Identification, measurement, evaluation, monitoring and reporting of risk and implemented management actions ensure ongoing adequacy and effectiveness of the risk management system. The risk management process in PZU Group consists of:
- identification – beginning with the proposal to commence the creation of an insurance product, acquire a financial instrument, change the operating process, as well upon the occurrence of any other event which potentially results in a risk. The identification process takes place until the expiry of the liabilities, receivables or activities related to the given risk. Identification of risk consists in the identification of actual and potential sources of risk, which are later analysed in terms of significance;
- measurement and evaluation of risk – depending on the characteristics of the given risk type and the level of its significance. Risk is measured by specialised units. The risk unit in each company is responsible for the development of tools and measurement of risk in terms of risk appetite, risk profile and tolerance limits;
- monitoring and control of risk – consist of ongoing analysis of deviations from benchmarks, i.e. limits, thresholds, plans, prior period values as well as recommendations and guidance issued, conducted by dedicated units;
- reporting – it allows for effective communication on risk and supports risk management on various decision-making levels;
- management actions, including i.a. risk avoidance, risk transfer, risk mitigation, determination of risk appetite, risk level acceptance as well as supporting tools, such as limits, reinsurance programs as well as underwriting policy reviews.
Two levels are distinguished in the risk management process:
- the PZU Group level – it ensures that PZU Group implements its business objectives in a safe way which is adjusted to the scale of risk involved. This level involves the monitoring of limits and specific types of risk occurring in business lines, e.g. collective catastrophe risk, entire exposure of PZU Group to financial risk or counterparty risk. PZU Group ensures support in the implementation of coherent risk management standards and monitors their implementation. Dedicated employees from PZU Group cooperate with Management Boards of the companies and with management of such areas as finance, risk, actuary, reinsurance, investment;
- the company level – it ensures that the company implements its business objectives in a safe way which is adjusted to the scale of risk involved. This level involves the monitoring of limits and specific types of risk occurring in the given company and implementation of the risk management process at the level of the single company (both in terms of local legal regulations and standards of PZU Group).