Guidance
☑ Interpretation ☑ Approach ☐ Information ☐ Decision
No. AU0142INT
Table of contents
Executive summary
The Automobile Insurance Rating and Underwriting Supervision Interpretation and Approach Guidance (“Guidance”) transitions the automobile insurance sector to principles-based regulation. The objectives of the Guidance are fairer rates and underwriting, a healthier marketplace enabled by effective regulation, and greater transparency for consumers.
FSRA is introducing a model in which consumers may have greater confidence that:
- the price they are paying is aligned with their risk profile
- they are protected against unfair bias and discrimination in rating and underwriting
- the system is trustworthy, transparent and that information is available to support informed decision-making
- they can access the coverage they need to operate a motor vehicle in Ontario
The model also enables insurers to deliver better value for consumers by:
- reducing regulatory lag and streamlining processes, so that premiums can be more closely matched to claims trends
- providing more flexibility to innovate with a focus on Fair Consumer Outcomes
- acknowledging insurers that internalize Fair Consumer Outcomes and align processes to deliver them
- reducing compliance risk with enhanced operations, controls and governance in pricing and underwriting
Consumers and insurers will be better served by the new approach, which supports innovation in pricing consumers accurately, focuses regulatory activities on risks of consumer harm, promotes a better functioning market, and enhances accountability for consumer outcomes.
The Guidance intends for insurers to internalize desired consumer outcomes by embedding them into rating and underwriting decision-making. Chapters 1 and 2 describe what is considered fair, and outline sound characteristics of operations, controls, and governance for delivering fair outcomes in rating and underwriting. Chapter 3 provides details on how insurers may pursue accreditation, how FSRA assesses the demonstration of fairness outcomes and strong practices, and proactive supervision. Chapter 4 explains the filing requirements for accredited and non-accredited insurers (TBD).
Purpose
The Guidance is a four-chapter compendium (TBD):
-
Chapter 1 – Fair Consumer Outcomes contains FSRA’s interpretation of sections 3(5), 7(7) and 7.1(1) of the Automobile Insurance Rate Stabilization Act (“AIRSA”) and/or sections , 238(4)(d), 412(6), or 415(1) in the Insurance Act, R.S.O. 1990, c. I.8 (“Insurance Act”) as to what informs FSRA’s judgement when exercising its discretion to approve, reject, vary or reconsider risk classification systems, rates, and/or prohibit underwriting rules.[1] It also provides FSRA’s view that, as part of achieving Fair Consumer Outcomes, insurers need to take reasonable steps in operationalizing their approved risk classification systems, rates and/or underwriting rules, to ensure any act or omission does not result, or is not likely to result in the prohibited outcomes set out in the Rule 2020 – 002 Unfair or Deceptive Acts or Practices Rule (“UDAP Rule”).
-
Chapter 2 – Automobile Insurance Rating and Underwriting Operations, Controls, and Governance Guidance provides FSRA's expectations for sound characteristics of Operations, Controls, and Governance (OCG) for rating and underwriting, which are considered conditions for accreditation under Chapter 3.
-
Chapter 3 – Accreditation, Proactive Supervision and Assessment Approach Guidance outlines FSRA’s accreditation model and assessment process, and communicates assessment criteria for determining whether to accredit insurers and grant them access to streamlined rate change processes under section 413 of the Insurance Act. It also sets out FSRA’s approach to monitoring and proactively supervising all insurers regardless of accreditation status.
-
Chapter 4 – Automobile Insurance Filing Guidance specifies regulatory processes for applications for approval under section 3-10 of AIRSA and/or sections 410-417 of the Insurance Act, as well as the information, material, and evidence for proposed rate and risk classification system filings that demonstrate the Fair Consumer Outcomes and sound OCG set out in Chapters 1 and 2.
The Guidance complements the information provided in, and should be read in conjunction with, other FSRA guidance and supporting publications available on FSRA’s website.
Scope
This Guidance affects the following entities regulated by FSRA:
- All Insurance companies and their intermediaries providing automobile insurance in Ontario, including but not limited to those underwriting private passenger automobile (“PPA”), non-private passenger automobile (“non-PPA”) and fleet.
It affects the following stakeholders:
- consumers
- third-party providers of products and services engaged by insurance companies, including but not limited to brokers, aggregators and rating model vendors
Rationale and background
FSRA’s role in the automobile insurance sector includes a responsibility to ensure that all Ontarians have access to fairly-priced automobile insurance in accordance with all regulatory requirements. That includes ensuring:
- that rates proposed by insurers are:
- just and reasonable in the circumstances
- reasonably predictive of risk
- fairly distinguish between risks
- and that underwriting rules are not:
- subjective
- arbitrary
- bearing little or no relationship to the risk
- contrary to public policy
This Guidance aligns FSRA’s regulatory approach to its statutory objects, vision and mission. It is intended to establish a principles-based, outcomes-focused and risk-based approach to regulating rates and underwriting rules that is informed by actuarial considerations and prioritizes Fair Consumer Outcomes. The regulatory approach set out in this Guidance also aims to foster a marketplace that prioritizes consumer protection and fairness, while promoting a competitive environment for insurers in alignment with the International Association of Insurance Supervisors’ Fair Treatment Principles.
Chapter 1: Fair Consumer Outcomes
This Chapter provides FSRA’s interpretation of the approval tests it administers:
“Risk Classification System Provisions” being:
- Subsections 3(5), 7(7) and 7.1(1) of the AIRSA
- Subsections 412(6) and 415(1) of the Insurance Act
and
“Underwriting Provision” being:
- 238(4)(d) of the Insurance Act
The Insurance Act, including R.R.O. 1990, Reg. 664: Automobile Insurance (“Regulation 664”), AIRSA and the Compulsory Automobile Insurance Act, R.S.O. 1990, c. C.25, work together to create a no-fault automobile regime and make it mandatory for Ontarians to maintain automobile insurance to own and/or operate a motor vehicle in Ontario. While owning or operating a motor vehicle is not a right, it is necessary to the livelihood of many Ontarians and contributes to the functioning of Ontario’s economy in general.
To properly serve consumers,[2] the no-fault automobile regime in Ontario requires automobile insurance that is readily available, accessible, priced fairly, and provides the coverages that are necessary to afford claimants with the compensation they need in the event of an accident or loss. The effective functioning of the automobile insurance system also depends on insurers being able to make a reasonable profit and cover expenses. The Risk Classification System Provisions and the Underwriting Provision play a critical role in achieving this objective.
The interpretations contained in Chapter 1 reflect what FSRA has determined, informed by its statutory objects, best supports fair outcomes.
FSRA’s discretion under the Risk Classification System Provisions and Underwriting Provision will also be informed by market monitoring activities and the objectives of fostering a strong, sustainable, competitive and innovative automobile insurance sector and contributing to public confidence by ensuring fair access to automobile insurance system wide. For example, if FSRA observes market dynamics and trends or expects that a specific approach to rating and underwriting will lead to an overall decline in the ability of consumers to access automobile insurance, it may refuse to approve a filing or request that it be varied.
1.1 Risk Classification System Provisions
The Risk Classification System Provisions set out four (4) criteria that FSRA considers when determining whether to refuse to approve all or part of an insurer’s application for automobile insurance rates.[3] For example, for Personal Vehicles — Private Passenger Automobile (“PPA”), subsection 3(5) of the AIRSA states:
-
3 (5) The Chief Executive Officer shall refuse to approve all or part of an application and may require the applicant to vary one or more of the elements of its proposed risk classification system or to reduce or vary one or more of its proposed rates if, in the Chief Executive Officer’s opinion,
-
(a) the proposed risk classification system or proposed rate is not just and reasonable in the circumstances;
-
(b) the proposed risk classification system is not reasonably predictive of risk or does not distinguish fairly between risks;
-
(c) the proposed rates would impair the applicant’s solvency; or
-
(d) the proposed rates are excessive in relation to the applicant’s financial circumstances.
The phrase “just and reasonable” is used in numerous regulatory rate setting contexts in Canada to indicate that a regulator is able to consider its statutory objects when exercising its discretion in order to achieve fair outcomes that balance the interests of businesses and consumers.[4]
FSRA’s determination is that, in general and subject to the actual structure and terms of the system used by an insurer, a risk classification system is just and reasonable, reasonably predictive of risk and distinguishes fairly between risks if the rates it generates are consistent with the Fair Consumer Outcomes set out in this Guidance.
1.2 Underwriting Provision
The Underwriting Provision sets out four (4) criteria FSRA shall consider when determining whether to refuse to approve an underwriting rule (referred to as “ground” in s. 238 of the Insurance Act). Specifically, the Underwriting Provision provides that:
-
238(4) The Chief Executive Officer shall notify the insurer orally or otherwise that the insurer is prohibited from using one or more of the grounds filed under subsection (2) if the Chief Executive Officer is of the opinion that the ground,
-
(a) is subjective;
-
(b) is arbitrary;
-
(c) bears little or no relationship to the risk to be borne by the insurer in respect of an insured; or
-
(d) is contrary to public policy.
Underwriting rules will generally not be considered subjective, arbitrary, bearing little or no relationship to the assumed risk, or contrary to public policy – subject to the actual structure and terms of the system used by an insurer – if the resulting underwriting decisions demonstrate the Fair Consumer Outcomes set out in this Guidance.
1.3 Application of UDAP to Fair Consumer Outcomes
In addition to FSRA’s discretion being informed by its statutory objects, FSRA also takes into account the effect of section 9(1) of the UDAP Rule when assessing Fair Consumer Outcomes. Section 439 of the Insurance Act provides that “No person shall engage in any unfair or deceptive act or practice.” The UDAP Rule defines “unfair or deceptive act or practice” as: “conduct, including inaction or omission, which results in, or could reasonably be expected to result in the” prohibited outcomes identified in the UDAP Rule (“Prohibited Outcomes”).
For insurers and their directors, officers and employees, conduct, including inaction or omission, constitutes a UDAP, if “a reasonable person in that person’s business or profession with full knowledge of all and any facts and circumstances that person knew about or, with reasonable diligence under the circumstances, ought to, have known” would conclude that the Prohibited Outcome is likely to occur, even if a Prohibited Outcome has not actually occurred.
1.3.1 Prohibited Outcomes under UDAP
For the purposes of this Guidance, Section 9(1) of the UDAP Rule provides that “Unfair treatment by an agent, broker or insurer to a consumer with regard to any matter relating to quotations for automobile insurance, applications for automobile insurance, issuance of contracts of automobile insurance or renewals of existing contracts of automobile insurance” is a Prohibited Outcome, and provides a non-exhaustive list of specific conduct that constitutes unfair treatment, which includes:
- using credit information or a prohibited factor
- applying any other information in a manner that is subjective or arbitrary or that bears little or no relationship to the risk assumed or to be assumed by the insurer
- misclassifying a person or vehicle under the risk classification system used by an insurer or that an insurer is required by law to use
- engaging in unfair discrimination
- treating a consumer in an arbitrary, capricious or malicious manner
- not acting in good faith or behaving in a way that causes consumers to have a reasonable apprehension of bias
- communicating in an untimely manner
The development and use of risk classification systems and underwriting rules are captured within the above Prohibited Outcome. Consequently, the failure to take appropriate safeguards to avoid outcomes which constitutes unfair treatment in and of itself may constitute an unfair or deceptive act or practice without there being actual use of a prohibited factor, misclassification, unfair discrimination, etc. FSRA expects insurers to establish practices and processes to ensure that the risks of Prohibited Outcomes occurring have been effectively mitigated.
1.4 Fair Consumer Outcomes for Rating and Underwriting
The Fair Consumer Outcomes align with FSRA’s statutory objects to:
- contribute to public confidence in the regulated sectors
- promote high standards of business conduct
- protect the rights and interest of consumers
- promote transparency and disclosure of information by the regulated sectors
- foster strong, sustainable, competitive and innovative financial services sectors
Insurers are accountable for aligning their rating and underwriting practices with FSRA’s intended consumer outcomes for fairness, profitability and transparency (the “Fair Consumer Outcomes”).
Principle |
Fair Consumer Outcomes |
---|---|
Fairness |
|
Accurate pricing and underwriting |
|
Absence of unfair discrimination, bias, or proxies |
|
Accessible products and coverages |
|
Cost mitigation |
|
Profitability |
|
Balanced profitability and consumer interests |
|
Transparency |
|
Clear consumer communications |
|
The Fair Consumer Outcomes are not listed in order of priority and may come into conflict in practice. The Fair Consumer Outcomes need to be considered holistically and FSRA expects insurers to consider the interaction of the outcomes with each other when filing risk classification systems and underwriting rules with FSRA.
Chapter 2: Automobile Insurance Rating and Underwriting Operations, Controls and Governance Guidance
Introduction
This Chapter outlines the characteristics of sound operations, controls, and governance with respect to the delivery of Fair Consumer Outcomes in automobile insurance rating, underwriting, and risk classifications.[5] It concerns all related processes, products, systems, and models (including third-party products and services), and extends to data governance and model risk management (collectively “OCG”). It covers all types of automobile insurance business, including PPA, non-PPA, and fleet.
For clarity, FSRA is focused on evidence that automobile insurance rating and underwriting OCG are aligned with the delivery of intended Fair Consumer Outcomes for Fairness, Profitability and Transparency set out in Chapter 1. FSRA's assessment will consider whether the appropriate and adequate OCG characteristics are in place, meaning that automobile insurance rating and underwriting functions are designed to fulfill their role in the delivery of Fair Consumer Outcomes. FSRA will also consider the performance of automobile insurance rating and underwriting functions, meaning the effectiveness of functions in carrying out their roles and responsibilities, if issues related to the delivery of Fair Consumer Outcomes are identified.
This Guidance informs what FSRA, in its discretion, considers when assessing whether a Prohibited Outcome under the UDAP Rule is reasonably likely to occur as a result of an insurer’s OCG lacking the appropriate characteristics. FSRA discretion in reviewing proposed rates, underwriting and risk classification changes will also consider soundness of OCG characteristics. Insurers that demonstrate sound OCG and the delivery of Fair Consumer Outcomes may be eligible for accreditation as set out in Chapter 3 below. FSRA assessments will also consider insurers’ size and complexity.
See Chapter 1 for FSRA’s interpretation of the UDAP Rule and statutory standards as these relate to OCG.
Operational risk and risk controls
Insurers are accountable for putting in place clear, well documented, actionable, and measurable policies, procedures and oversight to identify, assess, monitor, control, and mitigate operational risks. Insurers are accountable for:
-
Risk identification and assessment: Comprehensively identifying, assessing and understanding the operational risk inherent in rating and underwriting processes and products, activities, people, systems and in the external environment.
-
Risk controls: Maintaining appropriate risk controls and implementing measures to address potential risk events, including transferring, avoiding and accepting identified risks in accordance with the insurer’s risk appetite. The Board of Directors and Senior Management are responsible for overseeing the design and implementation of controls.
-
Risk mitigation: Implementing effective mitigation measures to reduce the severity and probability of identified risks. Insurers are also accountable for documenting the effectiveness and performance of risk mitigation measures.
-
Risk prioritization: Prioritizing risks by ranking and assessing all risks and mitigations to determine whether residual risks fall within the established risk appetite.
-
Risk monitoring and reporting: Performing continuous monitoring of processes, products, models, projects and initiatives, and internal reporting on operational risk in a timely and systematic manner.
Governance
Insurers are accountable for establishing effective governance, oversight and ensuring accountability and transparency. Sound governance processes have clear policies and procedures that outline governance standards and document roles and responsibilities for the monitoring and reporting mechanisms of an insurer’s ratemaking and underwriting functions. Insurers are accountable for:
Risk Appetite: Establishing a comprehensive risk appetite statement for automobile insurance rating, underwriting, and risk classifications that outlines acceptable levels of risk.
Clearly Defined Roles, Responsibilities and Accountabilities: The Board of Directors is responsible for establishing the necessary strategies and governance structures, overseeing and approving operational risk management policies and processes and providing effective challenge.
The Board of Directors guides Senior Management to achieve intended outcomes in areas such as consumer interest, regulatory compliance and stakeholder engagement.
Insurers’ Board of Directors and Senior Management are accountable for ensuring rates are reasonable and fair, in accordance with their fiduciary obligations as specified in Sections 166(1) and 166(2) of the Insurance Companies Act, as well as the Fair Consumer Outcomes outlined in Chapter 1 of this Guidance.
Three Lines of Defence for rating and underwriting: Insurers are accountable for establishing an organizational structure where automobile insurance rating and underwriting operational management activities are conducted by the business and process owners (first line of defence), are reviewed and challenged by risk management (second line of defence), and independent assurance is provided by internal audit (third line of defence).
- Operational Management: Responsible for executing policies and processes, monitoring and reporting on risks, implementing appropriate controls to mitigate risks, and assessing the design and effectiveness of controls through risk management tools.
- Risk Management: Responsible for independently assessing Operational Management’s operations and decision-making. The Risk Management function has the necessary skill sets and current, accurate and complete documentation on Operational Management’s procedures.
- Internal Audit: Provides oversight and independent assurance to Senior Management and the Board of Directors (or equivalent) regarding the effectiveness of the Risk Management and Operational Management functions.
Data governance
Insurers are accountable for ensuring that policies and procedures related to data usage, governance and controls are appropriate, accurate, complete, and timely. FSRA will evaluate the extent to which an insurer’s data governance is supported with clear accountabilities and reporting structures. That includes the extent to which they clearly define roles and responsibilities and sufficiently identify, assess, and manage data risk. Insurers are responsible for demonstrating and documenting the following:
-
Data quality assessments: Credible estimates based on data verification, fit-for-use assessments and relevant criteria determined by the insurer that are monitored on a timely basis.[6]
-
Identification of data problems/opportunities: Prompt identification and resolution of problems, including improvements in data processes that increase the quality of existing and future data.
-
Identification of data limitations: Identification of data limitations and consideration of the rationale for using such data.
-
Data ownership: Data sets have designated owners and are subject to oversight and challenge from independent technical experts and data users.
Model risk management:
Insurers are accountable for model risk management throughout the model life cycle.[7] Sound model risk management establishes processes for model development, validation, approval and review. Insurers are accountable for continuous monitoring, prompt implementation of risk controls and the development of tools for model interpretability and explainability.
Insurers are accountable for demonstrating the following Model Risk Management practices:
Model Governance Framework: A sound model governance framework includes policies and procedures that ensure model integrity, define model risk, clarify roles and responsibilities, perform validations, and set governance controls.
Three lines of defence for model risk management: Insurers are accountable for three lines of defence and dividing responsibilities amongst each line of defence throughout the model life for new and updated models.[8] Independent second line reviews mitigate against bias and ensure that rating and underwriting decisions are actuarially and statistically justified, as appropriate given the materiality and consumer impact of the model.
Model Policies and Procedures: Establishing and maintaining policies and procedures proportionate to the size, complexity, and importance of the models for each phase of the model life cycle. For each phase of the model life cycle, insurers are accountable for:
- identifying and assessing inherent risks and applying appropriate controls for each model
- prioritizing and mitigating residual model risk to address any differences between specific models
- monitoring and reporting model risk in a manner that is proportionate to its risk rating, for example, more extensive and frequent monitoring on more complex and important models
- developing model documentation on technical, operational, controls, methodology, assumptions and judgments, design, testing and implementation
Insurers are also accountable for defining the performance monitoring responsibilities, requirements, and frequency of model review and performance monitoring, based on the model materiality.
Model Fairness: Having tools and processes in place to minimize, control and mitigate unfair discrimination and bias in models used throughout the modelling process. These tools may consider inputs (e.g., ensuring no prohibited variables are being used), processing/computation (e.g., achieving a balance between intended Fair Consumer Outcomes outlined in Chapter 1 and increased predictive performance), and outputs (e.g., ensuring measures are implemented that allow insurers to assess and track fairness of model outputs).
Model Risk Scoring and Measurement: Implementing a scoring and measurement process to assess and quantify the level of risk associated with various models based on model materiality and model fairness assessments.
Model Interpretability and Explainability: Implementing tools that ensure interpretability and explainability of advanced predictive models including, but not limited to, artificial intelligence and machine learning, to help prevent unfair model development and outcomes.
- Interpretability: in terms of understanding a model’s soundness (e.g., understanding its mechanics), model results, and whether results meet the models’ objectives.
- Explainability: in terms of models results and drivers being readily understood by stakeholders not involved in model development (such as consumers, business partners) and providing consumers with clear information that support decisions in a timely and transparent way.
Model Approval Function: Establishing a designated member of Senior Management or a standalone internal committee that reviews all relevant materials, with appropriate documentation of its findings.
Model Implementation: Ensuring successful implementation of model results in production. That includes establishing the necessary hardware and software environment and developing data pipelines, calculation engines, and reports. Governance controls such as user acceptance testing (or quality assurance testing) ensure the accurate implementation of model results in production.
Model Review and Performance Monitoring (Validation): Addressing identified risks to maintain the model's viability and relevance to business objectives. Model validation involves comprehensively evaluating the model's technical functionality, including its logic, methodology, formulas, and input/output data controls. It also verifies governance mechanisms for managing changes in structure, logic, assumptions, and outputs to ensure consistency and reliability across all models.
Model Inventory: Maintaining a centralized and current model inventory with version controls that ensure accuracy and deployment of correct models into production.
FSRA’s exercise of discretion in reviewing proposed automobile insurance rating, underwriting and risk classification changes will focus on whether insurer OCG have the appropriate and adequate characteristics in place for delivering Fair Consumer Outcomes. For further details respecting FSRA’s assessment of OCG effectiveness, including in relation to accreditation for streamlined filing processes, see Chapter 3.
Chapter 3: Accreditation, Proactive Supervision and Assessment Approach Guidance
Introduction
This Chapter outlines FSRA’s accreditation model and proactive supervision and provides examples of what FSRA may consider a strong demonstration of Fair Consumer Outcomes as set out in Chapter 1. It also outlines FSRA’s assessment of sound OCG characteristics.
Accreditation
Insurers that demonstrate the delivery of Fair Consumer Outcomes outlined in Chapter 1 of this Guidance and sound OCG characteristics as specified in Chapter 2 may be eligible for accreditation. Accredited insurers will benefit from streamlined filing processes using FSRA’s discretion under section 413 of the Insurance Act. In determining whether to grant accreditation, FSRA will also consider the consumer outcomes of insurer participation in rating and underwriting initiatives, such as transparency activities and Test and Learn Environments. Any insurance company underwriting automobile insurance in Ontario may apply for accreditation.
Accreditation process, decisions and status
This Chapter establishes a principles-based accreditation system with privileged filing streams for insurers that demonstrate Fair Consumer Outcomes and sound OCG characteristics, subject to FSRA assessments and in collaboration with insurers. Insurers that do not apply for accreditation or do not demonstrate the achievement of Fair Consumer Outcomes and sound OCG characteristics will not be accredited. All insurers will be subject to proactive supervision, and insurers that do not meet accreditation standards will be provided feedback and the opportunity to reapply for accreditation. Accreditation is a voluntary process and FSRA does not require insurers to be accredited.
Figure A below outlines FSRA’s accreditation assessment process.
Accreditation status
Insurance companies may be accredited, unaccredited or under review based on their ability to demonstrate sound OCG characteristics:
- Accredited: Insurers who achieve Fair Consumer Outcomes and demonstrate sound OCG characteristics. Accredited insurers will benefit from privileged filing processes as set out in Chapter 4.
- Unaccredited: Insurers that have decided not to pursue accreditation or have not yet satisfied the requirements for accreditation.
- Under review: Insurers that were previously accredited but have failed to maintain the standards for accreditation may be placed under review or lose accreditation status. Maintaining accreditation will be conditional on addressing identified issues.
Proactive supervision for rating and underwriting
FSRA’s proactive supervision for rating and underwriting, which applies to all insurers regardless of accreditation status, involves regularly collecting data, information, and insights to monitor the market, supervise performance and mitigate adverse consumer outcomes.
FSRA's supervision focuses on areas of higher risk, considers insurers’ size and complexity, and is informed by adherence to FSRA Guidance.
Supervisory activities may consider a range of factors, including delivery of Fair Consumer Outcomes, sound OCG characteristics, ratemaking methodology, underwriting results, rate filing procedures, regulatory compliance, conduct, fiduciary obligations, and risks associated with the use of advanced technologies, modelling techniques, and third-party data.
Insurers are required to proactively inform FSRA of any material changes to their business, including but not limited to strategy, risk appetite and governance.
FSRA’s data collection in support of proactive supervision will aim to reduce duplication, including by using data available from existing sources, and will consider an insurer’s size and complexity in determining data collection frequency.
Proactive supervision for accredited insurers
An insurer that has been accredited will maintain that status, subject to FSRA’s discretion. If FSRA determines, through proactive supervision, that an insurer is not meeting the conditions for accreditation, the insurer may be placed under review or lose accreditation status.
Insurers that are under review will have up to one year to address deficiencies after FSRA has completed its review. If issues are not addressed within the specified timeframe the insurer will revert to unaccredited status. Insurers who lose accreditation status may reapply for accreditation.
FSRA will reassess accreditation status in circumstances such as major or material:
- deficiencies identified through proactive supervision
- changes in the demonstration of Fair Consumer Outcomes
- changes in the soundness of OCG characteristics
- mergers or acquisitions
- changes in senior leadership
- change in business strategy or mix of business
- change in financial stability
- market conduct issues
Reassessment may result in the loss of accreditation status or further review. As part of the reassessment process, insurers will be required to submit quantitative and qualitative measures to support continued accreditation. Issues reported from other core regulatory areas within FSRA, or other regulators may also trigger a re-evaluation of an insurer's accreditation status.
Approach to assessing Fair Consumer Outcomes
The tables below provide some best practices respecting the measurement and evaluation of Fair Consumer Outcomes. As insurers may devise other means of demonstrating Fair Consumer Outcomes, these tables are not intended to be exhaustive.
FSRA recognizes that demonstrating the achievement of Fair Consumer Outcomes is a complex exercise and that outcomes may need to be considered holistically. Insurers are responsible for assessing the unique circumstances of their business operations and for considering how each outcome interacts with the other outcomes. FSRA will evaluate the achievement of Fair Consumer Outcomes and also the methods employed to ensure and demonstrate that they are achieved.
Assessing Fair Consumer Outcomes – Fairness (non-exhaustive) |
||
---|---|---|
Accurate Pricing and Underwriting |
|
|
Absence of Unfair Discrimination |
|
|
Absence of Unfair Bias |
|
|
Absence of Proxies |
|
|
Accessible Products and Coverages |
|
|
Cost Mitigation |
|
Assessing Fair Consumer Outcomes: Profitability (non-exhaustive) |
|
---|---|
Profitability |
|
Assessing Fair Consumer Outcomes: Transparency (non-exhaustive) |
|
---|---|
Transparency |
|
Approach to assessing operational risk management and controls, model risk management, and governance
The table below provides examples of what FSRA may consider as indicators of sound OCG characteristics for delivering Fair Consumer Outcomes in rating, underwriting and risk classification systems.
Indicators of Sound OCG Characteristics |
|
---|---|
Operational Risk and Risk Controls (See Appendix A) |
|
Data Governance and Model Risk Management (See Appendix B) |
|
Governance (See Appendix C) |
|
Proportionality principle
FSRA's assessment of Fair Consumer Outcomes and sound OCG characteristics considers the size and complexity of each insurer. Insurers may adopt different approaches and mechanisms to achieve Fair Consumer Outcomes depending on their size and complexity. Below are some examples illustrating how FSRA considers the proportionality principle in assessing OCG effectiveness.
- Model risk management: Model reviewer and model approval functions may be combined by small insurers, provided the insurer demonstrates that potential conflicts of interest risks have been mitigated.
- Risk management structures: Large insurers may provide a greater degree of documentation on policies, processes and controls for identifying, assessing, monitoring and mitigating risks commensurate with the size of the insurance firm. Board of Directors and Senior Management may establish specialized risk committees dedicated to automobile insurance risks.
- Risk committees: For small insurers that do not have risk committees (either individual or enterprise level), risks may be independently reported to the Head of Risk and Compliance or CRO or CEO. Large insurers may have specific business owned risk committees (i.e., automobile insurance risk committee) reporting to the enterprise risk committee (led by CRO) or reporting to the second line of defence model risk committee.
Effective date and future review
This decision became effective on (TBD) and will be reviewed no later than (TBD).
About this Guidance
This document is consistent with FSRA’s Guidance Framework. As Interpretation guidance, it describes FSRA’s view of requirements under its legislative mandate (i.e. legislation, regulations and rules) so that non-compliance can lead to enforcement or supervisory action. As Approach guidance, it describes FSRA’s internal principles, processes and practices for supervisory action and application of CEO discretion.
Appendix A – Examples of sound characteristics of operational risk and risk management
Risk Identification and Assessment |
Demonstrates a comprehensive understanding of risks and proactively identifies both existing and emerging risks within rating and underwriting practices.
Utilizes tailored tools such as surveys and workshops for effective risk identification.
Conducts thorough risk assessments, articulating inherent and residual risks clearly.
Demonstrates processes, procedures, and systems for detecting fraudulent claims, collecting and analyzing fraudulent data, and conducting cost-benefit quantification analysis. |
---|---|
Risk Controls and Mitigation |
Maintains mechanisms, policies, and procedures to mitigate or eliminate identified risks, aligning with the insurer's risk appetite.
Conducts thorough evaluations of control options to ensure effectiveness in reducing risks to an acceptable level.
Regularly verifies the effectiveness of risk mitigation measures through documentation and continuous improvement efforts.
Shows robust oversight from the Board of Directors, active management involvement in design and implementation, strong employee support, and regular auditor review to identify deficiencies and drive continuous improvement.
Provides meaningful anti-fraud initiatives, well-established strategies, and systems to combat automobile insurance fraud. |
Risk Prioritization, Monitoring and Reporting |
Demonstrates a comprehensive rating and underwriting risk prioritization process, ranking risks based on materiality and aligning them with the established risk appetite.
Regular monitoring and reporting procedures are in place, with systematic assessments conducted timely and ad-hoc as needed.
High-risk areas are regularly reviewed, and action plans are promptly established for risk mitigation, with clear escalations to Senior Management and the Board of Directors to maintain risk levels within acceptable risk thresholds.
Collects and analyzes fraud data effectively and reports quality data to FSRA's Fraud Reporting Service in a timely manner. |
Appendix B – Examples of sound characteristics of data governance and model risk management
Data Governance |
Demonstrates robust data governance policies and procedures.
Conducts thorough data quality assessments and verification.
Proactively identifies and resolves data problems.
Clearly defines data ownership for data quality accountability. |
---|---|
Model Governance Framework Three Lines of Defence Model Policies and Procedures |
Comprehensive model governance framework with clear policies and controls.
Application of "three lines of defence" concept.
Detailed policies and procedures tailored to model complexity.
Regular validation and performance monitoring. |
Model Interpretability and Explainability Model Approval Function |
Implements comprehensive tools for interpreting and explaining advanced predictive models, ensuring both interpretability and explainability.
Has a designated senior accountable person or internal committee responsible for reviewing all relevant materials and approving models for implementation, with appropriate documentation.
Prioritizes clear communication of model results and risk drivers to stakeholders, including consumers and business partners. |
Model Life Cycle Model Review and Validation Clearly Defined Model Materiality |
Implement robust processes and controls throughout the model life cycle to mitigate inherent risks related to data, model development, and implementation.
Conducts thorough and regular independent reviews and validations to ensure model accuracy, reliability, and suitability for business objectives.
Employs thorough processes to assess model materiality based on size, complexity, and financial impact, coupled with a tailored governance structure integrating both quantitative and qualitative measures. |
Model Inventory Model Documentation Model Risk Scoring and Measurement |
Maintains an updated, centralized model inventory with robust risk-based controls, ensuring accuracy and deployment of appropriate models for automobile insurance rating and underwriting.
Comprehensively documents technical, operational, and control aspects throughout model life cycle, emphasizing clarity and version control.
Has a consistent scoring and measurement process to assess and quantify model risks, facilitating proactive risk management. |
Model Fairness |
Demonstrates robust and advanced framework, tools and processes to continuously monitor and mitigate any potential unfair discrimination and bias throughout the modeling process, ensuring compliance with regulatory standards and promoting fair outcomes for consumers. |
Model Implementation Model Performance Monitoring |
Exhibits thoroughness in the implementation process, establishing controls and conducting comprehensive user acceptance testing to ensure accurate implementation of model outputs, thereby minimizing the risk of errors in rating, underwriting, and risk classifications.
Maintains monitoring mechanisms to promptly detect any deviations from anticipated outcomes, allowing for timely adjustments and ensuring ongoing accuracy and achievement of fairness outcomes. |
Appendix C – Examples of sound characteristics of governance
Risk Appetite |
Clear and comprehensive risk appetite statement that sets out risk appetite for automobile insurance rating and underwriting processes and risks.
Specifies acceptable levels of operational risk with measurable components.
Robust reporting and escalation thresholds for monitoring and effective challenge and response. |
---|---|
Clearly Defined Roles, Responsibilities and Accountabilities |
Senior Management establishes clear policies and processes tailored to automobile insurance rating and underwriting.
Roles and responsibilities are clearly defined.
Accountability mechanisms ensure adequate and appropriate oversight of operational risks specific to automobile Insurance Activities.
The Board of Directors and Senior Management demonstrate a thorough understanding of fiduciary obligations and responsibility for Fair Consumer Outcomes, consistently integrating these principles into all automobile insurance rating and underwriting decisions. |
Three Lines of Defence |
The first line demonstrates clear ownership of operational risk across automobile insurance rating and underwriting, implements appropriate controls to mitigate operational risk and assesses control effectiveness though operational management tools.
The second line has the technical capability and knowledge to challenge the first line and provide independent oversight.
The third line, administered by internal audit, offers independent comprehensive assurance on the quality of controls and risk management. |
Effective date: TBD
[1] The Chief Executive Officer (“CEO”) may exercise regulatory authority under AIRSA and the Insurance Act. However, for the purposes of this Guidance, reference will only be made to FSRA as the CEO exercises such authority in his capacity as FSRA’s chief executive (and not in his personal capacity) and may delegate authority to FSRA employees, as permitted by s. 10(2.3) of the Financial Services Regulatory Authority of Ontario Act, 2016 (the “FSRA Act”).
[2] “Consumer” is defined as a person or business that has purchased, intends or is likely to purchase automobile insurance.
[3] For clarity, FSRA’s interpretation of 3(5) is equally applicable when FSRA decides whether to refuse to approve an insurer’s risk classification system under sections 7 and 7.1 of the AIRSA, as well as under subsections 412(6) and 415(1) of the Insurance Act.
[4] Advocacy Centre for Tenants-Ontario v. Ontario Energy Board (2008), 293 DLR (4th) 684 at paras 55 and 56.
[5] This Chapter of the Automobile Insurance Rating and Underwriting Supervision Interpretation and Approach Guidance replaces the "Operational Risk Management Framework in Rating and Underwriting of Automobile Insurance” Information Guidance released in September 2022. The Information Guidance articulated foundational and sound practices for operational risk management in the rating and underwriting of automobile insurance in Ontario, and promoted just, reasonable, and accurate rates, as well as fair treatment for consumers during the underwriting process.
[6] Relevant criteria may include data accuracy, data appropriateness, data completeness, data timeliness, data integrity/lineage, data consistency and data uniqueness.
[7] Model life cycle typically consists of the following phases: business rationale, data and related data exploratory analysis, development, vetting, approval, deployment, review/validation, modifications & decommission.
[8] In model risk management the first line lies with the model owner, developer, user. The second line performs independent model review and model risk management, the third line is the independent audit or periodic review function.