ICP 10 Preventive Measures, Corrective Measures and Sanctions

The supervisor:
  • requires and enforces preventive and corrective measures; and
  • imposes sanctions
which are timely, necessary to achieve the objectives of insurance supervision, and based on clear, objective, consistent, and publicly disclosed general criteria.
[ + ] 10.0

Introductory Guidance

10.0.1

The supervisor should initiate escalating measures to prevent a breach of regulatory requirements by an insurer, respond to a breach of regulatory requirements by an insurer, and enforce those measures to ensure that the insurer responds to the supervisor’s concerns. Preventive measures should be used to prevent a breach of regulatory requirements and corrective measures should be used to respond to a breach of regulatory requirements. Functionally, supervisors may take similar or identical actions as preventive or corrective measures. In addition, where a regulatory requirement has been violated, supervisors may use sanctions.

10.0.2

The supervisor should promptly and effectively deal with insurer non-compliance with regulatory requirements or supervisory measures that could put policyholders at risk, could pose a threat to financial stability, or could impinge on any other supervisory objectives. The more significant the threat to policyholders’ interests or to financial stability, then the quicker the supervisor will need to act and to require action from the insurer, and the more significant the measures that may be required. By mitigating certain risks, preventive and corrective measures that are primarily intended to protect policyholders may also contribute to financial stability, by decreasing the probability and magnitude of any negative systemic impact.

10.0.3

Circumstances may arise when preventive or corrective measures are insufficient to prevent an insurer from being no longer viable, or likely to become no longer viable, and therefore need to exit the market or be resolved (see ICP 12 Exit from the Market and Resolution).

10.0.4

As part of the supervisory framework (see ICP 9 Supervisory Review and Reporting), the supervisor should consider in advance how to use preventive and corrective measures, enforcement of those measures, and the imposition of sanctions. A supervisor’s framework should be documented to assist in the delivery of consistent supervision over time. It is crucial that the framework leaves room for the exercise of supervisory judgement and discretion, so flexibility should be allowed in the use of preventive measures, corrective measures and sanctions. In addition to general criteria, other parts of the framework on preventive measures, corrective measures and sanctions can also be released publicly, particularly where the supervisor feels that this additional transparency will lead to the market functioning more effectively. The decision-making processes that underpin the supervisory framework should function in a way that allows the supervisor to take immediate action when necessary.

10.0.5

In some instances, the supervisor will need to work with other authorities or bodies in order to take or enforce supervisory measures or sanctions against an insurer. For example, some measures or sanctions will require the approval of a judicial body.

10.0.6

There are different methods by which supervisory outcomes can be achieved. The method chosen may vary depending on the jurisdiction’s legal framework. In some jurisdictions, one method is to accept an enforceable written agreement to do, or not to do, some thing or things from the insurer in question. The potential advantages of achieving an outcome by this route are that it can be quicker and less costly. This option can be used to achieve outcomes related to preventive or corrective measures or to sanctions.

10.0.7

Measures or sanctions targeted at non-insurance legal entities within an insurance group may require the supervisor to work with other regulatory authorities.

10.0.8

The supervisor for an insurance legal entity within an insurance group should inform other involved supervisors when taking supervisory measures against or imposing sanctions on that insurance legal entity, where those sanctions are material or otherwise relevant to those supervisors.

CF 10.0.a

The group-wide supervisor applies supervisory measures directly to the Head of the IAIG. If the Head of the IAIG is not within the group-wide supervisor’s jurisdiction, other involved supervisors apply supervisory measures to assist the group-wide supervisor.

CF 10.0.a.1

The group-wide supervisor should have flexibility in how it applies supervisory measures, which may need to vary according to the legal structure of the group, the jurisdiction in which the legal entities in the group are established, and the supervisory authority over relevant parts of the group.

CF 10.0.a.2

If the Head of the IAIG is not located in the jurisdiction of the group-wide supervisor, the group-wide supervisor should use indirect powers to apply supervisory measures.

CF 10.0.a.3

Other involved supervisors should assist the group-wide supervisor to apply supervisory measures to the Head of the IAIG or to insurance legal entities if they have direct supervisory powers to do so.

CF 10.0.b

An involved supervisor coordinates with other involved supervisors before requiring a specific preventive or corrective measure if that measure will have a material effect on the supervision of the IAIG as a â€‹whole, or on the supervision of an insurance legal entity within the IAIG, unless exceptional circumstances preclude such coordination.

CF 10.0.b.1

The supervisory college provides a forum for the group-wide supervisor and other involved supervisors to coordinate preventive and corrective measures. In addition to supervisory colleges, coordination can take place through a crisis management group (see ComFrame material under ICP 25 Supervisory Coordination and Cooperation).

CF 10.0.b.2

Supervisory measures that should be preceded by coordination between involved supervisors include: restricting the transfer of assets between entities within the IAIG; requiring an increase in capital; and suspending or revoking the licence of an insurance legal entity

CF 10.0.b.3

There may be exceptional circumstances where an involved supervisor that wishes to act cannot coordinate in advance with the other involved supervisors. In such circumstances, the involved supervisor should inform the other involved supervisors of the decision made, or action taken, and the supporting rationale, as soon as possible.

CF 10.0.b.4

An involved supervisor does not need to coordinate with the other involved supervisors if the preventive or corrective measure will not materially affect the IAIG as a whole or another insurance legal entity. For example, an involved supervisor may not need to coordinate with the other involved supervisors before requiring the insurance legal entity to enhance its regulatory reporting as a preventive measure to monitor the legal entity’s specific business.

CF 10.0.b.5

If an involved supervisor requires an insurance legal entity within the IAIG to take preventive or corrective measures that are long-term and material in nature, that supervisor should provide periodic updates to the supervisory college.

CF 10.0.b.6

The requirement to coordinate action (other than in exceptional circumstances) does not imply that the supervisor taking action needs the consent of other involved supervisors to take action which is necessary to discharge its duties under the law in its jurisdiction.

[ + ] 10.1

The supervisor acts against individuals or entities that conduct insurance activities without the necessary licence.

 

10.1.1

The supervisor should have in place mechanisms to identify when unlicensed insurance activity is being carried out. Examples of such mechanisms include monitoring of media and advertising, review of consumer complaints or encouraging industry and other stakeholders to notify the supervisor of suspicious activity.

10.1.2

Where unlicensed activity is identified, the supervisor should act to address the issue. Examples include requiring the unlicensed entity to apply for a licence, seeking court orders to require the unlicensed entity to stop the activity, informing law enforcement authorities of criminal and/or civil concerns, imposing sanctions on the individual/entity or publicising the fact that the individual and/or entity is/are not licensed to conduct insurance activities.

[ + ] 10.2

The supervisor requires preventive measures if the insurer seems likely to operate in a manner that is inconsistent with regulatory requirements.

 

10.2.1

Determining when an insurer seems likely to operate in a manner that is inconsistent with regulatory requirements will require a degree of discretion on the part of the supervisor. Nevertheless, concerns that necessitate preventive measures should be well founded based on the supervisor’s assessment.

10.2.2

If the insurer operates in a manner that is likely to impact its ability to protect policyholders’ interests or pose a threat to financial stability, the supervisor should act more urgently in requiring preventive measures.

10.2.3

The supervisor should communicate concerns to the insurer with a promptness that reflects the significance of the concern. Some concerns, such as relating to insurer solvency, policyholder protection, or financial stability, will be sufficiently significant to require immediate communication to the insurer. Other concerns, although significant, may not require such rapid communication, but should still be communicated appropriately. For example, it is unlikely to be appropriate for a supervisor to wait for the next on-site visit to an insurer before communicating a significant concern.

10.2.4

The supervisor should promptly bring significant concerns to the attention of the Board because it has ultimate responsibility for the insurer and that such concerns are resolved. In addition, the supervisor should also communicate with Senior Management and with Key Persons in Control Functions to bring significant concerns to their attention.

10.2.5

The supervisor should have available a range of preventive measures broad enough to address insurers of all sizes and complexities. Preventive measures should be chosen to address the severity of the insurer’s problems.

10.2.6
The supervisor should have the power to issue, and enforce:
  •  restrictions on business activities, such as:
    • prohibiting the insurer from issuing new policies or new types of product;
    • requiring the insurer to alter its sales practices or other business practices;
    • withholding approval for new business activities or acquisitions;
    • restricting the transfer of assets;
    • prohibiting the insurer from continuing a business relationship with an intermediary or othe outsourced provider, or requiring the terms of such a relationship to be varied;
    • ​restricting the ownership of subsidiaries; and
    • restricting activities of a subsidiary where, in its opinion, such activities jeopardise the financial situation of the insurer;
  • directions to reinforce the insurer’s financial position, such as:
    • requiring measures that reduce or mitigate risks (for example, restricting exposures, through either hard or soft limits, to individual counterparties, sectors, or asset classes);
    • requiring an increase in capital;
    • restricting or suspending dividend or other payments to shareholders; and
    • restricting purchase of the insurer’s own shares; and
  • other directions, including:
    • requiring the reinforcement of governance arrangements, internal controls or the risk management system;
    • requiring the insurer to prepare a report describing actions it intends to undertake to address specific activities the supervisor has identified, through macroprudential surveillance, as potentially posing a threat to financial stability (see ICP 24 Macroprudential Supervision);
    • facilitating the transfer of obligations under the policies from a failing insurer to another insurer that accepts this transfer;
    • suspending the licence of an insurer; and
    • barring individuals acting in key roles from such roles in future.
10.2.7
The supervisor may also have other powers available, including:
  • temporarily delaying or suspending, in whole or in part, the payments of the redemption values on insurance liabilities or payments of advances on contracts;
  • lowering the maximum rate of guarantees for new business or introducing additional reserving requirements; or
  • incentivising the use of a system-wide lending facility, when available, for market-wide liquidity issues extending to insurers.
10.2.8

The supervisor should take steps to address problems arising from Board Members, Senior Management, Key Persons in Control Functions, significant owners, external auditors and any other person who plays a significant role within the insurer. For example, the supervisor should require the insurer to replace or restrict the power and role of those involved (listed above) in the governance processes if the supervisor has material concerns with management or governance.

10.2.9

The supervisor should reject, rescind and/or request a court to revoke the appointment of an external auditor who is deemed to have inadequate expertise or independence, or is not subject to, or does not adhere to, established professional standards.

10.2.10
Supervisors should take action to address insurer audit quality concerns, including, where possible, requiring replacement or appointment of a supplementary auditor and the sanctioning of an external auditor if necessary. Supervisors should watch for indicators of potential major audit quality concerns, such as when:
  • the auditor does not have adequate insurance industry knowledge and competence;
  • there is an identified issue with auditor objectivity and independence;
  • the auditor does not disclose to the supervisor matters that it is required to disclose;
  • clear audit quality concerns are identified, such as if the auditor fails to test internal control systems sufficiently, the auditor is not appropriately sceptical, or does not appropriately challenge the insurer’s management regarding the major accounting figures; or
  • the auditor’s system of internal quality control appears ineffective.
CF 10.2.a
The group-wide supervisor requires the Head of the IAIG to take preventive measures if:
  • a legal entity within the IAIG seems likely to operate in a manner that would have a material adverse effect on the IAIG as a whole; or
  • the IAIG as a whole seems likely to operate in a manner that is inconsistent with regulatory requirements.
CF 10.2.a.1

The situation described in the first part of the Standard could arise, for example, where one regulated legal entity in the group seems likely to fail to meet its capital requirement, causing the IAIG as a whole to be likely to fail to meet a group capital requirement to which it is subject.

CF 10.2.a.2

The group-wide supervisor should not require the Head of the IAIG to take additional preventive measures if the supervisor of an insurance legal entity within the IAIG has already required that entity to take preventive measures and the group-wide supervisor has assessed that the preventive measures adequately mitigate the risk to the IAIG as a whole.

CF 10.2.a.3

The situation described in the second part of the Standard could arise, for example, where every regulated legal entity in the IAIG meets its capital requirement, but the group as a whole seems unlikely to meet a group capital requirement to which it is subject.

[ + ] 10.3

The supervisor requires corrective measures if the insurer fails to operate in a manner that is consistent with regulatory requirements.

 

10.3.1

The Guidance under Standard 10.2 is equally applicable when considering corrective measures.

10.3.2

In addition to the supervisory tools set out in 10.2.6, when considering corrective measures the supervisor may find it necessary, in cases of serious breach of regulatory requirements, to revoke the licence of an insurer. The supervisor should be able to enforce this decision.

[ + ] 10.4
The supervisor:
  • requires the insurer to take actions that address the supervisor’s identified concerns;
  • periodically checks that the insurer is taking action; and
  • assesses the effectiveness of the insurer’s actions.
10.4.2

If the insurer does not prepare an acceptable plan in a specified timeframe to respond to the supervisor’s concerns, the supervisor should impose such a plan on the insurer.

10.4.1

The supervisor should require the insurer to prepare a plan to resolve the concerns within an acceptable timeframe. The plan should include actions proposed by the insurer or preventive or corrective measures required by the supervisor. What is acceptable as a timeframe will depend on the circumstances of the concerns raised.

10.4.3

The supervisor should review the results of the actions that the insurer has taken. The supervisor should review both whether the actions have been taken and, if so, the effectiveness of the actions.

10.4.4

The supervisor may require assurance from an independent reviewer regarding adequate resolution of significant concerns. In such cases the supervisor may also require that such an independent reviewer be appointed at the expense of the insurer.

[ + ] 10.5

The supervisor escalates, including enforcing, preventive or corrective measures if its concerns are not addressed by the insurer’s actions.

 

10.5.1

The supervisor should require further measures if its concerns with the insurer become worse, including if the insurer fails to take the actions in a plan.

10.5.2

Supervisory measures should escalate in line with the supervisor’s concerns about the insurer. If the insurer’s inaction leads to an increased risk to policyholders, then the supervisor should respond by requiring stronger measures to mitigate this risk.

10.5.3

Enforcement of preventive or corrective measures could involve the supervisor issuing a formal direction to an insurer to take particular actions or to cease conducting particular activities. It could also involve the supervisor seeking the assistance of other authorities, or the courts, to enforce a measure.

CF 10.5.a

The group-wide supervisor coordinates with other involved supervisors if the Head of the IAIG, or an insurance legal entity within the IAIG, fails to take action to address the group-wide supervisor’s, or other involved supervisor’s, identified concerns.

CF 10.5.b

Where an insurance legal entity within the IAIG fails to take preventive or corrective measures, as required by the involved supervisor, the group-wide supervisor informs the Head of the IAIG of that lack of compliance and assists the involved supervisor, to the extent possible, in achieving compliant outcome.

[ + ] 10.6

The supervisor imposes sanctions on insurers and individuals proportionate to the breach of regulatory requirements or other misconduct.

10.6.1

The supervisor should be able to impose a range of sanctions, which could be administrative, civil or criminal in nature. These can include the ability to impose fines, the ability to bar individuals acting in key roles from holding similar roles in future, and the ability to require remediation (such as requiring compensation of policyholders in cases of mis-selling). It is recognised that supervisors will not always be able to take a full range of legally binding actions themselves and may need to act in conjunction with, or refer matters to, other authorities, in particular, in the case of criminal penalties.

10.6.2

In some cases it may be appropriate to apply sanctions against insurers or individuals when justified by their actions, or inactions.

10.6.3
The supervisor should, in particular, be able to impose sanctions against insurers and individuals who:
  • fail to provide information to the supervisor in a timely fashion;
  • withhold information from the supervisor;
  • provide information that is intended to mislead the supervisor;
  • deliberately misreport to the supervisor; or
  • do not act in accordance with orders or directions imposed on the insurer.
10.6.4

The sanctions imposed by the supervisor should be commensurate with the nature and severity of the insurer’s non-compliance with regulatory requirements. Administrative or procedural breaches will generally attract less severe sanctions than breaches arising from an insurer’s intentional disregard of regulatory requirements. The sanction imposed should be sufficiently dissuasive so that the insurer, or other insurers, do not commit a similar breach in the future.

10.6.5

The supervisor should impose more severe sanctions relative to the gravity of the breach where an insurer’s history demonstrates a pattern of non-compliance with regulatory requirements.

10.6.6

The supervisor may impose sanctions on insurers or individuals in addition to supervisory measures or in the absence of supervisory measures.

10.6.7

The imposition of sanctions against an insurer or an individual typically should not delay either supervisory measures or insurer action taken in response to supervisory measures. However, in some instances, the nature of the sanctions may delay supervisory measures. For example, where a supervisor sanctions an insurer by requiring a number of Senior Managers to be replaced with new individuals, supervisory measures intended to improve the governance of the insurer may not be practical until after the new individuals are appointed.

10.6.8

The supervisor, or another responsible authority in the jurisdiction, should take action to enforce sanctions that have been imposed.

10.6.9

The supervisor should sanction insurers and individuals within a consistent framework, so that similar violations and weaknesses attract similar sanctions. Supervisors should consider how proposed sanctions relate to previous cases. The supervisor should identify precedents where the supervisor has sanctioned an insurer or individual for similar actions/inactions. Where the supervisor has sanctioned an insurer or individual for similar actions/inactions, then the supervisor should consider carefully whether a comparable sanction is appropriate. If the supervisor concludes that a very different sanction is appropriate, the supervisor should be prepared to explain why it reached this conclusion.

10.6.10

In order for sanctions to have a deterrent effect on other insurers, the fact of the sanction, and sufficient details of the breach, should in general be published. However, the supervisor should retain the discretion to take a different course of action (for example, not to publish, or to delay publication) where this would further the achievement of supervisory objectives or it is otherwise in the public interest to do so.

CF 10.6.a

The group-wide supervisor imposes sanctions directly on the Head of the IAIG within the group-wide supervisor’s jurisdiction.

CF 10.6.a.1

Available sanctions should include the imposition of fines and penalties (even if non-compliance by the Head of the IAIG is due to the actions of a legal entity within the IAIG).

CF 10.6.a.2

The group-wide supervisor should have flexibility in how it imposes sanctions, which may need to vary according to the legal structure of the group, the jurisdiction in which the legal entities in the group are established, and the supervisory authority over relevant parts of the group.

CF 10.6.a.3

If the Head of the IAIG is not located in the jurisdiction of the group-wide supervisor, the group-wide supervisor should use indirect powers to impose sanctions.

CF 10.6.b
An involved supervisor communicates with other involved supervisors before imposing sanctions on:
  • an insurance legal entity;
  • the Head of the IAIG; or
  • an individual involved with the relevant insurance legal entity or the Head of the IAIG
if the sanction will have a material effect on the supervision of the IAIG as a whole or a material effect on the supervision of another insurance legal entity within the IAIG, unless exceptional circumstances preclude such communication.
CF 10.6.b.1

The involved supervisor should communicate the need for sanctions to other involved supervisors at the earliest opportunity. Where an involved supervisor must act before communicating the need for sanctions, that supervisor should inform the group-wide supervisor and other involved supervisors of the sanction, and the supporting rationale, as soon as possible.