In the diverse Asia Pacific (APAC) market, insurance Chief Risk Officers (CROs) are grappling with three primary challenges: conduct risk, cybersecurity, and business model transformation. These issues are particularly pronounced in the region due to its unique regulatory and operational landscape.
Conduct Risk: A Dominant Concern
Conduct risk tops the list, with 54% of APAC CROs identifying it as a significant threat, compared to just 19% globally, according to a survey by EY and the Institute of International Finance (IIF). This heightened concern is driven by stringent regulatory environments across markets like Australia, Hong Kong, Malaysia, and Singapore.
Tze Ping Chng, EY Asia-Pacific Consulting Insurance Sector leader, attributes this concern to the region’s rapid growth and aggressive expansion strategies. “Asia is one of the fastest-growing regions globally, which naturally leads to a strong focus on new business generation,” Chng explains. “With this growth comes the challenge of maintaining ethical sales practices and ensuring compliance with regulatory frameworks.”
Regulatory tightening across the region exacerbates these concerns. For instance, the influx of Mainland Chinese visitors in Hong Kong raises issues about firm licensing, conduct, and sales payments. Similar regulatory challenges are emerging in other Asian markets, including China.
Chng recounts an incident in Vietnam where issues in the bank insurance market led to numerous policy lapses and terminations, underscoring the need for robust controls and governance structures to support new sales. “As the Chief Risk Officer of an insurance company in Asia focused on growth, I need to ensure proper controls and governance structures for generating new sales,” he notes.
Bernhard Kotanko, a senior partner at McKinsey & Co., highlights the unique characteristics of the Asian insurance market, where distribution is predominantly agency-led. “There are tens of thousands of agents, and each one is an individual entrepreneur. This comes with a lot of operational risk considerations to ensure they act in the full interest of the customer and comply with all processes,” Kotanko says. The fast-paced innovation in investment structures and underlying risks further complicates risk management.
Cybersecurity: A Global Priority
While conduct risk is the main concern in APAC, cybersecurity remains a global priority. APAC insurers lead in AI adoption, with 38% using automation and advanced analytics for fraud detection, risk assessment, and reporting. However, the region’s fragmented market necessitates a robust and adaptable approach to cybersecurity.
“Asia is essentially a collection of individual markets with individual systems and regulations, making it more complex than monolithic markets like the European Union or the United States,” Kotanko observes. This complexity requires CROs to maintain high levels of professionalism and adaptability in their cybersecurity strategies.
Kotanko identifies three areas where AI significantly impacts the insurance industry:
- Summarisation and Personalisation: AI enhances customer service and administrative efficiency by extracting and summarising information from various sources.
- Quality of Advice: AI improves the quality and personalisation of advice provided to customers.
- Technological Efficiency: AI optimises coding and other technological processes, boosting overall productivity.
Despite these advancements, most insurers are still in the early stages of AI adoption, focusing on proof of concept and experimentation rather than industrialised impact. Chng warns that the sophistication of cyber-attacks is escalating, necessitating advanced defences. He also stresses the importance of data quality and privacy, especially in the context of AI and machine learning. “Companies need to focus on data management, ensuring compliance with local data privacy regulations while leveraging AI technologies,” Chng advises.
Business Model Transformation: An Urgent Need
Business model transformation is another priority, with 46% of APAC CROs focusing on it. Chng attributes this urgency to regulatory changes and evolving customer expectations. “We are in a very exciting region with a lot of growth opportunities, but this also brings challenges that require continuous adaptation and transformation,” he says.
Key regulatory changes, such as the implementation of IFRS 17, necessitate significant adjustments in financial reporting standards. Chng describes IFRS 17 as the most substantial change in over two decades, impacting profit recording and capital management practices. New capital regimes, like the Risk-Based Capital (RBC) framework in Hong Kong, also have profound implications for insurers’ investment strategies and product offerings.
Kotanko outlines four drivers behind the need for business model transformation:
- Regulatory Changes: New solvency regimes and IFRS 17 are transforming business measurement, necessitating changes in business models.
- Market Volatility: Increased volatility demands higher productivity and rapid digital transformation, which come with associated risks.
- Cross-Border Connectivity: Enhanced connectivity within the region introduces new types of risks, particularly as insurers integrate life insurance with wealth management and health insurance.
- Talent Dynamics: The evolving talent market, with increased attrition and shifting expectations, is transforming business operations, including adaptation to remote working models.
Emerging Risks and Future Outlook
Geopolitical and environmental risks are expected to dominate the next three years, with concerns spanning China, Korea, and Japan. Recent geopolitical tensions, such as North Korea’s missile launches, exemplify the unpredictable nature of these risks. Environmental risks, driven by extreme weather events and natural disasters, also pose significant challenges. Chng cites a recent landslide in Papua New Guinea and the Singapore Airlines incident as reminders of the growing frequency and severity of such events.
As the insurance sector navigates these multifaceted challenges, the role of the CRO becomes increasingly pivotal. Effective risk management requires a holistic approach, balancing growth ambitions with risk management to ensure sustainable and ethical operations.
“Insurance is about taking risks. The best risk managers are those who understand how to take risks smartly,” Kotanko emphasises. He adds that the most significant incidents often occur in new and unknown territories, highlighting the importance of anticipating and exploring unknown risks. “The best risk managers make a real effort to look around the corner, anticipate, think in scenarios, and have the courage to explore the unknown rather than just manage the known risks.”
In conclusion, APAC insurance CROs are at the forefront of addressing conduct risk, cybersecurity, and business model transformation. Their proactive and adaptive strategies are crucial in navigating the complexities of the modern risk landscape, ensuring sustainable growth and resilience in an ever-evolving market.