TAL.500.042.0079
Contents
CRO Risk Report 1 Update on TDA’s Risk Profile
2 CRO’s Perspective on Key Material Risks and Risk Classes
Appendices A1 Top 10 Key Material Risk – Risk Rating and Trend Analysis
A2 TDA’s Capital Position including Stress Scenarios
A3 Update Project Halcyon
A4 Update on Cyber-Risk Mitigation Plan
11
TAL.500.042.0080
TAL.500.042.0081
Chief Risk Officer's Report - Executive Summary
Overall the Risk Office is comfortable that TAL is broadly operating within the Board's Risk Appetite and TAL's capital position remains strong.
Key Points:
•
•
•
•
Risk Appetite Upgrade
- More tangible and actionable
Required embedment into business through ongoing communication and integration with Operational Risk initiatives
Regulatory ActM ty
- APRA Prudential Review on T Al's Operational Risk Management
- Ernst & Young (EY) Independent Comprehensive Review of TAL's Risk Management Framework (Prudential Standard CPS 220 Risk Management)
Cyber Security
- Crisis Management workshop held with Executive T earn
Outsourcing/Offshoring
- Significant reliance on new outsource providers over the coming months (in particular Tech Mahindra)
- Requires active and thorough oversight and governance
- Pilot use of Sykes for additional Direct sales call monitoring
Commercial in Confidence
TAL 12
TAL.500.042.0082
Risk Profile and Regulatory Matters
Risk Profile - Key Insights
• In order to mitigate adverse impacts from a Cyber-Risk event, an inaugural Crisis Management Exercise with the Executive Team was initiated by the Risk Management Resilience and Security Team and facilitated by Symantec. The exercise included scenario based training with focus on crisis communication, regulatory involvement and the use of cyber insurance. As a follow-up action item, TAL will develop a Cyber-Response Plan that details actions from cyber-attacks and ties into the Crisis Management Framework.
- An update on cyber-risk assessment and remediation plan is attached as Appendix A4.
Regulatory Matters
• APRA feedback letter from their Prudential Review on Operational Risk requires TAL's Executive Team and Board to proactively oversee the risk management remediation program to ensure effective and timely implementation of issues identified by APRA and in the EY report (refer to separate paper).
Commercial in Confidence 13 TAL
TAL.500.042.0083
CRO's perspective on Key Material Risks in regard to TAL's Risk Classes and in the context ofTAL's strategic priorities
Risk Class Rating C t KMR R k H' h I I St t . M't' t' & Outlook om men an 19 - eve ra eg1c 1 1ga ion
Strategic
Fiduciary
Insurance •
Operational
5
Heightened importance Customer/ • Service improvement plan - focus on improving new business processes and systems of the right business Partner 2 • Analysis of product designs and operations in response to industry challenges culture which _E_x~p_e_ri_e_n_c_e ____ • __ T_A_C_u_p_g_r_a_d_e _____________________________ _ engenders appropriate • Management review of business value chain and looking at sustainable sales and marketing business activities and Conduct 4 practices, product design, legacy products and process integrity behaviours • Development of a TAL Culture Plan
Requires constant awareness
Combination of strategic execution initiatives & embedding changed Business Operating Model
Claims Experience
Strategic Change
Management
Organ is. Capability
Resilience & Security
9
6
7
• Claims 2020 program designed to develop world leading claims management • Pro-active in the market involving product terms and conditions • Disruptive innovation mandate is to reinvent risk assessment with the intent of transforming the
underwriting and claims experience
• Strategic capabilities being built around people, technology, service & value chain efficiency • Continued enhancement of governance, benefit realisation management & risk management of
strategic portfolio execution
• People and Culture strategy - developing remuneration & benefits, leadership strength & development, talent and skills to meet future state business needs
• Productivity and efficiency strategies • Operational Risk maturity program • Crisis Management scenario planning session
10 • Information Security Risk training for roll-out in 2017 • Upgrading cyber resilience
Commercial in Confidence Level of significance is 'on watch' -additional risk factors may be emerging
Level of significance will remain at this /eve/ in the next 3-6 months TAL 14
At: TOP 10 Key Material Risks (1/2) Risk rating and trend analysis
TAL.500.042.0084
Risk Title Risk Description --- . . Current Insights
1 Strategic
2 Fiduc iary
3 Strategic
4 Fiduc iary
5 Strategic
Individual Life The risk that T~L does not Distribution succes~fully m1grat~ to. an .
appropriate future d1stnbut1on model
Customer & Partner Experience
Competitive Landscape
Conduct
Brand Damage
The risk that T AL does not deliver on its customer/partner service promise
The risk of disruption to the traditional financial services market as a result of significant innovation, emergence of non-traditional players and/or a current competitor's activity is more effective
The risk that business activities along the value chain are not carried out in a way that fulfils legal or expected obligations and are not in line with TOA values and organisational culture
The risk of loss resulting from damages to T Al's reputation and/or brand as a result of an event that jeopardises perceptions of I confidence in T AL (regulator, customer, shareholder perspective)
Commercial in Confidence
I
High
High
High
I
Medium
• Delay in effective date of Life Insurance Framework • Need to reassess Direct product offering and targets
• Customer service improvement plan has been established & exploring operating model options
! • Focus on ensuring customer experience matches the On watch brand promise
• Increase in Retail submissions volume places strain on operational capability (high suspense rates)
• Most of our competitors are investing in their digital capabilit ies
• In Retail, competitor activity is increasing, with a number of pricing and underwriting offers in the market (MLC with strong quarter)
• Stronger competition for tenders in the Group market • Some competitors are reducing their Direct presence
(e.g . Clearview, MetLife)
• Media, regulatory, polit ical and advocate focus • Importance of having the right business culture - failure
on this front has the potential to threaten overall strategic success
• The imperative of building trust in T Al's brand given the potential contagion impact if media and/or regulatory focus shift directly onto T AL
• Brand launch well received but market under intense
Medium ! scrutiny On watch • On watch for any contagion risk from actual or
perceived misconduct
15 TAL
Al: TOP 10 Key Material Risks (2/2) Risk rating and trend analysis
Risk Title Risk Description ~-~ - .. Failure to effectively execute the
Strategic 6 Operational Change
strategic initiatives & projects High ¢> designed to deliver strategic
Management benefits
I
The risk that T AL does not have the
7 0 f
1 Organisational requisite systems, processes and
Medium !
pera iona Capability people to deliver the strategic On watch change programme
Customer The risk that T Al's strategic
¢> 8 Strategic Behaviour
offering does not accommodate Medium changing customer behaviour
Claims The risk of sustained unfavourable ¢> 9 Insurance Experience claims experience
Medium
0 f
1 Resilience &
The risk that T Al's business & ! 10 pera iona Security physical resilience systems are High
On watch compromised
Commercial in Confidence 16
TAL.500.042.0085
Current Insights
• Multiple crit ical technology I business programs are required to execute the strategy
• Significant amount of new product and proposition development (product design and underwriting)
• Delays in developing new retirement income product
• Significant change programme across T AL to enable organisational capability evolution to deliver on strategy
• Capacity impact given resources involved in multiple projects (Outsourcing, Offshoring, Claims 2020, operating models)
• Execution and monitoring of outsourcing initiatives plus flow-on effects
• Execution of Operational Risk improvement program
• Increased customer knowledge leads to customer changing channels
• Addressing needs by way of Enterprise Self-Service, delivery of future state distribution model, consolidated Digital strategy, Service Excellence
• Management of the Retail IP book is challenging reflecting a common industry issue
• Continued focus and improvement in claim management disciplines, adjustments to legacy pricing and, longer-term, changes to product design and underwriting
• Claims 2020 programme to drive improved health outcomes
• Potential to change behaviours as a result of regulatory and other scrutiny
• Information Security; Risk upgrades to improve cyber position
• Information Security Risk training in preparation
TAL
TAL.500.042.0086
Commercial in Confidence 17 TAL
TAL.500.042.0087
Commercial in Confidence 18 TAL
TAL.500.042.0088
Commercial in Confidence 19 TAL
TAL.500.042.0089
Commercial in Confidence 20 TAL
TAL.500.042.0090
A4 Cyber Risk Assessment and Mitigation plan (1/2)
Commercial in Confidence 21 TAL
TAL.500.042.0091
A4 Cyber Risk Assessment and Mitigation plan (2/2)
Commercial in Confidence 22 TAL
Top Related