COMPLIANCE AND CORPORATE GOVERNANCE UPDATE

1
COMPLIANCE AND CORPORATE GOVERNANCE UPDATE

• Liam Flynn
• Insurance Institute, Dublin, 6 May 2009

2
Outline - Compliance

• Recent Financial Regulator (FR) Consultation
  Papers
• Recent FR Guidance
• Trends in FR Administrative Sanctions Actions
• Trends in Financial Services Ombudsman (FSO)
  Decisions
• Possible Future FR and FSO Developments

3
Outline Corporate Governance

• FR Corporate Governance Guidance and Requirements
• Solvency II Implementation Corporate Governance
  and CEIOPS CP 33
• Developments in Irish enforcement regime
  Companies (Amendment) Act 2009

4
Recent Financial Regulator Consultations CP 37

• Financial Regulators Minimum Competency
  Requirements introduced in July 2006
• Grandfathering - Persons who do not on 1
  January 2007 hold a recognised qualification in
  respect of specified categories of retail
  financial product for which they are acting may
  continue to act provided that they have carried
  on the same activity for a period of at least
  four years in the eight year period 1 January
  1999 to 1 January 2007
• Persons grandfathered for life assurance
  wishing to engage in private medical insurance
  (PMI) need to obtain a qualification, since their
  grandfathering would not extend to PMI

5
Recent Financial Regulator Consultations CP 37

• Concerns were expressed that the qualifications
  required (CIP, Diploma in PMI, or (for holders of
  the QFA), the Bridge Examination in Non-Life
  Insurance) were too onerous for life assurance
  intermediaries seeking to sell PMI on a limited
  basis
• Consultation Paper therefore requests industry
  views as to suitable qualifications for persons
  grandfathered for life assurance wishing to
  engage in PMI persons grandfathered for other
  forms of non-life insurance wishing to engage in
  PMI and for new intermediary entrants to the PMI
  market
• Closing date for responses is 15 May 2009

6
Recent Financial Regulator Consultations CP 34

• Life Assurance (Provision of Information)
  Regulations 2001 introduced prior to
  development by FR of Consumer Protection Code
  (CPC) and associated prudential requirements in
  2006
• IN CP9 (Remuneration Structures Transparency)
  concerns were expressed regarding the utility and
  comprehensibility of disclosure information
  provided to consumers under 2001 Regulations
• FR later commissioned limited research on the use
  by consumers of disclosure material provided
  under 2001 Regulations this confirmed FR
  concerns as to utility of this
• Consultation Paper raises general questions
  regarding layout and content of the disclosure
  information, use of plain English and avoidance
  of duplication

7
Recent Financial Regulator Consultations CP 34

• Consultation Paper makes specific proposals-
• disclosure requirements for products with no
  surrender value should omit illustrative tables
  of benefits and charges and information on RIY
• abolish requirement to provide second table of
  remuneration as part of commission disclosure
  provisions
• increase prominence of RIY disclosure
• use projected growth rates of 2 and 4 below
  primary rate as well as -2 for illustrative
  tables of benefits and charges
• extend commission disclosure to occupational
  pension scheme policies
• standardised annual statement should be provided
  to all policyholders

8
Recent FR Guidance

• Guidelines on Directors Compliance Certificates
  February 2009 no fundamental changes to the
  original form of the certificate issued in 2003
• Guidelines on Treatment of Instalment Income from
  Premium Payment Plans January 2009 reiterates
  guidance given in 2003 regarding completion of
  annual returns as they relate to premium
  instalment plans for non-life insurance
• Guidelines on Appointment of Compliance Officers
  January 2009
• single individual may hold more than one role
• functions encompass putting in place a policy
  statement monitoring its implementation and
  period board reporting reviewing products,
  procedures and systems on a planned basis
  reviewing staff training processes to ensure
  competencies
• appointment of compliance officer is a notifiable
  matter and changes must be notified as soon as
  possible after making the appointment

9
Recent FR Guidance

• Guidelines on Risk Management of Derivatives
  January 2009 republished version of the
  original published in July 2001
• Guidelines on Prudential Requirements for Captive
  Insurers April 2009
• states definitively that a captive insurer cannot
  underwrite any risk from a joint venture
  company in which the parent has an interest
  thus, for example, a company that is 51 owned by
  the parent could not place insurance with that
  parents captive
• arguable that this is inconsistent with the
  definition of a captive insurer as it appears
  in the guidelines
• states definitively that inter-company loans are
  not recognised as valid assets for regulatory
  capital purposes by the FR but this does not
  seem to be consistent with Annex III of the
  European Communities (Non-Life Insurance)
  Framework Regulations 1994

10
Trends in FR Administrative Sanctions Actions

• Hibernian Direct November 2008 breaches of
  CPC general principles 4 and 6 non-disclosure of
  information required under CPC were no consumer
  complaints and settlement penalty was 45,000
  versus consumer compensation of 16,000
• Trends therefore demonstrate-
• FR is not waiting for customer complaints before
  taking action
• Settlement penalty does not match the loss to
  the customer
• Breaches of CPC general principles clearly
  regarded as actionable by FR

11
Trends in FR Administrative Sanctions Actions

• Murphy Insurance Brokers Limited July 2008
  client premium handling provisions of the
  Investment Intermediaries Act 1995 (IIA)
• Apex Fund Services Bohan August 2008
  provision of incomplete information to FR as part
  of application for authorisation contrary to s
  10(16) of IIA
• Irish Nationwide October 2008 breach of CPC
  general principle made subject of an action
• Quinn October 2008 breach of Insurance Acts
  (requirement to notify FR prior to providing
  inter-group loans)

12
Trends in FSO Decisions

• Increased tendency to direct oral hearings to
  resolve conflicts of evidence as to the
  understanding of the complainant Enfield
  Credit Union Case other (2009 unpublished)
  recent determinations
• Tendency to allocate contributory negligence to
  claimants rather than to reject complaints
  Enfield Credit Union
• Tendency to regard products as complex when
  industry might not necessarily agree e.g.
  gearing
• Ombudsman seems to regard it as positive duty of
  investment advisor to give verbal explanation of
  written product documentation, rather than simply
  to assume that customer has read and understood
  written documents consistent with comments by
  FR in CP 34 consumerstend to rely more heavily
  on what they are told than on written
  documentation
• Ombudsman will not therefore accept provision of
  written risk disclosure as sufficient to satisfy
  a providers responsibilities where evidence is
  that consumer did not read the disclosure and
  provider did not attempt to explain it

13
Possible Future FR and FSO Developments

• Review of Intermediary Market, December 2008
  addressed two main areas of concern
  categorisation of intermediaries and transparency
  for the consumer
• Report makes number of recommendations related to
  categorisation-
• use of the term broker should be confined to
  intermediaries that offer fair analysis of the
  market, based on a sufficiently large number of
  products and providers to enable the broker to
  make a recommendation
• possible to be a broker for one type of
  insurance (e.g. life assurance) and tied for
  others
• extent of service provided by intermediary must
  be disclosed
• intermediary cannot describe itself as a QFA
• intermediary cannot describe itself as
  independent unless offers fair analysis and
  offers fee-based remuneration to consumers

14
Possible Future FR and FSO Developments

• Report makes number of recommendations related to
  transparency-
• intermediary should disclose in general terms
  the applicable remuneration arrangements in
  non-life business (in life business, specific
  provisions apply)
• intermediary should either inform customer of
  amount of remuneration prior to sale or that
  details of remuneration are available on request
• Report further recommends that appointment system
  under IIA should be abolished as it is confusing
  for consumers
• Implementation of the Reports recommendations
  will require amendments to CPC, European
  Communities (Insurance Mediation) Regulations
  2005 (IMD) and also primary legislation
  recommends that definition of tied agent in IIA
  should be abolished and that the only surviving
  definition should be tied insurance agent as
  set out in IMD

15
FR Corporate Governance Guidance

• FR published Corporate Governance Requirements
  for Reinsurance Undertakings in December 2007
  no similar such requirements published for
  insurers but document gives good sense of FRs
  thinking and is based on guidelines produced by
  International Association of Insurance
  Supervisors (IAIS)
• Requirements prescribe oversight at six levels
  board of directors and sub-committees
  independent non-executive directors senior
  management internal controls internal and
  external audit function compliance function,
  with all six to be closely integrated into the
  management of the undertaking

16
FR Corporate Governance Guidance

• Board of directors ultimately responsible
  notwithstanding delegation to committees
  responsible for establishment, implementation and
  monitoring of compliance with policy must
  establish the corporate governance principles
  that apply to the undertaking and allocate
  responsibilities
• Sub-committees establish appropriate
  sub-committees commensurate with complexity of
  operations of company audit committee is
  essential
• Independent non-executive directors minimum of
  two and each must give adequate time to the role
  independence must take into account previous
  employment with group and other board
  appointments
• Senior management responsibilities include
  overseeing operations on a day to day basis all
  companies must have a general manager with
  established competence

17
FR Corporate Governance Guidance

• Internal controls FR may request detailed
  description of internal control systems board
  must put in place a detailed risk management
  system addressing operational risk and business
  risk, particularly as these relate to
  underwriting, concentrations, provisioning,
  actuarial certification, retrocession strategy,
  review and approval of contracts and investments
• Internal audit must exist in all companies,
  though depending on scale may be fulfilled by
  group internal audit
• Compliance officer with day to day
  responsibility for monitoring and implementing a
  compliance statement and reviewing individual
  products, procedures and documentation on an
  on-going basis

18
Solvency II Implementation CEIOPS CP 33

• Administrative or management body and senior
  management must provide organisational values and
  priorities
• System of governance must establish clear
  organisational structure well documented lines
  of responsibility across organisation employ
  personnel with appropriate expertise establish
  and implement clear procedures for those
  personnel to carry out their responsibilities
  introduce clear reporting lines
• Should be a code of conduct for staff and
  remuneration policy must be in line with business
  strategy and risk profile, avoiding incentives
  for unwarranted risk taking

19
Solvency II Implementation CEIOPS CP 33

• System of governance should be proportionate
  board should consider whether committee structure
  is appropriate (but audit committee not
  mandatory)
• Internal audit function cannot be combined with
  other operational duties or functions must be a
  separate unit or individual without other duties
  within the undertaking
• Undertaking must have written policies in
  relation to risk management, internal controls,
  internal audit and where relevant outsourcing
  that must be implemented and reviewed at least
  annually

20
Solvency II Implementation CEIOPS CP 33

• Undertakings must have business continuity plans
  that must be regularly tested and updated
• All members of management body and senior
  executives must have adequate and sufficient
  qualifications, knowledge and experience and must
  be of good repute and integrity the undertaking
  should have documented policies and procedures to
  ensure that all such persons are properly
  qualified
• Undertakings must have clearly defined and well
  documented risk management strategy and adequate
  written policies including a definition and
  categorisation of risks processes and procedures
  to enable undertaking to identify, assess,
  manage, monitor and report the risks it may be
  exposed to and appropriate reporting procedures
  and feedback

21
Solvency II Implementation CEIOPS CP 33

• Undertaking must have written asset/liability
  management (ALM) procedures taking account of
  possible correlation and concentration of risks
• Investment policy must be defined and documented,
  and special management procedures, monitoring and
  controls must be established for complex
  investment activities and for use of derivative
  products
• Undertaking must have a liquidity risk
  contingency plan, including continuous monitoring
  of debt and availability of financing

22
Solvency II Implementation CEIOPS CP 33

• Undertaking must have written reinsurance
  strategy, identifying levels of risk transfer,
  principles for selection of counterparties and
  with specific provisions regarding alternative
  risk transfer (ART) and use of special purpose
  reinsurance vehicles (SPRVs)
• Risk management functions must be embedded in
  organisation and must not be responsible for
  results of operational business must maintain an
  organisation-wide view on risk profile of
  undertaking
• Compliance function and internal audit function
  must be independent and of sufficient standing to
  enable them to operate to ensure proper
  implementation of internal control system

23
Companies (Amendment) Bill 2009

• Presented to Seanad, 7 April 2009
• Legislative timetable unclear, prompted by
  concerns raised by Office of Director of
  Corporate Enforcement (ODCE) regarding
  difficulties encountered in investigations of
  allegations of wrongdoing at Anglo Irish Bank
• Amendment of section 194 of Companies Act 1963
  register of directors interests in contracts now
  open to inspection by ODCE
• Power of ODCE to obtain corporate records under
  section 19 of Companies Act 1990 extended to any
  person in possession of those books and records
  (e.g. a services provider) to obtaining copies
  of those records from any person in possession of
  them (e.g. an auditor) or to obtaining any
  records that may relate to them from anyone else

24
Companies (Amendment) Bill 2009

• Section 20 of Companies Act 1990 amended to
  permit the ODCE extended powers of seizure under
  search warrants ODCE may now seize material
  that may be outside the terms of a search warrant
  if that material cannot be separated from
  material that is within the warrant
• Section 23 of Companies Act 1990 amended to
  permit the ODCE to compel the production of
  material that is alleged to be legally privileged
  ODCE must maintain confidentiality of the
  material (against itself!) and apply to Court to
  determine whether the material is actually
  privileged

25
Any Questions?

• Liam Flynn
• Matheson Ormsby Prentice
• 70 Sir John Rogersons Quay
• Dublin 2
• email liam.flynn_at_mop.ie
• tel 353 (1) 232 2327