1. System of Governance�Articles 41 to 49 of Directive 2009/138/EC��11th May 2010 Eamonn Henry
2. System of Governance – Directive Articles General governance requirements (Article 41)
Fit and proper requirements (Article 42)
Proof of good repute (Article 43)
Risk management (Article 44)
Own risk and solvency assessment (Article 45)
3. System of Governance – Directive Articles Internal control (Article 46)
Internal audit (Article 47)
Actuarial function (Article 48)
Outsourcing (Article 49)
4. General governance requirements Adequate structure with clear allocation/segregation of duties
Effective transmission of information
Written policies with prior approval by Board and annual review:
risk management, internal control, internal audit, outsourcing (where relevant)
5. Fit and proper requirements Applies to Directors/managers/key functions
Adequate qualifications, knowledge and experience
Good repute/integrity
6. Proof of good repute Evidence of good repute
Evidence of no bankruptcy
Mutual recognition between Member States
7. Risk management Risk management function to be established to implement risk management system
Effective risk management system to identify, measure, monitor, manage and report all risks and interdependencies
Integrated into organisational structure and decision making
8. Risk management Cover risks included in the SCR calculation and any other risks
Cover underwriting/reserving/ALM/investment, etc. and have written policies
Cover approved partial or full internal models:
design & implementation, testing & validation, document & make changes, analyse performance, report to Board & recommend improvements
9. Own risk and solvency assessment (ORSA) Company’s own view of its risks and capital needs
ORSA is part of the risk management system
Overall solvency based on risk profile, risk tolerance and business strategies
Continuous compliance with SCR/MCR/technical provisions
Identification of significant deviations of the risk profile from the SCR assumptions
10. Own risk and solvency assessment (ORSA) Integrated into business strategy and strategic decision making
To be performed regularly and after change in risk profile
Results to be provided to the supervisory authority
ORSA is not a parallel method to calculate the SCR
11. Internal control Effective internal control system
Sound administrative and accountancy procedures, reporting arrangements
Compliance function to be established
12. Internal audit Internal audit function to be established
Evaluate internal control and other aspects of governance
Objective and independent from operational functions
Recommendations reported to Board
13. Actuarial function Staffed by persons with knowledge of actuarial/financial mathematics
Responsible for coordinating the calculation of the technical provisions
Appropriate methodologies, assumptions, data sufficiency and quality
Compare best estimate against experience
14. Actuarial function Advise Board on reliability/adequacy of the calculation of the technical provisions
Provide an opinion on overall underwriting policy and on reinsurance arrangements
15. Outsourcing Responsibility for outsourced functions remain with insurance undertaking
Governance should not be impaired and operational risk should not be unduly increased
Supervisor’s ability to monitor compliance should not be impaired
Supervisors to be notified in advance of any planned outsourcing
16. Proportionality Principle included in the Directive
Based on the nature, scale and complexity of operations
CEIOPS guidance still being developed
Same rules for all but different implementation
17. Lessons learnt Governance is important – pay attention to it!
Risk management is fundamental
Start thinking in terms of the ORSA
Start working on written policies!
