|
|
© IAIS. All rights reserved.
|
ICP on-line tool
ICP 7 Corporate Governance
The supervisor requires insurers to establish and implement a corporate governance framework which provides for sound and prudent management and oversight of the insurer’s business and adequately recognises and protects the interests of policyholders.
Objectives and Strategies of the Insurer
7.1
|
The supervisor requires the insurer’s Board to set and oversee the implementation of the insurer’s business objectives and strategies for achieving those objectives, including its risk strategy and risk appetite, in line with the insurer’s long term interests and viability.
|
Appropriate Allocation of Oversight and Management Responsibilities
7.2
|
The supervisor requires the insurer’s Board to:
- ensure that the roles and responsibilities allocated to the Board, Senior management and Key Persons in Control functions are clearly defined so as to promote an appropriate separation of the oversight function from the management responsibilities; and
- provide adequate oversight of the Senior Management.
|
Structure and Governance of the Board
7.3
|
The supervisor requires the insurer’s Board to have, on an on-going basis:
- an appropriate number and mix of individuals to ensure that there is an overall adequate level of knowledge, skills and expertise at the Board level commensurate with the governance structure and the nature, scale and complexity of the insurer’s business;
- appropriate internal governance practices and procedures to support the work of the Board in a manner that promotes the efficient, objective and independent judgment and decision making by the Board; and
- adequate powers and resources to be able to discharge its duties fully and effectively.
|
Duties of Individual Board Members
7.4
|
The supervisor requires the individual members of the Board to:
- act in good faith, honestly and reasonably;
- exercise due care and diligence;
- act in the best interests of the insurer and policyholders, putting those interests of the insurer and policyholders ahead of his/her own interests;
- exercise independent judgment and objectivity in his/her decision making, taking due account of the interests of the insurer and policyholders; and
- not use his/her position to gain undue personal advantage or cause any detriment to the insurer.
|
Risk Management and Internal Control Systems and Functions
7.5
|
The supervisor requires the insurer’s Board to provide oversight in respect of the design and implementation of sound Risk management and internal control systems and functions. |
Remuneration Policy and Practices
7.6
|
The supervisor requires the insurer’s Board to:
- adopt and oversee the effective implementation of a remuneration policy, which does not induce excessive or inappropriate risk taking, is in line with the identified Risk appetite and long term interests of the insurer, and has proper regard to the interests of its stakeholders; and
- ensure that such a remuneration policy, at a minimum, covers those individuals who are members of the Board, Senior Management, Key Persons in Control functions and other employees whose actions may have a material impact on the risk exposure of the insurer (major risk–taking staff).
|
Reliable and Transparent Financial Reporting
7.7
|
The supervisor requires the insurer’s Board to ensure there is a reliable financial reporting process for both public and supervisory purposes which is supported by clearly defined roles and responsibilities of the Board, Senior management and the external auditor.
|
7.7.1 |
The Board is responsible for having adequate systems and controls to ensure that the Financial reports of the insurer present a balanced and accurate assessment of the insurer’s business and its general Financial health and viability as a going concern. In discharging this responsibility, the Board should carry out specific oversight functions. To increase its effectiveness, many insurers have an Audit Committee of the Board for this purpose. Where this is not practicable, the Board, as a whole, carries out these functions. These functions should include:
- overseeing the financial statements, financial reporting and disclosure processes;
- monitoring whether accounting policies and practices of the insurer are operating as intended;
- overseeing the audit process (encompassing external audit and reviews by internal audit of the insurer’s financial reporting controls) and reviewing the auditor’s plans and material findings;
- overseeing the processes for hiring, removing and assessing the performance and independence of the external auditor to ensure the appointed external auditor has the necessary knowledge, skills, expertise, integrity and resources to conduct the audit;
- investigating the circumstances relating to the resignation or removal of an external auditor, and ensuring prompt actions are taken to mitigate any identified risks to the integrity of the financial reporting process; and
- reporting to the Board (by the Audit Committee where one is established) and the supervisor on significant issues concerning the financial reporting process, including the circumstances relating to the resignation or removal of the external auditor and the actions taken to address or mitigate identified financial reporting risks.
|
7.7.2 |
It is particularly important that the Board safeguards and promotes an effective relationship with the external auditor and for this purpose ensures that:
- the terms of engagement of the external auditor are clear and appropriate to the scope of the audit and resources required to conduct the audit and specify the level of audit fees to be paid;
- the auditor undertakes a specific responsibility under the terms of engagement to perform the audit in accordance with applicable auditing standards;
- there are adequate policies and a process to ensure the independence of the external auditor, including policies and processes that address the auditor’s compliance with applicable ethical and professional standards, restrictions and conditions for the provision of non-audit services which are subject to approval by the Board, partner or firm periodic rotation as appropriate, and safeguards to eliminate or reduce to an acceptable level identified threats to the independence of the external auditor;
- there is adequate dialogue with the external auditor on the scope and timing of the audit to understand the issues of risk, information on the insurer’s operating environment which is relevant to the audit, and any areas in which the Board may request for specific procedures to be carried out by the external auditor, whether as a part or an extension of the audit engagement;
- there is unrestricted access by the external auditor to information and persons within the insurer as necessary to conduct the audit; and
- there is an evaluation of the effectiveness of the external audit process at the end of the audit cycle.
|
7.7.3 |
The Board should also understand the external auditor’s approach to Internal controls relevant to the audit. This includes evaluating the relationship between the external auditor, the internal audit function and the actuarial function in order to establish the degree of assurance that the Board can draw from the external auditor’s report. The Board should require that any information regarding internal control weaknesses or deficiencies which the external auditor becomes aware of is promptly communicated to the Board. Appropriate actions should be taken by the Board where doubts arise as to the reliability of the external auditor’s opinion as an independent attestation of the insurer’s internal financial reporting and control processes. |
7.7.4 |
There should be regular meetings between the Board and the external auditor during the audit cycle, including meetings without management present. |
7.7.5 |
The supervisor should require that it be notified by the external auditor of material fraud, suspicion of material Fraud and regulatory breaches or other significant audit findings identified in the course of the audit. Copies of reports prepared by the external auditor for the insurer (e.g. such as management letters) should be extended to the supervisor. Such information should be provided to the supervisor without the need for prior consent of the insurer and the external auditor should be duly protected from liability for any information so disclosed to the supervisor in good faith. |
7.7.6 |
The supervisor should have and exercise the power to require a further audit by a different external auditor or to have the auditor replaced where necessary. |
7.7.7 |
The Board should ensure that significant findings and observations regarding weaknesses in the financial reporting process are promptly rectified. This should be supported by a formal process for reviewing and monitoring the implementation of recommendations by the external auditor. |
Transparency and Communications
7.8
|
The supervisor requires the insurer’s Board to have systems and controls to ensure the promotion of appropriate, timely and effective communications with the supervisor and relevant stakeholders on the governance of the insurer. |
Duties of the Senior Management
7.9
|
The supervisor requires the insurer’s Board to have appropriate policies and procedures to ensure that Senior Management:
- carries out the day-to-day operations of the insurer effectively and in accordance with the insurer’s strategies, policies and procedures;
- promotes a culture of sound risk management, compliance and fair treatment of customers;
- provides the Board adequate and timely information to enable the Board to carry out its duties and functions including the monitoring and review of the performance and risk exposures of the insurer, and the performance of Senior Management; and
- provides to the relevant stakeholders and the supervisor the information required to satisfy the legal and other obligations applicable to the insurer or Senior Management.
|
Supervisory Review
7.10
|
The supervisor has the power to require the insurer to demonstrate the adequacy and effectiveness of its Corporate governance framework.
|
|
