Managing Our Business Responsibly

Chubb is an underwriting company and we strive to emphasize quality of underwriting rather than volume of business or market share. Our underwriting strategy is to manage risk by employing consistent, disciplined pricing and risk selection. This, coupled with writing a number of less cyclical product lines, has helped us develop the flexibility and stability of our business, and has allowed us to maintain a profitable book of business throughout market cycles. Underwriting discipline is at the heart of our operating philosophy.

Chubb uses internal and external data together with sophisticated analytical, catastrophe loss and risk modeling techniques to ensure an appropriate understanding of risk, including diversification and correlation effects, across different product lines and territories. We recognize that climate changes and weather patterns are integral to our underwriting process and we continually adjust our process to address these changes. This is intended to help to ensure that losses are contained within our risk tolerance and appetite for individual product lines, businesses and Chubb as a whole.

Chubb’s enterprise risk management (ERM) framework is forward thinking, integrally linked to our key business objectives and designed to ensure sufficient financial strength over the long term to pay policyholder claims while simultaneously building and sustaining shareholder value. ERM provides a cohesive approach to the identification, assessment, management and mitigation of risk, including such risk controls as policies, guidelines and authorities.

ERM objectives

Chubb’s global ERM framework is embraced by colleagues at all levels of the company, from the Chief Executive Officer (CEO) and Board of Directors, down to each business unit and function. It is broadly multi-disciplinary and its objectives include:

1. External risks: Identify, analyze, quantify and mitigate significant external risks that could materially hamper the financial condition of Chubb and/or the achievement of corporate business objectives.
   
2. Exposure accumulations: Identify and quantify the accumulation of exposure to individual accounts/counterparties, industry, country and/or products, particularly those that materially extend across or correlate between business units or divisions and/or the balance sheet.
   
3. Risk modeling: Develop and use various data-sets, analytical tools, metrics and processes (including catastrophe models, economic capital models and advanced analytics) that help division and corporate leaders make informed underwriting, portfolio management and risk management decisions within a consistent risk/reward framework.
   
4. Governance: Establish and coordinate risk guidelines that reflect the corporate appetite for risk, monitor exposure accumulations relative to established guidelines, and ensure effective internal risk management communication up to management and the Board, down to the various business units and legal entities, and across the firm.
   
5. Disclosure: Develop protocols and processes for risk-related disclosure internally as well as externally to rating agencies, regulators, shareholders and analysts.

ERM practices

Effective risk governance requires close and dynamic collaboration as well as focus on communication flow and risk identification. One of the key mechanisms by which ERM is put into practice at Chubb is through the role of executive and senior staff on the various ERM-related Boards and Committees. The associated collaboration and communication by senior executives ensures transparency and consistency in the application of ERM across Chubb enterprise-wide.

Chubb manages risk on both sides of its balance sheet by maintaining underwriting discipline, managing exposure accumulations and investing assets conservatively. The company’s balance sheet is a competitive advantage in a business where our financial strength and security equate to our ability to meet the expectations of regulators and rating agencies, as well as our fiduciary obligations to our policyholders and shareholders. We’re proud of the fact that Chubb’s core operating insurance companies are rated “AA” for financial strength by Standard & Poor’s and “A++” by A.M. Best.

Data security has always been a top priority for Chubb — and is now more important than ever. Chubb takes a multidisciplinary and multi-faceted approach to the protection of personal and corporate information. We use administrative (e.g., governance and policy), technical (e.g., security tools) and physical safeguards (e.g., locks and other physical security measures) designed to protect information in our care. And we employ data protection strategies that are designed to monitor security threats, as well as clear protocols to respond to them.

Technological tools

Chubb uses information security tools designed to protect information and systems (e.g., encryption, firewalls, intrusion detection and prevention systems, patch management and identity management systems). Our Information Security Team regularly monitors these tools to discover anomalous and suspicious patterns and is prepared to respond immediately. Chubb participates in information sharing networks (government and private) and deploys system updates and other technology as appropriate.

Employee training

Chubb provides all employees with data protection training, covering topics like password management, secure transmission, social engineering (e.g., schemes to trick people into breaking normal security procedures to perform certain actions or to divulge confidential information) and privacy compliance. Employees involved with information protection, privacy and other risk management specialties also engage in specialized role-based training. Chubb uses a variety of training methods, including computer-based training, role-based training, company intranet awareness campaigns and various simulation exercises.

Data protection culture

At Chubb we actively promote a data protection culture. We maintain policies and standards designed to protect personal and corporate information that have been developed by a multi-disciplinary team including representation from information security and IT compliance, privacy, IT legal, compliance and business representatives.

Risk assessments and audit

Chubb’s information security policies and protocols undergo regular assessments and audits. In addition, we benchmark our programs against key regulatory frameworks.

Users who access Chubb’s social media platforms — including, but not limited to, Twitter, Facebook, LinkedIn, Instagram and YouTube — are asked to be respectful, relevant and safe. 

These guidelines apply to Chubb and Chubb subsidiaries’ social media-based websites, accounts and pages, including but not limited to Twitter, Facebook, LinkedIn, Instagram and YouTube (“social sites”). Chubb’s presence in online communities is intended to share information about Chubb’s industry insights, company news and initiatives, and our products and services in the spirit of education and awareness. 

By accessing our social sites, you agree to abide by these guidelines in any and all posts, engagement or comments on Chubb-created content or Chubb social sites.

Be Respectful: Chubb’s social sites are intended to inform online communities about our industry insights, company news and initiatives, and our products and services. Please be respectful and avoid any use of offensive or inappropriate language or images.

Be Relevant: All comments should be aligned with the content and topic of Chubb posts and discussions.

Be Safe: Social sites are public forums. Do not reference or share any personal information, including claim or account numbers, e-mail addresses or phone numbers. For questions about an individual insurance matter, please contact your agent or broker.

Use Limitations:

Chubb reserves the right to block or delete any content or restrict any user, with or without notice, at any time and for any reason, for any content we deem to be disruptive, misleading, inappropriate, off topic, threatening, harmful, obscene or otherwise offensive or infringes on any intellectual property or any rights of others. 

We reserve the right to modify or change these guidelines without notice.