Tag Archives: Patrick Meghen

EIOPA issues opinion on relocations from the UK

On 11 July 2017, the European Insurance and Occupational Pensions Authority (EIOPA) issued principles on the supervisory approach to relocations from the United Kingdom.

The opinion published by EIOPA sets out principles to foster supervisory convergence in Europe and to ensure consistency in the authorisation process. These principles and strong statements from EIOPA have been published to a backdrop of claims that differing standards are being applied by regulators in member states, particularly in relation to matters such as head-count, retention of risk and corporate substance.

Some of the key points from the opinion are:

– EIOPA calls on all supervisors to have a sound authorisation process, and to increase resourcing if required to deal with the level of extra applications.
– No automatic recognition of existing authorisations should be granted.
– An appropriate level of corporate substance should be required of authorisations and companies should not display characteristics of an empty shell. The supervisors are instructed to scrutinise any transfer of risk carefully and require a minimum retention of risk from the authorised undertaking. An indicative minimum retention figure of 10% is mentioned.
– Outsourcing arrangements should not impair the governance and risk management of the company, and ultimate responsibility remains with the Board of Directors, irrespective of any outsourcing in place.
– EIOPA advises supervisory authorities to monitor companies post-authorisation and to conduct specific reviews in the first few years following authorisation to ensure consistency with the initial business model.

The full opinion and principles can be found on the EIOPA website here.

For more information on selecting locations and the authorisation process see our recent briefing note here.

Choosing a location for insurance or reinsurance companies

In the wake of recent Brexit developments, many United Kingdom (re)insurance entities are assessing their options. This briefing note by Michael Culligan, Patrick Meghen, and Ciarain Kelly discusses some of the key considerations for companies when deciding on a location and looks at Ireland as a sample location. It provides information on the application process, drawing on extensive experience of past and current licence applications.

Compliance risk: Box-ticking or ticking all the boxes?

‘Box-ticking’ can be a phrase synonymous with poor practice in Enterprise Risk Management (ERM). When poorly executed it can mean going through the motions to display minimum levels of compliance, rather than engaging in any meaningful activity that would deliver any real benefit. Such an approach is not encouraged by regulators.

However, do companies, and indeed individuals, spend enough time making sure they have ticked all the boxes from a compliance perspective? This is an activity that regulators certainly encourage.

With the general direction of regulatory oversight and the formality of Solvency II, companies and boards are now confirming compliance in many areas. There is a risk that the compliance process itself becomes a risk. Compliance risk is one of those intangible issues that can’t be quantified using actuarial models or managed through setting aside capital. It is a risk that is dealt with on a qualitative basis and is managed and controlled rather than measured and capitalised. This means that managing compliance risk might not be front of mind for many companies, especially with such a focus on capital amounts and getting the numbers “right”.

This becomes even more apparent at this time of year, when statutory sign-offs and certifications come into play. If you are being asked to put pen to paper to certify compliance or sign-off on the accuracy of regulatory submissions, how do you know that all the requirements have been adequately met?

The implementation of Solvency II significantly increased the amount of requirements and guidance that companies and individuals have to follow in relation to certifying solvency. This is in addition to increased compliance in other areas over the last number of years, including the Corporate Governance Code in Ireland, policyholder disclosures, etc. A lot of governance tasks that would have developed over time based on industry knowledge and practical sense now have to run the rule against a checklist or a set of requirements.

The very nature of financial reporting is changing to fit this new world. Getting the numbers right is no longer enough, you now also have to evidence how you ensured the figures are accurate and reliable and not misleading. In a Solvency II world the sheer number of requirements (and the very prescriptive and specific nature of some of them) means that the only way to be sure that each and every requirement is covered is to sit down and mark each item off. It is boring, and it doesn’t feel particularly efficient or creative—but it is disciplined and leads to identifying areas for improvement. Going through this value-adding process of identifying and closing gaps in a systematic way clearly is valuable and can help you spot patterns over time. It is also the best way of documenting and demonstrating compliance.

Being able to demonstrate compliance is also a defensive requirement in this new Solvency II world. If an issue arises or a query is raised by a regulator, the drawbacks of ignoring compliance checks quickly become apparent. Your ability to defend what you do now from a challenge in the future depends on your audit trail. So as a parting thought—don’t be afraid to spend some time ticking boxes. It might be more valuable that you think.

The Milliman Solvency II Compliance Assessment Tool distils the Solvency II requirements into easily digestible self-assessment questions and allows insurers to track and evidence their compliance with all the requirements of Solvency II. The tool is already being used by 25 entities in Ireland and the UK. For more information click here.