Capital & Risk Management
ERM at Travelers is an integral part of our business operations. The standards and practices we employ to evaluate and monitor risks are designed to enable a consistent approach to risk management across the organization. We manage our risk-taking to be within our risk appetite in a prudent and balanced manner to create and preserve value for all of the company’s stakeholders. ERM also includes an evaluation of the company’s risk capital needs, which takes into account regulatory requirements, financial strength and credit rating considerations, among economic and other factors.
A senior executive team, which includes the company’s Chief Risk Officer and Chief Underwriting Officer, oversees the ERM process. This team facilitates risk assessments and collaborates with others throughout the enterprise, including risk owners across the organization and senior leaders, to implement effective risk management strategies for Travelers. In addition, our ERM group collaborates with the company’s Chief Sustainability Officer to ensure that identification and assessment of environmental, social and governance (ESG) risks are appropriately integrated into our ERM framework. The ERM group also uses third-party modeling processes to evaluate capital adequacy. These analytical techniques are an integral component of the company’s ERM process and further support the company’s long-term financial strategies and objectives.
The diagram below illustrates some of the different groups, committees, functions and processes involved in our comprehensive approach to overseeing and managing risk.
Board Oversight of Risk
Our Board of Directors oversees our ERM process. As illustrated in the graphic above, the Risk Committee and other committees of the Board are an essential part of our ERM framework and help to establish and reinforce our strong culture of risk management.
The Risk Committee of the Board meets with senior management at least four times a year to discuss ERM activities and provides a report to the full Board of Directors after each such meeting. This approach enables a high degree of coordination between management and the Board.
The Board Risk Committee oversees the implementation, execution and performance of the Travelers ERM program and reviews the strategies, processes and controls pertaining to Travelers insurance operations. The Board also allocates and delegates risk oversight responsibility to various committees of the Board. Accordingly, all committees of the Board share responsibility for oversight of strategic objectives, risk management and the sustainability of our business. We believe that allocating responsibility for specific risks to a committee with a particular skill set improves the effectiveness of the overall oversight of risks and opportunities. The Board reviews and acknowledges these responsibilities annually.
The Board has allocated and delegated risk oversight responsibility to various committees of the Board as follows:
Responsible for oversight of risks related to the integrity of financial statements, including oversight of financial reporting principles and policies and internal controls; the process for establishing insurance reserves; and risks related to regulatory and compliance matters generally. Audit Committee Charter.
Responsible for oversight of risks related to compensation programs, including with respect to formulation and administration of those programs, and regulatory compliance with respect to compensation matters. Compensation Committee Charter.
Investment and Capital Markets Committee
Responsible for oversight of risks in our investment portfolio (including valuation and credit risks), capital structure, financing arrangements and liquidity. Investment and Capital Markets Committee Charter.
Nominating and Governance Committee
Responsible for oversight of risks related to corporate governance matters, including succession planning, director independence and related person transactions; diversity and inclusion efforts; public policy initiatives; and community relations. Nominating and Governance Committee Charter.
Responsible for oversight of risks related to business operations, including insurance underwriting and claims; reinsurance; catastrophe risk and the impact of changing climate conditions; credit risk in insurance operations; information technology, including cybersecurity; and business continuity planning. Risk Committee Charter.
Enterprise Risk Management
Integrating ERM with an effective internal control environment enables our ERM group to foster, lead and support an integrated, risk-based culture throughout the company. To that end, our ERM group:
- Facilitates risk assessments and enhances the coordination of risk management across all categories of risk throughout the company.
- Develops enterprise-wide risk appetite/tolerance/limits.
- Maintains dynamic capital models to quantify and evaluate the company’s risk exposures and their related impact on the company’s risk/reward assessment, capital structure and future earnings potential.
- Works in partnership with key risk management leaders in different areas throughout the organization (such as underwriting, reserving, investments, credit, regulatory compliance and operations) to ensure coordinated cross-departmental risk management and governance.
- Identifies, evaluates, and quantifies risks, their correlations and their interdependencies from all sources across the organization.
- Works to enhance effective and credible risk modeling capabilities as part of the company’s overall effort to understand and manage its portfolio of risks to be within its risk appetite and tolerance.
- Allocates economic capital to our products and businesses and helps ensure capital efficiency in concert with regulatory and rating agency targets.
In addition, our ERM group leads the company’s annual Management Identification of Significant Risks (MISR) – a governance process through which senior risk and business leaders and various committees collaborate to identify the significant inherent and residual risks faced by Travelers. The MISR process assigns management responsibility for individual risks to senior corporate leaders and/or internal groups, committees and processes and assigns oversight responsibility to various Board Committees. The MISR is reviewed with our Board Risk and Audit Committees at least annually and is also reviewed by the Board as part of its annual review of the allocation of risk oversight among its committees.
As part of our ERM process, we use metrics and risk/reward analytics to actively evaluate and adjust our strategies, as well as to further support our long-term financial strategy and business objectives. For example, we use various analyses and methods, including proprietary and third-party computer modeling processes, to make underwriting and reinsurance decisions designed to manage the company’s exposure to catastrophic events. In addition to catastrophe modeling and analysis, we model and analyze our exposure to other extreme events. We also utilize proprietary and third-party computer modeling processes to evaluate capital adequacy.
Our approach to ERM is reinforced by our compensation structure, which is designed to encourage a careful balance of risk and reward, both on an individual risk basis and on a companywide basis. Our compensation program also promotes and drives a long-term perspective to managing our business. This long-term perspective is especially important in the property casualty insurance industry, where a short-term focus could create incentives for management to relax the company’s underwriting or investment standards to increase revenue and reported profit in the near term but could create excessive risk for shareholders over the longer term. Moreover, results in the property casualty insurance industry can vary significantly when measured year to year because of a variety of factors, including the periodic occurrence of significant catastrophes. Accordingly, we believe that the right way to manage our business is with a long-term perspective, with an eye toward creating value over time. See our Proxy Statement for a comprehensive discussion of how our compensation program incorporates this long-term perspective.
Our approach to business resiliency is designed to allow us to deliver on the Travelers Promise to take care of our customers, communities and employees in the face of unexpected disruptions. Travelers Business Resiliency Program is our internal ecosystem focused on the goal of ensuring that we can operate consistently for our employees, agents and customers despite crises and operational disruptions and, accordingly, continue to deliver for our shareholders. Our Business Resiliency Program takes a holistic, three-pronged approach that encompasses business continuity, disaster recovery and crisis management. With support from senior management and with oversight by the Risk Committee of our Board of Directors, our program focuses on both preventive measures (including technology availability design, facility resilience and training/awareness programs) and response preparation (including business contingency planning, technology restoration and crisis management/emergency response).
The Travelers Business Resiliency Risk Committee, composed of members of our executive team, oversees the implementation of our Business Resiliency Program and, along with our management-level Enterprise Risk Committee, is charged with reviewing and approving mission- and business-critical processes, identifying risks to business resiliency and facilitating decisions to accept, mitigate or remediate these risks.
Pursuant to its charter, the Risk Committee of our Board of Directors oversees “the strategies, processes and controls pertaining to business continuity and executive crisis management for the Company and its business operations.” In exercising its oversight, the Risk Committee of our Board meets annually with members of the Business Resiliency Risk Committee and the Enterprise Risk Committee to review the company’s business continuity, disaster recovery and crisis management efforts. Among other things, the Risk Committee reviews the enterprise event response protocols, discusses how those protocols would be (and were) triggered for events ranging from catastrophes to local shootings to bomb threats, and evaluates lessons learned from actual events, such as the COVID-19 pandemic. The Risk Committee also receives quarterly reports regarding preventive measures relating to cyber incidents, including those events affecting suppliers that may impact Travelers. In addition, the Risk Committee is regularly briefed on the steps taken to reduce future risk and improve our threat detection and response processes.
The primary objective of business continuity is to ensure that the company is prepared to respond to, and recover from, an unexpected disruption. This requires a solid understanding of the risks to our operational structure and involves contingency planning and testing of hundreds of business processes across Travelers. We have inventoried our business processes and categorized them according to their criticality and urgency to the company, and we have tailored our resiliency measures accordingly.
Through annual risk reviews, which are facilitated centrally, each business function updates its resiliency plans with respect to key operational aspects. The plans include specific recovery scenarios and detailed workaround plans to be leveraged in the event of a disruption related to technology, facility, workforce or supplier issues. We also conduct validation exercises to test the effectiveness of those plans.
In addition, as a fundamental part of our enterprise supplier management program, we identify supplier risks and mitigating controls, enabling the company to make informed decisions throughout the life cycle of a supplier relationship. Specifically, we assess the business continuity and disaster recovery risk of our suppliers to evaluate their overall business resiliency, recovery capabilities and limitations. And, we create contingency plans detailing how the company will continue to operate if a supplier becomes unavailable.
We base our approach to disaster recovery on a model that provides redundant infrastructure, application and platform solutions designed to enable continued operation in the event of a disruption. We review these solutions on a regular basis to ensure that they continue to align with our business strategy. In addition, on an annual basis, we perform disaster recovery testing on all of our mission critical and supporting applications.
We inventory all computing platforms with a detailed plan to move to an alternate site, the specifics of which vary by application design and business criticality. We maintain technology availability standards to help ensure adequate designs are deployed and sufficient procedures are in place and tested to restore infrastructure, applications and data in the event of a disaster.
We perform daily backups of production data from our primary facility to our alternate sites. Critical technology infrastructure is designed with sufficient levels of redundancy to support recovery from local or geographic service disruption events.
Our Crisis Management Operating Model includes two teams: the Operational Response Team (ORT) and the Enterprise Event Response Team (EERT).
Our integrated ORT comes together to manage events, both planned and unplanned, providing a coordinated and facilitated response to situations of all types. The ORT is a group of employees from across the organization, prepared to come together before, during or shortly after an event to ensure that we respond appropriately. The ORT manages corporate security, real estate, technology, cyber, business continuity and environmental health and safety events. This team is activated and engaged regardless of the severity of the event. The ORT also maintains well-documented emergency response procedures and conducts regular training, scenario planning and exercises in anticipation of potential emergency scenarios. Travelers has event-specific playbooks covering protocols for various scenarios, including a pandemic, natural disaster, data center outage and cybersecurity incident. For example, our corporate pandemic plan, which outlines our strategy for maintaining a safe and healthy workplace while continuing to deliver uninterrupted service to our customers and agent and broker partners, was activated when the COVID-19 outbreak began. Roles and responsibilities of team members are clearly defined, enabling an efficient response to a national crisis or a technology, worksite, workforce or supplier event.
The EERT manages catastrophe events, underwriting and exposure, claim response and regulatory events. When escalation is required, these teams engage with the appropriate group of senior executives tasked with overseeing the execution of our crisis management and emergency response plans related to the event.
Travelers Business Resiliency Management in the Face of COVID-19
Despite the extraordinarily challenging circumstances related to COVID-19, we were able to continue to serve our customers and our agent and broker partners seamlessly due to our extensive planning and preparation for unforeseeable circumstances; the commitment, resourcefulness and professionalism of our team; and the tremendous efforts of our Technology and Operations group. Upon initial reports of the emerging coronavirus in January 2020, we activated our Business Continuity, Crisis Management and Disaster Recovery teams to track the outbreak and begin executing our robust business resiliency plans. In February 2020, the group expanded to include the Executive Crisis Management team, which effectively oversaw and managed the company’s response to the rapidly evolving events in real time.
Anticipating a scenario where nearly all employees would need to work remotely and necessary Claim professionals would need to safely engage with customers, our Operational Response Team acted quickly to limit business disruption and maintain the security of information. As part of those efforts, we assessed risk and risk mitigation levers on hundreds of business processes while activating and developing plans to assess and further strengthen our technology infrastructure and cybersecurity.
During the first few months of the COVID-19 pandemic, our Board of Directors met biweekly with our Chief Executive Officer to review management’s operational response to the pandemic, as well as strategies to mitigate the short- and long-term risks to the company. The meeting topics covered all aspects of our event response and business continuity, including our transition to a remote working environment, workforce health and safety, productivity, technology and cybersecurity, supply chain management, financial results, capital and liquidity management, legislative and regulatory activity, short- and long-term business impacts and community relief efforts.
Due to our Business Resiliency Management program and our corporate pandemic plan, we were able to seamlessly transition almost our entire workforce practically overnight to safely and effectively work from home, all while maintaining employee productivity and engagement. Our comprehensive planning and ongoing testing, as well as the exceptional response of Travelers employees to the crisis, enabled us to continue to deliver the risk management products and services that our customers need to live their lives and run their businesses, as well as the outstanding, uninterrupted service that our customers and agent and broker partners have come to expect.
Balanced Approach to Capital Management
Travelers has consistently provided excellent service to policyholders while delivering strong returns over time. Integral to our long-term financial strategy is a balanced approach to rightsizing capital and generating capital in excess of our growth needs. We maintain operating company capital at levels needed to support our current business profile and growth opportunities consistent with our objective of maintaining significant financial strength and strong credit ratings. Specifically, our capital models first address our need to comply with regulatory risk-based capital requirements and our desire to:
- Maintain significant financial strength and strong credit ratings.
- Continue to remain financially strong after a significant catastrophe event.
- Ensure that we can satisfy the claim payments and other obligations of our business.
To meet these objectives, we monitor our cash inflows (e.g., premiums, service fees, investment income) and outflows (e.g., claim payments, capital investments, operating expenses) on an ongoing basis. Since most of our policies renew annually, we regularly reassess our pricing and risk appetite against our capital needs.
Our capital management strategy has been an important driver of shareholder value creation over time. As we have said many times, our first objective for the capital we generate is to reinvest it – organically and inorganically – in our business to create shareholder value. We will continue to retain capital to support growth in our business and invest capital to further our ambitious innovation agenda and advance other strategic objectives. Today, we are making strategic investments in everything from talent to technology. Having said that, we are disciplined stewards of our shareholders’ capital, and to the extent that we continue to generate capital that we cannot reinvest consistent with our objective of generating industry-leading returns over time, we will manage it the same way we have for more than a decade – by returning it to our shareholders.
Our Balanced Approach to Capital Management
Over the last 10 years, our financial success and balance sheet strength have enabled Travelers to grow dividends per share at an average annual rate of 8% while increasing our book value per share by 92%. These accomplishments are on top of returning more than $28 billion of excess capital to the company’s shareholders over the same 10-year period. Our financial strength is also reflected in our strong credit ratings from four of the major rating agencies.
Since the initial share repurchase authorization in May 2006 and through December 31, 2021, TRV has returned $49.8 billion of capital to shareholders: $37.9 billion in share repurchases at average price of $70.28 per share and $11.9 billion in dividends.