Managing Risk

SOLUTIONS : Collapsed
SUPPORT : Collapsed
ABOUT US : Collapsed

Managing Risk


How we manage ourselves and our impacts as an employer, community member, and business and market leader is critical in fulfilling our purpose.

Risk management

Risk management, governance, ethics, and integrity underpin our Company’s ability to build a more confident future and enable us to deliver on the promises we make to our customers, employees, and shareholders. We work hard to instill a culture where every employee takes responsibility for risk management and understands their role in driving MetLife’s success.

Our risk management framework is designed to address all material financial and nonfinancial risks to our business. MetLife embeds risk management programs and practices in all business and strategic decision-making. Our independent Global Risk Management (GRM) team is led by the Chief Risk Officer (CRO) who reports directly to the Company’s Chief Executive Officer (CEO). Our risk governance structure provides risk oversight at the Board and senior management levels. Management committees focused on specific financial and non-financial risks are responsible for establishing risk appetite and risk policies and monitoring risk-taking.

In 2019, we announced the realignment of the Corporate Ethics and Compliance organization under GRM. This structure provides opportunities for enhanced collaboration between Operational Risk and Corporate Ethics and Compliance on the management of non-financial risks.

Our approach to risk management supports our efforts to generate long-term value for MetLife and fulfill our purpose to build a more confident future for our customers, employees, and shareholders.

Our Three Lines of Defense model

MetLife operates under the “Three Lines of Defense” model, which designates business and functional owners as the first and primary line of defense in identifying, measuring, monitoring, managing, and reporting risks. Global Risk Management, which includes Corporate Ethics and Compliance, along with IT Risk and Security form the second line of defense and provide effective review, challenge, and advice to business and functional owners. Internal Audit serves as the third line of defense, providing independent assurance and testing over the risk and control environment.