PRA highlights cyber risk, D&I and claims inflation in 2023 priorities
The PRA's Charlotte Gerken and Shoib Khan have written to insurer chief executives to say the PRA intends to work with firms to 'enhance practice and better manage' non-catastrophe risks, such as cyber and other emerging risks
Senior officials warn of ‘immature’ cyber exposure management, claims inflation pressures and outline plans for new D&I framework
The Prudential Regulation Authority (PRA) will look to improve insurers’ “immature” management of cyber risk and other non-catastrophe risk exposures this year.
Outlining the regulator’s supervisory priorities for 2023, officials at the UK regulator also highlighted climate change, claims inflation, diversity and inclusion (D&I) and regulatory reform as key areas of focus.
In a letter to chief executives, PRA executive director, Charlotte Gerken, and director Shoib Khan said the PRA would work with firms to “enhance practice and better manage” non-catastrophe risks, such as cyber and other emerging risks.
It follows recent work by the PRA that found exposure management by insurers in this area “remains immature”.
“Insurers, particularly those operating in the London market, will see this risk continue to grow and evolve as portfolio composition shifts towards casualty classes,” Gerken and Khan said in the letter.
Firms that are not able to calculate the scale of potential losses from non-natural catastrophe risks or establish commensurate risk management measures risked exposure to outsized losses and may underestimate capital requirements, they warned.
The letter also warned of the continued pressure of claims inflation this year on general insurers.
The uncertainty surrounding the expected severity and duration of claims inflation gives rise to additional uncertainty regarding future settlement costs, the officials said, pointing out the impact of claims inflation differs by line and by geography.
“Therefore, we expect general insurers to factor general and social inflation risk drivers into their underlying pricing, reserving, business planning and capital modelling,” they said in the letter.
The financial risks arising from climate change will be another area of focus for the PRA this year. Climate change continues to present an “increasing, material risk to firms and the financial system”, the officials said.
The regulator has previously provided feedback on insurers’ progress in managing the financial risk from climate change in its climate biennial exploratory scenario exercise.
Firms’ ability to meet expectations will be “assessed on an ongoing basis through supervisory engagement, firm-specific deep dives and thematic work”, the officials said.
“We expect firms to be able to demonstrate how they are responding to our expectations and to set out the steps they are taking to address barriers to progress,” Gerken and Khan said. “We will keep a range of supervisory tools under review where we consider firms are not adequately addressing risks or are making insufficient progress.”
On D&I, the PRA plans to issue a consultation paper setting out proposals to introduce a new regulatory framework on diversity, equity and inclusion in the financial sector later this year.
And on government plans to overhaul financial services regulation, the PRA will “engage constructively” on reforms to Solvency II ahead of a formal consultation, Gerken and Khan said in the letter.
In addition, the regulator’s supervisory approach will be updated to reflect a new secondary competitiveness and growth agenda for the PRA if it is passed into law, as part of the Financial Services and Markets Bill.
Other areas of focus outlined in the letter include exit plans for insurers, operational resilience and the adequacy of insurers’ risk management and control frameworks.
“Insurers need to adapt to changes that threaten to disrupt business models, while maintaining high standards of governance, risk management and resilience that result in their continued provision of vital insurance services to the real economy,” Gerken and Khan said.