41. Challenges and priorities in risk management for 2019
Shared Service Centre (SSC) Bratislava
Following an intensive set-up phase and implementation of a clear communication and training plan, the first processes are being outsourced to the Shared Service Centre in 2019. A clear process design represents the basis for successful implementation. In addition to actuarial services and risk management, the scope of activities in UNIQA 4WARD will be expanded to include finance and security management in 2019. One of the biggest challenges will continue to be the efforts to establish UNIQA 4WARD as an attractive employer on the Slovak labour market. This is the only way that we will be able to find well-trained workers who are prepared to take on the upcoming tasks.
Partial internal model for the market risk
Following the successful completion of the model in 2018, the next step will be to integrate the model into regular risk assessments, including in particular the quarterly calculation of the ECR. The ALM and limit processes must then be adjusted based on integration into the control processes. UNIQA is striving to submit the model for approval so that the developed model can also be used for official SCR key figures in future.
Introduction of the new ICS
As mentioned in the section on activities, work took place in 2018 on designing the internal control system. While the concept has already been developed and tested in pilot tests, the Group-wide roll-out of the new process will represent one of the main focal points and challenges in 2019. The potential obstacles to the roll-out relate in particular to the fact that a large number of processes within the Group are affected by the ICS, and the roll-out will therefore require appropriate coordination effort on the one hand, along with assurances that the knowledge and expertise is passed onto the relevant employees on the other.
Implementation of the Group Security Management System (GSMS)
UNIQA has launched a project for the introduction of an integrated GSMS that deals with information security, physical safety and security and business continuity, i.e. all aspects of safety and security, including cyber security risks. The overriding aim of the GSMS is to contribute towards integrated and comprehensive security risk management at UNIQA. The following elements have been defined as objectives of the management system in order to support this:
- Transparency for the first line of defence over critical assets in their area of responsibility
- Appropriate protection of the assets in accordance with their criticality to the business
- Understanding of the residual risks that remain once the security concept has been implemented
- Well-informed and professionally sound decisions on acceptance of these residual risks by the person responsible
The implementation project covers all relevant functions as well as the Management Board. The project is also being supported by external resources. As part of the first stage UNIQA decided to restructure the existing Security Governance Framework in order to adapt it to internationally recognised standards such as ISO 27001 and BSI Standard 100-4. This is the basis for further implementation efforts.
As of today UNIQA does not see any direct risk which could represent a risk to the Group’s continued existence.