Rethinking ERM: Strategic Best Practices for Insurers

Executive Summary

Enterprise Risk Management (ERM) frameworks have long been considered essential for aligning risk oversight with organizational objectives. However, a recent analysis from Carol Williams at Strategic Decision Solutions challenges the assumption that established ERM best practices always deliver optimal results. The article highlights how traditional ERM approaches, often inherited from early risk management paradigms and standardized frameworks such as ISO 31000 and COSO, may fall short in creating strategic value, especially when applied rigidly or treated as isolated functions separate from core business operations.

For insurance professionals, this perspective offers a timely opportunity to reassess how ERM is integrated within their organizations. The insurance sector, inherently risk-centric yet increasingly driven by strategic agility, benefits from ERM models that go beyond compliance checklists and risk silos. By adopting more dynamic, objective-focused, and culturally adaptable ERM practices, insurers can enhance decision-making, better anticipate emerging risks, and ultimately improve both underwriting performance and operational resilience.

Key Insights

• Legacy ERM Best Practices May Limit Strategic Value

  Many ERM “best practices” originated when risk management was primarily about loss prevention through insurance and mitigation, rather than supporting strategic objectives. Relying heavily on frameworks like ISO 31000 or COSO without adapting them to an insurer’s unique context can create a superficial risk dialogue that fails to influence business strategy meaningfully.

• ERM Must Be Objective-Centric, Not Just Risk-Centric

  Modern ERM should emphasize the achievement of strategic objectives rather than focusing solely on the identification and control of risks. This shift encourages insurance leaders to view risks as integral to opportunity management, fostering a more balanced approach to underwriting innovation, product development, and market expansion.

• Integration With Business Operations Is Critical

  Treating ERM as a separate exercise disconnected from daily business processes reduces its effectiveness. Insurance companies must embed risk considerations into routine decision-making, underwriting, claims handling, and capital management to ensure ERM adds tangible value rather than being a compliance burden.

• Soft Skills and Cultural Fit Are Essential for ERM Success

  Beyond technical risk skills, ERM professionals in insurance need emotional intelligence, a growth mindset, and openness to diverse approaches. These qualities enable effective collaboration across departments and help tailor ERM initiatives to the company’s culture, enhancing adoption and impact.

• Emerging Alternatives to Traditional Risk Functions

  The article references the concept of a Performance Strategy Office as a more holistic alternative to traditional Project Management Offices, which may have parallels in insurance risk management. Such structures focus on aligning performance metrics with strategic goals, potentially offering insurers new ways to integrate ERM with business execution.

Insurance Industry Applications

• Underwriting and Product Development: Insurers can use an objective-focused ERM approach to evaluate emerging risks tied to innovative products such as cyber insurance or parametric policies. This allows them to balance risk appetite with growth ambitions more effectively.
• Capital and Solvency Management: Embedding ERM within capital allocation decisions ensures that risk exposures align with strategic priorities and regulatory requirements, improving solvency management and stakeholder confidence.
• Claims and Operational Risk: Integrating ERM into claims processes helps identify patterns of operational risks and fraud, enabling proactive mitigation rather than reactive responses.
• Cultural Alignment and Talent Development: Insurance firms should invest in ERM training that emphasizes emotional intelligence and adaptability, fostering a risk-aware culture that supports continuous improvement and strategic agility.
• Strategic Risk Governance: Consider establishing or evolving risk governance bodies to function like Performance Strategy Offices, linking risk oversight with business performance metrics and strategic initiatives.

Conclusion and Recommendations

The insurance industry stands to gain significantly by reevaluating traditional ERM best practices and shifting toward more strategic, integrated, and culturally aligned risk management models. Insurers should avoid one-size-fits-all frameworks and instead customize their ERM approaches to align closely with business objectives and operational realities. Investing in soft skills development for ERM professionals and fostering cross-functional collaboration will enhance the effectiveness of risk management initiatives. Finally, exploring innovative governance structures that bridge strategy and risk execution can drive better outcomes in a complex and evolving risk landscape.

Insurance leaders and risk practitioners are encouraged to engage with the ongoing discourse on ERM evolution, such as the conversation initiated in this insightful article from Strategic Decision Solutions.

By embracing these insights, insurance organizations can transform ERM from a compliance exercise into a strategic enabler that supports sustainable growth and resilience.

Original Source: https://strategicdecisionsolutions.com/are-erm-best-practices-really-best