Risk management function for IORPs

Scope of the Risk Management Function for IORPs
 

Full ORA process, including ORA policy, exercise and report

Operational risks

• Continuity, outsourcing, integrity, reputation, strategic, political and regulatory risks
• IT and data (eg GDPR, privacy and cyber risks)

Financial risks

• Investment risks, including: market, ALM, credit, liquidity and inflation
• Actuarial risks, covering: solvency, model, financing, selection and insurance
• ESG risks relating to the investment portfolio and their management

Own risk assessment (ORA)
 

The own-risk assessment is an exercise that must be performed at least every three years (or sooner following any significant change in the risk profile of the IORP). The full process consists of 3 parts:

• ORA policy. This covers the objectives of the ORA, the decision making process, timeline and ORA frequency. The ORA policy must be approved by the board of directors of the IORP.
• ORA exercise. This should include the analysis of the risks detailed, centered around actuarial, investment and operational risk. The effectiveness of risk management systems should also be considered, as well as the total financing needs of the IORP.
• ORA reporting. The results of the ORA exercise should be summarized in a report, providing an overall assessment of the risk management processes in place. The ORA report should be submitted to the board of directors, approved by them and then sent to the FSMA.

A tailored solution
 

Innovative out of the box solutions

We have extensive experience in risk modelling and can offer a range of best-in-class solutions. Our approach includes:

• Risk identification, including classification, prioritization and evaluation
• Risk reconciliation, agreeing the risks identified with the relevant stakeholders
• Risk allocation, ensuring the allocation and related accountability to the appropriate parties
• Determining residual risk and specifying the compensating controls in place
• Risk assessment and measurement, including reporting processes

ORA process

Full support on all stages of the ORA process including: ORA policy / governance, ORA exercise, ORA reporting, meetings with stakeholders and submission to the FSMA.

Bespoke requirements

In addition to our base set of solutions, we propose an approach tailored to your specific requirements. Examples of these include:

• Coordination with other functions (e.g. the actuary / actuarial function, internal auditor, compliance officer, chief risk officer)
• Integration with a multidisciplinary model approach, allowing for comparison with other functions such as non-financial risk, including operational and data risks
• Dedicated bespoke support within risk committee meetings, including in-depth analysis of any entity specific risks
• In-depth scenario and stress testing, focusing carefully on the entity specific risks identified
• Focus on specific operational risks facing pension funds, including:
  • Business continuity
  • Outsourcing and integrity
  • Reputation and strategy
  • Political and regulatory
  • IT and data

Our team
 

In order to provide a complete risk management solution, we have established a team specialized in offering risk advisory services to pension funds.

Our specialist risk management team consists of over 100 dynamic and talented professionals with a broad range of experience covering actuarial, financial and operational risk projects. This range of experience allows us to bring a holistic view to the risk management function, considering the overall risk profile from multiple perspectives and viewpoints.

In addition to our specific team, we also collaborate closely with other Deloitte specialists across the firm, leveraging the knowledge of Deloitte’s more than 4,000 professionals across Belgium.

Risk management function for IORPs