Practical thoughts about the ORSA

32px-Flag_of_FranceThe ORSA remains a unique challenge for Solvency II, and arguably the Directive’s most important component. The requirement to assess all risks on an on-going and forward-looking basis is turning out to be more demanding than initially anticipated.

Many believe that the Directive text on the ORSA is the only part of Solvency II that is truly principles-based. Add to that the fact that no two ORSAs should be the same (remember the mantra: the ‘O’ in ORSA stands for ‘Own’) and it soon becomes clear why getting the ORSA right is proving so elusive.

In December 2014 a group of experts from the Association of Mutual Insurers and Insurance Cooperatives in Europe (AMICE)* came together to share some practical steps, and tackle some unresolved challenges, in the design and implementation of their ORSA.

Risk appetite: start here

The starting point for the ORSA should be defining your risk appetite, according to Mathieu Filippo, Senior Manager Prudential Supervision at the Dutch mutual Achmea. In plain terms risk appetite can be defined as the maximum risk an insurer is willing to take; it should include both financial and non-financial risks.

Practical thoughts about the ORSA 2Achmea uses a series of concise risk appetite statements to define the organisation’s risk appetite across the various areas of the business. These include statements such as: “We want to have a capital buffer of ‘X’ million euros above SCR,” for capital risk; or “We want to have a buffer of 30 days before using letters of credit,” for liquidity risk.

To describe the non-financial risk appetite, they use statements such as: “Products are transparent and provide solutions for our policyholders,” in relation to quality of products, for example. Similar statements are used to define customer engagement: ”We are relevant in society and take our responsibility.”

Mr Filippo explained the importance of making the statements clear and simple so they can be understood by the rest of the business. “Statements have to be very unambiguous,” he said, “Everybody has to understand the statements because they have to be cascaded downwards to the business level and department level.”

Adopt a multi-polar strategy

Throughout the process of design and implementation of the ORSA it is helpful to keep in mind just how new the concept is to both internal and external stakeholders.

Virginie Le Mée, Chief Risk Officer at the French mutual MACSF was keen to stress that throughout the organisation’s development of the Solvency II programme and the ORSA they had to constantly remind all involved how much was changing.

“Ten years ago we talked about technical provisions and we only used determinist models. We now use stochastic models so that in fact there is a quantum leap in our skills and in our practices,” she told delegates. The change also required the adoption of new tools for implementing the ORSA.

In implementing the ORSA, MACSF employed a multi-polar strategy. Ms Le Mée explained that the first step was to define the organisation’s goals and then define the strategy and the steps needed to attain those goals. This was followed by assessing the risks and constraints that might prevent the organisation from attaining the goals. Finally the right governance and tools had to be put in place to drive and monitor the entire process.

Ms Le Mée also stressed the importance of communication to all stakeholders throughout the process. “We had to be able to communicate inside and outside the company about our strategy, our plans and how to get the entire organisation to buy in. We have now got an infrastructure policy with tools that are very different from what they used to be: now, we have a unique source of data, we can project the data on a real-world universe and on a risk-neutral probabilities universe. It means we are able to project a balance sheet under different types of risks and also to understand how risks could weaken the capital of the company.”

Beware the second impact of stresses

An integral part of the ORSA, and one which regulators will likely scrutinise in detail, is stress testing and planned management action in response to those stresses. Alina vom Bruck, Risk Manager at the German mutual Gothaer, raised two points to consider when choosing and designing scenarios for stress testing the resilience of the business.

Practical thoughts about the ORSA 1First, the scenarios must be severe but plausible. “If you have a stress test that is very severe but the management doesn’t believe that it will occur, there will be no measures taken against it and it will just be a calculation exercise,” Ms vom Bruck, said. The stress test must be one that both the risk function and management believe could happen in the future, or it could be based on historical experience, such as severe market movements.

Once you have selected the appropriate stress tests you should consider the second-order effect of those stresses.

Ms vom Bruck pointed out that while an undertaking can often survive the first-order effect, second-order effects often last longer and have a bigger impact. For example, an initial interest rate change could be managed, while managing a prolonged change could be more difficult.

The ORSA report

There is an interactive and dynamic relationship between the ORSA process and the ORSA report. While the report should reflect the outcomes of the ORSA it is inevitable that part of the process can be guided by the structure of the report.

The Danish association, Gensidig Forsikring, has put together a risk report that was originally used for local regulatory requirements but can be adapted to the ORSA report. Susan Lund, Secretary General, Gensidig Forsikring, explained that the report gathers all existing information and can be used for the ORSA report. “It is a way to make it easier for the Board to decide and to keep the total view of what they are responsible for. So it is a way to analyse and to structure existing information.”

The report covers areas such as the business model, the organisation’s risk universe, differences between risk assessment and solvency requirement, sensitivity analysis and stress testing, and the relationship between risk, capital and capital contingency plan.

Mireille Aubry, Solvency II Standards Officer at the French mutual Covéa, who moderated the session, noted that based on the recent experience in France, regulators will want a concise report focused on results and not a repeat of the Regular Supervisory Report (RSR). Ms Aubry echoed feedback from the ACPR, the French regulator, about the ORSA exercise conducted last September.

Romain Paserot, Director of Insurance Supervision and Solvency II project manager, ACPR, told delegates that the balance between the technical information and strategic overview was still not quite right in the reports delivered last year. While there was much to be positive about in the 400 or so ORSA reports submitted during the exercise the regulator noted that some ORSAs appeared to have been written too much as a compliance exercise with insufficient information about future actions and improvements to be implemented.

Other areas where the ACPR noted more work was needed included the requirement to assess the overall solvency needs beyond the SCR. And in some cases, all available information was not used. For example, results of ALM studies and the design of the reinsurance cover.

ORSA and sovereign debt

The discussion was rounded off with an exchange on some practical implementation matters. The moderator raised a question about the treatment of European sovereign debt in the ORSA. The decision to allocate a zero per cent capital charge to this asset class in Solvency II has long been an area of controversy. As implementation draws closer, and given that sovereign debt is a staple of insurers’ investment portfolio, they must find a practical solution for the discrepancy between regulatory requirement and economic reality.

Ms Aubry said the concern was less about sovereign default risk and more about managing the spread risk of the bonds. She asked participants how they managed this, and whether they considered including a spread risk on sovereigns in the ORSA to be a significant deviation from the Standard Formula?

In an, at times, intense dialogue that included members of the audience, participants explored a number of solutions that they were either using or considering. Some said they would include government bonds in the spread risk in the ORSA and probably use reduced stress parameters. But at this stage they had not decided on the parameters.

Another option was to use stochastic modelling to model the spread risk in the same way other risk factors, such as inflation, interest rates, and growth rate, were modelled.

It was also suggested that the spread on different sovereigns would be monitored but without allocating capital against the spread. Instead a plan was in place to diversify or divest out of that particular sovereign if spread widened beyond the organisation’s risk tolerance.

The question whether any of these strategies would be considered a significant deviation from the Standard Formula was left unanswered. Although it was noted that it was never the intention for all insurers to deviate from the Standard Formula. It was evident this was an issue of concern that was only now beginning to materialise, as the ORSA was becoming more prominent in firms’ Solvency II work.

ORSA challenges

Mutuals face a number of challenges that are specific but not necessarily unique to the sector. The majority of mutual insures are small local undertakings and Solvency II implementation clearly favours larger undertakings that can benefit from economies of scale, especially in areas such as reporting, where new investment is needed.

Mutuals can also have different management structures (other than the traditional single board) and by virtue of their size have one individual performing more than a single key function – a practice discouraged in Solvency II.

To be sure, proportionality and materiality will come into play here. But in ORSA mutuals face the same challenges as commercial insurers: how to design and integrate risk management with capital requirements into a process that is used for running the business.

Solvency II, time for implementation! AMICE seminar, 5 December 2014, Paris

For the latest regulatory updates check out the Solvency II Regulatory Updates Feed.

To subscribe to the Solvency II Wire mailing list for free click here.

Practical thoughts about the ORSA 3

Related posts:

  2 comments for “Practical thoughts about the ORSA

  1. Catalin Lungu
    March 27, 2015 at 11:22

    All personal view:
    Quote “risk appetite[…] should include both financial and non-financial risks” – this statement speaks for itself. Sadly, in my opinion, the prospective assesment is limited to material quantifable risks (capital requirements) and statements and internal measures, for the non-quantifiable ones or the less material.
    Quote “[…]now, we have a unique source of data, we can project the data on a real-world universe and on a risk-neutral probabilities universe. It means we are able to project a balance sheet under different types of risks and also to understand how risks could weaken the capital of the company.” What could have prevented us to apply this before?Many elements both from the assets side and also liability’s were or are calculated from my humble knowledge taking into account their current market value in the case of assets or present value of future obligations in the case of liabilities, and this on current solvency regime. Current risk management reports could have been drafted taken into account the forward loooking view aswell.
    Quote “The report covers areas such as […] differences between risk assessment and solvency requirement” – I just wonder myself, those differences consisted both in explanation text and also figures?
    Quote “the requirement to assess the overall solvency needs beyond the SCR” – the sine qua non condition of ORSA, in my opinion. Issue: can “all the available information” be identified/observed with ease?
    About ORSA and sovereign risk: modelling some risk categories in the ORSA is a good plan, that’s what ORSA stands for in my view (step one). Step two: ammend your (partial) internal model or apply for one, if material for the undertaking’s business. I’m not an actuary but from what I know, since sovereigns’ spread is also already taken into account in the SF, a good debate could be initiated on how to provide a good modelling methodology on those. How can sovereigns be monitored (undertaking exposure) without allocating capital against the spread?
    Bottom line, and I quote “how to design and integrate risk management with capital requirements into a process that is used for running the business” – THE challenge of ORSA, in my opinion.

  2. Catalin Lungu
    April 24, 2015 at 19:36

    Just to add a few lines,some personal input,
    In my opinion, one of the major downsides from at least the preparatory phase’ perspective is the lack of transparency, in terms of supporting legislation’s comparability: preparatory legislation applicable in the member states, that should have been disclosed to all the stakeholders.
    Simply put, in my humble opinion, this could have been easily overcome by the simple means of a high level decision as to have a table published including the web links for the english versions (or local if not available in english) of all preparatory legislation (level 3 local transpositions and beyond, like specific national procedures/add-on decisions, for ex) at the national level broken down by member state, on an european’s authority’s website, let’s say – just my thought! repet, my opinion! should be assessed if feasible!.
    This way, stakeholders like the industry or the supervisory authorities in the EU area could have had a better picture of all the local processes by the way of local implementations’s particularities, could have much better assessed all the issues and could have easily overcome some milestones. Maybe not all, but at least, they could have gathered this way wider views and overall, this could have been material for their business conduct.
    To be more specific, for exemple, I would have liked to assess if a member state, an EU member state, let’s say, had already decided at its supervisory authority’s level to require the mandatory preparatory QRTs in the xbrl format using EIOPA’s published taxonomy, from the supervised entities. And I can go on and on.
    For all this assesments I would have needed to have a quicker access to other’s members supporting legislation. Why? I am not that smart, I don’t know where to look for so I really need some guidance.
    In this respect, considering the text above, and I deeply apologize for the wide offtopic, we can apply the Pillar 3 exemples mutatis mutandis to Pillar 2’s issues or Pillar 1’s. Just to get back to topic, we all know ORSA legal framework is rather twisted, requires alot of debate, deep low level discussions, undertaking’s – regulator’s high level meetings, and also deep legal text assesment, alot of sides involved so it would be great for us to have a picture EU wide before all this.
    After all, in the end, all comes down to the supporting legislation and the legal requirements and sharing of intel/disclosure is a good think especially during major shifts in supervisory’s approach. Harmonisation at the EU level starts, in my opinion, with disclosure.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 + 1 =