ERM Chapter 5

Question 1

What reasons are there for different parts of an organisation to be subject to different capital adequacy standards?

Answer 1

• International businesses may have operations that are regulated by different territories
• Subsidiaries may operate in different industries e.g. financial and industrial
• Subsidiaries may operate within different areas of the same sector e.g. banking and insurance
• Subsidiaries or portfolios within the same sector may be subject to different regulatory requirement e.g. traditional insurer and captive insurer
• Having subsidiaries which are new ventures or acquisitions and are at different lifecycle stages

Question 2

What are the four entities that may enforce mandatory regulations?

Answer 2

1. Professional bodies e.g. institute of actuaries
2. Professional regulators e.g. Financial Reporting Council (FRC)
3. Industry bodies e.g. British Bankers’ Association
4. Industry regulators e.g. Prudential Regulation Authority (PRA)

Question 3

What are the roles of each of the regulatory entities?

Answer 3

Professional bodies: Ensure members are adequately trained (exams), and that members maintain their competence (CPD).

Professional regulators: Maintain public confidence in the profession by setting standards, monitoring adherence to the standards, and disciplining in cases of non-adherence.

Industry bodies: Promote the interests of their members through lobbying or other activities, such as shared research projects.

Industry regulators/supervisors: Act on behalf of the government to protect the public by controlling activities of firms or individuals in a particular industry. Main aim is to prevent problems occurring rather than punishing those responsible.

Question 4

What are the benefits of unified regulation compared to functional regulation?

Answer 4

• Easier to regulate conglomerates
• Ensurers a consistent approach across various financial services activities
• Limits any incentive for regulatory arbitrage
• Economies of scale
• Better sharing of ideas between regulatory staff
• Improved accountability

Question 5

Outline reasons why an insurer should proactively engage with their supervisor.

Answer 5

Regulators focus their attention on institutions that they consider pose the greatest risk. By maintaining an open relationship with the supervisor, they can reduce the level of risk a supervisor places on a particular insurer, thus reducing the supervisory burden.

Further, given the wide range of risk management practices regulators see, they are well placed to give advice on what is best practice, providing a greater opportunity for insurers to benefit from this advice.

Question 6

What are the two main parts of the Senior Insurance Managers’ Regime (SIMR)?

Answer 6

1. The development of a governance map: This gives details of
   - The company and corporate governance structures
   - Identified key functions and key function holders who are ultimately responsible for these functions, and key function performers who support the key function holder
   - All individuals included within the SIMR regime, their responsibilities and reporting lines
   - The rationale in identifying those individuals and allocating responsibilities to them
2. The requirement to carry out an assessment of fitness and propriety of senior insurance managers and directors, based on their responsibilities as allocated through the governance map. Of particular note is the inclusion of the CRO and the Chair of the Risk Committee.

Question 7

What are the Basel accords, and what are the three pillars?

Answer 7

The Basel accords are the regulations for supervision of the world’s banking industry. These recommendations are published for national bodies to follow, and are often adopted into national regulations.

Pillar 1: Imposes a minimum regulatory capital requirement determined by the amount of credit, market and operational risk to which the bank is exposed.

Pillar 2: Deals with the issue of supervisory review, which relates to the bank’s internal risk management processes. Supervisors will assess the internal systems, processes and risk limits to ensure there is sufficient capital set aside for its risks. Particular attention is paid to liquidity and concentration risks.

Pillar 3: Deals with the level of disclosure that the bank is required to undertake to the public and the market. Its purpose is to facilitate market discipline on firms through appropriate pricing for capital.

Question 8

What is Solvency II, and what are the three pillars?

Answer 8

Solvency II applies to insurers operating in EU states, and aims to introduce:

• economic risk-based solvency requirements across all EU states
• more comprehensive requirements than in the past, taking into account asset as well as liability risks
• a requirement to hold capital against market, credit, operational and underwriting risk
• an emphasis that capital is not the only way to mitigate against failures
• a more prospective focus
• a streamlines approach which aims to recognise the economic reality of how groups operate

Pillar 1: Contains the quantitative requirements designed to capture underwriting, credit, market and operational risks. Can be assessed using a standardised approach or company’s own internal model. Includes a Solvency Capital Requirement (SCR) and Minimum Capital Requirement (MCR), below which regulatory action is taken, and authorisation is foregone respectively.

Pillar 2: Contains qualitative requirements on undertakings such as risk management as well as supervisory activities. Insurers must carry out their Own Risk and Solvency Assessment (ORSA) to quantify their ability to continue to meet the SCR and MCR in the near future, given their identified risks and associated risk management processes and controls.

Pillar 3: Covers supervisory reporting and disclosure.

Question 9

What is an Own Risk and Solvency Assessment (ORSA)?

Answer 9

Required under Pillar 2 of Solvency II, ORSA provides an insurance company an assessment of the adequacy of its risk management and its current, and likely future, solvency position.

ORSA requires each insurer to identify the risks to which is it exposed, identify RM processes and controls in place, quantify its ongoing ability to continue to meet its solvency capital requirements, identify quantitative and qualitative elements of its business strategy, and identify the relationship between RM and the level and quality of financial resources needed and available.

Question 10

What is the main difference between Basel II and Solvency II?

Answer 10

Basel II takes into account the contagion risk in the banking sector, whilst Solvency II is not designed with systemic risk in mind.

Question 11

What is the Sarbanes-Oxley Act?

Answer 11

Legislation aimed at improving the reliability of corporate disclosures in order to protect shareholders. Mandatory in the US and voluntary in the UK, the main features include:

• the formation of a Public Company Accounting Oversight Board (PCAOB) to inspect published accounts of quoted firms and prosecute accountancy firms accordingly
• increased accountability of CEOs and CFOs of public companies, whereby they are personally required to certify that financial statements do not contain any untrue statements or fact and that they are personally responsible for financial disclosures in financial reports
• each published report must contain an internal control report (ICR) which commits management to maintain proper internal controls and review their effectiveness
• the requirement for external auditors to report on the assessment made by the management
• illegal for directors to interfere with the audit process
• illegal for employees to alter, conceal, falsify or destroy records or documents with intent to impede or influence an investigation.

Question 12

What is the COSO ERM Framework?

Answer 12

An advisory framework that is often used by companies to demonstrate adequate internal controls, as per the Sarbanes-Oxley Act.

Key principles include:

• Risks present opportunity as well as potential downside
• ERM is a parallel and iterative process
• Everyone has a role in RM (at all levels)
• Any RM process is imperfect
• Implementation of RM must balance cost with potential benefit.

The three dimensions of the COSO cube are:

1. ERM components/processes (e.g. risk assessment, monitoring)
2. In each business objective covered by the framework (e.g. operational, strategic)
3. At each business level of application (e.g. subsidiary, unit).

Question 13

What is the Swiss Solvency Test?

Answer 13

A risk-based regulatory capital regime used in Switzerland since 2011, which takes a market consistent approach and has similarities to Solvency II Pillar 1 requirements. Differences include calibration of the solvency requirements to a Tail Value at Risk (TVaR) measure at 99% confidence rather than Value at Risk (VaR) at 99.5% confidence.

Question 14

List three possible reasons for the UK Listing Authority to de-list a company’s shares from the Stock Exchange.

Answer 14

1. Incorrect or misleading information on the company’s performance announced to the public.
2. Failure to comply with listing criteria, such as frequently published information, directors’ share dealings or minimum 25% of shares freely available in the market.
3. Inappropriate takeover behaviour, such as treating small shareholders unfairly, or acting in combination with another company to acquire shares in a third company.

Question 15

What are the advantages of Solvency II over Solvency?

Answer 15

• New proposals are more entity specific, and much more sensitive to the risks a particular insurer is exposed to
• New proposal deals with the asset side as well as the liability side
• In existence to insurance risk, the new proposals capture market, credit and operational risk
• Risk mitigation techniques are taken into account, whereas in the past it would have meant an additional capital requirement
• A more prospective approach that accounts for future business plans and potential catastrophes
• Diversification effects are allowed for for companies in more than one sector
• Approach is consistent with the Basel Accords, which is useful for banks that are also involved in the insurance industry
• The approach is harmonised across the EU, which is good for multinationals

Question 16

Describe the best practice for an insurer with regard to managing its relationship with its supervisor(s).

Answer 16

1. Relationship management and principles: Insurers should develop a set of relationship management principles, considering:
   - the regulator’s objectives
   - the insurer’s reputation
   - the importance of being proactive and engaging with a regulator as early as possible
   - transparency of communication
   - ensuring accountability for relationship management.
2. Nature of interaction: there should be clarity as to which individuals are accountable for each of the following groups of interactions:
   - operational or procedural
   - unusual or non-standard
   - strategic.
   The CRO should have overall responsibility for the insurer-supervisor relationship for coordinating interactions. Continuity of the personnel involved in each type of interaction should be maintained as it helps to develop and maintain a trusting relationship.
3. Regulatory policy development: Insurers should work with regulators to develop regulatory policy as insurers are well-placed to assess the practical implications of changes in policy.
   Insurers should aim to submit responses to consultations in good time and may wish to coordinate submissions with other insurers, perhaps through an industry body.
4. Regulatory visits: Insurers should work with a regulator to develop an overall plan of regulatory site visits and assist in the planning and logistics of each individual visit.
5. Reporting breaches: Supervisors expect breaches to occur from time to time, the vast majority of which will be due to unforeseen human or process errors.
   Insurers should have processes in place to ensure compliance with supervisory requirements to report breaches.
6. Governance: Boards should encourage an appropriate relationship with regulators (the board sets the tone), and should receive regular reports of insurer-regulator interactions, especially non-standard and strategic interactions.