‘The next 18 months will be critical for those firms intending to follow the internal model route,’ said the UK Financial Services Authority (FSA) in its IMAP update of February 2010.[1] However, as we reported in an earlier article in the Countdown series,[2] many insurers are finding it hard to set clear priorities and achievable plans for their IMAP in the face of continuing uncertainty over regulatory expectations and difficulties in engaging their organisations.
One of the biggest headaches is the use test, under which companies will need to convince regulators that senior management understands, trusts and takes appropriate account of model outputs within its key decisions. A survey of 80 of the insurers that have signed up for the FSA’s IMAP pre-application programme found that the use test ranks alongside validation as the area where firms believe they are furthest from meeting the required standard (see Figure 1).
Figure 2 outlines the key hurdles to be overcome. Principle one is proving especially difficult. Many boards and business teams may be unfamiliar with the nature, implications and, not least, limitations of the risk and capital evaluations that they will need to build into their strategy and business planning. A particular issue is how to match training and education to the specific needs and responsibilities of different levels of management and roles within the company. Principle eight is also proving challenging as it demands a level of data and analytical consistency that is lacking within many organisations. More broadly, a risk-based approach to strategic and performance assessment, along with the weight of documentation needed to verify it, may demand a significant cultural shift within many companies.
1 UK Financial Services Authority ‘Solvency II – IMAP update February 2010 – towards pre-application | 2 Countdown to Solvency II article - Model approval: Preparing a convincing case. To read this article go to www.pwc.com/solvencyII.
In our view, the main reason why firms are finding it so difficult to overcome these challenges is that they are actually concentrating too closely on the regulatory aspects of how to demonstrate that the model is appropriately used. A more effective approach would focus on the development of risk and capital evaluation capabilities that can help to make the business safer, nimbler and more consistently profitable – in short, a model that boards and business teams will want to use. In addition to the evident business benefits, the ability to meet the use test will naturally flow from model outputs that are valued within the organisation and embedded into decision-making. As Figure 2 highlights, the ultimate aim is a model that is sufficiently material to the running of the business that management has a direct stake in its development and improvement.
So how can insurers embed their models? A good starting point is to map the core processes that drive the business and then judge how and when to integrate the model into these existing structures. To ensure the outputs are fit for purpose it is important to find out what kind of information particular users would find most valuable, in what format and how frequently.
The development of a clearly articulated risk appetite will provide a valuable bridge between the model and business decisions by creating benchmarks against which senior management can judge the firm’s risk profile and risk-based performance.
The advantages include a more informed basis for capital allocation, gauging risk diversification benefits and setting triggers for action and escalation (see Figure 3). The ability to cascade the overall group risk appetite down to business unit level will enable firms to set tangible risk thresholds on the ground and develop strategies and processes for monitoring and managing risk within these parameters. Summaries such as dashboards can help to make the information more accessible for non-risk professionals. However, management should also be able to drill down to more detailed analysis where risk ‘alerts’ and key strategic decisions such as M%26A make it necessary.
The Own Risk and Solvency Assessment (ORSA) can also help to link the model with key decision-making processes by requiring organisations to judge the validity of their risk assessments and focusing management attention on risk. With the ORSA providing the bedrock for model approval, firms should ideally have it up and running already and certainly no later than 2011. As we will examine in a future article in this series, the benefits include a consistent and compelling basis to communicate with investors and rating agencies, as well as regulators.
Once the model has taken root within the organisation, it will be far easier to meet the use test without creating an additional layer of compliance monitoring and control. Regulators will still require a considerable amount of verification and documentation. However, much of this can and should already be embedded into business as usual. For example, firms should re-examine existing committee minutes to ensure these record discussions about risk and the way the model has been considered; how members agreed to act upon the discussions and how the decisions were communicated and enacted within the company. Building risk-based metrics into performance appraisal and rewards can provide greater impetus for risk understanding and a visible indicator that risk awareness permeates the culture of the business.
If management doesn’t buy in to the model – the regulator won’t. Developing a model that works for the business is the surest way to ensure it is trusted and valued by management. Building on these foundations, firms can then think about how to assemble the evidence needed to demonstrate use test compliance. With key IMAP deadlines looming, early attention to the application of a clear risk appetite and effective ORSA process will provide useful bridges for the organisational ntegration of their model. Early engagement with boards and business can also help to address the cultural challenges created by a shake-up in the way the business is run and value is judged.
© 2010 PricewaterhouseCoopers. All rights reserved.
PricewaterhouseCoopers refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.