Is your enterprise risk management framework climate-ready?

Perspectives

Is your enterprise risk management framework climate-ready?

Emerging regulatory expectations for insurers

With increasing global, national, and local climate regulations, insurers must increase their focus on climate change risk management. Explore our sustainability, climate, and equity (SC&E) risk framework for insights on the seven key areas where climate risk and regulations will have the most impact on an organization.

Climate regulations impact insurance and risk management

It’s not easy to keep track of the evolving regulatory landscape for climate issues. Multiple international bodies have recently issued guidance and requirements, which can affect US financial companies as well. In the United States, it is well known that the forthcoming Securities and Exchange Commission (SEC) rule could greatly change how public companies approach climate risk analysis and reporting. For American insurers, there is the additional variable of state-level laws, the interpretation and enforcement of which by state insurance regulators matter even more than federal actions. 

A high-level view of the current environment of state-level climate regulations for insurers is presented here, using the guidelines from the New York Department of Financial Services (NYDFS) as the main example. These expectations align with the determination of the International Association of Insurance Supervisors (IAIS) that climate change is a material risk for the insurance industry.

A climate risk management framework

To clarify the different ways climate risk regulations can impact an insurer, we will organize the NYDFS’s insurance industry expectations according to Deloitte’s sustainability, climate, and equity (SC&E) risk framework. The climate risk management framework reflects the seven main areas where climate risk and climate regulations have the most impact on an organization: governance and policy; risk strategy and appetite; risk assessment, measurement, and analytics; monitoring and reporting; product risk management; risk data and systems; and risk operating model, people, and culture.

Is your enterprise risk management function climate-ready? | Emerging regulatory expectations for insurers

  • Expand all
  • Collapse All

An insurer’s board is the beginning and end of the climate risk oversight operation and is an essential piece of developing a climate risk framework, climate expertise, and continuous oversight. To start with, boards should establish a robust plan that highlights key timelines, internal and external stakeholders, and interdependencies. Details on the company’s implementation plans and pathway to meeting the expectations relating to organizational structure were to be in place as of August 15, 2022. Board governance includes the following points:

  • The guidance envisions a board deeply involved with climate risk considerations, one that is actively engaged and ready to tap into and communicate risks at any time, more so if climate risk is considered a material risk to the insurer’s position or is expected to be so in the future.
  • This board must designate a member or committee to be responsible for overseeing climate risks to ensure that the board can understand and actively manage the ongoing threat and impact of climate risk for the long term, not just for a three- to five-year time horizon.
  • Insurers should not limit climate expertise to one individual at the executive and board level. NYDFS recognizes that climate change could affect operations and businesses across the company, and this reality demands multiple senior management individuals who develop or have expertise in responding to climate risk.

NYDFS also expects each insurer to designate one or more members of its senior management to manage climate risks. As an alternative, NYDFS suggests a cross-functional committee of senior management.

NYDFS advises companies to proactively manage climate risk through existing enterprise risk management (ERM) functions. So that climate risk doesn’t become a superficial exercise, the goal should be to embed climate risk metrics in the overall risk appetite framework and to be used to inform decision-making.

NYDFS also expects insurers to undertake robust examination of a “full range of potential future outcomes and consider forward-looking data” in their risk analysis. Risk functions will need to become fluent in the climate risk activities for adjusting to analysis results and material risk changes over time. Such an expansive approach can stave off or reduce the potential for higher losses stemming from underestimation of future extreme weather events, or from failing to understand the connections between transition and physical climate risks.

The NYDFS guidance, like similar documents from other bodies, sees a quantitative scenario analysis function as an ideal way for insurers to understand and plan for climate risk. Insurers’ risk functions should start to think about what this would look like, even if in a highly preliminary state, as eventual maturation into a quantitative and repeatable scenario analysis process is the goal. Early iterations of climate risk scenario analysis are expected to be qualitative in nature.

Whether qualitative or quantitative, the NYDFS says an insurer should be able to understand and address material climate risks.

The transformations mentioned previously will need to be reflected in reporting documents, including own risk and solvency assessment (ORSA) filings with state regulators. Insurance companies should work toward being able to describe how climate risks are identified, categorized, managed, and monitored in disclosures, including details on assessment tools and methods used. To meet the emerging expectations, insurers should establish a dynamic and well-rooted reporting plan that highlights key timelines, internal and external stakeholders, and interdependencies.

Keeping with the trend, an insurer’s analysis of climate risks and assessment of their materiality for its business should shift from a qualitative approach to an approach that is both qualitative and quantitative over time, which will become necessary for risks that are quantifiable and as more data becomes available through modeling, research, and statistical resources.

Climate risk is present in many business activities, product development not the least among them. Deloitte’s SC&E risk framework emphasizes product risk because 1) products are the economic motor of an organization, and 2) the climate risk inherent in insurance products is a new and important frontier for much of the industry. It will be important for organizations such as life insurers, health insurers, and reinsurers to understand, as quantitatively as possible, how climate risk can impact the profitability and effectiveness of products.

Climate’s impact on products may present an opportunity for insurers to capitalize on new markets, customers, and technologies that need risk transfer products. Specializing early will facilitate a competitive edge in an environment of economic transition to a low-carbon economy.

For many insurance companies, the technological aspect of measuring and tracking various climate metrics—and socializing them in a way that impacts decision-making—is perhaps the area in need of the most improvement. The field is relatively new and rapidly evolving, with few leading practices or universal standards to use as guideposts.

Yet as stated before, uncertainty does not justify inaction. Insurers should be building internal expertise on relevant climate data sources and systems, as well as identifying process owners. From there, the organization’s climate subject-matter experts should work to identify information technology (IT) system assumptions and limitations that affect measurement, tracking, and reporting of key metrics.

As an end state, the goal should be a battery of flexible climate systems that can adapt to changing standards of technology and data, as well as defined internal process and general IT controls that help mitigate climate-related risks.

Many insurers will need to transform at least some of their internal operations to meet the expectations touched on previously, which will transition over time from suggested actions to required ones. The seven-part SC&E risk framework provides a helpful first view, by organizing guidance from a regulator such as the NYDFS into operational components familiar to most corporate environments.

From there, an insurer will likely need to plan on internal transformation and realignment to content with climate challenges. Deloitte’s sustainability and climate journey for insurers map is a more detailed view of the steps needed to become an insurance company of the future.

Climate risk regulations are constantly evolving around the world as societies respond to the threats posed by climate change, and to the economic realities of rapid decarbonization. These are some of the latest developments for insurers in the US market as of the summer of 2023: 

  • The NYDFS is currently studying the level of compliance with their climate risk guidance, which we discuss in this paper. NYDFS will issue a report, though the timeline for publication has not been disclosed.1
  • Revisions are currently underway for the National Association of Insurance Commissioners (NAIC) to incorporate climate risk considerations into the Financial Condition Examiners Handbook and Financial Analysis Handbook. These changes are intended to be finalized and adopted in 2023, with a goal to have them included in the 2024 publications of the handbooks. The NAIC’s Own Risk and Solvency Assessment (ORSA) subgroup is considering if these changes should be extended to ORSA report requirements.2
  • There is action at the federal level, too: starting in 2022, the US Department of the Treasury’s Federal Insurance Office (FIO) suggested collecting and analyzing property and casualty insurance data to better understand the industry’s climate risk vulnerabilities.3
  • The FIO unveiled its report on climate-related issues and gaps in insurance supervision on June 27, 2023.The FIO acknowledges that the NAIC and numerous state regulators have taken important steps toward incorporating climate risk considerations into the industry. Additionally, the FIO shared twenty recommendations, which include: the NAIC should continue focusing on climate and developing their efforts, and that “all state insurance regulators…develop and adopt climate-related risk monitoring guidance appropriate for their markets, which should include expectations for insurers to incorporate climate-related risks into their annual financial planning, as well as into their long- and short-term risk management processes...”

 

Per discussions with representatives of the NYDFS, Climate Division, in June 2023. www.dfs.ny.gov
NAIC Climate Resiliency Task Force, March 24, 2023, meeting minutes. https://content.naic.org/sites/default/files/national_meeting/CRTF_MinutesPacket.pdf; and discussions with NAIC representatives in June 2023. 
US Department of the Treasury, “Treasury’s Federal Insurance Office Takes Important Step to Assess Climate-related Financial Risk – Seeks Comment on Proposed Data Call,” October 18, 2022.
https://home.treasury.gov/news/press-releases/jy1030
US Department of the Treasury, “Insurance Supervision and Regulation of Climate-Related Risks,” June 27, 2023. https://home.treasury.gov/system/files/136/FIO-June-2023-Insurance-Supervision-and-Regulation-of-Climate-Related-Risks.pdf.

Planning for climate change risk management

In addition to NYDFS’s guidelines, other states are converging on climate risk standards for insurers, and insurance companies need to be knowledgeable about their climate risk exposures. Insurers will be expected by regulators, as well as other important stakeholder groups including customers, to have a coherent narrative about their environmental impact, exposure to and measurement of physical and transition risks, and strategies to mitigate risks and capitalize on opportunities. 

With past and forthcoming guidance from the National Association of Insurance Commissioners’ (NAIC) climate risk disclosure survey, the proposed SEC climate disclosure rules, and the other sources of guidance discussed previously, a picture of the next generation of risk management disclosure for climate is coming into focus. It is important for firms to consider their enterprise risk management framework, the impacts of climate on their business models, and how to enable accurate disclosure. 

The ideal time to begin working toward that future state is now, before regulatory requirements harden. With the right frameworks and advisers, a journey to a leading position in sustainability is within reach.

Get in touch

Brandon Righi
Manger in Risk and Financial Advisory
Deloitte & Touche LLP
brrighi@deloitte.com

   
Did you find this useful?