Risk Management
Risk Management Policy
Risk management is a major issue in the operations of the insurance industry. KGI Life has incorporated strict risk management into the business goals requiring regular follow-ups, and has established and periodically reviewed the Risk Management Policy, which serves as the highest guiding principle for internal risk management mechanisms. The Policy clearly stipulates overall risk management goals and strategies, organization and duties, capital adequacy assessment, risk appetite and limits, and identifies major risk categories and management processes. In addition to complying with the trend of Enterprise Risk Management (ERM), it is also the basis for establishing regulations, mechanisms, and implementation practices.
Identifying and Responding to The Main Risks
Market Risk
In accordance with the Company’s market risk management guidelines, market risk control is conducted for financial assets and derivatives. Various risk analysis methods and tools are employed to identify sources of market risk, define the market risk factors of financial instruments, and design appropriate mechanisms to ensure the effectiveness of market risk management. The Company has established market risk limits and early warning indicators, and regularly conducts warning and limit monitoring to establish procedures for handling excessive risk limits. This enables timely response measures and proper control of exceeded limits.
Credit Risk
In accordance with the Company's credit risk management guidelines, the Company manages credit risk limits and management indicators, and sets limits and early warning indicators for countries, sectors, counterparties, and issuers of securities with capital characteristics based on the principle of "tiered management" to monitor the credit ratings and credit status of securities held by the Company and issuers. At the same time, the Company regularly evaluates the credit risk status of its financial assets and remains vigilant for sudden changes in the credit market or significant shifts in risk, enabling it to adopt immediate response measures.
Liquidity Risk
In accordance with the Company’s Liquidity Risk Management Guidelines, short-term cash flow is assessed and monitored based on the nature of business. A comprehensive liquidity risk management mechanism has been established, taking into account the proportionality between market trading volume and the Company’s positions, to prudently manage market liquidity risk. Investment activities are carried out with risk diversification in mind, maintaining diversification across asset classes, maturities, regions, currencies, and instruments. Additionally, a contingency funding plan is in place to ensure operational resilience in the event of prolonged liquidity stress.
Operational Risk
The three management tools for operational risks, namely Risk Control Self-Assessment (RCSA), Key Risk Indicators (KRI), and Loss Data Collection (LDC), are used to effectively identify, measure, and manage overall operational risks.
Each department conducts RCSA to identify operational risks and review corresponding control measures. The self-assessment ensures the effectiveness of internal controls. KRIs are also established to monitor changes and issue early warnings, enabling timely development of action plans to mitigate losses. The Company has established guidelines for managing loss events due to operational risks. Responsible units are required to report operational risk loss events in accordance with the guidelines and to continuously monitor and follow up on corrective actions, aiming to minimize the impact of such events on the Company.
Each department conducts RCSA to identify operational risks and review corresponding control measures. The self-assessment ensures the effectiveness of internal controls. KRIs are also established to monitor changes and issue early warnings, enabling timely development of action plans to mitigate losses. The Company has established guidelines for managing loss events due to operational risks. Responsible units are required to report operational risk loss events in accordance with the guidelines and to continuously monitor and follow up on corrective actions, aiming to minimize the impact of such events on the Company.
Climate Change Risk
The Company has incorporated climate change risk into the Risk Management Policy and, in accordance with the “Insurance Industry Risk Management Best Practice Principles” and the “Guidelines for Climate- Related Financial Disclosures for the Insurance Industry”, established its Climate-related Risk Management Guidelines. Each year, relevant business units identify the likelihood and potential impact of climate change risks, and assess the financial impact these risks may have on the Company. The Company establishes climate risk appetite indicators and targets based on the identified climate change risks and regularly monitors them. If a climate risk appetite is found to be missing the set climate risk appetite targets, improvement measures will be taken based on the cause of the occurrence, and submitted to the Company's Risk Management Committee and Board of Directors.
The Company refers to international standards and external data annually and uses scenario analysis to assess the potential impact of physical risks and transition risks on investments and business locations, ensuring that climate-related risks are effectively controlled or mitigated. The Company discloses its management of climate-related risks and opportunities in the Sustainability Report, based on the four core pillars of governance, strategy, risk management, and metrics and targets.
The Company refers to international standards and external data annually and uses scenario analysis to assess the potential impact of physical risks and transition risks on investments and business locations, ensuring that climate-related risks are effectively controlled or mitigated. The Company discloses its management of climate-related risks and opportunities in the Sustainability Report, based on the four core pillars of governance, strategy, risk management, and metrics and targets.
Insurance Risk
The main risks associated with insurance contracts and financial products featuring discretionary participation underwritten by KGI Life include risks of mortality/morbidity, lapse, expense, and investment return. In the liability adequacy test, all insurance contracts and financial products with discretionary participation features will be included to assess the adequacy of the company's overall insurance liabilities based on actuarial assumptions established using current information as of the assessment date. If the test result indicates that the on-book insurance liabilities are inadequate, the deficiency will be covered by the additional provision of liabilities in accordance with relevant regulations. The provision will affect the Company’s profits and losses in that period. The insurance risks in the various regions where the Company operates do not exhibit significant differences. The Company sets an acceptable accumulated risk limit for each at-risk unit and each risk incident, and transfers insurance risks exceeding the limit through reinsurance.
Asset-liability Matching Risk
The risk that the Company may face when assets and liabilities change inconsistently are identified in accordance with the Company's risk management guidelines, and the degree of impact (quantitative or qualitative) is measured when risks occur. The Company convenes regular meetings to propose comparative analyses and responses on related indicators, such as asset and liability allocation strategies and asset and liability duration. Relevant units and management are notified of abnormalities.
Risk Management Technology and Automation
The Company has established a market risk management system that generates values at risk, stress testing, and back testing results. Through automated processes, the system updates data and supports multidimensional analysis, thereby reducing the risk associated with manual operations. It is integrated with an internal automated reporting and data visualization platform that offers users customizable and real-time reporting function. Users can select the required data within the system, which then instantly generates charts, thereby enhancing the quality and efficiency of data analysis. Labor costs reduced through technology can be converted into freed manpower, increasing the output and added value of research and analysis.
Business Continuity Management
To ensure the safety of personnel, protect customer rights and interests, maintain business reputation, and secure assets, the Company is committed to minimizing harm and maintaining uninterrupted operations in the event of a risk incident. In 2021, the Company implemented a business continuity management mechanism to systematically address catastrophic risks by establishing relevant management procedures and response plans. This initiative aims to enhance organizational resilience. Through ongoing reinforcement and improvement of the mechanism, the Company aims to raise employee awareness and ensure effective execution of response measures, thereby maintaining service to policyholders at an acceptable minimum service level.
The Company's business continuity management system obtained ISO 22301:2019 management system certification in 2022 and has continued to pass regular reviews of this certification in 2023 and 2024, ensuring that the Company's overall mechanisms comply with international standards for business continuity through external verification agencies.
At the same time, the Company held evacuation drills, off-site office drills, information system disaster recovery drills, and four business continuity education and training sessions in 2024, in order to help employees learn how to handle disasters in their daily lives, understand the response procedures in the event of catastrophes, and ensure the safety of employees and business recovery after a disaster to reduce the impact. Through the aforementioned mechanisms, the Company achieves the goal of providing uninterrupted services to policyholders, handling claims, and executing new contracts, thereby fulfilling our commitment to stable and sustainable operations.