UK: SIMR White Paper

Last Updated: 3 February 2015
Article by Nick Elwell-Sutton and Geraldine G. E. Quirk

White paper on the Prudential Regulatory Authority's Consultation Paper on the Senior Insurance Managers Regime: a new regulatory framework for individuals

On 26 November 2014 the Prudential Regulation Authority (PRA) issued a consultation paper on its proposals for a revised regulatory regime for senior insurance managers (SIMR). The purpose of the proposed changes is principally to implement Solvency II measures on governance and fitness and propriety, but the PRA has also taken the opportunity to apply aspects of the Senior Managers Regime proposed for banks, with the strong emphasis contained in those rules on individual accountability. While the PRA is the lead transposing authority in relation to Solvency II, the issue of fitness and propriety of key individuals at insurers also impacts the objectives of the Financial Conduct Authority (FCA), which has also issued a consultation paper on changes to the Approved Person Regime (APR).

Why are these proposals being tabled?

While the principal reason for the proposals is to implement Solvency II requirements, they also further a clear policy objective of increasing individual accountability in financial services institutions. Whilst accepting that the regime for insurers should not be identical to that for banks given that the risks posed by insurers to the PRA's objectives are different, the scope of the regime broadly aligns with the proposed regime for banks. Fortunately, the more draconian requirements of the banking regime, including criminal sanctions with a reverse burden of proof for regulatory failings, will not apply to insurers.

The main intention of the paper is stated to be: "...to ensure the fitness and propriety of all those individuals who are effectively running an insurer or performing a key function" and that "...senior management should be responsible for compliance by firms with the PRA's requirements."

Who is within the scope of the proposals?

The proposals will apply to all firms covered by the requirements of Solvency II (the PRA puts this at between 400 and 450 firms) except small non-Directive Firms - essentially those excluded from the scope of Solvency II by virtue of their size, and the nature of the risks underwritten by them. The PRA expects that only around 100 firms will fall within the small non-Directive Firm category. Existing rules will continue to apply to those firms, unless they opt in to Solvency II. The PRA will be consulting in due course on its approach to supervision of these entities.

The firms subject to the proposals include:

  • Retail and wholesale insurance and reinsurance firms
  • Lloyd's managing agents
  • Insurance special purpose vehicles (ISPVs)
  • UK branches of foreign firms headquartered outside the EEA

A separate consultation paper on non-executive directors will be issued in 2015 although this consultation paper covers them insofar as it relates to the Solvency II implementation.

What is the PRA proposing?

The proposed SIMR seeks to impose a greater focus on senior managers recognising the critical role they play in regulated businesses. The new regime covers three, overlapping, categories of individual:

  • Individuals performing one of the new PRA Controlled Functions (CFs) (in future also to be known as Senior Insurance Management Functions (SIMFs)
  • All senior personnel (referred to as "key function holders") who are effectively running the business, or who have responsibility for other key functions, which will include those approved to perform SIMFs and certain FCA CF
  • All individuals performing key functions

The term "key functions" covers the actuarial, risk management, internal audit and compliance functions prescribed by Solvency II; effectively running the business; and any other function which is of specific importance to the sound and prudent management of the firm. It will be the responsibility of the firm to identify key functions falling within these last two categories, depending on its business and organisation. There is no guidance on the meaning of "effectively running the business" (a concept lifted directly from Solvency II) which at least gives insurers flexibility to decide which individuals are fulfilling this role. Some generic guidance is given on identifying key functions, including whether the function is essential for the proper functioning of the firm or group considering its risk profile and business, and whether any failure in the operation or effectiveness of the function may threaten seriously the interests of the firm or policyholders.

There is a lack of clarity on whether "individuals performing key functions" covers only those individuals whose actions may threaten seriously the interests of the firm or policyholders; or every individual working under and/or reporting to a key function holder. This has implications in the context of the application of the fitness and propriety rules and the new conduct rules.

The new CFs

The scope of people subject to pre-approval before taking up a CF is in future to be more granular and more role specific than is currently the case, identifying those individuals who play a critical role within an insurer and would be held responsible for ensuring the ongoing safety and soundness of the firm and the appropriate protection of policyholders. This means that certain functions, such as the director function, which are currently PRA CFs will no longer be subject to pre-approval by the PRA. The new more focused CFs are expected to permit more focused scrutiny by the PRA at the pre approval stage.

The proposed CFs, which would in future to be also known also as Senior Insurance Management Functions (SIMFs), are:

  • Chief Executive Officer (SIMF1)
  • Chief Finance Officer (SIMF2)
  • Chief Risk Function Officer (SIMF4)
  • Head of Internal Audit (SIMF5)
  • Third Country Branch Manager (SIMF19)
  • Chief Actuary (SIMF20)
  • With-Profits Actuary (SIMF21) (does not apply to the Society of Lloyd's or Lloyd's managing agents)
  • Chief Underwriting Officer (SIMF22)
  • Underwriting Risk Oversight (applies to the Society of Lloyd's only)

As Solvency II fit and proper requirements apply to groups and holding companies, the PRA proposes that individuals in groups who intend to take up CFs in insurers, along with holding/other group company senior executives who have a significant influence on the management or conduct of the insurer's affairs, will be subject to pre-approval for a new CF/SIMF, Group Entity Senior Insurance Manager function (SIMF7).

Application process for SIMFs

As part of the revised application process, firms will need to provide information about an applicant's skills and experience and, presumably, how they would meet the core responsibility allocated to them. There would also be a greater emphasis on the due diligence undertaken by firms on candidates, to include qualifications, training and competence and personal characteristics and qualities as well as an obligation on the firm to have carried out and to be able to evidence having undertaken criminal records checks and employer references which, in turn, will be scrutinised as part of the interview process.

One specific area identified is that in future the interview would include an assessment of the applicant's technical and non-technical expertise and his or her understanding of the risks to the viability of the insurer and of the risks posed by the insurer to the wider financial system.

Fit and proper assessments

As well as performing their own assessment of the fitness and propriety of candidates for SIMFs, firms will need to assess the fitness and propriety of all other key function holders and of those performing key functions, with an emphasis on technical competencies and personal characteristics. Insurers will have to provide the PRA with information on the skills and experience of, and allocation of responsibilities to, any person taking up a post as a key function holder (including those performing PRA CFs). Insurers' assessment of the fitness and propriety of key function holders who are not performing CFs, will be supervised on an ex-post basis.

Solvency II requires insurers to assess the fitness and propriety of individuals performing key functions on an ongoing basis. The PRA will therefore expect insurers to promptly and fully investigate any matters identified by them which might be relevant to such an assessment. It may also test the design and robustness of an insurer's policies and procedures for reviewing fitness and propriety as part of its supervision of management and governance.

FCA CFs that will also apply

The FCA is proposing to make certain controlled functions which the PRA is proposing not to maintain as PRA CFs, FCA Significant Influence Functions (SIFs) subject to preapproval by FCA. The FCA also proposes to continue the existing approve and consent model for PRA CFs, to ensure that candidates for those functions are suitable from a conduct perspective.

The proposed FCA SIFs are:

  • Director function (CF1), for those directors not approved for a PRA SIMF
  • Apportionment and oversight function (CF8)
  • Compliance function (CF10)
  • CASS Operational Oversight function (CF10a)
  • Money Laundering Reporting officer function (CF11)
  • Significant Management functions (CF29) for those individuals not approved for a PRA SIMF
  • Customer function (CF30)

In addition to these, or ISPVs and third country branches, the Systems and Controls function (CF28) will apply (in the case of ISPVs, only for those individuals not approved for a PRA SIMF); and for third country branches the Actuarial function holder in a third country branch function (CF51) will apply.

The FCA states that the following SIFs would be most likely to be regarded by it as Solvency II key functions, depending on the circumstances of the firm:

  • Significant Management function (CF29)
  • Compliance function (CF10)
  • Apportionment and Oversight (CF8)

Individuals approved for those SIFs would also therefore be subject to PRA rules applying to key function holders.

Conduct standards

The proposed conduct standards cover three specific strands similar to those already established for the banking industry requiring individuals performing key functions to:

  • Act with integrity
  • Act with due skill, care and diligence
  • Deal with the PRA and other regulators in an open and co-operative way

Key function holders are subject to a direct obligation to comply with these standards; in the case of other individuals performing key functions, firms must police compliance. As already discussed, it is not entirely clear who falls into this category.

There are a further five proposed conduct standards, which only apply to key function holders, and require them to:

  • Take reasonable steps to ensure that the business of the firm for which they are responsible is controlled effectively
  • Take reasonable steps to ensure that the business of the firm for which they are responsible complies with the relevant requirements and standards of the regulatory system
  • Take reasonable steps to ensure that any delegation of their responsibilities is to an appropriate person and that they oversee the discharge of the delegated responsibility effectively
  • Disclose appropriately any information of which the FCA or the PRA would reasonably expect to have notice
  • When exercising their responsibilities, pay due regard to the interests of current and potential future policyholders in ensuring the provision by the firm of an appropriate degree of protection for their insured benefits.

Governance map

The PRA expects insurers to have clear structures of accountability and delegation of individual and collective responsibilities, including checks and balances to prevent dominance by an individual. Key function holders should remain accountable for the actions of those to whom they delegate responsibilities, including where insurers use third parties in respect of outsourced functions.

Consistent with this theme of individual responsibility and accountability, the draft rules require allocation of the following prescribed responsibilities to one or more individuals approved for a CF by either regulator (the last two must be allocated to a non-executive director):

  • Ensuring that the firm has complied with the obligation to satisfy itself that persons performing a key function are fit and proper
  • Leading the development of the firm's culture and standards
  • Embedding the firm's culture and standards in its day-to-day management
  • Production and integrity of the firm's financial information and regulatory reporting
  • Allocation and maintenance of the firm's capital and liquidity
  • Development and maintenance of the firm's business model
  • Performance of the firm's Own Risk and Solvency Assessment (ORSA)
  • Induction, training and professional development for all the firm's key function holders
  • Maintenance of the independence, integrity and effectiveness of the whistleblowing procedures, and the protection of staff raising concerns
  • Oversight of the firm's remuneration policies and practices

The allocation of these and any other significant management responsibilities must be recorded in a Governance Map, along with details of reporting lines, key functions identified by the firm, highlighting those that amount to effectively running the firm, and the names of the individuals effectively running the firm or responsible for other key functions. Where the firm forms part of a group, the interaction of the firm's and the group's management and governance arrangements, and any reporting lines from key function holders to the broader group, must also be recorded.

The PRA expects to use the Governance Map as a supervision tool, including:

  • During the initial assessment for PRA approval, where it will be used to identify the areas a candidate will be responsible for managing and their ability to do so;
  • In daily supervision, to:
    • Identify the relevant individual to whom specific regulatory queries should be directed
    • Understand how the allocation of responsibilities has changed to reflect changes to the business model or in the external environment
    • Clarify which individuals are ultimately responsible for certain actions which supervisors expect the insurer to take
  • In enforcement cases, as evidence of individual responsibility for the area where an alleged breach occurred

Timing

While the detailed timing is still to be established, the proposal is that an initial tranche of rules will be made in March 2015 and commenced with effect from January 2016, in line with the timetable for transposing Solvency II. These would cover:

  • The requirement for firms to assess fitness and propriety of persons performing a key function
  • The criteria for that assessment
  • Notifications of information on individuals to the PRA
  • Identification of key functions
  • Compilation of a Governance Map

The timetable for the remaining rules will be determined later this year.

A further consultation will follow dealing with NEDs, as well as a technical consultation dealing with forms, consequential changes and the detailed rules on transitional arrangements from the APR to the SIMR. The current consultation is open for comments until 2 February 2015.

Comment

Fortunately the insurance industry largely survived the financial crisis, but it is clear that it will not escape the PRA's drive to change culture in financial services, which is largely a product of that crisis and the various recent scandals in the banking industry. The proposals take forward the PRA's objective of ensuring accountability and responsibility at senior level, enshrined in the FSMA regulatory principle that senior management should be responsible for compliance by firms with the PRA's requirements.

It is clear that the proposals will make it easier to apportion blame to specific individuals for regulatory failings, although the PRA states that the allocation of individual responsibilities is not intended to undermine or change the fiduciary, legal and regulatory responsibilities of the board. What is not clear is how in practice individuals subject to the SIMR at Board level, and having a specific responsibility allocated to them are to deal with a Board decision with which they disagree, but for which they would ultimately be personally accountable.

Some of the proposals are confusing, in part because the PRA is attempting both to meet the requirements of Solvency II and align the regime with the proposals for the banking sector. Solvency II rules apply to persons who effectively run an insurer or have other key functions. The PRA has broken down this group of persons into different overlapping sub groups, applying slightly different requirements to each. Additional FCA requirements also apply different groups of individuals. Understanding the scope of the regime will be a challenge.

While many of the proposed steps may already have been implemented by firms as a matter of best practice, the task of adapting existing governance frameworks to meet the new requirements will not be straightforward. Given the relatively short timeframe for implementation of the new regime, firms would be prudent to start taking steps now. For example, firms may need to consider enhancing recruitment and vetting procedures to meet the more rigorous requirements of the new regime, and to enable them to demonstrate assessment of fitness and propriety on an ongoing basis. Firms should also consider identifying individuals in other group companies who may be affected.

While described as a "consultation paper", this is consultation with a very small "c" and may be more aptly described as a pre-notification and with that in mind, firms would be well advised to start their preparations early.

Consultation response

Many firms will want to contribute individually to the issues raised in the consultation paper, however if you would prefer to make comments on a non-attributable basis then we are happy to include those for you in the Clyde & Co response. The consultation closes on 2 February 2015. Links to the consultation papers are at:

http://www.bankofengland.co.uk/pra/Pages/publications/cp/2014/cp2614.aspx

http://www.fca.org.uk/your-fca/documents/consultationpapers/cp14-25

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
Nick Elwell-Sutton
 
In association with
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
 
Email Address
Company Name
Password
Confirm Password
Position
Mondaq Topics -- Select your Interests
 Accounting
 Anti-trust
 Commercial
 Compliance
 Consumer
 Criminal
 Employment
 Energy
 Environment
 Family
 Finance
 Government
 Healthcare
 Immigration
 Insolvency
 Insurance
 International
 IP
 Law Performance
 Law Practice
 Litigation
 Media & IT
 Privacy
 Real Estate
 Strategy
 Tax
 Technology
 Transport
 Wealth Mgt
Regions
Africa
Asia
Asia Pacific
Australasia
Canada
Caribbean
Europe
European Union
Latin America
Middle East
U.K.
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.

Disclaimer

Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.

Registration

Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.

Cookies

A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links

This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.

Mail-A-Friend

If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.

Security

This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.