Dr. Onur ACARRisk ManagerMapfre Genel Insurance

Risk Management Practices in Solvency II

• It is the proposed new EU legislation which will govern the capital requirements of insurance companies.

• Disadvantages of Solvency I which entered into force in 1970s:– Capital is not adequately directed to risks– Rules conflict with good risk management– A lack of harmonisation across the EU

• Solvency II is an opportunity for a better and more appropriate risk based solvency regime

What is Solvency II?

2

Solvency II : 3 Pillars

• It is not only a capital calculation system but it is based on 3 Pillars:

- Pillar I, which focuses on quantitative requirements

- Pillar II, which focuses on qualitative requirements and supervisory activities

- Pillar III, which addresses supervisory and public disclosure of financial and other information

3

Solvency II: 3 Pillar Approach

SOLVENCY II

Governance

Supervisory review

PILLAR 1

Financial reporting

Transparency

QualitativeRequirements Market discipline

PILLAR 2 PILLAR 3

SCR and MCR

Technical reserves

Own funds

GROUP ISSUES

Quantitativerequirements

4

Aims of Solvency II

• Strong, effective policyholder protection with optimal capital allocation

• Proportionate, risk-based approach to supervision with appropriate treatment both for small and large companies

• To incentivise more sophisticated risk management tools

• To increase competition within the EU insurance markets and the global competitiveness of the EU insurers

5

Where do we stand in the Solvency II process?2005 2006 2007 2008 2009 2010 2011

Directive Development(Commission)

Directive Adoption(Council &

Parliament)

Level 2 & 3(EC & CEIOPS)

CEIOPS work on Pillar I

CEIOPS work on Pillars II and III

CEIOPS advice on Implementing Measures

QIS5QIS 1 QIS 2 QIS 3 QIS 4

CEIOPSadvice on

Proportionality& Groups

Industry gets prepared

CEIOPS work on L3

2012

Transposition1 Jan 2014 ?

Risk-based economic model• A risk-based economic model implies an increased accuracy of the

solvency assessment, closer to the true risk profile of the insurance company.

• The main principles of a true economic risk-based model are:

- A Total Balance Sheet approach: market consistent valuation of all assets and liabilities in the balance sheet

- Addressing risk diversification effects: within the same risk, between risks, between companies, between geographical areas

- Addressing risk mitigation effects: reinsurance and ART

7

Solvency Capital Requirement (SCR)Target Capital that an entity should aim to meet under normal operating conditions

Dropping below SCR does not necessarily require immediate supervisory intervention

Minimum Capital Requirement (MCR)Reflects a level of capital below which ultimate supervisory action could be triggered

Ladder of InterventionAn appropriate ladder of intervention if the available capital falls below SCR

Internal Model

Standard Approach

Market -consistent Value of

Liabilities

Level of MCR

Level of SCR

Ladder of Intervention

Solvency II: Capital Requirement Levels

8

SCR

BSCR SCRop

SCRintangSCRhealth SCRnon-lifeSCRdef SCRlife

Adj.

SCRmarket

MktfxHealthSLT

HealthNonSLT

HealthCAT

NLPrem&Res

HealthMort

HealthLong

HealthDisMorb

HealthExp

HealthSLTLapse

HealthRev

HealthPrem&Res

LifeMortLifeMort

LifeLong

LifeDis/Morb

LifeLapse

LifeExp

Mktprop

Mktint

Mkteq

Mktsp= adjustment for the risk mitigating effect of future profit sharing

HealthCAT

HealthNSLTLapse

Mktilliq

SCR CALCULATION

System of Governance in Solvency II

10

The functions included in the system of governance are considered to be key functions and consequently also important and critical functions.

• The system of governance should:– be proportionate to the nature, scale and complexity of the operations of

the insurer– include an adequate transparent organisational structure with a clear

allocation and appropriate segregation of responsibilities and an effective system for ensuring the transmission of information

– be subject to regular internal review

• Governance is crucial because:– Solvency II is a flexible system– There are risks that cannot be properly quantified– There are internal models

11

System of Governance in Solvency II

Management Body

Fit and Proper Requirements

Internal Control

Internal Audit

Actuarial Function

Management body has the ultimate responsability to establish an effective system of governance which provide for sound and prudent management of the business.

12

Governance – Management Body

Risk Management

All persons who effectively run the undertaking or have other key functions should be fit and proper.

Their professional qualifications, knowledge and experience should be adequate to enable sound and prudent management (fit)

They should be of good repute (proper)

13

Governance – Fit and Proper RequirementsManagement Body

Fit and Proper Requirements

Internal Control

Internal Audit

Actuarial Function

Risk Management

Companies should have an effective internal control function that should include:

administrative and accounting proceduresappropriate reporting arrangements at all levels of the company a compliance function

Compliance function should include:

advising the management body on compliance with laws, regulations and administrative provisions an assessment of the possible impact of any changes in the legal environment on the operations of the company

14

Governance – Internal ControlManagement Body

Fit and Proper Requirements

Internal Control

Internal Audit

Actuarial Function

Risk Management

Companies should have an effective internal audit function that should:

include an evaluation of the adequacy and effectiveness of the internal control system and other elements of the system of governance. be objective and independent from the operational functions.

Any findings and recommendations of the internal audit should be reported to the management body which should determine what actions are to be taken.

15

Governance – Internal AuditManagement Body

Fit and Proper Requirements

Internal Control

Internal Audit

Actuarial Function

Risk Management

Companies should have an effective actuarial function to:

ensure the appropriateness of the methodologies and models used in the calculation of technical provisionsinform the management body regarding the reliability and adequacy of the calculation of technical provisionsexpress an opinion on the overall underwriting and reinsurance policycontribute to the effective implementation of the risk management system

16

Governance – Actuarial FunctionManagement Body

Fit and Proper Requirements

Internal Control

Internal Audit

Actuarial Function

Risk Management

Companies should have an effective risk management system comprising strategies, processes and procedures necessary to identify, measure, monitor, manage and report the risks they face.

It needs to be integrated into the decision making process of the company.

The management body should have the ultimate responsibility for ensuringthat the implemented risk management system is suitable, effective andproportionate to the nature, scale and complexity of the risks.

17

Governance – Risk ManagementManagement Body

Fit and Proper Requirements

Internal Control

Internal Audit

Actuarial Function

Risk Management

Tasks of the Risk Management Function

• Assisting the management body in the effective operation of the risk management system

• Monitoring the risk management system• Maintaining an organisation-wide and aggregated view on the risk profile

of the company• Reporting details on risk exposures and advising the management body

with regard to risk management matters• Identifying and assessing emerging risks

18

Operational Risk

The risk of loss arising from inadequate or failed internal processes, personnel or systems, or from external events

Liquidity Risk

The risk that the company is unable to realise investments and other assets in order to settle its financial obligations when they fall due

Underwriting Risk

The risk of loss in the value of insurance liabilities, due to inadequate pricing and provisioning assumptions

Market Risk

The risk of loss in the financial situation resulting from fluctuations in the level and in the volatility of market prices of assets, liabilities and financial instruments

Credit Risk

The risk of loss in the financial situation, resulting from fluctuations in the credit standing of counterparties or issuers of securities

Concentration Risk

All risk exposures with a loss potential which is large enough to threaten the financial position of the company

Risks To Be Covered by Risk Management

20

Effective Risk Management System

Adequate written policies

Appropriate processes and procedures

Appropriate procedures and feedback loops

Appropriate management reporting

Clearly defined and well documented Risk management strategy should include:

risk management objectives

key risk management principles

general risk appetite

assignment of risk management responsibilities across all the activities of the company

It should be consistent with the company’s overall business strategy.

21

Effective Risk Management System

Appropriate processes and procedures

Appropriate procedures and feedback loops

Appropriate management reporting

Clearly defined and well documented

Written risk management policies should include:

definition and categorisation of the material risks faced by the company

definition of acceptable risk limits

implementation of risk strategy and control mechanisms

Written policies should at least cover:

underwriting and reserving

asset–liability management (ALM)

investments

liquidity and concentration risk management

operational risk management

reinsurance

Adequate written policies

22

Effective Risk Management System

Adequate written policies

Appropriate procedures and feedback loops

Appropriate management reporting

Clearly defined and well documented Main risk management strategies and

policies should be approved by the management body.

Processes and procedures should include:

risk identification

risk assessment

risk measurement

risk monitoring

risk reporting

Appropriate processes and procedures

23

Effective Risk Management System

Adequate written policies

Appropriate processes and procedures

Appropriate management reporting

Clearly defined and well documented Information on the risk management system

should be actively and continuously monitored and managed by the management body and by all relevant staff

Appropriate reporting and feedback loops

24

Effective Risk Management System

Adequate written policies

Appropriate processes and procedures

Appropriate procedures and feedback loops

Clearly defined and well documented Material risks faced by the company and the

effectiveness of the risk management system should be reported to the management body

Appropriate reporting to the management

Supervision of the Risk Management System

• The company is required to demonstrate to the supervisor that it has an effective risk management system which is:

– capable of identifying, monitoring and mitigating both current and future risks in line with its risk tolerance levels. Stress testing and scenario analysis can be used to determine the effect of these risks.

– an integral part of its business strategy

– subject to regular internal review by the management body

– proportionate to the nature, scale and complexity of its business

25

Supervision of the Risk Management System

• The disclosure to the supervisor could include:

– material risks and their potential effects– any perceived emerging risks to the company’s solvency position– the scope and nature of risk and capital measurement systems– the structure and organisation of the relevant risk and capital

management systems– details of organisational structure and staff responsible for the risk

management system– qualitative measures for risks which are not quantifiable, such as

liquidity risk and operational risk

26

Thank you …

Onur Acar, Ph.D.

Mapfre Genel Sigorta

Risk Manager