Interview: AXA’s op risk head on the group’s risk reforms

Solvency II, the biggest overhaul in insurance regulation for a decade, has pushed insurance companies around the world into changing the way they manage their operational risks. But some insurers – such as Paris-based international insurance group Axa – have found other benefits in the risk management changes required by Solvency II.

“We would have rolled out an operational risk framework even without Solvency II,” says Fabien Chabanon, head of group operational risk management at Axa. “In Axa we have the willingness to have a comprehensive enterprise risk management framework, and this obviously includes a solid risk culture and an advanced operational risk management model.”

Axa has been working with its internal model since late 2005, when it decided to start development. While Solvency II played a part in that decision, there were two more important reasons behind it.

“The first reason we wanted to develop an internal model for our operational risk was to streamline our understanding of the op risk profile of the group; we wanted to understand clearly what we were talking about when we talked about operational risk,” says Chabanon. “There were, and still are, values and initiatives related to operational risk, such as business continuity programmes, IT security issues, compliance, internal audit and Sarbanes-Oxley, and all of them have processes connected to operational risk. But we did not have a clear understanding of where our main and most critical operational risks were, so we wanted to develop a model to better understand this in a consistent and single operational risk framework.”

The second aim was to improve Axa’s economic capital model. “When we started building our economic capital model we integrated operational risk within it, but we considered op risk only with a factor-based approach,” says Chabanon. “We wanted to move away from this and reflect the reality of our operational risk profile in our economic capital model, so this also supported the development of an op risk framework.”

We have defined our strategic risks, as the Solvency II framework requires, and we regard the implementation of any strategic decision as an operational risk

Operational risk is not a well-understood discipline within insurance, Chabanon says, which posed challenges. “We feel that, apart from some of the UK insurance companies, some bancassurers, and a few other insurance and reinsurance players, there is still a lot of progress to be made in the insurance industry to develop mature operational risk frameworks,” he says. “In the industry globally often operational risk is not a well-known topic and can appear a little scary. It is our job to ensure that across Axa it is understood and integrated into our business.”

Chabanon thinks some in the industry fear they will need to develop complex machinery to perform assessments and collect losses. For him, this goes some way towards explaining why operational risk is generally less developed in insurance than in banking. He points out that Basel II has been a driver in promoting op risk frameworks in banks and he hopes Solvency II will do the same for the insurance sector.

When preparing its model Axa consulted the heads of operational risk from several global banks. “We set the banking industry as a benchmark, because when we looked at the Solvency II requirements regarding operational risk it’s fair to say we didn’t have a lot of things relating to op risk. We looked at Basel II and we also met the heads of op risk from some global banks to better understand how they secure their framework.”