Solvency II - Central Bank of Ireland

System of Governance
Articles 41 to 49 of Directive 2009/138/EC
11th May 2010
Eamonn Henry
System of Governance – Directive Articles
• General governance requirements (Article 41)
• Fit and proper requirements (Article 42)
• Proof of good repute (Article 43)
• Risk management (Article 44)
• Own risk and solvency assessment (Article 45)
System of Governance – Directive Articles
• Internal control (Article 46)
• Internal audit (Article 47)
• Actuarial function (Article 48)
• Outsourcing (Article 49)
General governance requirements
• Adequate structure with clear
allocation/segregation of duties
• Effective transmission of information
• Written policies with prior approval by Board and
annual review:
– risk management, internal control, internal audit,
outsourcing (where relevant)
Fit and proper requirements
• Applies to Directors/managers/key functions
• Adequate qualifications, knowledge and experience
• Good repute/integrity
Proof of good repute
• Evidence of good repute
• Evidence of no bankruptcy
• Mutual recognition between Member States
Risk management
• Risk management function to be established
to implement risk management system
• Effective risk management system to identify,
measure, monitor, manage and report all risks and
• Integrated into organisational structure and
decision making
Risk management
• Cover risks included in the SCR calculation and any
other risks
• Cover underwriting/reserving/ALM/investment, etc. and
have written policies
• Cover approved partial or full internal models:
– design & implementation, testing & validation, document &
make changes, analyse performance, report to Board &
recommend improvements
Own risk and solvency assessment (ORSA)
• Company’s own view of its risks and capital needs
• ORSA is part of the risk management system
• Overall solvency based on risk profile, risk
tolerance and business strategies
• Continuous compliance with SCR/MCR/technical
• Identification of significant deviations of the risk
profile from the SCR assumptions
Own risk and solvency assessment (ORSA)
• Integrated into business strategy and strategic
decision making
• To be performed regularly and after change in risk
• Results to be provided to the supervisory authority
• ORSA is not a parallel method to calculate the SCR
Internal control
• Effective internal control system
• Sound administrative and accountancy procedures,
reporting arrangements
• Compliance function to be established
Internal audit
• Internal audit function to be established
• Evaluate internal control and other aspects of
• Objective and independent from operational
• Recommendations reported to Board
Actuarial function
• Staffed by persons with knowledge of
actuarial/financial mathematics
• Responsible for coordinating the calculation of the
technical provisions
• Appropriate methodologies, assumptions, data
sufficiency and quality
• Compare best estimate against experience
Actuarial function
• Advise Board on reliability/adequacy of the calculation
of the technical provisions
• Provide an opinion on overall underwriting policy and on
reinsurance arrangements
• Responsibility for outsourced functions remain with
insurance undertaking
• Governance should not be impaired and
operational risk should not be unduly increased
• Supervisor’s ability to monitor compliance should
not be impaired
• Supervisors to be notified in advance of any
planned outsourcing
• Principle included in the Directive
• Based on the nature, scale and complexity of
• CEIOPS guidance still being developed
• Same rules for all but different implementation
Lessons learnt
• Governance is important – pay attention to it!
• Risk management is fundamental
• Start thinking in terms of the ORSA
• Start working on written policies!
Thank you