Framework for the Supervision of Insurance Organizations
Proposed guidance; request for comments.
Citation: "87 FR 6537"
Document Number: "Docket No. OP-1765"
Page Number: "6537"
"Notices"
Agency: "
SUMMARY: The Board is seeking comment on a new supervisory framework for depository institution holding companies significantly engaged in insurance activities, or supervised insurance organizations. The proposed framework would provide a supervisory approach that is designed specifically to reflect the differences between banking and insurance. Within the framework, the application of supervisory guidance and the assignment of supervisory resources would be based explicitly on a supervised insurance organization's complexity and individual risk profile. The proposed framework would formalize the ratings applicable to these firms with rating definitions that reflect specific supervisory requirements and expectations. It would also emphasize the Board's policy to rely to the fullest extent possible on work done by other relevant supervisors, describing, in particular, the way it will rely more fully on reports and other supervisory information provided by state insurance regulators to minimize the burden associated with supervisory duplication.
DATES: Comments must be received no later than
ADDRESSES: You may submit comments, identified by Docket No. OP-1765, by any of the following methods:
Agency website: https://www.federalreserve.gov. Follow the instructions for submitting comments at https://www.federalreserve.gov/apps/foia/proposedregs.aspx.
Email: [email protected]. Include docket and RIN numbers in the subject line of the message.
Fax: (202) 452-3819 or (202) 452-3102.
Mail:
All public comments are available from the Board's website at https://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm as submitted, unless modified for technical reasons or to remove personally identifiable information at the commenter's request. Accordingly, comments will not be edited to remove any identifying or contact information. Public comments may also be viewed in-person in Room M-4365A,
FOR FURTHER INFORMATION CONTACT:
SUPPLEMENTARY INFORMATION:
Table of Contents
I. Background
II. Summary of the Proposal
III. Applicability, Timing, and Implementation
IV. Other Related Developments
V. Regulatory Analysis
VI. Proposed Text of the Framework
A. Proportionality--Supervisory Activities and Expectations
1. Complex and Noncomplex Supervised Insurance Organizations
2. Supervisory Expectations
a. Governance & Controls
b. Capital Management
c. Liquidity Management
B. Supervisory Ratings
C. Incorporating the Work of other Supervisors
I. Background
FOOTNOTE 1 Ch. 240, 70 Stat. 133. END FOOTNOTE
FOOTNOTE 2 Public Law 111-203, 124 Stat. 1376 (2010). END FOOTNOTE
FOOTNOTE 3 Dodd-Frank Act tit. III, 124 Stat. at 1520-70. END FOOTNOTE
FOOTNOTE 4 Although currently all supervised insurance organizations are savings and loan holding companies, the proposed framework would apply to any depository institution holding company that meets the criteria of a supervised insurance organization. END FOOTNOTE
The Board has a long-standing policy of supervising holding companies on a consolidated basis. Consolidated supervision encompasses all legal entities within a holding company structure and supports an understanding of the organization's complete risk profile and its ability to address financial, managerial, operational, or other deficiencies before they pose a danger to its subsidiary depository institution(s). The Board's current supervisory approach for noninsurance depository institution holding companies assesses holding companies whose primary risks are related to the business of banking. The risks arising from insurance activities, however, are materially different from traditional banking risks. The top-tier holding company for some supervised insurance organizations is an insurance underwriting company, which is subject to supervision and regulation by the relevant state insurance regulator as well as consolidated supervision from the Board; for all of these firms, the state insurance regulators supervise and regulate the business of insurance underwriting companies. Additionally, instead of producing consolidated financial statements based on generally accepted accounting principles, many of these firms only produce legal entity financial statements based on Statutory Accounting Principles (SAP) established by states through the
In view of these differences, the Board has sought to tailor its supervision and regulation of supervised insurance organizations. For example, in 2013, when the Board implemented the Basel III capital standard in
FOOTNOTE 5 Regulatory Capital Rules: Implementation of Basel III, 78 FR 62017, 62027 (
FOOTNOTE 6 Regulatory Capital Rules: Risk-Based Capital Requirements for Depository Institution Holding Companies Significantly Engaged in Insurance Activities, 84 FR 57240 (
FOOTNOTE 7 See Large Financial Institution Rating System; Regulations K and LL, 83 FR 58724 (
II. Summary of the Proposal
The proposal would establish a transparent framework for consolidated supervision of supervised insurance organizations. A depository institution holding company is considered to be a supervised insurance organization if it is an insurance underwriting company or if over 25 percent of its consolidated assets are held by insurance underwriting subsidiaries. The proposed framework is designed specifically to account for the unique risks and business profiles of supervised insurance organizations resulting mainly from their insurance business. The framework consists of a risk-based approach establishing supervisory expectations, assigning supervisory resources, and conducting supervisory activities; the formalization of a supervisory rating system; and a description of how examiners would work with state insurance regulators to limit the burden associated with supervisory duplication.
A. Proportionality
The proposed supervisory framework describes a supervisory approach that is proportional to the risks of each supervised insurance organization. This approach is designed to address the unique features of insurance activities and thereby not replicate the standards for the supervision of banking activities. The proposed supervisory framework would result in supervisory activities and the application of supervisory guidance that look beyond the size of the institution and instead focus on the material risks that could pose a threat to the organization's safety and soundness and, in particular, its ability to serve as a source of strength for its depository institution(s).
To achieve this,
Riskier firms would be classified as complex, which would result in the assignment of a dedicated team responsible for consolidated supervision of the organization. Complex firms would be subject to routine continuous monitoring and targeted examinations as necessary to properly understand and assess the firm. Less risky firms would be classified as noncomplex. Noncomplex firms would be subject to an annual examination to assess the firm and assign ratings. This approach make it possible for a firm with over
Applicable practices, as described in supervisory guidance, that are consistent with the Board's expectations for organizations operating in a safe and sound manner, would also vary based on the complexity classification and based on each firm's risk profile. The firm's risk profile would be reassessed by the
Question 1. What additional factors, if any, should the Board consider when considering the complexity of supervised insurance organizations?
Question 2. What other considerations beyond those outlined in this proposal should be considered in the Board's assessment of whether a supervised insurance organization has sufficient financial and operational strength and resilience to maintain safe and sound operations?
Question 3. What additional clarity, if any, is needed to describe the supervisory guidance related to the evaluation of a firm's governance and controls, capital management, and liquidity management under the proposed framework?
Question 4. What additional differences exist between supervised insurance organization and bank holding companies that should be considered and reflected in the framework? What additional measures, if any, could the Board take to appropriately tailor its approach to supervising these firms?
B. Ratings
Since 2011, supervised insurance organization have been assigned indicative ratings under the Board's RFIC/(D) framework (
FOOTNOTE 8 SR 19-4: Supervisory Ratings System for Holding Companies with Total Consolidated Assets Less Than
Question 5. What additional clarity, if any, is needed to describe the ratings process, including the ratings definitions?
Question 6. Should the final framework include a composite rating?
C. Incorporating the Work of Other Supervisors
Effective consolidated supervision requires collaborative relationships with all relevant supervisors and regulators. The Board respects the individual statutory authorities and responsibilities of other supervisors and regulators and works to develop appropriate information flows and coordination so that each supervisor's responsibilities can be carried out effectively while limiting the burden associated with supervisory duplication. In developing its overall assessment of a supervised insurance organization, the proposed framework emphasizes the importance of these relationships and that
Question 7. What additional measures, if any, should the Board take to fulfill its goal to rely to the fullest extent possible on work of other relevant supervisors, including the state insurance regulators?
III. Applicability, Timing, and Implementation
The Board proposes that the
Consistent with current
FOOTNOTE 9 12 U.S.C. 326; 12 CFR part 261. END FOOTNOTE
Question 10. What additional clarity, if any, is needed to describe which firms would be subject to the proposed framework?
IV. Regulatory Analysis
Paperwork Reduction Act
There is no collection of information required by this proposal that would be subject to the Paperwork Reduction Act of 1995, 44 U.S.C. 3501 et seq.
V. Proposed Text of the Supervisory Framework
This framework describes the
FOOTNOTE 1 In this framework, a "supervised insurance organization" is a depository institution holding company that is an insurance underwriting company, or that has over 25 percent of its consolidated assets held by insurance underwriting subsidiaries, or has been otherwise designated as a supervised insurance organization by
A. Proportionality--Supervisory Activities and Expectations
Consistent with the
FOOTNOTE 2 This could happen if a firm's risk profile changes significantly and typically follows a strategic change for the firm (a material acquisition, divestiture, or product offering change). END FOOTNOTE
1. Complex and Noncomplex Supervised Insurance Organizations
Each supervised insurance organization is classified by the
Complex: Complex firms have a higher level of risk and therefore require more frequent and intense supervisory attention.
Noncomplex: Noncomplex firms, due to their lower risk profile, require less supervisory oversight relative to complex firms. The supervisory activities for these firms occur primarily during an annual full-scope inspection resulting in the assignment of the three component ratings. The supervision of noncomplex firms relies more heavily on the reports and opinions of a firm's other relevant supervisors, although these firms are subject to continuous monitoring and coordinated reviews as appropriate. The focus and types of supervisory activities for noncomplex firms are also set based on the unique risks of each firm.
Factors considered when classifying a supervised insurance organization as either complex or noncomplex include the organization's quality and level of capital and liquidity, the size of its depository institution, the complexity of its organizational structure, the nature and extent of any unregulated and/or unsupervised activities, any international exposure, /3/ its product and portfolio risks, ratings and opinions from its regulatory supervisors, and its potential interconnectedness with the broader financial system.
FOOTNOTE 3 Supervised insurance organizations designated by their Group-Wide Supervisor as an
For supervised insurance organizations that are new to
2. Supervisory Expectations
Supervised insurance organizations are expected to operate in a safe and sound manner, to comply with all applicable laws and regulations, and to possess sufficient financial and operational strength to serve as a source of strength for their depository institution(s) through a range of stressful yet plausible conditions. The management and risk management practices necessary to meet these expectations will vary based on a firm's specific risk profile and will vary significantly between the smallest, least risky firms and the largest, riskiest firms. Guidance describing supervisory expectations for safe and sound practices can be found in Supervision & Regulation (SR) letters published by the Board and other supervisory material. Supervisory guidance most relevant to a specific supervised insurance organization is driven by the unique risk profile of the firm. The firm's risk profile is reassessed by the
a. Governance and Controls
The Governance and Controls rating is derived from an assessment of the effectiveness of a firm's (1) board and senior management effectiveness, and (2) independent risk management and controls. All firms are expected to align their strategic business objectives with their risk appetite and risk management capabilities; maintain effective and independent risk management and control functions including internal audit; promote compliance with laws and regulations; and remain a source of financial and managerial strength for their depository institution(s). When assessing governance and controls,
Governance & Controls Expectations
* Despite differences in their business models and the products offered, insurance companies and banks are expected to have effective and sustainable systems of governance and controls to manage their respective risks. The G&C framework for a supervised insurance organization should:
o Clearly define roles and responsibilities throughout the organization;
o Include policies and procedures, limits, requirements for documenting decisions, and decision-making and accountability chains of command; and
o Provide timely information about risk and corrective action for non-compliance or weak oversight, controls, and management.
* The Board expects the sophistication of the G&C framework to be commensurate with the size, complexity, and risk profile of the firm. As such, G&C expectations for complex firms will be higher than that for noncomplex firms but will also vary based on each firm's unique risk profile.
* The enhanced prudential standards rule under Regulation YY /4/ is not applicable to supervised insurance organizations. Unlike large banking organizations, these firms are not required by regulation to maintain a risk committee that periodically reviews and approves the risk management policies of the firm's operations and oversees the operation of its risk management framework, nor are they required by regulation to have a chief risk officer. The Board expects supervised insurance organization to have a risk management and control framework that is commensurate with their structure, risk profile, complexity, activities, and size. For any chosen structure, the firm's board is expected to have the capacity, expertise, and sufficient information to discharge risk oversight and governance responsibilities in a safe and sound manner. The chief risk officer facilitates an enterprise-wide approach to the identification and management of all risks across the organization and while the designation of a chief risk officer is not required, most large insurance companies have found value in having an independent chief risk officer. The Board cautions boards that they may be susceptible to undue risk and responsibility without a truly independent chief risk officer, which may result in safety and soundness concerns, particularly with complex firms, for whom the Board may require the designation of an independent chief risk officer. Firms that do not have a designated chief risk officer should have sufficient compensating controls in place to ensure that the head of risk management has adequate independence and stature to provide effective challenge. Likewise, the
FOOTNOTE 4 12 CFR part 252. END FOOTNOTE
In Assigning a G&C Rating, Federal Reserve Examiners Evaluate
* Board and Senior Management Effectiveness--The firm's board is expected to exhibit certain attributes consistent with effectiveness, including: (i) Setting a clear, aligned, and consistent direction regarding the firm's strategy and risk appetite; (ii) directing senior management regarding board reporting; (iii) overseeing and holding senior management accountable; (iv) supporting the independence and stature of independent risk management and internal audit; and (v) maintaining a capable board and an effective governance structure. As the consolidated supervisor, the Board focuses on the board of the supervised insurance organization and its committees. Complex firms are expected to take into consideration the Board's guidance on board of directors' effectiveness. /5/ In assessing the effectiveness of a firm's senior management,
FOOTNOTE 5 SR 21-3: Supervisory Guidance on Board of Directors' Effectiveness, https://www.federalreserve.gov/supervisionreg/srletters/SR2103.htm. END FOOTNOTE
* Independent Risk Management and Controls--In assessing a firm's independent risk management and controls,
* Internal Audit is an integral part of a supervised insurance organization's internal control system and risk management structure. An effective internal audit function plays an essential role by providing an independent risk assessment and objective evaluation of all key governance, risk management, and internal control processes. Internal audit is expected to effectively and independently assess the firm's risk management framework and internal control systems, and report findings to senior management and to the firm's audit committee. Despite differences in business models, the Board expects the largest, most complex supervised insurance organizations to have internal audit practices in place that are similar to those at banking organizations and as such, no modification to existing guidance is required for these firms. /6/ At the same time, the Board recognizes that firms should have an internal audit function that is appropriate to their size, nature, and scope of activities. Therefore, for noncomplex firms,
FOOTNOTE 6 Regulatory guidance provided in SR 03-05 Amended Interagency Guidance on the Internal Audit Function and its Outsourcing, https://www.federalreserve.gov/boarddocs/srletters/2003/sr0305.htm and SR 13-1 Supplemental Policy Statement on the Internal Audit Function and Its Outsourcing,https://www.federalreserve.gov/supervisionreg/srletters/sr1301.htm, are applicable to complex supervised insurance organizations only. END FOOTNOTE
The principles of sound risk management described in the previous sections apply to the entire spectrum of risk management activities of a supervised insurance organization, including but not limited to:
* Credit risk, which arises from the possibility that a borrower or counterparty will fail to perform on an obligation. Fixed income securities, by far the largest asset class for insurance companies, is the largest source of credit risk. This is unlike banks, where loans generally make up the largest portion of balance sheet assets. Life insurer investment portfolios in particular are generally characterized by longer duration holdings compared to those of banks. Additionally, an insurance company's reinsurance recoverables/receivables arising from the use of third-party reinsurance and participation in regulatory required risk-pooling arrangements expose the firm to additional counterparty credit risk. The
* Market risk, which arises from exposures to movements in market prices as a result of underlying changes in, for example, interest rates, equity prices, foreign exchange rates, commodity prices, or real estate prices. The
* Model risk is the potential for adverse consequences from decisions based on incorrect or misused model outputs and reports. Model risk can lead to financial loss, poor business and strategic decision-making, or damage to a firm's reputation. Supervised insurance organizations are often heavily reliant on models for product pricing and reserving, risk and capital management, strategic planning and other decision-making purposes. A sound model risk management framework helps manage this risk. /7/
FOOTNOTE 7 SR 11-7 Guidance on Model Risk Management is applicable to supervised insurance organizations. END FOOTNOTE
* Legal risk arises from the potential that unenforceable contracts, lawsuits, or adverse judgments can disrupt or otherwise negatively affect the operations or financial condition of a supervised insurance organization. Compliance risk is the risk of regulatory sanctions, fines, penalties or losses resulting from failure to comply with laws, rules, regulations, or other supervisory requirements applicable to a firm. By offering multiple financial service products that may include insurance, annuity, banking, services provided by securities broker-dealers, and asset and wealth management products, provided through a diverse distribution network, supervised insurance organizations are inherently exposed to a significant amount of legal and compliance risk. As the consolidated supervisor, the Board expects firms to have an enterprise-wide legal and compliance risk management program that covers all business lines, legal entities, and jurisdictions of operation. Firms are expected to have compliance risk management governance, oversight, monitoring, testing, and reporting commensurate with their size and complexity, and to ensure compliance with applicable laws and regulations. The principles-based guidance in existing SR letters related to legal and compliance risk is applicable to supervised insurance organizations. /8/ For both complex and noncomplex firms,
FOOTNOTE 8 SR 08-8 Compliance Risk Management Programs and Oversight at Large Banking Organizations with Complex Compliance Profiles, https://www.federalreserve.gov/boarddocs/srletters/2008/SR0808.htm, is applicable to complex supervised insurance organizations. For noncomplex firms, the
o Money laundering, terrorist financing and other illicit financial activity risk is the risk of providing criminals access to the legitimate financial system and thereby being used to facilitate financial crime. This financial crime includes laundering criminal proceeds, financing terrorism, and conducting other illegal activities. Money laundering and terrorist financing risk is associated with a financial institution's products, services, customers, and geographic locations. This and other illicit financial activity risks can impact a firm across business lines, legal entities, and jurisdictions. A reasonably designed compliance program generally includes a structure and oversight that mitigates these risks and supports regulatory compliance with both Bank Secrecy Act/Anti-Money Laundering (BSA/AML) and
FOOTNOTE 9 "Covered products" means: A permanent life insurance policy, other than a group life insurance policy; an annuity contract, other than a group annuity contract; or any other insurance product with features of cash value or investment.
"Permanent life insurance policy" means an agreement that contains a cash value or investment element and that obligates the insurer to indemnify or to confer a benefit upon the insured or beneficiary to the agreement contingent upon the death of the insured. "Annuity contract" means any agreement between the insurer and the contract owner whereby the insurer promises to pay out a fixed or variable income stream for a period of time. END FOOTNOTE
* Operational risk is the risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events. Operational resilience is the ability to maintain operations, including critical operations and core business lines, through a disruption from any hazard. It is the outcome of effective operational risk management combined with sufficient financial and operational resources to prepare, adapt, withstand, and recover from disruptions. A firm that operates in a safe and sound manner is able to identify threats, respond and adapt to incidents, and recover and learn from such threats and incidents so that it can prioritize and maintain critical operations and core business lines, along with other operations, services and functions identified by the firm, through a disruption.
o Cybersecurity/information technology risks are a subset of operational risk and arise from operations of a firm requiring a strong and robust internal control system and risk management oversight structure. Information Technology (IT) and Cybersecurity (Cyber) functions are especially critical to firms' operations. Examiners of financial institutions, including supervised insurance organizations, find detailed guidance on mitigating these risks in the
FOOTNOTE 10 SR 05-23, Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, applies to all supervised insurance organizations. END FOOTNOTE
o Third party risk is also a subset of operational risk and arises from a firm's use of service providers to perform operational or service functions. These risks may be inherent to the outsourced activity or be introduced with the involvement of the service provider. When assessing effective third party risk management,
FOOTNOTE 11 SR Letter 13-19, Guidance on Managing Outsourcing Risk,https://www.federalreserve.gov/supervisionreg/srletters/sr1319.htm, applies to complex and noncomplex supervised insurance organizations. END FOOTNOTE
b. Capital Management
Insurance company balance sheets are typically quite different from those of most banking organizations. For insurance companies, investment strategies focus on cash flow matching to reduce interest rate risk and provide liquidity to support their liabilities, while for traditional banks, deposits (liabilities) are attracted to support investment strategies. Additionally, for insurers, capital provides a buffer for policyholder claims and creditor obligations, helping the firm absorb adverse deviations in expected claims experience, and other drivers of economic loss. The Board recognizes that the capital needs for insurance activities are materially different from those of banking activities. Insurers also often face capital fungibility constraints not faced by banks.
In assessing a supervised insurance organization's capital management, the
The Board expects supervised insurance organizations to have sound governance over their capital planning process. /12/ A firm should establish capital goals that are approved by the board of directors, and that reflect the potential impact of legal and/or regulatory restrictions on the transfer of capital between legal entities. In general, senior management should establish the capital planning process, which should be reviewed and approved periodically by the board. The board should require senior management to provide clear, accurate, and timely information on the firm's material risks and exposures to inform board decisions on capital adequacy and actions. The capital planning process should clearly reflect the difference between the risk profiles and associated capital needs of the insurance and banking businesses.
FOOTNOTE 12 SR 15-19: Federal Reserve Supervisory Assessment of Capital Planning and Positions for Firms Subject to Category II and III Standards, https://www.federalreserve.gov/supervisionreg/srletters/sr1519.htm, is applicable to complex supervised insurance organizations, however,
A firm should have a risk management framework that appropriately identifies, measures, and assesses material risks and provides a strong foundation for capital planning. This framework should be supported by comprehensive policies and procedures, clear and well-established roles and responsibilities, strong internal controls, and effective reporting to senior management and the board. In addition, the risk management framework should be built upon sound management information systems.
As part of capital management, a firm should have a sound internal control framework that helps ensure that all aspects of the capital planning process are functioning as designed and result in accurate assessments of the firm's capital needs. The framework should include an independent internal audit function as well as other review functions with appropriate staff expertise, experience, and stature in the organization to monitor the adequacy of capital risk measurement and management processes.
The governance and oversight framework should include a written assessment of the principles and guidelines used for capital planning, issuance, and usage, including internal post-stress capital goals and targeted capital levels; guidelines for dividend payments and stock repurchases; strategies for addressing capital shortfalls; and internal governance responsibilities and procedures for the capital policy. The capital policy should reflect the unique capital needs of the insurance and banking businesses based on their risks, be approved by the firm's board of directors or a designated committee of the board, and be re-evaluated periodically and revised as necessary.
A strong capital management program will incorporate appropriately stressful conditions and events that could adversely affect the firm's capital adequacy and capital planning. As part of its capital plan, a firm should use at least one scenario that stresses the specific vulnerabilities of the firm's activities and associated risks, including those related to the firm's insurance activities and its banking activities.
Supervised insurance organizations should employ estimation approaches that allow them to project the impact on capital positions of various types of stressful conditions and events, and that are independently validated. A firm should estimate losses, revenues, expenses, and capital using a sound method that incorporates macroeconomic and other risk drivers. The robustness of a firm's capital stress testing processes should be commensurate with the to its capital position.
c. Liquidity Management
The Liquidity Management rating is derived from an assessment of the supervised insurance organization's liquidity position and the quality of its liquidity risk management program. Each firm's liquidity risk management program should be commensurate with its complexity and unique risk profile.
The Board recognizes that insurance companies are typically less exposed to traditional liquidity risk than are banks. Traditional banking activity involves a liquidity transformation of liquid demand deposits into an asset on a banking organization's balance sheet, notably from the perspective of liquidity risk, illiquid bank loans. In traditional insurance business, the fact that an occurrence of an insured event is required for a claim payment, helps reduce liquidity risk. Insurers minimize liquidity risk by attempting to match expected asset cash flows against expected claims payments. The Board's expectations for supervised insurance organizations recognize and reflect this difference in inherent liquidity risk.
The Board, however, does expect all depository institution holding companies, including supervised insurance organizations, to adhere to basic principles for managing liquidity risk. /13/
FOOTNOTE 13 For an explanation of these principles, see SR Letter 10-6, Interagency Policy Statement on Funding and Liquidity Risk Management, https://www.federalreserve.gov/boarddocs/srletters/2010/sr1006.htm. END FOOTNOTE
The
The intensity of the
A strong liquidity risk management program includes comprehensive cash flow forecasting with appropriate granularity, preferably for each major legal entity as well as for the consolidated enterprise. The firm's suite of quantitative metrics should effectively inform senior management and the board of directors of the firm's unique liquidity risk profile and identify liquidity events or stresses that could detrimentally affect the firm. The metrics used to measure a firm's liquidity position may vary by type of business.
Supervised insurance organizations are expected to perform liquidity stress testing at least annually and more frequently if necessary, based on their risk profile. The scenarios used should reflect the firm's specific risk profile and include both idiosyncratic and system-wide stress events. Stress testing should inform the firm on the amount of liquid assets necessary to meet net cash outflows over relevant time periods, including at least a one-year time horizon. Firms should hold a liquidity buffer comprised of highly liquid assets to meet stressed net cash outflows. The liquidity buffer should be measured using appropriate haircuts based on asset quality, duration, and expected market illiquidity based on the stress scenario assumptions. Stress testing should reflect the expected impact on collateral requirements.
Fungibility of liquidity is often limited between an insurance group's legal entities. Large insurance groups can operate with a significant number of legal entities and many different regulatory and operational barriers to transferring funds among them. Regulations designed to protect policyholders of insurance operating companies can limit the transferability of funds from an insurance company to other legal entities within the group, including to other insurance operating companies. Supervised insurance organizations should carefully consider these limitations in their stress testing and liquidity risk management framework. Effective liquidity stress testing should include stress testing at the legal entity level with consideration for intercompany liquidity fungibility. Furthermore, the firm should be able to measure and provide an assessment of liquidity at the top-tier depository institution holding company in a manner that incorporates fungibility constraints.
The enterprise-wide governance and oversight framework should be consistent with the firm's liquidity risk profile and include policies and procedures on liquidity risk management. Policies and procedures should detail the oversight of liquidity risk through a specific document such as a Liquidity Policy. Policies and procedures should include the frequency of liquidity reporting and stress testing. Stress testing results should be communicated clearly and regularly to senior management and the board. A comprehensive contingency funding plan, commensurate with the firm's categorization and liquidity risk profile, should be maintained to manage liquidity stress events. The contingency funding plan should detail specific policies, procedures, and actions for addressing liquidity stress events or breaches of liquidity risk limits.
Supervised insurance organizations should also have an enterprise-wide approach for the control and oversight of liquidity risk. This should include management committee reporting of liquidity risk, governance, and assumptions for key elements of liquidity risk management such as stress testing and the firm's liquidity risk appetite, among others. The risk appetite statement, which should be approved by the board of directors, should detail and define the level of impact of a liquidity event or stress that the firm can. Additionally, the governance framework should detail the process and policies around liquidity risk identification, measurement, and risk-mitigating actions.
B. Supervisory Ratings
Supervised insurance organizations are expected to operate in a safe and sound manner, to comply with all applicable laws and regulations, and to possess sufficient financial and operational strength to serve as a source of strength for their depository institution(s) through a range of stressful yet plausible conditions. Supervisory ratings and supervisory findings are used to communicate the assessment of a firm. Each year, the
Broadly Meets Expectations: The supervised insurance organization's practices and capabilities broadly meet supervisory expectations. The holding company effectively serves as a source of managerial and financial strength for its depository institution(s) and possesses sufficient financial and operational strength and resilience to maintain safe-and-sound operations through a range of stressful yet plausible conditions. The firm may have outstanding supervisory issues requiring corrective actions, but these are unlikely to present a threat to its ability to maintain safe-and-sound operations and unlikely to negatively impact its ability to fulfill its obligation to serve as a source of strength for its depository institution(s). These issues are also expected to be corrected on a timely basis during the normal course of business.
Conditionally Meets Expectations: The supervised insurance organization's practices and capabilities are generally considered sound. However, certain supervisory issues are sufficiently material that if not resolved in a timely manner during the normal course of business, may put the firm's prospects for remaining safe and sound, and/or the holding company's ability to serve as a source of managerial and financial strength for its depository institution(s), at risk. A firm rated "Conditionally Meets Expectations" has the ability, resources, and management capacity to resolve its issues and has developed a sound plan to address the issue(s) in a timely manner. Examiners will work with the firm to develop an appropriate timeframe during which it will be required to resolve that supervisory issue(s) leading to this rating.
Deficient-1: Financial or operational deficiencies in a supervised insurance organization's practices or capabilities put its prospects for remaining safe and sound, and/or the holding company's ability to serve as a source of managerial and financial strength for its depository institution(s), at significant risk. The firm is unable to remediate these deficiencies in the normal course of business, and remediation would typically require it to make material changes to its business model or financial profile, or its practices or capabilities. A firm with a Deficient-1 rating is required to take timely action to correct financial or operational deficiencies and to restore and maintain its safety and soundness and compliance with laws and regulation. Supervisory issues that place the firm's safety and soundness at significant risk, and where resolution is likely to require steps that clearly go beyond the normal course of business--such as issues requiring a material change to the firm's business model or financial profile, or its governance, risk management or internal control structures or practices--would generally warrant assignment of a Deficient-1 rating. There is a strong presumption that a firm with a Deficient-1 rating will be subject to an enforcement action.
Deficient-2: Financial or operational deficiencies in a supervised insurance organization's practices or capabilities present a threat to its safety and soundness, have already put it in an unsafe and unsound condition, and/or make it unlikely that the holding company will be able to serve as a source of financial and managerial strength to its depository institution(s). A firm with a Deficient-2 rating is required to immediately implement comprehensive corrective measures and demonstrate the sufficiency of contingency planning in the event of further deterioration. There is a strong presumption that a firm with a Deficient-2 rating will be subject to a formal enforcement action.
Definitions for the Capital Management Component Rating
Broadly Meets Expectations: Despite the potential existence of outstanding supervisory issues, the supervised insurance organization's capital management broadly meets supervisory expectations, supports maintenance of safe-and-sound operations, and supports the holding company's ability to serve as a source of financial strength for its depository institution(s). Specifically:
* The firm's current and projected capital positions on a consolidated basis and within each of its material business lines/legal entities comply with regulatory requirements and support its ability to absorb potential losses, meet obligations, and continue to serve as a source of financial strength for its depository institution(s);
* Capital management processes are sufficient to give credibility to stress testing results and the firm is capable of producing sound assessments of capital adequacy through a range of stressful yet plausible conditions; and
* Potential capital fungibility issues are effectively mitigated, and capital contingency plans allow the holding company to continue to act as a source of financial strength for its depository institution(s) through a range of stressful yet plausible conditions.
Conditionally Meets Expectations: Capital adequacy meets regulatory minimums, both currently and on a prospective basis. Supervisory issues exist but these do not threaten the holding company's ability to act as a source of financial strength for its depository institution(s) through a range of stressful yet plausible conditions. Specifically, if left unresolved, these issues:
* May threaten the firm's ability to produce sound assessments of capital adequacy through a range of stressful yet plausible conditions; and/or
* May result in the firm's projected capital positions being insufficient to absorb potential losses, comply with regulatory requirements, and support the holding company's ability to meet current and prospective obligations and continue to serve as a source of financial strength to its depository institution(s).
Deficient-1: Financial or operational deficiencies in a supervised insurance organization's capital management put its prospects for remaining safe and sound through a range of plausible conditions at significant risk. The firm is unable to remediate these deficiencies in the normal course of business, and remediation would typically require a material change to the firm's business model or financial profile, or its capital management processes.
Examples of issues that may result in a Deficient-1 rating include, but are not limited to:
* Capital adequacy currently meets regulatory minimums although there may be uncertainty regarding the firm's ability to continue meeting regulatory minimums.
* Fungibility concerns may exist that could challenge the firm's ability to contribute capital to its depository institutions under certain stressful yet plausible scenarios.
* Supervisory issues may exist that undermine the credibility of the firm's current capital adequacy and/or its stress testing results.
Deficient-2: Financial or operational deficiencies in a supervised insurance organization's capital management present a threat to the firm's safety and soundness, a threat to the holding company's ability to serve a source of financial strength for its depository institution(s), or have already put the firm in an unsafe and unsound condition.
Examples of issues that may result in a Deficient-2 rating include, but are not limited to:
* Capital adequacy may currently fail to meet regulatory minimums or there is significant concern that the firm will not meet capital adequacy minimums prospectively.
* Supervisory issues may exist that significantly undermine the firm's capital adequacy metrics either currently or prospectively.
* Significant fungibility constraints may exist that would prevent the holding company from contributing capital to its depository institution(s) and fulfilling its obligation to serve as a source of financial strength.
* The holding company may have failed to act as source of financial strength for its depository institution when needed.
Definitions for the Liquidity Management Component Rating
Broadly Meets Expectations: Despite the potential existence of outstanding supervisory issues, the supervised insurance organization's liquidity management broadly meets supervisory expectations, supports maintenance of safe-and-sound operations, and supports the holding company's ability to serve as a source of financial strength for its depository institutions(s). The firm generates sufficient liquidity to meet its short-term and long-term obligations currently and under a range of stressful yet plausible conditions. The firm's liquidity management processes, including its liquidity contingency planning, support its obligation to act as a source of financial strength for its depository institution(s). Specifically:
* The firm is capable of producing sound assessments of liquidity adequacy through a range of stressful yet plausible conditions; and
* The firm's current and projected liquidity positions on a consolidated basis and within each of its material business lines/legal entities comply with regulatory requirements and support the holding company's ability to meet obligations and to continue to serve as a source of financial strength for its depository institution(s).
Conditionally Meets Expectations: Certain material financial or operational weaknesses in a supervised insurance organization's liquidity management place its prospects for remaining safe and sound through a range of stressful yet plausible conditions at risk if not resolved in a timely manner during the normal course of business.
Specifically, if left unresolved, these weaknesses:
* May threaten the firm's ability to produce sound assessments of liquidity adequacy through a range of conditions; and/or
* May result in the firm's projected liquidity positions being insufficient to comply with regulatory requirements and support the firm's ability to meet current and prospective obligations and to continue to serve as a source of financial strength to its depository institution(s).
Deficient-1: Financial or operational deficiencies in a supervised insurance organization's liquidity management put the firm's prospects for remaining safe and sound through a range of stressful yet plausible conditions at significant risk. The firm is unable to remediate these deficiencies in the normal course of business, and remediation would typically require a material change to the firm's business model or financial profile, or its liquidity management processes.
Examples of issues that may result in a Deficient-1 rating include, but are not limited to:
* The firm is currently able to meet its obligations but there may be uncertainty regarding the firm's ability to do so prospectively.
* The holding company's liquidity contingency plan may be insufficient to support its obligation to act as a source of financial strength for its depository institution(s).
* Supervisory issues may exist that undermine the credibility of the firm's liquidity metrics and stress testing results.
Deficient-2: Financial or operational deficiencies in a supervised insurance organization's liquidity management present a threat to its safety and soundness, a threat to the holding company's ability to serve as a source of financial strength for its depository institution(s), or have already put the firm in an unsafe and unsound condition.
Examples of issues that may result in a Deficient-2 rating include, but are not limited to:
* Liquidity shortfalls may exist within the firm that have prevented the firm, or are expected to prevent the firm, from fulfilling its obligations, including the holding company's obligation to act as a source of financial strength for its depository institution(s).
* Liquidity adequacy may currently fail to meet regulatory minimums or there is significant concern that the firm will not meet liquidity adequacy minimums prospectively for at least one of its regulated subsidiaries.
* Supervisory issues may exist that significantly undermine the firm's liquidity metrics either currently or prospectively.
* Significant fungibility constraints may exist that would prevent the holding company from supporting its depository institution(s) and fulfilling its obligation to serve as a source of financial strength.
* The holding company may have failed to act as source of financial strength for its depository institution when needed.
Definitions for the Governance and Controls Component Rating
Broadly Meets Expectations: Despite the potential existence of outstanding supervisory issues, the supervised insurance organization's governance and controls broadly meet supervisory expectations, supports maintenance of safe-and-sound operations, and supports the holding company's ability to serve as a source of financial and managerial strength for its depository institutions(s). Specifically, the firm's practices and capabilities are sufficient to align strategic business objectives with its risk appetite and risk management capabilities, maintain effective and independent risk management and control functions, including internal audit; promote compliance with laws and regulations; and otherwise provide for the firm's ongoing financial and operational resiliency through a range of conditions. The firm's governance and controls clearly reflect the holding company's obligation to act as a source of financial and managerial strength for its depository institution(s).
Conditionally Meets Expectations: Certain material financial or operational weaknesses in a supervised insurance organization's governance and controls practices may place the firm's prospects for remaining safe and sound through a range of conditions at risk if not resolved in a timely manner during the normal course of business. Specifically, if left unresolved, these weaknesses may threaten the firm's ability to align strategic business objectives with its risk appetite and risk-management capabilities; maintain effective and independent risk management and control functions, including internal audit; promote compliance with laws and regulations; or otherwise provide for the firm's ongoing resiliency through a range of conditions. Supervisory issues may exist related to the firm's internal audit function, but internal audit is still regarded as effective.
Deficient-1: Deficiencies in a supervised insurance organization's governance and controls put its prospects for remaining safe and sound through a range of conditions at significant risk. The firm is unable to remediate these deficiencies in the normal course of business, and remediation would typically require a material change to the firm's business model or financial profile, or its governance, risk management or internal control structures or practices.
Examples of issues that may result in a Deficient-1 rating include, but are not limited to:
* The firm may be currently subject to, or expected to be subject to, informal or formal enforcement action(s) by the
* Significant legal issues may have or be expected to impede the holding company's ability to act as a source of financial strength for its depository institution(s).
* The firm may have engaged in intentional misconduct.
* Deficiencies within the firm's governance and controls may limit the credibility of the firm's financial results, limit the board or senior management's ability to make sound decisions, or materially increase the firm's risk of litigation.
* The firm's internal audit function may be considered ineffective.
* Deficiencies in the firm's governance and controls may have limited the holding company's ability to act as a source of financial and/or managerial strength for its depository institution(s).
Deficient-2: Financial or operational deficiencies in a supervised insurance organization's governance and controls present a threat to its safety and soundness, a threat to the holding company's ability to serve as a source of financial strength for its depository institution(s), or have already put the firm in an unsafe and unsound condition.
Examples of issues that may result in a Deficient-2 rating include, but are not limited to:
* The firm is currently subject to, or expected to be subject to, formal enforcement action(s) by the
* Significant legal issues may be impeding the holding company's ability to act as a source of financial strength for its depository institution(s).
* The firm may have engaged in intentional misconduct.
* The holding company may have failed to act as a source of financial and/or managerial strength for its depository institution(s) when needed.
* The firm's internal audit function is regarded as ineffective.
C. Incorporating the Work of Other Supervisors
Similar to the approach taken by the
Existing statutes specifically require the Board to coordinate with, and to rely to the fullest extent possible on work by the state insurance regulators. The Board and all state insurance regulators have entered into Memorandums of Understanding (MOU) allowing supervisors to freely exchange information relevant for the effective supervision of supervised insurance organizations.
* Routine discussions with state insurance regulatory staff with greater frequency during times of stress;
* Discussions around the annual supervisory plan, including how best to leverage work done by the state and potential participation by state insurance regulatory staff on relevant supervisory activities;
* Consideration of the opinions and work done by the state when scoping relevant examination activities;
* Documenting any input received from the state and consideration given to the opinions and work done by the state for relevant supervisory activities;
* Sharing and discussing with the state the annual ratings and relevant conclusion documents from supervisory activities;
* Collaboratively working with the states and the
* Participating in supervisory colleges.
The
FOOTNOTE 14 Nat'l Ass'n of Ins. Comm'rs, Own Risk and Solvency Assessment (ORSA) Guidance Manual 9 (
By order of the
Secretary of the Board.
[FR Doc. 2022-02383 Filed 2-3-22;
BILLING CODE 6210-01-P
AM Best Affirms Credit Ratings of Berkshire Hathaway Life Insurance Company of Nebraska and First Berkshire Hathaway Life Insurance Company
Corcoran Global Living Announces Partnership with Gradus Capital, Inc.
Advisor News
Annuity News
Health/Employee Benefits News
Life Insurance News