Perspectives. Outsourcing and its supervision. for IORPs

Transcription

1 Perspectives Outsourcing and its supervision for IORPs

2 As outlined in IORP Review a shift of focus, this series of publications considers aspects of the IORP Directive review other than capital adequacy requirements. There has been little consideration of these other issues. Rather, there has been a casual acceptance that a new IORP Directive based on these would be an acceptable compromise for an absence of capital requirements. We do not believe that this is a sensible approach. In this document, we consider the advice that the European Insurance and Occupational Pensions Authority (EIOPA) provided to the European Commission on the outsourcing of functions or activities by IORPs. We also cover EIOPA s advice on how outsourcing is supervised. Background Outsourcing The existing IORP Directive provides 1 for Member States to allow, or require, IORPs to outsource functions and activities. In particular, the Directive contains explicit provisions 2 such that IORPs cannot be restricted to using purely domestic providers for the management of investments and custodianship. For these functions, the Directive fulfils its internal market aim by requiring that Member States must permit IORPs to use suitably authorised providers based anywhere in the EEA. EIOPA considers that some of the provision on outsourcing from the Solvency II Directive is worth incorporating within a revised IORP Directive. 1. Member States shall ensure that [insurers] remain fully responsible for discharging all of their obligations under this Directive when they outsource functions or activities. 2. Outsourcing of critical or important operational functions or activities shall not be undertaken in such a way as to lead to any of the following: (a) materially impairing the quality of the system of governance (b) unduly increasing the operational risk (c) impairing the ability of the supervisory authorities to monitor the compliance of the [insurer s] obligations (d) undermining continuous and satisfactory service to policy holders. 3. [Insurers] shall, in a timely manner, notify the supervisory authorities prior to the outsourcing of critical or important functions or activities as well as of any subsequent material developments In 2008, EIOPA s predecessor, the Committee of European Insurance and Occupational Pensions Supervisors (CEIOPS), published a report 3 on outsourcing by IORPs across Europe. An edited version of article 49 of the Solvency II Directive is given below. 2 Outsourcing and its supervision for IORPs

3 The conclusions of that report include: i. In the majority of Member States the IORP remains ultimately responsible for whatever function or activity is outsourced. ii. Almost all Member States require outsourcing to be subject to a written agreement; half of whom require approval by, or notifi cation to, supervisors. iii. In a small number of Member States, IORPs cannot outsource the majority of their functions and activities. In most, however, only a few core functions cannot be outsourced others can, or must, be outsourced. iv. Some Member States restrict outsourcing to providers located in the EEA. v. Outsourcing is often subject to specifi c limitations. a. Certain functions are able to be outsourced only to providers that are themselves subject to prudential supervision (almost half of EU Member States permit outsourcing of activities to other IORPs). b. In advance of outsourcing, the IORP must verify the competence of the provider and establish that it is fi nancially sound. c. Outsourcing must not impair the IORP s own systems and controls. In some Member States outsourcing is mandatory in relation to some functions for example, in relation to investment to ensure that it is carried out by professional managers. Supervision The existing IORP Directive contains an explicit provision 4 that Member States must ensure that regulators have the necessary powers and means to supervise outsourcing relationships. However, EIOPA considers that the revised Directive should be clarified by aligning it with the provisions of article 38 of the Solvency II Directive an edited version of which is shown below. 1. Member States shall ensure that [insurers] which outsource a function or an activity take the necessary steps to ensure that the following conditions are satisfied: (a) the service provider must cooperate with the supervisory authorities in connection with the outsourced function or activity (b) the [insurer], their auditors and the supervisory authorities must have effective access to data related to the outsourced functions or activities (c) the supervisory authorities must have effective access to the business premises of the service provider and must be able to exercise those rights of access. 2. The Member State where the service provider is located shall permit the supervisory authorities to carry out on-site inspections at the premises of the service provider. The supervisory authority shall inform the appropriate authority of the Member State of the service provider prior to conducting the on-site inspection. In the case of a non-supervised entity the appropriate authority shall be the supervisory authority. The supervisory authorities of the Member State of the [insurer] may delegate such on-site inspections to the supervisory authorities of the Member State where the service provider is located. Outsourcing and its supervision for IORPs 3

4 EIOPA s advice, again informed by the CEIOPS report on outsourcing (see footnote 3), addresses several specific issues 1. Cross-border supervision of outsourcing 2. Chain outsourcing and 3. The location of the main administration of an IORP. The last of these being important in determining which Member State s regulator takes the lead supervisory role. We consider each of these in the EIOPA advice section on supervision below. EIOPA s advice Outsourcing EIOPA considers that the principles of article 49 are broadly appropriate for IORPs but recommends that they should be drafted in a positive way rather than the negative way [under] Solvency II. For example, outsourcing should be carried out in a way that ensures that the quality of the system of governance remain[s] intact compared with article 49(2) as shown in the box above. EIOPA suggests that these could be specified and regulated at Level 2 that is through implementing measures. In addition, EIOPA considers that some elements of the existing IORP Directive should be incorporated into a revised IORP Directive. These are: Article 9(4), providing that Member States should be able to permit or require outsourcing. An explicit provision that the IORP retains ultimate responsibility for the delegated function or activity the IORP should therefore ensure the proper functioning of the outsourced activities through the selection process and ongoing monitoring. Outsourcing of investment management and custodianship must, as now, be permitted to any appropriately authorised provider in the EEA. IORPs should have a legally enforceable written agreement with the provider. Member States should retain the power to prohibit outsourcing of certain functions or activities. EIOPA suggests that Level 2 implementing measures could also set out the minimum contents of a formal written outsourcing agreement. Moreover, it states that it could be useful to provide that fiduciary duties are extended to the provider of the outsourced services. Supervision As mentioned in the background section, EIOPA s advice addresses the specific areas of cross-border supervision, chain outsourcing and the location of the main administration of an IORP. Cross-border supervision EIOPA supports the use of the material elements of Article 38(2) suggesting that this could provide specific rules how to proceed with on-site inspection when the service provider is located in another Member State. However, it notes that this would not cover the situation where outsourcing is to a non-eea country and suggests that development of an appropriate procedure and requirements could be fleshed out through Level 2 implementing measures. These might require the IORP to ensure that the supervisor has access to the premises of the service provider, and that this would be enshrined in the contract between the IORP and the service provider. In addition, EIOPA suggests that Member States might also require prior notification of such a contract where an IORP outsources to a non-eea based provider. Chain outsourcing The 2008 CEIOPS report confirms wide differences between Member States on whether they permit a service provider to sub-contract a function or activity outsourced by an IORP and, if so, what conditions have to be met. EIOPA is keen that supervisors have the same powers, in relation to the ultimate service provider, when an outsourced function is sub-contracted. It suggests the requirements could again be addressed in Level 2 measures. Location of the main administration Supervisory oversight of an IORP is the responsibility of the Home State. The IORP Directive currently states that the Home State is the country in which the IORP has its main administration. However, there is no definition of main administration and the 2008 CEIOPS report shows that different countries treat this in different ways. Different EU Directives (UCITS IV 5, CRD 6 and Solvency II 7 ) define the Home State in different ways being, respectively, the country in which the: Institution s registered office is located. Credit institution is authorised. Head office of the insurer or the risk/commitment is situated. EIOPA considers it most appropriate that an IORP s Home State should be the country in which the IORP has been authorised or registered. It goes further by suggesting that there should be a requirement that the main administration of the IORP should be in the Home State and that the term place of main administration might also refer to the place where the main strategic decisions of the IORP s executive body are made. 4 Outsourcing and its supervision for IORPs

5 What does it all mean? EIOPA appears to consider that the changes to the outsourcing requirements could potentially increase the administrative burden and therefore costs for IORPs. In relation to the measures on supervising outsourced functions, EIOPA states that its proposed changes would increase administrative burdens faced by IORPs and supervisors in those countries where the level of supervisory powers is currently below the proposed level and adds that the impact could significantly increase if the principle of proportionality were not appropriately applied. Contracts between those running IORPs and their service providers will need to be reviewed in the light of the measures that will be provided at Level 2. Further information For further information, please contact your Towers Watson consultant, or Dave Roberts Mark Dowsey Paul Kelly Whilst all the consequences that would flow from service providers having a fiduciary duty are not clear, we have concern that this could lead to conflict and impasse. In our opinion, it would be preferable to have a single fiduciary, with contract law covering other relationships. 1 Article 9(4) 2003/41/EC 2 Article /41/EC 3 leadmin/tx_dam/fi les/ publications/reports/report-on-outsourcing-by-iorps.pdf 4 Article 13(b) 2003/41/EC 5 Directive 2009/65/EC on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities 6 Directives 2009/76/EC, 2006/48/EC and 2006/49/EC currently being reviewed under the CRD IV proposals (Capital Requirements Directives) 7 Directive 2009/138/EC on the taking-up and pursuit of the business of Insurance and Reinsurance Outsourcing and its supervision for IORPs 5

6 About Towers Watson Towers Watson is a leading global professional services company that helps organisations improve performance through effective people, risk and financial management. With 14,000 associates around the world, we offer solutions in the areas of benefits, talent management, rewards, and risk and capital management. Towers Watson is represented in the UK by Towers Watson Limited and Towers Watson Capital Markets Limited. The information in this publication is of general interest and guidance. Action should not be taken on the basis of any article without seeking specific advice. To unsubscribe, eu.unsubscribe@ with the publication name as the subject and include your name, title and company address. Copyright 2013 Towers Watson. All rights reserved. TW-EU July 2013.