Originally published in November 2011
On September 21, 2011, the Financial Services Commission of Ontario (FSCO) released its Risk-Based Regulation Framework Document on the FSCO website. The document describes a broad-based framework for the risk-based regulation of pension plans in Ontario.
This represents an enhanced form of risk monitoring by FSCO. Pension plan sponsors and administrators with pension plans registered in Ontario should review FSCO's Framework. It may be prudent in appropriate cases, for pension plan governing bodies, to adjust pension plan governance policies, procedures and objectives to better match FSCO's risk-based supervisory model.
Background on FSCO's plan to move towards risk-based regulation
The trend toward risk-based regulation in Ontario mirrors what is being done in other jurisdictions as regulators recognize that pure compliance approaches are limited. Based on key recommendations from the report of the Ontario Expert Commission on Pensions, A Fine Balance – Safe Pensions, Affordable Plans, Fair Rules, as well as its own assessments, FSCO is taking steps to establish monitoring programs that will be proactive in identifying plans that may be at risk of failure or severe under-funding.
The proposed Framework will consider a broad universe of risk factors in areas such as administration, governance, and sponsor related risks. The goal is that the Framework will provide a base level of regulation across all pension plans which will include monitoring of key risk indicators, improved dialogue with stakeholders, and promotion of best-practices. Above this base level monitoring, the Framework will focus FSCO resources on pension plans that exhibit the greatest amount of risk.
The Proposed Framework
The Framework consists of five components. At its core is the Regulatory Response Model which describes the application of risk-based supervision and proportionate responses based on risk. The Response Model is informed by four other components, also discussed below: Risk Indicators, Regulatory Powers, available and potential Data Sources, and finally the proposed Business Processes for Quality Control and Framework Maintenance.
1. The Regulatory Response Model
At the core of the Framework lies the Regulatory Response Model. This model proposes to prioritize regulatory work according to the probability and the impact of risk in each plan or transaction.
Following a detailed review, plans will be classified into one of four "risk quadrants" which act as an internal guide for the effective allocation of staff resources and the regulatory actions taken by FSCO.
(a) Intervention Quadrant
Plans showing both a high probability and high impact of risk will be categorized in the "Intervention" quadrant and thereby attracting the highest level of intervention from FSCO. Examples of events giving rise to an "Intervention" categorization include:
- Failure to remit contributions over an extended period of time
- Chronic and significant underfunding
- Significant member complaints
- Plans with significant sponsor risk
The Framework proposes that in the event of a plan or transaction being categorized as needing intervention, FSCO would commence regular interactions with plan administrators, including site examinations, so as to mitigate risk through proactive measures. In severe cases, FSCO would take action or commence legal proceedings pursuant to the Ontario Pension Benefits Act.
(b) Proactive Supervision Quadrant
Plans showing high impact risk but low probability risk will be classified as needing "Proactive Supervision." The FSCO Framework Document suggests that very large plans may fall into this category due to the potential for adverse impact on a large number of members. Plans classified in this category will be subject to ongoing monitoring by FSCO which would include periodic management reporting, ongoing media monitoring and possible interactions with the plan.
(c) Monitor Quadrant
Plans showing low impact risk but high probability (i.e. frequency) risk will be classified in the "Monitor" quadrant. Plans fitting into this quadrant would be both small plans with clear risk indicators (e.g. solvency issues) and large plans where the immediate issue is not a large impact (e.g. consistently late filings). In response to "Monitor" plans, FSCO proposes to monitor and flag the plans if identified risks persist. In such circumstance, an enhanced review or communication with the plan administrator may follow.
(d) Educate Quadrant
Finally, plans with both a low impact and probability of risk will be classified in the "Educate" quadrant. This category will generally include plans, other than very large plans, with little or no risk indicators. For these plans, FSCO proposes to simply provide general education to plan administrators as well as guidance notes and bestpractices.
2. Risk Universe & Risk Indicators & the Detailed Risk Assessment
The Risk Universe categories are meant to broadly capture the risks inherent in pension plans. From these, Risk Indicators (see below) will be developed and tracked for all plans. The risk universe includes the following categories:
- Funding Risk – shortfalls in plan funding
- Investment Risk – exposure to changes in the value of plan assets, especially:
- Market Risk (exposure to changes in market price);
- Matching Risk (mismatch between assets and liabilities), and;
- Credit Risk (counterparty failing to meet obligations)
- Administration Risk – inefficient or insufficiently effective processes or organization in the administration of the plan
- Governance Risk – lack of or poor governance practices
- Sponsor/Industry Risk – sponsor insolvency or potential adverse financial impact due to industry-wide events
The Framework proposes to develop Risk Indicators that are both consistent with the Risk Universe but also can be quantified/measured using risk-based metrics. This will allow the Risk Indicator Tool (RIT) to provide an initial preliminary assessment within the Regulatory Response Model. The RIT will highlight potential key risk areas for further analysis and prioritize FSCO's resources.
FSCO's plan is to initially implement the RIT using information currently available but over time the tool will be expanded and refined to identify measures that accurately and most-effectively identify high risk plans.
Based on results of the RIT, the Framework contemplates that detailed risk assessments will be performed on plans identified as needing further attention. These detailed assessments are expected to provide a full evaluation of the risks faced by a pension plan. In addition, the detailed risk assessment will classify the pension plan into one of the four quadrants referred to above which will then guide FSCO's regulatory action, if any.
Any material concerns arising from the detailed risk assessment would be communicated to plan administrators and possibly other stakeholders, in an effort to commence a constructive dialogue that will resolve any risk concerns.
3. Regulatory Powers and Tools
The Framework document describes that while traditional regulatory tools are set out in legislation, it is always open to the regulators to try and influence behaviour through moral suasion (e.g. stakeholder communications, educational materials, guidance on industry best practices). Nonetheless, the Framework is designed to be consistent with the powers of FSCO under the Ontario Pension Benefits Act.
The regulatory powers and tools listed in the Framework are meant to include a spectrum of education, monitoring and finally deterrence initiatives. Education activities include hosting conferences, publishing best practice guidelines, and FSCO studies, among others. As part of its monitoring tools, the Framework suggests the use of external audits, review of periodic filings as well as desk reviews with follow-up. In the most severe situations the Framework proposes FSCO investigations combined with regulatory orders or prosecution/litigation to stop plans and their administrators from breaches of the Ontario Pension Benefits Act.
In addition to the tools and regulatory powers currently available to FSCO, the Framework proposes adopting several new tools prevalent in other jurisdictions. Suggested changes include increasing plan and transaction reporting requirements, the ability for FSCO to issue Governance and Risk Management reviews by external auditors, and giving FSCO the ability to issue administrative penalties. These and other changes would require legislative changes.
4. Data Sources
The Framework proposes three types of data sources that can be enhanced to implement the Risk-Based Regulation Framework: (a) Existing data that can be used in an enhanced manner, (b) New data that can be collected absent legislative change, and (c) New data that could be provided following legislative change.
(a) Existing data that can be used in an enhanced manner
- Complaint information (categorized by severity), unremitted contributions, late filings and applications, examinations (particularly for information on administration and governance), and audit reports.
(b) New data to be collected absent legislative change
- Industry sponsor intelligence – establish an intelligence process that will monitor both industry risks (e.g. forward looking reports on industry, backward looking reports on industry specific insolvency rates) and sponsor risks (i.e. focus on sponsors identified as highrisk and monitor news alerts and credit ratings of those sponsors).
- External scans and monitoring emerging trends and risks – ongoing interactions with industry, participation in forums and communications with peer regulators, and scanning external information and reports.
- Additional data concerning plans and service providers – FSCO would require information on who provides the plans with investment and actuarial services.
(c) Potential new data following legislative change
- Notifiable events – predefined events requiring reporting by the plan administrators (e.g. breaches of bank covenants, senior management convictions, and sponsors moving outside the jurisdiction).
- Whistleblower reports – reports of legislative breaches made by sponsors, administrators or plan advisors.
- Governance / Risk Management Information – details of the pension plans' governance arrangement.
- Other information – related party transactions, conflicts of interest and investment holdings outside quantitative limits.
5. Business Processes for Quality Control and Framework Maintenance
The key component proposed by the Framework is the Risk Indicator Tool. The RIT will act as a trigger mechanism to identify and prioritize plans according to risk scores calculated using the Risk Indicators discussed above. The RIT would be automated and to the extent possible, provide real-time priority risk calculations that would direct FSCO resources to plans needing Tier 1 and Tier 2 reviews. The RIT is meant to provide a baseline review and ongoing monitoring of all plans.
Based on the priority list from the RIT a Tier 1 review will be conducted to both validate the results from the RIT and provide a preliminary report as to the plan's exposure to risk. At this point the plan would be assigned to one of the four risk quadrants and guide FSCO staff as to their regulatory response.
If the plan is categorized in the "Intervention" quadrant, it would become the subject of a Tier 2 review. This review would include a detailed assessment to confirm the risk classification. If the risk classification is confirmed, the plan would become case-managed by a dedicated team of FSCO staff. The role of this team is to conduct ongoing monitoring which may include recommendations for specific orders from the Superintendent, periodic and random risk assessments and other interactions with plan administrators.
Medium Term Strategy
Because the proposed Framework is a dramatic change from the current way FSCO regulates pension plans, it is expected that full implementation will take some time. However, the Framework document proposes that over the next three years the principal activities FSCO plans to carry out are:
- Enhance and streamline existing risk-based processes
- Integrating the monitoring and review of funding and investment risks
- Introduce and implement e-filings to facilitate collection of data
- Strengthen on-site examinations by identifying instances of poor governance
- Promote industry-wide knowledge and understanding of best practices
- Enhance stakeholders' understanding of FSCO's risk-based approach through education and communication of the regulator's expectations.
- Consultations during the period of transition which would include collaboration to develop a comprehensive risk-based approach, providing information about the new regulatory approach, and communication with a broad public audience to ensure the limits of the risk-based approach are understood.
- Ongoing education through periodic reports on the application of the risk-based approach, thematic reviews on areas of concern, developing guidelines in regards to plan governance, and reaching out to more stakeholders through forums, conferences and the internet.
- Establish quality control and maintenance processes to ensure the risk-based approach is being applied in a valid and reliable manner.
- Measure the effectiveness of risk indicators that contribute to the RIT
- Revisiting and updating the Framework with new or altered criteria and data sources
- Coordinating the identification of emerging or increasing risks
- Liaising with relevant IT groups to ensure the system is appropriately supported by technology
Plan sponsors and administrators should review their governance framework to determine whether it is consistent with FSCO's approach. The questions a sponsor or administrator with a pension plan registered in Ontario should be asking are whether the types of risks identified by FSCO are being properly monitored and what steps are anticipated to mitigate risk in cases where material risks are identified.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.