Docstoc

Coversheet - Lloyd's

Document Sample
Coversheet - Lloyd's Powered By Docstoc
					AGENT                                                                                                                   SYND. No.
Date
Completed by
Governance, Risk Management & Use
1. General governance requirements
2. Fit & proper
3. Risk Management
4. Internal control
5. Internal Audit
6. Actuarial Function
7. Outsourcing
8. Risk & business coverage
9. Use test
10. Model Governance
11. Model change policy
12. ORSA
Relevant S2 Documentation
EU Directive                         Articles 41; 42; 45; 46; 49; 50; 120

CEIOPS Advice                        DOC-29/09; 51/09; 48/09

Lloyds Detailed Guidance 2010        Section 1 (SOG); Section 2 (MSG); Section 9 (ORSA)

The “Requirements” listed in the following tables are summaries from the CEIOPS’ Advice blue pages. Agents are encouraged to read the Advice in its entirety.

Agents should use the following worksheets to explain for each section how the relevant Solvency II requirements are being met and detail the supporting evidence
available. They should also update for each section the RAG rating denoting the current status of that element in line with Lloyd's published expected progress. Please refer
to the 'Instructions' worksheet for more details.

Overall Comments
Guidance notes for completion of Evidence Templates
Notes below provide commentary around each of the columns on the individual template worksheets and set out what information should be completed by agents

Column Heading                                                  contents
Latest self-assessment score                                    At the top of each sheet is a drop down box to include the latest self assessment score submitted to Lloyds.

                                                                At the top of each sheet is a drop down box for agent RAG self assessment for that area. Please note that GREEN denotes that you
RAG                                                             are in line with Lloyd's expected progress; AMBER denotes that you are not far from where you should be at the present stage and that
                                                                the gap is relatively small; and RED denotes that gap is material

CEIOPS’ Advice                                                  Provides the reference number of the relevant Consultative Paper published by CEIOPS. No further completion necessary.

CEIOPS’ Advice Requirement                                      Sets out the specific CEIOPS requirements as contained in Level 2 material above. No further completion necessary.

                                                                Please use drop down box to detail progress made against requirement and whether it has been fully met at this stage - choice of Yes,
Has requirement been met
                                                                No or Partially.

                                                                Please complete free form box to provide a description of how requirement has been/will be met and an update on progress and any
Explain how final requirement has been met / progress to date
                                                                specific actions undertaken to meet Lloyd's recommendations or feedback.

                                                                Please complete free form box and list all evidence available to support a particular requirement and comments made in previous
Evidence available & Type
                                                                column on progress. Each piece of evidence should also be classified as Document, Process, System or People.

Date available                                                  Free form box to detail the date that each piece of evidence will be available for review.

                                                                Free form box to detail the specific individual within the Managing agent who is responsible for making each piece of evidence
Person responsible for making evidence available
                                                                available for review.
                                                                                                                                                                                               Latest self-assessment score               RAG
1. GENERAL GOVERNANCE REQUIREMENTS

                                                                                                                                                                                                                                              Person
CEIOPS’ Advice                                                                                                                      Has
                                                                                                                                              Explain how the final requirement has been met                                    Date      responsible for
    29/09                                               CEIOPS’ Advice Requirement                                              requirement                                                     Evidence available & Type
                                                                                                                                                            / progress to date                                                available   making evidence
    51/09                                                                                                                         been met
                                                                                                                                                                                                                                             available
3.29               Governance framework
                   Established, implemented and maintained, effective cooperation, internal reporting and communication
                   of information at all relevant levels
                   Established and maintained, adequate risk management, compliance, internal audit and actuarial
                   functions



3.29; 3.32; 3,34   Organisation structure and lines of responsibility
                   • Clear and well-defined organisational structure with well-defined, clear, consistent and documented
                   lines of responsibility across the organisation
                   • Clear reporting lines that ensure the prompt transfer of information to all persons who need it in a way
                   that enables them to recognise its importance
                   Each key function has an appropriate standing in terms of organisation structure
                   Policies on risk management, internal control, internal audit and outsourcing, clearly set out the
                   relevant responsibilities, goals, processes and reporting procedures to be applied
3.29               Adequacy of skills and experience of board and staff
                   • Board and senior management possess sufficient professional qualifications, knowledge and
                   experience in the relevant areas of business to give adequate assurance that collectively they are able
                   to provide sound and prudent management
                   • Personnel have the skills, knowledge and expertise necessary to discharge properly the
                   responsibilities allocated to them
3.29               Procedures for activities
                   • Personnel are aware of the procedures for the proper discharge of their responsibilities
                   • Performance of multiple tasks by individuals does not and is not likely to prevent the persons
                   concerned from discharging any particular function soundly, honestly and professionally
3.29; 3.30; 3.33   Procedures for decision-making
                   Established, implemented and maintained decision-making procedures
                   At least two persons effectively run the organisation (four eyes principle)
                   Personnel responsible for key functions have direct access to senior management
3.29               Adequacy of information systems
                   Established information systems that produce sufficient, reliable, consistent, timely and relevant
                   information concerning all business activities, the commitments assumed and risks exposed to
3.29               Adequacy of records and security of information
                   • Adequate and orderly records of business and internal organisation
                   • Safeguarded security, integrity and confidentiality of information
3.31               Conflicts of interest
                   Conflicts of interest identified and procedures established so that those involved with the
                   implementation of the strategies and policies understand where conflicts of interest could arise and
                   how these shall be addressed
3.35-3.36          Contingency plans
                   Contingency plans in place - communicated, tested and updated - for identified risks in areas
                   considered to be especially vulnerable
Article 41         Review system of governance
                   The system of governance is subject to regular internal review
                   Appropriate means, methods and powers for verifying emerging risks




                                                                                                                    1.GENERAL GOVERNANCE REQUIREMENTS                                                                                                       3
                                                                                                                                                                                                                                       Person
CEIOPS’ Advice                                                                                                                  Has
                                                                                                                                          Explain how the final requirement has been met                                 Date      responsible for
    29/09                                            CEIOPS’ Advice Requirement                                             requirement                                                    Evidence available & Type
                                                                                                                                                        / progress to date                                             available   making evidence
    51/09                                                                                                                     been met
                                                                                                                                                                                                                                      available
3.53-3.62        Remuneration policy
                 • An overall remuneration policy and practice in line with business and risk strategy, risk profile,
                 objectives, values, risk management practices, and long-term entity-wide interests and performance
                 • Transparent internally and adequately disclosed externally remuneration policy
                 Clear, transparent and effective governance structure around remuneration including oversight over
                 remuneration policy
                 Remuneration committee in line with nature, scale and complexity of activities
                 • Appropriately balanced fixed and variable components in relevant remuneration schemes
                 • Variable component based on assessment of both individual and collective performance
                 • Individual performance defined by financial and non-financial performance
                 • Performance measurement, as a basis for bonus awards, includes adjustment for current and future
                 risks
                 Payment of major part of significant bonus contains flexible, deferred component in line with nature and
                 time horizon of activities




                                                                                                                1.GENERAL GOVERNANCE REQUIREMENTS                                                                                                    4
                                                                                                                                                                                              Latest self-assessment score               RAG
2. FIT & PROPER

                                                                                                                                                                                                                                             Person
CEIOPS’ Advice                                                                                                                     Has
                                                                                                                                             Explain how the final requirement has been met                                    Date      responsible for
    29/09                                              CEIOPS’ Advice Requirement                                              requirement                                                     Evidence available & Type
                                                                                                                                                           / progress to date                                                available   making evidence
    51/09                                                                                                                        been met
                                                                                                                                                                                                                                            available
3.56; 3.59-3.62   Fit and proper policies and procedures for directors and senior staff

                  Documented policies and procedures to ensure that all persons subject to Article 42 are fit and proper

                  In addition to their qualifications that enable them to discharge their duties in their specific areas of
                  responsibility, senior management collectively are able to provide for sound and prudent management
3.57-3.58         Identification of business managers and key function holders
                  Supervisory authority notified of persons who effectively run the organisation and of other identified key
                  function holders




                                                                                                                                    2.FIT PROPER                                                                                                           5
                                                                                                                                                                                               Latest self-assessment score               RAG
3. RISK MANAGEMENT


                                                                                                                                                                                                                                              Person
                                                                                                                                    Has
CEIOPS’ Advice                                                                                                                                Explain how the final requirement has been met                                    Date      responsible for
                                                      CEIOPS’ Advice Requirement                                                requirement                                                     Evidence available & Type
    29/09                                                                                                                                                   / progress to date                                                available   making evidence
                                                                                                                                  been met
                                                                                                                                                                                                                                             available
                 An effective risk management system that has at least the following:

3.72             Risk management strategy and risk appetite

                 A clearly defined and well documented risk management strategy that includes the risk management
                 objectives, key risk management principles, general risk appetite and assignment of risk management
                 responsibilities across all the activities of the undertaking and is consistent with the undertaking’s
                 overall business strategy
3.72             Risk management policy
                 Adequate written policies that include a definition and categorisation of the material risks faced by the
                 undertaking, by type, and the levels of acceptable risk limits for each risk type, implement the
                 undertaking’s risk strategy, facilitate control mechanisms and take into account the nature, scope and
                 time horizon of the business and the risks associated with it
3.72             Risk management processes and procedures
                 Appropriate processes and procedures which enable the undertaking identify, assess, manage, monitor
                 and report the risks it is or exposed to
3.72             Risk management reporting

                 Appropriate reporting procedures and feedback loops that ensure information on the risk management
                 system, which is coordinated challenged by the risk management function is actively monitored
                 managed by all relevant staff and the administrative, management supervisory body;

                 Reports that are submitted to the administrative, management supervisory body by the risk
                 management function on the material faced by the undertaking and on the effectiveness of the risk
                 management system; and
                 A suitable own risk and solvency assessment (ORSA) process.
3.87-3.88        Underwriting and reserving procedures
                 Suitable processes and procedures are in place to ensure the reliability, sufficiency and adequacy of
                 both the statistical and accounting data to be considered both in the underwriting and reserving
                 processes.
                 All policies and procedures are established for underwriting are applied by all distribution channels of
                 the undertaking insofar as they are relevant for them.
3.89             Claims management procedures
                 Adequate claims management procedures which cover the overall cycle of claims: receipt,
                 assessment, processing and settlement, complaints and dispute settlement and reinsurance
                 recoverables.
3.102-3.106      ALM policies
                 The ALM framework not only recognises the interdependence between assets and liabilities but also
                 take into account any correlations of risks between different asset classes and any correlations
                 between different products and business lines.
                 Any off-balance sheet exposures are taken into account.
                 Written ALM policies that especially take into account the interrelation with different types of risks, such
                 as market risks, credit risks, liquidity risks and underwriting risks, establish ways to manage the
                 possible effect of options embedded in the insurance products.

                 The ALM policies at least provide for:
                 a) A structuring of the assets that ensures the undertaking holds sufficient cash and diversified
                 marketable securities of an appropriate nature, term and liquidity to meet its obligations, including
                 obligations to pay bonuses to policyholders, as they fall due;
                 b) A plan to deal with unexpected cash outflows, or changes in expected cash in- and outflows; and
                 c) The identification of mitigation techniques and their impact on embedded options, and the
                 assessment of the possible effects these can have throughout the life of the insurance policies and/or
                 reinsurance contracts.

                 ALM policies are tailored to the needs of different products and business lines and combine the ALM
                 policies appropriately in order to optimise the overall ALM management.
3.130-3.134      Investment policies
                 Defined investment policy in line with what a competent, prudent and expert manager would apply in
                 order to pursue the investment strategy.




                                                                                                                                 3.RISK MANAGEMENT                                                                                                          6
                                                                                                                                                                                                                                            Person
                                                                                                                                     Has
CEIOPS’ Advice                                                                                                                                 Explain how the final requirement has been met                                 Date      responsible for
                                                       CEIOPS’ Advice Requirement                                                requirement                                                    Evidence available & Type
    29/09                                                                                                                                                    / progress to date                                             available   making evidence
                                                                                                                                   been met
                                                                                                                                                                                                                                           available
                 The investment policy takes into account the undertaking’s business, its overall risk tolerance levels,
                 the solvency position and the long-term risk versus performance requirements and its underlying
                 exposure (gross and net of offsetting transactions).
                 When derivative products or any other financial instrument with similar characteristics, such as asset-
                 backed securities, collateralised debt obligations or hedge funds, are used, the investment policy takes
                 into account the goals and strategies of their use and the way they contribute to an efficient portfolio
                 management as well as procedures to evaluate the strategy to use these types of products and the
                 principles of risk management to be applied.
                 The policy on investment the undertaking also considers how to prudently manage liquidity risk in the
                 short as well as in the medium and long term, taking into account the investment strategy, overall
                 underwriting strategy and claims management strategy.

                 The investment policy includes internal quantitative limits on assets or exposures, including off-balance
                 sheet exposures, taking into account each type of asset considered eligible by the undertaking.
3.135            Investment procedures
                 Special management, monitoring and control procedures are established, in particular in relation to
                 investments that are not quoted in a market and to complex structured products.
3.142-3.143      Liquidity contingency plan
                 Sound liquidity management practices which cover both short term and long term considerations and
                 include stress tests and scenario analyses.
                 A liquidity contingency plan that includes
                 a) The continuous monitoring of the undertaking’s debt position and analysis of the undertaking’s debt
                 capacity;
                 b) The identification of the available financing options, including reinsurance the negotiation of credit
                 lines, committed borrowing facilities and intra-group financing;
                 c) A regular review and testing of these options, both in normal and adverse situations.
3.151-3.152      Concentration risk procedures
                 Defined sources of risk concentration relevant for held portfolios.
                 Use of internal limits, thresholds or similar concepts that are appropriate with regard to their overall risk
                 management.
                 Adequate procedures and processes for the active monitoring and management of concentration risk
                 ensuring that it stays within established policies and limits and mitigating actions can be taken as
                 necessary.
                 The monitoring of concentration risk includes an analysis of possible contagion lines.
3.166-3.169      Operational risk procedures
                 A well-documented assessment and management system for operational risk, with clear
                 responsibilities assigned.
                 Senior management are aware of the major aspects of operational risks, as a distinct risk category,
                 which are managed, and approve, oversee implementation and regularly review the operational risk
                 management framework.
                 Implemented an effective process to regularly identify, document and monitor exposure to operational
                 risk and track relevant operational risk data, including near misses.
                 The operational risk management framework is closely integrated into the risk management processes.
                 Its output must be an integral part of the process of monitoring and controlling the operational risk
                 profile.
3.181-3.183      Reinsurance strategy and procedures

                 Adequate procedures and processes for the selection of suitable reinsurance programs. The level of
                 sophistication for these processes and procedures is proportionate to the nature, scale and complexity
                 of the risks and to the capabilities to manage and control the risk mitigation technique used.




                                                                                                                                  3.RISK MANAGEMENT                                                                                                       7
                                                                                                                                                                                                                                           Person
                                                                                                                                    Has
CEIOPS’ Advice                                                                                                                                Explain how the final requirement has been met                                 Date      responsible for
                                                      CEIOPS’ Advice Requirement                                                requirement                                                    Evidence available & Type
    29/09                                                                                                                                                   / progress to date                                             available   making evidence
                                                                                                                                  been met
                                                                                                                                                                                                                                          available

                 The reinsurance management strategy has regard to the following considerations:
                 a) Identification of the level of risk transfer appropriate to the approach to risk;
                 b) What types of reinsurance arrangements are most appropriate to limit risks to the insurance risk
                 profile;
                 c) Principles for the selection of reinsurance counterparties;
                 d) Procedures for assessing the creditworthiness and diversification of reinsurance counterparties;
                 e) Procedures for assessing the effective risk transfer;
                 f) Concentration limits for credit risk exposure to reinsurance counterparties and appropriate systems
                 for monitoring these exposures; and
                 g) Liquidity management to deal with any timing mismatch between claims’ payments and reinsurance
                 recoveries.

                 The following principles are considered taking into account the requirements and guidelines set out in
                 CEIOPS’ Level 2 Advice on Special Purpose Vehicles:
                 a) The fully funded requirement is actively through the system of governance;
                 b) Any remaining risk from the SPV is fully taken into account through the risk management system
                 and also taken into account within the calculation of regulatory capital requirements.
3.188-3.190      Financial risk mitigation
                 Financial risk mitigation techniques are only used where it is appropriate to do so as part of an overall
                 risk management policy and reinsurance management strategy, where both qualitative and quantitative
                 features are appropriately considered.
                 Financial risk mitigation techniques are not applied with the primary aim of achieving a reduction of an
                 undertaking’s SCR, but are applied as part of the broader risk management system, having regard to
                 desired risk profiles, assumed and retained, both in benign and in stressed situations. This is assessed
                 as part of their ORSA.

                 Assessment of which type of financial mitigation technique is appropriate according to the nature of the
                 risks assumed and the capabilities to manage and control the risks associated with that technique.
3.198-3.199      Credit risk procedures
                 The process of risk management is capable of identifying, measuring and mitigating any credit risk in
                 relation to internally defined limits.
                 Regular appropriate and proportionate monitoring processes that alert changes in individual credit
                 ratings as well as credit portfolio risk and capable of evaluating relevant parameters like probabilities of
                 default even where exposures are unrated.
                 Exposure to speculative grade assets is prudent and capability of hedging credit risk from larger credit
                 risk exposures, e.g. via derivatives to protect against a protracted fall in credit quality or turn in the
                 credit cycle.




                                                                                                                                 3.RISK MANAGEMENT                                                                                                       8
                                                                                                                                                                                                                                    Person
                                                                                                                             Has
CEIOPS’ Advice                                                                                                                         Explain how the final requirement has been met                                 Date      responsible for
                                                     CEIOPS’ Advice Requirement                                          requirement                                                    Evidence available & Type
    29/09                                                                                                                                            / progress to date                                             available   making evidence
                                                                                                                           been met
                                                                                                                                                                                                                                   available
3.220-3.222      Risk management function
                 Risk management function embedded in the organisational structure and organised associated
                 reporting lines in a manner which ensures that the function is objective and free from influence from
                 other functions and senior management.

                 The tasks of the risk management function include:
                 a) Assisting senior management and other management in the effective operation of the risk
                 management system, in particular by performing specialist analysis and performing quality reviews;
                 b) Monitoring the risk management system;
                 c) Maintaining an organisation-wide and aggregated view on the risk profile; and
                 d) Reporting details on risk exposures and advising senior management with regard to risk
                 management matters in relation to strategic affairs like corporate strategy, mergers and acquisitions
                 and major projects and investments; and
                 e) Identifying and assessing emerging risks.

                 The risk management function is responsible for the way in which an internal model is integrated with
                 the internal risk management system and the day-to-day functions. It assesses the internal model as a
                 tool of risk management and as a tool to calculate the undertaking’s SCR.




                                                                                                                          3.RISK MANAGEMENT                                                                                                       9
                                                                                                                                                                                                  Latest self-assessment score               RAG
4. Internal control

                                                                                                                                                                                                                                                 Person
                                                                                                                                       Has
CEIOPS’ Advice                                                                                                                                   Explain how the final requirement has been met                                    Date      responsible for
                                                        CEIOPS’ Advice Requirement                                                 requirement                                                     Evidence available & Type
    29/09                                                                                                                                                      / progress to date                                                available   making evidence
                                                                                                                                     been met
                                                                                                                                                                                                                                                available
3.254-3.255      Internal control policy
                 Internal control system secures compliance with applicable laws and regulations and the effectiveness
                 and efficiency of operations in view of its objectives as well as the availability and reliability of financial
                 and non-financial information
                 A suitable control environment, appropriate control activities, effective information and communication
                 procedures and adequate monitoring mechanisms are in place
3.256-3.258      Compliance plan
                 Compliance function is able to communicate on its own initiative with any staff member and to obtain
                 access to any records necessary to allow it to carry out its responsibilities
                 A compliance plan that sets out intended compliance activities and that ensures that all relevant areas
                 are appropriately covered in line with their risk to compliance
                 Major compliance problems are reported by the compliance function to senior management




                                                                                                                                    4.INTERNAL CONTROL                                                                                                         10
                                                                                                                                                                                             Latest self-assessment score               RAG
5. Internal AUDIT

                                                                                                                                                                                                                                            Person
                                                                                                                                  Has
CEIOPS’ Advice                                                                                                                              Explain how the final requirement has been met                                    Date      responsible for
                                                      CEIOPS’ Advice Requirement                                              requirement                                                     Evidence available & Type
    29/09                                                                                                                                                 / progress to date                                                available   making evidence
                                                                                                                                been met
                                                                                                                                                                                                                                           available
3.276-3.278      Internal audit policy

                 To ensure its independence from the organisational activities audited, the internal audit function carries
                 out its assignments with impartiality.
                 The internal audit function is able to exercise its assignments on its own initiative in all areas.
                 It is free to express its opinions and to disclose its findings and its appraisals to senior management.


                 The internal audit function has complete and unrestricted right to obtain information which includes the:
                 - prompt provision of all necessary information,
                 - availability of all essential documentation, and
                 - ability to look into all activities and processes
                 relevant to the discharge of its responsibilities, as required in the performance of its tasks, as well as
                 having direct communication with any member of staff

                 Every activity and unit falls within scope of the internal audit function to ensure its effectiveness.
                 The function draws an internal audit plan to determine its future auditing actions, taking a risk-based
                 approach in deciding its priorities
3.279            Internal audit report
                 The internal audit function at least annually produces a written report on its findings which is submitted
                 to senior management.
                 The report covers at least any deficiencies with regard to the efficiency and suitability of the internal
                 control system, as well as major shortcomings with regard to the compliance with internal policies,
                 procedures and processes.
                 It includes recommendations on how to remedy inadequacies and also specifically addresses how past
                 points of criticism and past recommendations have been implemented.




                                                                                                                                 5.INTERNAL AUDIT                                                                                                         11
                                                                                                                                                                                              Latest self-assessment score               RAG
6. actuarial function

                                                                                                                                                                                                                                             Person
                                                                                                                                   Has
CEIOPS’ Advice                                                                                                                               Explain how the final requirement has been met                                    Date      responsible for
                                                      CEIOPS’ Advice Requirement                                               requirement                                                     Evidence available & Type
    29/09                                                                                                                                                  / progress to date                                                available   making evidence
                                                                                                                                 been met
                                                                                                                                                                                                                                            available
3.331-3.338      Technical provisions
                 The actuarial function has access to the appropriate resources and information systems that provide all
                 necessary information, relevant for the discharge of its responsibilities.


                 In coordinating the calculation of the technical provisions the actuarial function at a minimum:
                 • applies methodologies and procedures to assess the sufficiency of technical provisions ensuring that
                 their calculation is consistent with the underlying principles;
                 • assess the uncertainty associated with the estimates;
                 • produces judgement whenever this is needed, making use of appropriate information and experience
                 of the persons that are in charge of the function;
                 • ensures that problems related to the calculation of technical provisions arising from insufficient data
                 quality are dealt with appropriately and that, where it is impracticable to apply common methods of
                 calculating technical provisions because of insufficient data quality, the most appropriate alternatives to
                 common methods are found, taking into consideration the principle of proportionality;
                 • ensures that homogeneous risk groups for an appropriate assessment of the underlying risks are
                 identified;
                 • consults relevant market information and ensures that it is integrated into the assessment of technical
                 provisions;
                 • compares and justify any material differences among the estimates for different years; and
                 • ensures that an appropriate assessment of options and guarantees embedded in liabilities is
                 provided.
                 In order to ensure the appropriateness of the underlying methodologies and models used in the
                 calculation of the technical provisions, the actuarial function not only has to assess the general
                 suitability of the methodology or underlying model for the calculation of technical provisions as such,
                 but also has to decide whether they are appropriate for the specific lines of business of the
                 undertaking, for the way the business is managed and for the available data.

                 While assessing the sufficiency and quality of the data used in the calculation of the technical
                 provisions, the actuarial function has regard to the objectivity, reasonability and verifiability of
                 management actions included in the calculation of technical provisions. It shall also assess whether
                 information technology systems used in actuarial procedures sufficiently support these procedures.
                 The comparison of the best estimates against experience requires the actuarial function to assess
                 whether past best estimates have proved sufficient and to use the insights gained in this assessment
                 to improve the quality of present best estimate calculations.
                 This analysis also includes comparisons between observed values and the assumptions used in the
                 calculation of technical provisions in order to produce conclusions on the appropriateness of the data
                 used and the methodologies applied on their estimation.
                 Informing the administrative, management or supervisory body of the reliability and adequacy of the
                 calculation of the technical provisions is not limited to expressing an opinion on these points, including
                 on the degree of uncertainty about the ultimate outcome and the circumstances that might lead to a
                 significant deviation from the provisions made. The actuarial function must set out how it arrived at its
                 opinion and clearly state and explain any concerns it may have as to the technical provisions being
                 sufficient.
                 The actuarial function oversees when a case-by-case approach to the calculation of technical
                 provisions shall be followed, that is, when there is not sufficient quality of data to apply a reliable
                 actuarial method. Also, it produces judgement to establish assumptions and to safeguard the accuracy
                 of the results.




                                                                                                                               6.ACTUARIAL FUNCTION                                                                                                        12
                                                                                                                                                                                                                                         Person
                                                                                                                                  Has
CEIOPS’ Advice                                                                                                                              Explain how the final requirement has been met                                 Date      responsible for
                                                      CEIOPS’ Advice Requirement                                              requirement                                                    Evidence available & Type
    29/09                                                                                                                                                 / progress to date                                             available   making evidence
                                                                                                                                been met
                                                                                                                                                                                                                                        available
3.339            Underwriting policy
                 Regarding the overall underwriting policy, the opinion to be expressed by the actuarial function at least
                 includes the following issues:
                 a) Sufficiency of the premiums to cover future losses, notably taking into consideration the underlying
                 risks (including underwriting risks), the impact of expenses directly associated with future claims and of
                 unallocated loss adjustment expenses and the impact of embedded options and guarantees on future
                 liabilities; and
                 b) Considerations regarding inflation, legal risk, change of mix, anti-selection and adequacy of bonus-
                 malus system(s) implemented in specific line(s) of business.
3.34             Reinsurance arrangements

                 Regarding the overall reinsurance arrangements, the opinion to be expressed by the actuarial function
                 includes an opinion on the adequacy of the significant reinsurance arrangements as well as expected
                 cover under stress scenarios in relation to the underwriting policy and the adequacy of the calculation
                 of the technical provisions arising from reinsurance.
3.341-3.343      Report to Board
                 In order to be able to provide its opinions free from influence from other functions and the
                 administrative, management or supervisory body, the actuarial function is constituted by persons who
                 have a sufficient level of independency.
                 In forming and formulating its own actuarial view the actuarial function is objective and free from
                 influence of other functions and the administrative, management or supervisory body.
                 The actuarial function at least annually produces written reports to be submitted to the administrative,
                 management or supervisory body. The reports document the tasks that have been undertaken, clearly
                 state any shortcomings identified and give recommendations as to how the deficiencies could be
                 remedied.




                                                                                                                              6.ACTUARIAL FUNCTION                                                                                                     13
                                                                                                                                                                                             Latest self-assessment score               RAG
7. outsourcing

                                                                                                                                                                                                                                            Person
                                                                                                                                  Has
CEIOPS’ Advice                                                                                                                              Explain how the final requirement has been met                                    Date      responsible for
                                                      CEIOPS’ Advice Requirement                                              requirement                                                     Evidence available & Type
    29/09                                                                                                                                                 / progress to date                                                available   making evidence
                                                                                                                                been met
                                                                                                                                                                                                                                           available
3.376-3.77       Outsourcing policy
                 Outsourcing policy includes considerations of the impact of outsourcing on business and the reporting
                 and monitoring arrangements to be implemented in case of outsourcing. The policy is regularly
                 assessed and updated with any necessary changes implemented
                 Outsourcing policy takes into account service providers that are members of the same group
3.378-3.382      Outsourcing agreements

                 When choosing a service provider for any critical or important function, these necessary steps are
                 undertaken:
                 • A detailed examination is performed of the potential service provider’s ability and capacity to deliver
                 the required functions or activities satisfactorily, taking into account the undertaking’s objectives and
                 needs;
                 • The service provider has adopted all means to ensure that no explicit or potential conflict of interests
                 with the undertaking impairs the needs of the outsourcing undertaking;
                 • It enters into a written agreement with the service provider which clearly allocates the respective
                 rights and obligations of the undertaking and the service provider;
                 • The general terms and conditions of the outsourcing agreement are authorised and understood by the
                 undertaking’s administrative, management or supervisory body;
                 • The outsourcing does not represent a breach of any data protection regulation or any other laws; and
                 • The service provider subjects to the same provisions that are applicable to the undertaking regarding
                 the safety and the confidentiality of
                 the information related to its clients.


                 The written agreement with the service provider clearly states the following requirements:
                 • The duties and responsibilities of both parties involved;
                 • The service provider’s commitment to comply with all applicable laws, regulatory requirements and
                 guidelines and to cooperate with the undertaking’s supervisors in connection with the outsourced
                 function or activity;
                 • The service provider discloses any developments that may have a material impact on its ability to
                 carry out the outsourcing, including any adverse effect from new laws or regulations introduced in its
                 home country and any material changes to its financial resources or its risk profile;
                 • That the service provider can only terminate the contract with a period sufficiently long to enable the
                 undertaking to find an alternative solution;
                 • That the undertaking has the right to terminate the arrangement for the outsourcing with a reasonable
                 period of notice if for any reason the services rendered shall prove to be inadequate;
                 • That the undertaking reserves the right to information about the outsourced activities and the service
                 provider’s performance of the outsourcing as well as a right to issue general guidelines
                 and individual instructions as to what is to be taken into account when performing the
                 outsourced functions or activities;
                 • That the service provider shall protect any confidential information relating to the undertaking
                 and its clients;
                 • That the undertaking, its external auditor and the supervisory authority competent for its
                 supervision will have effective access to all information related to the outsourced functions or
                 activities, as well as to the service provider’s business premises if an on-site inspection or audit is to
                 be performed; and
                 • That the supervisory authority has the right to directly address questions to the service provider.




                                                                                                                                  7.OUTSOURCING                                                                                                           14
                                                                                                                                                                                                                                        Person
                                                                                                                                 Has
CEIOPS’ Advice                                                                                                                             Explain how the final requirement has been met                                 Date      responsible for
                                                      CEIOPS’ Advice Requirement                                             requirement                                                    Evidence available & Type
    29/09                                                                                                                                                / progress to date                                             available   making evidence
                                                                                                                               been met
                                                                                                                                                                                                                                       available


                 To ensure against an undue increase of operational risk, when outsourcing critical or important
                 functions or activities, it is:
                 • verified that the service provider has adequate financial resources to take on the additional tasks the
                 undertaking plans to transfer and to properly and reliably perform its duties towards the undertaking
                 and that the staff of the service provider is chosen on the basis of criteria that give reasonable
                 assurance that they are sufficiently qualified and reliable;
                 • verified that the service provider properly isolates and identifies the information, documentation and
                 assets belonging to the undertaking and its clients in order to protect their confidentiality; and
                 • ensured that the service provider has adequate contingency plans in place to deal with emergency
                 situations or business disruptions and has periodic testing of backup facilities where that is necessary
                 having regard to the function, service or activity outsourced.




                                                                                                                                 7.OUTSOURCING                                                                                                        15
                                                                                                                                                                                                  Latest self-assessment score               RAG
8. risk & business coverage

                                                                                                                                                                                                                                                 Person
                                                                                                                                       Has
CEIOPS’ Advice                                                                                                                                   Explain how the final requirement has been met                                    Date      responsible for
                                                        CEIOPS’ Advice Requirement                                                 requirement                                                     Evidence available & Type
    48/09                                                                                                                                                      / progress to date                                                available   making evidence
                                                                                                                                     been met
                                                                                                                                                                                                                                                available
5.220-5.225      Scope of internal model

                 On the basis of the criteria given (coverage, resolution, congruence, consistency) evidence is provided
                 that the ability of the internal model to rank risk is sufficient to ensure that it is widely used in and plays
                 an important role in the system of governance, in particular the risk management system, decision-
                 making processes and capital allocation as described in the use test.

                 It is demonstratable that the internal model covers all material, quantifiable risks within its scope by
                 using a set of qualitative and quantitative risk indicators.
                 As a minimum, quantitative risk indicators are used, which correspond to the level of policy holder
                 protection as set out in Article 101 and any other quantitative risk indicator used in its risk management
                 or decision-making processes for the risk category under consideration.
                 In addition, the set of quantitative risk indicators include one or more of the following:
                 • the capital allocated to the risks under consideration; and
                 • the amount of profits and losses which cannot be explained by the categorisation of risk chosen in the
                 internal model; and
                 • any validation tool such as sensitivity analysis, stress testing, scenario analysis or testing against
                 experience.
                 The set of qualitative risk indicators include one or more of the following:
                 • the existence of dedicated risk management processes for individual risks;
                 • the existence of dedicated risk mitigation;
                 • the identification of this risk in the ORSA;
                 • the inclusion in the report by the risk management function to the administrative, management or
                 supervisory body on the material risks faced by the undertaking.
5.221            Mapping of modelled risks to the risk register
                 The following interpretation is given for the four criteria:
                 • Coverage: The risk-ranking ability shall exist for all material risks covered by the internal model.
                 • Resolution: The differentiation between the various risks and risk drivers has to be sufficiently precise
                 to allow senior management to take appropriate decisions.
                 • Congruence: The structure of different kinds of risk-ranking reflects the structure of risks or risk
                 categories and the risk management system.
                 • Consistency: Risks of a similar nature are ranked consistently throughout the undertaking and over
                 time. The overall risk ranking shall be reconciled with the capital allocation.
5.226            Explanation regarding all risks not captured
                 When assessing the coverage of all material risks, due consideration has been given to the joint
                 impact of risk factors that have been omitted, including their dependencies.




                                                                                                                              8.RISK AND BUSINESS COVERAGE                                                                                                     16
                                                                                                                                                                                          Latest self-assessment score               RAG
9. use test

                                                                                                                                                                                                                                         Person
                                                                                                                               Has
CEIOPS’ Advice                                                                                                                           Explain how the final requirement has been met                                    Date      responsible for
                                                     CEIOPS’ Advice Requirement                                            requirement                                                     Evidence available & Type
    48/09                                                                                                                                              / progress to date                                                available   making evidence
                                                                                                                             been met
                                                                                                                                                                                                                                        available
                 Foundation principle: the undertaking's use of the internal model shall be sufficiently material to
3.103
                 result in pressure to improve the quality of the internal model
                 How senior management demonstrate understanding of the model (including any external
3.105-3.108
                 models)
                 Principle 1. Senior management and the administrative, management or supervisory body, shall
                 be able to demonstrate understanding of the internal model
                 The administrative, management or supervisory body give evidence of understanding of the internal
                 model. Each member of the administrative, management or supervisory body has an overall
                 understanding of the internal model. CEIOPS considers that this understanding may be gained from
                 training provided by the undertaking. Each member of the senior management has an overall
                 understanding as well as a detailed understanding in the areas where they use the internal model. The
                 decisions where the undertaking uses the internal model to inform the decision-making process include
                 strategic decisions that have an impact on the future direction of the undertaking. The administrative,
                 management or supervisory body of the undertaking shall demonstrate where the outputs of the
                 internal model are used in decision-making.

                 The administrative, management or supervisory body give evidence of an overall understanding of the
                 internal model, including:
                 a. the structure of the internal model and how this fits with their business model and risk-management
                 framework;
                 b. the methodology behind the internal model;
                 c. the dynamics of the model, or how the different elements fit together;
                 d. the limitations of the internal model, including the limitations of statistical assumptions and
                 limitations in business planning assumptions and that these limitations are taken into account in
                 decision-making;
                 e. in which areas and on which entity / hierarchy level within the undertaking/group diversification
                 effects arise as well as the dependencies throughout the risk profile; and
                 f. the scope and purpose of the internal model and the risks covered by the internal model, as well as
                 those not covered.

                 The administrative, management or supervisory body and the senior management do not manipulate
                 the internal model in order to obtain outputs that do not appropriately reflect its risk profile.
                 Principle 2. The internal model shall fit the business model




                                                                                                                                  9.USE TEST                                                                                                           17
                                                                                                                                                                                                                                          Person
                                                                                                                                   Has
CEIOPS’ Advice                                                                                                                               Explain how the final requirement has been met                                 Date      responsible for
                                                      CEIOPS’ Advice Requirement                                               requirement                                                    Evidence available & Type
    48/09                                                                                                                                                  / progress to date                                             available   making evidence
                                                                                                                                 been met
                                                                                                                                                                                                                                         available

                 The design of the internal model is in alignment with the undertaking’s business model. The design of
                 the internal model aligns with the business model in at least the following aspects:
                 a. the methods used to calculate the probability distribution forecast underlying the internal model are
                 consistent with the methods used to calculate technical provisions
                 b. the outputs of the internal model reconcile with internal and external [financial] reporting
                 c. modelling approaches adopted in the internal model may vary within the internal model and reflect
                 the nature, scale and complexity of the risks modelled
                 d. the internal model is changed to reflect changes in the business model. Allowance for changes of
                 this nature is in the internal model change policy
                 e. the capital-allocation approach and the granularity of allocation reflect the risk-management system
                 and business model, and include information on the consumption of regulatory capital. The granularity
                 especially corresponds to the level of decision making processes.
                 f. the profits and losses used for the purpose of the profit and loss attribution are also used as
                 part of satisfying the Use Test. Hence the profits and losses have to be appropriate for the
                 system of governance (including the ORSA, risk management, limit setting, allocation
                 processes). Therefore CEIOPS Advice is to use the definition set out in 7.17 a, i.e. to use internal
                 definitions for profits and losses, which shall be consistent with the variable underlying the
                 probability distribution forecast (Article 121). The variable may differ from basic own funds,
                 because a different internal definition may be used for economic capital resources. There is
                 awareness of how the profits and losses used in the profit and loss attribution may differ from
                 the profits and losses reported in the accounting systems and what the causes of these
                 differences are. (For a group internal model this includes the major sources of profit and loss
                 for solo entities and on a consolidated basis.)
                 g. The internal model is at least able to produce results between entities and material lines of
                 business and has overall capital results split by material risks to assist in risk-management
                 activities. The granularity of internal-model output reflects the insurance and reinsurance
                 undertaking’s decision making processes.

3.109-3.116      How the model is used in decision making
                 Principle 3. The internal model shall be used to support and verify decision-making in the
                 undertaking
                 The internal model is used in decision-making processes, including the setting of a business or risk
                 strategy. Internal model is able to give information that allows assessing the expected profit from
                 potential decisions and assessing the potential variability in the expected profit from potential
                 decisions.
                 The analysis that supports decision-making is proportionate to the expected outcome of the decision.
                 This analysis is documented.
                 The internal model and its results are regularly discussed in relevant (risk) bodies, and also at Board
                 level.
                 Decisions that follow the output of the internal model are not made without question.
                 There is awareness among decision makers of the shortcomings of the internal model and decisions
                 are tailored accordingly.
                 Why decisions differ from those indicated by the internal model output is documented, as is the
                 additional information that has been used to arrive at the decision, as well as the rationale for decisions
                 where the internal model output supports the decision.
                 Principle 4. The internal model shall cover sufficient risks to make it useful for risk management
                 and decision-making

                 It is demonstrated that the scope of the internal model covers sufficient uses and sufficient risks to be
                 widely used in and play an important role in the system of governance, risk-management system and
                 decision-making processes, as well as capital assessment and allocation. The list of uses in Annex A
                 gives examples of the uses that undertakings may include in the scope of the internal model.

                 Gaining approval to use an internal model to calculate the SCR is not a trivial process, so an internal
                 model has been developed that can inform significant risk-management and business decisions.
                 Principle 5. Undertakings shall design the internal model in such a way that it facilitates analysis
                 of business decisions.

                 The internal model is designed to ensure that the results are used to inform internal debate in the
                 undertaking. The results from the internal model may be discussed with the people responsible for risk
                 in the administrative, management or supervisory body. The results of the internal model are
                 communicated to the board members so that they are able to take responsibility for the results.




                                                                                                                                      9.USE TEST                                                                                                        18
                                                                                                                                                                                                                                             Person
                                                                                                                                      Has
CEIOPS’ Advice                                                                                                                                  Explain how the final requirement has been met                                 Date      responsible for
                                                       CEIOPS’ Advice Requirement                                                 requirement                                                    Evidence available & Type
    48/09                                                                                                                                                     / progress to date                                             available   making evidence
                                                                                                                                    been met
                                                                                                                                                                                                                                            available

                 The results of the internal model are used for:
                 a. their development plan for the internal model;
                 b. internal project plans;
                 c. their governance strategy; and
                 d. their model change and data policy.
3.117-3.123      How the model is integrated into the risk management system
                 Principle 6. The internal model shall be widely integrated with the risk-management system

                 It is demonstrated that the internal model is used in the risk-management system. Uses of the internal
                 model that will assist in demonstrating that this is the case may include:
                 a. that the quantifications of risks and risk ranking, including the quantification of diversification effects
                 produced by the internal model, trigger action in the undertaking;
                 b. that the quantifications of risks and risk ranking, including the diversification effects produced by the
                 internal model and assessment of accumulations of risk and tail dependencies, are used to formulate
                 risk strategies, including the development of the undertaking’s risk appetite and any risk mitigation, and
                 improve the risk-management system overall;
                 c. that outputs are used to formulate risk limits and appear on reports to internal forums in the
                 undertaking.
                 At each point in the internal model where diversification effects occur, there is clear responsibility for
                 quantifying and allocating any diversification benefits.
                 If the risk-management system changes or if there are proposed changes, the internal model is also
                 changed to reflect this.
                 Principle 7. The internal model shall be used to improve the undertaking’s risk-management
                 system.
                 Article 112(5) requires an undertaking applying to use an internal model to have an adequate risk-
                 management system. The internal model, which is used to quantify risks, is designed to allow gaining
                 more insight into the risks, and hence to improve risk management by using a feedback loop between
                 the risk-management system and the internal model.
                 Areas where the internal model could lead to improvements may include:
                 a. risk mitigation techniques;
                 b. clarifying the risk appetite of the undertaking;
                 c. allowing more informed monitoring of risks; and
                 d. more risk-based decision making.
                 Principle 8. The integration into the risk-management system shall be on a consistent basis for
                 all uses
                 The internal model produces output that is based on the relevant internal or external accounting basis
                 for each use. The administrative, management or supervisory body demonstrate that they understand
                 the basis of the output.

                 The Use test always applies at least at the level at which risk strategy and risk management are
                 defined. (If these are defined at a group level, the use test also applies at this level. The uses included
                 in the scope of the internal model shall then be assessed by the supervisory authorities at a group
                 level. In addition, the use test shall be assessed at the level of related undertakings.)

3.124-3.127      Triggers to full or partial reruns of the internal model
                 Principle 9. The Solvency Capital Requirement shall be calculated at least annually from a full
                 run of the internal model, and also when there is a significant change to the undertaking’s risk
                 profile, assumptions underlying the model and / or the methodology arising from decisions or
                 business model changes, and whenever a recalculation is necessary to provide up to date
                 information for decision making or any other use of the model, or to fulfil supervisory reporting
                 requirements.
                 The Solvency Capital Requirement is calculated using the internal model at least annually, and may
                 calculate the Solvency Capital Requirement more frequently.
                 Supervisory authorities may require undertakings to calculate the Solvency Capital Requirement using
                 a full run of the internal model more frequently than annually if necessary.
                 As undertakings will update the methodology, parameters and data input to the internal model on a
                 regular basis, undertakings may calculate the change in the Solvency Capital Requirement for only the
                 risk modules affected by such changes.
                 The MCR is calculated quarterly and the proposed methodology requires a link to the SCR. Under the
                 principle of proportionality, undertakings using an internal model shall apply a quarterly calculation that
                 is sufficiently sophisticated to produce the quarterly SCR. However this does not assume necessarily a
                 full model run and approximations may be allowed.




                                                                                                                                         9.USE TEST                                                                                                        19
                                                                                                                                                                                          Latest self-assessment score               RAG
10. model governance

                                                                                                                                                                                                                                         Person
                                                                                                                               Has
CEIOPS’ Advice                                                                                                                           Explain how the final requirement has been met                                    Date      responsible for
                                                    CEIOPS’ Advice Requirement                                             requirement                                                     Evidence available & Type
    48/09                                                                                                                                              / progress to date                                                available   making evidence
                                                                                                                             been met
                                                                                                                                                                                                                                        available
4.46-4.53        System of governance of internal model

                 The system of governance for an internal model, which forms part of the overall governance of the
                 undertaking, in respect of the internal model:
                 a. Establishes, implement and maintain effective cooperation, internal reporting and communication of
                 information at all relevant levels within the undertaking;
                 b. is robust with a clear and well-defined organisational structure that has well-defined, clear,
                 consistent and documented lines of responsibility across the organisation;
                 c. Ensures that the members of the administrative, management or supervisory body possess sufficient
                 professional qualifications, knowledge and experience in the relevant areas of the business to give
                 adequate assurance that they are collectively able to provide a sound and prudent management of the
                 undertaking;
                 d. Ensures it employs personnel with collectively the skills, knowledge and expertise necessary for the
                 proper discharge of the responsibilities allocated to them;
                 e. Ensures all relevant personnel are aware of the procedures for the proper discharge of their
                 responsibilities;
                 f. Establishes, implement and maintain decision-making procedures;
                 g. Ensures that any performance of multiple tasks by individuals does not and is not likely to
                 prevent the persons concerned from discharging any particular function soundly, honestly and
                 professionally;
                 h. Establishes information systems that produce sufficient, reliable, consistent, timely and
                 relevant information concerning all business activities, the commitments assumed and the risks
                 to which the undertaking is exposed;
                 i. Maintains adequate and orderly records of its business and internal organisation;
                 j. Safeguards the security and confidentiality of information, taking into account the nature of the
                 information in question;
                 k. Introduces clear reporting lines that ensure the prompt transfer of information to all persons
                 who need it in a way that enables them to recognise its importance; and
                 l. Establishes and maintain adequate risk management, compliance, internal audit and actuarial
                 functions

                 High level internal model governance is the responsibility of the administrative or management body.
                 This covers:
                 • Approving the application for approval to use the internal model to calculate the SCR, and the
                 application for approval for major changes or extensions to the model
                 • Deciding roles and responsibilities for the internal model governance
                 • Deciding on the strategic direction of the model and hence any changes to the model
                 • Agreeing major changes in advance of the change being made.
                 • Aligning the model design and operations with the undertaking’s risk profile and operations
                 • Ensuring there are sufficient resources to develop, monitor and maintain the model
                 • Monitoring on-going compliance with the requirements for internal model approval, and informing the
                 supervisory authorities if the model ceases to comply.
                 • Ensuring there are adequate independent review procedures in place around the internal model
                 design, operation and validation.
                 • Ensuring that outputs are aligned with use – i.e. that the management information produced by the
                 model assists in decisions made at Board level
                 • If the internal model ceases to comply with the requirements for approval, the administrative or
                 management body must ensure that a plan to restore compliance is developed in accordance
                 with Article 116 or assess the non-compliance as immaterial.
                 There is an ongoing feedback loop between the administrative or management body and the risk
                 management function




                                                                                                                           10.MODEL GOVERNANCE                                                                                                         20
                                                                                                                                                                                                                                       Person
                                                                                                                                Has
CEIOPS’ Advice                                                                                                                            Explain how the final requirement has been met                                 Date      responsible for
                                                     CEIOPS’ Advice Requirement                                             requirement                                                    Evidence available & Type
    48/09                                                                                                                                               / progress to date                                             available   making evidence
                                                                                                                              been met
                                                                                                                                                                                                                                      available


                 Detailed internal model governance is the responsibility of the risk management function. This covers:
                 • Design and implementation of the internal model
                 • Testing and validation of the internal model
                 • Documentation of the internal model and any changes to it
                 • Analysing the performance of the internal model, and reporting on the performance to the high-level
                 governance, including compliance with the internal model approval requirements
                 • Suggesting areas for improvement and reporting on the status of efforts to improve previously
                 identified weaknesses to the high level governance
                 • Liaise closely with users of the outputs of the internal model
                 • Develop a communication loop with the actuarial function to pass the detailed actuarial perspective to
                 the risk management function and in return receive the insights on the internal model.



                 The governance of the internal model encourages the organization of a dialogue between every user of
                 the model, likely to be the business units, and the risk management function about the characteristics
                 of the internal model in order to increase understanding of the model and its outputs

                 The operation of the internal model is subject to on-going internal review. In this regard the
                 administrative, management or supervisory body may, as part of their overall governance, set up an
                 internal control committee, to whom the undertakings assign the task of providing advice and making
                 proposals.

                 The administrative, management or supervisory body have set up a feedback loop that allows
                 information to flow from the risk management function to the high-level governance, and for decisions
                 on the strategy for developing the internal model to flow to the risk management function for
                 implementation. Discussions forming part of the feedback loop shall be documented.

                 Specificities relating to group internal model governance


                 There system of governance of the group internal model is put in place by the parent undertaking. It
                 shall include at least:
                 • procedures of coordination between the undertakings and entities in the scope of the internal model;
                 • periodical information flows that allow the achievement of strategic objectives and the compliance
                 with regulations specific to internal models to be verified;
                 • procedures that ensure consistency between the data and information produced for the subsidiaries’
                 internal model and those produced for the undertaking internal model;
                 • the definition of tasks and responsibilities of the various units assigned with the control of risks
                 covered by the group internal model and the mechanisms for coordination;
                 • procedures that are appropriate for ensuring the identification, measurement, management and
                 control of risks covered by the group internal model;
                 • setting the reporting timetable across the group to ensure overall reporting deadlines are met,
                 reviewing and challenging the subsidiaries’ internal model practices and risk management procedures.


                 The parent undertaking will formalise and inform all the related undertakings and entities within the
                 group that are covered by the group internal model about the internal model criteria used to identify,
                 measure, manage and control their risks. The parent undertaking shall make sure the process is
                 communicated effectively and the related undertakings have the appropriate level of understanding of
                 the way the risks are modelled.




                                                                                                                            10.MODEL GOVERNANCE                                                                                                      21
                                                                                                                                                                                          Latest self-assessment score               RAG
11. model change policy

                                                                                                                                                                                                                                         Person
                                                                                                                               Has
CEIOPS’ Advice                                                                                                                           Explain how the final requirement has been met                                    Date      responsible for
                                                      CEIOPS’ Advice Requirement                                           requirement                                                     Evidence available & Type
    28/09                                                                                                                                              / progress to date                                                available   making evidence
                                                                                                                             been met
                                                                                                                                                                                                                                        available
3.94-3.97        Categorisation into major and minor changes
                 The undertaking has responsibility for creating the policy for changing the full and partial internal
                 model.
                 As set out in Article 115 of the Level 1 text model changes shall be classified into:
                 - Major changes; and

3.98             Sub-categorisation into different components of the internal model
                 Undertakings may further assign model changes to the following subcategories:
                 Major/minor changes with respect to:
                 - the calculation kernel of the internal model
                 - the risk management
                 - the internal model governance
                 - the existing and regulatory approved internal model change policy of the undertaking
                 - other aspects of the internal model
3.95-3.96        Internal governance process for model changes
                 CEIOPS considers that areas of relevance for the internal model, changes in which may lead to a need
                 to change the model, include the system of governance mentioned in Chapter IV, Section 2 of the
                 Level 1 text, the provisions and requirements set out in Articles 112 to 126, and any relevant changes
                 to the risk profile of the undertaking.
                 The model change policy shall cover any change which impacts these areas of relevance.
3.105; 3.108     Submission process for major and minor changes
                 Undertakings shall communicate planned major changes to the supervisory authority well in advance
                 of intended implementation. The undertaking shall support the request to the supervisory authority with
                 sufficient information about the impact of the change on the quantitative and qualitative adequacy of
                 the approved internal risk model. The administrative, management or supervisory bodies of the
                 undertaking shall approve the request.
                 Undertakings shall report minor model changes to the supervisory authority quarterly or at a higher
                 frequency, if it is deemed more appropriate. Minor changes shall be communicated in a summarised
                 report that describes both the effects of each change and the cumulative effects of the changes on the
                 quantitative and qualitative adequacy of the approved internal model. The administrative, management
                 or supervisory bodies of the undertaking shall approve the report.




                                                                                                                           11.MODEL CHANGE POLICY                                                                                                      22
                                                                                                                                                                                            Latest self-assessment score               RAG
12. 0rsa

                                                                                                                                                                                                                                           Person
  Framework                                                                                                                      Has                                                                                                   responsible for
                                                                                                                                           Explain how the final requirement has been met                                    Date
   Directive                                       Framework Directive requirement                                           requirement                                                     Evidence available & Type                     making
                                                                                                                                                         / progress to date                                                available
   Article 45                                                                                                                  been met                                                                                                   evidence
                                                                                                                                                                                                                                          available
                ORSA scope and process
                As part of its risk-management system every insurance undertaking and reinsurance undertaking shall
                conduct its own risk and solvency assessment.
                That assessment shall include at least the following:
                1 (a) the overall solvency needs taking into account the specific risk profile, approved risk tolerance
                limits and the business strategy of the undertaking;
                1(b) the compliance, on a continuous basis, with the capital requirements, as laid down in Chapter VI,
                Sections 4 and 5 and with the requirements regarding technical provisions, as laid down in Chapter VI,
                Section 2;
                1(c) the significance with which the risk profile of the undertaking concerned deviates from the
                assumptions underlying the Solvency Capital Requirement as laid down in Article 101(3), calculated
                with the standard formula in accordance with Chapter VI, Section 4, Subsection 2 or with its partial or
                full internal model in accordance with Chapter VI, Section 4, Subsection 3.

                For the purposes of paragraph 1(a), the undertaking concerned shall have in place processes which
                are proportionate to the nature, scale and complexity of the risks inherent in its business and which
                enable it to properly identify and assess the risks it faces in the short and long term and to which it is
                or could be exposed. The undertaking shall demonstrate the methods used in that assessment.

                In the case referred to in paragraph 1(c), when an internal model is used, the assessment shall be
                performed together with the recalibration that transforms the internal risk numbers into the Solvency
                Capital Requirement risk measure and calibration.
                Report structure
                The insurance and reinsurance undertakings shall inform the supervisory authorities of the results of
                each own-risk and solvency assessment as part of the information reported under Article 35.7.

                The own-risk and solvency assessment shall not serve to calculate a capital requirement. The
                Solvency Capital Requirement shall be adjusted only in accordance with Articles 37, 231 to 233
                and 238.
                Governance framework
                The own-risk and solvency assessment shall be an integral part of the business strategy and shall be
                taken into account on an ongoing basis in the strategic decisions of the undertaking.
                Insurance and reinsurance undertakings shall perform the assessment referred to in paragraph 1
                regularly and without any delay following any significant change in their risk profile.




                                                                                                                                   12.ORSA                                                                                                          23

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:23
posted:4/4/2011
language:English
pages:23