The supervisor requires the insurer’s Board to provide oversight in respect of the design and implementation of risk management and internal controls.

• adopt and oversee the effective implementation of a written remuneration policy for the insurer, which does not induce excessive or inappropriate risk taking, is in line with the corporate culture, objectives, strategies, identified risk appetite, and long term interests of the insurer, and has proper regard to the interests of its policyholders and other stakeholders; and
• ensure that such a remuneration policy, at least, covers those individuals who are members of the Board, Senior Management, Key Persons in Control Functions and other employees whose actions may have a material impact on the risk exposure of the insurer (major risk–taking staff).

The supervisor requires the insurer’s Board to ensure there is a reliable financial reporting process for both public and supervisory purposes that is supported by clearly defined roles and responsibilities of the Board, Senior Management and the external auditor.

The supervisor requires the insurer's Board to ensure that there is adequate governance and oversight of the external audit process.

The supervisor requires the insurer’s Board to have systems and controls to ensure appropriate, timely and effective communications with the supervisor on the governance of the insurer.

• carries out the day-to-day operations of the insurer effectively and in accordance with the insurer’s corporate culture, business objectives and strategies for achieving those objectives in line with the Insurer's long term interests and viability;
• promotes sound risk management, compliance and fair treatment of customers;
• provides the Board adequate and timely information to enable the Board to carry out its duties and functions including the monitoring and review of the performance and risk exposures of the insurer, and the performance of Senior Management; and
• maintains adequate and orderly records of the internal organisation.

The supervisor requires the insurer to demonstrate the adequacy and effectiveness of its corporate governance framework.

• a risk management strategy that defines the insurer’s risk appetite;
• a risk management policy outlining how all material risks are managed within the risk appetite; and
• the ability to respond to changes in the insurer’s risk profile in a timely manner.

The supervisor requires the insurer to establish, and operate within, an effective and documented system of internal controls.

The supervisor requires the insurer to have effective control functions with the necessary authority, independence and resources.

• identify, assess, monitor, mitigate and report on its key risks in a timely way; and
• promote and sustain a sound risk culture.

The supervisor requires the insurer to have an effective compliance function capable of assisting the insurer to i) meet its legal, regulatory and supervisory obligations and ii) promote and sustain a compliance culture, including through the monitoring of related internal policies.

The supervisor requires the insurer to have an effective actuarial function capable of evaluating and providing advice regarding, at least, technical provisions, premium and pricing activities, capital adequacy, reinsurance and compliance with related statutory and regulatory requirements.

The supervisor requires the insurer to have an effective internal audit function capable of providing the Board with independent assurance in respect of the quality and effectiveness of the insurer’s corporate governance framework.

The supervisor requires the insurer to retain at least the same degree of oversight of, and accountability for, any outsourced material activity or function (such as a control function) as applies to non-outsourced activities or functions.

The supervisor has a documented framework which outlines its approach for supervisory review and reporting. The supervisor reviews periodically that this framework remains effective and adequate.

As part of the supervisory framework, the supervisor develops supervisory plans which set priorities and determine the appropriate depth and level of off-site monitoring and on-site inspection activity.

The supervisor reviews outsourced material activities or functions to the same level as non-outsourced material activities or functions.

• establishes documented requirements for the regular reporting of qualitative and quantitative information from all insurers licensed in its jurisdiction;
• defines the scope, content and frequency of the information to be reported;
• sets out the relevant accounting and auditing standards to be used;
• requires that an external audit opinion is provided on annual financial statements;
• requires insurers to report on any material changes or incidents that could affect their condition or customers;
• requires insurers to correct inaccurate reporting as soon as possible; and
• requires more frequent reporting and/or additional information from insurers as needed.

The supervisor monitors insurers on an ongoing basis, based on communication with the insurer and analysis of information obtained through supervisory reporting as well as market and other relevant information.

The supervisor sets the objective, scope and timing for on-site inspections of insurers, develops corresponding work programmes and conducts such inspections.

The supervisor discusses with the insurer as soon as practical any relevant findings of the supervisory review and the need for any preventive or corrective measures.

The supervisor acts against individuals or entities that conduct insurance activities without the necessary licence.

The supervisor requires preventive measures if the insurer seems likely to operate in a manner that is inconsistent with regulatory requirements.

The supervisor requires corrective measures if the insurer fails to operate in a manner that is consistent with regulatory requirements.

• requires the insurer to take actions that address the supervisor’s identified concerns;
• periodically checks that the insurer is taking action; and
• assesses the effectiveness of the insurer’s actions.

The supervisor escalates, including enforcing, preventive or corrective measures if its concerns are not addressed by the insurer’s actions.

The supervisor imposes sanctions on insurers and individuals proportionate to the breach of regulatory requirements or other misconduct.

Legislation provides a framework for voluntary exit from the market that protects the interests of policyholders.

• protects policyholders; and
• provides for the absorption of losses in a manner that respects the liquidation claims hierarchy.

The supervisor requires ceding insurers to establish effective internal controls over the implementation of their reinsurance programme.

The supervisor requires ceding insurers to demonstrate the economic impact of the risk transfer originating from their reinsurance contracts.

In jurisdictions that permit risk transfer to the capital markets, the supervisor understands and assesses the structure and operation of such risk transfer arrangements, and addresses any issues that may arise.

The valuation addresses recognition, derecognition and measurement of assets and liabilities.​

The valuation of assets and liabilities is undertaken on consistent bases.

The valuation of assets and liabilities is undertaken in a reliable, decision useful and transparent manner.

The valuation of assets and liabilities is an economic valuation.

An economic valuation of assets and liabilities reflects the risk-adjusted present values of their cash flows.

The value of technical provisions and other liabilities does not reflect the insurer’s own credit standing

The valuation of technical provisions exceeds the Current Estimate by a margin (Margin over the Current Estimate or MOCE).

The Current Estimate reflects the expected present value of all relevant future cash flows that arise in fulfilling insurance obligations, using unbiased, current assumptions.

The MOCE reflects the inherent uncertainty related to all relevant future cash flows that arise in fulfilling insurance obligations over the full time horizon thereof.

The valuation of technical provisions allows for the time value of money. The supervisor establishes criteria for the determination of appropriate rates to be used in the discounting of technical provisions.

The supervisor requires the valuation of technical provisions to make appropriate allowance for embedded options and guarantees.

The supervisor establishes regulatory investment requirements on the investment activities of the insurer.

• assets are sufficiently secure and are held in the appropriate location for their availability;
• payments to policyholders or creditors can be made as they fall due; and
• assets are adequately diversified.

The supervisor requires the insurer to invest in a manner that is appropriate to the nature and duration of its liabilities.

The supervisor requires the insurer to invest only in assets where it can properly assess and manage the risks.

• the use of more complex and less transparent classes of assets; and
• investments in markets or instruments that are subject to less governance or regulation.

The supervisor requires the insurer’s ERM framework to provide for the identification of all reasonably foreseeable and relevant material risks and risk interdependencies for risk and capital management.

• provide for the quantification of risk and risk interdependencies under a sufficiently wide range of techniques for risk and capital management; and
• as necessary, include the performance of stress testing to assess the resilience of its total balance sheet against macroeconomic stresses.

The supervisor requires the insurer’s ERM framework to reflect the relationship between the insurer’s risk appetite, risk limits, regulatory capital requirements, economic capital and the processes and methods for monitoring risk.

• articulates the aggregate level and types of risk the insurer is willing to assume within its risk capacity to achieve its financial and strategic objectives, and business plan;
• takes into account all relevant and material categories of risk and their interdependencies within the insurer’s current and target risk profiles; and
• is operationalised in its business strategy and day-to-day operations through a more granular risk limits structure.

The supervisor requires the insurer’s ERM framework to include an explicit asset-liability management (ALM) policy which specifies the nature, role and extent of ALM activities and their relationship with product development, pricing functions and investment management.

• addresses investment risk according to the insurer’s risk appetite and risk limits structure;
• specifies the nature, role and extent of the insurer’s investment activities and how the insurer complies with regulatory investment requirements; and
• establishes explicit risk management procedures with regard to more complex and less transparent classes of asset and investments in markets or instruments that are subject to less governance or regulation; and
• as necessary, includes a counterparty risk appetite statement.

• insurer’s underwriting risk according to the insurer’s risk appetite and risk limits structure;
• nature of risks to be underwritten, including any material relationship with macroeconomic conditions; and
• interaction of the underwriting strategy with the insurer’s reinsurance strategy and pricing.

• liquidity stress testing;
• maintenance of a portfolio of unencumbered highly liquid assets in appropriate locations;
• a contingency funding plan; and
• the submission of a liquidity risk management report to the supervisor.

• encompass all reasonably foreseeable and relevant material risks including, at least, insurance, credit, market, concentration, operational and liquidity risks and (if applicable) group risk; and
• identify the relationship between risk management and the level and quality of financial resources needed and available 

• the insurer, as part of its ORSA, to analyse its ability to continue in business, and the risk management and financial resources required to do so over a longer time horizon than typically used to determine regulatory capital requirements; and
• the insurer’s continuity analysis to address a combination of quantitative and qualitative elements in the medium and longer-term business strategy of the insurer and include projections of its future financial position and analysis of its ability to meet future regulatory capital requirements.

The supervisor establishes regulatory capital requirements at a sufficient level so that, in adversity, an insurer’s obligations to policyholders will continue to be met as they fall due and requires that insurers maintain capital resources to meet the regulatory capital requirements.

The regulatory capital requirements include solvency control levels which trigger different degrees of intervention by the supervisor with an appropriate degree of urgency and requires coherence between the solvency control levels established and the associated corrective action that may be at the disposal of the insurer and/or the supervisor.

• a solvency control level above which the supervisor does not intervene on capital adequacy grounds. This is referred to as the Prescribed Capital Requirement (PCR). The PCR is defined such that assets will exceed technical provisions and other liabilities with a specified level of safety over a defined time horizon.
• a solvency control level at which, if breached, the supervisor would invoke its strongest actions, in the absence of appropriate corrective action by the insurance legal entity. This is referred to as the Minimum Capital Requirement (MCR). The MCR is subject to a minimum bound below which no insurer is regarded to be viable to operate effectively.

In the context of group-wide capital adequacy assessment, the regulatory capital requirements establish solvency control levels that are appropriate in the context of the approach to group-wide capital adequacy that is applied.

The regulatory capital requirements are established in an open and transparent process, and the objectives of the regulatory capital requirements and the bases on which they are determined are explicit. In determining regulatory capital requirements, the supervisor allows a set of standardised and, if appropriate, other approved more tailored approaches such as the use of (partial or full) internal models.

The supervisor addresses all relevant and material categories of risk in insurers and is explicit as to where risks are addressed, whether solely in technical provisions, solely in regulatory capital requirements or if addressed in both, as to the extent to which the risks are addressed in each. The supervisor is also explicit as to how risks and their aggregation are reflected in regulatory capital requirements.

The supervisor sets appropriate target criteria for the calculation of regulatory capital requirements, which underlie the calibration of a standardised approach. Where the supervisor allows the use of approved more tailored approaches such as internal models for the purpose of determining regulatory capital requirements, the target criteria underlying the calibration of the standardised approach are also used by those approaches for that purpose to require broad consistency among all insurers within the jurisdiction.

Any variations to the regulatory capital requirement imposed by the supervisor are made within a transparent framework, are appropriate to the nature, scale and complexity according to the target criteria and are only expected to be required in limited circumstances.

The supervisor defines the approach to determining the capital resources eligible to meet regulatory capital requirements and their value, consistent with a total balance sheet approach for solvency assessment and having regard to the quality and suitability of capital elements.

The supervisor establishes criteria for assessing the quality and suitability of capital resources, having regard to their ability to absorb losses on both a going concern and wind-up basis.

• establishes appropriate modelling criteria to be used for the determination of regulatory capital requirements, which require broad consistency among all insurers within the jurisdiction; and
• identifies the different levels of regulatory capital requirements for which the use of internal models is allowed.

• prior supervisory approval for the insurer’s use of an internal model for the purpose of calculating regulatory capital requirements;
• the insurer to adopt risk modelling techniques and approaches appropriate to the nature, scale and complexity of its current risks and those incorporated within its risk strategy and business objectives in constructing its internal model for regulatory capital purposes;
• the insurer to validate an internal model to be used for regulatory capital purposes by subjecting it, at least, to three tests: “statistical quality test”, “calibration test” and “use test”; and
• the insurer to demonstrate that the model is appropriate for regulatory capital purposes and to demonstrate the results of each of the three tests.

• the insurer to conduct a “statistical quality test” which assesses the base quantitative methodology of the internal model, to demonstrate the appropriateness of this methodology, including the choice of model inputs and parameters, and to justify the assumptions underlying the model; and
• that the determination of the regulatory capital requirement using an internal model addresses the overall risk position of the insurer and that the underlying data used in the model is accurate and complete.

Where a supervisor allows the use of internal models to determine regulatory capital requirements, the supervisor requires the insurer to conduct a “calibration test” to demonstrate that the regulatory capital requirement determined by the internal model satisfies the specified modelling criteria.

• the insurer to fully embed the internal model, its methodologies and results, into the insurer’s risk strategy and operational processes (the “use test”);
• the insurer's Board and Senior Management to have overall control of and responsibility for the construction and use of the internal model for risk management purposes, and ensure sufficient understanding of the model's construction at appropriate levels within the insurer's organisational structure. In particular, the supervisor requires the insurer’s Board and Senior Management to understand the consequences of the internal model's outputs and limitations for risk and capital management decisions; and
• the insurer to have adequate governance and internal controls in place with respect to the internal model.

Where a supervisor allows the use of internal models to determine regulatory capital requirements, the supervisor requires the insurer to document the design, construction and governance of the internal model, including an outline of the rationale and assumptions underlying its methodology. The supervisor requires the documentation to be sufficient to demonstrate compliance with the regulatory validation requirements for internal models, including the statistical quality test, calibration test and use test outlined above.

• the insurer to monitor the performance of its internal model and regularly review and validate the ongoing appropriateness of the model’s specifications. The supervisor requires the insurer to demonstrate that the model remains fit for regulatory capital purposes in changing circumstances against the criteria of the statistical quality test, calibration test and use test;
• the insurer to notify the supervisor of material changes to the internal model made by it for review and continued approval of the use of the model for regulatory capital purposes;
• the insurer to properly document internal model changes; and
• the insurer to report information necessary for supervisory review and ongoing approval of the internal model on a regular basis, as determined appropriate by the supervisor. The information includes details of how the model is embedded within the insurer’s governance and operational processes and risk management strategy, as well as information on the risks assessed by the model and the capital assessment derived from its operation.

The supervisor requires insurance intermediaries operating in its jurisdiction to be licensed.

The supervisor ensures that insurance intermediaries licensed in its jurisdiction are subject to ongoing supervisory review.

The supervisor requires insurance intermediaries to maintain appropriate levels of professional knowledge and experience, integrity and competence.

The supervisor requires that insurance intermediaries apply appropriate governance.

• the terms and conditions of business between themselves and the customer;
• the relationship they have with the insurers with whom they deal; and
• information on the basis on which they are remunerated where a potential conflict of interest exists.

The supervisor requires an insurance intermediary who handles client monies to have safeguards in place to protect these funds. 

Where appropriate, the supervisor takes supervisory measures against licensed insurance intermediaries.

The supervisor checks that the intermediary is taking the measures required and escalates such measures if its concerns are not being addressed.

The supervisor takes measures against individuals or entities that conduct insurance intermediation without the necessary licence.

The supervisor requires insurers and intermediaries to act with due skill, care and diligence when dealing with customers. 

The supervisor requires insurers and intermediaries to establish and implement policies and processes on the fair treatment of customers, as an integral part of their business culture. 

The supervisor requires insurers and intermediaries to avoid or properly manage any potential conflicts of interest.  

The supervisor requires insurers and intermediaries to have arrangements in place in dealing with each other to ensure the fair treatment of customers.

The supervisor requires insurers to take into account the interests of different types of consumers when developing and distributing insurance products. 

The supervisor requires insurers and intermediaries to promote products and services in a manner that is clear, fair and not misleading. 

The supervisor requires insurers and intermediaries to provide timely, clear and adequate pre-contractual and contractual information to customers. 

Where customers receive advice before concluding an insurance contract the supervisor requires that the advice provided by insurers and intermediaries takes into account the customer’s disclosed circumstances.

The supervisor requires insurers to handle claims in a timely, fair and transparent manner. 

The supervisor requires insurers and intermediaries to handle complaints in a timely and fair manner.  

The supervisor requires insurers and intermediaries to have policies and processes for the protection and use of information on customers.   

The supervisor publicly discloses information that supports the fair treatment of customers. 

Subject to their nature, scale and complexity, insurers make audited financial statements available at least annually.

• company profile;
• corporate governance framework;
• technical provisions;
• insurance risk exposure;
• financial instruments and other investments;
• investment risk exposure;
• asset-liability management;
• capital adequacy;
• liquidity risk; and
• financial performance.

• the nature of its business;
• its corporate structure;
• key business segments;
• the external environment in which it operates; and
• its objectives and the strategies for achieving those objectives.

The supervisor requires that disclosures about the insurer’s corporate governance framework provide information on the key features of the framework, including its internal controls and risk management, and how they are implemented.

• the future cash flow assumptions;
• the rationale for the choice of discount rates;
• the risk adjustment methodology where used; and
• other information as appropriate to provide a description of the method used.

• the nature, scale and complexity of risks arising from its insurance contracts;
• the insurer’s risk management objectives and policies;
• models and techniques for managing insurance risks (including underwriting processes);
• its use of reinsurance or other forms of risk transfer; and
• its insurance risk concentrations.

• instruments and investments by class;
• investment management objectives, policies and processes; and
• values, assumptions and methods used for general purpose financial reporting and solvency purposes, as well as an explanation of any differences, where applicable.