Solvency II The essentials for Pillars II and III & what’s ... · governance which provide for sound and prudent management (Article 41(1)). The system of governance shall be proportionate

Solvency II

The essentials for Pillars II and III

& what’s next for Pillar I

Istanbul, 30 September 2011

What are the requirements, the practical implications and

implementation challenges?

In association

with:

Agenda

09:30 –

09:45Welcome SpeechesErhan Tuncay: Association of the Insurance and Reinsurance Companies of Turkey, Secretary General

09:45 –

10:15Opening SpeechAhmet Genc: General Directorate of Insurance of the Undersecretariat of Treasury, Director General - Ongoing works in Turkey

regarding Solvency 2

10:15 –

11:15Pillar 1

An overview of the QIS5 exercise across Europe - Speaker: Pierre-Jean Vouette (Eiopa)

Issues arising from QIS5 and subsequent changes - Speaker Yannis Pitaras (CEA)

11:15 –

11:30

BREAK

11:30 –

12:30Pillar 2 - Speaker: Tim Edwards (PwC)

Systems of governance

Group issues

Supervisory Review Process

Proportionality

12:30 –

14:00

LUNCH

14:00 –

15:00Pillar 2 - Speaker: Mathieu Filippo (CEA)

ORSA

15:00 –

15:15

BREAK

15:15 –

16:15Pillar 3 - Speakers: Natalie Stevenson (CEA) & Steve Dellow (PwC)

Pillar 3 requirements and status of the debate (inc proportionality)

Solvency II and Data requirements

16:15 –

16:30 Closing Remarks

Pillar 1

QIS 5 results

1.1

Jean-Pierre Vouette (Eiopa)


Pillar 1

Contentious issues arising from QIS5 and

subsequent changes

1.2

Yannis Pitaras


Where do we stand in the Solvency II process?

2005 2006 2007 2008 2009 2010 2011

Directive Development

(Commission)

CEIOPS work on Pillar I

CEIOPS work on

Pillars II and III

CEIOPS advice on

Implementing Measures

QIS5QIS 1 QIS 2 QIS 3 QIS 4

CEIOPS

advice on

Proportionality

& Groups

Industry gets prepared

CEIOPS work

on L3

2012

Transposition

1 Jan 2013?

5

How does Omnibus II fit into the Solvency II timeline?

2013

Jan

Directive Adoption

(Council & Parliament)

Commission

pre-consultation

Level 2

6

2011

Jan2012

Dec

2011

Dec

2012

Jan

Commission

Freeze Level 2

EIOPA pre-consultation

Level 3 EIOPA

ITS

Public

Consultation & Adoption

Final

preparatio

n

Industry gets prepared

Level 3

Level 2

Level 1

Council & EP adopt delegated

Acts

Delegated

Acts

Endorseme

nt

Adoption

Consultatio

n

QIS5 results: An industry perspective

Participation rates:

68% of total European insurance undertakings (target 60%) and

167 of groups

Caveats surround results

Consistency of approach: Known issues: deferred tax,

contract boundaries etc,

QIS5 showed some important concerns still needing to be

solved for some specific risks and LoBs

7

“The overall health of the European insurance industry has been demonstrated by the results of the fifth and last comprehensive quantitative impact study (QIS 5)”

Derivation of risk-free interest rate:

Volatility in valuation of assets and liabilities

Extrapolation

The Counter-Cyclical Premium alias the “Illiquidity

Premium”:

Application and uncertainty

And the “matching premium”?

And an explicit adjustment of non AAA government

bonds?

Issues related products with

long-term guarantees

8

Bond spreads – why higher yields?

Decomposition of sterling-denominated investment-grade

corporate bond spreads. Source : Bank of England

Compensation for

expected defaults

Compensation for

uncertainty about

default losses

Other –

including

illiquidity

“Unexpected default? Or is it artificial volatility? Or should we just call it bad volatility”

What is the illiquidity premium after all?

9

RM

Market Consistent Value of technical

provisions

Market value for hedgeable risks and BE plus risk

margin for non hedgeable risks

Minimum Capital Requirement (MCR)

Reflects a level of capital below which ultimate

supervisory action should be triggered

Calculated on a factor basis, but within the corridor of

25% - 45% of the SCR

Solvency Capital Requirement (SCR)

Target Capital which should enable to absorb

significant unforeseen losses over a specified time

horizon

The standard calculation can be replaced by the use

of internal model under supervisory validation

Ladder of Intervention

Solvency II should guarantee a ladder of intervention

if the available capital falls below SCR

Concept of transferability of TP in extreme situations

MCR

SCR

Market -

consistent

Value of

Liabilities

The ladder: a counter-cyclical tool by construction

Risk Margin

Ladder of Ladder of

InterventioInterventio

nn

10

Contract Boundaries in QIS5

Conditions Treatment

Restriction on undertaking’s ability to amend premiums is

economically relevant

Include premiums

Undertaking can only amend premiums based on a published

mortality table

Include premiums

Undertaking can increase policy charges to offset potential future

losses

Exclude premiums

Future premiums related to the insurance and reinsurance obligations of the existing contract or the guarantee or option should be allowed for

However, future premiums should not be included if the insurer has an unlimited ability to amend the premium or benefits.

Q+A issued by Ceiops stated, for example:

11

EFIFP calculated using 100% “paid-up” scenario

Classifying EFIFP as Tier 3 leads to counter-intuitive results:

If EFIFP classified as Tier 3 (of which only 15% eligible):

there would be a capital requirement on portion of EFIFP not eligible as own funds; and

this would incentivise writing business with zero EFIFP

Expected future profits in future premiums

€6m

€24m

€20m Eligible own

funds =

€26m

EFIFP

Base own funds (A-L) = €50m

€5m

€5m

Stressed

own funds =

€10mEFIFP

€40mSCR

12

Groups

Groups diversification

Transferability of available financial resources across the

group

Complexity

Other issues still needing to be addressed

“The CEA agrees with EIOPA and the European Commission that a further key issue is the complexity of certain calculations and requirements. “This complexity must be tackled to ensure that Solvency II is workable for all and particularly for smaller”

13

Understanding group diversification effects

No group

diversification

Full group

diversificationDifferent sources of diversification

0

50

100

150

200

Sum of SCRs Concentration Natural

hedges

Intra-group Geographic Group synergy Group SCR

14

Pillar 2

Systems of governance

2.1

Tim Edwards (PwC)


How Solvency II will work in Europe

Article 40 requires that an insurer’s management body is made

ultimately responsible for compliance with all laws and regulations in

connection with Solvency II. As part of discharging these

responsibilities they will need to establish effective systems of

governance which provide for sound and prudent management (Article

41(1)).

The system of governance shall be proportionate to the nature, scale

and complexity of the operations of the insurer. The system of

governance shall also include an adequate transparent organisational

structure with a clear allocation and appropriate segregation of

responsibilities and an effective system for ensuring the transmission of

information. The system of governance shall be subject to regular

internal review (Article 41(1)-(2)).

16

System of Governance – industry challenge

17

Pre-consultation on Level 3:

Systems of Governance

Management body remains responsible for:

ensuring suitability, effectiveness and

proportionality of the risk management system,

setting risk appetite and risk tolerance limits;

approving main risk management strategies and policies.

EIOPA identifies 9 minimum areas to be covered by risk management

system:

Underwriting and reserving risks;

Asset-Liability management;

Market risk;

Liquidity risk;

Concentration risk;

Reinsurance and other risk-mitigation techniques;

Credit risk;

Strategic and reputational risk

Internal Audit

Internal Control

Actuarial Function

What does governance look like?

System of Governance

Fit and proper

ORSA

Risk Management

18

Governance Implications

The Board’s responsibilities

The administrative or management body of the

(re)insurance undertaking has the ultimate

responsibility for the undertaking's compliance with this Directive

Insurance and reinsurance undertakings to have in place an effective

system of governance which provides for sound and prudent management

of the business.

All persons who effectively run the undertaking or have other key functions

must meet ‘fit and proper’ requirements (General, Fitness, Propriety,

policies and procedures, Notification).

Firms shall have in place an effective risk management system comprising

strategies, processes and reporting procedures necessary to monitor,

manage and report, on a continuous basis the risks they face.

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

19

Governance Implications

As part of their risk management system, all

(re)insurance undertakings should have, as an

integral part of their business strategy, a regular

practice of assessing their overall solvency needs

with a view to their specific risk profile.

Insurance and reinsurance undertakings shall have in place an effective

internal control system.

That system shall at least include administrative and accounting

procedures, an internal control framework, appropriate reporting

arrangements at all levels of the undertaking and a permanent compliance

function.

Insurance and reinsurance undertakings shall provide for an effective and

permanent internal audit function and actuarial function.

Where firms outsource critical or important operational functions, the

outsourcing firm shall remain responsible for discharging all of their

obligations

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

20

Governance Framework

Most companies may have: Some companies may not have:

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

21

Fit and proper

As set out in Recital 34, all those who perform

governance functions must be fit and proper

(although only the function holders need be notified

to supervisors). Recital 35 indicates that professional qualifications and

experience should be taken into account when assessing competence.

The Directive (Article 42) states that insurers shall ensure that persons who

run the insurer or hold key functions must have appropriate qualifications

and experience (fitness) in addition to having a good reputation and integrity

(propriety). In accordance with Article 43, an extract from the judicial record,

declaration on oath or equivalent should be sufficient as proof of good

repute and must be presented within three months of issue.

Insurers are required to notify the supervisor of changes to those who hold

these key positions together with information to allow the supervisor to

assess fitness and propriety. In addition the supervisor must be notified if

any incumbent ceases to fulfil the requirements (Article 42(2) and (3)).

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

22

Integrated risk management framework

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

Risk and capital

assessment (including

internal models)

Governance, organisation

and policies

Management

informationPeople and reward Technology and

infrastructure

Risk

strategy

Risk appetite

Risk profile

External communication

and stakeholder mgmt.

4

23

Risk management: Three lines of defence

1st Line of Defence 2nd Line of Defence 3rd Line of Defence

Key Attributes

Promote a strong risk culture and

sustainable risk-return thinking

Promote a strong culture of

adhering to limits and managing

risk exposures

Ongoing monitoring of positions

and inherent risks

Portfolio optimisation on the

micro level

Key Attributes

Independent assurance on the

robustness and application of the

Risk Framework

Assess the appropriateness and

effectiveness of internal controls

Ability to link business and risk

with process and IT

Key attributes

Overarching “risk oversight unit”

across all risk types

Commonly Legal, Compliance,

Finance, Risk and Actuarial

Risk management separate from

risk control

Understand aggregated risk

positions and support in

developing and advising on risk

strategies

Business management are

responsible for the identification and

assessment of risks and controls.

Risk functions, together with risk

policy owners support and

challenge on;

completeness/accuracy of risk

assessments; risk reporting and the

adequacy of mitigation plans.

Internal audit provides independent

and objective assurance on the

robustness of the risk management

framework and the appropriateness

and effectiveness of internal

controls.

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

24

Risk management: PwC findings

Risk appetite not defined (or in adequate detail)

ERM and ORSA concepts not embedded – risk registers

present but not linked directly to capital consequences

Integration of risk management functions and linkage to

operational side of the business

Strategic business planning does not include a dynamic

concept of risk nor SII requirements

Risk-based performance frameworks not in place or often

not used in practice

Key themes emerging from 100 Gap

analyses done by PwC in Europe

Risk management

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

25

Required directive functions: Regulatory updates

Internal Audit

Internal Control

Actuarial Function



Fit and proper

ORSA

Risk Management

Actuarial Function

Insurers are required to have an

effective actuarial function

The actuarial function must be

carried out by persons with

relevant experience who are

appropriately skilled in actuarial

and financial mathematics

Internal Audit

Insurers are required to

have an effective internal

audit function. Internal

audit is responsible for

evaluating the

effectiveness and

adequacy of the internal

control system and other

areas of governance

Internal audit must be

objective and independent

from other operational

functions will report its

findings to the

management body. The

management body will

determine what actions

are to be taken as a result

of those findings and shall

ensure those actions are

carried out

26

Solvency II governance challenges

Lack of senior management support

Poor project governance

Failure to define project scope

Insufficient planning

Undefined deliverables

Lack of ownership / accountability for

deliverables

Underestimating dependencies

Insufficient resources

Inadequate resources

Poorly defined roles & responsibilities

Inadequate communication

Change in business priorities

Inadequate control / change management

procedures

27

Pillar 2

Group issues

2.2

Tim Edwards (PwC)


Insurance groups are subjects to:

Solo supervision at entity level

Group supervision

Groups that are financial conglomerates are additionally covered by

the Financial Conglomerate Directive

Groups to be supervised under the Solvency II

Directive

Only risk concentrations and intra-group transactions

None at ultimate level but insurance subgroups subject to supervision

Full supervision at level of ultimate EEA parent

Potentially subject to group supervision the extent of which is at supervisor’s discretion

Reliance on third county group supervision

Insurance group headed in EEA

EEA subgroup of an insurance group headed in the EEA

Insurance group headed in third country with equivalent supervision

Either full supervision at level of ultimate parent or “other supervision”at supervisor’s discretion (may include at level of immediate EEA holding company)

Insurance group headed in third country with non-equivalent supervision

Group containing an insurer headed by a non insurer (e.g. Bank or mixed activity holding company)

Financial conglomerates

29

Group supervisor and college of supervisors

To be established for each group:

a single supervisor, known as “group supervisor” responsible

for exercising group supervision and coordination across all

relevant territories

a “college of supervisors” chaired by the “group supervisor” to

ensure cooperation, exchange of information and consultation

among Member States concerned. EIOPA has the right to sit in

every college and have binding powers (subject to Omnibus II

drafting)

Group supervision is new for Europe and will take some time

to work effectively

If Turkey either joins the EU or is deemed equivalent the

Turkish supervisor will have the right to participate in the

colleges

30

Requirements of group supervision

What should be prepared?Group technical provision

Group SCR and approval by the “group

supervisor” of any ICM

Group eligible own funds (always at least

equal to group SCR)

Group ORSA

Group RTS and SFCR

Calculation of group solvency must be at least

annual

Calculation done by the participation insurer or

holding company and submitted to group

supervisor by that company or other as

agreed by the college of supervisors

Groups must have procedure in place to identify

deterioration of financial condition

Group supervisor to be immediately informed if

risk profile

Obtain clarity on how the solo entity fits in the

structure of the group for the purpose of

supervision

What does group supervision

mean for you?

Engage with the local supervisor

to reach a common view on:

Risk profile of the

organisation as a single

entity

Its significance within the

group as a whole

The importance of the entity

in the local market context

Use of group internal models

or approval of locally

developed models

31

Pillar 2

Proportionality

2.4

Tim Edwards (PwC)


Proportionality

All Solvency II requirements need to be met but the way they are met depends on the nature, scale and complexity of the business

”

“

33

Where could Proportionality be applied?

The Principle of Proportionality may apply to the:

Organisational structure (Art. 41)

Qualification of those holding key roles (Art. 42)

Risk and capital management (Art. 44)

Asset-Liability Mgt / Investment Policy (Art. 44(2))

ORSA (Art. 45)

Internal Control (Art. 46)

Internal Audit (Art. 47)

Actuarial function (Art. 48)

Outsourcing (Art. 49)

34


Proportionality in the Organisational structure:

the extent to which staff may perform multiple roles with appropriate

segregation of duties

scope and frequency of internal reporting

Proportionality in the qualification of those holding key roles:

lower level of professional qualification, knowledge and experience

may be acceptable

Proportionality in Risk and capital management:

how the risk management function is organised – may include less

procedures, less sophisticated risk management techniques, capital

monitoring less frequently

35


Proportionality in Asset-Liability Mgt / Investment Policy :

The sophistication of the techniques for asset-liability management

should be proportionate to the product, nature of claims and any

discretionary elements (e.g. embedded options and guarantees, short-

tail liabilities backed by high quality corporate bonds)

Proportionality in ORSA:

Complexity of ORSA depends on the risk profile of the company but

there should be a clear understanding of own solvency and financial

condition and why simplifications/proxies are appropriate

Proportionality in Internal Control:

Degree of flexibility in allocating control responsibilities

36


Proportionality in Internal Audit:

Operational/Internal audit must be segregated and therefore can be outsource

to qualified 3rd party

Proportionality in Actuarial function:

Function is mandatory but an individual with an actuarial background can be

employed part time

Proportionality in Outsourcing:

outsourcing is one way that proportionality can be achieved

The company remains ‘fully responsible’

Proportionality cannot be used if it:

materially impairs the quality of the system of governance or

increases the operational risk or

impairs the ability of the supervisor to monitor compliance or undermines

satisfactory services to policyholders (art. 49)

37

Where could Proportionality be of benefit to your

business?

Takes an objective look at the risk profile of your business –

nature, scale and complexity

Focuses on quantitative and qualitative measures and all aspects –

not just underwriting risks

Does not look at “nature”, “scale” and “complexity” in isolation –

focus on how they interact in your business

Considers whether your systems, processes and measures are

appropriate for your identified risk profile

Takes action to address any shortcomings

38

Pillar 2

Own Risk and Solvency Assessment

(“ORSA”)

3.1

Mathieu Filippo (CEA)


40

Implementing Solvency II - ORSA

Directive (Level 1)

Recital 36 (context of the ORSA)

Article 36 (ORSA is subject to supervisory review)

Article 45 (solo undertaking)

Article 246 (group)

the business and the performance of the undertaking

Delegated acts (Level 2)

No

Implementing Technical Standards (Level 3)

No

Guidance (Level 3)

Yes

29 Guidelines

41

Article 45 - the ORSA

The insurer has to assess its own overall solvency needs taking into

account

The risk profile and risk appetite

Business strategy

The short and the longer term (going concern)

The appropriateness of the standard formula / internal model / partial

internal model when confronted with the own risk profile

Some other elements

Quantifiable and non-quantifiable risk faced by the insurer

Reconciliation between the internal model and the standard formula

42

Level 3 - the ORSA (EIOPA’s requirements)

When performing the ORSA and insurers also needs to take

into account

Active involvement of management

The whole process of the ORSA including outcomes should be

documented

An ORSA policy should exist linked with the governance policies

Stress tests and scenario analysis are to be performed

Trigger events for a non-regular ORSA needs to be defined

A forward looking perspective needs to be applied of at least 3

years

43

The ORSA – the myth

44

The ORSA – back to reality

Current

Practices

Insurers

ORSA

New practices

An example

Insurers are to add the projection

of the economic balance sheet &

the capital requirements and are to

perform stress tests on forward

looking outcomes

Insurers are preparing Longer

term budgets and Strategic plans

Insurers perform ALM-studies

Main issue:

Get your organisation to change their routine and add the Solvency II requirements

This is more behaviour and cultural and will take time!!

45

The ORSA – a quick glance

The main building blocks

Assessments

Risk appetite / risk profile

Appropriateness standard formula / (partial) internal model

Emerging risks

Appropriateness of contingency plans

etc.

Definition of stress testing / scenario analysis

Forward looking incl. stress testing

Reconciliations internal models and standard formula

Reporting (internal and external)

46

Timelines annual ORSA process

Assessments

- Risk appetite

- Target capital level

- Appropriateness

- What if scenarios

Stress tests

- Scenarios

- Appropriateness

Main issues:

Translation assessments in internal

capital levels

Defining action plans for non-

quantifiable risks

Determination of relevant what-if

scenarios and

assessment of consequences

What are severe enough stress tests?

Calculation of SCR,

EBS and OF

47

ORSA assessments – some examples

Completeness of the quantification of risk (standard formula or partial internal model)

Assessment

Are all risks faced by Insurer X quantified in the SCR?

Are the recognised risk quantified appropriately?

Outcome

List of risks not quantified plus recommendation how to cope with these risks:

Capital requirement

Internal model development

(Contingency) plan

List of risk inappropriately quantified plus recommendation how to cope with this situation:

Argument for inappropriateness plus by Eureko perceived capital requirement

Internal model development

Who

Holding

Business

When

First quarter (can also be planned earlier)

48


Appropriateness of the contract

boundaryAssessment

What elements are influencing the definition of the boundary of the contract?

What scenarios are realistic and what are their outcomes?

What would happen to the expected profit in future premiums?

Outcome

List of insurance contracts which are sensitive to different interpretations / scenarios

Impact of the identified scenarios on the best estimate, risk margin, own funds and

SCR

Recommendation how to cope with this uncertainty

Amount of capital at risk and assessment if this is critical regarding capital adequacy

Who

Business

When

First quarter (after calculation of the economic balance sheet and SCR)

49


Bubble management

Assessment

Are there any investments / products which are part of a so called “bubble”

Outcome

List of areas which could be part of a potential bubble

An analysis of the reasoning why a potential bubble could be recognised

Sharper increase in value than a general index

“Hype” environment (everybody is discussing,..)

Investment banks are roaming the streets with certain products

Recommendation how to cope with the potential bubble

Who

Holding

When

First quarter and continuously

50


Assessments

- Risk appetite


- Appropriateness

- What if scenarios

Stress tests

- Scenarios

- Appropriateness

Main issues:

Alignment of all the processes

Projection SCR into the future

The process takes time, thus more up-to-date date becomes available continuously

Based on the

assessments

and decisions

on risk appetite,

capital levels and

stress tests /

scenarios provide

guidance for

long term

business

planning

Calculation of SCR,

EBS and OF

Prepare budget/

Forward looking

Stress test

Reconcile OF &

SCR

51

ORSA – forward looking assessment

SCR

ORSA

buffer

Own

funds

T=0

SCR

ORSA

buffer

Own

funds

T=1

Forecast

SCR

ORSA

buffer

Own

funds

T=n

Budget planning

+

Extrapolation

(valuation methodology)

Stress testing &

Scenario analysis

Stress testing &

Scenario analysis

52


Monitoring of triggering events for (partial) re-run of ORSA

Assessments

- Risk appetite


- Appropriateness

- What if scenarios

Stress tests

- Scenarios

- Appropriateness

Main issues:

Communication

Understanding of the information

Acting on the information

Who is responsible? Three lines of defence in practice?

Based on the

assessments

and decisions

on risk appetite,

capital levels and

stress tests /

scenarios provide

guidance for

long term

business

planning

Decide

&

Disclose

Calculation of SCR,

EBS and OF

Prepare budget/

Forward looking

Stress test

Reconcile OF &

SCR

53

ORSA – continuous improvement

ORSA – first exercise

Gather all the current information and reports

see where the gaps are and assess what is

missing and how to proceed but use this first

Data set for policy decisions get a feeling.

ORSA – best effort

Make a first real ORSA following the interpretation

of the guidelines.

Use the first stress tests as defined by EIOPA /

IMF / etc.

Use the budget process and apply the first

forward looking guidance

make the first assessments (top-down and

review bottom-up)

Start embedding the ORSA process in the

line organisation as “business as usual”

ORSA – steering instrument

The ORSA elements are “embedded” in the

Organisation

Feedback loops and Monitoring process

exist

Pillar 3

Requirements and status of the debate

4.1

Natalie Stevenson (CEA)


55

Reporting required at both group and solo level, subject to supervisory approval

disclosure can be done only at group level.

Current proposals require a mixture of both quantitative and qualitative, reporting and

disclosure, additional quantitative quarterly and annual reporting. Qualitative reporting

at least every 3 years.

Pillar 3 requirements: Overview

Solvency and Financial Condition Report (SFCR)

SFCR should include description of:

The business and the performance of the undertaking

The system of governance and an assessment of its adequacy for the risk profile

of the undertaking

The risk exposure, concentration, mitigation and sensitivity

Bases and methods used for the valuation of assets, technical provisions and

other liabilities

Structure and amount of own funds, and their quality

SCR and MCR

Information explaining the main differences between the underlying assumptions

of the standard formula and those of any internal model

Amount of any non compliance with the MCR or SCR

Level 2 requirements expand upon Article 51 of Framework Directive

Companies are required to disclose publicly, on an annual basis, a report on

their solvency and financial condition

56

Pillar 3 requirements: Systematic disclosure

Report to Supervisor (RTS)

RTS is a private report to supervisors

Requires additional information to the SFCR including:

Business strategy

Legal and regulatory issues

Any variance against plan

Projections of future solvency needs

Future risk exposures

Further details, including the structure and content of the quantitative

reporting templates (QRTs) left to Level 3


Companies are required to submit a qualitative report at least every 3 years and

quantitative templates on an annual/quarterly basis.

57

Pillar 3 requirements: Systematic reporting

Quantitative Reporting Templates (QRTs)

63 templates covering the following areas:

Balance Sheet

Assets

Own Funds

MCR & SCR

Variation Analysis

Technical Provisions (Life)

Technical Provisions (Non-Life)

Reinsurance & SPVs

Group Specific

Some templates will be subject to public disclosure.


Companies are required to submit quantitative templates on an annual /quarterly

basis.

58

Pillar 3 requirements: Systematic reporting

Proportionality should ensure that requirements are proportionate in terms of

the nature, scale and complexity of the business.

Materiality, in the context of the SFCR and RSR, states that the information

to be disclosed/reported should be considered as material if its omission or

misstatement could influence the decision-making or judgement of the users

of that document/decision-making or judgement of the supervisory authority.

Application of proportionality and materiality for QRTs has not yet been

determined.

Examples of proportionality in terms of reporting QRTs could as follows:

Proportionality could be applied by allowing for simplifications and approximations

during frequent (more than annual) systematic reporting of QRTs;

Quarterly reporting could be waived for smaller undertakings, in terms of nature,

size and complexity.

59

Pillar 3 requirements: Proportionality &

Materiality

Draft QRTs Frequency and Disclosure requirements

QRT Category Solo Group More than

Annual

Disclosure

Balance Sheet X X X X

Assets X X X

Own Funds X X X X

MCR X X X

SCR X X X

Variation

Analysis

X X TBC

Technical

Provisions

X X X X

Reinsurance &

SPVs

X X

Group specific X X TBC

60

Pillar 3 requirements: Systematic reporting &

disclosure

This is a high level summary and not all templates in each of the indicated categories are subject

to quarterly reporting or disclosure.

Draft QRTs content

61

Template category No. of templates CEA Comments

Balance Sheet 3 Quarterly preparation of SII valuations for

assets and liabilities.

Off balance sheet items, assets & liabilities

by currency.

Assets (investments) 7 Detailed list of asset information by portfolio

list and by look through.

Mapping to new CIC table required.

Own funds 2 Detailed breakdown of own funds per tier

sourcing information from both financial

statements and from the Solvency II

balance sheet.

Information on ring fenced funds.

MCR&SCR 12 Detailed breakdown of MCR and SCR

calculations on quarterly basis.

Potential disclosure of capital add-ons

break down.


disclosure



Draft QRTs content

Template category No. of templates CEA Comments

Variation Analysis 5 Currently based on MCEV approach to

track changes in own funds over 1 year.

Activity by country.

Technical Provisions

(L+NL)

15 Best estimate cash flows and risk margin by

LoB.

Gross Best Estimate per country and LoB.

10yr claims triangles (NL).

Information by LoB/currency combinations.

Reinsurance & SPVs 4 10 most important risks in terms of

reinsured exposure.

Information per SPV.

Group Specific 15 Solvency II information per entity in scope

of the group.

Risk concentrations and IGTs.

62


disclosure



Pillar 3 requirements:Expected requirements upon entry into force

63

SII Year 1

8 weeks 8 weeks 8 weeks 20w

Solo entities

SII Year 2

QRTs

(Q1 Y1)

QRTs

(Q2 Y1)

QRTs

(Q3 Y1)

8 weeks

QRTs

(Q4 Y1)Y1: RSR; SFCR;

Annual QRTs

Q1 Q2Q2 Q3 Q4 Q1

QRTs

(Q1 Y2)

7 weeks

Phasing in:

Solo RSR/SFCR/Annual QRTs: 20 weeks, 18 weeks, 16 weeks, 14 weeks.

Solo QRTs: 8 weeks, 7 weeks, 6 weeks, 5 weeks.

Group RSR/SFCR/Annual QRTs: 26 weeks, 24 weeks, 22 weeks, 20

weeks.

EIOPA potentially will apply infra-annual reporting to groups,

confirmation on this point and corresponding deadlines are yet to be

confirmed.

Additional requirements not dependent on the reporting period

ORSA reporting

ORSA may follow a different timeframe than for reporting i.e. Business planning time

horizon.

Latest draft of Level 2 give more flexibility on ORSA reporting:

An ORSA must be performed annually

It can be performed at any point during the year

The results must be reported 2 weeks after its conclusion

Pre-defined events

Undertakings should consider as pre-defined events, those that could reasonably be

expected to lead or have already led to material changes to information provided in

the SFCR and RSR.

Undertakings should consider as a pre-defined event the performance of an additional

ORSA.

64

Pillar 3 requirements: ORSA & Pre-defined

events

Business Considerations

Maximising efficiency within a group structure:

Group ORSA report

Group SFCR

Cut out duplicate reporting and disclosure by using synergies between existing reports:

Between financial statements and SFCR

Between SFCR and RSR

Business Challenges

Managing the differences between Solvency II and financial reporting valuations.

Ensuring timely receipt of information from third party sources.

Building and implementing an XBRL taxonomy before entry into force of Solvency II.

National specific templates and impact on cross border activity.

65

Pillar 3 requirements: Business

considerations

Pillar 3


4.2

Steve Dellow (PwC)



What the requirements say

Deliverables overview

What can go wrong and how to avoid it

Sources of information

67


Given the high importance of data in internal

modelling, undertakings and supervisory

authorities should strive for the highest data

quality standards to be applied

CEIOPS CP56 – Tests and Standards for Internal

Model Approval

”

“

Member states shall ensure that ... undertakings

have internal processes and procedures in place

to ensure the completeness, accuracy and

appropriateness of data used in the calculation of

technical provisions

CEIOPS CP43 – Standards for Data Quality Model

Approval

”

“

68

Data requirements of Solvency II

Complete

The data are free from material errors;

Data from different time periods used for the same

estimation are consistent;

The data are recorded in a timely manner and consistently

over time.

Appropriate

Accurate

69

The degree of confidence that can be placed in the data. Data

must be sufficiently accurate to avoid material distortion of the

model output.

Complete

Data are available for each of the relevant homogenous risk

groups;

the data are of sufficient granularity and include sufficient

historical information to identify trends and assess the

characteristics of the underlying risk.

Appropriate

Accurate

70

Databases provide comprehensive information for the undertaking.


Complete

The data fit the intended purposes;

The amount and nature of the data ensure that the

estimations made not include a material estimation error;

The data are consistent with underlying assumptions

The data appropriately reflect the risks to which the

insurance or reinsurance undertaking is exposed with regard

to its insurance and reinsurance obligations.Appropriate

Accurate

71


Data does not contain biases which make it unfit for purpose

The Summary

Organisations need to ensure that the data used to generate

information using their Internal Models is of sufficient quality so

that the information generated is materially accurate and

representative of the business and its risks.

To do this successfully, an organisation will need to:

Understand the scope of data relevant to Solvency II

Define what the quality requirements are of that data

Demonstrate that the required quality is being achieved

Where the required quality is not being achieved, improve it or

account for it.

Write it all down!

72

The minimum Solvency II requirements for Data

are …

The Summary

Organisations need to ensure that the

data used to generate information

using their Internal Models is of

sufficient quality so that the

information generated is materially

accurate and representative of the

business and its risks.

To do this successfully, an

organisation will need to:

Understand the scope of data relevant

to Solvency II

Define what the quality requirements

are of that data

Demonstrate that the required quality

is being achieved

Where the required quality is not being

achieved, improve it or account for it.

Write it all down!

The Details

Data Quality Policy

Organisations must have a data quality policy,

which defines their approach to managing data.

As well as the explicit minimum contents, this

document is essentially the ‘vision’ of how data

quality management will be implemented in the

organisation

Data Directory

A directory of all data used to operate, validated

and develop the Internal Model, specifying its

source, characteristics and usage

System of data quality management

organisations must have processes designed

specifically to provide assurance of the

accuracy, completeness and appropriateness of

the data used to operate, validate and develop

their Internal Model

Documentation

There are various specific requirements for data

documentation, from data flow diagrams of the

internal model, to documentation of data

deficiencies and justifications of expert

judgement

73

The minimum Solvency II requirements for Data

are …

Data subject Level 2 extract

Data policy

Data directory

Data monitoring

Data deficiencies

Data governance

Undertakings shall establish their own policy on data

quality approved by senior management and includes:

Scope

Own definition for data quality: completeness,

accuracy, timeliness and appropriateness

Specification of processes for checking and validating

data quality

Data Governance

Update of data and use of expert judgement

Definition of policy ownership and data quality roles

and responsibilities

74

Data for Solvency II: Deliverables


Data policy

Data directory

Data monitoring

Data deficiencies

Data governance

The undertaking shall compile a directory of any

material data used in models, specifying:

Source

Characteristics (completeness, accuracy,

appropriateness, timeliness)

Usage

Where appropriate, materiality and use of expert

judgement identified

Evidence (e.g. process maps) that you understand

the full data lineage for the data in scope

Relevant controls/monitoring assigned to data items

75



Data policy

Data directory

Data monitoring

Data deficiencies

Data governance

The onus is on the undertaking to demonstrate that

data is accurate, complete and appropriate.

Perform regular data quality checks which are

designed to provide assurance of the accuracy,

completeness and appropriateness of the data

Identification of the controls required to meet your

quality requirements

Mechanisms designed to monitor controls operating

effectiveness

Controls monitoring linked into data governance

arrangements

Plans for ongoing validation and assurance e.g. data

quality testing plan

76



Data policy

Data directory

Data monitoring

Data deficiencies

Data governance

Undertakings shall document all instances in which

data quality may be compromised as well as its

implications.

Undertakings shall maintain a data deficiency log

77



Data policy

Data directory

Data monitoring

Data deficiencies

Data governance

Undertakings shall design governance arrangements to:

Provide oversight of the application of the data policy

Ensure that the processes supporting data quality are

kept under regular review

Ensure appropriate assurance is carried out for

validating the quality of data

78


Data ProducersO

perations

Data Quality CoEData M

anagers

Governance

Process Owners

Data Consumers

Policy Administration

Chief Actuary

Capital Modelling

ActuaryReserving Actuary

CIO

Head of Marine

Claims Administration

Bordereau Data Market Data

Management Board

Risk and

Compliance

Head of Property

Data Quality Controls

Head of Underwriting

Data Quality

Analysts

Data Quality

Manager

Data Responsibilities


Data Requirements


Issue Analysis

Data Quality

Metrics Production

External Sources


Source Data Production

Data Stewardship


Methods & Tools

Change Process

Quality Metrics Design

Assess, Improve,

Sustain Processes

Data Steering Committee

Committee ChairSenior Data

ConsumersData Quality CoE CIOExec Sponsor

MI Requirements

Data Administrators Database Administrators IT Operations

Actuarial Function

Infrastructure

Management

Data Governance Structure

79

Observations

An area many firms are having to

create from scratch

Data policy overly complex and

not easily converted into

business as usual processes

Data policy can be a statement of

the ‘what’ but not the ‘how’

Existing governance

arrangements are limited and not

organisation-wide

Lack of understanding of what is

meant by governance

Confirmation of responsibility for

data quality not defined

Considerations

Use the Data Policy as

cornerstone of data quality

management

Understand and use what

already exists in the organisation

– build on what you already do

well

Opt for a phased roll-out, not all

at once

Align the design to how your

organisation operates e.g.

reporting and committees

Support data governance with an

effective communication plan

Support with effective procedural

documentation and templates for

consistency

Underpin with senior sponsorship

to ‘get things done’

80

What can go wrong?

Observations

Not many firms have attempted

the definition of data quality

criteria – this is new ground

Has presented some significant

barriers in terms of

understanding what is required

Can reveal weaknesses in Data

Policy around definitions and

scope

Can place significant strain on

resources

First point of interaction between

governance processes and

detailed business information

Considerations

Approach from a different angle

e.g. what makes data fit for

purpose?

Consider extending criteria to

beyond just a percentage or a

numerical threshold e.g. a

statement

Can be considered as a

requirement or limits and triggers

Utilise the knowledge and

experience of the Data Quality

Manager (or equivalent) to

facilitate this step

81

What can go wrong?

Observations

Many firms already have data

controls as part of business-

as-usual processes

There is no documented

linkage between these

controls and data quality

requirements

There is a lack of monitoring

to highlight when controls

have failed

Actuaries can believe they

are responsible for all data

quality controls

Considerations

Map data quality

requirements to controls to

identify areas of weak control

A good mix of preventative

and detective controls should

be in place with monitoring to

demonstrate that the controls

are achieving their objectives

Ensure the controls

monitoring framework is

aligned to your Data

Governance

82

What can go wrong?

Data for Solvency II: Conclusion

Do not allow the data workstream to receive anything less than full

attention

Resource intensive

Extensive documentation

Can require significant analysis, design and implementation of

policies and processes

“Data management appeared to be one area where firms still have comparatively more to do to achieve the likely Solvency II requirements”

FSA IMAP Thematic Review (February 2011)

”

”

83

For more information

www.cea.eu

CEA aisbl

Square de Meeûs 29

B-1000 Brussels

Documents

Solvency II The essentials for Pillars II and III & what’s ... · governance which provide for sound and prudent management (Article 41(1)). The system of governance shall be proportionate