In a recent speech, the Deputy Governor of the Central Bank of Ireland (CBI) spoke to the CBI's 2021 regulatory and supervisory priorities for governance and risk management; areas likely to be of keen interest to the Boards of (re)insurers.
Financial Regulation Priorities in 2021
Strategic financial regulation priorities for 2021 include:
- maintaining supervisory focus on financial and operational resilience of firms and markets;
- improving governance and risk management capabilities in firms and markets;
- ensuring that detrimental consumer outcomes are identified, prevented or mitigated, such as (i) business interruption insurance and (ii) differential pricing (the CBI is considering a potential consultation on proposals to further protect consumers on this issue in July 2021); and
- resolving both pandemic related and longer-term distressed debt in the system.
Governance and Risk Management
Focusing on 2 above, the Deputy Governor cited key CBI expectations in several areas, including:
Accountability and Decision Making
The Deputy Governor reiterated the broad outline of the CBI's proposed Individual Accountability Framework. He noted that the CBI is seeking to ensure that they 'do not unbalance the framework of collective decision-making and individual accountability in firms by an increased focus on the individual aspects'. The CBI envisages that enhanced individual accountability should result in better collective decision making in firms.
The CBI and the Department of Finance are developing the enhanced framework and the related necessary legislative proposals, and the CBI will consult publicly on the proposals once published.
Diversity and Inclusion
While some are starting to make progress, many firms need to do much more to 'increase the diversity of experience, thought, background and attributes at senior levels'. Following on from its 2020 thematic assessment of diversity and inclusion in insurance firms, the CBI intends to maintain its supervisory focus on this area during 2021.
Technology and Innovation
COVID-19 has reinforced the importance of operational resilience and the CBI will continue to challenge firms to ensure that risk and control frameworks are operating effectively in the current environment and firms are prepared for unforeseen operational disruptions. It would be sensible for firms to review their digital operational resilience considering these comments.
In emphasising the Board's responsibility for a firm's IT risk, strategy and governance, the following specific expectations were highlighted:
- Boards should have the skills and knowledge to meaningfully understand the risks their organisations face and their responsibilities;
- to safeguard the operational resilience of the IT framework, appropriate IT budgets should be allocated and periodically reviewed;
- the implementation of BCP and Disaster Recovery Plans should be approved, overseen and reviewed by the Board; and
- Boards should obtain independent assurance on IT governance by approving and periodically reviewing the IT audit plans and ensuring receipt of timely notification of IT related incidents and their business impact.
'Increasingly active and intrusive' supervision of climate change risks is promised, with the Deputy Governor acknowledging that responses and planned actions for climate change have, to date, been 'woefully inadequate' on a multitude of levels. The CBI encourages firms to apply lessons learnt from the pandemic to the challenge of climate change and will be seeking evidence of:
- meaningful consideration of climate change risk at Board level;
- climate change risks and their mitigation being incorporated and embedded in organisational risk management frameworks;
- consideration of climate risks as part of stress testing; and
- proactive application of the EU taxonomy of sustainable activities.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.