Bookmark Email Print page

Pillar II of Solvency II: is this your weakest link?

On 5 May 2009, the Council of Ministers formally ratified the framework Directive for Solvency II, which had been finally approved by the European Parliament in April. This ratification marked the end of the Level 1 (framework principles) phase of the Solvency II project to introduce a European-wide risk-based regulatory capital model for the supervision of insurance and reinsurance undertakings. The framework Directive indicates that this risk-based supervisory regime is to be implemented by 31 October 2012.

Solvency II is based on a three-pillar structure, where each pillar has equal importance and relates to and links with the other pillars, as shown below (click to enlarge):

Solvency II pillars diagram

By now, some insurance and reinsurance undertakings have been through the process of Pillar I through completion of Quantitative Impact Studies. Now is the time when undertakings should start to assess their governance and risk management system and prepare a plan to improve those systems to the extent they fall short of the Pillar II requirements.

Pillar II contains many elements that may necessitate structural, reporting and organisational changes in the undertaking. It deals with qualitative aspects of a company’s internal controls, risk management process and the approach to supervisory review.

It stresses the importance of corporate governance. Specifically, form corporate governance perspective, Pillar II requires undertakings to:

  • Demonstrate an adequate system of governance
  • Ensure persons responsible for key functions and overall direction of the undertaking meet the “fit and proper” requirements provided in the directive
  • Ensure it has in place:
    • a sound risk management system (including risk management function) that identifies and effectively manages potential risks facing the undertaking
    • Internal control system that at least includes administrative and accounting procedures, an internal control framework, appropriate reporting arrangements at all levels of the undertaking and a compliance function
    • An objective and independent internal audit function that evaluates the adequacy and effectiveness of the internal control system and other elements of the system of governance
    • An actuarial function that undertakes reserving, assessment of underwriting policy and reinsurance arrangements and contributes towards risk modelling and calculation of the capital requirements
    • Policies and procedures to ensure when a function or activity is outsourced, all the regulatory requirements are discharged
  • Perform Own Risk and Solvency Assessment (areas covered include processes, responsibilities, stress tests and results, overall solvency needs, financial condition, strategies for raising funds, internal assessment and results, frequency and content of internal reports)

Pillar II of Solvency II - qualitative

 Solvency II Pillar II

(Click above image to enlarge) Pillar II serves as a major link between Pillar I and Pillar III of Solvency II. It considers the extent to which the corporate governance structure is embedded in a company’s day to day operations and processes. It will have a direct impact on shareholders’ value as any weak governance system may lead to the Regulator imposing a capital add-on.

The Pillar II objectives of any company are to establish a sound governance system, document policy and procedures, embed control procedures into day to day processes, and develop an approach to Own Risk and Solvency Assessment (ORSA). Key steps that will enable an undertaking to achieve those objectives are as following:


Program Initiation

  • Assign a senior management individual/team to understand the requirements
  • Prepare a plan, allocate time and resources and agree on deadlines
  • Brief the Board of Directors and obtain Board buy-in

GAP Analysis

  • Understand risks and their interaction
  • Perform a gap analysis including assessment of own capabilities to handle the project
  • Identify areas/ resources where external help is required
  • Conduct a mapping exercise and review of documentation and processes to identify gaps

Implementation

  • Prepare a remedial plan to address gaps
  • Put in place the required resources
  • Implement plan
  • Test implemented procedures
  • Upgrade data and reporting system
  • Roll out staff training

Deloitte already supports a large number of undertakings in developing and delivering risk analysis and compliance programmes.

Our approach to a GAP analysis will generally involve the following (click to enlarge):

 Solvency II GAP analysis approach

A partnership with Deloitte
Deloitte has developed a Gap Analysis Toolkit to perform a multi-dimensional GAP analysis across the three pillars of the Solvency II Directive and classes of risks.

Our experience, from actuarial, audit and enterprise risk services coupled with our GAP analysis toolkit, helps our clients rapidly understand the important risk and compliance issues throughout their undertaking and develop the appropriate solutions.

We work with clients to develop the right partnership structure to suit our clients’ needs. We view this arrangement as a strategic option to help our clients deal with all of the Solvency II practical issues which need to be addressed to achieve a robust and healthy corporate governance structure that increase shareholders’ value by aligning the regulatory requirements with our clients’ strategic objectives.