Assicurazioni - Rivista di diritto, economia e finanza delle assicurazioni privateISSN 0004-511X
G. Giappichelli Editore

indietro

stampa articolo indice fascicolo leggi articolo leggi fascicolo


Key features of a sound governance system for (re)insurance groups and the application – mutatis mutandis – of the requirements applicable at solo level (di Anna Maria Ambroselli, Istituto per la vigilanza sulle Assicurazioni – IVASS – Prudential Supervision Directorate Rome, Italy)


This paper analyses the aspects that define a sound governance system for insurance and reinsurance groups according to the current international frameworks, with a focus on the Solvency II regime. The paper also refers to amendments concerning group governance included in the provisional agreement on the revision of the Solvency II Directive reached by the European Parliament and the Council on December 14, 2023. With respect to the rules applicable at the group level, the basic assumption of the relevant international and Solvency II regulatory framework is that the (re)insurance group must be considered as a whole, i.e. as a single economic entity. Therefore, the governance rules applicable at the individual level must apply – mutatis mutandis – at the group level. Based on this assumption, this paper aims to analyse how the principles established at the individual level for (re)insurance companies actually apply at the group level, i.e. which perimeter of the group is relevant for the application of the governance rules, which entity is responsible for their application and which specificities become significant at group level. Finally, this paper focuses on the remuneration framework for (re)insurance companies and groups. An appropriate remuneration system is essential for sound corporate governance, as it must not encourage excessive risk-taking and must ensure that the remuneration structure of the members of the management body and senior management is aligned with the longer-term interests of (re)insurance companies and groups.

Le caratteristiche fondamentali di un solido sistema di governance per i gruppi (ri)assicurativi e l’applicazione – mutatis mutandis – dei requisiti applicabili a livello di singola impresa

Questo articolo analizza gli aspetti che definiscono un solido sistema di governance per i gruppi assicurativi e riassicurativi secondo gli attuali framework internazionali, con un focus sul regime Solvency II. L’articolo fa anche riferimento agli emendamenti che riguardano la governance di gruppo, inclusi nell’accordo provvisorio sulla revisione della direttiva Solvency II raggiunto dal Parlamento europeo e dal Consiglio il 14 dicembre 2023. Per quanto riguarda le regole applicabili a livello di gruppo, l'assunto di base del framework internazionale e di Solvency II è che il gruppo (ri)assicurativo debba essere considerato nel suo complesso, ossia come un'unica entità economica. Di conseguenza, le regole di governance applicabili a livello di singola impresa devono essere applicate – mutatis mutandis – a livello di gruppo. Partendo da questo presupposto, l’articolo si propone di analizzare come effettivamente i principi stabiliti a livello individuale per le compagnie di (ri)assicurazione si applichino a livello di gruppo, ovvero quale sia il perimetro del gruppo rilevante per l'applicazione delle regole di governance, quale entità sia responsabile della loro applicazione e quali specificità diventino significative a livello di gruppo. Infine, l’articolo si concentra sui principi relativi alle politiche di remunerazione delle imprese e dei gruppi (ri)assicurativi. Un sistema di remunerazione adeguato è infatti essenziale per una sana governance aziendale, in quanto non deve incoraggiare un'eccessiva assunzione di rischi e deve garantire che la struttura retributiva dei membri dell'organo di gestione e dell'alta dirigenza sia effettivamente allineata con gli interessi a lungo termine delle compagnie e dei gruppi (ri)assicurativi.

SOMMARIO:

1. The OECD and IAIS frameworks: key features of sound corporate governance for (re)insurance groups - 1.1. OECD framework - 1.2. IAIS framework - 2. Pillar 2 in the Solvency II regime - 3. The Solvency II framework for the governance of (re)insurance groups - 4. Main challenges in applying the principle of mutatis mutandis - 5. Clarification on the mutatis mutandis principle - 5.1. The scope of the group system of governance - 5.2. The role of the AMSB of the parent undertaking in establishing a sound group-wide governance system - 5.3. The authority responsible for the monitoring of the adequacy of governance systems at group level - 6. The solo rules on the system of governance applied mutatis mutandis at group level - 7. The specific rules on group governance - 7.1. The management of conflicts of interest - 7.2. The group capital add-on for significant deviation from the governance standard - 7.3. Pillar 3 reporting requirements - 8. Remuneration policies and alignment of incentive structures - 9. The variable component of remuneration - 9.1. EIOPA Opinion on the supervision of remuneration principles - 10. Final remarks - NOTE


1. The OECD and IAIS frameworks: key features of sound corporate governance for (re)insurance groups

Sound corporate governance in financial institutions is essential for a healthy financial system, capital markets and sustainable economic growth. The global financial crisis of 2007-2009 clearly demonstrated the link between governance failures and excessive risk-taking by managers, and how governance weaknesses in financial institutions can lead to the transmission of problems throughout the financial sector and the economy. A sound system of corporate governance is identified by a number of features, some of which are common to all economic and financial sectors, and some of which are specific to financial sectors, particularly those that are regulated and subject to a legal and supervisory regime. In particular, insurers are concerned not only with the objective of sound and prudent management of their business, but also with the appropriate recognition and protection of policyholders’ interests. This fundamental aspect is emphasised in both international and European frameworks. Internationally, organisations such as the Financial Stability Board (FSB), [1] the Organisation for Economic Co-operation and Development (OECD), [2] the Basel Committee on Banking Supervision (BCBS), [3] the International Organization of Securities Commissions (IOSCO), [4] and the International Association of Insurance Supervisors (IAIS) [5] have collaborated with regulators and policymakers to enhance corporate governance practices in financial institutions. More specifically, the framework for the governance system in the insurance sector can be found in the G20/OECD Principles of Corporate Governance and the OECD Guidelines on Insurance Governance, the IAIS Insurance Core Principles (ICPs), and the Common Framework for the supervision of Internationally Active Insurance Groups (ComFrame). The OECD and the IAIS work closely together on these issues, as evidenced by some joint work and frequent cross-references in their respective documents. Both the IAIS and the OECD, as well as the Solvency II framework (which will be discussed in more detail later), assume that the (re)insurance group should be viewed as a single economic entity and governed holistically. Therefore, good governance of groups should not differ significantly from that of a company with many divisions or branches and governance rules that apply at the individual level should also apply at group level. However, it is acknowledged that (re)insurance groups are more [continua ..]


1.1. OECD framework

At the international level, the OECD has for many years played a key role in providing guidance to financial sector companies and regulators on governance issues through principles, recommendations and documents. Although not binding they provide a global benchmark for legal, regulatory, and institutional frameworks. The G20/OECD Principles of Corporate Governance (“the Principles”) identify the key elements of a sound corporate governance framework and provided practical guidance for implementation at the national level. They state that “corporate governance involves a set of relationships between a company’s management, board, shareholders and stakeholders. Corporate governance also provides the structure and systems through which the company is directed and its objectives are set, and the means of attaining those objectives and monitoring performance are determined”. [6] The Principles have recently been revised to include new and updated guidance on shareholder rights, the role of institutional investors, corporate disclosure and transparency, board responsibilities and, for the first time, sustainability and resilience to help companies manage climate-related and other sustainability risks and opportunities. [7] They now also include recommendations for improvements in the definition, monitoring and disclosure of business groups. [8] In this respect, the Principles recognise that well-managed business groups operating under appropriate corporate governance frameworks can support economic growth and employment through economies of scale, synergies and other efficiencies, but that in some cases they may be associated with risks of unfair treatment of shareholders and stakeholders. To address these risks, Principle I.H recommends that jurisdictions adopt a clear regulatory framework that provides a practical definition and criteria for effective supervision of listed companies within groups and recognises the fundamental importance of transparency of share ownership and control. Specifically, Sub-Principle IV.A.3. states that “disclosure should include, but not be limited to, material information on: capital structures, group structures and their control arrangements”. The Principles are complemented by the OECD Guidelines on Insurance Governance, [9] which includes a specific section on groups and conglomerates. Developing on the content of the Principles, the Guidelines identify the [continua ..]


1.2. IAIS framework

With regard to the IAIS framework, rules on group-level governance systems can be found the “Insurance Core Principles” (ICPs), [12] the “Common Framework for the Supervision of Internationally Active Insurance Groups” (ComFrame), [13] the “Issues Paper Approaches to Group Corporate Governance; Impact On Control Functions”, [14] and the “Application Paper on Group Corporate Governance”. [15] The IAIS Glossary defines the corporate governance similarly to the OECD definition as “a set of relationships between an insurer’s board, senior management, customers and other stakeholders; and a structure through which the objectives of the insurer are set, and the means of attaining those objectives and monitoring performance are determined”. [16] The definition is deliberately broad in order to take into account the possible different forms of governance system structures. Further clarifying elements are included in the ICPs and, with specific reference to Internationally Active Insurance Groups (IAIGs), [17] in the ComFrame. In particular, ICP 7 on corporate governance states that the supervisor should “require insurers to establish and implement a corporate governance framework which provides for sound and prudent management and oversight of the insurer’s business and adequately recognises and protects the interests of policyholders.” The ICP provides standards for various aspects of a governance system, including the allocation of oversight and management responsibilities, corporate culture, business objectives and strategies, board structure and governance, duties of individual board members, risk management and internal controls, remuneration, reliable and transparent financial reporting, external audit, communications, duties of senior management, and supervisory review. Regarding groups, the ICP mandates that they ensure the corporate governance framework is suitable for the structure, business, and risks of the insurance group and its legal entities. This framework should encompass policies, processes, and controls that address risks across the insurance group and legal entities, as well as clear reporting lines between the group’s head and its legal entities. The ComFrame contains more specific provisions related to IAIGs, with particular attention given to the role and duties of their board of directors. The board of directors [continua ..]


2. Pillar 2 in the Solvency II regime

The Solvency II regulatory framework is based on a three-pillar structure that provides a coherent approach to understanding and managing risk across the insurance sector: –   Pillar I sets the quantitative requirements, i.e. valuation of assets and liabilities and capital requirements; –   Pillar II sets out the qualitative requirements, including corporate governance and risk management and the Own Risk and Solvency Assessment (ORSA); [20] –   Pillar III deals with supervisory reporting and public disclosure. [21] A robust governance system is a crucial prerequisite for the solvency of (re)insurance companies and groups. [22] A reliable assessment of the elements required under Pillar 1, specifically the Solvency Capital Requirement (SCR) [23] and the Minimum Capital Requirement (MCR), [24] can only be achieved through a proper risk-based approach, which requires the firm to exercise good governance in risk management and other relevant functions. This ensures effective control of the risk level. Recital 29 of the Solvency II Directive is clear in this regard, emphasising that certain risks can only be adequately addressed through governance requirements rather than through the quantitative requirements reflected in the SCR. Similarly, according to recital 15 of the revised Directive (see paragraph 3), the governance system is also an important factor in ensuring that the company maintains its financial health. An effective governance system is therefore essential for the proper management of the (re)insurance undertaking and for the regulatory system. In terms of the powers and tools available to supervisors in relation to the risks taken by the company or group, one more than any other highlights the close link between quantitative and qualitative aspects in the Solvency II framework. This is the power of supervisors to require the application of capital add-ons in addition to the capital requirements established by the firm or group, even where significant failures in the governance system have been identified, as described in more detail in paragraph 7.2.


3. The Solvency II framework for the governance of (re)insurance groups

At the European level, [25] the Solvency II Directive (the “Directive”) [26] sets out the basis for the governance system at both individual and group level. The Directive underwent a multi-year revision process that concluded on 14 December 2023 with a provisional agreement between the Council and the European Parliament. The revision mainly focuses on long-term guarantee measures but also clarifies some aspects of group supervision, including the governance system. The Directive requires (re)insurance undertakings and groups to establish an effective system of governance that ensures sound and prudent management of the business. It also identifies the key aspects of such a system. Regarding (re)insurance groups, the Directive establishes the general principle that the rules laid down for individual firms apply mutatis mutandis – that is having changed what needs to be changed – at group level and adds a few specific rules that are relevant at the group level. [27] The recitals do not provide additional specifications but reiterate the requirement for groups to have appropriate governance systems, which should be subject to supervisory review. [28] The underlying reason for this choice is the general consideration that the same approach used for individual insurers should be applied at the level of the group as a whole, so that the groups are recognised and managed as a single economic entity. [29] The Directive is complemented and sometimes clarified by the Commission Delegated Regulation (the ‘Delegated Regulation’). [30] However, the Delegated Regulation does not contain any specific provisions for insurance groups, except for specifying the additional information that groups must provide in their RSRs and SFCRs. [31] In addition, in 2015, EIOPA published the “Guidelines on the system of governance” (the “Guidelines”), with the specific objective of providing further details on the governance rules set out in the Directive and the Delegated Regulation, both at solo and group level, and to clarify supervisory expectations. [32] The Guidelines also state the general principle that the rules established at the individual level apply mutatis mutandis at the group level and that the implementation of governance requirements at the group level should be understood as the implementation of a sound governance system applied to a coherent economic entity [continua ..]


4. Main challenges in applying the principle of mutatis mutandis

As mentioned earlier, the revision of the Solvency II Directive involves changes to the provisions on group supervision, including certain aspects of the group governance system. Therefore, it is helpful to provide an overview of the process that led to these changes, with a focus on the Commission’s requests for advice to EIOPA and the corresponding EIOPA responses. In June 2018, the Commission requested a report from EIOPA on group supervision and capital management, as well as on freedom to provide services and freedom of establishment under the Directive. [36] The request covered aspects where the Commission had identified challenges and divergent practices in group supervision. In particular, EIOPA was asked to provide information on the application at group level, mutatis mutandis, of the provisions applicable at solo level on aspects such as the calculation of eligible own funds, the application of the capital add-on at group level, the governance requirements, the fit and proper requirements, as well as on any uncertainties or divergences in supervisory practices in relation to these provisions. On 18 December 2018, EIOPA submitted its report to the Commission, providing an overview of the implementation of the main provisions related to group supervision, including the main gaps and areas where further convergence in practical implementation was deemed necessary. [37] EIOPA identified the following aspects as the most complex issues related to the implementation of mutatis mutandis at group level: –   the inclusion of non-insurance undertakings in the scope of groups; –   legal uncertainties regarding the identification and responsibility of the administrative, management and supervisory body at group level (“group AMSB”), in the absence of a definition of “group AMSB” in the Directive; –   the possibility that AMSBs of an individual firm may face conflicting objectives as they have to ensure both the adequacy of the governance system of the individual firm and its consistency with the governance system of the group; –   the lack of clarity in the scope of the fit and proper requirements at the insurance holding company (IHC) [38] and mixed financial holding company (MFHC) [39] level as key function holders are not explicitly mentioned in the Directive; –   the difficult application of the group capital [continua ..]


5. Clarification on the mutatis mutandis principle

What follows is an attempt to clarify the principle of mutatis mutandis in the context of the current Solvency II regulatory framework, also taking into account the recent agreement on the revision of the Directive, as it, as already mentioned, provides clarifications on key aspects of the application of the principle. These include: –   what is meant by “at group level”, i.e. what is the scope of the group for the application of the governance rules established at individual level; –   which entity within the group is responsible for enforcing the governance rules and is accountable to supervisors; –   which supervisor is responsible for monitoring the adequacy of the governance systems adopted by the group; –   how potential conflicts of interest should be prevented and managed. However, it is important to stress that the reference to the principle of mutatis mutandis application at group level of rules established at individual level remains widely used in the revised Directive as do the numerous cross-references, again mutatis mutandis, to specific rules established at individual level. The reason for this is not explicitly stated in the Directive nor in its revision, but it is reasonable to assume that it stems from the need to avoid including in the Directive rules that are too prescriptive and difficult to apply by groups, given the different nature and characteristics of the entities that may belong to them.


5.1. The scope of the group system of governance

The revised Directive establishes a clear link between the scope of group supervision for the purpose of calculating group solvency and the perimeter of governance supervision. In fact, immediately following the principle of mutatis mutandis, the Directive explicitly identifies the perimeter covering the group governance system with that identified for the purpose of calculating group solvency. [44] As a result, the definition of a group is very broad, also for the purposes of the supervision of the system of governance, since the Directive defines a “group” as a group of undertakings which: –   consists of a participating undertaking, its subsidiaries and the undertakings in which the participating undertaking or its subsidiaries hold a participation, as well as undertakings which are managed on a unified basis or whose administrative, management or supervisory bodies consist for the major part of the same persons, or –   is based on the establishment of strong and sustainable financial links between those undertakings, provided that one of those undertakings effectively exercises, through centralised coordination, a dominant influence over the other undertakings that are part of the group and that the establishment and dissolution of such links are subject to prior approval by the group supervisor. The determination of the scope of the group therefore requires the identification of the participations [45] and contractual relationships on the basis of which the entities are to be included in the group and treated as subsidiaries or related undertakings. If more than one entity in the group has a participation in the same entity that is not material individually but becomes material in the aggregate, that entity is also included in the group. [46] To qualify as a (re)insurance group, it must have as its ultimate parent undertaking: –   a (re)insurance undertaking which has its head office in the EEA and which is a participating undertaking in at least one (re)insurance undertaking; –   an IHC or MFHC which has its head office in the EEA and which is the parent undertaking of at least one (re)insurance undertaking. This means that all entities within the insurance group must be considered when defining a sound governance system, as well as the risks arising from the group’s activities and their interdependencies. It is important to note that the [continua ..]


5.2. The role of the AMSB of the parent undertaking in establishing a sound group-wide governance system

The ultimate participating (re)insurance undertaking, the IHC or the MFHC as defined above, is generally responsible for establishing a sound governance system at the group level. However, supervisors should also consider any undertaking that effectively exercises a dominant influence over another undertaking as such. It is this entity – hereafter referred to as the “parent undertaking” – and in particular its AMSB which has to establish a sound internal governance system for the whole group, commensurate with its structure, activities and risks, and which bears the ultimate responsibility for the compliance of the group with the relevant legal framework. The revised Directive now explicitly includes this aspect. It states that the ultimate responsibility for the group’s compliance with the laws, regulations, and administrative provisions adopted pursuant to the Directive lies with the AMSB of the parent undertaking in the EEA.


5.3. The authority responsible for the monitoring of the adequacy of governance systems at group level

The authority responsible for assessing the adequacy of the governance system at the group level is the group supervisor. For identification purposes, the group supervisor is generally the supervisory authority that has authorised the parent undertaking if it is a (re)insurance undertaking. [47] In the case of supervision at the subgroup level, the supervisor of the national or regional subgroup is also responsible for assessing the governance system of the subgroup. [48] In the case of cross-border groups, the supervisory activities of the group supervisor are carried out in cooperation with the other member or participating authorities of the colleges of supervisors. [49]


6. The solo rules on the system of governance applied mutatis mutandis at group level

As highlighted in the previous paragraphs, it is the responsibility of the parent undertaking’s AMSB to establish a robust group-level governance system that encompasses all its entities, taking into account their respective characteristics and differences. One of the fundamental principles that characterise a sound corporate governance system at the group level is an appropriate and transparent organisational structure, with clear allocation and segregation of responsibilities, and an effective system for ensuring the communication of information. The governance system should undergo regular internal review and be proportionate to the nature, scale, and complexity of the (re)insurance operations and should include systems, resources, and procedures that ensure business continuity and regularity, including developing contingency plans. Another fundamental principle is that no individual should have decision-making powers without some form of control. Any important decision concerning the company should be checked by at least one other person before implementation, following the ‘four-eyes principle’. [50] Appropriate group-level oversight and controls need to be supported by group-level control functions that are necessary to ensure sound decision-making and governance practices within a group. Therefore, at the group level, the governance system must include the key function, namely the risk management function, [51] the compliance function, [52] the internal audit function [53] and the actuarial function. [54] Additionally, groups must have written policies on risk management, internal control, internal audit, remuneration, and outsourcing. These policies must receive prior approval from the governing body of the parent undertakings, be implemented, reviewed at least annually, and adapted in view of any significant changes in the system or area concerned. An effective governance system requires that the persons who effectively run the business have the professional qualifications, knowledge and experience to exercise sound and prudent management (‘fit’) and are of good repute and integrity (‘proper’). These requirements also apply to the four key function holders. It is worth noting that, as further clarified in the revised Directive, they also apply to both IHCs and MFHCs. When outsourcing, groups must ensure they comply with all legal and regulatory obligations when using [continua ..]


7. The specific rules on group governance

In addition to the rules established at the individual level, which apply mutatis mutandis at the group level as mentioned above, the Directive establishes some rules that apply specifically at the group level. First, the Directive requires that the risk management and internal control systems and reporting procedures of (re)insurance groups be implemented “consistently” in all entities included in the scope of group supervision, so that these systems and reporting procedures can be controlled at the group level. This is particularly relevant for groups that are larger and operate with several subsidiaries. To be effective and efficient, these groups need to identify and build an appropriate structure and procedure for these functions at both the parent and subsidiary levels. Coordination between the legal insurance entity and group control functions is important to ensure the overall effectiveness of risk management systems and internal controls. Regardless of how the group control functions are organized and managed, i.e., with a more centralized or more decentralized approach, the result should provide an overall view of group-wide risks and how they are managed. Internal control mechanisms at the group level are necessary in particular to ensure that risks are adequately monitored and managed at the level of the insurance legal entity and on a group-wide basis, and that potential conflicts of interest arising from the group structure are adequately managed. In this regard, the Directive states that group internal control mechanisms must include at least the following: a)  adequate mechanisms as regards group solvency to identify and measure all material risks incurred and to appropriately relate eligible own funds to risks; b)  sound reporting and accounting procedures to monitor and manage the intra-group transactions and the risk concentration. The EIOPA Guidelines states that from a group risk management and governance perspective, the group and the group supervisor must consider the risks arising from all entities in the group, not just (re)insurance undertakings, and their interdependencies. In particular, the Guidelines address: –   reputational risk and risks arising from intra-group transactions and risk concentrations, including contagion risk, at the group level; –   interdependencies between risks stemming from conducting business through different entities and in [continua ..]


7.1. The management of conflicts of interest

As previously mentioned, a group can consist of multiple entities from various economic sectors, including but not limited to the financial sector, and located in different countries. Entities within a group may have conflicting interests due to activities that create mutual conflicts, intra-group transactions, and capital allocation. Conflicting interests may also arise between the parent company and its subsidiaries or among subsidiaries, such as in the allocation of business opportunities. Identifying, preventing, or managing divergent interests at the group level is crucial for good governance. The Directive does not address conflicts of interest that may arise between the parent company and its subsidiaries. However, it explicitly states that the group supervisor must monitor the risk of conflicts of interest when reviewing risk concentrations and intra-group transactions. Recital 93 of the Delegated Regulation states that “the system of governance of an insurance and reinsurance undertaking should be based on an appropriate and transparent allocation of oversight and management responsibilities to provide for an effective decision making, to prevent conflicts of interest and to ensure effective management of the undertaking”. The Delegated Regulation also states, as a general governance requirement, that (re)insurance undertakings shall ensure that effective processes and procedures are in place to prevent conflicts of interest, to identify potential sources of conflicts of interest and to ensure that those involved in the implementation of the undertaking’s strategies and policies understand where conflicts of interest may arise and how such conflicts should be managed. As already mentioned, EIOPA in its advice to the Commission identified this as one of the issues requiring further clarification. By following this advice, the revised Directive now includes the principle that conflicts of interest must be identified, prevented or managed at the group level and set out the key safeguards in this regard. Firstly, groups should establish a clear organisational structure with well-defined, transparent, and consistent lines of responsibility, as well as a segregation of duties within the group. In particular, where the persons who effectively run a (re)insurance group are responsible for other key functions are also the persons who effectively run one or more (re)insurance undertakings or other related undertakings or are [continua ..]


7.2. The group capital add-on for significant deviation from the governance standard

As mentioned earlier, supervisors can set up a capital add-on to the SCR of companies or groups in case of significant deviation from the governance standard. This highlights the direct link between Pillar I and Pillar II requirements. More specifically, the supervisory authority may impose a capital add-on if it concludes that the governance system of a (re)insurance undertaking or group deviates significantly from the standards set out in the Directive, that such deviations prevent it from being able to properly identify, measure, monitor, manage and report the risks to which it is or may be exposed, and that the application of other measures is unlikely to remedy the deficiencies sufficiently within a reasonable timeframe. [57] The objective of the capital add-on measure is to ensure that the regulatory capital requirements reflect the risk profile of the solo undertaking or of the insurance group. This is an exceptional measure in the sense that it should be used by the supervisors only as a measure of last resort, when other supervisory measures are ineffective or inappropriate. In addition, the supervisors must state the reasons of their decision and, for cross-border groups, the group supervisor must consult the other members of the colleges of supervisors. At group level, it is provided that the rules established at individual level by the Directive, the Delegated Regulation and the implementing technical standards apply mutatis mutandis. In addition, in determining whether the consolidated group SCR adequately reflects the risk profile of the group, the group supervisor should pay particular attention to all cases where: –   specific risk existing at group level would not be sufficiently covered by the standard formula or the internal model used, because difficult to quantify; –   a capital add-on to the SCR of the related (re)insurance undertakings is imposed by the supervisory authorities concerned. Guidelines on group solvency [58] clarify that if a governance capital add-on has been set on a related undertaking of a group, and that related undertaking is consolidated according to the accounting consolidation-based method, [59] the group supervisor should assess the significance of the deviation from the governance standards at the group level and should consider the need for imposing a capital add-on on the group SCR (bottom-up approach). From a top-down perspective, where a significant [continua ..]


7.3. Pillar 3 reporting requirements

With regard to the third pillar on supervisory reporting and public disclosure, (re)insurance companies and groups are required to provide detailed information on all material aspects of their business, including specific information on the governance system in place. The Articles of the Directive and Delegated Regulation on the content of the RSR and the SFCR further confirm the general approach that the rules applicable at the individual level apply at the group level mutatis mutandis. This means that the SFCR group report, like the companies’ SFCR, must include the following information on the governance system: –   the structure of the group AMSB, providing a description of its main roles and responsibilities and a brief description of the segregation of responsibilities within these bodies, in particular whether relevant committees exist within them, as well as a description of the main roles and responsibilities of key functions; –   any material changes in the system of governance that have taken place over the reporting period; –   information on the remuneration policy and practices for group AMSB and employees, including the principles of the policy and an explanation of the relative importance of fixed and variable components of remuneration. It should also include a description of the main characteristics of supplementary pension or early retirement schemes for group AMSB and other key function holders. Additionally, it should provide information about any material transactions during the reporting period with shareholders, persons who exercise significant influence on the undertaking, and group AMSB. In addition, the Delegated Regulation stipulates that the group SFCR must provide: –   a description of how the risk management and internal control systems and reporting procedures are implemented consistently in all the undertakings within the scope of group supervision; –   a statement that the parent undertaking has presented to the supervisor a single ORSA; [61] –   information on any material intra-group outsourcing arrangements. The group RSR, i.e. the report to be submitted by the parent undertaking to the group supervisor, must include, like the companies’ RSR, the following: –   information allowing the supervisory authorities to gain a good understanding of the system of governance within the group, [continua ..]


8. Remuneration policies and alignment of incentive structures

The Directive does not contain specific provisions on remuneration. However, some high-level principles that apply to all aspects of the governance system also cover remuneration. The Delegated Regulation includes specific requirements for the remuneration of insurance company staff, based on the following principles. [63] Firstly, (re)insurance companies and groups must adopt a written remuneration policy. It is important to note that the revised Directive explicitly includes the remuneration policy among the policies that must be written and periodically reviewed. The principles that the remuneration policy should comply with are: –   alignment between the remuneration policy and practices and the risk management strategy of the undertaking and its long-term business as well as inclusion of measures aimed at avoiding conflicts of interests; –   respect of the risk tolerance limits of the undertaking; –   consideration of the tasks and performance of the AMSB, persons who run the undertaking or have other key functions, or other categories of staff whose professional activities have a material impact on the undertaking’s risk profile; –   responsibility of the AMSB for the oversight of the remuneration policy’s implementation; –   need of an effective governance on remuneration; –   need of an independent remuneration committee to support the AMSB in the oversight, implementation and operation of the remuneration policies and practices, if appropriate, in relation to the significance of the undertaking (size and internal organisation); –   disclosure of the remuneration policy to all members of the staff. [64] The Delegated Regulation states that the remuneration policy should consider the internal organization of the (re)insurance as well as the nature, scale, and complexity of the risks associated with its business. Additionally, the policy should detail how sustainability risks are integrated into the risk management system. The EIOPA guidelines provide more specific guidance for groups. According to these guidelines, the parent undertaking should establish and apply a remuneration policy for the whole group. The policy should consider the complexity and structures of the group to establish, develop, and enforce a consistent policy in line with the group’s risk management strategies. It should apply to [continua ..]


9. The variable component of remuneration

The Delegated Regulation focuses on the variable component of remuneration, which is typically tied to the performance of the individual receiving payment. Variable remuneration that excessively rewards short-term profit and gives incentives to take risks that are not in line with the undertaking’s risk profile can undermine sound and effective risk management, exacerbate excessive risk-taking behaviour, and lead to potential conflicts of interest between the undertaking’s employees and the protection of policyholders. To tackle these issues, the general principle that the remuneration policy should take into account the role and performance of individuals who run the company or perform key functions is elaborated into more detailed principles: –   the need for a balance between fixed and variable components of remuneration schemes and for the fixed component to represent a sufficiently high proportion of total remuneration. The aim is to avoid excessive reliance on performance-related remuneration, which could artificially distort individual behaviour; –   in the case of performance-related variable remuneration, the principle of linking the total amount to the performance, not only of the individual, but also of his/her business unit and the overall result of the company or group; –   the need for a significant deferred element of variable remuneration to be linked to the medium and long-term performance of the company; –   consideration of both financial and non-financial criteria in the assessment of an individual’s performance; –   the inclusion of a downward adjustment for the exposure to current and future risks in the measurement of performance; –   relationship between termination payments and performance over the entire period of service, without rewarding failure; –   commitment by persons subject to the remuneration policy not to use hedging strategies or insurance that could undermine the risk alignment effects of their remuneration arrangements; –   independence of the variable part of the remuneration of staff in the four key functions from the performance of the units and areas under their control. In 2020, based on the consideration that these are high-level principles that leave considerable discretion to undertakings and supervisory authorities and that divergent practices have [continua ..]


9.1. EIOPA Opinion on the supervision of remuneration principles

The Opinion focuses on the most relevant and indeterminate principles of the Delegated Regulation and a narrower range of staff identified as potentially higher risk and provides benchmarks/thresholds for supervisors to consider during supervisory dialogue with insurance companies and groups. These benchmarks/thresholds should not be seen as hard targets, as highlighted by EIOPA. In this sense, supervisors may implement stricter rules and practices for the supervisory dialogue with insurers if deemed necessary based on a risk-based approach. Conversely, a more flexible approach may be taken for firms/groups considered ‘low risk’. The Opinion focuses on the specific principles of the Delegated Regulation listed below. Fixed and variable components have to be balanced Where remuneration schemes have fixed and variable components, the Opinion states that these should be balanced in such a way that employees do not become overly dependent on the variable components, as this could encourage behaviours that are not in line with the firm’s business and risk management strategy, jeopardise sound and prudent management and encourage risk-taking in order to maximise remuneration. EIOPA considers that, as a general rule, the ratio of fixed to variable remuneration should be 1:1 for identified staff receiving significant variable remuneration. If an undertaking exceeds the threshold of a 1:1 ratio for identified staff receiving significant variable remuneration, the supervisory authority should engage with the undertaking and investigate whether the remuneration policy is balanced with regard to the proportion of variable remuneration. A significant portion of the variable remuneration has to be deferred A deferral (of at least three years) of 40% of the variable remuneration constitutes a “substantial portion” of the variable remuneration. Supervisory authorities should use their supervisory judgement to consider the need for a deferral rate higher than 40% and/or a longer deferral period as part of their risk-based approach. When the deferral is lower than 40% supervisory authorities are recommended to engage with the undertakings to better understand the specific situation. The deferral should apply to all variable components, both linked to short term and long term performance horizons. If an individual’s fixed/variable ratio is greater than 1:1, the deferral should also be greater than 40%. Financial and non-financial [continua ..]


10. Final remarks

In the insurance sector, a sound governance system is essential for the protection of policyholders, to ensure a fair, safe and stable insurance industry and, consequently, to maintain the stability of the entire financial market. In this regard, both quantitative and qualitative requirements contribute to the same objectives and are closely linked and interconnected. A robust governance system for insurance groups should be based mutatis mutandis on the same principles that apply at the individual level. This is the basic assumption of international standards and the Solvency II regime: the group is a single entity from an economic point of view and must be managed and supervised accordingly. This concept applies to both quantitative and qualitative requirements. However, the application of the individual requirements at the group level requires further clarification, as insurance groups, particularly larger ones, are more complex than individual (re)insurance entities due to aspects such as cross-border and cross-sector activities, as well as potential conflicts of interest between the parent company and its subsidiaries or between subsidiaries. International and European frameworks provide rules and guidance on how to apply this holistic approach at the group level, taking into account the above-mentioned aspects, and identify key principles for sound governance of (re)insurance groups. In particular, they aim to identify the scope of the group relevant for the application of the governance rules, the entity responsible for their application and the specificities that become relevant at the group level in the application of individual rules. One of the key features that international and Solvency II frameworks identify as essential for (re)insurance groups is an appropriate and transparent structure that clearly assigns and appropriately segregates responsibilities. In particular, the ultimate responsibility for the implementation and monitoring of an efficient and adequate governance system lies with the AMSB of the parent undertaking, even if it is an insurance holding company or a mixed financial holding company. Furthermore, a governance system is defined by effective processes for identifying, managing, monitoring and reporting risks to which it is or may be exposed. These risks do not only arise from the group’s insurance companies, but also from those in other financial and non-financial sectors. At the same time, groups and [continua ..]


NOTE