Ongoing geopolitical turmoil, artificial intelligence (AI) and third-party ecosystem vulnerabilities are driving a significant increase in materiality scores across operational risk, according to ORX’s latest Top Risk Review benchmark report. Notable from the report is the closing gap between concerns reported by the insurance and banking sectors. For the first time since ORX launched its Risk Review reports, insurance firms are reporting faster-rising concerns, with an 8.8% increase compared to 4.8% in the banking sector.
While the ranking of the industry’s 16 major risks remains relatively stable since the last review in November 2024, materiality scores have risen sharply — with all but one risk (People) seeing an increase. The findings suggest that external factors are not only heightening existing risks but are also narrowing the gap between traditionally top-ranking and lower-tier risks. Insurance participants’ scores are rising at a faster rate than the overall average, potentially because of a generally volatile and uncertain external environment – driving up all scores, across industries.
Overall respondents from the insurance sector answered similarly to the wider participation group – highlighting the themes of geopolitical turbulence, proliferation of AI, regulatory uncertainty, third- party risk management services, and rapidly evolving cyber threats. However, Model risk related challenges were significantly higher than average for the insurance sector, with key concerns including; the growing use of AI and advanced analytics to support (actuarial) modelling, difficulty accessing high-quality real-time data, increasing model complexity thanks to geopolitical uncertainty and market volatility, as well as concerns about poor decision making as models are increasingly relied upon.
According to overall participants, Data Management saw the highest year-on-year increase of all 16 risks (5.9%), and by far the greatest increase in the top five since the last review. The insurance sector rated its Data Management as less effective than its banking counterparts (a 5% difference), although the top four risks for both sectors were aligned, with Data Management coming in fourth place after Information Security (including Cyber) (first place), Third Party (second place) and Technology (third place). Regulatory Compliance came in fifth place for insurance sector respondents, likely due to a large proportion of the sector being in the EU and therefore impacted by DORA regulations, as well as the shift from global to nationalist politics, limiting the options for reinsurers to diversify their risks.
Besides Model-related risks, insurance sector respondents rated eight categories more highly than the banking sector, Regulatory Compliance (5th vs 7th place), Business Continuity (6th vs 8th place), Transaction Processing and Execution (7th vs 9th place), Conduct (9th vs 10th place), People (11th vs 12th place), Statutory Reporting and Tax 912th vs 15th place and Legal (13th vs 14th place).
Of effective risk management in the insurance sector, Melanie Lavallin, Head of Insurance Service at ORX says: “Our Top Risk Review reveals the significant challenge the insurance sector faces, to manage data and third-party related risks. It is the top risk that requires management improvements, and as data continues to drive decision making, not just in risk management but in general business strategy, insurance organisations must keep track of data quality and compatibility, as well as a close eye on accessibility issues.
“This is far from the only risk and, for the first time since ORX launched our Risk Review reports, insurance firms are reporting faster-rising concerns than banks – particularly Model risk related challenges. By pooling our resources and sharing our expertise, we are here to support the insurance industry with its rising operational risks.”
Other key findings from the report include:
Geopolitical instability is a primary driver behind the surge in risk materiality scores, both widely and for insurance firms specifically – reflected in the top four risk manifestations. Insurance sector respondents recognise the growing use of hybrid warfare by nation states, such as tariffs and sanctions, as well as growing regulatory and policy divergences across borders. When looking at geopolitical risk specifically, insurers flagged Physical Security & Safety within the top five manifestations, with key concerns related to damage to buildings/properties, thanks to violet protests or riots, stricter immigration rules and the threat of terrorist attacks, natural disasters, wars and conflicts at entities/premises.
Positively, the Top Risk Review shows that risk management overall has improved, with 52% rating it effective or highly effective compared to just six months ago. Responses suggest that this could be influenced by a move towards the Single-Source-of-Truth (SSoT) model which helps provide better oversight and consistency of data. Looking to the future, insurance firms are planning to prioritise their efforts to improve their Third-Party risk management, expecting to see their risk scores decrease in the future – unlike the banking sector for which half of respondents expect their Third-Party score to increase in the next six months.
Be the first to comment