Risk report

41. Risk management system

The focus of risk management with management structures and defined processes is the attainment of UNIQA’s and its Group companies’ strategic goals.

UNIQA’s Risk Management Guidelines form the basis for a uniform standard at various company levels. The guidelines are approved by the CFO/CRO and the Group Executive Board and describe the minimum requirements in terms of organisational structure and process structure.

In addition to the Group Risk Management Guidelines, similar guidelines have also been prepared and approved for the Group companies. The Risk Management Guidelines at company level were approved by the Management Board of the UNIQA Group companies and are consistent with UNIQA’s Risk Management Guidelines.

Organisational structure (governance)

The detailed setup of the process and organisational structure of risk management is set out in UNIQA’s Risk Management Guidelines. They reflect the principles embodied in the concept of “three lines of defence” and the clear differences between the individual lines of defence.

First line of defence: risk management within the business activity

Those responsible for business activities must develop and put into practice an appropriate risk control environment to identify and monitor the risks that arise in connection with the business and processes.

Second line of defence: supervisory functions including risk management functions

The risk management function and the supervisory functions, such as controlling, must monitor business activities without encroaching on operational activities.

Third line of defence: internal audit

This enables an independent review of the formation and effectiveness of the entire internal control system, which comprises risk management and compliance (e.g. internal auditing).

Risk management process

The relevant responsibilities are shown accordingly in the overview above. In addition, the Supervisory Board at UNIQA Insurance Group AG receives comprehensive risk reports at Supervisory Board meetings.

Risk management process

UNIQA’s risk management process delivers periodic information about the risk profile and enables the top management to make the decisions for the long-term achievement of objectives.

The process concentrates on risks relevant to the company and is defined for the following classes of risk:

  • Market risk/ risk (ALM risk)
  • Credit risk/default risk
  • Liquidity risk
  • Concentration risk
  • Underwriting risk (property and casualty insurance, health and life insurance)
  • Operational risk
  • Emerging risk
  • Reputational risk
  • Contagion risk
  • Strategic risk

A Group-wide, standardised risk management process regularly identifies, evaluates and reports on risks to UNIQA and its Group companies within these categories of risk.

Risk identification is the starting point for the risk management process, systematically recording all major risks and describing them in as much detail as possible. In order to conduct as complete a risk identification as possible, different approaches are used in parallel, and all categories of risk, subsidiaries, processes and systems are included.

The risk categories of market risk, underwriting risk and default risk are evaluated at UNIQA by means of quantitative methods either based on the standard approach or the (for non-life or market risks). Furthermore, risk drivers are identified for the results from the standard approach, and analysed to assess whether the risk situation is adequately represented (in accordance with the Company’s Own Risk and Assessment ()). All other categories of risk are evaluated quantitatively or qualitatively with their own risk scenarios.

Asset liability management
Management concept whereby decisions related to company assets and the equity and liabilities are coordinated. Strategies related to the assets and the equity and liabilities are formulated, implemented, monitored and revised with this in a continuous process in order to attain the financial objectives given the risk tolerances and restrictions specified.
Solvency II
European Union Directive on publication obligations and solvency rules for the equity base of an insurance company.
(Partial) internal model
Internally generated model developed by the insurance or reinsurance entity concerned and at the instruction of the FMA to calculate the solvency capital requirement or relevant risk modules (on a partial basis).
Solvency
An insurance company’s equity base.
ORSA
Own Risk and Solvency Assessment. The company’s own forward-looking risk and solvency assessment process. It forms an integral part of corporate strategy and the planning process – but is also part of the overall risk management strategy.