"We decide day by day which risks we will take" - Interview with Olga Pupashenko
What is your responsibility as Head of Non-Financial Risk Management at ERGO?
In my role I am responsible for operational risk and business continuity management at ERGO. This includes topics such as the internal control system, the quantification of the operational risk capital requirement for the ERGO entities with a Solvency II internal model, collection and analysis of operational losses, project risk governance, third party risk management and business continuity management.
Together with my colleagues responsible for information security and IT risk management we build and maintain the foundation for ERGOs operational resilience. In our 2nd Line of Defense role we develop the respective methodological frameworks, train and support the organization in implementing these frameworks and provide our management with a clear view of our non-financial risks.
Why is Risk Management so important for companies in the insurance business?
In the insurance industry risk is actually our business model. Our product developers, underwriters and sales divisions decide day by day which risks we will take and which not. Our investment departments decide how to invest the money of our customers and thus, to how much risk we expose it. And I can go on and on with examples like this. So risk management is basically an important part of the daily work of almost all of us in the insurance business. That’s why it is in my view, very important that we understand what it is and how we actually do risk management. In the risk management department we set the overall risk management framework and train and support our business units in implementing it. Also we are there to make sure that we as a company do not take risks that exceed our risk-bearing capacity and that could endanger us and our customers. Furthermore, we ensure that we have transparency over the overall risk situation throughout the organization and we support our business units to develop adequate steering and mitigation mechanisms where needed. To sum up – in my opinion, sound risk management is one of the important pillars for sustainable growth in the insurance industry.
What new challenges and trends do you see in Risk Management at the moment?
The world we are living in is constantly changing. Events we once thought were not possible are occuring more and more often – the COVID-19 pandemic, the war in Ukraine, food, energy and economic crises, outages due to successful cyber attacks. All these events come with risks for all of us – as private individuals and as a company – and they make the need for solid risk management and for the company’s financial and operational resilience very important. For us as an insurance company – these developments are not only risks that we need to manage, but also opportunities for further development of new business initiatives and new solutions for our customers. Both in steering the risks arising from these and further threats as well as in the development of new opportunities risk management plays an important role.
Having this background I personally consider the strengthening of the operational resilience and thus of the operational risk management as one of the focus topics and challenges in risk management. In my view this goes hand in hand with the strengthening of the risk culture throughout the organization. Take cyber security for example – human errors are one of the biggest threats to it. So increasing awareness and supporting our employees in understanding what role they play in preventing and managing our risks is, in my opinion, one of our biggest priorities.
Furthermore, IFRS17 and ESG are currently common topics that also involve risk management. Looking at the regulatory side, one of the challenges I see is the harmonization between the different increasing regulatory requirements and the needed support for our organization in order to adequately implement them.
What role do climate change and questions of sustainability play in current Risk Management decisions?
Even if the term ESG has attracted attention over the last few years, ESG risks have long been known and incorporated in our business and risk management decisions. For us at ERGO ESG aspects play an important role – beginning with the development of our products, our investments and many other aspects and decisions throughout our whole value chain including, for example, questions such as do I take the train or the plane on a business trip. Also in risk management this questions play an important role and are integrated in our decision making processes.
Looking into the near future: What will be the main topics in Risk Management within the next five years?
Just to name a few of our topics for the coming years – strengthening our cyber and operational resilience, further incorporating ESG aspects in our da- to-day processes, strengthening the steering of supply and outsourcing chains, further development of our risk models and of course maintaining a healthy risk culture throughout the organization.
Why is risk management an exciting field for you personally? What do you love about it?
Coming to risk management was an eye-opening experience for me – I realized there is so much more out there beyond my horizons. As a curious person I was, and still am, very excited to learn something new every day and enrich my horizons. My day-to-day work also allows me to gain a better understanding of the “big picture” – and this is something I really enjoy. My daily interactions and insights into different topics across our whole organization allow me to gradually better understand where we stand as a company, where we are heading and what we need on the way. For me this is similar to doing jigsaw puzzle or making a model from Lego, which I also enjoy very much by the way.
Another reason why I love risk management is the feeling that our daily efforts have a meaning and have an impact on our organization and on our customers. With our efforts we protect ERGO from excessive risks that may damage us and our customers. Take Business Continuity Management as an example – our team is there to set up the methodology and help our business units identify their time-critical processes, understand the impact on the business if these processes cannot be performed as planned and prepare the so called Business Recovery Plans to guide them through an emergency or a crisis, if it occurs. This also includes preventive measures which help our organization minimize the impact of an emergency or a crisis.
And of course, we don’t do all these things alone in a “laboratory” – our work is characterized by daily interactions with people in various roles and positions throughout our company. Talking to them, understanding their perspectives, helping them understand ours and enabling them to be the risk managers of their own risks is for me one of the most important parts of my job. A part which I enjoy a lot!
So, if you are curious and looking for a new cutting-edge challenge, then risk management at ERGO is definitely worth looking at.
For more insights from Olga Pupashenko tune into her episode of the ERGO Podcast here on actuview: https://www.actuview.com/partner/ergo