Transcript Solvency II
Solvency II
Main requirements
21March, 2012
Solvency II, a risk-orientated three pillar regime for insurance undertakings
What is Solvency II?
►
A fundamental review of the capital adequacy regime for the European insurance industry
►
Establishes a revised set of market consistent EU-wide capital requirements and risk management standards. The latest developments point to implementation on 1 January 2014 (requiring a change to the approved Level 1
directive where implementation is by end October 2012)
►
Targets an organisational model where capital and risk frameworks are embedded by insurers with decisions made in reference to the potential impact on the business (as provided by the internal model) in order to comply with
‘Use Test’ requirements
Solvency I (current)
►
Rules based
►
Limited and non-prescriptive requirements for risk management
►
Underlying liability valuation methods not consistent between EU member states
►
Capital based on statutory measures e.g., ratios of premiums or liabilities
Solvency II (future)
►
'Principles' based in theory; many rules in practice
►
Significant risk management requirements
►
Prescribed market consistent liability valuation methodology and cost of capital
►
All margins for prudence held as capital
►
Capital requirements based on probability models of risk
All Rights Reserved – Ernst & Young 2012
Solvency II
Solvency II Briefing
2
Market consistent balance sheet
Overview
Assets valued at market value
Free assets
Capital requirements
SCR
MCR
Assets
SCR = First regulatory intervention point
MCR = Final regulatory intervention point
Risk margin
Technical provisions
Technical
Best estimate
liability
All Rights Reserved – Ernst & Young 2012
provisions
= best estimate of all future cashflows discounted at a risk free interest rate
+ risk margin
Solvency II
Solvency Capital Requirement
►1
year Balance Sheet shock using V@R with 99.5% confidence
► Modular
approach with multiple aggregation levels
► Risk
modules are calculated through a combination of scenarios tests and
factor based approaches
► Allowance
in some risk modules is made for the impact of profit sharing
and geographical diversification
► Deferred
tax, profit sharing adjustments (Adj) and operational risk module
are a final add on in the process
Source: QIS 4 specification
All Rights Reserved – Ernst & Young 2012
Solvency II
Pillar 2 expectations on firms
The key requirement of Pillar 2 is for firms to have a system of governance to “provide
for sound and prudent management of the business”
Pillar 1
This system of governance “shall at least include an adequate transparent organisational
structure with a clear allocation and appropriate segregation of responsibilities and an
effective system for ensuring the transmission of information”
Technical Provisions
MCR
Minimum Capital
Requirement
Supporting this requirement are six key “aspects” based on conditions and functions
which the Directive expects Firms to address and have in place:
►
Model Approval
Own Risk and Solvency
Assessment
(ORSA)
Pillar 3
Disclosure-Solvency and
Financial Condition Report
Market Discipline
Governance
Arrangements
Supervisory power and
processes
Conditions
► Fitness
and propriety
Pillar 1
► Outsourcing
► Internal
►
Pillar 2
control
Functions
► Risk
management function
► Internal
audit function
► Actuarial
Pillar 2 also requires firms, as part of the risk management system that forms part of the governance
arrangements to undertake an Own Risk and Solvency Assessment (ORSA)
In addition to these requirements on firms, Pillar 2 also includes provisions for Supervisory review and action
function
Governance arrangements demonstrate how well a firm is managed and therefore has a direct link to the
regulator’s risk assessment of the business, which in turn will impact on the SCR loading.
All Rights Reserved – Ernst & Young 2012
Solvency II
5
What is the ORSA
A regular practice of assessing overall capital needs with a view to the firm’s specific risk profile that forms part of the risk
management system. It is:
►
an internal assessment process and as such should be embedded in strategic decisions
►
a supervisory tool for the supervisory authorities
Board
Strategy, risk appetite and policy
1st Line
The ORSA can be defined as the entirety of the processes and procedures employed to identify, assess, monitor,
manage, and report the short and long term risks that the business faces or may face and to determine the own funds
necessary to ensure that its overall solvency needs are met at all times.
►
Risk exposures and the linkages to decision making
Executive Committee
Risk Management Function
Supported by Risk
Taking Business
Units
Audit
Committee
Risk Modelling Function
Supported by Internal
Audit
Actuarial Function
Risk management systems
The ORSA needs to be supported by an effective and robust escalation process paying particular attention to
Functional escalation
3rd Line
Compliance Function
The ORSA aims at enhancing awareness of the interrelationships between the risks the business is currently exposed to, or
may face in the long term, and the internal capital needs that follow from this risk exposure
►
2nd Line
Own risk and solvency assessment
Internal control framework
The ORSA process for assessing and monitoring overall solvency builds on the Pillar I SCR calculation by articulating
the firm’s view of required capital. It should form an integral part of the business planning of the organisation. A key
challenge will be integrating the appropriate modelling approaches into the risk framework and ORSA
All Rights Reserved – Ernst & Young 2012
Solvency II
6
ORSA relationship with internal capital model and standard formula SCR
Own Risk and Solvency Assessment (ORSA)
Risks
Liquidity, Reputational and Strategic risk are not included in the standard formula. If these represent a material
risk they need to be included in the ORSA
Liquidity risk
Risks not considered by standard
formula
Time horizon
Reputational risk
Strategic risk
The time horizon used for business planning may differ from the time horizon for regulatory capital by internal
model
Confidence level
A different confidence level to the SCR internal model may be used e.g rating confidence level
Time horizon
Aspects varying between business
and regulatory (SCR) models
Confidence level
Management actions
Consideration should be taken of any agreed management actions that could influence the risk profile
Management actions
Stress and scenario tests
Stress and scenario tests
Should be extensive in business planning for internal purposes
Firms using models will be required to integrate these into the ORSA.
All Rights Reserved – Ernst & Young 2012
Solvency II
7
Requirements around risk management systems and internal controls
Risk management systems
Board
Firm shall have in place a risk management system comprising strategies, processes and reporting
procedures necessary to identify, measure, monitor, manage and report, on a continuous basis the risks,
on an individual and aggregated level, to which they are or could be exposed, and their
interdependencies. It shall include:
►
►
Strategy, risk appetite and policy
1st Line
Executive Committee
A documented risk management strategy that includes the objectives, key principles, risk appetite
and assignment of responsibilities
Supported by Risk
Taking Business
Units
Written policies that include a definition and categorisation of the risks faced by the firm,
implement the undertaking’s risk strategy, facilitate control mechanisms and take into account the
nature, scope and time horizon of the business and the risks associated with it
2nd Line
Risk Management Function
Risk Modelling Function
3rd Line
Audit
Committee
Supported by
Internal Audit
Compliance Function
Actuarial Function
Risk Management Systems
►
►
Reporting procedures that ensure that risk information is continuously monitored
Own Risk and Solvency Assessment
Internal Control Framework
A suitable ORSA process
The risk management system shall be well integrated into the organisational structure and in the
decision making process of the firm.
All Rights Reserved – Ernst & Young 2012
Internal control framework
An effective internal control framework, shall comprise a coherent, comprehensive and continuous set of mechanisms
designed to secure at least the following:
►
Effectiveness and efficiency of the firm’s operations in view of its objectives
►
Availability and reliability of financial and non-financial information; and
►
Compliance with applicable laws, regulations and administrative provisions
Solvency II
8
Functional requirements
Risk management function and compliance function
Board
Strategy, risk appetite and policy
1st Line
Executive Committee
Supported by Risk
Taking Business
Units
2nd Line
3rd Line
Risk Management Function
Audit
Committee
Risk Modelling Function
Note: CEIOPS Issue Paper on Risk Management and Other Corporate Issues
makes explicit reference to the Risk Modelling Function however the Issues
Paper on Implementing Measures on System of Governance does not explicitly
identify this as a Function a Firm must have.
Supported by Internal
Audit
Compliance Function
Actuarial Function
Risk Management Systems
Own Risk and Solvency Assessment
Internal Control Framework
Risk management function
Compliance function
The Risk Management function must be objective and independent from operational functions. Its key tasks shall include:
►
The internal control system shall secure the firm’s compliance with applicable laws and regulations
►
The firm shall have in place a suitable control environment including a compliance function
►
The compliance function shall not be placed in a position where there is a possible conflict of interest between its
compliance responsibilities and any other responsibilities it may have
►
Assisting the Board in the effective operation of the risk management system, in particular by performing specialist
analyses and performing quality reviews
►
Monitoring the risk management system
►
Maintaining an organisation-wide and aggregated view on the risk profile of the undertaking
►
►
Reporting details on risk exposures and advising the Board with regard to risk management matters in relation to
strategic affairs like corporate strategy, mergers and acquisitions and major projects and investments
The compliance function shall be able to communicate on its own initiative with any staff member and to obtain
access to any records necessary to allow it to carry out its responsibilities
►
Risk management shall be responsible for the way in which an internal model is integrated with the internal risk
management system and the day-to-day functions of the undertaking. It shall assess the internal model as a tool of risk
management and as a tool to calculate the undertaking’s SCR
There will be a compliance plan that ensures that all relevant areas of the firm are appropriately covered, taking into
account their susceptibility to compliance risk
►
The compliance function shall promptly report any major compliance problems it identifies to the Board
All Rights Reserved – Ernst & Young 2012
Solvency II
9
Functional requirements
Actuarial function and internal audit function
Board
Strategy, risk appetite and policy
1st Line
Executive Committee
Supported by Risk
Taking Business
Units
2nd Line
3rd Line
Risk Management Function
Audit
Committee
Risk Modelling Function
Supported by Internal
Audit
Compliance Function
Actuarial Function
Risk Management Systems
Own Risk and Solvency Assessment
Internal Control Framework
Actuarial function
Internal audit function
Key tasks should include:
►
The Function shall carry out its assignments with impartiality. It shall be able to exercise its assignments on its own
initiative in all areas of the undertaking
►
The Function shall have the complete and unrestricted right to obtain information as well as having direct
communication with any member of the undertaking’s staff
►
Every activity and every unit of the undertaking shall fall within its scope and the function shall draw up an audit plan
►
The Function shall at least annually produce a written report on its findings to be submitted to the Board. The report
shall cover at least any deficiencies with regard to the efficiency and suitability of the internal control system as well as
major shortcomings with regard to the compliance with internal policies, procedures and processes
►
To coordinate the calculation of technical provisions
►
To ensure the appropriateness of the methodologies and underlying models used as well as the assumptions made in
the calculation of technical provisions
►
To assess the sufficiency and quality of the data used in the calculation of technical provisions
►
To compare best estimates against experience
►
To inform the administrative or management body of the reliability and adequacy of the calculation of technical
provisions
►
To express an opinion on the overall underwriting policy
►
To express an opinion on the adequacy of reinsurance arrangements
►
To contribute to the effective implementation of the risk management system in particular with respect to the risk
modelling
All Rights Reserved – Ernst & Young 2012
Solvency II
10
Overview of Pillar 3
Pillar 3 Directive requirements:
►
Undertakings to publicly disclose, on an annual basis, a report on their solvency and financial condition
►
Pillar 3 is not just about disclosing Solvency II numbers but includes requirements around the control levels and governance in place to ensure accurate financial reporting. The
Directive requires that written policies should be in place to ensure the ongoing appropriateness of any information disclosed
Additional guidance and further Pillar 3 development:
►
There is additional guidance being issued on disclosure, but the exact requirements are not yet final
Overview of Solvency II Draft Directive Pillar 3 requirements for public disclosures:
Business overview &
performance
System of Governance
Valuation basis used for Solvency
purposes
Risk
disclosures
Capital
Management
►
►
►
►
►
Description of the business and
performance of the undertaking
Description of the system of
governance and an assessment of
its adequacy for the risk profile
of the undertaking
►
►
►
►
Description of the bases and methods
used for the valuation of:
Assets
Technical provisions
Other assets and liabilities
Explain any major differences for the
valuation in the financial statements
►
►
►
►
For each risk category:
Risk exposure
Concentration of risk
Risk mitigation
Risk sensitivity
►
►
►
►
►
All Rights Reserved – Ernst & Young 2012
Page 11
Solvency II
Solvency II - Pillar 3
Minimum Capital Requirement (MCR) and Solvency Capital
Requirement (SCR)
Structure and amount of own funds including quality
Differences between the standard formula
and the internal model used for the SCR calculation
Analysis of any significant changes from previous periods and
differences to elements in financial statements
Capital add-ons
Amount of non-compliance
8 April 2015
Ernst & Young
Assurance Tax Transactions Advisory
About Ernst & Young
Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our
135,000 people are united by our shared values and an unwavering commitment to quality. We
make a difference by helping our people, our clients and our wider communities achieve potential.
For more information, please visit www.ey.com/uk
Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal
entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients
The UK firm Ernst & Young LLP is a limited liability partnership registered in England and Wales with registered number OC300001
and is a member firm of Ernst & Young Global Limited.
Ernst & Young LLP, 1 More London Place, London SE1 2AF.
© Ernst & Young LLP 2009.
Published in the UK. All rights reserved.