Академический Документы
Профессиональный Документы
Культура Документы
Teija Korpiaho
Malta, 8/4/2010
21 February 2013
Page 1
CEIOPS
Index
Internal Control
Concept and elements
1. 2. 3. 4. Control environment Control activities Communication Monitoring
Internal Audit
Duties and responsibilities Proportionality
21 February 2013
Page 2
CEIOPS
CEIOPS
21 February 2013
Page 4
CEIOPS
SRP ORSA
Strategic risk
Market Risk Underwriting risk
Risk Management
Credit Risk
SCR-std
Operational risk
Internal Control
24.4.2009
Page 5
CEIOPS
24.4.2009
Page 6
CEIOPS
The more principles (and risk) based regulation the more is required from the internal control and risk management of the undertakings
24.4.2009 Page 7
CEIOPS
Communication
Monitoring
Compliance
24.4.2009
Page 8
CEIOPS
Documentation
A key element of Internal Control Well documented = written Approved by administrative or management body Updated at least annually Strategies on
Business, risk management (incl. liquidity, concentration risk, credit risk, operational risk), underwriting and reserving, investment and ALM, reinsurance, internal audit
Policies on
risk management, underwriting, remuneration, investment and ALM, internal control, outsourcing, disclosure, information
Plans on
contingency and compliance
24.4.2009 Page 9
CEIOPS
2. The compliance function shall include advising the administrative or management body on compliance with the laws, regulations and administrative provisions adopted pursuant to this Directive. It shall also include an assessment of the possible impact of any significant changes in the legal environment on the operations of the undertaking concerned and the identification and assessment of compliance risk.
24.4.2009
Page 10
CEIOPS
Compliance Function
Compliance risk = the risk of legal or regulatory sanctions, material financial loss or loss to reputation an undertaking may suffer as a result of not complying with laws, regulations and administrative provisions as applicable to its activities.
Compliance function - to ensure the undertaking comply with applicable laws and regulatory requirements.
Compliance plan
Reporting: to report any major compliance problems it identifies to the administrative or management body.
24.4.2009 Page 11
CEIOPS CEIOPS
21 February 2013
Page 12
CEIOPS
24.4.2009
Page 13
CEIOPS
21 February 2013
Page 14
CEIOPS
Effective
Objective
24.4.2009
Page 15
CEIOPS
Audit plan
Audit work for next year(s) Based on risk analysis
Annually reporting to the administrative, management or supervisory body Follow up of the recommendations
24.4.2009
Page 16
CEIOPS
Proportionality
1. All undertakings shall have internal audit function 2. The requirements of the directive should be proportionate to the nature, scale and complexity of the risks inherent in the business of an insurance or reinsurance undertaking.
Not the size of the undertaking!
21 February 2013
Page 17
Thank you
teija.korpiaho@bof.fi
21 February 2013
Page 18