ORSA requirements: Model risk management for insurance companies

Similar documents
MODEL RISK MANAGEMENT. Derek Chapman, FCAS, MAAA, CERA Merlinos & Associates

Statement of Guidance for Licensees seeking approval to use an Internal Capital Model ( ICM ) to calculate the Prescribed Capital Requirement ( PCR )

Use of Internal Models for Determining Required Capital for Segregated Fund Risks (LICAT)

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Actuarial Roles under the Solvency II Framework Dr. Huijuan Liu

Moderator: Kevin M Madigan MAAA,ACAS,CERA. Presenters: Barry A Franklin MAAA,FCAS,CERA Kevin M Madigan MAAA,ACAS,CERA

Academy Presentation to NAIC ORSA Implementation (E) Subgroup

Guideline. Earthquake Exposure Sound Practices. I. Purpose and Scope. No: B-9 Date: February 2013

Guidance Note: Internal Capital Adequacy Assessment Process (ICAAP) Credit Unions with Total Assets Greater than $1 Billion.

INFOCUS. A Fundamental Shift in Models Used for Estimating Loan-Loss Reserves. The Importance of Getting CECL Right BY WILLIAN LANG WITH RYAN CHAREST

ERM and Reserve Risk

Stochastic Analysis Of Long Term Multiple-Decrement Contracts

OWN RISK AND SOLVENCY ASSESSMENT. ERM Seminar Compliance All Dealing from the same deck now

Defining the Internal Model for Risk & Capital Management under the Solvency II Directive

Northern Trust Corporation

NAIC OWN RISK AND SOLVENCY ASSESSMENT (ORSA) GUIDANCE MANUAL

A shift in the top line

Guidance paper on the use of internal models for risk and capital management purposes by insurers

Embrace the Solvency II internal model

ERM/ORSA Training Thai General Insurance Association (TGIA)

BERMUDA MONETARY AUTHORITY GUIDELINES ON STRESS TESTING FOR THE BERMUDA BANKING SECTOR

Solvency Assessment and Management: Stress Testing Task Group Discussion Document 96 (v 3) General Stress Testing Guidance for Insurance Companies

Draft for Consultation FICOM ICAAP Guide

FIFTH THIRD BANCORP MARKET RISK DISCLOSURES. For the quarter ended September 30, 2015

FIFTH THIRD BANCORP MARKET RISK DISCLOSURES

INSTITUTE OF ACTUARIES OF INDIA. GN31: GN on the Financial Condition Assessment Report for General Insurance Companies

Northern Trust Corporation

FIFTH THIRD BANCORP MARKET RISK DISCLOSURES. For the quarter ended March 31, 2016

ORSA An International Development

Tax Department Trends. Tuesday, November 28, 2017 Wichita Country Club Doug Watson - Director Evan Malcom - Manager

An Introduction to Solvency II

Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers

SECURITIES AND EXCHANGE COMMISSION (Release No ; File Nos. SR-DTC ; SR-FICC ; SR-NSCC )

Market and Liquidity Risk Examination Techniques. Federal Reserve System

INTEREST RATE RISK MAKING YOUR MODEL UNDERSTANDABLE AND RELEVANT

FIFTH THIRD BANCORP MARKET RISK DISCLOSURES. For the quarter ended March 31, 2014

RESERVE BANK OF MALAWI

ICAC Annual Conference IFRS 9 Implementation Common Challenges & Possible Solutions

Testing of the ALM Process: What Should it Really Entail?

Article from The Modeling Platform. November 2017 Issue 6

RED 2.1 & 4.2: Quantifying Risk Exposure for ORSA. Moderator: Presenters: Lesley R. Bosniack, CERA, FCAS, MAAA

Preparing for an Own Risk & Solvency Assessment

On the precipice? Navigating a paradigm shift in the insurance industry

TD Group US Holdings LLC TD Bank, National Association TD Bank USA, National Association

Amended repurchase guidance affects asset managers

CAPITAL MANAGEMENT GUIDELINE

Office of the Comptroller of the Currency (OCC) Regulatory Development: Recovery Planning Guidelines

Sageworks Advisory Services PRACTICAL CECL TRANSITION EXPEDIENTS VERSUS CASH FLOWS

Critical Reflection of Two State-of-the-Art Risk Management Frameworks (SRM004)

Solvency II Insights for North American Insurers. CAS Centennial Meeting Damon Paisley Bill VonSeggern November 10, 2014

I should firstly like to say that I am entirely supportive of the objectives of the CD, namely:

GUIDELINES FOR THE INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS FOR LICENSEES

JFSC Risk Overview: Our approach to risk-based supervision

FRBSF ECONOMIC LETTER

Aggregate Margin Task Force: LATF Update

Northern Trust Corporation

STRESS TESTING Transition to DFAST compliance

Basel Committee on Banking Supervision. Consultative Document. Pillar 2 (Supervisory Review Process)

OIC & ORSA. Thanita Anusonadisai Director of Capital and Solvency Standard Department Office of Insurance Commission, Thailand

Article from: Risk Management. March 2014 Issue 29

The Federal Reserve s proposed rule for enhanced prudential standards: what it means to insurers and what they should do now

ORSA: Prospective Solvency Assessment and Capital Projection Modelling

The Society of Actuaries in Ireland. Actuarial Standard of Practice INS-1, Actuarial Function Report

MAS consults on Enterprise Risk Management ( ERM )

SEAC/ACSW Annual Meeting

ORSA reports: gaps and opportunities

OF RISK AND CAPITAL FOR BANKS USING ADVANCED SYSTEMS

IAIS: Enterprise Risk Management for Capital Adequacy & Solvency Purposes. George Brady. IAIS Deputy Secretary General

A new global standard on revenue

Credit risk management. Why it matters and how insurers can enhance their capabilities

Overview and context

2018 Annual Stress Test Disclosure

GUIDELINE ON ENTERPRISE RISK MANAGEMENT

The risk management function of the future

Prosperity Bancshares, Inc. & Prosperity Bank - Dodd-Frank Act Stress Test Disclosure

GN47: Stochastic Modelling of Economic Risks in Life Insurance

CREDIT RISK MANAGEMENT GUIDANCE FOR HOME EQUITY LENDING

US Life Insurer Stress Testing

Solvency Assessment and Management: Steering Committee Position Paper (v 4) Life SCR - Retrenchment Risk

Model Risk Management. Henry Essert Gaurav Upadhya

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

DEVELOPING A GROUP CAPITAL CALCULATION

Rolling Up Operational Risk

Raising the quality, consistency and transparency of the capital base

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

ORSA Summary Report Similarities/Differences Regulator Observations

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Introduction of a new risk-based capital framework in Singapore Convergence or divergence in relation to Solvency II?

INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS GUIDELINE. Nepal Rastra Bank Bank Supervision Department. August 2012 (updated July 2013)

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Own Risk and Solvency Assessment (ORSA)

Field Tests of Economic Value-Based Evaluation and Supervisory Method. - Summary of the Results -

2015 ANNUAL DODD-FRANK ACT

BERMUDA MONETARY AUTHORITY THE INSURANCE CODE OF CONDUCT FEBRUARY 2010

Citigroup Inc. Basel II.5 Market Risk Disclosures As of and For the Period Ended December 31, 2013

Moderator: Eric L Clapprood FSA,CERA. Presenters: Dwayne Allen Husbands FSA,MAAA Youyou Tao FSA,CERA

RCAP jurisdictional assessments: self-reporting monitoring template for RCAP follow-up actions

Transcription:

ORSA requirements: Model risk management for insurance companies Insurance companies are being required to implement a model risk management (MRM) program. The National Association of Insurance Commissioners Own Risk and Solvency Assessment (ORSA) guidance manual states: The ORSA summary report requires insurers to provide a general description of the insurer s process for model validation, including factors considered and model calibration. In addition, the guidance also notes, One of the most difficult exercises in modeling insurer results is determining the relationships, if any, between risk categories. In order for insurance companies to ensure compliance with the ORSA regulation as it relates to model validation, insurers can look to guidance from: The Office of the Comptroller of the Currency (OCC 2011-2012 guidance) Federal Reserve Board: Supervisory Guidance on Model Risk Management (SR11-7 bulletin) The Actuarial Standards Board s modeling document Regulatory MRM requirements for banks are emerging as the leading guidance for insurance models. Model documentation for ensuring guidance should include: A MRM governance and controls framework An inventory of all models utilized by the company, and a risk ranking for each model A model validation process to ensure the accuracy of the models

What is a model? The Federal Reserve Board (FRB) and the Office of the Comptroller of the Currency (OCC) define a model as a quantitative method, system or approach that applies statistical, economic, financial or mathematical theories, techniques and assumptions to process input data into quantitative estimates. A model consists of three components: an information input component, which delivers assumptions and data to the model; a processing component, which transforms inputs into estimates; and a reporting component, which translates the estimated outputs into useful business information. No model is perfect: all have the potential to be incorrect or misused. Effective model risk management addresses the consequences financial loss, bad decisions, material misstatements of those exposures. In other words, it seeks to prevent, identify, quantify and mitigate model risk, which expands with greater model complexity, higher uncertainty about inputs and assumptions, broader use, and larger potential impact. Defining model risk Model risk refers to the unintended outcomes that may arise from flaws in a model s design, development, implementation or use. The business consequences can be severe: in addition to material financial loss, misstatement of regulatory reporting and poor decision making, model risk can cause serious damage a firm s reputation. Many of these unintended outcomes are inherent to the modeling process, such as: Uncertainty or flaws in the initial model assumptions Uncertainty or flaws in the original data (i.e., its availability, its stability, its accuracy) Uncertainty or flaws in a model s design Flaws in the development of the model, including: The suitability of the chosen techniques The limitations of the techniques Uncertainty or flaws in the model application or deployment stage, including: Limited applicability of the modeling technique Errors in the deployment stage Uncertainty in the persistence of the initial assumptions Inherent uncertainty arising from the stochastic nature of certain modeling techniques A central principle for managing model risk is the need for effective challenge. Effective challenge is critical analysis by informed, objective parties who can identify model limitations and assumptions and produce appropriate changes. The OCC and FRB issued guidance for model risk management requiring institutions to identify the sources and potential magnitude of model risk. The guidance describes two general categories of model risk. 1 1 Office of the Comptroller of the Currency. Sound Practices for Model Risk Management. OCC Buylletin 2011-12, April 4, 2012; Guidance of Model Risk 2 Management, SR 11-7, April 4, 2011.

1. The model may have fundamental errors. Mistakes can occur at any point in a model s life cycle from design through implementation. The misapplication of theory, selection of inappropriate sample techniques or data, and incorrect calculations during implementation can also produce fundamental errors. 2. The model may be used incorrectly or inappropriately. Guidance on model risk from the FRB and OCC states, models are simplifications of reality, and real-world events may prove those simplifications inappropriate. 2 At times, models designed for one environment e.g., a set of market conditions are applied to another, with adverse consequences. Figure 1: Model risk management and documentation Input Process Output Hypothesis Assumptions Data availability Scenarios Validation Compliance and regulatory requirements Conceptual soundness Validation Implementation Data quality Aggregation Reports Validation Usage Ongoing monitoring Effective challenge Performance Models have limitations that may be magnified when adopted for uses outside their original intent. In practice, model risk could occur at any point in time during the model life cycle. Each of the three components of the model (input, process and output) carries with it a unique type of risk (see Exhibit 1). While the three components are highly integrated, the quality of a model s outputs depends vitally on the quality of its assumptions and input data. Our experience shows that the use of incorrect assumptions is one of the key sources of model risk, primarily because of the large number of external macroeconomic factors and idiosyncratic risks particular to a specific institution all difficult to predict but integral to the development of stress testing models. An example of this risk would be a bank using mistaken macroeconomic factors or neglecting to include macroeconomic factors in a loss given default (LGD) calculation, a key metric in credit risk ratings that is very sensitive to economic cycle changes. Using appropriate assumptions when selecting economic variables is key for regional and midsized banks that may be less sensitive to macroeconomic scenarios. A good approach for these entities is to develop stress scenarios that account for regional economic factors and use them in conjunction with idiosyncratic shocks. 2 Office of the Comptroller of the Currency. Supervisory Guidance of Model Risk Management. OCC Buylletin 2011-12, April 4, 2011. Visit http://www.occ.treas.gov/news-issuances/bulletins/2011/bulletin-2011-12.html for more information 3

Model inventory Responsibility for maintaining an inventory of models is typically maintained by a company s ERM function. Examples of types of models in the inventory could include: Valuation models designed to capture snapshot, frozen-in-time estimates of financial metrics, like assets, liabilities or other items commonly found in financial statements. Actuarial models designed to quantify/ measure actuarial risk in order to determine pricing premiums, or the amount of reserves to hold. Statistical models designed to use statistical tools like regression analysis to transform and extrapolate an input data set into desired outputs and forecasts. Risk and capital models designed to assess/ monitor risk metrics and capital requirements, i.e., solvency models, credit default risk models and catastrophe models. Financial accounting models designed to project financial metrics such as income, expenses, assets, liabilities and cash flow. Strategic models designed to assess implications on key performance indicators in support of the business shifts in strategic initiatives. Model validation The guidance states, Model validation is the set of processes and activities intended to verify that models are performing as expected and in line with their design objectives and business uses. Effective validation helps ensure that models are sound. It also identifies potential limitations and assumptions, and assesses their possible impact. All model components, including input processing and reporting, should be subject to validation both as the model is initially developed and periodically as set by the MRM policy. Model owners are responsible for performing and documenting that proper model validations (balance controls, back testing, etc.) have been completed. A central principle for managing model risk is the need for effective challenge. Effective challenge is critical analysis by informed, objective parties who can identify model limitations and assumptions and produce appropriate changes. Model owners ensure that models have undergone appropriate independent validation and approval, promptly identify new or changed models, and provide all necessary information for validation activities. It is the model owner s responsibility to interpret validation results, and implement any appropriate and practical modeling changes that are recommended through the independent review or validation process. 4

Grant Thornton s proven methodology Grant Thornton LLP s model risk management framework provides an approach to conduct a comprehensive model risk assessment. We assist clients by providing independent and objective assessments of their MRM governance and controls framework. We assist insurance companies in assessing roles and responsibilities among their first and second line-ofdefense mechanisms and institutions in the third line of defense, and work with internal audit functions to assess controls and compliance with MRM requirements. A comprehensive MRM protocol should have a life cycle view to model risk. The insurance company s MRM framework should include standards for model development, implementation, use, validation, ongoing monitoring and maintenance. Conclusion Model risk is an inherent part of day-to-day life for today s insurance companies. By identifying each material risk category independently, and reporting results in both normal and stressed conditions, insurance company management and the commissioner are better placed to evaluate certain risk combinations that could cause an insurer to fail. It is important to remember that models are a highly simplified structure and not all output errors are due to model inadequacy. Paying too little attention to model risk can leave firms much more vulnerable to losses. Contacts John Swanick Partner Business Advisory Services T +1 215 814 4070 E john.swanick@us.gt.com Mark Lastner Managing Director Financial Services Advisory National Insurance Solutions Leader T +1 215 814 1750 E mark.lastner@us.gt.com Ilieva Ageenko Managing Director Financial Services T +1 704 632 6820 E ilieva.ageenko@us.gt.com Model risk management framework Model risk governance controls Model risk measurement Model development and implementation Model use Model validation Model inventory Board members should ensure that the level of model risk is within the insurance company s risk tolerance. All aspects of MRM should be covered by suitable policies, including model and model risk definitions, assessment of model risk, acceptable practices for model development, implementation and use, appropriate model validation activities, and governance and controls over the MRM process. Insurance companies should identify the sources and assess the magnitude of the risk. Model risk increases with greater model complexity, higher uncertainty about inputs and assumptions, broader use, and larger potential impact. Insurance companies should consider risk from individual models and in the aggregate. Models must be categorized by materiality and risk profile. An effective development process begins with a clear statement of purpose to ensure that model development is aligned with the intended use. The model risk policy should provide clear standards for model development, model documentation, and testing process and controls for the first line of defense and second line of defense and across the model life cycle. The scope of model validation includes end-to-end validation of the model life cycle. All model components, including input, processing and reporting, should be subject to validation; this applies equally to models developed in-house and those purchased from or developed by vendors or consultants. The model risk function should establish an annual validation review schedule. Model users must be aware of the model limitations and avoid incorrect or inappropriate use of model outcomes. While conservative use of models is prudent, insurance companies should be careful in applying conservatism broadly to address model risk, because the impact of such conservatism in complex models may not be obvious or intuitive. Insurance companies should maintain a comprehensive set of information for models implemented for use, under development for implementation or recently retired. While each line of business may maintain its own inventory, a specific party should also be charged with maintaining a firmwide inventory of all models, which should assist an insurance company in evaluating its model risk in the aggregate. 5

This content is not intended to answer specific questions or suggest suitability of action in a particular case. For additional information about the issues discussed, contact a Grant Thornton LLP professional. Connect with us grantthornton.com @grantthorntonus linkd.in/grantthorntonus Grant Thornton refers to Grant Thornton LLP, the U.S. member firm of Grant Thornton International Ltd (GTIL), and/or refers to the brand under which the independent network of GTIL member firms provide services to their clients, as the context requires. GTIL and each of its member firms are not a worldwide partnership and are not liable for one another s acts or omissions. In the United States, visit grantthornton.com for details. 2016 Grant Thornton LLP All rights reserved U.S. member firm of Grant Thornton International Ltd

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback