What is a risk-intelligent organization and why is it important? To cultivate a risk-intelligent organization, we have put processes in place to identify and manage financial, strategic, and large operational risks to ensure your CalPERS retirement and health care benefits are protected for the long term.
But what is a risk? A risk is the possibility that an event will occur and potentially affect the achievement of CalPERS’ business objectives.
What risks does CalPERS face and how have we effectively reduced them?
Risks to pension funding.
A risk to pension funding is the failure to meet benefit obligations to current and future members and beneficiaries. To mitigate long-term risks to the sustainability of the fund, we have lowered the discount rate, set a new asset allocation, and shortened the amortization period. These efforts were implemented to create a Solid Foundation for the Future and increase our funded status over time.
At CalPERS, our goal is to work toward becoming fully funded while taking an acceptable level of risk by actively monitoring and measuring the risks and rewards of our investment allocations. As stated in our investment beliefs, CalPERS will take risk only where we have a strong belief we will be rewarded for it.
Risks to information security.
This is the failure to protect and secure information. All CalPERS team members must complete Health Insurance Portability and Accountability Act (HIPAA) and Information Security Awareness training annually. This helps ensure that our staff is doing everything we can to protect all members’ personal information, and that we identify and know when and how to report any concerns.
Risk to business continuity.
This is the inability to recover and resume business functions after a disaster. CalPERS has developed a two-phased plan to resume key business functions quickly to minimize impact on the retirement and health benefits we provide to 1.9 million and 1.4 million members and their families, respectively.
The first phase restores CalPERS’ most critical functions within the first 30 days following an event. To ensure members receive their current benefit checks during an emergency event, CalPERS maintains an off-site Emergency Operations Center; an off-site data backup, restore, and recovery system; and alternative payroll processes with the State Controller’s Office. The second phase consists of restoring the remaining services.
The graphic below shows a summary of CalPERS’ enterprise risks.
So, how do we identify, reduce, and avoid these risks?
CalPERS senior leaders perform an annual assessment to identify and prioritize risks and initiate appropriate action. Data is collected and analyzed to monitor the status of each identified risk. In addition, we educate team members to recognize how they can protect the organization from daily risk.
Our risk management team and CalPERS leadership work to manage risk to an appropriate level, with guidance from the CalPERS Board of Administration.
By identifying risks early enough, we can mitigate the consequences or avoid them altogether.
Our focus on better understanding risk and taking steps to mitigate undesirable outcomes plays a significant role in the decisions we make.
If you’d like to learn more, visit our website to view our annual risk assessment and other helpful resources.