Tuesday, 4 November 2014

EIOPA's Implementing Technical Standards on Internal Model Approval - ready to "submit"?

EIOPA have kicked into life at the end of October like Freddy Krueger on laughing gas, releasing a swarm of consultation papers and summaries. While the releases on Colleges of Supervisors or the calculation of the risk-free interest rate will be of interest to some, my own interest was in a subset of their draft Implementing Technical Standards on Solvency II Approval Processes

I have tried to cover the distinction between ITS and the other weaponry in the hands of EIOPA and legislators here. The aggregated feedback received by EIOPA on the suite of Solvency II approvals covered by ITS is neatly summarised in this doc, with EIOPA adding dollops of proportionality into the summary, to effectively remind supervisors not to treat the applications of giants and pygmys with the same vigour. Given the audience reaction to the UK regulator's industry event a couple of weeks ago, I think 'proportionality' may need to become the PRA's middle name (though it probably works better as its first name...)

Clearly, two big moans have been common threads in the responses received, and both have been rebuffed. The concept of supervisory requests for supplementary information "stopping the clock" on one's approval window has been retained, while the idea of "no answer in 6 months equals approval" has been firmly rejected.
Internal Model approval
- "Easy, Easy"
Of more interest to me than the other approvals covered by the consultation is the Big Daddy himself, Internal Model Approvals. From a UK perspective I have covered this in multiple posts previously (here, here, here and here for a start) , and was interested to see if any more whistles and bells had been added to what is already an area causing serious fatigue within the UK's potential applicants, not to mention a few dozen corpses from the c.100 interested parties back in 2011 (slide 4 here).

I thought the following was worth highlighting;
  • Given that the Delegated Acts are already loaded with granular Documentation requirements for IM applications (articles 243 & 244), the ITS insists on a few more pieces! Having cross-referenced between the DAs and the ITS, I reckon the items listed in Article 3 d, h, j, p, q and r are all new requirements, though none would be a stretch to produce.
  • Expectations that your model has been in use prior to application (Art 2 (3 a ii)), and is integrated into your current system of governance (Act 2 (c)) - perhaps this is the effort which firms with capital add-ons will be compelled to do in 2016 & 2017 in advance of model applications?
  • Results of your "last" Validation Process must be submitted in a Model application (Art 2 (m)) - again, suggests there will need to be a year's worth of "live" modelling in advance of making an application
  • The supervisors have 30 days to assess the "completeness" of an application - this feels weirdly generous, given those 30 days count towards the overall 6-month assessment window (provided the application is complete).
  • Despite the PRA's firm assertion on Oct 17th (slide 8) that conditional approval for Model applications is not available, Articles 3 (8) and 5 (4 b) both suggest otherwise, namely that proposed "adjustments" or "terms and conditions" can be accounted for in their decision. 
  • As much prominence being given to Model Change process and Model Change policy as the initial Model Application process - applications can actually be rejected on the strength of the change policy (Art 5 (2)). Despite that, the articles designated for these areas (Arts 7 & 8) are relatively straightforward.
There is no real reason why these ITS for IM approval won't sail through at the Commission, so best to prepare accordingly. However, UK applicants with 2016 modelling ambitions will of course need to wait further for EIOPA's Common Application Package before they can finalise this montagne de papier.

Monday, 20 October 2014

PRA's Countdown to Solvency II Implementation Event - When I Need U(SPs)

PRA Implementation countdown
- "Feel like dancing" now?
So along with the entire UK Solvency II sticky-beak brigade, I had the unbridled pleasure of attending the PRA's 'Leo Sayer' on Friday, confidently titled Countdown to Implementation, despite going on to list a range of matters which have probably given both Internal Model and Standard Formula firms plenty of enthusiasm to try and turn the clock backwards rapidly!

Paul Fisher, Julian Adams' replacement as Executive Director of Insurance at the PRA, kicked off with a set of Solvency II vox-pops;

  • Solvency II is the "main game in town"
  • "The end is in sight"
  • The PRA are "not gold-plating the Directive"

A nice bit of reassurance at kick-off time then - unfortunately, the clarity which was to follow from the technical specialists on a range of topics was probably not what everyone wanted to hear, given the tone of some of the audience questioning that followed! In particular (and with everything in full quotation marks below having been said by a PRA rep on the day);

  • That the PRA will "have to prioritise" if everyone in the IMAP queue for 'from 2016' approval drops their applications in at the end of June, and that applicants should be "striving to submit" sooner. Suggests to me that the smaller firms in IMAP may get bumped to squeeze in the big boys.
  • The reinforcement of Mark Carney's message from the other week that they will have no problem refusing permission to use models, though this was couched by Fisher in the more appropriate context of failure to meet any of the TSIMs simply "cannot be allowed".
  • That, although over 90% of the UK industry was down for using Standard Formula, the PRA will be equally aggressive when challenging their preparedness as they will for IM firms.

I didn't hang around for the afternoon sessions as I had a hot date with BA, so pull whatever you can out of the Other Approvals and Regulatory Reporting slideshows. However, I would draw attention to the following from the earlier sessions:

Implementation and Policy overview

  • The Old Lady of Threadneedle Street protested through multiple speakers about how they recognise that bank and insurance internal models are different, and how Insurance Supervision is now "embedded into the Bank" - I would assume to justify the credit crunch-influenced aggression now being taken by the PRA on assessing capital models (visible from Adams's speech around the time of BOE/FSA merger right through to Bailey's speech at Mansion House on Thursday night).
  • An interesting slide 3 about how much more work Solvency II will generate for the PRA from go-live!
  • Referred to FLAOR only once before switching to ORSA, suggesting that this disposable acronym is as much of a pain in the neck for the supervisor as it is for firms!
  • Highlight what "Good" and "Bad" ORSAs have contained to-date. Clearly some firms are box-ticking, leaving an unusable report which is only skin-deep compliant as output. They were particularly scathing on Stress and Scenario Testing efforts, and implored that Reports should not be written for the PRA's benefit (though naturally must cover what the DAs and EIOPA have already set out).
  • A nice piece was discussed around the expected depth of director-level knowledge of their internal models. Andrew Bulley made a useful distinction between "conceptual" and "technical" knowledge, where your dithering 80 year-old INED from the fishing industry might not be expected to understand correlation matrices, but should probably know their significance, and alternatives to them.
  • For model applications to date, far too big ("encyclopedic" in cases), with too much process description, and not enough on assumptions and expert judgements.
  • That it is a firm's responsibility to "ensure compliance" with the Delegated Acts, and given their lessening proximity to the legislators, the PRA flag in advance that they will not be able to give "concrete advice" to firms in future.

Standard Formula

A particularly good ground-setter, given the dearth of work published previously on Standard Formula firms and the PRA's expectations. Calendar included on the slide pack, which will be of massive use to your PM/PMO staff!

  • PRA will review ALL firms ahead of 2016 for SF appropriateness - "priority" firms assessed by Q1 2015, everyone else by end of 2015.
  • While SF SCR is apparently close to current ICG numbers for GENERAL insurers in the UK, it is noticeably larger in LIFE firms 
  • PRA is "not promoting" SF ahead of internal models
  • Vigorously directed all attendees to EIOPA's Underlying Assumptions of SF Paper - expectation that some firms won't read it, and just expect SF plus any add-ons?
  • Very vocal on the "significance of the deviation" between SF SCR and one's own Risk Profile - as we know, the Delegated Acts quantify what 'significant' is in the context of capital add-ons
  • An expectation that ORSAs will be used in the assessment of SF appropriateness - qualitative for sure, possibly quant elements as well?
  • Range of examples of where significant divergences are being found, by Risk Category, and by Life vs General Insurer.
  • A lot of emphasis on Capital Add-ons being used "only as a temporary measure", which will ultimately allow firms to PIM/IM or de-risk. They are however "patient and realistic" on how quickly that change can be done, so it sounds on the face of it like 2016 and 2017 will be targeted for Capital Add-on elimination.
  • In the following session on models, a piece came up on Capital Add-ons, where the PRA confirmed that their process for handling these in future is "still developing", though they expect them to be "a lot, lot rarer" than the existing regime of ICG.

Internal Models

Calendar also provided for IM firms (slide 4), showing how tight their schedule is, and explaining why they threw the earlier curveball about all firms expecting to drop their applications in on 30th June 2015. They also touched on the following:

  • Highlighting weak areas identified to-date such as over-optimistic (new?) business plans being used in capital calculations; ENIDs; omission of certain "Key Risks", and suspiciously low correlations
  • That Use Test is "fundamentally important", and is an opportunity for firms to "put their money where their mouth is". They do not expect to see either end of the use spectrum i.e. no use, or blind use!
  • Too much technical actuarial validation seen. Usefully suggested that validation questions may be better posed as "where might this model be inadequate", rather than "why is it OK".
  • Confirmed that the PRA's SAT has now been replaced by EIOPA's CAT, which won't arrive until the back end of this year - surprisingly, no-one laughed when they said this "might create some work" for existing IMAP programmes!
  • Importantly, they stressed that their powers are to Approve or Reject applications, with no "conditional" powers whatsoever. Attendees were therefore encouraged to delay applications which were thought to be unlikely to succeed, both now and in future.
Though they instinctively feel like they could have been supplied sooner, the clarifications provided in the presentations I witnesses will be hugely welcome by programme directors and PM's alike. I would venture a guess that they will be less welcome by executive committees, who may have hoped for more flexibility on the risk quantification front post-2016.

Wednesday, 15 October 2014

PRA on Solvency II Approvals - One in the "IMAP"

The PRA today released a consultation paper on applying for Solvency II approvals (with the checklists for firms thinking of applying here), covering such juicy topics  as;
  • Matching adjustments
  • Ancilliary own funds
  • USPs
  • Group shenanighans (single ORSA for Groups, and excluding entities from Groups)
  • SFCR dispensations
And of course the big man on campus - Internal Model Approval.

I had covered on here back in March that EIOPA intened to bring in a common internal model application package (press release here), whilst also noting that while EIOPA "expected" NCAs to accept and use it, it was not compulsory.
IMAP - waste not want not
With the UK being the largest Internal Model application handler by some distance, the stupendous amount of money, management time and administrative effort which had been injected into the IMAP Process since 2011, there was at least a theoretical possibility that the PRA might say "no thanks", and ask its applicants to continue as they were, albeit with an Excel template amended to reflect the Directive and Delegated Acts as they currently stand

Therefore the rather vicious tearing of hair and gnarling of teeth coming from the UK today is the sound of 60-odd internal model applicants finding out that 3 years of IMAP work is now redundant! Section 2.11 of today's CP states;
EIOPA is expected to publish an internal model application template which the PRA will require all firms to use for their formal internal model applications.
...[firms] will be expected to transpose data onto the new EIOPA template when they make their formal application. The PRA will not be updating the SAT to align with EIOPA's application template
Perhaps I am being a touch harsh to call IMAP efforts to-date "redundant". The UK will naturally have dominated EIOPA discussions around what a template should contain, and how it should be structured to assess applications with maximum efficiency, as they have had the Chair of the Internal Model Committee since 2009!

There is an implication in the CP though that the transposition between the two "templates" will not be as seamless as I had imagined back in March, so I suspect that internal model applicants will need to go back to the market looking for expensive IMAP cajolers in the not too distant future. A shame for UK plc, who will rightly feel they have spent a lifetime's money on this topic already.

Tuesday, 14 October 2014

Solvency II Delegated Acts - Commission publish, world shrugs

Delegated Acts - handle with care
On Friday, the European Commission  released a "provisional" version of Solvency II's Delegated Acts via their own website.

Given how long they have taken to arrive, they rather surprisingly aren't chiselled into pyramid slabs or written on parchment - less surprisingly, they feature very little in the way of changes since the July 2014 version, so for those who want to know why it has taken 3 years for these to officially emerge, the January 2014 version is a better contrast (I summarise some of the changes between 2011's starter document and the January version here).

There has been enough comment since Friday (here, here, here and here for a start) to highlight what has changed since the summer, and more importantly, what has driven those changes - namely, encouraging EU insurers to plough money into long-term infrastructure assets by making them cheaper from a capital perspective, thus solving the European Union's economic woes in one fell swoop!

Bear in mind the first scrounging letter from the Commission came to EIOPA over two years ago, reminding them of what a "...potentially powerful financing channel" European insurers could be, provided any necessary "...adjustment or reduction" was made to Solvency II's capital requirements.

Little wonder then that it has taken a while for them to ensure that Solvency II remains prudential, while simultaneously unlocking long-term capital pools, though it sounds like the empirical basis of EIOPA's earlier calibration attempts has been overriden to get there.

Is it likely to get through the baying mob in ECON? The insurance industry's Green Party sparring partner had already flagged his distaste at the capital discounts now being offered, as well as the due process applied to recalibrating them.

It remains to be seen whether it is controversial enough to delay the inevitable in early January, but given the Acts seem to have been received with customary ambivalence by most affected parties, this is probably 'job done'.

Monday, 13 October 2014

ORSA and Independent Review - Misunder-stud?

Independent review of ORSA
- banging the drum?
I listened in on a Solvency II readiness webcast a couple of weeks ago which pricked my ears like a low-budget high street beauty parlour. The specific theme was independent review of ORSA, and the broadcaster confidently included it in the list of "things we all need to do" in the Solvency II preparatory phase, both 2014 and 2015.

While most familiar with the topic would immediately cry "that got lobbied out in 2011", the speaker's argument was that, while EIOPA's Guidance no longer says firms should "independently" review its ORSA, it also doesn't not say it, therefore we must do it, and do it annually!

I would have chuckled and left it at that, but having read InsuranceERM's recent roundtable on preparations for Solvency II, the topic again reared its head, albeit in a more controlled manner, as a number of attendees explained how they have used Internal Audit (and dismissed the idea of using external firms) in reviewing their ORSA processes during the preparatory phase.

My problem is this - as an industry we were happy to, erm, relieve ourselves and moan when CEIOPS's first attempts at ORSA Guidance in 2010 included a guideline which compelled annual independent review of the ORSA Process (included in slide 32 of Mr Bernadino's pack here in Summer 2011, as I can't find the original CP anywhere).

This was lobbied-out by the time the re-badged EIOPA released their 2011 CP (here), and when their Final Report followed in June 2012, "independent review" was a distant memory.

Any compulsion to review the ORSA Process is now  covered only by EIOPA's System of Governance Guidelines (here), specifically Guideline 8 asking that a firm's SoG is regularly "internally reviewed on a regular basis" (5.11).

EIOPA continue in 5.11 that "...the review undertaken by the internal audit function on the system of governance as part of its responsibilities can provide input to this internal review" - i.e. this is not work considered to be performed automatically and exclusively by one's Internal Audit function.

In terms of frequency, EIOPA elaborate in section 4.26 of the Guidelines, namely that your AMSB, given your firm's nature, scale and complexity;
...determines the scope and frequency of the internal reviews of the system of governance
 So three things - no 'annual' requirement; AMSB's choice on frequency; and that this is internal review, not "independent", "external", or indeed any other word which gets me contracted past 2016!

Monday, 29 September 2014

CRO Forum's Principles on Operational Risk Measurement - "Quant touch this"...

Hammer Time?
Current efforts in Op Risk quantification
Despite practitioners efforts over the last few years, Operational Risk continues to live on starvation rations when it comes to considered quantification. Never treated as an alpha-topic by executives inside insurance institutions, it has been treated with similar indifference by legislators, culminating in the  "totally inadequate" take-a-percentage methodology for calculating Operational Risk capital in the Standard Formula.

Internal Modellers on the whole are not likely to be shaming that technique with their efforts either (basic summary of their problems here, while InsuranceERM cover struggles as a whole with a roundtable here). A paucity of operational risk event (and near miss) data within firms may be good news for ORIC as a vendor, but from a parameter and data uncertainty perspective, it leaves internal model operators and validators in an invidious position, particularly due to the quantum of insurers' capital likely to be involved (10%, give or take?).

It's not that the actuarial world hasn't taken a stab at it before (here), aren't fully aware of the data holes (here), or haven't used the word "Bayesian" in a sentence (here). However an activity which was "in its infancy" in the UK as far back as 2005, is surely now old enough to be working in the mines...

I was therefore happy to see the unprolific-yet-important CRO Forum bring a white paper to the table, Principles of Operational Risk Management and Measurement. It is an update to a 2009 version which takes into account Solvency II demands, as well as developing practice within insurers over the period, the suggestion being that 2009's efforts were a little too Banking Industry-influenced.

While this document might feel at outset like an idiot's guide to "quanting" operational risk (and bearing in mind the number of prospective standard formula applicants - 9 out of 10 in UK - one may be needed soon!), the document touches on a number of noteworthy technical matters, in particular;
  • The Definition section doesn't read well, but they have attempted to include outcomes other than monetary loss into the Op Risk definition, which from experience will improve discourse within firms. Are they attempting to squeeze strategic and reputational risks into this box though?
  • Nice coverage of Boundary Events, and encouraging firms to consider them in their management of Op Risk.
  • Very specific treatment of Risk Tolerance throughout, using it in preference to Risk Appetite. This is because it cannot be avoided, and so tolerance levels should be used to trigger "RAG"-type reporting up the chain. Nice work, and well justified, but I have certainly seen the expression "Zero Appetite" used for Op Risk, so no doubt this is not an industry standard perspective yet! (p5-6)
  • No problems with their coverage of tried and tested techniques - "Top Down", RCSA's & Loss Event analysis (p9-10)
  • Nice turn of phrase regarding emerging risks on p9 - "...assess the proximity of new risks to the organisation". It may need to include an attempt to quantify to be fully useful for ORSA purposes.
  • Concept of residual risk arrives quite late in the day, but isn't omitted. Important, given how much qualitative, or spuriously quantitative, material is being promoted as aiding this measurement work (p10)
  • Seem to accept at the bottom of p10 that Internal Modellers must do more than curve fit on internal Op Risk Event data - good news I guess.
  • Internal Model validation pressures on current Op Risk quantification practices flagged directly (p16 in particular)
  • Guidelines on embedding Op Risk monitoring processes highlight just how much work some practitioners are managing to cover (p11). Quite disheartening for those with smaller budgets.
Ther are a few points to make on section B around quantification:
  • Pretty scathing on Standard Formula relevance. (p14)
  • Scenario Analysis sold as something of a panacea to cure the ills of incomplete Op Risk Event data sets, but no mention of the biases which seem to permeate the creation of the scenarios, which is sadly a hostage to the invitee list. (p14)
  • Expand more on scenario analysis, bringing the "severe but plausible" terminology to the table (p15)
As well as the following generic comments;
  • Is risk measurement - "a tool for embedding risk culture in the organisation"? I would say so, particularly in the Op Risk arena, where decision makers will need to be involved at scenario-compilation time.
  • That said, they then go on to reference "senior management sign-off" of scenario work, which is somewhat contradictory!
  • Overweight in references to "culture" and "tone at the top", like most white papers these days (see the FRC's efforts from the other week). Playing with fire as a profession by shoehorning references to "culture" into everything.
  • A couple of horror-show schematics used on pages 7 and 8 - the Forum must know how much time risk professionals lose walking non-experts through things like this. They serve no purpose, and detract from surrounding text.
  • Attempt on p9 to solicit business for ORIC?
It was Professor Jagger who accurately prophesised "You can't always get what you Quant" - I'd say the Risk profession concurs, based on these very welcome principles.

Wednesday, 24 September 2014

KPMG on Pillar 3 and Public Disclosure - in or out?

Pillar 3 - rude awakening?
The operational reality of Solvency II Pillar 3 is seemingly about to deliver a ruder awakening than breakfast at Chubby Brown's. Whilst for example the UK's regulator has offered an element of flexibility in the content of the QRT reporting to be submitted during the Solvency II preparatory phase (Q21 here), Finance functions across the EU will be in an spreadsheet-fuelled scramble to deliver Solvency I, Solvency II and public reporting from now on in.

The lie of the land is not pretty as it stands. Evidently the PRA's crack team of Pillar 3 regulator and industry expets is tabling some sobering questions, given their recently revised Q&A, and both software solution providers (here) and asset data firms (here) continue to ebb and flow with their contributions to preparedness, depending on the pay-off. Some co-odination efforts have recently begun on asset data transference involving the larger EU players, but doesn't yet sound like the golden ticket for the teams charged with delivering Pillar 3 material.

Even EIOPA, the new custodians of the word ERRATA, are seemingly tied up with the less technologically developed EU members in an Excel-flavoured workaround to the xBRL question which, judging by the number of QRT template amendments already applied, has an air of inevitability about it.

It was therefore nice to see one of the Big 4 release results from this survey on how firms are preparing for Pillar 3 in the content of existing and future public disclosure requirements. Small sample (11 firms, all multinationals), and all evidently have existing plc-type disclosure requirements, but the topics and trends covered should inform anyone in the Pillar 3 space who has transitioning on their agendas.

Worthy of note:

  • Pre-Solvency II disclosure of quantitative material not favoured - not much to be gained I suppose
  • No-one planning to publish projected capital adequacy!
  • Responders in IMAP seemingly working on the basis that "Plan B" won't be required
  • Few likely to publish "internal views of capital" ( for this read "overall solvency needs" or "ORSA Capital") - analysts felt unlikely to be looking for it.
  • Most common differences between Pillar 1 and OSN used were treatment of contract boundaries and the risk-free rate, with the list of distinctions going into double figures
  • Some provisional plans for IFRS alignment on the balance sheet methodology front
  • Embedded Value about to be jettisoned as a reporting metric - analysts are of course devastated!

Who said accountancy was boring?