1 / 28

Internal Audit in Solvency II

Internal Audit in Solvency II. Mag. Angela Witzany CIA Sparkassen Versicherung AG Vienna Insurance Group. 10 Years Ago. Dot com bubble explodet WorldCom bankruptsy as highest damage till 2002 : 80 billions US$ Fraudulent Top Management In fraud involved statutory auditors

Jims
Download Presentation

Internal Audit in Solvency II

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Internal Audit in Solvency II Mag. Angela Witzany CIA Sparkassen Versicherung AG Vienna Insurance Group

  2. 10 Years Ago • Dot com bubble explodet • WorldCom bankruptsy as highest damagetill 2002 : 80 billions US$ • Fraudulent Top Management • In fraud involved statutory auditors • Disclosure by Whistleblowers • Whistleblowing Internal Auditors Internal Audit in Solvency II

  3. Sarbanes Oxley Act • Reaction to Enron, WorldCom etc. • US listed companies and worldwide subsidiaries • Installation of the Public Company Accounting Oversight Board (PCAOB) • Internal Control Over Financial Reporting Requirements (Sec. 404) • Whistleblowerprocedure under responsibility of audit committee • Whistleblower protection Internal Audit in Solvency II

  4. SOX Today • Biggest World Economic Crisis in the history • Lehman Bancruptcy with accounting fraudWhistleblower was fired, statutory auditor did nothing • Madoff‘s Ponzi SchemeSEC ignored the whistleblower 8 years • The expenditure of SOX outweights the benefits • AIG, till then largest insurance of the world:rescued by US government with 200 billions US$ • AIG difficulties were not caused by its insurance operations but by its rash involvement in complex financial instruments such as credit default swaps • Federal regulator: OTS (Office of Thrift Supervision)Responsible for Savings and Loans Companies • Dodd – Frank Wall Street Reform and Consumer Protection Act 2010 – Three new regulators ? Internal Audit in Solvency II

  5. EU Directive on statutory audits • EU Directive 2006/43: Not an European SOX • Since public – interest entities have a higher visibility and economically more important, stricter requirements should apply in the case of a statutory audit of their annual or consolidated accounts.Directive 2006 / 43 Wheras 23 • „Public – interest entities“ means entities … whose transferable securities are admitted to trading on a regulated market, credit institutions and insurance undertakings.Directive 2006 / 43 Article 2 / 13 Internal Audit in Solvency II

  6. Audit Committee in Public – Interest Entities • Audit committees and an effective internal control system help to minimise financial, operational and compliance risks, and enhance the quality of financial reporting. Directive 2006 / 43 Whereas 24 • Each public – interest entity shall have an audit committee. • At least one member of the audit committee shall be independent an shall have competence in accounting and / or auditing. • Member states may permit the functions assigned to the audit committee be performed by the administrative or supervisory body as whole.Directive 2006 / 43 Article 41 / 1 Internal Audit in Solvency II

  7. Audit Committee and IA • Whithout prejudice the responsibility of the members of the administrative, management or supervisory bodies …. the audit committee shall, inter alia: • monitor the financial reporting process, • monitor the effectiveness of the company‘s internal control, internal audit where applicable and risk management systems, • monitor the stuary audit of annual and consolidated accounts, • Review and monitor the independence of the statutory auditor.Directive 2006 / 43 Article 41 / 2 Internal Audit in Solvency II

  8. Objectives of regulation • The main objective of insurance and reinsurance regulation and supervision is the adequate protection of policy holders and beneficiaries. • The term beneficiaries is intended to cover any natural or legal person who ist entitled to a right under an insurance contract. • Financial stability and fair stable markets are other objectives of insurance and reinsurance regulations and supervision.Directive 2009 / 138 Whereas 16 Internal Audit in Solvency II

  9. Necessity of Solvency II • The protection of policy holders presupposes that insurance and reinsurance undertakings are subject of effective solvency requirements that result in an efficient allocation of capital across the European Union. • In light of market development the current system is no longer adequate. • It is therefore necessary to introduce a new regulatory framework.Directive 2009 / 138 Whereas 14 Internal Audit in Solvency II

  10. Importance of Governance System • Some risks may only be properly addressed through the quantitative requirements reflected in the Solvency Capital Requirements. • An effective system of governance is therefore essential for the adequate management of the insurance undertaking and for the regulatory system.Directive 2009/138/EC Whereas 29 Internal Audit in Solvency II

  11. Key Functions • The System of Governance includes the risk – management function, the compliance function, the internal audit function and the actuarial function.Directive 2009 / 138/ EC Whereas 30 • The functions included in the system of governance are considered to be key functions and consequently also important and critical functions.Directive 2009 / 138 / EC Whereas 33 Internal Audit in Solvency II

  12. Functions • A function is an administrative capacity to undertake particular governance tasks. • The identification of a particular function does not prevent the undertaking from freely deciding how to organise the function in practice. It should be possible to be staffed by own staff, to rely on advice from outside experts or be outsourced.Directive 209 / 38 / EC Whereas 31 • Furthermore, save as regards the internal function, in smaller and less complex undertakings it should be possible for more than one function to be carried out by a single person or organisational unit.Directive 209 / 38 / EC Whereas 32 Internal Audit in Solvency II

  13. Fit and Proper • All persons that perform key functions should be fit and proper.Directive 2009 / 138 / EC Whereas 34 • Fit: Professional qualifications, knowledge and experience are adequate to enable sound and prudent management. • Proper: Good repute and integrity.Directive 2009 / 138 / EC Article 42 / 1 / a, b Internal Audit in Solvency II

  14. Internal Control • Insurance an reinsurance undertakings shall have in place an effectice internal control system. • The system shall at least include administrative and accounting procedures, an internal control framework, appropriate reporting arrangements at all levels of the undertaking and a compliance funktion.Directive 2009 / 138 Article 46 / 1 Internal Audit in Solvency II

  15. Compliance • The compliance function shall include advising the administrative, management or supervisory body on compliance with the laws, regulations and administrative provisions adopted pursuant to this Directive. • It shall also include an assessment of the possible impact of any changes in the legal environment on the operations of the undertaking concerned and the identification and assessement of compliance risk.Directive 2009 /138 Article 46 / 2 Internal Audit in Solvency II

  16. Risk Management • Insurance and reinsurance undertakings shall have in place an effective risk – management system, comprising strategies, processes and reporting procedures necessary to identify, measure, monitor, manage and report, on continuous basis the risks, at an individual and at an aggregated level, to wich they are or could be exposed, and their independencies. • The risk – management system shall be effective an well integrated into the organisationel structure and in the decision making process … with proper consideration of the persons who effectively run the undertaking or have other key functions.Directive 2009 / 138 Article 44 / 1 Internal Audit in Solvency II

  17. Covered Risks • The risk – management system shall cover the risks to be included in the calculation of the Solvency Capital Requirement (Article 101/4) as well as the risks which are not or not fully included in the calculation thereof. • The risk – management system shall cover at least the following areas: underwriting and reserving; asset – liability management; investment, in particular derivates and similar commitments; liquidity and concentration risk management; operational risk management; reinsurance and other risk – mitigation techniques.Directive 2009 / 138 Article 44 / 2 Internal Audit in Solvency II

  18. Internal Audit 1 • Insurance and reinsurance undertakings shall provide for an effective internal audit function. • The internal audit function shall include an evaluation of the adequacy and effectiveness of the internal control system [ including compliance function ] and other elements of the system of governance [ including risk management and actuarial function ].Directive 2009 / 138 / EC Article 47 / 1 Internal Audit in Solvency II

  19. Internal Audit 2 + 3 • The internal audit function shall be objective and independent from the operational functions. • Any findings and recommendations of the internal audit shall be reported to the administrative, management or supervisory body which shall determine what actions are to be taken with respect to each of the internal audit findings and recommendations and shall ensure that those actions are carried out.Directive 2009 / 138 / EC Article 47 2 / 3 Internal Audit in Solvency II

  20. Outsourcing • Insurance and reinsurance undertakings remain fully responsible for discharging all of their obligations under this Directive when they outsource functions or any insurance or reinsurance activities.Directive 2009 / 138 Article 49 / 1 • Outsourcing of critical or important operational functions or activities shall not be undertaken in such way as to lead to any as the following: materially impairing the quality of the system of governance of the untertaking concerned; unduly increasing the operational risk; impairing the ability of the supervisory authorities to monitor the compliance of the undertaking with ist obligations; undermining continuous and satisfactory service to policy holders.Directive 2009 / 138 Article 49 / 2 Internal Audit in Solvency II

  21. Risk Level / Audit Intensity • 1 – management, 2 – actuary, 3 – asset management, 4 – sales, 5 – marketing, 6 - legal Internal Audit in Solvency II

  22. Risk Level / Audit Intensity • 1 – general administration, 2 – HR administration, 3 – underwriting, 4 – claims, 5 – controlling, 6 - accounting Internal Audit in Solvency II

  23. Characteristics of IA • 1 – correct, 2 – helpful, 3 – independent,4 – innovative, 5 – objective Internal Audit in Solvency II

  24. Contribution of IA to Company‘s success, growth and security Internal Audit in Solvency II

  25. Summary I • Neither the economic system nor the managers nor the internal auditors did learn anything from the dot com bubble. • Ad hoc regulations like SOX are expensive and not really effective. • Solvency II is a modern, wellprepared frame work for the European insurance industry. • Capital requirement will depend on accepted risks. • The governance reqirements are as important as the quantitative capital requirements. Internal Audit in Solvency II

  26. Summary II • Risk Management , compliance, actuary and Internal Audit are key functions. • Internal Audit is the only key function, which is not allowed to be merged with other functions. • Responsible for key function as Internal Audit have to be fit and proper. • Internal Audit has to evaluate the internal control system and the other key functions. • As researches show, Internal Audit needs immediatly a change of image. Internal Audit in Solvency II

  27. Conclusion • To fulfill all requirements and chances of Solvency II, Internal Audit needs a change in personal competence and in special knowledge. • IA has to work more risk orientated as today. • IA has to accept gaps in knowledge and have to insource missing capacities. • IA is a part of internal control and therefore not a part or an assistant of the Supervisory Authority. • Top Management, Internal Audit and the Supervisory Board have to agree about the goals of Internal Audit and are obliged to work together respectfully and trustingly and not because of public regulations. Internal Audit in Solvency II

  28. Thank you for your attention! • If you need any additional information, feel free to contact me: • Mag. Angela Witzany, CIAangela.witzany@s-versicherung.at Internal Audit in Solvency II

More Related