We embed sustainability and responsible, ethical practices in our operations and are well positioned to protect our people and the customers who entrust us with their personal information and business.
Enterprise Risk Management
Enterprise Risk Management (ERM) at a Glance
We are an international group with myriad operations, customers and exposures all over the world. Our strategy is to develop a profitable and diversified portfolio of insurance and reinsurance business in market segments where our company has underwriting expertise. We take the risks of climate change seriously, and we believe that considering and incorporating climate risks into our business strategy drives long-term profitability.
Our Board of Directors (Board), as a whole and also at the committee level — specifically the Finance, Investment and Risk Committee (FI&R Committee) — has an active role in overseeing management of our company’s risks, including climate-related risks. On a quarterly basis, our Board reviews information from senior management, as well as our Chief Risk Officer (CRO), on material risks, including those related to natural catastrophes such as climate risk, data privacy and cyber security, reputation, underwriting, investments, capital management, liquidity, financial reporting, legal and regulatory and compliance.
Ethics and Code of Business Conduct
Our success for more than 20 years is anchored by our culture of ethics and compliance. Strong polices, including our Code of Business Conduct, are at the core of this culture and play a pivotal role in setting expectations and providing guidance for our employees, managers and senior leaders. We reinforce our commitment to these standards through our annual companywide written certification and by making other resources available, like our 24-hour ethics hotline.
Our business resiliency strategy is overseen by our Chief Operations Officer (COO) who reports to our CEO. We have a dedicated team of business resiliency professionals that helps to prepare our company for the unexpected, including emergencies, catastrophes, pandemics and other disasters
Our programs are designed to prevent business interruption and to be compliant with standards set forth by applicable insurance industry regulators. Our recovery and continuity strategy includes, but is not limited to:
- Extensive and companywide exercises to ensure our capabilities are effective.
- Emergency Facility Action Plans for every Arch company, encompassing the unique environment of each geographic location and office building.
- Annual evaluations to practice and exercise the effectiveness of our policies and procedures.
Privacy and Data Security
Our Chief Operations Officer (COO) is responsible for information security and business continuity programs. One or more members of the Privacy and Security Committee report to the COO, Chief Information Officer (CIO) and General Counsel. The COO provides updates on the information security and business continuity programs and policies, as needed, to executive management and the FI&R Committee. The FI&R Committee reviews and discusses with the Board the strategies, processes and controls pertaining to the management of our information technology operations, including cyber risks and information security.
We employ an in-depth strategy to protect information in our care. Our comprehensive approach includes embedded data protection throughout our operations and technology programs to safeguard personal data and digital assets. These controls focus on our ability to prevent, detect and respond quickly to security events affecting our environment. We use sophisticated technology tools to help protect our systems, including multi-factor authentication, firewalls and detection and response systems. We bolster this technology by following industry best practices regarding hardening our applications and infrastructure.
Responsible Supply Chain
In the interest of working with suppliers that adhere to the same ethical standards as Arch, we launched in 2020 a Supplier Code of Conduct (Supplier Code) that sets forth our expectations for suppliers providing goods or services. We are committed to engaging with contractors, consultants, suppliers and vendors with the highest level of integrity to support our long-term growth and add value to our company.
Arch’s grassroots employee environmental sustainability committee, Blue Goes Green, works with our global facilities team to identify innovative ways to reduce our corporate emissions and drive greater energy efficiency across our operations.
Our Environmental Policy: Sustainable Approaches to Environmental Protection
We understand the risks that environmental challenges present to people and communities. We take an active role in reducing our environmental impact and look for cost-effective ways to protect and conserve natural resources.
We remain committed to long-term, sustainable approaches to protecting the environment. Some of the steps we have taken include:
- Prioritizing lease offices in LEED and Energy Star® buildings.
- Working with architects to create energy-efficient floor designs, including open office configurations to reduce overall square footage needs.
- Upgrading and changing all lights to LED, including exit signs in properties.
- Installing light timers and sensors to ensure lights are on only when in use.
- Promoting recycling at our facilities.
- Employing third-party vendors to properly reuse, recycle and dispose of obsolete IT equipment, buildout/construction materials, furniture and carpet.
- Installing live walls in certain locations to deliver indoor pollution reduction assistance and therapeutic benefits.
- Reducing paper usage by encouraging paperless business dealings and double-sided printing.
- Offering video conferencing to minimize air travel.
- Educating employees about the ways they can reduce their own individual and collective environmental impact.