Page 160 - CFPA-SCR-Award in General Insurance W01_2018-19_Neat
P. 160
10/8 W01/March 2018 Award in General Insurance
The risk tolerance levels should be based on the insurer’s strategy and be actively applied within its risk
management framework and policy.
C1D Risk responsiveness and feedback loop
Risk management should be responsive to change so the framework should incorporate a feedback
The insurer’s risk
management should loop, based on appropriate and good quality information management processes and objective
be responsive to assessment, which enables the insurer to take necessary action in a timely manner in response to
change.
changes in its risk profile.
C1E Own risk and solvency assessment (ORSA)
An insurer should regularly perform its own risk and solvency assessment (ORSA) to provide the board
and senior management with an assessment of the adequacy of its risk management and current, and
likely future, solvency position.
The ORSA should encompass all reasonably foreseeable and relevant material risks including, as a
minimum, underwriting, credit, market, operational and liquidity risks. The assessment should identify
the relationship between risk management and the level and quality of financial resources needed.
C1F Economic and regulatory capital
As part of its ORSA an insurer should determine the overall financial resources it needs to manage its
business given its own risk tolerance and business plans, and to demonstrate that supervisory
requirements are met.
The insurer’s risk management actions should be based on consideration of its economic capital,
regulatory capital requirements and financial resources.
C1G Continuity analysis
An insurer should also, as part of its ORSA, analyse its ability to continue in business and the risk
management required to do so over a longer time horizon than typically used to determine regulatory
capital requirements.
Such continuity analysis should address a combination of quantitative and qualitative elements in the
medium-and longer-term strategy and include projections of the insurer’s future financial position and
modelling of its ability to meet future regulatory capital requirements.
C1H Role of supervision in risk management
The regulator should undertake reviews of an insurer’s risk management processes and its financial
position. The supervisor should use its powers to strengthen risk management including solvency
assessment and capital management processes, where necessary.
Question 10.1
Briefly describe what risk management is and how it affects the longer-term business goals and strategies of an
organisation.
C2 Role of compliance and audit
Compliance and audit serve two very important, but different roles in the risk management framework.
The compliance function is to ensure that a firm is complying with all applicable laws, regulations, codes
of conduct, company policies, and standards of good practice. A key role of the internal audit function is
to monitor and evaluate the firm’s adequacy, implementation, and performance with respect to risk
controls within all aspects of the firm’s businesses. One of these control functions is compliance, which
should be subject to independent audits as are all other aspects of a firm’s risk management and
10 internal controls activities.
Chapter There are numerous examples of weak controls and compliance breaches that have destroyed large,
seemingly unassailable institutions. One particularly high profile case was the 1995 collapse of Barings
Bank, in which the illegal trading activities of Nick Leeson led to losses of $1.3 billion; this was the
world’s second oldest merchant bank founded more than 200 years earlier in 1762.
