introduction to iops principles for risk based supervision ross jones – president iops deputy...

32
Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional IOPS Workshop on Private Pension Supervision Lima, Peru 8 September 2011

Upload: noel-johnson

Post on 12-Jan-2016

213 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

Introduction to IOPS Principles for Risk Based Supervision

Ross Jones – President IOPSDeputy Chairman, Australian Prudential Regulation Authority

Regional IOPS Workshop on Private Pension Supervision Lima, Peru

8 September 2011

Page 2: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 1 : Objectives

National laws should assign clear and explicit objectives to pension supervisory authorities

Strategic objectives should be clear and public Responsibilities of the pensions supervisor

should give a clear mandate and assign specific duties

Page 3: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 1 : Objectives; Assessment questions

Is there legislation providing for a pension supervisor? Does the legislation set out objectives? Are objectives public and binding? Does the legislation explicitly set out

responsibilities and duties of the pension supervisor?

Does the supervisor explicitly set out its responsibilities and duties (and are they consistent with legislative objectives?)

Page 4: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 2 : Independence

Pension supervisory authorities should have operational independence

Autonomy in day-today operations and decision making

Funding to ensure independence Appointment procedures transparent Judicial review of supervisory actions

Page 5: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 2 : Independence; Assessment questions

Is the supervisory authority established as a body with operational independence?

What type of restrictions exist on the ability of the government to make directions to the supervisory authority?

Is there transparency in the process for appointing senior positions?

Is there transparency in the process for terminating senior positions so that threat of termination can’t be used to influence decisions?

Are senior officers replaced when there is a change of government?

If funded by levies on supervised entities, is there freedom from interference by these entities?

Is the agency head appointed for a fixed term?

Page 6: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 3 : Adequate resources

Pension supervisory authorities require adequate financial, human and other resources

Able to conduct functions efficiently and independently

Funding to ensure independence

Page 7: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 3 : Adequate resources; Assessment questions

Is the budgetary timeframe long enough (e.g. 3 years) to provide stability in planning and recruitment?

Is the budget sufficient to enable supervisory agency to meet its responsibilities? (very subjective)

Does the agency have freedom in hiring with regard to staff numbers and salary?

Are senior staff appropriately qualified? Is the fee structure transparent?

Page 8: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 4 : Adequate powers

Pension supervisory authorities should be endowed with the necessary investigative and enforcement powers to fulfil their functions and achieve their objectives

Powers appropriate to the system being supervised

Powers appropriate to the manner of supervision e.g. appropriate investigatory and enforcement powers

Page 9: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 4 : Adequate powers; Assessment questions

Are the supervisor’s powers clearly established by its governing legislation?

Can the supervisor gain access to the information it needs? Is there a licensing or registration process that enables the

supervisory agency to obtain relevant information and to reject/amend/revoke the license/registration in the case of serious non-compliance?

Can the supervisor enforce legislation relating to funding/capital adequacy, fitness and propriety?

Have there been any difficulties in using available powers? Is the legal framework flexible with appropriate gradation of

powers and defined strategic goals?

Page 10: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 5 : Risk orientation

Pension supervision should seek to mitigate the greatest potential risks to the pension system

Objectives of supervision should be risk-based Allocate supervisory resources to highest risk

areas Pro-active approach to avoid problems before

they occur

Page 11: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 5 : Risk orientation; Assessment questions

Are the supervisory authority’s objectives risk based rather than focusing on compliance?

Are resources of the authority allocated to the highest risk areas?

Do the supervisors consider both the probability and likely impact of potential risks?

Does the supervisor assess risks for each entity under supervision (for example by a risk scoring model)

Page 12: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 6 : Proportionality and consistency

Pension supervisory authorities should ensure that investigatory and enforcement requirements are proportional to the risks being mitigated and that their actions are consistent

Important to have the appropriate range of legal powers and tools Similar cases dealt in similar manner and follow due process Balance costs and impact of supervisory action Risk assessment and supervisory action should avoid

procyclicality

Page 13: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 6 : Proportionality and consistency; Assessment questions

Can the supervisory authority vary its activities according to the magnitude of risks being addressed?

Does the supervisory have procedures for helping the choice of a proportionate response, such as an enforcement pyramid?

Does the supervisory allow entities appropriate flexibility in deciding how to comply with legislation?

Are there processes in place to ensure consistency between actions where circumstances are similar?

Page 14: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 7 : Consultation and cooperation

Pension supervisory authorities should consult with the bodies they are overseeing and cooperate with other supervisory authorities

Industry consultation assists to get ‘buy-in’ Information exchange with co-regulators at home

and under cross-border arrangements promotes efficiency and supports preventative measures

Intensify coordination during periods of financial difficulty

Page 15: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 7 : Consultation and cooperation; Assessment questions

Does the supervisory authority consult with the pensions industry when determining strategic supervisory approaches?

Is the supervisory authority empowered to exchange information with equivalent oversees authorities, subject to appropriate requirements?

Page 16: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 8 : Confidentiality

Pension supervisory authorities should treat confidential information appropriately

Only release if permitted by law If in doubt, check first Principle extends ‘down the line’ Codes of confidentiality for staff Publish confidentiality policy

Page 17: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 8 : Confidentiality; Assessment questions

Does the supervisory authority have a confidentiality policy which sets out the authority’s procedures to prevent inappropriate disclosure of non public information?

Are there mechanisms to prevent disclosure of confidential information by staff, including after they have left the supervisory authority?

Page 18: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 9 : Transparency

Pension supervisory authorities should conduct their operations in a transparent manner

Adopts clear, transparent and consistent processes

Regularly reports on policy and performance Subject to external review Publishes industry information and supervisory

response framework (e.g. enforcement pyramid)

Page 19: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension SupervisionPrinciple 9 : Transparency; Assessment

questions

Does the supervisory authority publish its rules and procedures?

Is the supervisory authority subject to appropriate audit and reporting requirements (that do not compromise its independence)?

Does the supervisory authority publish an Annual Report explaining how it has (or has not) met its objectives?

Does the supervisory authority explain to individual supervised entities why it has taken particular action?

Page 20: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 10 : Governance

The supervisory authority should adhere to its own governance code and should be accountable

Controls, checks and balances Code of conduct Decisions are reviewable Accountable to e.g. Parliament, members and beneficiaries Governance codes, internal risk management systems.

Page 21: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Principle 10 : Governance; Assessment questions

Does the supervisory authority have appropriate codified procedures for internal governance, and is compliance with these, monitored and enforced?

Is there a code of conduct for all staff regarding gifts, hospitality etc and declaring conflicts of interest?

Is there independent review within the agency of decisions which have significant implications for the supervised entity?

Is there an appeals process against decisions? Does the supervisory agency measure its performance

against objectives and provide external stakeholders with the results?

Page 22: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension SupervisionMETHODOLOGY

Provides a structured framework for assessing the extent to which a pension supervisory authority complies with the letter and spirit of the Principles

Can be used for external or self-assessment Also indicates type of evidence that may help to answer questions Compliance rated as:

- Fully implemented – the IOPS Principle is implemented in all material respects

- Broadly implemented – the Principle is implemented in all but one or two material respects and the exceptions do not significantly detract from the overall opinion. It should be possible to say something positive about compliance in answer to nearly every question

- Partly implemented – while a negative answer is given to some questions, the responses to the majority of the questions are consistent with compliance

- Not implemented - there are major shortcomings against the Principle

- Not applicable –the Principle does not apply due to structural, legal or institutional features

Page 23: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Self assessment results

Well Implemented Principles Medium Implemented Principles

Poorly Implemented Principles

1 Objectives

10 Governance 5 Risk-based Supervision

4 Powers

9 Transparency 6 Proportionality + Consistency

7 Communication

2 Independence 3 Adequate Resources

8 Confidentiality

Page 24: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Recommendations• To improve compliance with the IOPS Principles, pensions

supervisory authorities may consider: Embedding strategic objectives in legislation, make these omore risk-

orientated, and publish performance assessment vs. them Making appointment of head of authority and board transparent and fair

(requiring suitable professional experience) Striving for more autonomy in the setting of supervisory budgets

(including longer time periods) Introducing indemnity for the authority’s staff Striving for more independence and flexibility in terms of staff policy Using the introduction of risk-based supervision to review and redefine

required supervisory powers. Developing a formal framework for risk-based supervision

Page 25: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Principles of Private Pension Supervision

Recommendations Developing procedures for articulating supervisory responses (e.g.

enforcement pyramid). Intensifying dialogue with supervised entities to help aid their

understanding of supervisory expectations, procedures and actions, Improving international dialogue with supervisory peers. Drafting manuals for the treatment of confidential information Undertake cost-benefit analysis of supervisory actions. Strengthening the government requirements of the supervisory

authority itself (introducing codes of conduct, reviews of supervisory interventions etc.)

Page 26: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

What is Risk-based Supervision? • A structured approach focusing identifying potential risks faced by pension

funds and assessing the financial and operational factors in place mitigate those risks. This process then allows the supervisory authority to direct its resources towards the issues and institutions which pose the greatest threat.

• Can be applied in many different ways quantitative measures of risk vs. qualitative judgement of risk management risk-scores for each entity vs. analysis of risks systemic to pension system identify weak areas within a supervised entity vs. which institutions

amongst thousands may pose the greatest threat

• Elements common to all RBS systems Determine objectives of supervisory authority + greatest risks to these Assess hazard or adverse events + likelihood of these occurring Assign scores and / or ranks to firms or activities based on assessments Link supervisory response to the risk scores assigned

Page 27: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

Combine ‘risk’ and ‘rules’ based approach

Page 28: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

Risk-based Supervision DB vs DC

RBS DB• Focus on sponsor• Solvency and

funding key issues• Use of quantitative

measurement tools

RBS DC• Focus on individual

members• Focus on risk-

management systems

• Qualitative measurement more appropriate

Page 29: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

Why adopt Risk-based supervision?

• To improve supervisory effectiveness and efficiency

• To address internal organisational concerns• To adapt to changes in the overseen industry• To gain legitimacy following supervisory failure • To meet requirements imposed by legislation• To adapt to the changing nature of financial risks

themselves, as these become more complex and - with the growth of DC pension systems - are increasingly transferred to individuals

Page 30: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

Challenges

• Combining simplicity with complexity • Knowledge and data • Ensuring that assessments of firms are forward looking• Going beyond the individual firm in assessing risk• Structure and operation of internal risk governance

processes• Changing the culture to embed the risk based approach

across the whole organization• Managing blame• Making resources follow risks

Page 31: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

Lessons Learnt

• Adaptation of Models - consult widely but build your own/ flexibility, upgrades, pilot test

• Application of Models – know weaknesses /use with judgment• Data Collection – plan properly/ use existing where possible/ collect

electronically• Reorganisation of the Supervisory Body – allow plenty of time• Staff – train all on philosophy as well as process• Industry – explain new approach and what is expected of them• Powers – make sure sufficient data collection + enforcement powers• Risk-based solvency – apply flexibly in volatile conditions / counter-cyclical• Systemic risk – build into analysis • Think in terms of achievability – target resources for maximum impact• It is worth doing

Page 32: Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional

IOPS Toolkit for Risk-based Supervision