|"Tired and Emotional" - European |
Insurance industry in 2013
They have kindly summarised the changes made since their 2011 version of the same manual on p9, which focus on accounting basis, scope (for groups) and ensuring certain year-on-year changes are appropriately flagged.
|Generic ORSA content - what|
regulators "really really want"?
That said, a recent Towers Watson survey suggested that there is still plenty of work to be done and staff to be hired in order to get with their ORSA programme.
The NAIC clarify that the US ORSAs are expected to be conducted no less than annually, with insurers documenting the process and results. After that, a high level "ORSA Summary Report" is to be submitted to the lead/state regulator once a year, which "should contain";
- Description of the Risk Management Framework
- Assessment of Risk Exposure (we would read as "risk profile" from what I can see)
- Assessment of Risk Capital and prospective solvency
The Manual states that "[it] is intended to provide guidance for completing each section of the ORSA Summary Report", which should therefore make the job a doodle!
Some interesting bits jump out, not necessarily in contrast to reported/observable differences from the EU approach, more the fact that they are specified in the manual rather than taken as given;
- Chief Risk Officer/executive head of ERM Framework must sign the ORSA Summary Report
- Timing of supervisory reporting may move to match up to strategic planning cycle of an insurer
- Internal documentation expectations seemingly not as exhaustive as EU "repeatable by independent knowledgeable third party", simply to allow a more in-depth look at a given are at supervisor's request
DESCRIPTION OF RISK MANAGEMENT FRAMEWORK
- Specifies in principle what an "effective ERM Framework" comprises of (p18) - includes our old friends 'risk appetite', 'risk tolerance' and 'risk limits' in this, though they are isolated and defined in a passable manner on p25!
- Asks for various descriptive texts around processes
- Specifies that weaknesses/omissions found in the report here may change the supervisor's approach to the insurer!
ASSESSMENT OF RISK EXPOSURE
- Quantitative and/or qualitative assessments of risk exposure, in normal and stressed environments, for each "material" risk. Noticeably don't list Strategic/Frictional risks in the examples of "material" risk, though do mention Reputational risk as one for which "quantitative methods may not be well established"
- "Simple stress tests or more complex stochastic analyses" may be used in assessing the stressed environment
- Potential for supervisory intervention in the levels of stress assessed (in deterministic scenarios) or even parameters in the ESG (for firms with stochastic capability)
- On risk correlation, "History may provide some empirical evidence of relationships, but the future is not always best estimated by historical data" - not sure where that leaves everyone!
ASSESSMENT OF RISK CAPITAL AND PROSPECTIVE SOLVENCY
- Provide a non-exhaustive list of considerations that an insurer/group will need to cover when assessing the adequacy of capital over its business planning period, which touches on many of the areas prominent in the EU's work (time horizon of assessment, valuation basis, definitions of "Solvency")
- Defines that this part of the assessment should identify "...the capital needed within a holding company system to achieve its business objectives"
Is this the type of demi-prescription that the smaller EU insurers are looking for? Is it too much to ask for national regulators (Ireland a notable exception) to take a similar stab at communicating what they want to see?