Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Solvency II
The essentials for Pillars II and III
& what’s next for Pillar I
Istanbul, 30 September 2011
What are the requirements, the practical implications and
implementation challenges?
In association
with:
Agenda
09:30 –
09:45Welcome SpeechesErhan Tuncay: Association of the Insurance and Reinsurance Companies of Turkey, Secretary General
09:45 –
10:15Opening SpeechAhmet Genc: General Directorate of Insurance of the Undersecretariat of Treasury, Director General - Ongoing works in Turkey
regarding Solvency 2
10:15 –
11:15Pillar 1
An overview of the QIS5 exercise across Europe - Speaker: Pierre-Jean Vouette (Eiopa)
Issues arising from QIS5 and subsequent changes - Speaker Yannis Pitaras (CEA)
11:15 –
11:30
BREAK
11:30 –
12:30Pillar 2 - Speaker: Tim Edwards (PwC)
Systems of governance
Group issues
Supervisory Review Process
Proportionality
12:30 –
14:00
LUNCH
14:00 –
15:00Pillar 2 - Speaker: Mathieu Filippo (CEA)
ORSA
15:00 –
15:15
BREAK
15:15 –
16:15Pillar 3 - Speakers: Natalie Stevenson (CEA) & Steve Dellow (PwC)
Pillar 3 requirements and status of the debate (inc proportionality)
Solvency II and Data requirements
16:15 –
16:30 Closing Remarks
Pillar 1
QIS 5 results
1.1
Jean-Pierre Vouette (Eiopa)
Istanbul, 30 September 2011
Pillar 1
Contentious issues arising from QIS5 and
subsequent changes
1.2
Yannis Pitaras
Istanbul, 30 September 2011
Where do we stand in the Solvency II process?
2005 2006 2007 2008 2009 2010 2011
Directive Development
(Commission)
CEIOPS work on Pillar I
CEIOPS work on
Pillars II and III
CEIOPS advice on
Implementing Measures
QIS5QIS 1 QIS 2 QIS 3 QIS 4
CEIOPS
advice on
Proportionality
& Groups
Industry gets prepared
CEIOPS work
on L3
2012
Transposition
1 Jan 2013?
5
How does Omnibus II fit into the Solvency II timeline?
2013
Jan
Directive Adoption
(Council & Parliament)
Commission
pre-consultation
Level 2
6
2011
Jan2012
Dec
2011
Dec
2012
Jan
Commission
Freeze Level 2
EIOPA pre-consultation
Level 3 EIOPA
ITS
Public
Consultation & Adoption
Final
preparatio
n
Industry gets prepared
Level 3
Level 2
Level 1
Council & EP adopt delegated
Acts
Delegated
Acts
Endorseme
nt
Adoption
Consultatio
n
QIS5 results: An industry perspective
Participation rates:
68% of total European insurance undertakings (target 60%) and
167 of groups
Caveats surround results
Consistency of approach: Known issues: deferred tax,
contract boundaries etc,
QIS5 showed some important concerns still needing to be
solved for some specific risks and LoBs
7
“The overall health of the European insurance industry has been demonstrated by the results of the fifth and last comprehensive quantitative impact study (QIS 5)”
Derivation of risk-free interest rate:
Volatility in valuation of assets and liabilities
Extrapolation
The Counter-Cyclical Premium alias the “Illiquidity
Premium”:
Application and uncertainty
And the “matching premium”?
And an explicit adjustment of non AAA government
bonds?
Issues related products with
long-term guarantees
8
Bond spreads – why higher yields?
Decomposition of sterling-denominated investment-grade
corporate bond spreads. Source : Bank of England
Compensation for
expected defaults
Compensation for
uncertainty about
default losses
Other –
including
illiquidity
“Unexpected default? Or is it artificial volatility? Or should we just call it bad volatility”
What is the illiquidity premium after all?
9
RM
Market Consistent Value of technical
provisions
Market value for hedgeable risks and BE plus risk
margin for non hedgeable risks
Minimum Capital Requirement (MCR)
Reflects a level of capital below which ultimate
supervisory action should be triggered
Calculated on a factor basis, but within the corridor of
25% - 45% of the SCR
Solvency Capital Requirement (SCR)
Target Capital which should enable to absorb
significant unforeseen losses over a specified time
horizon
The standard calculation can be replaced by the use
of internal model under supervisory validation
Ladder of Intervention
Solvency II should guarantee a ladder of intervention
if the available capital falls below SCR
Concept of transferability of TP in extreme situations
MCR
SCR
Market -
consistent
Value of
Liabilities
The ladder: a counter-cyclical tool by construction
Risk Margin
Ladder of Ladder of
InterventioInterventio
nn
10
Contract Boundaries in QIS5
Conditions Treatment
Restriction on undertaking’s ability to amend premiums is
economically relevant
Include premiums
Undertaking can only amend premiums based on a published
mortality table
Include premiums
Undertaking can increase policy charges to offset potential future
losses
Exclude premiums
Future premiums related to the insurance and reinsurance obligations of the existing contract or the guarantee or option should be allowed for
However, future premiums should not be included if the insurer has an unlimited ability to amend the premium or benefits.
Q+A issued by Ceiops stated, for example:
11
EFIFP calculated using 100% “paid-up” scenario
Classifying EFIFP as Tier 3 leads to counter-intuitive results:
If EFIFP classified as Tier 3 (of which only 15% eligible):
there would be a capital requirement on portion of EFIFP not eligible as own funds; and
this would incentivise writing business with zero EFIFP
Expected future profits in future premiums
€6m
€24m
€20m Eligible own
funds =
€26m
EFIFP
Base own funds (A-L) = €50m
€5m
€5m
Stressed
own funds =
€10mEFIFP
€40mSCR
12
Groups
Groups diversification
Transferability of available financial resources across the
group
Complexity
Other issues still needing to be addressed
“The CEA agrees with EIOPA and the European Commission that a further key issue is the complexity of certain calculations and requirements. “This complexity must be tackled to ensure that Solvency II is workable for all and particularly for smaller”
13
Understanding group diversification effects
No group
diversification
Full group
diversificationDifferent sources of diversification
0
50
100
150
200
Sum of SCRs Concentration Natural
hedges
Intra-group Geographic Group synergy Group SCR
14
Pillar 2
Systems of governance
2.1
Tim Edwards (PwC)
Istanbul, 30 September 2011
How Solvency II will work in Europe
Article 40 requires that an insurer’s management body is made
ultimately responsible for compliance with all laws and regulations in
connection with Solvency II. As part of discharging these
responsibilities they will need to establish effective systems of
governance which provide for sound and prudent management (Article
41(1)).
The system of governance shall be proportionate to the nature, scale
and complexity of the operations of the insurer. The system of
governance shall also include an adequate transparent organisational
structure with a clear allocation and appropriate segregation of
responsibilities and an effective system for ensuring the transmission of
information. The system of governance shall be subject to regular
internal review (Article 41(1)-(2)).
16
System of Governance – industry challenge
17
Pre-consultation on Level 3:
Systems of Governance
Management body remains responsible for:
ensuring suitability, effectiveness and
proportionality of the risk management system,
setting risk appetite and risk tolerance limits;
approving main risk management strategies and policies.
EIOPA identifies 9 minimum areas to be covered by risk management
system:
Underwriting and reserving risks;
Asset-Liability management;
Market risk;
Liquidity risk;
Concentration risk;
Reinsurance and other risk-mitigation techniques;
Credit risk;
Strategic and reputational risk
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
18
Governance Implications
The Board’s responsibilities
The administrative or management body of the
(re)insurance undertaking has the ultimate
responsibility for the undertaking's compliance with this Directive
Insurance and reinsurance undertakings to have in place an effective
system of governance which provides for sound and prudent management
of the business.
All persons who effectively run the undertaking or have other key functions
must meet ‘fit and proper’ requirements (General, Fitness, Propriety,
policies and procedures, Notification).
Firms shall have in place an effective risk management system comprising
strategies, processes and reporting procedures necessary to monitor,
manage and report, on a continuous basis the risks they face.
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
19
Governance Implications
As part of their risk management system, all
(re)insurance undertakings should have, as an
integral part of their business strategy, a regular
practice of assessing their overall solvency needs
with a view to their specific risk profile.
Insurance and reinsurance undertakings shall have in place an effective
internal control system.
That system shall at least include administrative and accounting
procedures, an internal control framework, appropriate reporting
arrangements at all levels of the undertaking and a permanent compliance
function.
Insurance and reinsurance undertakings shall provide for an effective and
permanent internal audit function and actuarial function.
Where firms outsource critical or important operational functions, the
outsourcing firm shall remain responsible for discharging all of their
obligations
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
20
Governance Framework
Most companies may have: Some companies may not have:
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
21
Fit and proper
As set out in Recital 34, all those who perform
governance functions must be fit and proper
(although only the function holders need be notified
to supervisors). Recital 35 indicates that professional qualifications and
experience should be taken into account when assessing competence.
The Directive (Article 42) states that insurers shall ensure that persons who
run the insurer or hold key functions must have appropriate qualifications
and experience (fitness) in addition to having a good reputation and integrity
(propriety). In accordance with Article 43, an extract from the judicial record,
declaration on oath or equivalent should be sufficient as proof of good
repute and must be presented within three months of issue.
Insurers are required to notify the supervisor of changes to those who hold
these key positions together with information to allow the supervisor to
assess fitness and propriety. In addition the supervisor must be notified if
any incumbent ceases to fulfil the requirements (Article 42(2) and (3)).
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
22
Integrated risk management framework
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
Risk and capital
assessment (including
internal models)
Governance, organisation
and policies
Management
informationPeople and reward Technology and
infrastructure
Risk
strategy
Risk appetite
Risk profile
External communication
and stakeholder mgmt.
4
23
Risk management: Three lines of defence
1st Line of Defence 2nd Line of Defence 3rd Line of Defence
Key Attributes
Promote a strong risk culture and
sustainable risk-return thinking
Promote a strong culture of
adhering to limits and managing
risk exposures
Ongoing monitoring of positions
and inherent risks
Portfolio optimisation on the
micro level
Key Attributes
Independent assurance on the
robustness and application of the
Risk Framework
Assess the appropriateness and
effectiveness of internal controls
Ability to link business and risk
with process and IT
Key attributes
Overarching “risk oversight unit”
across all risk types
Commonly Legal, Compliance,
Finance, Risk and Actuarial
Risk management separate from
risk control
Understand aggregated risk
positions and support in
developing and advising on risk
strategies
Business management are
responsible for the identification and
assessment of risks and controls.
Risk functions, together with risk
policy owners support and
challenge on;
completeness/accuracy of risk
assessments; risk reporting and the
adequacy of mitigation plans.
Internal audit provides independent
and objective assurance on the
robustness of the risk management
framework and the appropriateness
and effectiveness of internal
controls.
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
24
Risk management: PwC findings
Risk appetite not defined (or in adequate detail)
ERM and ORSA concepts not embedded – risk registers
present but not linked directly to capital consequences
Integration of risk management functions and linkage to
operational side of the business
Strategic business planning does not include a dynamic
concept of risk nor SII requirements
Risk-based performance frameworks not in place or often
not used in practice
Key themes emerging from 100 Gap
analyses done by PwC in Europe
Risk management
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
25
Required directive functions: Regulatory updates
Internal Audit
Internal Control
Actuarial Function
What does governance look like?
System of Governance
Fit and proper
ORSA
Risk Management
Actuarial Function
Insurers are required to have an
effective actuarial function
The actuarial function must be
carried out by persons with
relevant experience who are
appropriately skilled in actuarial
and financial mathematics
Internal Audit
Insurers are required to
have an effective internal
audit function. Internal
audit is responsible for
evaluating the
effectiveness and
adequacy of the internal
control system and other
areas of governance
Internal audit must be
objective and independent
from other operational
functions will report its
findings to the
management body. The
management body will
determine what actions
are to be taken as a result
of those findings and shall
ensure those actions are
carried out
26
Solvency II governance challenges
Lack of senior management support
Poor project governance
Failure to define project scope
Insufficient planning
Undefined deliverables
Lack of ownership / accountability for
deliverables
Underestimating dependencies
Insufficient resources
Inadequate resources
Poorly defined roles & responsibilities
Inadequate communication
Change in business priorities
Inadequate control / change management
procedures
27
Pillar 2
Group issues
2.2
Tim Edwards (PwC)
Istanbul, 30 September 2011
Insurance groups are subjects to:
Solo supervision at entity level
Group supervision
Groups that are financial conglomerates are additionally covered by
the Financial Conglomerate Directive
Groups to be supervised under the Solvency II
Directive
Only risk concentrations and intra-group transactions
None at ultimate level but insurance subgroups subject to supervision
Full supervision at level of ultimate EEA parent
Potentially subject to group supervision the extent of which is at supervisor’s discretion
Reliance on third county group supervision
Insurance group headed in EEA
EEA subgroup of an insurance group headed in the EEA
Insurance group headed in third country with equivalent supervision
Either full supervision at level of ultimate parent or “other supervision”at supervisor’s discretion (may include at level of immediate EEA holding company)
Insurance group headed in third country with non-equivalent supervision
Group containing an insurer headed by a non insurer (e.g. Bank or mixed activity holding company)
Financial conglomerates
29
Group supervisor and college of supervisors
To be established for each group:
a single supervisor, known as “group supervisor” responsible
for exercising group supervision and coordination across all
relevant territories
a “college of supervisors” chaired by the “group supervisor” to
ensure cooperation, exchange of information and consultation
among Member States concerned. EIOPA has the right to sit in
every college and have binding powers (subject to Omnibus II
drafting)
Group supervision is new for Europe and will take some time
to work effectively
If Turkey either joins the EU or is deemed equivalent the
Turkish supervisor will have the right to participate in the
colleges
30
Requirements of group supervision
What should be prepared?Group technical provision
Group SCR and approval by the “group
supervisor” of any ICM
Group eligible own funds (always at least
equal to group SCR)
Group ORSA
Group RTS and SFCR
Calculation of group solvency must be at least
annual
Calculation done by the participation insurer or
holding company and submitted to group
supervisor by that company or other as
agreed by the college of supervisors
Groups must have procedure in place to identify
deterioration of financial condition
Group supervisor to be immediately informed if
risk profile
Obtain clarity on how the solo entity fits in the
structure of the group for the purpose of
supervision
What does group supervision
mean for you?
Engage with the local supervisor
to reach a common view on:
Risk profile of the
organisation as a single
entity
Its significance within the
group as a whole
The importance of the entity
in the local market context
Use of group internal models
or approval of locally
developed models
31
Pillar 2
Proportionality
2.4
Tim Edwards (PwC)
Istanbul, 30 September 2011
Proportionality
All Solvency II requirements need to be met but the way they are met depends on the nature, scale and complexity of the business
”
“
33
Where could Proportionality be applied?
The Principle of Proportionality may apply to the:
Organisational structure (Art. 41)
Qualification of those holding key roles (Art. 42)
Risk and capital management (Art. 44)
Asset-Liability Mgt / Investment Policy (Art. 44(2))
ORSA (Art. 45)
Internal Control (Art. 46)
Internal Audit (Art. 47)
Actuarial function (Art. 48)
Outsourcing (Art. 49)
34
Where could Proportionality be applied?
Proportionality in the Organisational structure:
the extent to which staff may perform multiple roles with appropriate
segregation of duties
scope and frequency of internal reporting
Proportionality in the qualification of those holding key roles:
lower level of professional qualification, knowledge and experience
may be acceptable
Proportionality in Risk and capital management:
how the risk management function is organised – may include less
procedures, less sophisticated risk management techniques, capital
monitoring less frequently
35
Where could Proportionality be applied?
Proportionality in Asset-Liability Mgt / Investment Policy :
The sophistication of the techniques for asset-liability management
should be proportionate to the product, nature of claims and any
discretionary elements (e.g. embedded options and guarantees, short-
tail liabilities backed by high quality corporate bonds)
Proportionality in ORSA:
Complexity of ORSA depends on the risk profile of the company but
there should be a clear understanding of own solvency and financial
condition and why simplifications/proxies are appropriate
Proportionality in Internal Control:
Degree of flexibility in allocating control responsibilities
36
Where could Proportionality be applied?
Proportionality in Internal Audit:
Operational/Internal audit must be segregated and therefore can be outsource
to qualified 3rd party
Proportionality in Actuarial function:
Function is mandatory but an individual with an actuarial background can be
employed part time
Proportionality in Outsourcing:
outsourcing is one way that proportionality can be achieved
The company remains ‘fully responsible’
Proportionality cannot be used if it:
materially impairs the quality of the system of governance or
increases the operational risk or
impairs the ability of the supervisor to monitor compliance or undermines
satisfactory services to policyholders (art. 49)
37
Where could Proportionality be of benefit to your
business?
Takes an objective look at the risk profile of your business –
nature, scale and complexity
Focuses on quantitative and qualitative measures and all aspects –
not just underwriting risks
Does not look at “nature”, “scale” and “complexity” in isolation –
focus on how they interact in your business
Considers whether your systems, processes and measures are
appropriate for your identified risk profile
Takes action to address any shortcomings
38
Pillar 2
Own Risk and Solvency Assessment
(“ORSA”)
3.1
Mathieu Filippo (CEA)
Istanbul, 30 September 2011
40
Implementing Solvency II - ORSA
Directive (Level 1)
Recital 36 (context of the ORSA)
Article 36 (ORSA is subject to supervisory review)
Article 45 (solo undertaking)
Article 246 (group)
the business and the performance of the undertaking
Delegated acts (Level 2)
No
Implementing Technical Standards (Level 3)
No
Guidance (Level 3)
Yes
29 Guidelines
41
Article 45 - the ORSA
The insurer has to assess its own overall solvency needs taking into
account
The risk profile and risk appetite
Business strategy
The short and the longer term (going concern)
The appropriateness of the standard formula / internal model / partial
internal model when confronted with the own risk profile
Some other elements
Quantifiable and non-quantifiable risk faced by the insurer
Reconciliation between the internal model and the standard formula
42
Level 3 - the ORSA (EIOPA’s requirements)
When performing the ORSA and insurers also needs to take
into account
Active involvement of management
The whole process of the ORSA including outcomes should be
documented
An ORSA policy should exist linked with the governance policies
Stress tests and scenario analysis are to be performed
Trigger events for a non-regular ORSA needs to be defined
A forward looking perspective needs to be applied of at least 3
years
43
The ORSA – the myth
44
The ORSA – back to reality
Current
Practices
Insurers
ORSA
New practices
An example
Insurers are to add the projection
of the economic balance sheet &
the capital requirements and are to
perform stress tests on forward
looking outcomes
Insurers are preparing Longer
term budgets and Strategic plans
Insurers perform ALM-studies
Main issue:
Get your organisation to change their routine and add the Solvency II requirements
This is more behaviour and cultural and will take time!!
45
The ORSA – a quick glance
The main building blocks
Assessments
Risk appetite / risk profile
Appropriateness standard formula / (partial) internal model
Emerging risks
Appropriateness of contingency plans
etc.
Definition of stress testing / scenario analysis
Forward looking incl. stress testing
Reconciliations internal models and standard formula
Reporting (internal and external)
46
Timelines annual ORSA process
Assessments
- Risk appetite
- Target capital level
- Appropriateness
- What if scenarios
Stress tests
- Scenarios
- Appropriateness
Main issues:
Translation assessments in internal
capital levels
Defining action plans for non-
quantifiable risks
Determination of relevant what-if
scenarios and
assessment of consequences
What are severe enough stress tests?
Calculation of SCR,
EBS and OF
47
ORSA assessments – some examples
Completeness of the quantification of risk (standard formula or partial internal model)
Assessment
Are all risks faced by Insurer X quantified in the SCR?
Are the recognised risk quantified appropriately?
Outcome
List of risks not quantified plus recommendation how to cope with these risks:
Capital requirement
Internal model development
(Contingency) plan
List of risk inappropriately quantified plus recommendation how to cope with this situation:
Argument for inappropriateness plus by Eureko perceived capital requirement
Internal model development
Who
Holding
Business
When
First quarter (can also be planned earlier)
48
ORSA assessments – some examples
Appropriateness of the contract
boundaryAssessment
What elements are influencing the definition of the boundary of the contract?
What scenarios are realistic and what are their outcomes?
What would happen to the expected profit in future premiums?
Outcome
List of insurance contracts which are sensitive to different interpretations / scenarios
Impact of the identified scenarios on the best estimate, risk margin, own funds and
SCR
Recommendation how to cope with this uncertainty
Amount of capital at risk and assessment if this is critical regarding capital adequacy
Who
Business
When
First quarter (after calculation of the economic balance sheet and SCR)
49
ORSA assessments – some examples
Bubble management
Assessment
Are there any investments / products which are part of a so called “bubble”
Outcome
List of areas which could be part of a potential bubble
An analysis of the reasoning why a potential bubble could be recognised
Sharper increase in value than a general index
“Hype” environment (everybody is discussing,..)
Investment banks are roaming the streets with certain products
Recommendation how to cope with the potential bubble
Who
Holding
When
First quarter and continuously
50
Timelines annual ORSA process
Assessments
- Risk appetite
- Target capital level
- Appropriateness
- What if scenarios
Stress tests
- Scenarios
- Appropriateness
Main issues:
Alignment of all the processes
Projection SCR into the future
The process takes time, thus more up-to-date date becomes available continuously
Based on the
assessments
and decisions
on risk appetite,
capital levels and
stress tests /
scenarios provide
guidance for
long term
business
planning
Calculation of SCR,
EBS and OF
Prepare budget/
Forward looking
Stress test
Reconcile OF &
SCR
51
ORSA – forward looking assessment
SCR
ORSA
buffer
Own
funds
T=0
SCR
ORSA
buffer
Own
funds
T=1
Forecast
SCR
ORSA
buffer
Own
funds
T=n
Budget planning
+
Extrapolation
(valuation methodology)
Stress testing &
Scenario analysis
Stress testing &
Scenario analysis
52
Timelines annual ORSA process
Monitoring of triggering events for (partial) re-run of ORSA
Assessments
- Risk appetite
- Target capital level
- Appropriateness
- What if scenarios
Stress tests
- Scenarios
- Appropriateness
Main issues:
Communication
Understanding of the information
Acting on the information
Who is responsible? Three lines of defence in practice?
Based on the
assessments
and decisions
on risk appetite,
capital levels and
stress tests /
scenarios provide
guidance for
long term
business
planning
Decide
&
Disclose
Calculation of SCR,
EBS and OF
Prepare budget/
Forward looking
Stress test
Reconcile OF &
SCR
53
ORSA – continuous improvement
ORSA – first exercise
Gather all the current information and reports
see where the gaps are and assess what is
missing and how to proceed but use this first
Data set for policy decisions get a feeling.
ORSA – best effort
Make a first real ORSA following the interpretation
of the guidelines.
Use the first stress tests as defined by EIOPA /
IMF / etc.
Use the budget process and apply the first
forward looking guidance
make the first assessments (top-down and
review bottom-up)
Start embedding the ORSA process in the
line organisation as “business as usual”
ORSA – steering instrument
The ORSA elements are “embedded” in the
Organisation
Feedback loops and Monitoring process
exist
Pillar 3
Requirements and status of the debate
4.1
Natalie Stevenson (CEA)
Istanbul, 30 September 2011
55
Reporting required at both group and solo level, subject to supervisory approval
disclosure can be done only at group level.
Current proposals require a mixture of both quantitative and qualitative, reporting and
disclosure, additional quantitative quarterly and annual reporting. Qualitative reporting
at least every 3 years.
Pillar 3 requirements: Overview
Solvency and Financial Condition Report (SFCR)
SFCR should include description of:
The business and the performance of the undertaking
The system of governance and an assessment of its adequacy for the risk profile
of the undertaking
The risk exposure, concentration, mitigation and sensitivity
Bases and methods used for the valuation of assets, technical provisions and
other liabilities
Structure and amount of own funds, and their quality
SCR and MCR
Information explaining the main differences between the underlying assumptions
of the standard formula and those of any internal model
Amount of any non compliance with the MCR or SCR
Level 2 requirements expand upon Article 51 of Framework Directive
Companies are required to disclose publicly, on an annual basis, a report on
their solvency and financial condition
56
Pillar 3 requirements: Systematic disclosure
Report to Supervisor (RTS)
RTS is a private report to supervisors
Requires additional information to the SFCR including:
Business strategy
Legal and regulatory issues
Any variance against plan
Projections of future solvency needs
Future risk exposures
Further details, including the structure and content of the quantitative
reporting templates (QRTs) left to Level 3
Level 2 requirements expand upon Article 35 of Framework Directive
Companies are required to submit a qualitative report at least every 3 years and
quantitative templates on an annual/quarterly basis.
57
Pillar 3 requirements: Systematic reporting
Quantitative Reporting Templates (QRTs)
63 templates covering the following areas:
Balance Sheet
Assets
Own Funds
MCR & SCR
Variation Analysis
Technical Provisions (Life)
Technical Provisions (Non-Life)
Reinsurance & SPVs
Group Specific
Some templates will be subject to public disclosure.
Level 2 requirements expand upon Article 35 of Framework Directive
Companies are required to submit quantitative templates on an annual /quarterly
basis.
58
Pillar 3 requirements: Systematic reporting
Proportionality should ensure that requirements are proportionate in terms of
the nature, scale and complexity of the business.
Materiality, in the context of the SFCR and RSR, states that the information
to be disclosed/reported should be considered as material if its omission or
misstatement could influence the decision-making or judgement of the users
of that document/decision-making or judgement of the supervisory authority.
Application of proportionality and materiality for QRTs has not yet been
determined.
Examples of proportionality in terms of reporting QRTs could as follows:
Proportionality could be applied by allowing for simplifications and approximations
during frequent (more than annual) systematic reporting of QRTs;
Quarterly reporting could be waived for smaller undertakings, in terms of nature,
size and complexity.
59
Pillar 3 requirements: Proportionality &
Materiality
Draft QRTs Frequency and Disclosure requirements
QRT Category Solo Group More than
Annual
Disclosure
Balance Sheet X X X X
Assets X X X
Own Funds X X X X
MCR X X X
SCR X X X
Variation
Analysis
X X TBC
Technical
Provisions
X X X X
Reinsurance &
SPVs
X X
Group specific X X TBC
60
Pillar 3 requirements: Systematic reporting &
disclosure
This is a high level summary and not all templates in each of the indicated categories are subject
to quarterly reporting or disclosure.
Draft QRTs content
61
Template category No. of templates CEA Comments
Balance Sheet 3 Quarterly preparation of SII valuations for
assets and liabilities.
Off balance sheet items, assets & liabilities
by currency.
Assets (investments) 7 Detailed list of asset information by portfolio
list and by look through.
Mapping to new CIC table required.
Own funds 2 Detailed breakdown of own funds per tier
sourcing information from both financial
statements and from the Solvency II
balance sheet.
Information on ring fenced funds.
MCR&SCR 12 Detailed breakdown of MCR and SCR
calculations on quarterly basis.
Potential disclosure of capital add-ons
break down.
Pillar 3 requirements: Systematic reporting &
disclosure
This is a high level summary and not all templates in each of the indicated categories are subject
to quarterly reporting or disclosure.
Draft QRTs content
Template category No. of templates CEA Comments
Variation Analysis 5 Currently based on MCEV approach to
track changes in own funds over 1 year.
Activity by country.
Technical Provisions
(L+NL)
15 Best estimate cash flows and risk margin by
LoB.
Gross Best Estimate per country and LoB.
10yr claims triangles (NL).
Information by LoB/currency combinations.
Reinsurance & SPVs 4 10 most important risks in terms of
reinsured exposure.
Information per SPV.
Group Specific 15 Solvency II information per entity in scope
of the group.
Risk concentrations and IGTs.
62
Pillar 3 requirements: Systematic reporting &
disclosure
This is a high level summary and not all templates in each of the indicated categories are subject
to quarterly reporting or disclosure.
Pillar 3 requirements:Expected requirements upon entry into force
63
SII Year 1
8 weeks 8 weeks 8 weeks 20w
Solo entities
SII Year 2
QRTs
(Q1 Y1)
QRTs
(Q2 Y1)
QRTs
(Q3 Y1)
8 weeks
QRTs
(Q4 Y1)Y1: RSR; SFCR;
Annual QRTs
Q1 Q2Q2 Q3 Q4 Q1
QRTs
(Q1 Y2)
7 weeks
Phasing in:
Solo RSR/SFCR/Annual QRTs: 20 weeks, 18 weeks, 16 weeks, 14 weeks.
Solo QRTs: 8 weeks, 7 weeks, 6 weeks, 5 weeks.
Group RSR/SFCR/Annual QRTs: 26 weeks, 24 weeks, 22 weeks, 20
weeks.
EIOPA potentially will apply infra-annual reporting to groups,
confirmation on this point and corresponding deadlines are yet to be
confirmed.
Additional requirements not dependent on the reporting period
ORSA reporting
ORSA may follow a different timeframe than for reporting i.e. Business planning time
horizon.
Latest draft of Level 2 give more flexibility on ORSA reporting:
An ORSA must be performed annually
It can be performed at any point during the year
The results must be reported 2 weeks after its conclusion
Pre-defined events
Undertakings should consider as pre-defined events, those that could reasonably be
expected to lead or have already led to material changes to information provided in
the SFCR and RSR.
Undertakings should consider as a pre-defined event the performance of an additional
ORSA.
64
Pillar 3 requirements: ORSA & Pre-defined
events
Business Considerations
Maximising efficiency within a group structure:
Group ORSA report
Group SFCR
Cut out duplicate reporting and disclosure by using synergies between existing reports:
Between financial statements and SFCR
Between SFCR and RSR
Business Challenges
Managing the differences between Solvency II and financial reporting valuations.
Ensuring timely receipt of information from third party sources.
Building and implementing an XBRL taxonomy before entry into force of Solvency II.
National specific templates and impact on cross border activity.
65
Pillar 3 requirements: Business
considerations
Pillar 3
Solvency II and Data requirements
4.2
Steve Dellow (PwC)
Istanbul, 30 September 2011
Solvency II and Data requirements
What the requirements say
Deliverables overview
What can go wrong and how to avoid it
Sources of information
67
Solvency II and Data requirements
Given the high importance of data in internal
modelling, undertakings and supervisory
authorities should strive for the highest data
quality standards to be applied
CEIOPS CP56 – Tests and Standards for Internal
Model Approval
”
“
Member states shall ensure that ... undertakings
have internal processes and procedures in place
to ensure the completeness, accuracy and
appropriateness of data used in the calculation of
technical provisions
CEIOPS CP43 – Standards for Data Quality Model
Approval
”
“
68
Data requirements of Solvency II
Complete
The data are free from material errors;
Data from different time periods used for the same
estimation are consistent;
The data are recorded in a timely manner and consistently
over time.
Appropriate
Accurate
69
The degree of confidence that can be placed in the data. Data
must be sufficiently accurate to avoid material distortion of the
model output.
Complete
Data are available for each of the relevant homogenous risk
groups;
the data are of sufficient granularity and include sufficient
historical information to identify trends and assess the
characteristics of the underlying risk.
Appropriate
Accurate
70
Databases provide comprehensive information for the undertaking.
Data requirements of Solvency II
Complete
The data fit the intended purposes;
The amount and nature of the data ensure that the
estimations made not include a material estimation error;
The data are consistent with underlying assumptions
The data appropriately reflect the risks to which the
insurance or reinsurance undertaking is exposed with regard
to its insurance and reinsurance obligations.Appropriate
Accurate
71
Data requirements of Solvency II
Data does not contain biases which make it unfit for purpose
The Summary
Organisations need to ensure that the data used to generate
information using their Internal Models is of sufficient quality so
that the information generated is materially accurate and
representative of the business and its risks.
To do this successfully, an organisation will need to:
Understand the scope of data relevant to Solvency II
Define what the quality requirements are of that data
Demonstrate that the required quality is being achieved
Where the required quality is not being achieved, improve it or
account for it.
Write it all down!
72
The minimum Solvency II requirements for Data
are …
The Summary
Organisations need to ensure that the
data used to generate information
using their Internal Models is of
sufficient quality so that the
information generated is materially
accurate and representative of the
business and its risks.
To do this successfully, an
organisation will need to:
Understand the scope of data relevant
to Solvency II
Define what the quality requirements
are of that data
Demonstrate that the required quality
is being achieved
Where the required quality is not being
achieved, improve it or account for it.
Write it all down!
The Details
Data Quality Policy
Organisations must have a data quality policy,
which defines their approach to managing data.
As well as the explicit minimum contents, this
document is essentially the ‘vision’ of how data
quality management will be implemented in the
organisation
Data Directory
A directory of all data used to operate, validated
and develop the Internal Model, specifying its
source, characteristics and usage
System of data quality management
organisations must have processes designed
specifically to provide assurance of the
accuracy, completeness and appropriateness of
the data used to operate, validate and develop
their Internal Model
Documentation
There are various specific requirements for data
documentation, from data flow diagrams of the
internal model, to documentation of data
deficiencies and justifications of expert
judgement
73
The minimum Solvency II requirements for Data
are …
Data subject Level 2 extract
Data policy
Data directory
Data monitoring
Data deficiencies
Data governance
Undertakings shall establish their own policy on data
quality approved by senior management and includes:
Scope
Own definition for data quality: completeness,
accuracy, timeliness and appropriateness
Specification of processes for checking and validating
data quality
Data Governance
Update of data and use of expert judgement
Definition of policy ownership and data quality roles
and responsibilities
74
Data for Solvency II: Deliverables
Data subject Level 2 extract
Data policy
Data directory
Data monitoring
Data deficiencies
Data governance
The undertaking shall compile a directory of any
material data used in models, specifying:
Source
Characteristics (completeness, accuracy,
appropriateness, timeliness)
Usage
Where appropriate, materiality and use of expert
judgement identified
Evidence (e.g. process maps) that you understand
the full data lineage for the data in scope
Relevant controls/monitoring assigned to data items
75
Data for Solvency II: Deliverables
Data subject Level 2 extract
Data policy
Data directory
Data monitoring
Data deficiencies
Data governance
The onus is on the undertaking to demonstrate that
data is accurate, complete and appropriate.
Perform regular data quality checks which are
designed to provide assurance of the accuracy,
completeness and appropriateness of the data
Identification of the controls required to meet your
quality requirements
Mechanisms designed to monitor controls operating
effectiveness
Controls monitoring linked into data governance
arrangements
Plans for ongoing validation and assurance e.g. data
quality testing plan
76
Data for Solvency II: Deliverables
Data subject Level 2 extract
Data policy
Data directory
Data monitoring
Data deficiencies
Data governance
Undertakings shall document all instances in which
data quality may be compromised as well as its
implications.
Undertakings shall maintain a data deficiency log
77
Data for Solvency II: Deliverables
Data subject Level 2 extract
Data policy
Data directory
Data monitoring
Data deficiencies
Data governance
Undertakings shall design governance arrangements to:
Provide oversight of the application of the data policy
Ensure that the processes supporting data quality are
kept under regular review
Ensure appropriate assurance is carried out for
validating the quality of data
78
Data for Solvency II: Deliverables
Data ProducersO
perations
Data Quality CoEData M
anagers
Governance
Process Owners
Data Consumers
Policy Administration
Chief Actuary
Capital Modelling
ActuaryReserving Actuary
CIO
Head of Marine
Claims Administration
Bordereau Data Market Data
Management Board
Risk and
Compliance
Head of Property
Data Quality Controls
Head of Underwriting
Data Quality
Analysts
Data Quality
Manager
Data Responsibilities
Data Responsibilities
Data Requirements
Data Responsibilities
Issue Analysis
Data Quality
Metrics Production
External Sources
Data Responsibilities
Source Data Production
Data Stewardship
Data Responsibilities
Methods & Tools
Change Process
Quality Metrics Design
Assess, Improve,
Sustain Processes
Data Steering Committee
Committee ChairSenior Data
ConsumersData Quality CoE CIOExec Sponsor
MI Requirements
Data Administrators Database Administrators IT Operations
Actuarial Function
Infrastructure
Management
Data Governance Structure
79
Observations
An area many firms are having to
create from scratch
Data policy overly complex and
not easily converted into
business as usual processes
Data policy can be a statement of
the ‘what’ but not the ‘how’
Existing governance
arrangements are limited and not
organisation-wide
Lack of understanding of what is
meant by governance
Confirmation of responsibility for
data quality not defined
Considerations
Use the Data Policy as
cornerstone of data quality
management
Understand and use what
already exists in the organisation
– build on what you already do
well
Opt for a phased roll-out, not all
at once
Align the design to how your
organisation operates e.g.
reporting and committees
Support data governance with an
effective communication plan
Support with effective procedural
documentation and templates for
consistency
Underpin with senior sponsorship
to ‘get things done’
80
What can go wrong?
Observations
Not many firms have attempted
the definition of data quality
criteria – this is new ground
Has presented some significant
barriers in terms of
understanding what is required
Can reveal weaknesses in Data
Policy around definitions and
scope
Can place significant strain on
resources
First point of interaction between
governance processes and
detailed business information
Considerations
Approach from a different angle
e.g. what makes data fit for
purpose?
Consider extending criteria to
beyond just a percentage or a
numerical threshold e.g. a
statement
Can be considered as a
requirement or limits and triggers
Utilise the knowledge and
experience of the Data Quality
Manager (or equivalent) to
facilitate this step
81
What can go wrong?
Observations
Many firms already have data
controls as part of business-
as-usual processes
There is no documented
linkage between these
controls and data quality
requirements
There is a lack of monitoring
to highlight when controls
have failed
Actuaries can believe they
are responsible for all data
quality controls
Considerations
Map data quality
requirements to controls to
identify areas of weak control
A good mix of preventative
and detective controls should
be in place with monitoring to
demonstrate that the controls
are achieving their objectives
Ensure the controls
monitoring framework is
aligned to your Data
Governance
82
What can go wrong?
Data for Solvency II: Conclusion
Do not allow the data workstream to receive anything less than full
attention
Resource intensive
Extensive documentation
Can require significant analysis, design and implementation of
policies and processes
“Data management appeared to be one area where firms still have comparatively more to do to achieve the likely Solvency II requirements”
FSA IMAP Thematic Review (February 2011)
”
”
83
For more information
www.cea.eu
CEA aisbl
Square de Meeûs 29
B-1000 Brussels