Transcript Solvens II
Solvency II Part 3: Other pillars Vesa Ronkainen Insurance Supervisory Authority, Finland 30.11.2006 1 Contents • 1. Pillar 2 • 2. Pillar 3 • 3. Group and cross-sectional issues 2 3rd Wave 2nd Wave 1st Wave CALLS FOR ADVICE 3 1. INTERNAL CONTROL AND RISK MANAGEMENT 2. SUPERVISORY REVIEW PROCESS (GENERAL) 3. SUPERVISORY REVIEW PROCESS (QUANTITATIVE TOOLS) 4. TRANSPARENCY OF SUPERVISORY ACTION 5. INVESTMENT MANAGEMENT RULES 6. ASSET-LIABILITY MANAGEMENT 7. TECHNICAL PROVISIONS IN LIFE ASSURANCE 8. TECHNICAL PROVISIONS IN NON-LIFE INSURANCE 9. SAFETY MEASURES 10. SOLVENCY CAPITAL REQUIREMENT: STANDARD FORMULA (LIFE AND NON-LIFE) 11. SOLVENCY CAPITAL REQUIREMENT: INTERNAL MODELS (LIFE AND NON-LIFE) AND THEIR VALIDATION 12. REINSURANCE (AND OTHER RISK MITIGATION TECHNIQUES) 13. QUANTITATIVE IMPACT STUDY AND DATA RELATED ISSUES 14. POWERS OF THE SUPERVISORY AUTHORITIES 15. SOLVENCY CONTROL LEVELS 16. FIT AND PROPER CRITERIA 17. PEER REVIEWS 18. GROUP AND CROSS-SECTORAL ISSUES 19. ELIGIBLE ELEMENTS TO COVER THE CAPITAL REQUIREMENTS 20. COOPERATION BETWEEN SUPERVISORY AUTHORITIES 21. SUPERVISORY REPORTING AND PUBLIC DISCLOSURE 22. PROCYCLICALITY 23. SMALL UNDERTAKINGS CEIOPS advises the Commission to reflect high level principles on governance in the Directive. • The system of governance must provide for a sound and prudent management of the business. This implies an appropriate organisational structure, set of responsibilities and 'fit and proper' requirements, effective processes to identify, assess, manage, monitor and report the risks, as well as an appropriate and understood system of internal control, suitable reporting arrangements, and an audit framework. • Ultimate responsibility for ensuring that a firm is well run and adequately manages its risks rests with its Board of Directors. • Insurers are required to disclose information about the structure of their system of governance. 4 1. Pillar 2: Risk management (RM) • RM is about understanding the nature (i.e. causes, effects, • • • • 5 likelihood) and scale of the risks faced, and the Board deciding on acceptable levels for these risks, risk tolerances and resilience strategies RM is an ongoing process, in which the Board of Directors, senior management and personnel are all involved in their respective roles The object of RM is to have an active influence on the risk profile as determined by the process of risk identification, measurement and management. RM strategies, policies and processes, reflecting all material risks, should be set, monitored and reviewed on a regular basis Insurers should have in place their own strategies for solvency capital and all material risks to which they are exposed, as well as for their risk mitigation and transfer arrangements 1. Pillar 2: Risk management (cont) • Insurers are required to establish a RM function • • • • 6 appropriate to the nature, scale and complexity of their activities RM function should be separate from operational functions. It should monitor positions and report those in a timely fashion Systematic identification of risks includes early recognition, prioritisation and regular, structured recording (cf the IAA risk classification) Risk measurement, forward-looking stress tests, contingency plans are also necessary Cf Enterprise Risk Management, eg COSO ERM 1. Pillar 2: Internal control (IC) • IC is a system of continuing processes (including Board, management, personnel) to ensure that - strategies, policies and procedures are implemented and applied effectively and efficiently - financial and non-financial information is reliable - regulation is complied with. • The Board of Directors has overall and ultimate responsibility for ensuring that an adequate and effective system of IC is established, maintained and monitored, as well as for establishing integrity and appropriate culture in the firm 7 1. Pillar 2: Internal control (cont) • IC covers all levels of the firm, including outsourcing • Appropriate allocation of responsibilities and segregation of duties is necessary • Ongoing, effective and comprehensive control (of nature and scope appropriate to the business) should be established • The control function should be carried out by competent, operationally independent and appropriately trained staff • Important areas include reporting, effective audit function, information and communication technology 8 1. Pillar 2: Supervisory review process (SRP) • The supervisory authority should evaluate, on an ongoing basis, the risk profile, adequacy of financial resources and prudent conduct of insurance undertakings (forward-looking analysis) • SRP should include both quantitative and qualitative elements, and should be conducted both off-site and on-site. • The supervisor should obtain the necessary information to conduct effective monitoring and to evaluate the condition of insurers as well as of the insurance market. The supervisory authority ought not replicate the role of the undertaking's management nor the internal control function. • The supervisor carries out on-site inspections e.g. to examine the business, internal controls and financial conditions of a firm and its compliance with regulation (including, where appropriate, entities which perform outsourced functions) 9 1. Pillar 2: SRP (cont) • Supervisors should employ appropriate monitoring tools, including notification requirements, which enable deteriorating financial conditions in insurance firms to be identified and remedied. • The supervisory authority takes actions that are timely, based on clear criteria and are suitable to achieve the objectives of insurance regulation. • Quantitative tools are part of supervision. Therefore, supervisors should be able to prescribe the use of this kind of quantitative tools. 10 1. Pillar 2: Transparency of supervisory action • The relevant IAIS core principles concerning transparency should be made operational, i.e. - regulations - administrative principles - aggregate information of industry - objectives and internal organisation of the supervisor - etc should be available to the public • Any significant findings and remedial action required of the firm by the supervisor should be communicated appropriately to the Board of Directors. 11 1. Pillar 2: Supervisory powers • The powers that enable the supervisor to - protect policyholders’ and beneficiaries’ interests; - monitor the solvency; and - enforce EU and national specific regulations. • The powers are the tools of the supervisor to implement the SRP and the measures that can be taken as a result of it. • For instance: - Direct access to relevant information in a firm - To be able to check the complicance with the legislation and regulations 12 1. Pillar 2: Supervisory powers (cont) - To check the financial position, risk profile, technical - - - 13 provisions, assets etc of the firm, and to require corrective actions when necessary for policy-holder protection (e.g. regarding capital, risk profile, business activities of the firm) To have powers to address management problems in situations where the governance of a firm is considered demonstrably unsatisfactory from a prudential viewpoint To assess the level of compliance with the market conduct requirements To be able to take preventive measures that are timely, suitable and necessary from the supervisory point of view To take ultimate action if an insurer breaches the MCR (withdraw the license, transfer or wind-up the portfolio) 2. Pillar 3 • A general concept for public disclosure should • • • • • 14 enhance market transparency, wellfunctioning of financial markets and market discipline. Compatibility with the IAIS enhanced disclosure standards, IFRS, Basel II is a goal Double reporting to be avoided Reporting will increase and become more important in the future Clear differentiation between public and confidential information is necessary CEIOPS will develop common reporting formats 3. Group and cross-sector issues • Group-level supervision and cross-sectoral issues are becoming increasingly important (insurance groups and financial conglomerates) • Group supervisor and its role (resposibilities, powers) needs to be defined in the directive • Group-level SCR will be developed • Many questions are still open (cf Consultation Paper 14 at www.ceiops.org) 15