Come 2015, insurers will need to file Own Risk and Solvency Assessment (ORSA) Summary Reports, and the National Association of Insurance Commissioners (NAIC) is taking pains to prepare insurers by providing specific feedback and guidelines well in advance to the 2015 deadlines. A new report from Deloitte relates best practices as well as results from an ORSA pilot program conducted by the NAIC in a new report, titled “The Own Risk and Solvency Assessment: A regulatory guidepost to the future.”
ORSA will represent a major step in solvency regulation modernization as outlined by the International Association of Insurance Supervisors (IAIS), which ostensibly assigned these reports to insurers with the governance of ERM in Insurance Core Principle 16. The report paraphrases Pennsylvania Deputy Insurance Commissioner Steve Johnson as saying this may well be considered one of the most significant events in insurance regulation in general, and ERM in particular, in recent decades.
To help prepare insurers for what regulators are describing as a watershed moment, the NAIC created the ORSA Feedback Pilot Project, for which 13 undisclosed insurers voluntarily submitted a summary report by June 30, 2012, allowing regulators to review the process and begin providing some high-level, non-group-specific feedback to the industry.
The length of submitted reports varied widely, according to the report, from 10 to 100 pages. Of the 13 participants, only eight submitted reports considered complete by regulators; of those eight, five had data redacted—leaving only three with complete datasets.
“Companies should be doing this now, not 2015. You need to start now and you need to have your board engaged. We saw what somebody who really takes this seriously has done,” said Johnson. “Get started now.”
Regulators suggested the following:
• A detailed explanation of the company’s risk limits, including key risks and materiality
• Single and combined stress test scenarios
• Descriptions of how capital models were calculated
• Graphical comparisons of capital models
• Heat maps of risks
• Stress testing on liquidity distress in life insurance
• Emerging risks for prospective risk areas
The NAIC’s pilot program is expected to be repeated in 2013.
The report also outlines the three sections every insurer should be preparing to include. First, a description of the company’s risk management framework—including risk culture and governance; risk identification and prioritization; risk appetite, tolerances and limits; risk management and controls; and risk reporting and communication.
Second, qualitative and/or quantitative assessments of risk exposures in both normal and stressed environments for each material risk category. In essence, what are your risks and how do you measure them.
Lastly, the summary report should include an analysis of the solvency position and capital adequacy for a given company’s group. According to the report, this should include comparing a company’s risk profile with capital requirements, and additionally, plans to resolve any deficiencies with prospective solvency assessments in mind.
The report encourages insurers to look ahead and align the quantitative and qualitative processes that will enable ORSA responsiveness. ERM framework, capital management, strategy, resources, risk culture and technology will all be open to scrutiny, according to the report.
The report ends by reminding insurers that if insurers adjust to ORSA and make the proper investments in time, talent and technology, it could “provide an opportunity for better risk and capital management… embedding in the whole organization a risk culture and risk decision-making process in which strategy and risk appetite are aligned.”
