[Skip to content]

Sign up for our daily newsletter
The Actuary The magazine of the Institute & Faculty of Actuaries
.

Solvency II the IT perspective

easuring and monitoring the solvency of insurers has been a constant challenge for insurance regulators all around the world. The approach and methods used by regulators have evolved over time. Solvency II is a regulatory change that is proposed for the European market for better management of insurer solvency. The regulations related to this initiative are currently being detailed. With a few years to go before the regulations come into force, this would be an appropriate time to see how insurers should prepare themselves in order to embrace Solvency II regulations.

A risk-based approach
Solvency II is aimed at setting standards for measuring and managing capital adequacy of insurance companies operating in the European Union region. A risk-based capital (RBC) approach is the concept upon which Solvency II is being built. Events like the September 11 attack in the US and developments such as the proposed changes in international accounting standards and the recommendations in the Muller report have influenced the creation of Solvency II, a deviation from the current fixed-ratio approach to solvency management.
Solvency II is conceptually comparable to Basel II Accord. However, it has a wider coverage compared to Basel II as insurance companies are exposed to many more risks than banks.

The IT impact
Information technology support for regulatory compliance in the insurance industry is complex due to many regulations, mergers and acquisitions of insurance companies, and the presence of multiple brands of one holding company (eg BNP Paribas and Cardif).
This scenario is further complicated by the statute-based approach used by many companies. Many companies take a statute-based approach when a new regulation comes into place. They see what is needed for compliance with the regulation and manage with the minimal tweaking of the existing systems and procedures.
Following a comprehensive issue-based approach for compliance management can bring better results for insurers. An issue-based approach is a more logical approach aimed at identifying the objectives behind the regulation and designing an approach that will help the company to tackle the issue, rather than restricting the goal to mere compliance. A strategic plan, reviewed periodically, needs to be developed around compliance management covering clients, distribution channels, the company’s risk appetite, etc.
At a high level, the Solvency II initiative needs data from all sources in an organisation and will affect information technology in three broad areas: data, calculations, and reporting. Looking from a different perspective would tell us that the impact would be minimal on the operations side as most of the companies would be capturing the basic data required for RBC calculations in one way or another. Solvency II implementation would call for the infrastructure to collate data from different source systems, building in additional calculations into the applications and adding to the reporting facilities.

Regulatory compliance a standard model
Although there are many differences between Basel II regulations and the proposed Solvency II regulations, the implementation experiences of Basel II do give us some pointers towards preparing for Solvency II. A three-layered approach shown in figure 1 (on the previous page) is an appropriate one for Solvency II. This approach has been drawn up based on the experience of redesigning IT for regulatory compliance.
The three layers have been structured around the flow of information. The stack is built with a data layer as the base. The middle tier is the calculation engine with the intelligence to churn out the required calculations. The top layer is the reporting tool, which renders the output targeted at internal and external stakeholders.
The three-layered stack would receive data collated from different source systems, which in turn receive data from operations. There may be a need to have an intermediate stage of collation and cleansing of data to ensure accuracy and quality of inputs for the Solvency II infrastructure.
The advantage of this approach is that the concept is scaleable for any type of compliance reporting.

Data model
To meet Solvency II regulatory requirements, insurance companies need data from multiple sources and from each operation. The best way to obtain this is through a common database built on a unique data model or a data mart in an enterprise data warehouse. The data mart or data warehouse can be populated from all identified sources of data. This approach will lay a strong foundation for accurate Solvency II reporting. However, to be effective it would require a well-designed data model. There are many tools available in the market to clean up the data at the source level. This will ensure better inputs for calculating the risk-based capital.

Calculation engine
One of the basic objectives of Solvency II is to move the European insurance industry away from a fixed-ratio approach to a RBC approach. This move would disrupt the solvency calculations if an insurance company has not adopted a RBC approach already. To adopt a RBC approach, companies would require a robust computing mechanism to build models for the calculation of various risk elements. The calculations need to take into account risk elements relating to operations, investments, credit, and insurance. Insurance companies have the option of buying or building calculation engines. There will be challenges in terms of capacity utilisation, efficiency, and frequency of calculations being performed for companies irrespective of the models adopted. This is because of the large number of records and high level of complexity of calculations.

Reporting
Compliance reporting would involve different levels and target multiple stakeholders both internal and external. Internally, groups like senior management, the compliance management team, and internal auditors may have reporting requirements to ensure that the organisation is able to operate within the regulatory framework. This will involve preparation of information snapshots and detailed management information system reports, and supplying ad hoc reports for the internal audit team. Externally, regulators may require periodical reports from all insurance companies at predefined frequencies. At the time of external audits, insurance companies may have to supply data in a pre-set format. This practice is prevalent in the US. For example, New York state regulators, during their triennial audit of insurance companies, ask for data in ASCII format.
Both internal and external stakeholders would be monitoring solvency-related metrics. Though the presentation is different for different stakeholders, the underlying data remains the same for a given period. Reporting is usually handled by both customised tools and ready-made tools. In either case, a fresh assessment of reporting capability has to be performed keeping Solvency II requirements in mind. It is better to keep a minimum level of calculations at the tool level in order to avoid difficulties of tool replacement at a later stage.

Implementation IT priorities
Preparing for Solvency II compliance would be a major IT initiative for an insurance company. All the challenges of a large IT implementation can be expected during the initiative. The IT priorities may be split into two focus areas data and application for convenience of considering them in the implementation plan. A snapshot of the priorities is shown in figure 2.
The speed of implementation becomes critical owing to the regulatory deadlines. Ability to cope with complexity is important as the RBC calculations and reporting can be expected to evolve over a period of time, with ever-increasing complexity. The IT set-up would need to have the capacity to handle a large volume of complex calculations. Technology needs to be scaleable and flexible to ensure that the Solvency II infrastructure gels well with the overall application landscape. The fourth factor of cost is an obvious one.
Data is at the heart of the whole Solvency II initiative. Accuracy of data is the first priority to ensure credibility. Solvency II being a regulatory requirement, timeliness and dependability (continuity) of data become critical. Rationalising the data that flows from multiple sources and ensuring integrity of data is essential for the effectiveness of Solvency II reporting. From an implementation perspective, ease of use would be a priority.
Data collated and processed would need to be shared with external stakeholders as well. This brings in the additional responsibility on the organisation to ensure quality and consistency of data at the grass roots. Hence, data quality assumes a pivotal role in Solvency II compliance.

Long-term strategy
The above discussions were about setting up the required IT support for transforming an organisation into a Solvency II-compliant one. As Solvency II would be a regulatory requirement, insurers would need to reach and maintain the necessary status during the life of their operations. Capturing and collating high-quality data, running RBC models on these, and sharing the information with different stakeholders form the basic structure of Solvency II. This being a continuous requirement, it is essential to have a long-term strategy to ensure that the systems are not only put in place to be compliant, but also are geared up to support Solvency II requirements over a long period of time.
From a top management perspective, Solvency II regulations will provide the imperative for insurance companies to change their approach towards capital and solvency. Operationally it will help in consolidating and focusing on a single capital model. To help insurers achieve these goals, technology teams need to come out with a strong Solvency II compliance strategy and an efficient implementation plan. The focus of this strategy would be around collating relevant data, calculation of solvency capital, and reporting to all stakeholders. To achieve the best out of Solvency II implementation looking at excellence in managing risks and capital and not merely complying with regulations insurers need to get started quickly.

07_04_05.pdf