RISK-FOCUSED SURVEILLANCE FRAMEWORK UPDATE

Slides:

Advertisements

Similar presentations

Organizational Governance

Advertisements

Process and Procedure Documentation. Agenda Why document processes and procedures? What is process and procedure documentation? Who creates and uses this.

Lisanne Sison Director ERM Bickmore

Lou Felice, Health and Solvency Policy Advisor NAIC

Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.

1 Risk-Focused Surveillance Framework Enterprise Risk Management Symposium Chicago, Illinois April 26, 2004 Terri Vaughan, Iowa Insurance Commissioner.

Enterprise Risk Management and the Own Risk Solvency Assessment Act Michelle M. Rogers, JD Director of Financial and Regulatory Policy National Association.

NAIC Oversight of Corporate Governance Commissioner Susan Donegan Vermont Department of Financial Regulation.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Service Design – Section 4.5 Service Continuity Management.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Review of Introduction to Auditing

COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.

Risk-Focused Examinations David Vacca, Assistant Director – Insurance Analysis & Information Services, NAIC Welcome to the © 2009 The National Association.

Auditing A Risk-Based Approach To Conducting A Quality Audit

The Information Systems Audit Process

Orientation to the Accreditation Internal Evaluation (Self-Study) Flex Activity March 1, 2012 Lassen Community College.

NAIC Review of ERM & Internal Controls David Altmaier Florida Office of Insurance Regulation.

CORPORATE RISK MANAGEMENT & INSURANCE BY R P BLAH D.G.M. INCHARGE THE ORIENTAL INSURANCE COMPANY LIMITED REGIONAL OFFICE BHUBANESWAR.

State Examinations Have No Fear, Help is Here. Risk-Focused Financial Condition Exams NAIC mandated for state insurance departments beginning 1/1/2010.

Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.

1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.

Planning an Internal Audit JM García Merced. Brainstorm.

1 1 Risk-Focused Financial Analysis David A Vacca, CPA Insurance Analysis & Information Services NAIC Regulatory Services Division.

Internal Auditing and Outsourcing

Performance Audit Fraud management in local government Report 19: David Toma Manager 24 July 2015.

Regulatory Requirements & Compliance: Ensuring Effective Outcomes Presented By: John E. Palmer, CPA Managing Director/Principal.

Staff Structure Support HCCA Special Interest Group New Regulations: A Strategy for Implementation Sharon Schmid Vice President, Compliance and.

SVS Seminar on Risk-Based Capital Regulation and Corporate Governance in the Insurance Sector Todd Sells presents on U.S. Experiences.

OECD Guidelines on Insurer Governance

Risk Management Report to Audit Committee 26 September 2006 Lee Harris Assistant Chief Executive.

Chapter 11: Project Risk Management

Section Topics Establish a framework for assessing risk

Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

Risk-based Supervision

Considering Internal Control

CDS Operational Risk Management - October 28, 2005 Existing Methodologies for Operational Risk Mitigation - CDS’s ERM Program ACSDA Seminar - October 26.

Understanding Audit Risk Assessment

How does the ECA assess Member States’ internal control systems? Workshop on Audit/Evaluation of Public Internal Financial Control Systems (PIFC) Ankara,

Fundamental Auditing Concepts. Materiality Evidence Independence Audit risk IS and general audit responsibilities for fraud Assurance.

Ted Strickland, Governor Mary Jo Hudson, Director NAIC Potpourri Mary Miller FCAS, MAAA Assistant Director, Product Regulation & Actuarial Services June.

Corporate Governance Yoshi Kawai Secretary General, IAIS IAIS-ASSAL Regional Seminar Buenos Aires, Argentina, November 2011 PUBLIC.

Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.

1 How To Minimize the Risk of Another Frankel Situation Risk-Focused Regulatory Approach Mike Moriarty - NY Insurance Dept. CAS Spring Seminar 5/8/01.

The views expressed in this presentation do not necessarily reflect those of the Federal Reserve Bank of New York or the Federal Reserve System Association.

Proposed Supply Chain Risk Management Process Flow Supply Chain Risk Leadership Council 20 April 2009 DRAFT.

RAWG.  Risk assessment guideline for strategic and annual planning ◦ Identifying auditing universe ◦ Identification of risks ◦ Categorization of possible.

Forward-Looking Bank Supervision 2010 Kansas City Region Regulatory Conference Call August 24, 2010.

Risk-based Supervision Solange Berstein Chair IOPS Technical Committee Superintendent Pension Supervisor Chile.

Macroprudential Surveillance and Insurance Supervision Commissioner Susan Donegan November 19, 2014 Regional Training Seminar for Insurance Supervisors.

Conducting Clinical Risk Assessments And Implementing Compliance Practices Jane L. Stratton Chiron Corporation VP/Associate General Counsel Chief Compliance.

Risk Management & Corporate Governance 1. What is Risk?  Risk arises from uncertainty; but all uncertainties do not carry risk.  Possibility of an unfavorable.

©2000 Bank for International Settlements 1 F I N A N C I A L S T A B I L I T Y I N S T I T U T E BANK FOR INTERNATIONAL SETTLEMENTS On-site Examination.

Internal Controls Christina Urias Managing Director – International Regulatory Affairs NAIC.

The Actuarial Role on Risk-Focused Examinations Rebecca Freitag, FCAS, MAAA Merlinos & Associates IASA GEORGIA CHAPTER Fall Education Conference October.

International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

ISO Registration Common Areas of Nonconformances.

1 Issues for Consideration in the Solvency Modernization Initiative Ramon Calderon Deputy Commissioner, California Department of Insurance Chair, NAIC.

Risk-based Supervision Solange Berstein Chair IOPS Technical Committee Superintendent Pension Supervisor Chile.

©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Section 404 Audits of Internal Control and Control Risk Chapter.

Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.

Belgian Technical Cooperation Internal audit presentation.

©©2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley Considering Internal Control Chapter 10.

Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Chapter

Internal Control Chapter 7. McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.

Risk Assessment Beginning an Analysis Date by Jim Bowman.

PLANNING, MATERIALITY AND ASSESSING THE RISK OF MISSTATEMENT

Enterprise Risk Management (ERM) at Clayton State University

SOFE CDS 2018 Indian Wells, CA

Society of Financial Examiners (SOFE)

Presentation transcript:

RISK-FOCUSED SURVEILLANCE FRAMEWORK UPDATE

Agenda Overview of Risk Assessment Cycle Conducting Risk-Focused Exams Seven Phases to Conducting Exams Status and Project Timeline

Risk Assessment Cycle INSURER PROFILE SUMMARY Examination Risk Based Examination Identify Functional Activities Identify/Assess Inherent Risk Identify & Evaluate Controls Determine Residual Risk Establish Procedures and Conduct Exam Update Supervisory Plan Exam Report//Mgmt Letter Supervisory Plan Develop Ongoing Supervision That Includes: Frequency of Exams Scope of Exams Meetings with Company Management Follow-Up on Recommendations Financial Analysis Monitoring INSURER PROFILE SUMMARY Off-Site Risk Focused Financial Analysis Priority System Financial Analysis includes: Risk Assessment Results Financial Analysis Handbook Process Ratio Analysis (IRIS, FAST, Internal Ratios) Actuarial Analysis Update with internal/external changes Priority System Based on Dept. analysis and NAIC financial Analysis tools: Scoring System ATS Results IRIS Ratios Internal/External Changes Consider Changes to: NRSRO Ratings Ownership/Management/ Corporate Structure Business Strategy/Plan CPA Report or Auditor Legal or Regulatory Status

Examination Risk Based Examination Identify Functional Activities Identify/Assess Inherent Risk Identify & Evaluate Controls Determine Residual Risk Establish Procedures and Conduct Exam Update Supervisory Plan Exam Report//Mgmt Letter

Off-Site Risk Focused Financial Analysis Financial Analysis includes: Risk Assessment Results Financial Analysis Handbook Process Ratio Analysis (IRIS, FAST, Internal Ratios) Actuarial Analysis Update with internal/external changes

Internal/External Changes Consider Changes to: NRSRO Ratings Ownership/Management/ Corporate Structure Business Strategy/Plan CPA Report or Auditor Legal or Regulatory Status

Priority System Priority System Based on Dept. analysis and NAIC financial Analysis tools: Scoring System ATS Results IRIS Ratios

Develop Ongoing Supervision That Includes: Supervisory Plan Develop Ongoing Supervision That Includes: Frequency of Exams Scope of Exams Meetings with Company Management Follow-Up on Recommendations Financial Analysis Monitoring

Insurer Profile Summary General/Basic Information Business Summary Priority Rating Regulatory Findings Regulatory Plan External Information Key Financial Data Overall Summary XYZ Insurance Insurer Profile Summary

Seven-Phase Examination Process 1-4 Phase 1 – Understand the Company and Identify Key Functional Activities to be Reviewed Phase 2 – Identify and Assess Inherent Risks in Activities Phase 3 – Identify and Evaluate Risk Mitigation Strategies/Controls Phase 4 – Determine Residual Risk

Seven-Phase Examination Process 5-7 Phase 5 – Establish/Conduct Exam Procedures Phase 6 – Update Prioritization and Supervisory Plan Phase 7 – Draft Exam Report and Management Letter Based on Findings

Risk Assessment Matrix

Phase 1 – Understand the Company/Identify Key Activities Parts to Phase 1 Understanding the Company Understanding the Corporate Governance Structure Assessing the Adequacy of the Audit Function Identifying Key Functional Activities Consideration of Prospective Risks

Phase 1 – Understand the Company/Identify Key Activities Steps to Part 1- Understanding the Company Gather Necessary Planning Information Review the Gathered Information Analytical and Operational Reviews Consideration of Information Technology Risk Update the Insurer Profile

Phase 1 – Understand the Company/Identify Key Activities Part 2- Understanding the Corporate Governance Structure Understanding the Organizational Structure Understanding & Assessing the Board of Directors Understanding & Assessing Management

Phase 1 – Understand the Company/Identify Key Activities Part 3-Assessing the Adequacy of the Audit Function External audit Internal audit

Phase 1 – Understand the Company/Identify Key Activities Part 3-Assessing the Adequacy of the Audit Function External Provide understanding of control structure Understand CPA’s risk assessment Review compliance and substantive procedures

Phase 1 – Understand the Company/Identify Key Activities Part 3-Assessing the Adequacy of the Audit Function Internal Financial Operational Compliance IS or Technology

Phase 1 – Understand the Company/Identify Key Activities Corporate Governance Information Obtained Audit Assessment Management Assessment Key Activities Prospective Risks

Phase 1 – Understand the Company/Identify Key Activities Part 4- Identify Key Functional Activities Identify key activities using company background information from various sources.

Phase 1 – Understand the Company/Identify Key Activities Part 5-Consideration of Prospective Risks Consideration of prospective risks is an intrinsic element of a risk-focused examination and should occur throughout all phases of the examination process

Phase 2 – Identify Inherent Risk Key activities and sub-activities identified in Phase 1 are the building blocks for identifying inherent risk. Inherent risk is the risk before considering internal controls. The examiners asks the question, “What can go wrong?” for each of the key activities.

Phase 2 – Identify Inherent Risk Inherent risk that has been identified is then classified into the branded Risk Classifications. Credit Market Pricing/ Underwriting Reserving Liquidity Operational/ Financial Rptg. Legal Strategic Reputational

Phase 2 – Assess Inherent Risk Inherent risk is assessed by considering: the likelihood of occurrence, the magnitude of impact and examiner’s judgment.

Phase 2 – Assess Inherent Risk Likelihood of Occurrence: The likelihood that the risk will occur or would prevent a process or activity from attaining its objectives. Low: rare occasions. Moderate-low: at some time. Moderate-high: probably occur at some time. High: expected to occur most of the time.

Phase 2 – Assess Inherent Risk Magnitude of Impact: The potential impact or potential materiality of a risk. Magnitude of Impact is measured as: Threatening: Greater than 5% of surplus Severe: 3-5% of surplus Moderate: 1-3% of surplus Immaterial: Less than 1% of surplus

Phase 2 – Assess Inherent Risk

Phase 3 – Risk Mitigation Strategies The insurer’s control risk should be assessed by determining how well the risk mitigation strategies/controls offset the inherent risks identified Leverage off work of external/internal audit and company self-assessments.

Phase 3 – Risk Mitigation Strategies The Overall Risk Mitigation Strategy/Control Assessment ratings to be indicated in the Risk Assessment Matrix are: Strong Risk Management Moderate Risk Management Weak Risk Management

Phase 4 – Determine Residual Risk Inherent Risk – Internal Controls = Calculated Residual Risk Overall Residual Risk = Calculated Residual Risk +/- Examiner’s Judgment

Phase 4 – Determine Residual Risk Strong Controls Moderate Controls Weak Controls High IR Moderate to High High Moderate IR Low to Moderate Low IR Low IR = Inherent Risk

Phase 5 – Establish/Conduct Exam Procedures After completion of the Risk Assessment for key activities, the nature and extent of testing can be determined and the examination procedures designed accordingly. Examination procedures should be selected to correspond with the financial reporting and other than financial reporting risks noted within the entity.

Phase 5 – Establish Exam Procedures Key Concept: Focus examination effort where there is more risk. Examination procedures should be designed to focus on the risks that remain after consideration of internal controls. High Residual Risk – Substantive tests Moderate Residual Risk – Fewer substantive tests and analytical procedures Low Residual Risk – Minimal substantive tests, more analytical procedures, potentially eliminate tests.

Phase 6 – Update Prioritization and Supervisory Plan From relevant and material findings: Update priority score Establish the Supervisory Plan for on-going analysis Examination Report and Management Letter should be a reflection of the Prioritization and Supervisory Plan

Phase 7 – Draft Exam Report and Management Letter Examination Report – Contains the findings of the examination related to the scope Management Letter – Optional tool to convey results and observations noted during the exam that are not needed in the public report Vehicle for ongoing dialogue with insurer Content determined by state insurance department

Timeline 2006 - 2009 – Training Program for Implementation of the Risk-Focused Process 2007-2009 Dual Examination Approach 2004-2006 Handbook Revisions Exposed for Comment 2004 Adoption of Risk-Focused Surveillance Framework 2010 Proposed Accreditation Standards 2006 – Adoption of the Revisions to the NAIC Financial Condition Examiners Handbook