Risk management process

PZU bases its risk management process on two levels: the PZU Group and its various member entities. This system ensures that the PZU Group’s business objectives are attained in a safe manner adapted to fit the scale of the risk incurred.

  • PZU Group level – ensures that PZU Group implements its business objectives in a safe way which is adequate to the degree of risk involved. This level engages the monitoring of limits and specific risks to PZU Group, such as: catastrophe risk, financial risk, counterparty risk, or concentration risk. PZU Group provides support in implementation of the integrated risk management system which encompasses introducing consistent mechanisms, standards, and operational organization of an effective internal control system (with special focus on compliance function), risk management system (especially in the reinsurance area), and security management system at PZU Group, as well as monitors their on-going operation. Dedicated employees from PZU Group cooperate with Management Boards of the companies and with management of such areas as finance, risk, actuary, reinsurance, investment, and compliance, under relevant cooperation agreements;
  • solo level – ensures that a given PZU Group entity implements its business objectives in a safe way, adequate to the degree of risk involved by this entity. As a part of the integrated risk management system, PZU Group implements consistent mechanisms, standards, and operational organization of an effective internal control system (with special focus on the compliance function), risk management system (especially in the reinsurance area), and security management system.

Identification

Begins with the proposal to commence the creation of an insurance product, acquire a financial instrument, change the operating process, as well upon the occurrence of any other event which potentially results in a risk. The identification process takes place until the expiry of the liabilities, receivables or activities related to the given risk. The identification of market risk involves recognising the actual and potential sources of such risk which are then identified as to their relevance.

Risk measurement and assessment

Risk measurement and assessment are performed depending on the characteristics of the given risk type and the level o its relevance. The risk assessment is performed by specialised units. In every company, the risk unit is responsible for development of risk assessment tools and risk assessment process to the extent which specifies risk appetite, risk profile and risk tolerance levels.

Risk monitoring and control

This involves ongoing reviews of any variances from the assumed parameters, namely limits, thresholds, plans, values from the previous period, recommendations and guidelines issued.

Reporting

Allows efficient risk communication and supports risk management at various decision-making levels.

Management actions

These activities encompass among others risk mitigation, risk transfer, risk avoidance, specifying risk appetite, acceptance of risk tolerance levels, as well as tools which facilitate such activities, i.e. thresholds, reinsurance plans and reviews of underwriting policy.