Reporting and audit under IPSA
So now we are into the next phase of IPSA. Provisional licenses have been issued and working towards full licence and initial reporting under the Regulations is a reality. For many companies the type of reporting required is different to anything they have previously experienced. While they are completing the solvency returns with input from their internal or external actuaries and their finance team, we have noted that there is no clear ownership of the reporting process and the process is not being documented so that it is repeatable and auditable.
This is consistent with our experience across a number of different industries. What we have observed is that the introduction of new regulatory reporting is often handled in an ad hoc manner. While this may be effective in the short-term it does not usually deliver a long term solution that is robust and provides the Board with the level of assurance they need to exercise proper governance.
If you are currently responsible for the solvency return for your company ask yourself the following questions to assess if you are creating a solution or a problem for the future:
- Have you tested the integrity of the model you are using?
- What is the source of the data used in the model? Has it been reconciled back to core financial or other systems?
- Have the key assumptions that support the relevant regulation disclosures been documented and signed off by the process owner?
- Is there a clear audit trail to allow an internal review and to facilitate audit?
- Is there a formal sign-off process by the Board and Management and does your timetable for reporting allow sufficient time for proper review?
IPSA is here to stay and the reporting obligations are not likely to go away any time soon. We recommend that these questions are considered as you work through the first regulatory returns and that you consider a review of your processes to provide assurance to your Board in respect of the accuracy and reliability of this reporting.
As with many new regulations the application of the assurance requirements hasn’t been without its challenges. We are aware that the RBNZ and the New Zealand Institute of Chartered Accountants has been in discussions regarding the requirement in the Solvency Standard for the licensed insurer to engage an auditor to undertake an audit of the annual solvency return. While progress has been made there is still uncertainty as to the level of assurance required. The discussion has focused primarily on whether the auditors’ assurance report should provide reasonable (positive assurance) or limited assurance (negative assurance) and the areas of the return on which assurance is required. In particular the level and nature of assurance in respect of the projected solvency calculation is still being discussed.
Until these matters have been resolved an interim solution has been reached whereby:
- Company directors to decide whether the level of assurance on the preparation of the Annual Solvency Return (i.e. excluding the Catastrophe Risk Capital Charge and Projected Solvency) in accordance with the Solvency Standard is reasonable or limited
- Company directors to decide whether limited assurance is provided over the calculation of the Catastrophe Risk Capital Charge in accordance with the methodology and assumptions stated by the appointed auditor or whether no assurance is provided at all.
- There is no assurance reporting on the Projected Solvency at this time.
Directors and their auditors should engage on this matter to determine the scope of the engagement as the choices made will likely have time and cost implication. Please contact us or your usual Deloitte advisor if you would like more information.