![x [OR] [MLRE] Legal Disclaimer Banner](https://no-cache.hubspot.com/cta/default/3893111/141492be-2bd8-434d-a664-dfdf2c7480ba.png)
CBS-1 Reinsurance Underwriting & Pricing
Introduction
![[OR] [MLRE] [E3] [CBS] [1] [SuPS] Identify Severe but Plausible Scenarios](https://no-cache.hubspot.com/cta/default/3893111/25d064d4-851d-4578-bb94-012a789a11aa.png)
For CBS-1 Reinsurance Underwriting & Pricing, identifying severe but plausible scenarios is a critical step in understanding how operational disruptions could threaten MLRe’s ability to underwrite risks prudently, price accurately, and meet contractual and regulatory obligations.
These scenarios go beyond routine incidents and focus on high-impact, low-frequency events that are realistic within the operating environment of a Malaysian life reinsurer, including technology failures, data integrity issues, governance breakdowns, and external shocks.
Consistent with the BNM 2025 Operational Resilience expectations, the scenarios below are designed to test MLRe’s end-to-end service delivery, explicitly integrating cyber and ICT risks with people, process, third-party, and data dependencies.
Each scenario is paired with evidence of proactive risk management actions, reinforcing a forward-looking and adaptive resilience posture rather than a purely reactive control mindset.
![Banner [Table] [OR] [E3] Identify Severe but Plausible Scenarios](https://no-cache.hubspot.com/cta/default/3893111/f4f3c007-e864-48cd-8bc1-0242c8b7fd86.png)
Table P5: Identify Severe but Plausible Scenarios for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Severe but Plausible Scenario |
Impact / Effect |
Proactive Risk Management Action (Evidence of Readiness) |
Link to Integration of Cyber and ICT Risks |
|
1.1 |
Risk Appetite & Strategy Setting |
Senior management decisions are delayed or distorted due to incomplete risk data following a prolonged analytics platform outage |
Misaligned underwriting strategy; accumulation of unintended risk exposures |
Board-approved fallback decision thresholds; periodic stress testing of underwriting appetite assumptions |
Dependency on strategic dashboards, BI tools, and executive reporting platforms |
|
1.2 |
Data Acquisition & Validation |
Critical mortality and experience data corrupted by ransomware during peak renewal season |
Inaccurate pricing assumptions; inability to validate treaty terms |
Offline data backups; data integrity checks; cyber incident playbooks tested via simulations |
Core data repositories, ETL pipelines, and cyber resilience of data lakes |
|
1.3 |
Risk Modelling & Pricing Analytics |
Cloud-based actuarial modelling engine becomes unavailable due to regional cloud service disruption |
Pricing delays; reliance on outdated or simplified models |
Secondary modelling environment; model tiering and prioritisation framework |
Cloud availability risk, model platforms, and vendor resilience |
|
1.4 |
Underwriting Submission Intake |
The automated submission portal is taken offline by a DDoS attack |
Inability to receive or track new underwriting submissions |
Manual intake procedures; pre-defined service degradation tolerance |
Customer-facing portals, network resilience, and perimeter security |
|
1.5 |
Underwriting Risk Assessment |
Key underwriting tools generate inconsistent outputs due to unpatched software defects |
Erroneous risk acceptance or rejection decisions |
Patch management governance; independent underwriting review triggers |
Underwriting systems, version control, and ICT change management |
|
1.6 |
Pricing & Quotation Formulation |
The pricing engine produces incorrect quotations due to a configuration error after an urgent system update |
Financial loss; reputational damage with cedants |
Maker-checker controls; automated pricing validation rules |
Pricing engines, configuration management, and release controls |
|
1.7 |
Regulatory & Compliance Review |
Regulatory reporting logic fails to update following changes in BNM requirements |
Non-compliance; supervisory findings |
Regulatory change management process; compliance system testing |
Compliance tools, regulatory rule engines, and data lineage |
|
1.8 |
Decision Governance & Approval |
Digital approval workflows fail during high-value treaty approvals |
Approval bottlenecks; missed market opportunities |
Delegation of authority matrices; manual approval escalation paths |
Workflow systems, identity access management, and availability controls |
|
1.9 |
Documentation & Contract Issuance |
Contract management system outage delays issuance of legally binding reinsurance treaties |
Contractual disputes; revenue recognition delays |
Standardised contract templates; secure document repositories |
Document management systems and secure storage platforms |
|
1.10 |
Portfolio Monitoring & Experience Analysis |
Experience monitoring dashboards unavailable for an extended period due to a data warehouse failure |
Late identification of adverse trends and loss concentrations |
Periodic offline reporting packs; predefined monitoring KPIs |
Data warehouses, reporting tools, and ICT capacity planning |
|
1.11 |
Exception & Escalation Handling |
Escalation alerts fail due to email and messaging system outage |
Delayed management response to underwriting breaches |
Multi-channel escalation protocols; manual call-tree activation |
Messaging platforms, alerting systems, and ICT redundancy |
|
1.12 |
Reporting & Feedback Loop |
Internal performance and risk feedback reports are delayed due to an analytics system compromise |
Weak learning loop; slow corrective actions |
Resilience-based reporting timelines; alternative reporting tools |
Analytics platforms, cyber monitoring, and data access controls |
![Banner [Summing] [OR] [E3] Identify Severe but Plausible Scenarios](https://no-cache.hubspot.com/cta/default/3893111/446ccb83-e056-40d0-aae5-834d73c13f43.png)
By systematically identifying severe but plausible scenarios across CBS-1 Reinsurance Underwriting & Pricing, Malaysian Life Reinsurance gains a practical and actionable view of where its most critical vulnerabilities lie.
These scenarios highlight that operational resilience is not solely a technology issue, but a service-level outcome shaped by governance, data quality, third-party reliance, and human decision-making—amplified by cyber and ICT risks.
Aligned with the BNM 2025 Operational Resilience Discussion Paper, this scenario-led approach enables MLRe to set credible impact tolerances, prioritise resilience investments, and demonstrate proactive oversight to regulators and stakeholders.
Ultimately, identifying and testing these scenarios strengthens MLRe’s ability to continue underwriting and pricing responsibly, even under extreme yet plausible disruption conditions.
![[OR] [MLRE] [E3] [CBS] [1] [DP] Reinsurance Underwriting & Pricing](https://no-cache.hubspot.com/cta/default/3893111/0b481bf5-2563-4f06-b9b1-dac72434582b.png)
![[OR] [MLRE] [E3] [CBS] [1] [MD] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/cde2ce3a-16c4-4e35-8bbc-5aa53cdbff8f.png)
![[OR] [MLRE] [E3] [CBS] [1] [MPR] Map Processes and Resources](https://no-cache.hubspot.com/cta/default/3893111/fccbe3ff-8015-499d-972b-29c5106b0b51.png)
![[OR] [MLRE] [E3] [CBS] [1] [ITo] Establish Impact Tolerances](https://no-cache.hubspot.com/cta/default/3893111/6a189e6f-10d2-4aab-aa70-846c003f3fd9.png)
![[OR] [MLRE] [E3] [CBS] [1] [ST] Perform Scenario Testing](https://no-cache.hubspot.com/cta/default/3893111/1b67f3c6-b328-4da0-9a74-993244dc27e1.png)
For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.
More Information About OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
