35. Risk management system

The focus of risk management with management structures and defined processes is the attainment of UNIQA’s and its Group companies’ strategic goals.

UNIQA’s Risk Management Guidelines form the basis for a uniform standard at various company levels. The guidelines are approved by the CFO/CRO and the Group Executive Board and describe the minimum requirements in terms of organisational structure and process structure.

In addition to the Group Risk Management Guidelines, similar guidelines have also been prepared and approved for the Group companies. The Risk Management Guidelines at company level were approved by the Management Board of the UNIQA Group companies and are consistent with UNIQA’s Risk Management Guidelines.

Organisational structure (governance)

The detailed setup of the process and organisational structure of risk management is set out in UNIQA’s Risk Management Guidelines. They reflect the principles embodied in the concept of “three lines” and the clear differences between the individual “lines”.

First line: risk management within the business activity

Those responsible for business activities must develop and put into practice an appropriate risk control environment to identify and monitor the risks that arise in connection with the business and processes.

Second line: supervisory functions including risk management functions

The risk management function and the supervisory functions, such as controlling, must monitor business activities without encroaching on operational activities.

Third line: internal audit

This enables an independent review of the formation and effectiveness of the entire internal control system, which comprises risk management and compliance (e.g. internal auditing).

Risk management process (Graphic)

The relevant responsibilities are shown accordingly in the overview above. In addition, the Supervisory Board at UNIQA Insurance Group AG receives comprehensive risk reports at Supervisory Board meetings.

Risk management process

UNIQA’s risk management process delivers periodic information about the risk profile and enables the top management to make the decisions for the long-term achievement of objectives.

The process concentrates on risks relevant to the company and is defined for the following risk categories:

  • market risk/asset-liability management risk (ALM risk);
  • credit risk/default risk;
  • liquidity risk;
  • concentration risk;
  • underwriting risk (property and casualty insurance, health and life insurance);
  • operational risk;
  • emerging risk;
  • reputational risk;
  • contagion risk; and
  • strategic risk.

A Group-wide, standardised risk management process regularly identifies, evaluates and reports on risks to UNIQA and its Group companies within these risk categories.

Sustainability risks or ESG risks include risks related to the sustainability factors of environment, social/employee and governance (“ESG”). They are not considered as a separate risk category, but are taken into account as part of the existing ten risk categories. Climate change represents the central sustainability risk with respect to the environmental sustainability factor. Climate-related risks arise in the form of physical risks and transition risks.

Physical risks arise from the increase in extreme weather events such as floods, earthquakes, storms and heat waves, as well as the rise in average temperature. Transition risks on the other hand are adjustment risks that arise from the transition to a low-carbon economy. These include e.g. risks associated with the change in climate policy, the renewal of technologies and the change in market preferences. In addition to the effect of physical risks on the frequency and amount of claims, there may be further effects from transition risks on UNIQA’s assets, liabilities, financial position and profit or loss, particularly in connection with the capital investment strategy pursued.

Risk identification is the starting point for the risk management process, systematically recording all major risks and describing them in as much detail as possible. In order to conduct as complete a risk identification as possible, different approaches are used in parallel, and all risk categories, subsidiaries, processes and systems are included.

The risk categories of market risk, underwriting risks and default risk are evaluated at UNIQA by means of quantitative methods either based on the Solvency II standard approach or the partial internal model (for non-life or market risks). Furthermore, risk drivers are identified for the results from the standard approach and analysed to assess whether the risk situation is adequately represented (in accordance with the Company’s Own Risk and Solvency Assessment (ORSA)). All other risk categories are evaluated quantitatively or qualitatively with their own risk scenarios.

(Partial) internal model
Internally generated model developed by the insurance or reinsurance entity concerned and at the instruction of the FMA to calculate the solvency capital requirement or relevant risk modules (on a partial basis).
View complete glossary
Own risk and solvency assessment (ORSA)
The company’s own forward-looking risk and solvency assessment process. It forms an integral part of corporate strategy and the planning process – but is also part of the overall risk management strategy.
View complete glossary
An insurance company’s equity base.
View complete glossary
Solvency II
European Union Directive on publication obligations and solvency rules for the equity base of an insurance company.
View complete glossary