Introduction to IOPS Principles for Risk Based Supervision Ross Jones – President IOPS Deputy Chairman, Australian Prudential Regulation Authority Regional IOPS Workshop on Private Pension Supervision Lima, Peru 8 September 2011
IOPS Principles of Private Pension Supervision Principle 1 : Objectives National laws should assign clear and explicit objectives to pension supervisory authorities Strategic objectives should be clear and public Responsibilities of the pensions supervisor should give a clear mandate and assign specific duties
IOPS Principles of Private Pension Supervision Principle 1 : Objectives; Assessment questions Is there legislation providing for a pension supervisor? Does the legislation set out objectives? Are objectives public and binding? Does the legislation explicitly set out responsibilities and duties of the pension supervisor? Does the supervisor explicitly set out its responsibilities and duties (and are they consistent with legislative objectives?)
IOPS Principles of Private Pension Supervision Principle 2 : Independence Pension supervisory authorities should have operational independence Autonomy in day-today operations and decision making Funding to ensure independence Appointment procedures transparent Judicial review of supervisory actions
IOPS Principles of Private Pension Supervision Principle 2 : Independence; Assessment questions Is the supervisory authority established as a body with operational independence? What type of restrictions exist on the ability of the government to make directions to the supervisory authority? Is there transparency in the process for appointing senior positions? Is there transparency in the process for terminating senior positions so that threat of termination can’t be used to influence decisions? Are senior officers replaced when there is a change of government? If funded by levies on supervised entities, is there freedom from interference by these entities? Is the agency head appointed for a fixed term?
IOPS Principles of Private Pension Supervision Principle 3 : Adequate resources Pension supervisory authorities require adequate financial, human and other resources Able to conduct functions efficiently and independently Funding to ensure independence
IOPS Principles of Private Pension Supervision Principle 3 : Adequate resources; Assessment questions Is the budgetary timeframe long enough (e.g. 3 years) to provide stability in planning and recruitment? Is the budget sufficient to enable supervisory agency to meet its responsibilities? (very subjective) Does the agency have freedom in hiring with regard to staff numbers and salary? Are senior staff appropriately qualified? Is the fee structure transparent?
IOPS Principles of Private Pension Supervision Principle 4 : Adequate powers Pension supervisory authorities should be endowed with the necessary investigative and enforcement powers to fulfil their functions and achieve their objectives Powers appropriate to the system being supervised Powers appropriate to the manner of supervision e.g. appropriate investigatory and enforcement powers
IOPS Principles of Private Pension Supervision Principle 4 : Adequate powers; Assessment questions Are the supervisor’s powers clearly established by its governing legislation? Can the supervisor gain access to the information it needs? Is there a licensing or registration process that enables the supervisory agency to obtain relevant information and to reject/amend/revoke the license/registration in the case of serious non-compliance? Can the supervisor enforce legislation relating to funding/capital adequacy, fitness and propriety? Have there been any difficulties in using available powers? Is the legal framework flexible with appropriate gradation of powers and defined strategic goals?
IOPS Principles of Private Pension Supervision Principle 5 : Risk orientation Pension supervision should seek to mitigate the greatest potential risks to the pension system Objectives of supervision should be risk-based Allocate supervisory resources to highest risk areas Pro-active approach to avoid problems before they occur
IOPS Principles of Private Pension Supervision Principle 5 : Risk orientation; Assessment questions Are the supervisory authority’s objectives risk based rather than focusing on compliance? Are resources of the authority allocated to the highest risk areas? Do the supervisors consider both the probability and likely impact of potential risks? Does the supervisor assess risks for each entity under supervision (for example by a risk scoring model)
IOPS Principles of Private Pension Supervision Principle 6 : Proportionality and consistency Pension supervisory authorities should ensure that investigatory and enforcement requirements are proportional to the risks being mitigated and that their actions are consistent Important to have the appropriate range of legal powers and tools Similar cases dealt in similar manner and follow due process Balance costs and impact of supervisory action Risk assessment and supervisory action should avoid procyclicality
IOPS Principles of Private Pension Supervision Principle 6 : Proportionality and consistency; Assessment questions Can the supervisory authority vary its activities according to the magnitude of risks being addressed? Does the supervisory have procedures for helping the choice of a proportionate response, such as an enforcement pyramid? Does the supervisory allow entities appropriate flexibility in deciding how to comply with legislation? Are there processes in place to ensure consistency between actions where circumstances are similar?
IOPS Principles of Private Pension Supervision Principle 7 : Consultation and cooperation Pension supervisory authorities should consult with the bodies they are overseeing and cooperate with other supervisory authorities Industry consultation assists to get ‘buy-in’ Information exchange with co-regulators at home and under cross-border arrangements promotes efficiency and supports preventative measures Intensify coordination during periods of financial difficulty
IOPS Principles of Private Pension Supervision Principle 7 : Consultation and cooperation; Assessment questions Does the supervisory authority consult with the pensions industry when determining strategic supervisory approaches? Is the supervisory authority empowered to exchange information with equivalent oversees authorities, subject to appropriate requirements?
IOPS Principles of Private Pension Supervision Principle 8 : Confidentiality Pension supervisory authorities should treat confidential information appropriately Only release if permitted by law If in doubt, check first Principle extends ‘down the line’ Codes of confidentiality for staff Publish confidentiality policy
IOPS Principles of Private Pension Supervision Principle 8 : Confidentiality; Assessment questions Does the supervisory authority have a confidentiality policy which sets out the authority’s procedures to prevent inappropriate disclosure of non public information? Are there mechanisms to prevent disclosure of confidential information by staff, including after they have left the supervisory authority?
IOPS Principles of Private Pension Supervision Principle 9 : Transparency Pension supervisory authorities should conduct their operations in a transparent manner Adopts clear, transparent and consistent processes Regularly reports on policy and performance Subject to external review Publishes industry information and supervisory response framework (e.g. enforcement pyramid)
IOPS Principles of Private Pension Supervision Principle 9 : Transparency; Assessment questions Does the supervisory authority publish its rules and procedures? Is the supervisory authority subject to appropriate audit and reporting requirements (that do not compromise its independence)? Does the supervisory authority publish an Annual Report explaining how it has (or has not) met its objectives? Does the supervisory authority explain to individual supervised entities why it has taken particular action?
IOPS Principles of Private Pension Supervision Principle 10 : Governance The supervisory authority should adhere to its own governance code and should be accountable Controls, checks and balances Code of conduct Decisions are reviewable Accountable to e.g. Parliament, members and beneficiaries Governance codes, internal risk management systems.
IOPS Principles of Private Pension Supervision Principle 10 : Governance; Assessment questions Does the supervisory authority have appropriate codified procedures for internal governance, and is compliance with these, monitored and enforced? Is there a code of conduct for all staff regarding gifts, hospitality etc and declaring conflicts of interest? Is there independent review within the agency of decisions which have significant implications for the supervised entity? Is there an appeals process against decisions? Does the supervisory agency measure its performance against objectives and provide external stakeholders with the results?
IOPS Principles of Private Pension Supervision METHODOLOGY Provides a structured framework for assessing the extent to which a pension supervisory authority complies with the letter and spirit of the Principles Can be used for external or self-assessment Also indicates type of evidence that may help to answer questions Compliance rated as: -Fully implemented – the IOPS Principle is implemented in all material respects -Broadly implemented – the Principle is implemented in all but one or two material respects and the exceptions do not significantly detract from the overall opinion. It should be possible to say something positive about compliance in answer to nearly every question -Partly implemented – while a negative answer is given to some questions, the responses to the majority of the questions are consistent with compliance -Not implemented - there are major shortcomings against the Principle -Not applicable –the Principle does not apply due to structural, legal or institutional features
IOPS Principles of Private Pension Supervision Self assessment results
IOPS Principles of Private Pension Supervision Recommendations To improve compliance with the IOPS Principles, pensions supervisory authorities may consider: Embedding strategic objectives in legislation, make these omore risk- orientated, and publish performance assessment vs. them Making appointment of head of authority and board transparent and fair (requiring suitable professional experience) Striving for more autonomy in the setting of supervisory budgets (including longer time periods) Introducing indemnity for the authority’s staff Striving for more independence and flexibility in terms of staff policy Using the introduction of risk-based supervision to review and redefine required supervisory powers. Developing a formal framework for risk-based supervision
IOPS Principles of Private Pension Supervision Recommendations Developing procedures for articulating supervisory responses (e.g. enforcement pyramid). Intensifying dialogue with supervised entities to help aid their understanding of supervisory expectations, procedures and actions, Improving international dialogue with supervisory peers. Drafting manuals for the treatment of confidential information Undertake cost-benefit analysis of supervisory actions. Strengthening the government requirements of the supervisory authority itself (introducing codes of conduct, reviews of supervisory interventions etc.)
What is Risk-based Supervision? A structured approach focusing identifying potential risks faced by pension funds and assessing the financial and operational factors in place mitigate those risks. This process then allows the supervisory authority to direct its resources towards the issues and institutions which pose the greatest threat. Can be applied in many different ways quantitative measures of risk vs. qualitative judgement of risk management risk-scores for each entity vs. analysis of risks systemic to pension system identify weak areas within a supervised entity vs. which institutions amongst thousands may pose the greatest threat Elements common to all RBS systems Determine objectives of supervisory authority + greatest risks to these Assess hazard or adverse events + likelihood of these occurring Assign scores and / or ranks to firms or activities based on assessments Link supervisory response to the risk scores assigned
Combine ‘risk’ and ‘rules’ based approach
Risk-based Supervision DB vs DC RBS DB Focus on sponsor Solvency and funding key issues Use of quantitative measurement tools RBS DC Focus on individual members Focus on risk- management systems Qualitative measurement more appropriate
Why adopt Risk-based supervision? To improve supervisory effectiveness and efficiency To address internal organisational concerns To adapt to changes in the overseen industry To gain legitimacy following supervisory failure To meet requirements imposed by legislation To adapt to the changing nature of financial risks themselves, as these become more complex and - with the growth of DC pension systems - are increasingly transferred to individuals
Challenges Combining simplicity with complexity Knowledge and data Ensuring that assessments of firms are forward looking Going beyond the individual firm in assessing risk Structure and operation of internal risk governance processes Changing the culture to embed the risk based approach across the whole organization Managing blame Making resources follow risks
Lessons Learnt Adaptation of Models - consult widely but build your own/ flexibility, upgrades, pilot test Application of Models – know weaknesses /use with judgment Data Collection – plan properly/ use existing where possible/ collect electronically Reorganisation of the Supervisory Body – allow plenty of time Staff – train all on philosophy as well as process Industry – explain new approach and what is expected of them Powers – make sure sufficient data collection + enforcement powers Risk-based solvency – apply flexibly in volatile conditions / counter-cyclical Systemic risk – build into analysis Think in terms of achievability – target resources for maximum impact It is worth doing
IOPS Toolkit for Risk-based Supervision