18. januar 2007© iir - dreiländertreffen 18. – 19. januar 2007 erwartungen der schweizer...

18. Januar 2007 ©

IIR - Dreiländertreffen 18. – 19. Januar 2007

Erwartungen der Schweizer Aufsicht an die Interne Revision in der Schweiz

Philipp Keller, Bundesamt für Privatversicherungen

18. Januar 2007 © Seite 2

Contents

Principles-Based Supervision

• Supervision in the Past: Solvency1

• Principles vs. Rules

• New Swiss Insurance Regulation

Swiss Solvency Test

Risk Management

Internal Audit


• Discount rates for liabilities were set with reference to an expected asset profit based on past experience

• Implicit - often unknown - prudence in liabilities

• No explicit valuation of embedded options and guarantees

• Amortized cost for bonds• Solvency 1: No capital requirement

for market and credit risk

• High risk assets resulted in reduction of liabilities

• Sales-forces pushed for adding high guarantees to life policies

• Foreclosing of investment opportunities due to amortized cost approach for bonds

• Cash flow underwriting

• Downward spiral when business contracts

• Underwriting cycles are exacerbated

“The actuarial convention according to which the composition of the assets determines the size of the liabilities is one of the weirdest emanations of the human mind. It's a metaphor - like saying that the advent of jet planes made the Atlantic narrower - and metaphor has a limited place in finance”

Speech given by Martin Taylor to the National Association of Pension Funds conference

Supervision in the Past


Correlation Solvency 1 and SST

Risk bearing capital / target capital

Sol

ven

cy 1

rat

io

Nonlife

correlation -0.178

Risk bearing capital / target capitalS

olve

ncy

1 r

atio

correlation 0.56

Life

The correlation between the Solvency 1 ratio and the SST solvency ratio is 0 for nonlife and approx. 0.5 for life (based on provisional data from field test 2006)


Principles vs Rules

“.. in designing Solvency 2 our principal aim should be to incentivise insurance firms to use, and reward them for using, modern risk management practices appropriate to the size and nature of their business.”

Speech by John Tiner, Chief Executive, FSA, ABI conference on Solvency II and IASB Phase II, 6 April 2006

A risk based solvency system has to rely on principles rather than rules if it has to give incentives for risk management

Principles-based standards describe the objective sought in general terms and require interpretation according to the circumstance.

A rule-based approach is not be possible if internal models will be used for regulatory purposes

A principles based approach however only works with a responsibility culture and not with a compliance culture


New Swiss Insurance Regulation

Main Aims

• Policy holder protection from fraud

• Policy holder protection from the consequences of insurance failures

• Functioning and innovative insurance market

Preconditions

• Pervasive responsibility culture

• People act with integrity

• Existence of a risk culture

• Transparency

• Rule of Law

The strategy of FOPI promotes the necessary preconditions to achieve its main aims:

• Risk based supervision

• Principles based supervision

• Enabling competition within the market

• Being professional, efficient and transparent


Contents


Swiss Solvency Test

• SST Principles

• The Economic View

• Standard- vs. Internal Models

Risk Management

Internal Audit


Swiss Solvency Test: Principles1. All assets and liabilities are valued market

consistently

2. Risks considered are market, credit and insurance risks

3. Risk-bearing capital is defined as the difference of the market consistent value of assets less the market consistent value of liabilities, plus the market value margin

4. Target capital is defined as the sum of the Expected Shortfall of change of risk-bearing capital within one year at the 99% confidence level plus the market value margin

5. The market value margin is approximated by the cost of the present value of future required regulatory capital for the run-off of the portfolio of assets and liabilities

6. Under the SST, an insurer’s capital adequacy is defined if its target capital is less than its risk bearing capital

7. The scope of the SST is legal entity and group / conglomerate level domiciled in Switzerland

8. Scenarios defined by the regulator as well as company specific scenarios have to be evaluated and, if relevant, aggregated within the target capital calculation

Defi

nes O

utp

ut

9. All relevant probabilistic states have to be modeled probabilistically

10. Partial and full internal models can and should be used. If the SST standard model is not applicable, then a partial or full internal model has to be used

11. The internal model has to be integrated into the core processes within the company

12. SST Report to supervisor such that a knowledgeable 3rd party can understand the results

13. Public disclosure of methodology of internal model such that a knowledgeable 3rd party can get a reasonably good impression on methodology and design decisions

14. Senior Management is responsible for the adherence to principles

Defi

nes H

ow

-to

Tra

nsp

are

ncy


Swiss Solvency Test: Economic View

The measurement of risks: Accounting risk or economic risk?

Reported earnings follow the rules and principles of accounting. The results do not always create measures consistent with underlying economics. However, corporate management’s performance is generally measured by accounting income, not underlying economics. Therefore, risk management strategies are directed at accounting, rather than economic performance.

Enron in-house risk-management handbook

For a risk-based solvency system, risks need to be measured objectively and consistently


Market Value Margin

Available capital SCR: Required capital for

1-year risk

Discounted best estimate of liabilities

Free capital

Market consistent value of liabilities

Market value of assets

Cost of Capital Margin

Market value of the replicating portfolio

The market consistent (economic) balance sheet

Swiss Solvency Test: Economic View


Standard vs. Internal Models

Risk Quantification:

• Using standard models for life, P&C and health companies, if the standard models capture the risk the companies are exposed to appropriately

• Using internal models for reinsurers, insurance groups and conglomerates and all companies for which the standard model is not appropriate (e.g. if they write substantial business outside of Switzerland)

The use of an internal model is the default option, the standard models can only be used if they adequately quantify the company‘s risks


Contents


Swiss Solvency Test

Risk Management

• Corporate Governance

• Senior Management & The Board of Directors

Internal Audit


Warren Buffett‘s three key principles for running a successful insurance business:

February 28, 2002, Warren E. Buffett

• They accept only those risks that they are able to properly evaluate (staying within their circle of competence) and that, after they have evaluated all relevant factors including remote loss scenarios, carry the expectancy of profit. These insurers ignore market-share considerations and are sanguine about losing business to competitors that are offering foolish prices or policy conditions.

• They limit the business they accept in a manner that guarantees they will suffer no aggregation of losses from a single event or from related events that will threaten their solvency. They ceaselessly search for possible correlation among seemingly-unrelated risks.

• They avoid business involving moral risk: No matter what the rate, trying to write good contracts with bad people doesn't work. While most policyholders and clients are honorable and ethical, doing business with the few exceptions is usually expensive, sometimes extraordinarily so.

Risk Management


Corporate Governance

Board of Directors

Actuarial Profession

Supervisor

Accounting Profession

Risk Management

Senior Management

Internal Audit

Responsible Actuary

Professional guidance and enforcement of code of conduct

Direct supervision and check that oversight responsibilities are implemented

Indirect supervision to ascertain that professional standards are defined and in-line with regulatory expectations

Principles based supervision will depend on a web of relationships between the company, professional bodies and the supervisor

For a liberal, principles based approach to function, all have to see to it that the system of checks and balances works

Implications for supervision: closer contact and dialogue with the board, professional bodies and all relevant functions within the company


The Board of Directors is responsible for:• the governance, guidance and oversight responsibilities that are critical

to an effective internal control structure• defining necessary board committees (e.g. audit committee, nomination

and compensation committee,…)

• The Board as a whole needs to have sufficient technical as well as strategical insurance know-how to be able to supervise and guide the company as well as the necessary stature and mindset

• A Board must be prepared to question and scrutinise management’s activities, present alternative views and have the courage to act in the face of obvious wrongdoing

• The Board and management need to know how adverse a risk must be for it to impair the insurer’s financial position. This should include all risks arising from the insurer’s assets and liabilities

• The members of the Board need to satisfy fit and proper requirements and have to minimize conflict of interests

• The Board needs to define the risk appetite and see to it that it is in line with the actual risk capacity of the company

Senior Management & the BoD


FOPI will discuss with the Board the results of the SST/internal models and specific risk exposures of the company

FOPI will discuss with senior management in addition the embedding of the SST/internal model within the company, the relevance of risk management as well as the influence of risk on the strategic

As of 2007, FOPI will meet external Board of Directors and Senior Management to discuss risk positions of companies and alignment of strategy with risk capacity

For large or complex companies or companies with a high risk exposure, the meetings will be at least yearly

FOPI has no intention to set the strategies of the supervised companies but wants to have comfort that strategic decisions are

discussed within senior management and with the board in the context of the company’s actual risk capacity

Senior Management & the BoD


Contents


Swiss Solvency Test

Risk Management

Internal Audit

• Rights and Obligations

• Supervisory Assessment


Internal Audit

Independent Professional

At least yearly complete reportIn case of problems:

immediate reporting to the board

Audit reports

Quality review min. every 5 years

External Audit

On request, internal audit supplies external audit with reports to specific topics

IA is independent from all operative processes

IA has full access to all of the company

Internal Audit

Head IA

Appoints the head of IA

Discusses IA reports and reacts in a timely manner

Board of Directors


Die Interne Revision ist ein Kontrollinstrument des Verwaltungsrates. Sie führt objektive, unabhängige und risikoorientierte Prüfungen der Prozesse und Strukturen eines Versicherungsunternehmens, einer Versicherungsgruppe oder eines –konglomerates durch. Sie unterstützt die Organisation bei der Erreichung ihrer Ziele, indem sie mit einem systematischen und zielgerichteten Ansatz die Effektivität des Risikomanagements, des internen Kontrollsystems sowie der Führungs- und Überwachungsprozesse analysiert, beurteilt und darüber Bericht erstattet.

Sie handelt im Auftrag des Verwaltungsrates oder des Prüfungsausschusses (Audit Committee) und erstattet diesen Gremien Bericht.

Definition

RICHTLINIE Nr. 1/2007 des BPV vom 12. Dezember 2006 zur Internen Revision

Internal Audit



Internal Audit (IA) is tasked with analyzing, reviewing and documenting the quality and effectivity of risk management, the internal control system and management- and control processes. The focus of the internal audit is on the operative processes of the company

• IA informs the BoD in writing on all relevant findings. The BoD needs to be informed at once in case of problems.

• IA writes at least yearly a complete audit report for the BoD or the audit committee. The audit report is then to be sent to external audit. The audit report is a compilation of all relevant internal audit reports sufficiently detailed to show the adequacy of the processes and operative risks

• On request, IA supplies external audit with reports on specific topics

Internal Audit: Rights and Obligations


• The head of internal audit is assigned by the Board of Directors (BoD)

• IA is directly responsible to the BoD and is independent from the operative organization of the company. In particular, the function of responsible actuary is not commensurate with an audit function

• The BoD is responsible that IA is adequately staffed and has enough resources and know-how to fulfill its function

• The BoD is responsible to have a quality review of IA performed at least every 5 years. The quality review has to be done by external, independent persons

• IA has full access to all documents, systems, processes and functions and the right to do any reviews within the company.

• IA has the right to request any information necessary to fulfill its duties


Internal Audit: Rights and Obligations


• FOPI will meet regularly with the BoD to assess whether the Board is aware of its responsibility vis-à-vis internal audit and ensures that IA is adequately staffed and has access to the company

• FOPI will meet with IA to assess if it is adequately staffed with personnel with sufficient know-how

• FOPI will ensure that SIIA ‘s (Swiss Institute of Internal Audit) self-governance and enforcement of its code of conduct is adequate

Internal Audit: Supervisory Assessment


The success of principles based supervision will depend crucially on: Trust and an open and informed dialog between the industry and the supervisor Development of a responsibility culture the willingness to do the right thing

rather than purely complying with a minimal set of rules Adequate self-governance of the industry and relevant professional associations

(actuaries, accountants,…)

The ultimate responsibility for ascertaining adherence to principles lies with the supervisor but a principles based supervisory framework will depend on devolving responsibility for implementing the principles away from the supervisor to the board of directors, senior management and professional organizations

I believe we are on an irreversible trend toward more freedom and democracy - but that could change

Dan Quayle

Outlook

18. januar 2007© iir - dreiländertreffen 18. – 19. januar 2007 erwartungen der schweizer...

Documents