A Conceptual Model to Manage Insurers’ Operational Risk

The insurance business has to be done in a prudent manner and under supervision by a regulatory body so that a minimum solvency and the business continuity requirements are maintained. The European Solvency II requirements need an insurer to have in place an effective risk management system. Credit, market, insurance and operational risks are the main categories of risks which an insurance business is facing. In this paper, the Solvency II requirements for risk management, definition of operational risk and the Risk Management Standard ISO 31000:2009 as a useful guideline for managing operational risks are discussed. Operational risk is enterprise-wide risk. It can include classes of risk, such as fraud, security, privacy protection, legal risks, physical (e.g. infrastructure shutdown) or environmental risks. It is shown that ISO 31000 can effectively be applied to manage the insurer’s operational risks. A conceptual model for operational risk management is introduced and the model is tested by a case study.