Skip to main content Accessibility help

Enterprise risk management for health insurance from an actuarial perspective

  • G. C. Orros and J. Smith


This paper focuses on Enterprise Risk Management (ERM) and strategic business management for health insurance companies in our world of ‘unknown unknowns’ and the emergence of unexpected risks over time. It illustrates how Chief Risk Officers (CROs) can focus on ‘risk and opportunity management’ through an ERM framework, and thereby balance risks against opportunities, whilst being resilient against ‘unknown unknowns’ and their emergence over time as ‘known unknowns’ and ‘known knowns’. The paper has been designed to meet the broad requirements of health insurers that would like to implement an ERM framework for the effective risk management of their health insurance lines of business. Risk management for health insurers in the context of Solvency II and broader European Commission regulatory requirements is also discussed. The authors discuss how insurers can develop and apply risk management to build resilience in the face of the storms and shocks that may lie ahead.


Corresponding author

*Correspondence to: George Orros, BA, MSc., MBA, FIA, FCII, C.Stat, Chartered Insurer. E-mail: Postal address: care of Institute and Faculty of Actuaries, Staple Inn, High Holborn, London WC1V 7QJ.


Hide All
Braz, R., Barger, D., Geller, K., Kicklighter, L., Midgeley, M.S., Shostek, K., Ulmer, E.G., Nakamura, P.L. (2006). Enterprise Risk Management Monograph. American Society for Healthcare Risk Management, USA.
Cabinet Office (2002). Risk Improving Government's Capability to Handle Risk and Uncertainty. Strategy Unit, Cabinet Office, London, UK.
CEIOPS (2009). Consultation paper no. 72 – Draft L2 advice SCR Standard Formula – Calibration of Health Underwriting Risk, available at:
CEIOPS (2010a). CEIOPS’ Advice for Level 2 Implementing Measures on Solvency II: SCR Standard Formula Calibration of the Health Underwriting Risk, published as CEIOPS-DOC-68/10 available at:
CEIOPS (2010b). QIS-5 Technical Specifications: Annex to Call for Advice from CEIOPS on QIS-5. Available at:
CEIOPS (2010c). Solvency II Calibration paper, published as CEIOPS-SEC-40-10. Available at:
Chapman, R.J. (2006). Simple Tools and Techniques for Enterprise Risk Management. John Wiley & Sons Inc., New Jersey, USA.
Competition Commission (2000). British United Provident Association Limited and Community Hospital Groups Plc.: A Report on the Proposed Merger. Competition Commission, London, England.
COSO (2004a). Enterprise Risk Management – Integrated Framework, Application Techniques, COSO. (The Committee of Sponsoring Organisations of the Treadway Commission), September 2004.
COSO (2004b). Enterprise Risk Management – Integrated Framework, Executive Summary, COSO (The Committee of Sponsoring Organisations of the Treadway Commission), September 2004. Available at:
Day, G.S. (2007). Is it Real? Can we Win? Is it worth doing?: Managing Risk and Reward in an Innovation Portfolio, Harvard Business Review, December 2007.
Department of Health (2000). An Organisation with a Memory: Report of an expert group on learning from adverse events in the NHS chaired by the Chief Medical Officer. HMSO Stationery Office, London. Available at:
Deighton, S.P., Dix, R.C., Graham, J.R., Skinner, J.M.E. (2009). Governance and Risk Management in United Kingdom Insurance Companies. British Actuarial Journal, 15(3), 503572.
Dexter, N., Ford, C., Jakhria, P., Kelliher, P., Mccall, P., Mills, C., Probyn, A., Raddall, P., Ryan, J. (2006). Quantifying Operational Risk in Life Assurance Companies, Life Operational Risk Working Party, Institute and Faculty of Actuaries. Available at:
Disney, H., Horn, K., Hrobon, P., Kilmarnock, A., Mihm, A., Mingardi, A., Philippe, C., Smith, D., Van Den Broek, E., Verhoeks, G. (2004) Impatient for Change: European Attitudes to Healthcare Reform. The Stockholm Network. Available at:
Elliot, S., Abbey, T. (2010) Health and Care; Good Practice for Internal Models: A Closer Look at Solvency II. Institute and Faculty of Actuaries Health and Care Conference, April 2010. Available at:
European Commission (2010). April 2010: Fifth Quantitative Impact Study: Consultation on Call for Advice and Technical Specifications. Available at: Draft technical specification available at:
Foubister, T., Thomson, S., Mossialos, E., Mcguire, A. (2006). Private Medical Insurance in the United Kingdom. WHO Regional Office for Europe, Copenhagen, Denmark.
Garratt, R. (2003). The Fish Rots from the Head: The Crisis in our Boardrooms – Developing the Crucial Skills of the Competent Director. Profile Books Ltd, London, England.
Grönroos, C. (1984). A Service Quality Model and its Marketing Implications. European Journal of Marketing, 18(4) 1984, pp. 3644.
Mcnamee, D. (2004). Risk Reflections: based on his extensive experience. Internal Auditor, October 2004. (Report of an Interview). Available at:;col1
National Health Service Litigation Authority (2006). Framework Document. Available at:
National Institute for Clinical Excellence (2007). Risk Assessment at work: Practical examples in the NHS. Available at:
Orros, G.C. (2007a). Risk Sharing Models for Private Healthcare Insurance. IAAHS Colloquium paper, May 2007. Available at:
Orros, G.C. (2007b). ERM Literature Review. GIRO 2007 Convention. Actuarial Profession. Summary paper available at:, where “ERM Literature Review” is Appendix 1A and Appendix 1B and are available on request from
Orros, G.C., Howell, J.K.A. (2006). Value Innovation for insurance and financial services firms. Available at
Orros, G.C., Smith, J. (2009). Health at Risk. The Actuary, December 2009, pp 25-27. Available at
Roberto, M.A., Bohmer, R., Edmonson, A.C. (2006) Facing Ambiguous Threats. Harvard Business Reivew. November 2006.
Rumsfeld, D. (2002) Department of Defense News Briefing. 12 February 2002. Available at:
Scally, G., Donaldson, L.J. (1998). Clinical Governance and the Drive for Quality Improvement in the New NHS in England. British Medical Journal, 317, July 1008. Available at:
Standard & Poor's (2005). Insurance Criteria: Evaluating the enterprise Risk Management Practices of Insurance Companies. Standard & Poor's, McGraw Hill, USA.
Taleb, N.N. (2004). Fooled by Randomness: The Hiden Role of Change in Life and in the Markets, 2nd Ed. The Random House Publishing Group 2005. Penguin Books 2007, London, England.
Taleb, N.N. (2007). The Black Swan: the Impact of the Highly Improbable. Allen Lane, an imprint of Penguin Books, London, England.
Tripp, M., Orros, G.C., Bradley, H., Devitt, R., Overton, G., Pryor, L., Shaw, R. (2003). Risk Measurement or Bust: Operational Risks Working Party. GIRO (2003) Convention. Available at:
Wachter, R.M., Shojania, K.G., Saint, S., Markowitz, A.J., Smith, M. (2002). Learning from Our Mistakes: Quality Grand Rounds, a New Case-Based Series on Medical Errors and Patient Safety. Annals of Internal Medicine, 136(11), 850852.
Winkelman, R.A., Van Den Bos, J., Johns, C. (2006). Society of Actuaries’ Research Project: Health Plan Provider Network Risk, Society of Actuaries, USA. Available at:



Full text views

Total number of HTML views: 0
Total number of PDF views: 0 *
Loading metrics...

Abstract views

Total abstract views: 0 *
Loading metrics...

* Views captured on Cambridge Core between <date>. This data will be updated every 24 hours.

Usage data cannot currently be displayed