New Airmic guide draws on the findings of a study by ORIC International, an operational risk consortium
Airmic today published a new guide on scenario analysis, outlining the five stages risk managers must follow to undertake the process successfully.
For this, the risk management association has teamed up with ORIC International, a London-based operational risk consortium that provides financial institutions with intelligence on operational risk exposures.
In 2014, a major research study by ORIC identified five key stages to scenario analysis. In Scenario Analysis: A practical system for Airmic members, Airmic describes these and what they entail. They are:
- Framework and planning. At this stage, it is decided what the scenario will be, who is going to be involved in it, how it is going to be executed and what the desired outcome is.
- Assessment and measurement. In the second stage, a team of participants carries out the scenario, which will give different areas of the business the opportunity to flag up issues or concerns they may have. Depending on why the exercise is carried out, the risk manager puts together the right team, which may include operational managers, people who are on the ground, board members or senior management, or the broker or loss adjustor.
- Validation and modelling. This stage enables the risk manager to sense-check the outcomes of the previous stage to ensure that the actions the company would take in the event of the scenario occurring are actually plausible and practical in real life. For the modelling, external consultants can add numbers to the scenario, such as how much an event would cost, which steps need to be taken and how much these steps would cost.
- Communication reporting. Who needs to see the scenario analysis report and who is responsible for signing it off? The risk committee, the board or the finance team?
- Output socialisation. This involves taking steps to improve risk controls as a result of the scenario, which could also include changing the insurance policy.
The guide will then discuss the three reasons for doing scenario analysis and how risk managers can modify these five steps to get the right output, depending on the reason behind the scenario analysis.
According to Airmic, the three main reasons for a company to carry out a scenario analysis are:
- Testing the insurance policy to check whether the limits, the coverage and the sum insured are correct.
- Checking crisis management procedures to ensure the risk manager knows the right people to speak to, that the right people will manage the crisis if it occurs, and so on.
- Horizon scanning risk assessment and strategy planning. This type of scenario analysis looks at what big changes could happen in the future and how they would affect the business.
Airmic has found that, while most members carry out scenario analysis to test their insurance coverage, only some use it for crisis management purposes and even fewer are bothering with the horizon scanning and strategy development scenario analysis.
However, the guide notes that the framework and the steps are the same for all three types of scenario analysis. The only factor that varies is the people involved in the scenario analysis.