access to the senior executives and other officers responsible for identifying and monitoring our risks and coordinating our ERM, including our Group Chief Risk Officer, Chief Financial Officer, and Group General Counsel, each of whom reports directly to our Chief Executive Officer, as well as other senior personnel such as our Chief Investment Officer, Chief Compliance Officer, Chief Accounting Officer, Global Corporate Controller and Head of Internal Audit. The Board also receives regular reports from the Controls and Compliance Committee described below. Our ERM framework operates via a three lines of defense model. The first line of defense consists of individual functions that deliberately assume risks on our behalf and own and manage risk within the Company on a day-to-day and business operational basis. The second line of defense is responsible for risk oversight and also supports the first line to understand and manage risk. A dedicated risk team led by the Group Chief Risk Officer is responsible for this second line and reports to the Board of Director’s Investment and Risk Management Committee and the Chief Executive Officer. The third line of defense, our Internal Audit team, reports to the Audit Committee of the Board of Directors and provides independent, objective assurance as to the assessment of the adequacy and effectiveness of our internal control systems and also coordinates risk-based audits and compliance reviews and other specific initiatives to evaluate and address risk within targeted areas of our business. The principal risk areas that make up our ERM framework are assumed risk (including reserve risk), business environment risk and operational risk: • Assumed Risk. We define assumed risk as activities where we deliberately take risk against our capital base, including underwriting risks and other quantifiable risks such as credit risk and market risk as they relate to investments, ceded reinsurance credit risk and strategic investment risk, each of which can be analyzed in substantial part through quantitative tools and techniques. Of these, we believe underwriting risk to be the most material to us. In order to understand, monitor, quantify and proactively assess underwriting risk, we seek to develop and deploy appropriate tools to estimate the comparable expected returns on potential business opportunities and the impact that such incremental business could have on our overall risk profile. We use the tools and methods described above in “Underwriting” to seek to achieve these objectives. Embedded within our consideration of assumed risk is our management of our aggregate, consolidated risk profile. In part through the utilization of REMS© and our other systems and procedures, we analyze our in-force aggregate assumed risk portfolio on a daily basis. We believe this capability helps us to manage our aggregate exposures and to rigorously analyze and evaluate individual proposed transactions in the context of our in-force portfolio. This aggregation process captures line of business, segment and corporate risk profiles, calculates internal and external capital tests and explicitly models ceded reinsurance. Generally, additional data is added quarterly to our aggregate risk framework to reflect updated or new information or estimates relating to matters such as interest rate risk, credit risk, capital adequacy and liquidity. This information is used in day-to-day decision making for underwriting, investments and operations and is also reviewed quarterly from both a unit level and consolidated financial position perspective. We also regularly assess, monitor and review our regulatory risk capital and related constraints. • Reserve Risk. Reserve risk is a subcomponent of assumed risk. We define reserve risk as the risks related to our reserve for net claims and claim expenses, including the amount, both absolute and relative, of our outstanding reserve for net claims and claim expenses, and the impact of economic, social, legal and regulatory matters. Our reserve for net claims and claim expenses is subject to significant uncertainty and has the potential to develop adversely in future periods. While reserve risk may increase in both absolute terms and relative to its overall consideration in our ERM framework, we employ robust resources, procedures and technology to identify, understand, quantify and manage this risk. Our reserving methodologies and sensitivities for each respective line of business described in “Part II. Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations—Summary of Critical Accounting Estimates—Claims and Claim Expense Reserves.” • Business Environment Risk. We define business environment risk as the risk of changes in the business, political or regulatory environment that could negatively impact our short term or long- term financial results or the markets in which we operate. This risk area also typically includes emerging risks. These risks are predominately extrinsic to us and our ability to alter or eliminate 14