In these cases, the insurer should make adjustments to the methodology, tool or resulting factor so that the ORSA results are appropriate for determining its own capital needs. When discrete methods e. To complement the assessment of individual risks, other tools e.
The appendix Supplementary Risk Considerations includes other considerations for relating risks to own capital needs. Once an insurer has determined its own capital needs, these initial results should be assessed to determine if they are appropriate in relation to external or third party capital expectations Footnote 7 , including OSFI's expectation that Internal Targets exceed Supervisory Targets Footnote 8.
In setting Internal Targets, an insurer should assess the adequacy of its Capital Resources for supporting its current risk profile, and enabling it to continue its current operations Footnote 9 in the normal course, under varying degrees of stress and under a wind-up scenario. Therefore, in addition to the process described above to determine an insurer's own capital needs, an insurer should also consider the impact of a range or series of adverse scenarios e.
As outlined in OSFI's Guideline A-4, while all insurers are expected to determine an Internal Target of total capital, life insurers are expected to also determine an Internal Target of core capital. Core capital should serve to reduce the likelihood of insolvency, both in normal times and during periods when the insurer is under stress. With respect to Canadian branches of foreign insurers, the determination and assessment of the composition of the margin of assets over liabilities may not include all of the same considerations that are relevant for determining and assessing the quality of capital instruments needed or issued by insurers if the branch does not raise capital within Canada.
However, the ORSA should include many of the same considerations with respect to the quality of the assets vested in trust in Canada and other assets under the control of the Chief Agent in Canada that support the liabilities in Canada and how these are recognized and valued for capital adequacy purposes.
The ORSA is a forward-looking process. It should be consistent with an insurer's strategic and business planning and should contemplate the potential adverse capital impacts over an insurer's planning horizon e. An insurer's ORSA process should be consistent with and linked to the enterprise risk management and other management processes. For example, quantifiable estimates of risks that are used for ORSA purposes should be consistent with or feed into the decision making process and, where appropriate, have other business uses.
The assessment of adequacy of capital should also consider the capital needed to support an insurer's longer term business strategies and, in particular, new business and planned growth. Considering this, an insurer should determine an appropriate level or range of capitalization at which it operates, set above its Internal Targets.
In determining an operating level, an insurer should consider the impact of future planned, foreseen and likely potential changes to its risk profile due to changes in its operations, its business strategy or its operating environment. For example, it should consider a series of varying adverse scenarios and, at a certain operating level, assess the insurer's ability to continue operating and not fall below its Internal Targets.
It should also evaluate whether long-run Internal Targets are consistent with short-run goals, and adjust its operating levels as appropriate; recognizing that accommodating additional capital needs or additional risk mitigants can require significant lead time. All material risks, including those that are difficult to quantify in the ORSA, should be subject to internal controls. An insurer should identify relevant countervailing measures and actions that could be taken to improve its solvency position, should it be negatively impacted by economic downturns or other stress events.
A sound risk management and oversight process should assist an insurer in performing an effective assessment of its own capital needs, in determining its Internal Targets and in assessing the adequacy of its current and likely future solvency position. In this context, the establishment of appropriate policies, procedures, systems, controls and personnel for identifying, analysing, assessing, monitoring and measuring its risk exposures can improve the quality and effectiveness of the ORSA.
The ORSA should assist the insurer in its risk assessment, risk management and planning by exploring and assessing potential threats to an insurer's capital and solvency positions. For example, the results of stress scenario tests should be used to identify actions that could be taken either to lessen the likelihood of such threats occurring or to mitigate the impact of an adverse scenario, should one actually occur. The ORSA should be performed on a regular basis so that it continues to provide relevant information for an insurer's management processes.
It should be clearly and formally documented in a report at least annually and more often if circumstances warrant, for example when there are changes to the insurer's risk profile or risk appetite. The ORSA report should contain sufficient information about the process, underlying principles, methodologies, key assumptions, key sensitivity information and overall results relative to the risk appetite, strategic and operational plans and capital management framework of the insurer.
An insurer's Senior Management should receive regular and timely reports on the insurer's risks and capital. These reports should allow Senior Management to:.
The monitoring and reporting process should take into account the current and forecasted business environments and should, consistent with the risk and capital adequacy assessment, be adjusted when appropriate so that capital remains adequate during periods when the insurer is under stress and through entire business cycles.
An insurer's internal control structure is essential to the quality of its ORSA. An insurer's Senior Management reviews the insurer's method for monitoring and reporting on compliance with internal policies as well as the system for assessing risks and for relating risks to the insurer's own capital needs. Senior Management should satisfy itself that the insurer's system of internal controls continues to be adequate for well-ordered and prudent conduct of business, including the quality of its ORSA process.
An insurer should conduct regular reviews of its ORSA process for integrity, accuracy, and reasonableness. Areas that should be reviewed include, among others:.
The objective review may be conducted by an internal or external auditor, by a skilled and experienced internal or external resource or by a skilled and experienced individual, who reports directly to or is a member of the Board. An objective reviewer should not be responsible for nor have been actively involved in the part of the ORSA that it reviews. For example, where the internal auditor is not otherwise involved in the process, the ORSA may be included in the internal audit plan so that it is covered within the audit cycle.
Footnote OSFI assesses capital adequacy at multiple levels. An insurer should have sufficient capital to meet Minimum and Supervisory Target regulatory capital, as well as sufficient capital to support its risk profile, i. State insurance regulators decided that additional capital assessments evaluating prospective solvency should be added to the system.
Pursuant to the ORSA Guidance Manual and the Risk Management and Own Risk and Solvency Assessment Model Act , the ORSA has two primary goals: 1 to foster an effective level of ERM at all insurers, through which each insurer identifies, assesses, monitors, prioritizes and reports on its material and relevant risk identified by the insurer, using techniques that are appropriate to support risk and capital decisions; and 2 to provide a group-level perspective on risk and capital, as a supplement to the existing legal entity view.
An insurer that is subject to the ORSA requirements is expected to: 1 regularly, no less than annually, conduct an ORSA to assess the adequacy of its risk management framework and current and estimated projected future solvency position; 2 internally document the process and results of the assessment; and 3 provide a confidential high-level ORSA Summary Report annually to the lead state commissioner if the insurer is a member of an insurance group and, upon request, to the domiciliary state regulator.
A majority of states have formally enacted Model , which was added as an NAIC accreditation standard in The NAIC estimates about reports will be filed every year, once all states have adopted Model , of which approximately will be at group level and at single-entity level.
Status: Pursuant to Model , large and medium-size U. The best practices are aimed at maintaining the confidentiality of a company's ORSA report during the course of coordinating with other states in connection with conducting financial analysis and financial examinations.
In effect, the process and resulting documentation, though based on a set of regulatory principles, are unique to every insurer.
As such, the ORSA cannot be implemented and fulfilled by simply generating a pre-formatted report or regulator template.
Given that ORSAs vary greatly from institution to institution, how is it defined? Figure 1 outlines the definitions used by three key regulatory bodies. Four common elements exist within the definitions that help guide insurance companies in developing their ORSA:. These regulatory regimes require insurers to produce an ORSA document. However, it is clear that ORSA is fundamentally an internal process relating to how an insurer assesses and manages risk and capital within their business.
However, to achieve this, insurers should already be tracking and collecting appropriate data during the calendar year.
It is perhaps worth noting that a major difference between the US and Europe is that NAIC does not specify the capital measure that should be used in ORSA, but instead gives freedom to the insurer to use whatever measure they think is appropriate.
Figure 2 is a global map with notes on ORSA regulations in various regions. As a unique process defined by each particular insurer, no predefined approach to ORSA exists. Each of the listed elements form the building blocks of the ORSA and may be customized to meet both internal business needs and external regulatory requirements:. The overview establishes the scope and coverage of the assessment, enabling insurers to implement an effective and demonstrable risk management framework.
Many insurers already have some form of enterprise risk management ERM system in place, which may need to be extended to cover the ORSA. In particular, analytical data quality and associated practices are important to address. The ORSA should be proportionate in its sophistication and depth to the nature, scale, and complexity of the business. The development of a risk management culture within the business is key. Figure 4 illustrates the five main components of a typical ERM system.
From a strategic and ORSA perspective, an insurer will have to define its risk profile, attitude, and tolerance. In many financial institutions, these factors already exist, but the ORSA will act as a catalyst to formalize and monitor them. Risk appetite and enterprise-level risk tolerance statements are critical to the effectiveness of a business. Once established, this element in turn will feed into the decision-making process.
It is also worth noting that rating agencies typically look for management to link significant changes in its risk profile with corresponding changes to their risk appetite or risk tolerance.
Insurers should identify all material, current, and foreseeable risks relevant to their business and include them in the ORSA. As best practice, insurers should consider adding risk types, such as model risk, strategic risk, reputational risk, commercial risks e. Typically, insurers adopt a small number e. In order to test the impact of event-driven and alternative economic scenarios on a given insurance portfolio, macroeconomic scenarios may be used over the business planning horizon.
An insurer must provide details of the calculation methods used in producing capital numbers and highlight the differences between the regulatory and economic capital numbers.
Methods of aggregation and diversification e. Validating capital models and assessing models is an important aspect of ORSA. Insurers should also perform reverse stress testing to identify and quantify those scenarios that could result in business failure, breach of economic solvency, breach of SCR and MCR, and other circumstances considered appropriate by senior management and the board.
Scenarios should reflect plausible events both severe and optimistic that may happen over the business planning projection period e.
It can be time-consuming to derive and quantify the impact of the scenarios. However, it is insightful to go through the process of discussing possible scenarios, their financial impacts, and possible management actions. It is important to note that the stress test program should be duly structured, validated, and documented.
The ORSA should include:. Many insurers will most likely also use additional ORSA indicators and targets in their strategic framework, for example, to set a minimum target for SCR coverage.
0コメント