Business principles under Solvency II

Pillar II: Governance and risk management

Solvency II is strengthening the mathematical side of insurance supervision. However, it is still humans and not computers who decide which risks are taken by insurance companies: The Prudent Person Principle is at the heart of the new system, too. The rules for implementing this principle are set under the second Pillar of Solvency II.

Insurers must demonstrate to their supervisors that they have qualified managerial staff and that all risks and business activities are under control at any time. Insurers’ investment policies must be in line with the “Prudent Person Principle”, according to which they may only invest in assets whose risks they can understand and control.

ORSA: raising awareness of risks and responsibilities
The “Own Risk and Solvency Assessment” (ORSA) is a key element of Solvency II. It requires insurers to continuously assess their risk and solvency situation. At least once a year, insurers have to verify whether their risk management system appropriately identifies and takes into account all risks. The insurers have to address any problems they identify in their risk management system. They regularly submit their ORSA results to the responsible supervisory authority, which then makes its own assessment of the ORSA report and, if necessary, intervenes.

Insurance companies are subject to different types of risks, depending on their business model and investment strategy. Therefore, the ORSA deliberately refrains from prescribing any standard solutions. Instead, insurers are required to find appropriate solutions for their individual risks. Among other aspects, this includes a company-specific risk assessment: For instance, the insurers’ asset managers may not rely on rating agencies alone when making investment choices; they must make their own assessments as well.

Insurers required to establish independent key functions
Solvency II requires all insurers to establish the following four key functions and designate one responsible person for each function: the risk management, compliance, actuarial and internal audit function.

The clear allocation of functions is intended to ensure that every European insurer is aware of the risks it is facing. The risk management function provides essential support to management in identifying, controlling and managing risks. The actuarial function coordinates and monitors the appropriate calculation of technical provisions required under Solvency II.

In addition to that, the key functions strengthen the “lines of defence“ set up in business organisation: The first line of defence requires staff and management to continuously identify and assess risks in “day-to-day business” in their field of responsibility. In the second line of defence, the compliance function works hand in in hand with the risk management and actuarial function in monitoring the organisation and functioning of all operational fields of business. In the third line of defence, the internal audit function assesses whether the overall governance system is appropriate and effective.

Fit & Proper
Under Solvency II, managers, managing boards and supervisory boards throughout Europe have to meet high personal and professional requirements regarding their qualification (fit) and integrity (proper). They also apply to employees in key functions. The second Pillar of Solvency sets high standards for European insurers regarding business management and organisation, thereby improving the stability of the European insurance market.

>> Solvency II – Here is how it works