ORSA Implementation Challenges

1 ORSA Implementation Challenges Christopher Crombie, FSA, FCIA AVP ERM & Financial Risk Management Standard Life Assurance Company of Canada To CIA Annual Meeting June 21, 2013

2 Context Our Own Risk and Solvency Assessment (ORSA) is being introduced in order to: Meet Solvency II requirements for European Business Units; Prepare our Group level ORSA; Adopt best practices being introduced in many jurisdictions including OSFI s required ORSA, expected in 2014.

3 Background on Solvency II (S2) S2 proposes: A market consistent balance sheet approach. Regulatory capital requirements closely aligned with the risks firms are running. Risk models genuinely used to help decision making and run the business. Affects all insurers operating within Europe. Other jurisdictions also affected through group solvency assessment. Development ongoing since 2010 in Canada. Involved in all aspects of development.

4 Significant Deliveries for S2 Standard Formula Basis under a new Balance Sheet. Ability to calculate regulatory capital requirements using a one size fits all basis. Internal Model Basis. Development of an internal model to calculate regulatory capital requirements. Economic Capital. Internal basis for assessing our capital needs and is based on an adjusted Solvency 2 internal model basis. Internal Model Approval Process (IMAP). A submission to the regulatory body must be made to seek approval to use an Internal Model. Own Risk Self Assessment (ORSA). A draft ORSA report was prepared in 2011. In 2012, the ORSA was presented to the Board.

5 Significant Deliveries for S2 Other considerations Building up the reporting framework to provide all required information for consolidation at Group level within the needed timeframe. Finalizing the methodology and assumptions for the internal model. Enhance our oversight and governance processes over the internal model. Documentation Significant requirements on the documentation aspects of the methodology and on the data standards.

ERM Framework & ORSA Process 6

ERM Framework and Own Risk and Solvency Assessment 7 System of Governance ERM Framework ORSA ORSA Internal Model

8 ORSA Process IDENTIFY Consider:- current business environment & future strategy. new products/projects. emerging risks. validation activity. List risks and causes on risk registers. ASSESS Assess significance of risk. Assess probability of risk occurring. Determine capital requirement. CONTROL Establish ownership. Identify method of control. Set up risk indicators e.g. Key Risk Metrics Define principles of risk management (via the Group Policy Framework). Determine procedures e.g. Control Self Assessment. MONITOR Collect data. Analyse. Ensure response process followed when controls breached. The ORSA Process comprises all the processes that exist within the ERM Framework for identifying, assessing, controlling and monitoring risks. The key processes are: The Strategy, Capital and Business Planning Process The Emerging Risk Process The Validation Activity and Validation Reporting Process The Risk and Profitability Reporting Process The Risk Appetite Setting and Monitoring Process Stress and Scenario Testing Programme Extreme Scenario Analysis The Liquidity Risk Management Process The Operational Risk Assessment Process The Identification of Risk Modules for the Internal Model Monthly MI Reporting and Monitoring Process Policy Compliance Process Control Self Assessment These processes run concurrently and often operate continuously throughout the year. All of these processes exist within the ERM Framework to identify, assess, monitor, manage and report risks.

9 Identify Risks included in the Internal Model The Internal Model must reflect the risk profile of the company and cover all material risks. A risk should be considered material if its exclusion leads to a decision choice that would be considered inappropriate had the risk been included. Available historic data is used to assess materiality. Significant judgement is required for certain risks. For certain risk modules or factors, qualitative techniques and expert judgement will be used.

Assess 10

45.0% Loss 40.0% 35.0% 30.0% 25.0% 20.0% 15.0% 10.0% 5.0% 0.0% 45.0% 40.0% 35.0% 30.0% 25.0% 20.0% 15.0% 10.0% 5.0% 0.0% -1-0.9-1.0-0.8-0.9-0.7-0.8-0.6-0.7-0.5-0.6-0.4-0.5-0.3-0.4-0.2-0.3-0.1-0.2 0-0.1 0.1 0.0 0.2 0.1 0.3 0.2 0.4 0.3 0.5 0.4 0.6 0.5 0.7 0.6 0.8 0.7 0.9 0.8 1 0.9 1.0 11 Key Assumptions Risk distributions Key assumptions Choice of distribution, parameterisation Chosen and calibrated with reference to historical data and expert judgement. Distributions are a simplified model of the real world, and the available data rarely suggests a particular distribution. Expert judgement is used to match the characteristics of a distribution to a risk. Management actions Management actions mitigate the effect of extreme events on the company s capital Modelled management actions: Changes to investment mix Changes to deductions for the cost of guarantees The level of smoothing Functions and Interactions Key assumptions Loss function structure, parameterisation Chosen and calibrated based on the behaviour of assets/liabilities as risk events change. The loss function structure can be a straight line, a curve or even stepped to reflect the impact of hedges. Dependencies Key assumptions Choice of copula, parameterisation The strength of correlation between variables is a key driver of diversification benefit, and is an important area of expert judgement. Modelled using a mathematical function called a copula. Although the strength of relationships can change under stress the choice of copula is less important than the choice of correlation strength, and more complicated copulas would significantly reduce the transparency of the model. 1500 1000 500 0-500 -1000 800 600 400 200 0-200 -400-600 -800 Risk factor 1 Risk factor 2

12 Key benefits of an Internal Model Capital requirements are driven by the real risks Decisions which are beneficial from a risk perspective can reduce regulatory capital requirements (e.g. using reinsurance or hedging) A Standard Formula will not necessarily reflect the risk profile of the company. Risk and capital management is at the heart of decision-making Outputs from the Internal Model play an integral role in operational decision-making. Reputation Seen as an indicator of the strength of a firm s risk management capability under Solvency 2.

13 Control: Self assessment tests 1. Use Test Internal model adequately reflects the nature and scale of the business Management can demonstrate understanding of the internal model Outputs from the Internal Model play an integral role in key strategic and operational decision making Internal model integrated with risk management 2. Statistical quality / 3. Calibration standards Model based on appropriate actuarial/statistical techniques Model results are transparent, stable and reflect the company s risk profile Model assumptions are documented, credible and transparent Data complete, accurate and appropriate Cover all material risks and provide ability to judge and prioritise risks Appropriate allowance for diversification/management actions

14 Control: Self assessment tests 4. Profit and loss attribution Perform an analysis to allocate actual profit and loss arising to major business units and risk categories Validates that the model covers all material risks observed Supports validation that risk exposures are correctly calibrated Informs on updates to the model 5. Validation standards Validation must be independent from development and operation of model Some validation tools are specified including stress and scenario analysis and reverse stress testing Full validation required at least annually

15 Control: Self assessment tests 6. Documentation standards Results in principle reproducible using inputs/documentation Documentation held in an inventory Documentation appropriately structured and detailed Documentation complete and up to date Proper change control Document limitations of the model/risks not included

16 Monitor: The ORSA report The ORSA Report is a key requirement of the Solvency 2 Regulations Purpose of the ORSA Report is to document: The current risks to the business; Our assessment of our current solvency and own funds; and, A forward-looking assessment of the risks and solvency needs in light of the business strategy. The report enhances an ERM Framework, bringing information on the framework and risk exposures into a single document. The report is presented to senior management and the Board, allowing a holistic view to be taken and sets out the relationship between risk and capital.

17 Monitor: The ORSA report The full ORSA report has been set out in 4 primary sections as follows: Section A sets out the purpose of the report and provides a summary of the Canadian business. Section B provides a comprehensive description of our System of Governance and ERM Framework. Section C provides an overview of the key risk exposures, setting out the nature and sources of these risks in an accessible and understandable manner. Section D provides a detailed capital solvency assessment.

18 Conclusion Development of an ORSA is an iterative process Most insurers have an established ERM framework which includes modelling risks and capital. You should build on what you have unless completely inadequate (long process). Complexity of the modelling should not be underestimated. Documentation is one of the biggest elements Need to justify and provide evidence for all assumptions and methodology. Need to document all of the ERM Framework Need to have 2 nd line validation and proper control environment. Not just a calculation or reporting exercise Expected that the results be used to manage the business. Training is a key element. Regulations have still to be finalised Solvency 2 has not yet been adopted. OSFI s guidelines are still in draft form.

Questions? 19