JOMMO KENYATTA UNIVERSITY OF AGRICULTURE AND TECHNOLOGY

SCHOOL OF BUSINESS AND ENTREPRENEURSHIP

BACHELOR OF BUSINESS AND INFORMATION TECHNOLOGY

INSURANCE AND RISK MANAGEMENT

NAME: JAYDEEH MAINA

REGISTRATION NUMBER: HDB212-0422/2023

QUESTIONS;

a) Using examples, compare and contrast adverse selection and moral hazard, focusing on how

lack of complete information(asymmetry) affects each concept within the context of insurance.

b) Using examples, what is the role of the risk management department in an organization?

What are the main functions and responsibilities of a risk manager? Discuss the key elements

like policy statements and risk management manuals.

ANSWERS

a) Adverse selection and moral hazard are two concepts that arise due to information
asymmetry in the insurance industry. Both phenomena can lead to inefficiencies and challenges
for insurers in providing coverage and managing risks. Here's a comparison and contrast of
adverse selection and moral hazard with examples within the context of insurance:

1. Adverse Selection:

Definition: Adverse selection occurs when individuals with a higher risk of loss are more likely
to seek insurance coverage than those with lower risk. This leads to a disproportionate number
of high-risk individuals in the insurance pool, resulting in higher premiums for everyone.

Effect of Information Asymmetry: Adverse selection occurs when potential policyholders have
private information about their risk profiles that insurers do not have access to, leading insurers
to underestimate the average risk in their pool.

Example: Consider a health insurance company offering coverage to a group of individuals

without comprehensive medical history checks. If individuals with pre-existing medical
conditions are more likely to purchase insurance, the insurer may end up with a pool of
policyholders who are disproportionately high-risk, leading to increased claims and higher
premiums for everyone.

2. Moral Hazard:

Definition: Moral hazard occurs when insured individuals alter their behavior in a way that
increases the likelihood or severity of the insured event once they are covered. This arises
because insured individuals may have less incentive to mitigate risks or act prudently since they
are protected by insurance.

Effect of Information Asymmetry: Moral hazard arises due to the lack of complete information
on insured individuals' behavior and actions after obtaining insurance coverage. Insurers may
not be able to observe or control insured individuals' actions, leading to changes in behavior
that increase the frequency or severity of claims.

Example: Suppose an individual purchases comprehensive auto insurance coverage. Knowing

they are covered for damages, they may drive more recklessly or be less inclined to invest in
preventive measures such as regular maintenance or defensive driving courses, thereby
increasing the likelihood of accidents and claims.

Comparison:

- Both adverse selection and moral hazard stem from information asymmetry between insurers
and policyholders.

- Both phenomena can lead to financial losses for insurers and higher premiums for
policyholders if not adequately managed.

- Both adverse selection and moral hazard can result in inefficiencies in the insurance market,
leading to suboptimal outcomes for both insurers and policyholders.

Contrast:

- Adverse selection occurs before the insurance contract is signed, primarily due to differences
in risk profiles among potential policyholders. In contrast, moral hazard occurs after the
insurance contract is in place, resulting from changes in behavior or actions of insured
individuals.

- Adverse selection leads to the wrong mix of risks in the insurance pool, while moral hazard
leads to changes in behavior that increase the frequency or severity of insured events.

- Adverse selection can be mitigated through underwriting practices and risk-based pricing,
while moral hazard can be addressed through policy provisions, risk-sharing mechanisms, and
monitoring insured individuals' behavior.
b)The risk management department in an organization plays a crucial role in identifying,
assessing, and mitigating potential risks that could affect the organization's objectives,
operations, finances, and reputation. Here are some examples illustrating the functions and
responsibilities of a risk manager:

1. Risk Identification: One of the primary functions of a risk manager is to identify

potential risks that could impact the organization. This involves analyzing internal and
external factors that could lead to risks such as financial market fluctuations,
technological changes, regulatory changes, natural disasters, or cybersecurity threats.

Example: A risk manager in a manufacturing company identifies potential risks associated with
supply chain disruptions due to geopolitical tensions. They analyze the dependency on certain
suppliers and assess the impact of any potential disruptions on production and revenue.

2. Risk Assessment: Once risks are identified, the risk manager assesses the likelihood and
potential impact of each risk on the organization. This involves quantifying risks in terms
of probability and severity to prioritize them for mitigation.

Example: A risk manager in a financial institution assesses the risk of loan default based on
economic indicators, borrower creditworthiness, and market conditions. They use statistical
models to estimate the probability of default and potential losses.

3. Risk Mitigation: After assessing risks, the risk manager develops strategies to mitigate or
minimize their impact on the organization. This could involve implementing control
measures, transferring risks through insurance, hedging financial exposures, or
diversifying operations.

Example: A risk manager in a software company implements cybersecurity measures such as

firewalls, encryption, and regular vulnerability assessments to mitigate the risk of data breaches
and cyber attacks.
 4. Policy Development: Risk managers are responsible for developing risk management
policies and procedures that outline the organization's approach to identifying,
assessing, and managing risks. These policies provide guidance to employees on their
roles and responsibilities in managing risks effectively.

Example: A risk manager drafts a policy statement on vendor risk management outlining the
criteria for vendor selection, due diligence processes, and ongoing monitoring requirements to
mitigate risks associated with third-party relationships.

5. Documentation and Reporting: Risk managers maintain documentation of risk

management activities, including risk registers, incident reports, and risk assessment
findings. They also prepare regular reports for senior management and the board of
directors to keep them informed about the organization's risk profile and the
effectiveness of risk mitigation efforts.

Example: A risk manager prepares a quarterly risk management report highlighting key risks,
their status, and any emerging risks that require attention. The report also includes
recommendations for mitigating identified risks.

6. Training and Awareness: Risk managers conduct training sessions and awareness
programs to educate employees about the importance of risk management and their
roles in identifying and reporting risks. This helps foster a risk-aware culture within the
organization.

Example: A risk manager organizes a workshop for project managers to raise awareness about
project risks and best practices for risk identification and mitigation. They provide case studies
and practical examples to illustrate the impact of effective risk management on project
outcomes.

risk management manuals includes;

 Risk Management Framework: An overview of the organization's approach to risk

management, including its objectives, governance structure, and key processes.
 Risk Assessment Methodologies: Guidelines for conducting risk assessments, including
criteria for evaluating risks, risk scoring methodologies, and documentation
requirements.

 Risk Treatment Strategies: Guidance on selecting and implementing risk treatment

options, such as risk avoidance, risk reduction, risk transfer, or risk acceptance.

 Roles and Responsibilities: Definitions of roles and responsibilities for various

stakeholders involved in the risk management process, including senior management,
risk owners, and risk management staff.

 Monitoring and Review Procedures: Procedures for monitoring and reviewing the
effectiveness of risk management activities, including performance metrics, reporting
timelines, and escalation processes.