It is axiomatic that the business of (re)insurance is all about understanding risk, and being able to analyze, price, structure and manage it in such a way as to be able to meet any and all valid claims as and when they are made.
So, one would think that establishing what a company’s appetite for risk actually is would be fairly straightforward. In reality, it is not, because it is practically impossible to establish a comprehensive framework simply through the creation of a set of rules. Rules and limits are merely the starting point.
Paradoxically, an over-emphasis on “risk management” can even increase the potential for an entity to accept risks that are beyond the level it should be willing to take because of the “not seeing the wood for the trees” bias. Any CRO worth the title will be aware that it is identifying the possible aggregations and unexpected links which is the problem, even if one has established a carefully layered set of individual risk limits.
All of this stems from the fact that the real world is not just complicated, but complex- and it is the complexity that creates the issues. One can try to “corral” the complicated within a reasonably sophisticated rules-based system; but complexity resists such an approach, such that rules can engender a dangerous complacency that an entity’s risks have all been defined and “boxed”.
One area in which ignoring complexity can cause real problems is in terms of whether risks behave in a linear way. In a complicated system linearity governs; in a complex one a tiny change can have a massive impact (the butterfly wing effect). After all, events such as hurricanes are not linear in their consequences, even though the scale used gives that impression. A Category 5 is much more destructive than a Category 4.
Similarly, one can de-compose a complicated system into its component structural parts, but in complex systems the components interact with and influence each other in unexpected ways, making it difficult, if not impossible, to calibrate all potential outcomes. Of course, many systems have boundaries defined by natural laws in terms of scale, but in other areas, such as frequency, the boundaries are much less defined, if at all- just consider the current North Atlantic hurricane season and the frequency of “named” storms. Yes, a more active season was forecast, but we doubt that anyone foresaw just how active that meant.
Complicated systems are also usually controllable, whereas complex systems are not, exhibiting so-called emergence tendencies. Trying to act upon them can have disproportionate and unintended consequences.
Any seasoned CAT modeler will riposte: “But we know all this!” And that is true. However, that does not mean that one can calibrate with any real certainty what the true scale of the risks of loss are. The charts that one sees in annual reports are estimates, not limits, and, as we have seen over the past few years, the trend in frequency and scale of natural catastrophes is increasing, which begs the question of whether the risks are truly “controllable”.
At Awbury, we recognize that we are always operating within a complex system, which evolves and changes, sometimes rapidly. No fixed set of rules or limits would be able to cope with such a dynamic environment. Therefore, successful organizations must have risk management systems that are also dynamic and adaptive.
The Awbury Team