairly diverse in terms of asset size, geographic reach and type of insurance company (Property & Casualty, Life, Health, Reinsurance, and Specialty). Regionally, those companies were headquartered in Asia-Pacific (18%), Europe (54%), Africa (6%) and North America (22%).