In the second part of the InsuranceERM and Thomson Reuters Accelus roundtable, insurers discuss their concerns over the matching adjustment, passing the 'use' test and challenging reporting timetables for pillar 3
Jennifer DeMattia, senior managing consultant, Thomson Reuters Accelus
Nigel De Silva, chief actuary, Thomas Miller & Co
Lee Dobson, Solvency II programme director, LV=
Justin Elks, director of risk and Solvency II lead, Just Retirement, and deputy chair for Oric International
Maurits Le Poole, major accounts director, Thomson Reuters Accelus
Heloise Rossouw, head of risk and capital integration – group ERM, Old Mutual
Peter Telford, group enterprise risk director, Legal & General
James Tufts, group CRO, Guardian Financial Services
Chaired by Christopher Cundy, contributing editor, InsuranceERM
Chris Cundy: What issues are you having with the ORSA? How close are you to the supposed ideal of making it a continuous process with periodic reporting?
Nigel De Silva: We think of it as the process of business planning and all the decisions that go into that – allocating limits, buying reinsurance, investment management, etc. We report periodically to the board in that process and it helps them make their decisions. We have been operating that process for about two and a half years now and it is reasonably refined.
What we have given up is the big "supervisory" report. That report explained everything: methodology, assumptions, etc. We found it was not useful for the Board or Management and the PRA were not giving us feedback on it. So far the PRA seems happy with just the Board document, but it will create a lot of (in our view, unnecessary) documentation work if they do start asking for it again.
Lee Dobson: My understanding is that the PRA are being quite pragmatic here and are looking for the something that the board uses, not a report purely for supervisory purposes. In saying this, the final ORSA report needs to be of a manageable size, although clearly the detail which underpins its content needs to be available, but not necessarily as part of the same document.
Heloise Rossouw: We see the ORSA as an integrated part of our existing business, risk management and decision-making processes. Specifically, we see it as an integral part of our business planning process. From a group perspective, we will most likely deliver the ORSA through a series of reports, with an overarching summary report (that really just provides an overview of the process and the conclusions). We see the ORSA as operating in "two phases", a shaping phase that feeds into the board strategies and deliberations early in the year and a testing phase that reconfirms that the three-year plan remains viable.
Nigel De Silva: That is similar to the approach that we take. Our first "ORSA Overview" document of the year focuses on recent performance and the current risk profile and solvency position. The future plans/projections are largely rolled forward from the previous report. The second document, is largely similar to the first, but expands the future section to reflect the business decisions to be made as the planning process concludes.
Chris Cundy: In terms of auditing the ORSA, have you given much thought on how you go about that, whether you do it internally, externally? Is it something you try to do already?
Nigel De Silva: I do not really see much point in external audit. It is our own process and our business planning is not currently externally audited. For the internal audit, we broke it down into two parts. We told them, 'This is what we are planning on doing.' And we got internal auditors to express an opinion as to whether or not that looked sensible. After we completed the annual ORSA process, we then asked them to review it and suggest any improvements.
"I do not really see much point in external audit. It is our own process and our business planning is not currently externally audited" Nigel De Silva
Heloise Rossouw: We have also kicked off an internal audit of some components of our ORSA, most notably a review of the controls around our forward looking stress and scenario testing models.
James Tufts: We have had internal audit review of the ORSA processes. The numbers will be mostly reviewed through another process, so we are not intending to get another in-depth review of the ORSA numbers.
Chris Cundy: Is extracting information from the business challenging? How do you go about ensuring the cleanliness of that data?
Nigel De Silva: We have developed the ORSA on a gradual basis, over time. We are putting in the things that we think are relevant to Management and the Board. If we find it would be nice to have something else in, we do it next time. Initially we take business inputs and shape that collaboratively to fit our view for the ORSA. Subsequently, the business updates the previous version, gradually taking ownership and reducing our workload. Taking it gradually, rather than some 'big bang' type of project, feels like the easiest way of going about it.
Justin Elks: A lot of the information in the ORSA is things that the business would have been producing anyway. The challenge now is to move the ORSA's focus more from identification of risk to the management of risk.
James Tufts: I think the whole effort of the ORSA has been somewhat overblown and actually now most companies find it a fairly straightforward exercise. Some of the information in the ORSA is static; your core business and its strategy for example does not change much month-on-month. So once you split the ORSA components into static and dynamic, it becomes quite manageable. I see the challenge as the forward-looking piece: what is the future going to bring, how do we reflect that, how do we mitigate it.
Chris Cundy: Has the Financial Conduct Authority (FCA) asked to see your ORSA, to see what it says about conduct risk?
James Tufts: Yes, the FCA has asked to see it.
Peter Telford: Probably most ORSAs are assessing conduct risk inside or alongside operational risk. Firms need to make sure it gets the appropriate profile. Boards are acutely aware of conduct risk, so they expect to see that content.
Lee Dobson: It was not a revelation to us – conduct is part and parcel of what we do. Our business plan and performance evaluations already include consideration of conduct risk and our intention is to build further on this as part of ORSA.
Jennifer DeMattia: Are behavioural risks, and culture in general, being discussed more, because of the focus on conduct risk?
James Tufts: Culture is something we will bring out within the ORSA and the ERM Framework I spoke of earlier. We have done culture surveys and things like that, so some of that will feed through.
Lee Dobson: Clearly the impact of behaviour through remuneration schemes is a feature of how you assess your conduct risk, both for the sales force and the general management.
We see the ORSA as an integrated part of our existing business, risk management and decision-making processes" Helen Rossouw
Heloise Rossouw: During 2013 we began to measure risk and control culture, considering tone from the top, understanding of risk, attitude to risk, control functions, quality of management information and remuneration structures. We have included a risk metric and risk appetite for risk and control culture and see this as an important addition to our suit of risk exposure measures and processes given the importance of a proactive risk and control culture.
Jennifer DeMattia: If you are aggregating data from different business units, how confident are you that business units are collecting and measuring the data in a standardised fashion?
James Tufts: We have appointed a data owner for all of our data, which is a new step partly driven by Solvency II. That individual is responsible for setting the standards and making sure there is consistency. We are a UK and Irish operation and it is reasonably manageable. If you are a global conglomerate, it is probably a lot more challenging.
Heloise Rossouw: We rely on our Group Operating Model (GOM), which includes our data governance and control framework. A key mechanism in our GOM is the two-way dialogue between group and BU [business unit] functions on the understanding and application of the GOM including the group processes and group policies.
Chris Cundy: There are a lot of questions about how the matching adjustment (MA) will work, for example on which assets will be eligible. What is the latest you're hearing on that?
Lee Dobson: The PRA announcement at the end of July said it will be on case-by-case basis. There are specific aspects of some asset categories that have deep impacts, depending on what sort of firm you are - that requires a more collective industry discussion. The challenge is, when will that clarity for that individual feedback emerge? How long will PRA require for a review of that application? How will that overlap with your IMAP [internal model application process]? If you don't get the MA and want to use the volatility adjuster, is another application required?
James Tufts: The regulator said they won't come out with a definitive list of matching adjustment-friendly assets, but surely that is just a question of timing? Once everyone has been through the process, it will be clear which assets and structures will work and won't work.
Right now we are more concerned about the impact on the risk margin, in terms of that cost of credit risk capital coming in to that and almost undoing the benefit of that matching adjustment. That could have quite a big impact for some companies - one could fear that MA is a "con trick" if this goes ahead.
Justin Elks: As James and I have tried to highlight, you have this interaction of the ultimate policy and the process for delivering it. If you have an application process with a six-month window, then all these issues are stacking up to be resolved in quite short order. There is a general industry concern around whether that helps in effective risk and capital management over the next few months. I think regulators have a tricky job to get to a fair solution.
Chris Cundy: Are you finding the PRA statements helpful, in general?
James Tufts: For sure it is better than nothing, but they never leave you with total clarity. On a number of key issues there is still uncertainty given the time to consider and implement management actions.
Lee Dobson: Sometime it does feel like a treasure hunt. I understand their concerns around making announcements too early in the cycle, but there needs to be some pragmatism and a line drawn in the sand. Otherwise we will end up with quite dysfunctional behaviour as you get closer to the deadline.
Nigel De Silva: It would be ideal if we could have, say, five years to get some consistency across the industry and not penalise firms harshly if they get it "wrong" from the regulator's point of view, but rather move them in the right direction over time. But it does not sound as if Eiopa [the European Insurance and Occupational Pensions Authority] will allow that kind of soft implementation.
James Tufts: We all acknowledge that the PRA has a difficult job, but my concern is there will be a paralysis of decision-making in the insurance sector, where you just do not know what the ground rules are and what is acceptable. The insurance industry could do more to bring everyone together and work with the regulator. Unless we get some real momentum in the remainder of this calendar year, some form of paralysis is a possible outcome for 2015.
Chris Cundy: How do you pass the 'use' test? What is the pass mark?
James Tufts: No Section 166 enforced on you! Seriously, I don't think anyone knows yet and the pass mark and best practice will emerge over the next few years.
Lee Dobson: It is a very difficult question. At one level, the use test is a subjective assessment based upon the evidence you provide. We can reflect back that we have been in the ICAS [Individual Capital Adequacy Standards] regime for a number of years and we have good bank of evidence to demonstrate that we have actually used the information we produced. It may not be Solvency II, but it is an economic capital approach. But I am sure the bar will be set higher than we think it is.
Justin Elks: We provide the regulator with a view of our ambitions so they can see the story of how we will embed it in our business, giving them the opportunity to agree or disagree. We have not seen any feedback yet, but we are expecting something within the next month or two.
Chris Cundy: Nigel, you mentioned there is going to be a new version of the internal model self--assessment template (SAT)?
Nigel De Silva: We heard rumours there is going to be a new version released later this year but I have not seen it yet.
Chris Cundy: Do you have any idea if it will be very different?
Nigel De Silva: I have no idea. When we applied, the PRA just told us to use the old one for now.
Justin Elks: We heard a few weeks ago that Eiopa are going to put something out on this, although I think most of the work has been done by the PRA so I am not sure how different it will be.
Lee Dobson: We find that particular situation quite frustrating. There would be a lot of administration to go through if we get a new SAT late in the cycle, as it would affect our validation. We could do with a simple pronouncement on whether we are going to use a new one or not.
Chris Cundy: Are there major issues that you are coming up against in pillar 3, or is it just a case of grinding through?
Lee Dobson: The reporting cycle timelines are pretty challenging, in terms of getting all the intel and governance synced to enable you to produce and submit to the PRA. It's a logistical challenge of how you accelerate the production of quarterly numbers; it's not about computers and speed, it's around processes and particularly governance – what level of assurance do you need internally before you can say that information is fit for purpose?
Justin Elks: It is similar for us. The challenge in pillar 3 is classic finance transformation, speeding up processes, making them efficient and trying to apply valuable finance and actuarial resources where they have the most benefit – on supporting decision making rather than number crunching and production.
James Tufts: We have picked our software package and, as you said, it is a case of grinding through. Any change programme takes at least one period to bed in and because of the accelerated reporting that Lee already mentioned, it is probably going to take more than one period.
"There are far fewer data providers than there are firms taking the data" Peter Telford
Peter Telford: One specific challenge is asset data. For linked funds and particularly nested funds there could in theory be a need to keep looking through until you get to an underlying security. That would be disproportionately hard to do and it would be very inefficient if each firm solves that problem for itself. Moreover it's hard to believe that that level of detail would be useful to anyone. The situation calls for pragmatic compliance, the detail of which we still have to get to.
Chris Cundy: Is this something that could be pursued collaboratively across the industry?
Peter Telford: There are far fewer data providers than there are firms taking the data. So if L&G solves the problem and LV= solves the problem and Old Mutual solves the problem, and we have all done it by talking to the same data source, that is a lot of scarce effort repeatedly doing the same thing. It seems obvious to ask whether there isn't a more efficient place and way to do it.