Risk management

Sun Life's Risk Management Framework (RMF) is a comprehensive set of protocols and programs for conducting our business activities. It helps us ensure we apply a consistent approach to managing risk exposures across Sun Life. Exposures include but aren’t limited to environmental (including climate change) and social risks. Internal Audit provides a quarterly opinion on the effectiveness of internal controls, risk management and governance processes to the Audit Committee of the Board. 

Our Risk Appetite Policy is integral to our approach. It outlines specific constraints that define the total level of risk that Sun Life is willing to accept.

Our risk culture is more than the requirements we set as an organization. It’s also about the way we behave and respond to risks. We need to consider risk in everything we do. 

We have a Risk Culture Statement supported by seven principles designed to embed a strong, unified culture throughout Sun Life. These principles are: 

• tone from the top
• transparency
• effective challenge
• communication  
• incentives
• accountability  
• resilience 

We encourage discussions on risk decisions and urge employees to speak up about potential concerns. We have a structured employee feedback process that helps improve risk management practices. Our Ethics Hotline empowers employees to play an active role in reporting all known and suspected breaches of our Code of Conduct. Additionally, a formal risk identification process is initiated on a quarterly basis. The purpose is to identify, measure, manage, monitor, and report on the key and emerging risks impacting or likely to impact the Strategic Plan (3 to 5-year time horizon) and Business Plan (1-year time horizon).

Everyone at Sun Life is responsible for recognizing and managing risks when making business decisions. Our mandatory training program helps employees spot, minimize and report risks that could affect our business. This training covers topics such as:  

• Code of Conduct  
• Safety and Emergency Preparedness    
• Business Continuity 
• Financial Crime Awareness 
• Data Privacy and Information Protection 
• Workplace Awareness and Respect

Our three lines of defence model outlines specific duties related to risks, oversight and reporting.  

One of the ways we assess risk and the effectiveness of our internal controls is through stress testing. Stress testing is a risk management technique that includes integrated scenario testing, reverse scenario testing and key assumption sensitivity testing. These exercises help us analyze Sun Life’s resilience under extreme circumstances. Those may include a severe economic shock, health pandemic, cyber breach, extreme weather event and more. Our business continuity plans consider various situations under which a disruption may occur. Every year, we update our business continuity plans to integrate evolving risks and our scenario analysis findings.  

Climate change is one of the most significant and complex risks facing society today. It is one of the risks Sun Life manages within our overall RMF.

We continue working to better understand potential climate-related risks and to improve our resilience against them. There are two major categories of climate-related risks:  

• Physical risk: risks related to physical impacts of climate change, including event-driven acute physical risks, for example more severe weather events and chronic physical risks from longer-term shifts in climate patterns. Indirectly, these risks can also create additional impacts on public health (e.g., increased morbidity and mortality). 
• Transition risk: risks related to the transition to a lower-carbon economy. This includes policy, legal, technology and market changes to address the need to reduce and adapt to climate change, and related reputation risk.  

Our definition of climate risk includes impacts in both of these categories. These impacts can include, but are not limited to, damage to owned and operated real assets including real estate and infrastructure, reductions in the values of investments in public and private fixed income and non-fixed income assets tied to fossil fuels and carbon intensive industries, litigation risk to a company or sector in which we invest, health impacts to affected populations, and socio-economic, geopolitical and regulatory changes. 

Our approach to addressing climate change risk also involves strengthening our ability to evaluate and report on related impacts. We provide climate disclosures guided by the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD). These disclosures help investors and other stakeholders assess how Sun Life is tackling potential climate-related impacts on our business. We also conduct an assessment of climate change risk as part of our broader assessment of the risks associated with operating in various markets.

Learn more:

• Climate Change
• Climate-related financial disclosures (guided by the TCFD framework)

Climate change is one of many environmental and social risks we’re monitoring and responding to across our business. Others include cyber threats, issues of inequality and public health issues. 

We also consider material ESG risk factors in mergers and acquisitions transactions. Our approach, informed by best practice, supports Sun Life in its consideration of ESG factors during the investment process.