Tillinghast Survey Shows Insurers Increasingly Use Enterprise Risk Management to Address Their Most Pressing Business Issues

Dissatisfaction Remains With Existing Tools to Identify, Measure and Manage Risk

New York, NY, December 9, 2002 — A Tillinghast – Towers Perrin survey on Enterprise Risk Management
(ERM) shows insurers around the world are increasingly adopting ERM, a relatively new approach to the strategic
management and exploitation of risk from all sources — operational, strategic and financial. Forty-nine percent of survey
respondents report having some form of ERM already in place today, and another 38% are considering adopting it.
Additionally, 38% of respondents have appointed a Chief Risk Officer (CRO) — almost double the 20% found in the first
Tillinghast benchmarking survey published in 2000 — perhaps the strongest sign of the increase in the use of ERM.

Nearly 90% of respondents say they are adopting ERM because it is a “good business practice,” according to the study, a
motivation far more widespread than other well-publicized external influences such as “corporate governance guidelines”
(42%) or “regulatory pressure” (35%). However, the study, which covered all sectors of the global insurance industry, also
revealed insurers’ dissatisfaction with available tools, processes and capabilities used to manage risks and sources,
especially non-financial risks.

“These results show the industry is making significant progress in implementing ERM but has yet to capitalize on its full
potential,” said Jerry Miccolis, Tillinghast principal and leader of the firm’s ERM consulting activities. “To fully reap the
benefits of ERM, companies should follow the ‘best practice’ of first developing and clearly articulating a company-specific,
senior management-supported ERM framework that firmly establishes the company’s objectives, scope and organizational
structure for ERM.”

“Based on a comprehensive ERM framework,” Miccolis continued “companies can then apply a practical, straightforward
implementation process that systematically proceeds from comprehensive risk assessment to defining alternative financial
and operational strategies, to evaluating those strategies from the standpoint of shareholders and policyholders, and then
selecting the strategies that provide the optimal balance of value to both.”

Other Findings

  • ERM Addresses Key Business Challenges: The survey results shows a strong endorsement of ERM as a
    business-building tool, with clear agreement among insurers that it helps address their most pressing
    business issues today. For most of the leading issues, more than 75% of participating executives — and in
    some cases more than 90% — believe ERM will help them contend with the issues: earnings growth (77%),
    return on capital (89%), earnings consistency (92%), strategic/operational planning (97%), pricing adequacy
    (77%), capital management/allocation (92%) and asset/liability management (93%).
  • ERM Helps Drive Top-Line Growth: One of the most important findings of the survey, according to Miccolis,
    was the large number of respondents who said ERM helps them with revenue growth, 55% of those who
    cited that as a major issue. “For many people in the industry, that finding may seem counter-intuitive. How
    can ‘managing risk’ help grow revenue? In truth, ERM, as this finding attests, is a true business-building tool.
    It’s a formal discipline that enables companies to make robust decisions about the strategies — for example,
    growth strategies — that are most likely to produce the greatest return, given the risk profile of their
    organization,” said Miccolis. As the survey showed, two groups of companies especially cited the significant
    impact of ERM as a business-building tool: firms in Canada, where ERM is arguably more advanced, and
    companies that have more practical experience with ERM (75% of all companies that have already
    implemented ERM say it helps them grow revenues).
  • CFOs are Taking a Central Role in Implementing ERM: While more and more companies are appointing
    CROs, the survey shows that the Chief Financial Officer (CFO) is taking a lead role in ERM. The CFO is cited —
    by 33% of participating companies — as having “primary responsibility” for overseeing ERM activities. The
    CRO is a distant second, cited by 19% of respondents, followed by the Chief Actuary, (16%), the risk
    management committee, (10%), and the CEO, (7%). Even when a company has a CRO, in 47% of the
    instances, he or she reports to the CFO. When a company has an ERM committee (a practice reported by
    38% of respondents), the chair is almost as frequently the CFO (22%) as the CRO (25%).
  • Communication and Organizational Skills are Critical in an Effective CRO: While the majority of all
    respondents, ranked “technical skills” as the first or second most important competency of a CRO, Canadian
    companies rate communication and organizational skills as most important. “We think the Canadians have it
    right,” asserted Miccolis. “Among the most successful ERM companies we’ve seen, the CRO functions as the
    ‘ambassador’ of an ERM culture change. We feel that for ERM to realize its full promise, communication and
    organizational skills are the most important characteristics of an effective CRO.”

About the Survey

The report details findings from a Web-based survey of executives in life, health, property/casualty and multiline insurance
companies headquartered in North America, Latin America, Europe, Africa, Asia and Australia. About one-third describe
their companies as international, up from 18% in the first survey. Forty percent are from public stock companies; nearly half
the companies have assets of more than $10 billion. Responses in some cases total more than 100% because respondents
were allowed to give multiple answers.

The full survey report provides details on these and other findings about the insurance industry’s efforts to install ERM as a
management discipline and use it to guide business decisions. The report may be obtained from Tillinghast by calling (914)
745-4170 or sending a request to robyn.hennessy@tillinghast.com.

About Tillinghast – Towers Perrin

Tillinghast provides actuarial and management consulting to financial services companies and advises other organizations on
their self-insurance programs. Tillinghast is a premier independent advisor to the insurance industry; its major clients include
most of the world’s top insurance organizations. It operates as one global business, through a network of 43 offices in 20
countries. Tillinghast is a division of Towers Perrin, one of world’s largest management and human resource consulting firms.
The Towers Perrin family of businesses also includes Towers Perrin Reinsurance, a leading global reinsurance intermediary.
Together, these businesses have over 9,000 employees and 77 offices in 75 cities and 23 countries. More information about
Tillinghast is available at www.tillinghast.com.