Risk report

41. Risk management system

The focus of risk management with management structures and defined processes is the attainment of UNIQA’s and its Group companies’ strategic goals.

UNIQA’s Risk Management Guidelines form the basis for a uniform standard at various company levels. The guidelines are approved by the CFO/CRO and the Group Executive Board and describe the minimum requirements in terms of organisational structure and process structure.

In addition to the Group Risk Management Guidelines, similar guidelines have also been prepared and approved for the Group companies. The Risk Management Guidelines at company level were approved by the Management Board of the UNIQA Group companies and are consistent with UNIQA’s Risk Management Guidelines.

Organisational structure (governance)

The detailed setup of the process and organisational structure of risk management is set out in UNIQA’s Risk Management Guidelines. They reflect the principles embodied in the concept of “three lines” and the clear differences between the individual “lines”.

First line: risk management within the business activity

Those responsible for business activities must develop and put into practice an appropriate risk control environment to identify and monitor the risks that arise in connection with the business and processes.

Second line: supervisory functions including risk management functions

The risk management function and the supervisory functions, such as controlling, must monitor business activities without encroaching on operational activities.

Third line: internal audit

This enables an independent review of the formation and effectiveness of the entire internal control system, which comprises risk management and compliance (e.g. internal auditing).

Risk management process

The relevant responsibilities are shown accordingly in the overview above. In addition, the Supervisory Board at UNIQA Insurance Group AG receives comprehensive risk reports at Supervisory Board meetings.

Risk management process

UNIQA’s risk management process delivers periodic information about the risk profile and enables the top management to make the decisions for the long-term achievement of objectives.

The process concentrates on risks relevant to the company and is defined for the following classes of risk:

  • Market risk/ risk (ALM risk)
  • Credit risk/default risk
  • Liquidity risk
  • Concentration risk
  • Underwriting risk (property and casualty insurance, health and life insurance)
  • Operational risk
  • Emerging risk
  • Reputational risk
  • Contagion risk
  • Strategic risk

A Group-wide, standardised risk management process regularly identifies, evaluates and reports on risks to UNIQA and its Group companies within these categories of risk.

Sustainability risks or ESG risks include risks related to the sustainability factors of environment, social/employee and governance (“ESG”). They are not considered as a separate risk category, but are taken into account as part of the existing ten risk categories.

Risk identification is the starting point for the risk management process, systematically recording all major risks and describing them in as much detail as possible. In order to conduct as complete a risk identification as possible, different approaches are used in parallel, and all categories of risk, subsidiaries, processes and systems are included.

The risk categories of market risk, underwriting risks and default risk are evaluated at UNIQA by means of quantitative methods either based on the  II standard approach or the (for non-life or market risks). Furthermore, risk drivers are identified for the results from the standard approach, and analysed to assess whether the risk situation is adequately represented (in accordance with the Company’s Own Risk and Solvency Assessment ()). All other categories of risk are evaluated quantitatively or qualitatively with their own risk scenarios.

Asset liability management
Management concept whereby decisions related to company assets and the equity and liabilities are coordinated. Strategies related to the assets and the equity and liabilities are formulated, implemented, monitored and revised with this in a continuous process in order to attain the financial objectives given the risk tolerances and restrictions specified.
Solvency
An insurance company’s equity base.
(Partial) internal model
Internally generated model developed by the insurance or reinsurance entity concerned and at the instruction of the FMA to calculate the solvency capital requirement or relevant risk modules (on a partial basis).
Own risk and solvency assessment (ORSA)
The company’s own forward-looking risk and solvency assessment process. It forms an integral part of corporate strategy and the planning process – but is also part of the overall risk management strategy.