The Insurance Bureau of Canada (IBC) and the Canadian Life and Health Insurance Association (CLHIA) have both declined to comment when asked for the industry’s perspective, after Superintendent Peter Routledge, from the Office of the Superintendent of Financial Institutions (OSFI), spoke recently about the regulator’s expectations that companies analyze and report their catastrophic exposures – including earthquake risks.
He says the regulator expects insurers to measure their catastrophic risk exposures – reporting that they must do under Guideline B-15, the Standardized Climate Scenario Exercise (SCSE) and Climate Risk Returns.
At the recent conference hosted by Reuters Events, Routledge further indicated that a large number of property and casualty (P&C) insurers and an even larger number of life insurers had no climate risk analysis experience prior to the guideline’s introduction.
More, the superintendent’s comments would seem to suggest there may be future reporting obligations as the regulator begins to additionally incorporate its understanding of earthquake risk analysis.
Geospatial analysis
“Less than half of the property and casualty (P&C) insurers reported having experience with climate scenario analysis prior to the SCSE. This number is even lower for deposit-taking institutions and life insurers,” Routledge told those gathered at the recent Future of Insurance conference. “Our work also revealed that outside of the P&C sector, very few financial institutions precisely geocode their exposures,” he adds. “Geospatial analysis is foundational for assessing the exposure and vulnerability of assets and is essential to ensuring that these risks are accurately measured and appropriately priced.”
The conversation then turned to catastrophic risks, including earthquake risks. “We see a lot of synergies and ways we can apply lessons learned in trying to improve the quantification of climate-related physical risks to what we’re learning on earthquake risks,” he said.
Although on the face of it, earthquake risk would appear to be a new measure, OSFI representatives say the comments do not allude to new obligations or possibly future reporting obligations - OSFI’s expectations related to managing climate-related and earthquake risks can be found in Guideline B-15: Climate Risk Management, published in 2023, and Guideline B-9: Earthquake Exposure Sound Practices, a guideline published in 2013.
The IBC and the CLHIA also both declined to comment on what the industry’s efforts to comply look like.
Integrity and security threats
Returning to the conference, integrity and security threats were also identified by the superintendent as being key supervisory priorities.
“Geopolitical instability, fast-moving technologies and third-party reliance makes financial institutions vulnerable to cyber attacks, state-linked interference and integrity-related risks. These threats are not hypothetical,” he told the group gathered.
Regarding artificial intelligence (AI), he says this also increases multiple risk types, both internally and externally. Risks include model risk, operational risk, legal and reputational risk. Externally, he adds, malicious actors are also increasingly using AI tools to carry out cyber threats, fraud, and geopolitical interference.
“It is my view that the balance of AI risks skews to the external environment and institutions should be bold in their adoption of AI, particularly in areas like fraud detection and cybersecurity,” he says. “Nevertheless, institutional governance and control must keep pace with deployment.”