ICP 16 Enterprise Risk Management for Solvency Purposes

The supervisor requires the insurer to establish within its risk management system an enterprise risk management (ERM) framework for solvency purposes to identify, measure, report and manage the insurer’s risks in an ongoing and integrated manner.


Enterprise risk management framework - risk identification


16.1

The supervisor requires the insurer’s ERM framework to provide for the identification of all reasonably foreseeable and relevant material risks and risk interdependencies for risk and capital management.



Enterprise risk management framework - quantitative techniques to measure risk


16.2
The supervisor requires the insurer’s ERM framework to:
  • provide for the quantification of risk and risk interdependencies under a sufficiently wide range of techniques for risk and capital management; and
  • as necessary, include the performance of stress testing to assess the resilience of its total balance sheet against macroeconomic stresses.


Enterprise risk management framework - Inter-relationship of risk appetite, risk limits and capital adequacy


16.3

The supervisor requires the insurer’s ERM framework to reflect the relationship between the insurer’s risk appetite, risk limits, regulatory capital requirements, economic capital and the processes and methods for monitoring risk.


Enterprise risk management framework - risk appetite statement


16.4
The supervisor requires the insurer to have a risk appetite statement that:
  • articulates the aggregate level and types of risk the insurer is willing to assume within its risk capacity to achieve its financial and strategic objectives, and business plan;
  • takes into account all relevant and material categories of risk and their interdependencies within the insurer’s current and target risk profiles; and
  • is operationalised in its business strategy and day-to-day operations through a more granular risk limits structure.


Asset-liability management, investment, underwriting and liquidity risk management policies


16.5

The supervisor requires the insurer’s ERM framework to include an explicit asset-liability management (ALM) policy which specifies the nature, role and extent of ALM activities and their relationship with product development, pricing functions and investment management.


16.6
The supervisor requires the insurer’s ERM framework to include an explicit investment policy that:
  • addresses investment risk according to the insurer’s risk appetite and risk limits structure;
  • specifies the nature, role and extent of the insurer’s investment activities and how the insurer complies with regulatory investment requirements; and
  • establishes explicit risk management procedures with regard to more complex and less transparent classes of asset and investments in markets or instruments that are subject to less governance or regulation; and
  • as necessary, includes a counterparty risk appetite statement.

16.6.1    

An investment policy may set out the insurer’s strategy for optimising investment returns and specify asset allocation strategies and authorities for investment activities and how these are related to the ALM policy.

16.6.2    

The investment policy should address the safe-keeping of assets including custodial arrangements and the conditions under which investments may be pledged or lent.

16.6.3    

Credit risk should be considered in the investment policy.

16.6.4    
The investment policy should consider excessive asset concentration based on certain characteristics, including:
  • type of asset;
  • credit rating;
  • issuer/counterparty or related entities of an issuer/counterparty;
  • financial market;
  • sector; and
  • geographic area.

16.6.5    

It is important for the insurer to understand the source, type and amount of investment risk. For example, it is important to understand who has the ultimate legal risk or basis risk in a complex chain of transactions. Similar questions arise where the investment is via external funds, especially when such funds are not transparent.

16.6.6    

A number of factors may shape the insurer’s investment strategy. For insurers in many jurisdictions concentration risk arising from the limited availability of suitable domestic investment vehicles may be an issue. By contrast, international insurers’ investment strategies may be complex because of a need to manage or match assets and liabilities in a number of currencies and different markets. In addition, the need for liquidity resulting from potential large-scale payments may further complicate an insurer’s investment strategy.

16.6.7    

Where appropriate, the investment policy should outline how the insurer deals with inherently complex financial instruments such as derivatives, hybrid instruments that embed derivatives, private equity, hedge funds, insurance linked instruments and commitments transacted through special purpose entities. Complex or less transparent assets may present operational risks that are difficult to assess reliably, especially in adverse conditions.

16.6.8    

An effective investment policy and ERM framework should provide for appropriately robust models reflecting relevant risks of complex investment activities (including underwriting guarantees for such complex securities). There should be explicit procedures to evaluate non-standard risks associated with complex structured products, especially new forms of concentration risk that may not be obvious.

​16.6.9    
For complex investment strategies, the insurer’s investment policy and ERM framework may incorporate the use of stress testing and contingency planning to handle hard-to-model risks such as liquidity and sudden market movements. Trial operation of procedures may also be appropriate in advance of ‘live’ operation.

​16.6.10    
The insurer’s investment policy and ERM framework should be clear about the purpose of using derivatives and address whether it is appropriate for it to prohibit or restrict the use of some types of derivatives where, for example:
  • the potential exposure cannot be reliably measured;
  • closing out of a derivative is difficult considering the illiquidity of the market;
  • the derivative is not readily marketable as may be the case with over-the-counter instruments;
  • independent (ie external) verification of pricing is not available;
  • collateral arrangements do not fully cover the exposure to the counterparty;
  • the counterparty is not suitably creditworthy; and
  • the exposure to any one counterparty exceeds a specified amount.
These factors are particularly important for unregulated over-the-counter derivatives. The effectiveness of clearing facilities available may be a relevant consideration in assessing the counterparty risk associated with some types of over-the-counter derivatives, such as credit default swaps.

​16.6.11    
A counterparty risk appetite statement sets out the level of risk the insurer is willing to accept that a counterparty will be unable to meet its obligations as they fall due. This may impact the insurer’s financial position through, for example, reductions in fair value or impairment of investments, loss of reinsurance cover, open market exposures or the loss of securities that have been loaned.

​16.6.12     
In deciding whether it is necessary to require a counterparty risk appetite statement, the supervisor should take into account the size of the insurer’s counterparty exposures, both in absolute terms and relative to the insurer’s portfolio, according to the characteristics outlined in Guidance 16.6.4, as well as the complexity and form of these exposures. Particular attention should be paid to financial sector counterparties, as these counterparties may be more likely to contribute to the build-up of systemic risk. Attention should also be paid to off-balance sheet exposures or commitments, as these may be more likely to materialise during stress.

CF 16.6.a    
The group-wide supervisor requires the Head of the IAIG to establish and maintain a group-wide investment policy that sets criteria for investment quality and addresses the selection of, and exposure to, low-quality investments or investments whose security is difficult to assess.

​CF 16.6.a.1    
The group-wide investment policy should take into account the different regulatory investment requirements of the jurisdictions in which the IAIG operates.

​CF 16.6.b     
The group-wide supervisor requires the Head of the IAIG to:
  • set limits, or other requirements, in the group-wide investment policy so that assets are properly diversified and asset concentration risk is mitigated; and
  • have a counterparty risk appetite statement.

​CF 16.6.b.1     
The IAIG should avoid excessive concentrations in any particular:
  • type of asset;
  • credit rating;
  • issuer/counterparty or related entities of an issuer/ counterparty;
  • financial market;
  • sector; or
  • geographic area.

​CF 16.6.b.2    
To support the assessment of concentrations, the IAIG should analyse aggregate exposures to individual counterparties and to groups of related counterparties both at the legal entity level and group-wide level.

​CF 16.6.c    
 The group-wide supervisor requires the Head of the IAIG to establish criteria on intra-group investments in the group-wide investment policy.

​CF 16.6.c.1     
Criteria on intra-group investments should take into account, when appropriate:
  • liquidity;
  • contagion or reputational risk;
  • valuation uncertainty;
  • impact on capital resources;
  • nature of the IAIG’s business; and
  • financial condition of the individual legal entities.
The fact that intragroup investments may be subject to supervisory approval, in certain jurisdictions, does not remove the requirement for the Head of the IAIG to set its own criteria.

CF 16.6.d     
The group-wide supervisor requires the Head of the IAIG to monitor investments on a group-wide basis to identify levels of investment exposure that do not comply with the group-wide investment policy.

​CF 16.6.d.1     
Group-wide investment exposures that exceed limits, or any other non-compliance, should be reported to the IAIG Board and Senior Management upon identification. Reports to the IAIG Board and Senior Management should include material exposures that, even if within limits, could create financial difficulties within the IAIG if the value or liquidity of the investments decreases.

16.7
The supervisor requires the insurer’s ERM framework to include an underwriting policy that addresses the:
  • insurer’s underwriting risk according to the insurer’s risk appetite and risk limits structure;
  • nature of risks to be underwritten, including any material relationship with macroeconomic conditions; and
  • interaction of the underwriting strategy with the insurer’s reinsurance strategy and pricing.


16.7.1    
An underwriting policy should cover the underwriting process, pricing, claims settlement and expense control (where applicable and relevant to the expenses of the underwriting process). Such a policy may include:
  • the terms on which contracts are written and any exclusions;
  • the procedures and conditions that need to be satisfied for risks to be accepted;
  • additional premiums for substandard risks; and
  • procedures and conditions that need to be satisfied for claims to be paid.

16.7.2    
Control of expenses associated with underwriting and payment of claims is an important part of managing risk especially in conditions of high general rates of inflation. Inflation of claim amounts also tends to be high in such conditions for some types of risk. Insurers should have systems in place to control their expenses. These expenses should be monitored by the insurer on an ongoing basis.

16.7.3    
The underwriting policy should take into account the effectiveness of risk transfer. This includes ensuring that:
  • the insurer’s reinsurance programme provides coverage appropriate to its level of capital, the profile of the risks it underwrites, its business strategy and risk appetite; and
  • the risk will not revert to the insurer in adverse circumstances.

16.7.4    
In addressing the nature and amount of risks to be underwritten the underwriting policy should cover, at least:
  • product classes the insurer is willing to write;
  • relevant exposure limits (eg geographical, counterparty, economic sector); and
  • a process for setting underwriting limits.

16.7.5    
The underwriting policy should address the potential impact on the insurer’s financial position from material correlations between macroeconomic conditions and the insurance portfolio (for example by assessing the potential impact stemming from certain insurance products with embedded guarantees and options).

16.7.6    
The underwriting policy should address:
  • how an insurer analyses emerging risks in the underwritten portfolio; and
  • how emerging risks are considered in modifying underwriting practices.

​16.7.7     
The underwriting policy should describe interactions with the reinsurance strategy and associated credit risk, and should include details of the reinsurance cover of certain product classes or particular risks.

​CF 16.7.a    
The group-wide supervisor requires the Head of the IAIG to ensure that the IAIG implements its group-wide ERM framework by establishing procedures and monitoring practices for the use of sufficient, reliable and relevant data for its underwriting, pricing, reserving and reinsurance processes.

​Group-wide claims management policy

CF 16.7.b     
The group-wide supervisor requires the Head of the IAIG to establish and maintain a group-wide claims management policy, as part of the group-wide ERM framework, that includes procedures for:
  • claims estimation and settlement;
  • feedback into the group-wide underwriting policy and reinsurance strategy; and
  • claims data reporting for group analysis.

CF 16.7.b.1     
The group-wide claims management policy may establish procedures for:
  • delegations of authority for claims settlement;
  • criteria for accepting or rejecting claims; and
  • escalating claims.

​CF 16.7.b.2    
 A group-wide claims management policy should allow insurance legal entities to establish individual claims management policies and processes, adjusted to supervisory requirements and circumstances in their jurisdictions.

​CF 16.7.b.3    
 Escalating claims may include information about sudden increases in claim activity, delays in settlements and increased rejections.

​Group-wide strategy for reinsurance and other forms of risk transfer

CF 16.7.c     
The group-wide supervisor requires the Head of the IAIG to establish and maintain a group-wide strategy for reinsurance and other forms of risk transfer as part of the group-wide ERM framework that considers the following issues, as applicable:
  • the interaction with the group-wide risk and capital management strategies;
  • how the risk appetite is achieved, on both a gross limit and net retention basis;
  • the appetite for reinsurer credit risk, including approved security criteria for reinsurance transactions and aggregate exposure criteria to individual or related reinsurers;
  • the autonomy afforded to individual insurance legal entities to enter into “entity specific” reinsurance arrangements, and the management and the aggregation of these exposures in the group-wide context;
  • procedures for managing reinsurance recoverables, including required reporting from insurers;
  • intra-group reinsurance strategy and practice;
  • use of alternative risk transfer, including capital markets risk transfer products; and
  • effectiveness of risk transfer in adverse circumstances.​

​CF 16.7.c.1    
A strategy for other forms of risk transfer may include the use of capital markets risk transfer products (for example, insurance linked securities). Strategic considerations may include factors like the maturity of the capital markets offering such risk transfer products, regulatory approaches regarding the use of such risk transfer products, and overall mix of traditional reinsurance with other forms of risk transfer.

Group-wide actuarial policy​

CF 16.7.d     
The group-wide supervisor requires the Head of the IAIG to establish and maintain a group-wide actuarial policy, as part of the group-wide ERM framework, that consists of a set of group-wide practice standards, covering at least:
  • the process to assess the appropriateness, at the group-wide level, of the data, methodologies and underlying models used, as well as the assumptions made in the calculation of technical provisions;
  • the process to calculate reinsurance recoverable assets taking into account the design of the reinsurance programme under the reinsurance strategy of the IAIG; and
  • model risk management of internal models that generate actuarial and financial projections for solvency purposes.

​CF 16.7.d.1     
The group-wide practice standards comprising the group-wide actuarial policy should:
  • be compliant with applicable laws and regulations, accounting regime, and professional actuarial standards;
  • formalise materiality thresholds to trigger higher levels of management actions to ensure well-governed activities;
  • provide for a data validation process that supports actuarial activities to ensure data quality, comprehensiveness, granularity and timeliness;
  • provide a framework for determining assumptions used in valuations, including a process of incorporating the experience of the IAIG and its insurance legal entities, as well as a process of developing assumptions if the IAIG does not have enough experience in a particular business line or market;
  • articulate model validation and maintenance procedure to ensure that model usage and model modifications align with the risk appetite and risk limits structure; and
  • create consistent management information requirements from in-depth reviews and monitoring of actuarial activities.

​CF 16.7.d.2    
The group-wide actuarial policy should contain practice standards to raise awareness of matters that have, or are likely to have, a materially adverse effect on the solvency, reserves or financial condition of one of the insurance legal entities, or the IAIG as a whole. Such standards would prompt the group-wide actuarial function to inform the relevant Board, Senior Management or Key Persons in Control Functions, as appropriate, for suitable action (see ICP 8 Risk Management and Internal Controls).

​CF 16.7.d.3    
Differences in reporting may exist at the insurance legal entity level to comply with jurisdictional requirements. The group-wide actuarial policy should focus on group-wide reporting requirements, both for internal management purposes and for reporting and disclosure purposes. The group-wide reporting should reflect jurisdictional differences.

​CF 16.7.d.4    
The group-wide actuarial policy should require an assessment of the consistency of the base assumptions used to derive technical provisions compared to those used to derive capital requirements, economic capital models, or the forward-looking view in the ORSA. Such an assessment of consistency may provide insight as to the coherence of the base assumptions and those applied in stress conditions.

​CF 16.7.e    
The group-wide supervisor requires the group-wide actuarial function, as part of the group-wide ERM framework, to report (whether certified or not) to the IAIG Board annually on at least the following:
  • a prospective actuarial analysis of the financial condition of the IAIG which goes beyond the current balance sheet of the IAIG;
  • the reliability and sufficiency of the technical provisions;
  • ​the adequacy of reinsurance credit for technical provisions; and
  • ​consideration of non-insurance legal entities and non-regulated legal entities.

​CF 16.7.e.1     
The group-wide actuarial function should provide the IAIG Board an actuarial analysis of the current and future financial condition of the IAIG given recent experience and the group-wide policies for underwriting, claims management and investment and the group-wide reinsurance strategy.

CF 16.7.e.2    
The group-wide actuarial function may use the underlying actuarial reports submitted by the individual insurance legal entities as input to its annual reporting to the IAIG Board. Further examples of issues that could be addressed include:
  • the assumptions used by all of the insurance legal entities in the group and the consolidation/aggregation method applied at the group level;
  • the methodologies used to determine current estimates by each insurance legal entity and the consolidation/ aggregation method applied at the group level;
  • the methodologies used to determine the margin over current estimate by each insurance legal entity and the consolidation/aggregation method applied at the group level;
  • the availability and appropriateness of data used in valuations;
  • back-testing of assumptions and valuations;
  • uncertainty in current estimates used by both insurance legal entities and at the consolidated/aggregated group level;
  • the adequacy of pricing, taking into account the underwriting policies, at the appropriate unit level, the insurance legal entity level and the group level;
  • the performance of the IAIG's insurance portfolios and analysis of any changes in business volumes, exposures, claims experience, mix of business and pricing during the year;
  • asset-liability management under the group-wide investment policy;
  • suitability and adequacy of reinsurance or other forms of risk transfer arrangements, taking into account the strategies for underwriting and claims management, as well as the overall financial condition and risk appetite of the IAIG; and
  • the extent of reliance on the values provided by non-insurance legal entities.

16.8

The supervisor requires the insurer’s ERM framework to address liquidity risk and to contain strategies, policies and processes to maintain adequate liquidity to meet its liabilities as they fall due in normal and stressed conditions.


16.9
The supervisor requires, as necessary, the insurer to establish more detailed liquidity risk management processes, as part of its ERM framework, that include:
  • liquidity stress testing;
  • maintenance of a portfolio of unencumbered highly liquid assets in appropriate locations;
  • a contingency funding plan; and
  • the submission of a liquidity risk management report to the supervisor.


16.9.1    
Liquidity risk increases as the imbalance between liquidity sources and needs grows, for instance due to liquidity transformation. Unexpected liquidity needs could be generated by, for example:
  • derivatives, particularly any collateral or margin that needs to be posted for mark-to-market declines in the value of the contract;
  • securities financing transactions, including repurchase agreements and securities lending
  • insurance products that contain provisions that allow a policyholder to withdraw cash from the policy with little notice or penalty; and
  • insurance products covering natural catastrophes.
These activities may contribute to systemic risk when not properly managed, for instance when funds received from short-term securities lending or repurchase agreements or balances from more liquid insurance products are invested in illiquid assets.

16.9.2    
Some insurers are required to establish more detailed liquidity risk management processes as compared to those processes set out in Standard 16.8. More detailed liquidity risk management processes are intended to help the insurer with its risk management. Additionally, the measures may provide the supervisor with a view on vulnerabilities that may cause funding shortfalls in stress.

16.9.3    
Liquidity stress testing is a forward looking risk management tool to reveal vulnerabilities in the insurer’s liquidity profile and provide information on its ability to meet liabilities as they fall due. A portfolio of unencumbered highly liquid assets may provide a source of liquidity for the insurer to meet its liabilities as they fall due. A contingency funding plan, describing the strategies for addressing liquidity shortfalls in stress situations, may assist the insurer in addressing an unforeseen stress situation, where its liquid assets are insufficient or unexpectedly become illiquid. A liquidity management report could assist the insurer and the supervisor to address shortcomings in the insurer’s risk management by laying out details of its liquidity risk management in an accessible format.

16.9.4    
In deciding whether it is necessary to require more detailed liquidity risk management processes, and the intensity of such processes, the supervisor should take into account the nature, scale and complexity of the insurer’s activities that lead to increased liquidity risk exposure as well as the risk amplification effects related to the size of the insurer. Increased liquidity risk exposure may depend on, for example, the magnitude of potential collateral or margin calls from derivatives or other transactions, the use of securities financing transactions or the characteristics of insurance contracts that may affect policyholder behaviour around lapse, withdrawal or renewal.

16.9.5    
The supervisor may increase or decrease the intensity of these requirements by, for example, varying the frequency, scope and granularity of liquidity stress testing, the proportion of various types of highly liquid assets allowed in the portfolio or the form and level of detail in the contingency funding plan and liquidity risk management report.

16.9.6    
Where an insurer is required to establish more detailed liquidity risk management processes, the supervisor should assess the effectiveness of their implementation, including the interaction with existing control mechanisms. Additionally, the supervisor should evaluate the quality and quantity of the assets that the insurer includes in its portfolio of highly liquid assets in light of the liquidity characteristics of its activities. The supervisor may develop its own, general, criteria for highly liquid assets.

CF 16.9.a    
The group-wide supervisor requires the Head of the IAIG to assess the IAIG’s resilience against severe but plausible liquidity stresses to determine whether current exposures are within the IAIG’s liquidity risk appetite.

CF 16.9.a.1    
Forward-looking risk assessments should be done through scenario analysis or stress testing to reveal vulnerabilities in an IAIG’s liquidity profile and should be performed for material legal entities and the IAIG as a whole.

CF 16.9.a.2    
Depending on its business model, an IAIG may be vulnerable to different liquidity stresses than other insurers. Certain activities may contribute to larger or less predictable liquidity needs. The group-wide supervisor should therefore consider the nature, scale, and complexity of the IAIG’s activities that lead to increased liquidity risk exposure as well as the risk amplification effects related to the size of the IAIG when setting its expectations of the IAIG’s stress testing. The group-wide supervisor may, based on these considerations, vary the frequency, scope and granularity of liquidity stress testing.

CF 16.9.a.3    
The group-wide supervisor may suggest the IAIG include in its assessment certain stresses that have been informed by the group-wide supervisor’s macroprudential surveillance (ICP 24 Macroprudential Supervision).

CF 16.9.a.4    
The IAIG may consider the following when designing severe but plausible stresses:
  • exposure to insurable events;
  • withdrawals from, and run-offs of, insurance policies;
  • contingent off-balance sheet exposures;
  • the impact of a deterioration in the IAIG’s credit rating;
  • the ability to transfer liquidity between legal entities and between jurisdictions;
  • currency convertibility and access to foreign exchange markets;
  • reductions in the ability to access secured and unsecured wholesale funding; and
  • the correlation and concentration of funding sources.

CF 16.9.a.5    
The IAIG may consider the impact of chosen stresses on the appropriateness of its assumptions relating to:
  • correlations between funding markets;
  • the effectiveness of diversification across its chosen sources of funding;
  • additional margin calls and collateral requirements;
  • reliance on committed lines of credit;
  • estimates of future balance sheet growth and premium income;
  • the continued availability of market liquidity, including in currently highly liquid markets;
  • ability to access secured and unsecured funding; and
  • currency convertibility.

CF 16.9.a.6    
The IAIG should evaluate its cash inflows (sources) and cash outflows (needs) under stress scenarios and determine its stressed liquidity position, ie its net stressed cash outflows.

CF 16.9.b    
The group-wide supervisor requires the Head of the IAIG to establish and maintain an adequate level of unencumbered highly liquid assets in appropriate locations.

CF 16.9.b.1    
The IAIG should maintain adequate liquidity to meet its liabilities as they fall due in normal and stressed conditions. Where stress scenarios reveal stressed cash outflows that exceed stressed cash inflows, the IAIG should hold unencumbered highly liquid assets, with appropriate haircuts, of sufficient value to meet excess stressed cash outflows.

CF 16.9.b.2    

The group-wide supervisor should consider the results of the IAIG’s stress testing or scenario analysis when assessing the quality and quantity of the assets that the IAIG considers to be highly liquid assets.

Where an IAIG is subject to significant short-term liquidity needs (for example daily or weekly) the supervisor may require higher quality assets than an IAIG subject to longer-term needs. The group-wide supervisor may also require an IAIG with larger or less predictable stressed liquidity needs to hold a larger amount of highly liquid assets than an IAIG with smaller and more consistent liquidity needs.

 

CF 16.9.b.3    
The IAIG should be able to demonstrate to the group-wide supervisor the liquidity of any assets it considers highly liquid assets in its liquidity risk management report.

CF 16.9.b.4    
To promote their usability, assets that the IAIG relies on for liquidity should be free of legal, regulatory, contractual or other restrictions on the ability of the IAIG to liquidate, sell, transfer, or assign the assets (ie unencumbered).

CF 16.9.b.5    
The Head of the IAIG should ensure that its portfolio of highly liquid assets is sufficiently diversified. This may include looking through to the underlying assets to determine the extent of concentration risk. The Head of the IAIG should also consider whether it holds a substantial share of the market for a particular instrument, counterparty or asset class to assess if the market would be able to bear the IAIG’s sales and whether market reaction would not adversely impact the IAIG’s ability to monetise its assets as planned.

CF 16.9.b.6    
The Head of the IAIG should consider the marketability and realisability, including as acceptable collateral, of its highly liquid assets by taking into account factors such as market depth and access, monetisation timelines (for example delays in finding a willing buyer, time to settlement) and the likelihood and extent of forced-sale losses. In stressed market conditions, it may not be feasible to value properly or sell some types of assets or to do so without a significant loss in value.

CF 16.9.b.7    
Liquidity is not always freely transferable within a group when needed. The Head of the IAIG should ensure that liquidity is available to legal entities within the group when needed, subject to any applicable legal, regulatory or operational constraints, including cross-border constraints.

CF 16.9.b.8    
The minimum criteria for determining asset liquidity may be addressed in the group-wide investment policy or a separate liquidity policy.

CF 16.9.c    
The group-wide supervisor requires the Head of the IAIG to maintain a contingency funding plan to respond to liquidity stress events.

CF 16.9.c.1    
The group-wide supervisor should consider the nature, scale, and complexity of the IAIG’s activities that lead to increased liquidity risk exposure, as well as the risk amplification effects related to the size of the IAIG, when setting its expectations of the IAIG’s contingency funding plan requirements. This includes the form and level of detail of the contingency funding plan and the frequency for reviewing and updating the plan. The group-wide supervisor’s expectations may be informed by the IAIG’s liquidity stress testing or scenario analysis, which may reveal funding sources most likely to be impacted during stress and those on which the IAIG is most reliant. The group-wide supervisor may consider requiring a more detailed or frequently updated plan from an IAIG with more unpredictable cash inflows and outflows or where cash inflows and outflows are more significantly impacted by the IAIG’s liquidity stress tests or scenario analysis.

CF 16.9.c.2    
A contingency funding plan describes the strategies for addressing liquidity shortfalls in stress situations, including the methods that the IAIG would use to access alternative sources of funding.

CF 16.9.c.3    
A contingency funding plan should include quantitative metrics that the IAIG would use to identify a liquidity stress event, including the level and nature of the effect it would have on the IAIG’s liquidity position and on sources of available funding.

CF 16.9.c.4    
A contingency funding plan should outline the strategies, policies and processes to manage a range of stresses. The plan should establish a clear allocation of roles and clear lines of management responsibility. The plan should define procedures for identifying early warning indicators for potential liquidity stress events that are based on the features of the IAIG’s business.

CF 16.9.c.5    
The supervisor may allow the IAIG’s contingency funding plan to be developed as part of a recovery plan.

CF 16.9.d    
The group-wide supervisor requires the Head of the IAIG to report, at least annually, on its management of liquidity risk. The report includes at least the following:
  • a liquidity risk appetite statement;
  • established liquidity risk limits;
  • a discussion of the current liquidity position of the IAIG in relation to its liquidity risk appetite and limits;
  • a summary of strategies, policies and processes that the IAIG has in place to manage liquidity risk;
  • a discussion of potential vulnerabilities in the IAIG’s liabilities as well as the means of enhancing the liquidity position; and
  • the IAIG’s approach to, and results of, liquidity stress testing.

CF 16.9.d.1    
The group-wide supervisor should consider the nature, scale, and complexity of the IAIG’s activities that lead to increased liquidity risk exposure as well as the risk amplification effects related to the size of the IAIG when setting liquidity reporting requirements, including the level of detail of the report and the frequency for reviewing and updating the report. The supervisor may determine that the reporting requirement is satisfied by reference to other risk management policies, risk reporting and/or the ORSA report.

CF 16.9.d.2    
The summary of strategies, policies and processes should discuss any metrics the IAIG uses to identify, measure, monitor, and control liquidity risk as well as how the results from the liquidity stress testing are incorporated into day-to-day management of the IAIG. The Head of the IAIG should have a process in place to discuss the results and take the necessary actions.


Own risk and solvency assessment (ORSA)


16.10
The supervisor requires the insurer to perform regularly its own risk and solvency assessment (ORSA) to assess the adequacy of its risk management and current, and likely future, solvency position.


16.10.1    

The insurer should document the main outcomes, rationale, calculations and action plans arising from its ORSA.

16.10.2    
ORSAs should be largely driven by how an insurer is structured and how it manages itself. The performance of an ORSA at the insurance legal entity level does not exempt the group from conducting a group-wide ORSA.

16.11
The supervisor requires the insurer’s Board and Senior Management to be responsible for the ORSA.


16.12
The supervisor requires the insurer’s ORSA to:
  • encompass all reasonably foreseeable and relevant material risks including, at least, insurance, credit, market, concentration, operational and liquidity risks and (if applicable) group risk; and
  • identify the relationship between risk management and the level and quality of financial resources needed and available 
and, as necessary:
  • assess the insurer’s resilience against severe but plausible macroeconomic stresses through scenario analysis or stress testing; and
  • assess aggregate counterparty exposures and analyse the effect of stress events on material counterparty exposures through scenario analysis or stress testing.


ORSA - economic and regulatory capital


16.13
The supervisor requires the insurer to:
  • determine, as part of its ORSA, the overall financial resources it needs to manage its business given its risk appetite and business plans;
  • base its risk management actions on consideration of its economic capital, regulatory capital requirements, financial resources, and its ORSA; and
  • assess the quality and adequacy of its capital resources to meet regulatory capital requirements and any additional capital needs.


ORSA - continuity analysis


16.14
The supervisor requires:
  • the insurer, as part of its ORSA, to analyse its ability to continue in business, and the risk management and financial resources required to do so over a longer time horizon than typically used to determine regulatory capital requirements; and
  • the insurer’s continuity analysis to address a combination of quantitative and qualitative elements in the medium and longer-term business strategy of the insurer and include projections of its future financial position and analysis of its ability to meet future regulatory capital requirements.


Recovery Planning


16.15
The supervisor requires, as necessary, insurers to evaluate in advance their specific risks and options in possible recovery scenarios.


16.15.1    
The supervisor may require an insurer to produce a recovery plan that identifies in advance options to restore the financial position and viability if the insurer comes under severe stress (see Application Paper on Recovery Planning). In deciding whether it is necessary to require a recovery plan, and the form, content and level of detail of such recovery planning, the supervisor should take into account, for example, the insurer’s complexity, systemic importance, risk profile and business model. A recovery plan is intended to serve the insurer as an aid to sound risk management. Additionally, if the insurer comes under severe stress, a plan may serve the supervisor as valuable input to any necessary supervisory measures.

16.15.2    
The supervisor should require the insurer to provide the necessary information to enable the supervisor to assess the robustness and credibility of any recovery plan required. If the supervisor identifies material deficiencies in the plan, it should provide feedback and require the insurer to address these deficiencies.

16.15.3    
The supervisor should require the insurer to review any recovery plan required on a regular basis, or when there are material changes to the insurer’s business, risk profile or structure, or any other change that could have a material impact on the recovery plan, and to update it when necessary.

CF 16.15.a    
The group-wide supervisor requires the Head of the IAIG to:
  • develop a recovery plan that identifies in advance options to restore the financial position and viability;
  • review and update the recovery plan on a regular basis, or when there are material changes; and
  • take actions for recovery if the IAIG comes under severe stress.

CF 16.15.a.1    
The group-wide supervisor should consider the IAIG’s nature, scale, and complexity when setting recovery plan requirements, including the form, content and detail of the recovery plan and the frequency for reviewing and updating the plan.

CF 16.15.a.2    
Recovery planning is the responsibility of the IAIG. The IAIG should be able to take timely actions for recovery, in particular when any pre-defined criteria are met that trigger the activation of the recovery plan.

CF 16.15.a.3    
A recovery plan developed by the IAIG should cover all material legal entities within the group.

CF 16.15.a.4    
A recovery plan should serve as a guide for the IAIG to plan and manage severe stress scenarios, although the actual nature and timing of recovery actions will depend on the circumstances.

CF 16.15.a.5    
The IAIG should ensure that:
  • it has a robust governance structure and sufficient resources to support the recovery planning process, which includes clear allocation of responsibilities; and
  • recovery planning is integrated into the IAIG’s overall governance processes.

CF 16.15.a.6    
A recovery plan is an integral part of the risk management process of an IAIG, aimed at identifying actions to be taken in severe stress scenarios that pose a serious risk to the viability of the IAIG, or any material part of its insurance business. A recovery plan describes if and how the IAIG would:
  • discontinue or divest certain portfolios, business lines, legal entities, or other services; and/or
  • continue operating certain lines of insurance business while restructuring or running off its discontinued business lines in an orderly fashion.

CF 16.15.a.7    
A recovery plan should include:
  • a description of the legal entities covered by the plan, including their legal structures, interdependencies, core business lines and main risks;
  • a description of functions and/or services that are significant for the continuation of the IAIG (for example, shared services, such as information technology services and outsourced functions);
  • pre-defined criteria with quantitative and qualitative trigger points, governance, escalation mechanisms and supporting processes;
  • a range of severe stress scenarios, including both idiosyncratic and market-wide stress
  • credible options to respond to severe stress scenarios, including actions to address capital shortfalls and liquidity pressures, and to restore the financial condition of the IAIG, taking into account intra-group transactions;
  • assessment of the necessary steps, costs, resources and time needed to implement the recovery actions, including the risks associated with the implementation of the actions; and
  • strategies for communication with stakeholders.

CF 16.15.a.8    
Pre-defined criteria should be well-defined and aligned with contingency plans. They should include qualitative and quantitative criteria, such as a potential breach of a prescribed capital requirement (PCR). Criteria may also include triggers based on: liquidity, market conditions, macro-economic conditions, and the insurer's operational conditions.

CF 16.15.a.9    
Possible actions for recovery include:
  • strengthening the IAIG’s capital position, such as recapitalisations;
  • capital conservation, such as cost containment and suspension of dividends and of payments of variable remuneration;
  • reorganisation of corporate structure and divestitures, such as sales of legal entities or portfolios;
  • voluntary restructuring of liabilities, such as debt-to-equity conversion; and
  • securing sufficient diversified funding and adequate availability of collateral in terms of volume, location and quality.

CF 16.15.a.10    
As a recovery plan may not be able to cover every possible scenario, the IAIG may take, or the group-wide supervisor may require the IAIG to take, measures for recovery other than those contemplated in the IAIG’s recovery plan.

CF 16.15.a.11    
The group-wide supervisor should regularly review the recovery plan, including the predefined criteria, the assumptions and severe stress scenarios underlying the plan, to assess its credibility and likely effectiveness. Where necessary, the group-wide supervisor should provide feedback and require the IAIG to address any material deficiencies.

CF 16.15.b    
The group-wide supervisor requires the Head of the IAIG to have and maintain group-wide management information systems that are able to produce information relevant to the recovery plan on a timely basis.

CF 16.15.b.1    
The IAIG may rely on an existing information system, so long as it fulfils the objectives of producing information relevant to the recovery plan on a timely basis.

CF 16.15.b.2    
It is important that the IAIG has available the information necessary for executing recovery actions when needed. Some of this information may be similar to the information needed for resolution; however, recovery may also require other information (see ComFrame material under ICP 12 Exit from the Market and Resolution).


Role of supervision in ERM for solvency purposes


16.16
The supervisor undertakes reviews of the insurer's ERM framework, including the ORSA. Where necessary, the supervisor requires strengthening of the insurer’s ERM framework, solvency assessment and capital management processes.