200 likes | 413 Views
Regulatory Change and Enterprise Risk Management . Robert DiRico February, 2011 Philadelphia Actuarial Club. Topics. Regulatory Developments Dodd-Frank NAIC International – S2, Insurance Contracts, etc ERM Views of Risk Components of an ERM An ERM Framework.
E N D
Regulatory Change and Enterprise Risk Management Robert DiRico February, 2011 Philadelphia Actuarial Club
Topics • Regulatory Developments • Dodd-Frank • NAIC • International – S2, Insurance Contracts, etc • ERM • Views of Risk • Components of an ERM • An ERM Framework
Insurance Regulatory / Industry: Who’s Who • US insurance regulation • State-regulated w/ autonomous authority – consumer protection and insurer solvency • Companies must be domiciled in one state and licensed in others • States choose to work cooperatively through the NAIC • Federal Charter for Insurance – often discussed, little action • The ACLI is a lobbying entity for insurers to speak in ‘one voice’ in the insurance regulatory discussion: ‘what’s best for my company’ (LICONY is the NY only equivalent of the ACLI) • The AAA exists as the professional group for actuaries: ‘what is the appropriate professional standards for designation’ and ‘what is the correct answer’ • The SOA/CAS exists to provide the educational component for actuarial certification: ‘what should an actuary know’
Quick Review: Financial Crisis Response • ACLI – took the lead in developing a package of relief measures put forward to the NAIC • Included several reserve and RBC changes that saved companies millions in redundant or excessive charges • NAIC – very responsive to the ACLI requests • Worked hard to balance perception (how things looked to consumer groups) and reality (what the industry needed) • Overall the state regulatory framework responded well and companies, though weakened by the crisis (evidenced by the numerous rating agency downgrades), remained solvent
Dodd-Frank: Here come the Feds ! • The Dodd-Frank Wall Street Reform and Consumer Protection Act was signed into Law in July 2010 with the stated aim “To promote the financial stability of the United States by improving accountability and transparency in the financial system, to end "too big to fail", to protect the American taxpayer by ending bailouts, to protect consumers from abusive financial services practices, and for other purposes” • The Act requires hundreds of rulemakings and studies, along with the creation and merging of regulatory agencies in an effort to streamline the regulatory process. The Act: • changes the regulatory structure, creating a host of new agencies (while merging and removing others) to streamline the regulatory process, increasing oversight of specific institutions regarded as a systemic risk and promoting transparency • establishes rigorous standards and supervision to protect the economy and American consumers, investors and businesses, • ends taxpayer funded bailouts of financial institutions, • provides for an advanced warning system on the stability of the economy, • creates rules on executive compensation and corporate governance, and • eliminates the loopholes that led to the economic recession for certain investment vehicles. • Compels agencies to report to Congress on an annual (or biannual) basis, to present the results of current plans and to explain future goals.
NAIC: Principle Based Approaches (PBA) • Captures all of the benefits and guarantees associated with the contracts and their identifiable, quantifiable and material risks, including the ‘tail risk’ and the funding of the risks. • Utilizes risk analysis and risk management techniques to quantify the risks and is guided by the evolving practice and expanding knowledge in the measurement and management of risk. This may include, to the extent required by an appropriate assessment of the underlying risks, stochastic models or other means of analysis that properly reflect the risks of the underlying contracts • Incorporates assumptions, risk analysis methods and models and management techniques that are consistent with those utilized within the company’s overall risk assessment process. Risk and risk factors explicitly or implicitly included in the company’s risk assessment and evaluation processes will be included in the risk analysis and cash flow models used in the PBA. Examples of company risk assessment processes include economic valuations, internal capital allocation models, experience analysis, asset adequacy testing, GAAP valuation and pricing. • Permits the use of company experience, based on the availability of relevant company experience and its degree of credibility, to establish assumptions for risks over which the company has some degree of control or influence. • Provides for the use of assumptions, set on a prudent estimate basis, that contain an appropriate level of conservatism when viewed in the aggregate and that, together with the methods utilized, recognize the solvency objective of statutory reporting. • Reflects risks and risk factors in the calculation of reserves and capital that may be different from one another and may change over time as products and risk measurement techniques evolve, both in a general sense and within the company’s risk management processes.
NAIC Developments: Principle Based Efforts • Life PBR Field Testing – now ! • The Valuation Manual (VM) – standards, governance, disclosures, reporting • Annuity reserves (AG43) – completed for YE09; recent OW recommendations • Life reserves (VM20) – planned for YE14? • Fixed annuity reserves (VM22) – tbd • Health – tbd, perhaps not necessary • Typical structure: • Calculate a value based on a set of deterministic, defined assumptions done seriatim • Calculate a stochastic reserve based in part on company assumptions using modeled approaches that capture all identifiable, quantifiable and material risks • Hold the larger of the 2 • Risk Based Capital (RBC): • C3P2 (variable annuities) – completed for YE07 • C3P3 (life products) – YE11?
NAIC Developments: RBC • What is RBC – factor based insurance solvency measure begun in the early 90s to identify weakly capitalized companies for life, health and P&C co. • Asset / Interest rate risk • Underwriting / Claims / Mortality / Morbidity risk • Credit risk • Correlation adjustment • DTA (ACLI White Paper; AAA Report) • What are DTA – temporary differences between stat and tax basis • Old method – 1yr / 10% • Interim method – 3yr / 15% • Long term solution - tbd • CMBS: Commercial Mortgage Backed Securities – re-rated in ‘10 (Blackrock) • RMBS: Residential Mortgage Backed Securities – re-rated in 2009 (PIMCO) • Impact: 7.3B lower RBC and 50B lower RMBS holdings within the industry • MEAF – a factor applied in the RBC calculation related to mortgage defaults that a company experiences – large impact for small movement
ORSA / IRMA – Who are these people? • ORSA – Own Risk and Solvency Assessment Proposal • IRMA – Internal Risk Management Assessment • Emanates from the IAIS Insurance Core Principle 16 • Requires ERM Framework: • to ID and quantify risk under a wide range of outcomes • that is supported by detailed documentation and explanations • contains appropriate risk management policies and procedures • sets risk tolerance levels and limits for day to day ops • responsive to change in risk profile • ‘owned’ by the board with a routine ORSA and report • analyze and report on capital (EC, regulatory) requirements under stress • NAIC draft document dated Feb. 4, 2011
International Developments - SII • Solvency II (SII): a solvency framework developed within Europe with an implementation deadline of October 31, 2012 – it will be the method for determining local regulatory solvency for all European Insurance companies. • SII: objectives • Establish a principle based solvency system that is better matched to the true risks of an insurance company and is applied uniformly across the EU with the following goals • Ensure adequate policyholder protection; • Take account of recent developments in insurance activities, globalisation, risk management, financial methods and reporting; • Increase the supervisory process and to review the level of harmonization including supervisory powers and methods • Built on ‘Pillars’ • Pillar I - quantitative requirements for valuation and capital calculations • Pillar II - supervisory review • Pillar III - public disclosure requirements • QIS5 – the latest testing regime for SII • MS/OW model avg. results show increased volatility and decreased solvency ratios
Solvency II introduces an economic risk based approach to determining insurance capital requirements • A Solvency Capital Requirement (SCR) based a “1-in-200 year” confidence level • A Minimum Capital Requirement (MCR) represents a threshold below which policyholders are exposed to an unacceptable degree of risk, and forced supervisory intervention. • Increasing supervisory powers (“ladder of intervention”) between SCR and MCR ASSETS LIABILITIES Free surplus Available Financial Resources (“Own Funds”) SCR Ladder of intervention MCR Market Value of Assets • “Own Funds” based on market consistent valuation of assets and liabilities, with some restrictions on types of Capital Market Value of Liabilities (“Technical Provisions”) Banking - Investments - Life Insurance - Retirement Services
International Developments – IASB/FASB Insurance Contracts ED • The proposed changes would replace FAS 60, FAS 97, FAS 120 and FAS 113 and a dozen other statements of US GAAP guidance, as the primary guidance and a key measurement model by which insurance companies manage their businesses and establish actuarial models for valuation • Increased earnings volatility due to insurance liabilities valued ‘close’ to fair value with changes reported through the performance statement each period • Greater transparency and exposure of the full business portfolio due to increased disclosure requirements at a more granular level • Will impact product design, reporting processes/systems and internal controls • Key dates • July 2010: IASB ED released (comment period ends Nov. 30 2010) • Sept. 2010: FASB discussion paper released (3mo. comment period) • Dec. 2011: IASB deadline for new standard – pushed back to allow FASB to complete their exposure draft to continue towards convergence (2/9/11) • 2014: IASB tgt. implementation date (changes recorded to 2012 opening retained earnings with restatement of 2012 and 2013 earnings likely)
International Developments – Hot Topics • Supervision of Insurance Groups: • The ability to assess the solvency of an insurance group not just an individual company • One key issue is diversification • Requires multi-country cooperation for the review • US equivalence – recognition of US regulatory solvency structure • In order for the US to be treated as an ‘equivalent’ solvency system, certain criteria must be met • Our 50 state system presents challenges to these criteria • One critical step is that our current RBC system must be calibrated to the SII VaR methodology – showing an ‘equivalent’ risk based system • If equivalence is not granted then US subs of EU companies would need to hold capital based on S2 model - implications
PBA vs. S2 • Review of Solvency II with the current US effort towards PBA • Some US regulators see a strong correspondence between the 2 systems, but most see continuing key differences • There is currently an uncertainty about how those key differences may or may not get resolved. • The NAIC currently has a Solvency Modernization Initiation (SMI) that is a high priority project for the next several years • Part of the purpose of this project is to assess the current US regulatory structure, understand the direction of Solvency II and develop recommendations for revisions to the US framework • Currently, statutory accounting is very different than SII, or any market or economic based valuation system. • But our ability to pay dividends to investors is based on statutory accounting and capital. Also, tax accounting tends to be derived from statutory. • So whatever happens, statutory accounting will be critical to us. Banking - Investments - Life Insurance - Retirement Services
Typical Insurance Company Risks ‘Traditional’ Today • Economic risks • Interest rate changes • Equity movements • Currency translation • Liquidity • Operational risk - Fraud - Model Risk • Continuance - Disaster Recovery • Human error - Reputational • Business risk: • Mortality / Morbidity / Policyholder behavior • Regulatory risk • Counterparty / Credit risk • Unstable equity markets • Falling interest rates • Inverted yield curves • Double digit unemployment • Global instability • Oil prices • Environmental concerns • Population growth and aging • Wealth gap • Poverty
Key Components of an ERM Structure • Clear, strong reporting line - CRO, Board level reporting structure • Clearly defined risk appetite/tolerance/limits – the ‘foundation of solid ERM’ • Balanced / flexible approach – no one ‘view’ dominates • Alignment – must impact compensation • Standards of Practice – providing guidance, limits, etc. • Reporting metrics: must decide which are important – Risk Dashboards • stat earnings; gaap earnings; at-risk measures: earnings, capital; embedded value; value of new business; market consistent; return on investment/equity • Reporting tools – reports, systems, process • Risk mitigating tools • hedging; reinsurance; collateralization; securitization; other financial derivatives and asset alternatives • Reports needed to measure risk and exposure as well as defined action points • Qualified Risk Managers
Organization • Governance • Roles and Responsibilities • Skills and Experience • Culture Strategy • Goals and Objectives • Scope and Definitions • Risk Appetite Process • Risk identification • Risk quantification • Risk mitigation options • Solution implementation • Monitor and Report Management • Leadership • Communication • Involvement ERM Components Put into a Framework Tools
Events Impact Exposure Controls Manage Frequency Controls Manage Severity Human Assets External Factors Insurance Physical Assets Market Financial Assets Credit Internal, Operating Factors Business Intellectual Property Operational Reputation Relationships ERM: A Pictorial Summary
Current ING Risk Governance Framework ING’s risk governance framework Risk appetite 1st line of defense Business 2nd line of defense Risk 3rd line of defense Internal audit Risk strategy • Business line managers have primary responsibility for day to day risk management.. • ..and bear the consequences of losses • In the case of products, responsible for appropriate design and pricing • Formulate high-level policies, limits, risk appetite • Provide oversight, challenge and support to optimise the risk/reward trade-off • In the case of products, ensure adherence to relevant pricing and product design requirements • Assurance of the overall effectiveness of internal controls 3 lines of defense Governance Value creation / risk taking Execution Alignment between risks taken and the Group risk appetite 20