On January 22, the Financial Services Regulatory Authority (FSRA) held an online Town Hall for Ontario-incorporated insurance companies and reciprocal insurance exchanges (“insurers”).
At the event, FSRA provided supervisory updates, including key messaging that was conveyed to Board Directors of insurers at the 2024 Insurance Board Directors Conference.
The town hall included an overview of the different types of engagement that FSRA has, and will continue to have, with insurers under RBSF-I.
There was also an overview of the objective and use of the information FSRA receives from insurers, as well as an update on the timing and approach for assessments.
Thank you to everyone who attended.
FSRA continues to work on behalf of all stakeholders, including consumers, to ensure financial safety, fairness, and choice for everyone.
Insurance Prudential Virtual Town Hall Deck
Date: January 22, 2025
Presenter: Steve Kokaliaris – Director, Approvals and Supervisory Practice, David Maxwell – Head, Regulation and Strategic Initiatives
Q&A (all questions answered in the webinar)
Remote video URL
You can view this video with closed captioning by selecting the “CC” button in the video menu. Note: the closed captioning text is automatically generated and has not been reviewed for accuracy.
0:04
Hello everyone and welcome to today's webinar, FISRA's Town Hall for Ontario Insurers.
0:12
Before we get started, I'd like to go over just a couple of items that you know how to participate in this event on this platform.
0:19
You've joined the presentation listening through your computer speaker system by default.
0:25
And to make adjustments to your audio, such as selecting different speakers, click the settings wheel at the top right of the GoToWebinar window and you can make your changes there.
0:35
Throughout the presentation you can submit questions for our speakers by typing them into the questions panel and to access this panel click the questions icon at the top right.
0:45
You can submit your questions at any time and we will address them during the Q &A portion at the end and you may also enable closed captioning for this presentation.
0:55
So just click on the CC icon located towards the bottom right of the webinar, and you can go ahead and turn that on if you'd like. So with that, I'd now like to introduce Brad.
1:11
Thanks, Karina.
1:11
My name is Brad Hodgins, and I'm the Director of Risk Governance and Financial Stability, and I will be your host for today's presentation.
1:20
Thank you for attending today's Insurance Town Hall.
1:23
I hope you find today's information beneficial, so let's jump right So today we'll be talking about some guidance updates, as well as principle-based approach and outcomes, and finally risk-based supervision.
1:38
And finally, as Karina pointed out, we will be taking questions, so please enter those throughout the presentation today, and we will address those at the end.
1:46
First, let us acknowledge the land that we are on is the traditional territory of many nations, including the Mississaugas of the Credit, the Nishinaabek, the Chippewa, the Hutunashone, and the Wendat people, and is now home to many diverse First Nations, Inuit, and Métis peoples.
2:08
We acknowledge that Toronto is covered by Treaty 13 with the Mississaugas of the Credit and the Williams Treaties signed with multiple Mississaugas and Chippewa bands.
2:20
Next slide, please. So today we have two presenters.
2:28
We have David Maxwell, the Head of Regulation and Strategic Initiatives, and Steve Cochlearis, Director of Approvals and Supervisory Practices.
2:37
I would now like to hand over the presentation to Steve Cochlearis, who will take us through an update on guidance.
2:43
Steve, take it away.
2:49
Okay, thank you, Brad.
2:51
Yeah, so I just, over the next few slides, I'd just like to spend some time to give you an update on guidance and just speak to you a little bit about why we even develop guidance.
3:05
I think it's fundamental to understand.
3:09
It's a big part of what FISRA does.
3:14
And so the main reason we do this, and this is tied to our statutory objects, one of which is to promote high standards of business conduct.
3:27
So that's what guidance does.
3:30
it establishes standards for business activities and conduct.
3:36
And I know, you know, you may think of it as, you know, just creating another obligation or set of compliance standards, but, you know, at the end of the day, we really do this to help insurers identify and manage their risks effectively.
3:56
So, you know, at the end of the day, you look at it, these are risks, these are issues that apply to all insurers.
4:06
And what we are trying to do is to say, you know, when you are looking at these risks, you know, these are the things that you should take into consideration in order to ensure that they are being managed effectively.
4:22
So, you know, if you do those things, you know, we think that that will support the safety and soundness of the sector. So how does FISRA apply the guidance?
4:37
Well, you know, ultimately our goal is to assess the risk profile of each insurer and determine its overall risk rating.
4:46
And, you know, to do that, we would assess the extent to which the outcomes, which clearly laid out in the guidance are being achieved.
4:59
And so, you know, what I would say is, you know, when we do this, we focus on the outcome, you know, we recognize that each insurer is different.
5:10
And you know, there's more than one way to crack an egg or peel orange, so to speak.
5:18
You know, the second thing that I would emphasize is, you know, we apply proportionality.
5:24
You know, we recognize that, you know, many of the Ontario incorporated insurers and reciprocals are not large.
5:35
You know, you're probably, if you're out there working at one of them, you're probably wearing more than one hat and you're probably asking yourself, how do I achieve these outcomes?
5:46
And I think that is where FISRA can add value.
5:52
We have a lot of people who are experienced within insurance, experienced within regulation and risk management.
6:02
I think if we understand what you do, how you do it, we can sort of make value added recommendations in that regard. Okay, next slide please. Okay, so we covered off why we do it.
6:22
Now I'm going to just talk a little bit about how we do it.
6:26
Well, we do it based on a demonstrated need. So, you know, how do we do that?
6:36
We consult, we seek feedback from stakeholders in the industry.
6:42
We pay attention to what other regulators are doing and the latest developments and approaches to see, does that make sense in our sector as well? We do macro surveillance, so we are aware of emerging risks.
7:05
We receive regular reporting, property and casualty forms, board packages, we meet with the board, senior management, all of these things would certainly go into what types of guidance we develop.
7:28
As you can see, there are a lot of steps in the process.
7:35
What I want to focus on for the purposes of this slide is that, you know, there is a consultation period, you know, it's a long process, it takes quite a long time, but from the point of consultation to publication, it's typically about six months, and the important point I want to emphasize it here is that we seek your feedback and we ask that if you are providing a submission that it be reviewed by your board and that it reflects the view of the board ultimately.
8:25
And it's probably a good time to sort of familiarize yourself with it anyway, even if you're not going to be making a submission because, you know, each piece of guidance will have, you know, roles and responsibilities of the board and senior management.
8:47
You know, and I want to emphasize that we really do read every submission.
8:53
You know, our policy people do this. But in addition to that, I do it.
8:59
David Maxwell, who will be speaking to you in a few minutes, does that.
9:03
So, we look forward to your feedback and, you know, when we publish the final guidance, you'll not only have the guidance, but you'll also have a summary of all the feedback submissions, as well as Fisra's reply and what we did, if anything, ultimately in response to that.
9:31
Okay, next slide, please.
9:37
Okay, yeah, what you see here, I would term as the three pillars of supervision, governance, capital, or financial resilience and operational resilience.
9:53
I think it's fair to say that, you know, FISRA guidance with respect to the Ontario Incorporated insurers and reciprocals was pretty thin.
10:07
You know, in the past, it really just was three main areas.
10:12
You have the minimum capital test and, you know, also a couple of relatively old pieces guidance that relate to investments and reinsurance.
10:29
So our, you know, our work plan, which I will speak to on the next slide, you know, focuses on these three areas, which I would deem to be foundational.
10:45
Okay, so let me just talk a little bit about work that is underway.
10:53
As I mentioned, we develop guidance based on a demonstrated need, and these needs are contained within an official guidance work plan.
11:08
Typically, it's a three to five-year plan that we would do for the regulated sectors.
11:16
In the case of insurance, we, you know, we decided, you know, that a four-year plan was appropriate.
11:25
And, you know, again, we consult, like even on the plan before we develop and finalize it, we do consult.
11:34
We, we, there is a technical advisory committee, which is comprised of senior people from the, from the sector, which would sort of, we would share it with them.
11:46
They would comment upon it before we consult on it and finalize it.
11:55
But, you know, what I would emphasize though is, you know, we apply it flexibly.
12:00
So nothing is etched in stone, you know, and it's certainly possible that, you know, over a four year period, it's a pretty long period of time.
12:11
and we would certainly consider, you know, pivoting, you know, where it makes sense.
12:19
So in terms of, you know, the plan itself, you know, over 2023-24, you know, operational risk and resilience, corporate governance were the two pieces that we focused on and I believe those will be finalized and published soon.
12:43
And the other thing that is in the works is the own risk solvency assessment and sort of internal capital targets guidance.
12:55
So if we can, yeah, just go to the next slide and I'll wrap this up by, okay, yeah.
13:03
So corporate governance, again, those are the two pieces that are upcoming.
13:09
What I would emphasize though, again, with corporate governance, I don't think there is anything here that most insurers would not have been exposed to in terms of the principles.
13:26
For example, one of the principles is clear roles and responsibilities.
13:33
The board needs to know what their role is, what the responsibility is.
13:37
That's a key principle in the guidance, as well as board independence and composition, right?
13:46
In order to exercise effective oversight, you have to be independent, you have to have appropriate skills and experience.
13:58
You know, I think these are principles that everybody can live with.
14:06
And again, with respect to operational risk and resilience, that is another piece of foundational governance or foundational guidance.
14:18
Again, whether it's cyber, IT, third-party risk management, et cetera, these are all critical things that affect an insurer.
14:32
But again, the key here is that, you know, you have to have an appropriate framework or process where you are identifying the operational risks or risks in general, assessing them and providing effective oversight over them.
14:54
That is where we would, that is the key outcome that we would be looking for when we conduct an assessment.
15:04
And next slide, please.
15:10
Right, okay, so the ORSA internal capital targets guidance which I mentioned a few minutes ago, this is just to remind you that a public, the consultation phase is underway.
15:29
If you haven't submitted yet, have until January 28th.
15:37
As you can see here, it kind of opened in November, so it's a 60-day consultation period and we look forward to your feedback in this regard.
15:52
So David, I think I will hand it over to you for the next part of the presentation.
16:02
Thanks Steve.
16:04
So I wanted to take what will be another opportunity to speak to the group here about PBR and RBS.
16:13
Part of this is a conversation that we had with board directors at our directors conference in the fall and wanted to reiterate some of that material because this is a slightly different audience.
16:26
I do note that we had a number of directors register for the town hall as very happy to see that engagement from directors, from boards, and we keep talking about how foundational that engagement is to our processes.
16:40
I might even say that a few times today, but we're seeing an increasing amount of participation in forums such as these, and we very much appreciate that.
16:52
For those of you who were at the Directors Conference, if you're worried about repetition, I promise this will be a far cry from Samarine's measured and prepared delivery at that conference. And I think, you know, there is also power in repetition.
17:09
And you'll have noticed themes emerging as we talk through not just our guidance, but our broader approach.
17:15
And that's because we want to emphasize these things, we want to drive home the importance and talk about what the implications are both for FSRA and for our regulated entities. So thanks for continuing that conversation with us today.
17:31
And we can move on to the next slide.
17:36
So again, we've talked about this in town halls before, we've talked about PBR in our webinars, at our directors conference.
17:46
I won't go on for too much longer about it, but I do sort of, in the context of what we're about to talk about hit on a couple of key points.
17:56
The first one is that it does require trust.
18:00
It requires trust for both parties, in fact, if PBR is going to be successful.
18:06
We are working to build that trust through increased transparency, through these types of forums, through meeting one-on-one with insurers, with your boards, with management teams, and being as clear as possible about what we're trying to achieve and how we're trying to achieve it.
18:20
We've also seen concerted efforts on the part of insurers to build up that trust with us through increased transparency and engagement.
18:30
And we very much appreciate that and really there has been a measurable increase in the maturity of the sector in that regard over the last 18 months.
18:42
We will focus a little bit on responsibility of the board because I think this is a message that we do need to continue to drive home.
18:48
What are the specific responsibilities that the board can't delegate and those responsibilities that it can delegate ensuring that they're clearly delegated and that everybody's clear on who's responsible for what.
19:03
And then, and this will be a new part of the conversation for some of you, but I do want to talk about achieving intended outcomes that I've said that enough times that I shouldn't stumbling over it at this point.
19:18
We've talked about an outcomes focused approach quite a bit, but I'd like to dig a little bit more today into where you can find those outcomes and ultimately how we use them in undertaking the work that we do. We can move to the next.
19:36
And I do want to emphasize that I'm understanding that this material is familiar to some of you.
19:42
We are taking questions throughout, so please feel free to enter your questions.
19:47
We will be tackling those at the end.
19:50
So I wanna start with why we're focused on outcomes.
19:55
I think outcomes is really a huge part of a principles-based approach.
19:59
It's a big focus for us for a couple of reasons.
20:04
The first one being that as hard as we try to build up a comprehensive and up-to-date knowledge of the insurance sector in Ontario, You guys know your business best, and giving you autonomy to create the strict structure systems processes that are appropriate for your individual insurer is honestly the best way forward for us.
20:29
We have a, and I say this in the nicest possible way, a weird and wonderful sector with a really wide range of business models, sizes, levels of complexity.
20:41
And you are the ones who understand that best and should have the autonomy to create processes that make sense for you.
20:50
It's important also for us to have less reliance on a comprehensive set of rules and a compliance mindset.
20:58
A comprehensive set of rules is great at the outset, but ultimately has to change every time the environment changes.
21:04
That leads to a lot of change management, a lot of additional work, both for the regulator and for the sector.
21:12
And also rules can be gained. And in fact, my experience as a regulator suggests that new rules just lead to new ways to game those rules.
21:22
We're never going to be able to cover every single possible occurrence in a set of rules.
21:28
And so taking the approach of principles and ultimately outcomes that we're looking to see achieved, allows us to have a flexible regime that can evolve but also one that encourages dialogue and mutual understanding rather than incentivizing a regime where people are just looking for a way to find the holes in it.
21:49
And then finally, flexible and scalable. This is sort of the key benefit of outcomes from my perspective.
21:58
Again, weird and wonderful sector, and ultimately, we need to be in a position to be able to apply our approach proportionally.
22:09
We exercise judgment every day as we regulate and supervise the insurance sector, and in doing so, we need to be able to, in a position to, again, understand the structure systems processes, people that you have in place as part of that autonomy that we talked about earlier, and how that's achieving the outcomes.
22:33
And really, I think, you know, outcomes have proved to be the only really effective way of promoting that type of behavior.
22:42
Ultimately, this means that, you know, FISRA as an organization has to have appropriate skill sets to bear.
22:50
We need to be able to understand the sector at large.
22:53
we need to be able to understand each insurer in detail in order to apply proportionality, in order to understand how these outcomes are being achieved.
23:03
And so that's an additional onus on us.
23:06
And we've spent the last 18 months to two years building up a team.
23:11
We will continue to build up the skill sets of those teams to make sure that they are appropriately placed to foster that type of understanding.
23:20
It also means that insurer boards of directors and management teams, but I think particularly boards of directors need to reflect on how these outcomes are being achieved and why they're comfortable that they're being achieved.
23:35
What information are you getting from your management teams that makes you comfortable that you're achieving the outcomes?
23:42
Ultimately that's the conversation that we want to have with you in our quarterly monitoring meetings, in our ad hoc meetings, in meetings as part of a formal RBSF assessment, why are you comfortable that these outcomes are being achieved?
23:55
And so, again, the last bullet there, the commitment to more frequent and transparent engagement allows for that conversation and allows for us to understand, again, why you're comfortable that the outcomes are being achieved.
24:11
So if we go to the next slide, we can move away from why we're focused on outcomes, to where you can find some clues as to the outcomes that we're seeking.
24:22
And I want to start with our statutory objects, because these are ultimately the statements that drive all of our activities, whether it's with respect to corporate governance or resilience or the ORSA on the regulatory side, our supervision, including our monitoring, our thematic reviews, our RBSF assessments.
24:43
All of these are driven by the statements that you see on the right hand of the slide here. Some of them are general to FISRA overall.
24:51
Some of them are specific to financial services.
24:54
We also have standalone statutory objects for our credit union sector, for our pension sector.
25:00
But ultimately, as I said, this is what drives our strategy as a regulator.
25:07
It's what drives the tactical elements of how we that strategy and it's a reflection of our integrated mandate which really means and this will become increasingly apparent in our interactions with you the need to sort of balance prudential concerns with consumer protection concerns and ensuring that we're able to you know integrate those two elements into ultimately our view of the risk at each of our insurers and within the sector and the compensating controls that are in place.
25:42
So the statutory objects are a great place to start, but we go further than that.
25:47
And if you see the next slide, we talk more specifically about outcomes in our guidance.
25:57
And you'll see examples here of outcomes that stem from particular pieces of guidance, but Ultimately, these all cascade from what you saw in these statutory objects.
26:10
We want to foster an understanding of our approach.
26:13
We want to foster an understanding of what we're hoping is achieved.
26:18
And I think, hopefully, as you look at this, you'll agree on a couple of things.
26:21
First of all, that these all relate back to statutory objects, specifically high standards of business conduct, strong, stable, competitive, and innovative financial services, and consumer confidence in our financial services sector and specifically the insurance sector.
26:38
The other thing that I hope you can agree on is that these are shared outcomes that we're all seeking to achieve.
26:47
And I think looking at it that way leads to a much easier conversation between a regulator and a regulated entity.
26:53
This idea that I think we can all get behind what you see here on the page as a way to that consumers continue to have the choice that you provide in financial services, services that fit their specific needs, and that your individual insurers are long-term viable and can continue to fulfill their obligations to your members, to your subscribers, to your policyholders. On to the next, please.
27:28
So again, if we talk about the role of the board and outcomes, I think Ultimately, I mean, the board is responsible for a number of things here, clearly driving strategic goals of the insurer and ensuring that there are appropriate linkages there, for directing management to operationalize those elements, and for fostering a culture that promotes flow of information to decision-makers and specifically to the board in this case.
27:59
This is all done to ensure that the board has an appropriate view of the insurer's activities, of the risks, of the controls that exist and can get comfort that the right information is coming to their attention.
28:14
But it's also so the board can make independent and informed determinations about whether outcomes are being achieved, which is why we put that in bold at the bottom.
28:23
And again, comes back to that dialogue with the regulator as we talk to your board, we will seek to understand how they get comfort that outcomes are being achieved.
28:34
And to the extent that they're able to articulate that, we go a long way towards having accomplished our goals.
28:46
On to the next slide, please.
28:51
So there are sort of expectations, I think, that are set as part of the engagement.
28:56
Again, constructive engagement, information flows between insurers and FISRA.
29:03
Some of them are listed here, and I think if I was to boil it down, it would really be in terms of our expectations of you, access to the people and materials that we require in order to exercise supervisory judgment.
29:24
And ultimately, again, a constructive dialogue around potential issues, around recommendations, which we'll talk to in a little bit, so that ultimately we're all driving towards enhancements to individual insurers to the extent that they're warranted, and ultimately a stronger and more resilient sector going forward.
29:43
As far as your expectations of FISRA, really a central point of contact so that at least within FISRA the right hand knows what the left hand is doing.
29:55
A really rigorous assurance quality assurance program that makes sure that when you do get something from us in writing that recommends or requires enhancements to your processes and identifies identified issues we're not just talking about the opinion of one person or one small group of people.
30:16
This really does go through a number of levels of QA.
30:20
And then also we will feedback sector intelligence, insights into strategy initiatives, what we're hearing from around the sector, what we're seeing in the data and in the information that we're being provided.
30:32
Again, with the end goal of driving a stronger and more resilient sector that's positioned to ultimately fulfill its commitments to the two subscribers, policyholders, and members. Next slide please.
30:54
We include this slide as a bit of a caveat because I think obviously there's going to be a spectrum of activity for a regulator and principles-based regulation does not mean all principles all the time because there are instances where collaboration breaks down and where we will become more prescriptive in order to ensure that ultimately we avoid, whether it's harm to consumers, harm to the reputation of the sector, or incidents at specific insurers that ultimately can lead to both consumer and sectoral harm.
31:34
What I always want to stress as we look at this is that it takes a very long time for us to get there.
31:40
We want to regulate and supervise via principles.
31:44
We want this to be a collaborative environment, but we acknowledge based on our supervisory experience that this isn't always the case.
31:56
And so we will talk to you through every stage of this spectrum of activity to ensure there's clarity about where we're coming from.
32:02
And to the extent that our approach changes, you'll have very good indications as to why.
32:08
Next slide, please.
32:14
So we've talked about PBR in sort of the broader context and now I want to move on to how it informs ultimately a risk-based supervisory approach in the context of our framework. Next. So again we've talked about outcomes focused.
32:33
I think if there's an element here that I want to stress is that these assessments are always or also forward-looking and so this moves beyond the typical compliance mindset and ultimately looks at issues that we may identify and you know associated remedies that have the potential to cause future harm either to the insurer or to consumers.
32:57
That requires a more nuanced and expert view and we've talked about the skill sets that FISRA is building up and has built up in that regard but ultimately I think as we ultimately do more and more formal RBSF assessments and issue recommendations, potentially even requirements or observations, that we do take a forward looking view.
33:21
And this is not necessarily an indictment of where you've been or where you are right now, but a function of our mandate to look ahead and identify where current structures, current processes, the lack of current controls may ultimately lead to issues down the road.
33:39
Again, we relist the FISRA objects here because we love them very much, but also these are the elements that drive all of our behaviors, including our risk-based supervision.
33:51
Next slide, please.
33:57
So we have, the RBSFI has been in place now for quite some time, and a lot of progress has been made in terms of its implementation.
34:08
A small subset of you will have already seen a formal RBSFI assessment, But I want to emphasize that that's only part of the activities that we undertake as we look to build our knowledge of the sector and ultimately form a risk-based view of where we need to allocate resources.
34:25
We've already undertaken the establishment of relationship managers for every insurer.
34:30
We have started enhanced information collection.
34:32
We've met with individual directors, with full boards, with senior management teams.
34:39
And we, as Steve has talked about, have started the issuance of sort of a foundational set of guidance.
34:47
We're working to integrate more and more with our colleagues in market conduct to fulfill that integrated mandate that I talked about earlier and ensure that we're appropriately balancing harm to the insurer itself with potential harm to consumers.
35:02
and we continue with every interaction, with every meeting, with every time we answer questions at one of these town halls or webinars, to build that knowledge of individual businesses, build the knowledge of the sector, and I feel confident in saying that the last 18 months to two years worth of activities have gotten us to a very good place in that regard, and the actions that we take now, the conversations that we have, I want you to take comfort in the fact that they're coming from an informed place and that we will continue to refine that and make sure that it's up to date. Next slide please. So how do we build that knowledge of business?
35:50
We have a number of activities that lead to that and this is leaving aside forums such as this, but ultimately we do have supervisory assessments and a number of those have taken place at this point.
36:05
Those supervisory assessments are determined as part of a supervisory strategy that also includes thematic reviews and includes monitoring.
36:14
And I'm going to turn it back over to Steve in a little bit who's going to describe those activities in more detail.
36:20
But just know that we are taking a strategic approach to this.
36:26
And so those of you who have already been through a formal RBSF assessment.
36:31
It's because we felt not necessarily that you were particularly risky, but there was a specific element of your business or perhaps a specific business line overall or elements to your control infrastructure that really we felt we needed a better understanding of, sooner rather than later, in order to ensure that we could continue to allocate resources in a risk-based way.
36:56
Ultimately, as I said, all of these activities take place with proportionality in mind.
37:03
And so we look to your size and complexity, we look to your risk profile, and that's often just a function of the nature of your business.
37:12
And we'll also look to the impact on the overall sector of a potential failure as we take our risk-based approach.
37:18
So, as we go through this process, again, transparency and open communication is a huge part of what we are undertaking, what we are committing to the sector to do.
37:31
And so, in advance of these activities, you can be very clear as to our intentions, as to the information that we're seeking, as to the people that we want to talk to, so that ultimately this engagement continues to be.
37:44
Next slide, please.
37:51
So, in what may be another sort of new segment for these types of engagements, I wanted to talk a bit more specifically about why we request certain information and how we use it.
38:05
Because I think this is something that you will be exposed to more and more as we, again, engage in the activities that I just talked about, whether it's thematic reviews, formal RBSF assessments or ultimately just monitoring activities.
38:22
So if we move to the next slide, again, as we foster a comprehensive and up-to-date understanding of each insurer in the broader sector, we need to collect information.
38:35
Some of that will be collected regularly.
38:37
Some of that we'll reach out and do on an ad hoc basis.
38:41
The list that you see here is not comprehensive.
38:45
These are examples of the information that we would typically wanna see as part of our work.
38:50
As we dig into an RBSF assessment, it will get considerably more detailed than this.
38:56
But what I do wanna stress as part of this is that we wanna see what you already have in place.
39:03
And so you should not be in a position where you're having to create new things for us, new documents, new reports.
39:09
We wanna see how things are actually working now.
39:13
And we wanna understand why that works for you.
39:17
So, we're conscious of the time it can take to provide us with information, but please note that we do want to rely on what you already have at hand, and hopefully it's as simple as just pulling it off a shelf and passing it over to us.
39:34
More and more, we're going to be looking at board and board committee packages.
39:38
This is not an indictment of the level of governance that exists in the sector, but rather a very common supervisory practice.
39:49
Board and board committee packages are a great summary of all of the important things that are happening at an insurer or any financial institution at the right level for a regulator to understand and perhaps probe a bit to understand more.
40:06
And so for us, these are preexisting documents that we leverage whenever we can, again, to ensure that we have a comprehensive an up-to-date understanding of each insurer.
40:16
So a lot of times this is just about understanding the delta. What's changed? Is there anything that we need to know about?
40:23
And then that review will inform our quarterly monitoring meetings, getting more information from you, understanding what your perspective is as to the key issues, the key concerns, the major initiatives that you're keeping an eye on.
40:36
So both board directors and management teams can expect questions around these board and board committee packages.
40:47
And I'm not talking here about some sort of test about what was in the package.
40:52
We want to understand your perspectives, the questions that may have been asked, rather than exactly what was on slide 543 of the risk committee package.
41:05
Next, please.
41:11
So I wanted to stress this because I think it's important.
41:14
And again, whether we're talking about board packages or reports or what we're seeing in regulatory returns or anything else that we get from you as insurers, we will take reasonable steps to understand how outcomes are being achieved.
41:28
So we're not going to make snap judgments based on the report that we receive or on the board package.
41:36
It will spur a conversation with your management team, potentially with your board, so that we can get a better understanding again of why this works for you and why you're comfortable that ultimately outcomes are being achieved.
41:51
We'll also only request what we really need.
41:55
And I say this with all sincerity, we don't want to request any extra material because it just leads to extra reading for us.
42:04
I'm an inherently lazy person and I would never let that happen.
42:08
And so we will go back and forth with as often as is needed to understand the information that we're truly seeking, to resolve instances where you know we may be asking for a document called one thing but you call it something else or maybe it's contained in several different documents.
42:27
We don't have any views as to exactly what the information looks like as long as we can access it and again understand why it works for you.
42:35
So we'll only ask for what we need but we will also make sure that there's a strong understanding that we ultimately are getting the right things and that we agree. And then finally, you know, we do expect transparency.
42:57
When we ask for information, it's because we need it in order to do our job.
43:03
When key information is missing, and again, after we've had a conversation and are unable to get comfort that it's okay that it's missing and that outcomes are still being achieved, we do need to make conservative assumptions about how risky things are or about how effective associated controls are, which may ultimately impact our overall view of the riskiness of the insurer.
43:28
I mean this not necessarily as a, in fact, not at all as a threat, but just as a way of understanding, again, why we ask for information, the way that we use it and why transparency is so important to us in that regard.
43:49
So again, I hope that this fosters a better understanding.
43:54
I think, you know, again, when I think about the sort of who our sector is comprised of, whether it's the Mutuals, the Farm Mutuals and Farmry, which are almost a sector under themselves, whether it is the reciprocals and they're the unique nature of their operations or just you know our stock P &C companies and there's a lot of variety that exists there as well from you know professional errors and omission insurance to traditional auto insurance to some very innovative models across product lines.
44:33
This is the approach that we have taken to understanding that diversity, to be able to look at risks across the sectors and to be able to figure out sort of where we need to focus our attention, given our own limited resources to ensure that the outcomes that we're seeking are being achieved.
44:56
And with that, I believe the next slide leads me to turning it back over to Steve.
45:08
Okay, thank you, David.
45:10
And the next part of the presentation deals with the timing and approach for, uh, assessments. Next slide, please. Yeah.
45:26
So in terms of the timing of assessments, uh, the key point here is that, you know, there is no review cycle.
45:36
Um, so, you know, we wouldn't be coming out every six months or every year or every three years.
45:42
Um, we, you know, we would, you know, the timing would be based on basically our assessment and of associated risks, right?
45:55
So, you know, we collect information, we review it, we conduct macro surveillance.
46:03
So we would also consider, uh, environmental factors and, you know, of course, size and complexity always enters into it. We are risk-based.
46:18
But, you know, at the end of the day, we're not going to come out every six months or year.
46:27
And the final point I'll make on timing is that you can be sure that or rest assured that there will be no surprises.
46:38
You will well in advance of our intention to conduct an assessment well well before you ever receive an official notification letter or email.
46:54
But you know one thing I would say is we are a relatively small team we're risk-based sometimes we have to devote time and resources to other priorities as they And so, you know, the timing of assessments is definitely subject to change.
47:18
You know, so how long does an assessment take?
47:20
Yeah, so there's no sort of set timeline.
47:25
I know the slide indicates that on average it takes up to four months.
47:33
But, again, that will depend on size and complexity and availability of information.
47:41
And, again, that also includes, you know, we notify you, we give you time to reply with the information.
47:52
You know, we have to conduct the fieldwork.
47:54
Once we do that, you know, we also have to formally document it.
47:59
there's a quality assurance process and then, and then finally, you know, we would issue a supervisory letter.
48:08
So, you know, it isn't like four months that, you know, we'll be continually or constantly, you know, interacting with you, I guess, is the important thing to keep in mind.
48:21
So, you know, in terms of assessment language, we try to avoid using terms like, you know, deficiencies or findings because I think that kind of conveys a somewhat prescriptive traditional audit type of approach.
48:42
So what you'll find is that we we use terms like issues and I think that may seem similar.
48:53
I think it's a respectful and professional approach and term and it I think it reflects the collaborative principles based approach to regulation you know that we are trying to maintain here at FISRA. Next slide please.
49:21
Yeah so as I mentioned before there is a quality assurance process.
49:28
Every rating before we assign it is subject to an independent panel review.
49:36
And what that means is that nobody who performed any of the assessment work can be on the panel.
49:46
And, you know, even before it goes to the panel, obviously, it would be reviewed by the relationship manager, it would be reviewed by a director, for example.
50:02
The panel itself, it's not always gonna be the same people, but it will always be comprised of individuals who have a lot of experience within the insurance industry, within financial regulation and risk management.
50:19
And they certainly apply and we benefit from their insights during the process.
50:30
And, you know, it goes without saying that whenever we conduct an assessment, we strive to do it accurately, consistently, and as transparently as possible.
50:44
Part of my role here at FISRA is supervisory practices.
50:49
And I can personally tell you that we go to great lengths to develop and communicate procedures for conducting assessments to all our staff within Credit Union Insurance Prudential in order to help achieve this.
51:07
So the final point I will make on this slide is that the relationship manager is the main point of contact when all of this is going on.
51:19
But that, you know, they don't have the ultimate decision-making power.
51:28
They are supported.
51:30
But ultimately, any rating that is put before the panel has to be supported with clear and objective evidence.
51:42
So again, if you're concluding something is low risk, we really are looking for evidence factors, indicators that would support that point of view. Next slide, please.
52:05
Okay.
52:05
So, look, when we conduct the assessments, again, we've probably gone over this before here, but we're looking to develop a knowledge of business.
52:16
We're trying to understand, you know, what activities do you engage in?
52:22
How are the responsibilities discharged and delegated to make sure that there is effective risk management, identification, and management.
52:35
So for an insurance product, as an example, we want to understand who does the underwriting, who handles the claims, what role do brokers play, if any, in that product?
52:46
Are there other third parties involved? And if so, what is their role? How is that managed?
52:55
Secondly, we would look at your risk appetite and if you're saying your risk appetite is moderate or low risk, we would look at your suite of products, we would look at your business strategy and we would see is that actually consistent?
53:15
Do your products, does your business plan actually reflect that or not?
53:23
And then thirdly, really, we would seek to see, I mean, this is important with respect to governance and oversight, what type of information is being produced?
53:36
How does it flow?
53:36
Who sees it?
53:38
Is it independent, et cetera?
53:43
And, you know, and finally, you know, we're risk-based.
53:48
We've said that again and again.
53:50
We're only going to focus on significant activities.
53:55
And I'll speak a little bit about how that's done in a moment.
54:00
But as an example, you know, investment management, that tends to be sort of a material activity at insurers.
54:12
But again, if it's all within government-grade securities and their short-term, we're probably not going to spend a lot of time in that area.
54:22
We'll move on to something that may in fact be more material. And again, it isn't a pass-fail.
54:35
The goal is to understand what it is you do, identify the issues, so that we can identify and make whatever recommendations we think are needed in order to manage those issues or risks.
54:55
Next slide, please.
55:02
Okay, so this slide kind of breaks down, how we look at an activity and so on.
55:11
So the first step, obviously, is we identify your significant activities.
55:19
How do we do that? Well, we review the information that is available to us.
55:25
We would look at your business plan. We would look at your organizational chart.
55:32
You file property and casualty forms to us every quarter. You file audited financial statements.
55:40
these are all ways that we can determine what is important, what are the important activities within your insurer. And at the end of that, we would identify which ones are significant.
55:56
Those are the ones we would assess.
56:01
So, in terms of the inherent risks, again, we would seek to understand the characteristics of the products that you offer.
56:13
So if you do auto, for example, we would seek to understand what is the mix of personal and commercial auto?
56:20
Is there any concentration by geography, by customer segment, and those types of things?
56:29
And once we determine the inherent risk, you know, that would sort of inform our sort of expectation as to or enable us to assess the quality of controls and oversight.
56:49
And, you know, if you look at our methodology, it's basically broken down into the three lines of defence, you know, where we would look to, among other things, determine, you know, is senior management, is the board getting appropriate reporting?
57:09
Do they have enough information to understand the risks associated with each product?
57:18
and exercise appropriate oversight or not.
57:26
So, you know, once we do this and prior to assigning any risk ratings or making any recommendations, you know, we have to be absolutely sure that the information we are relying on is accurate.
57:46
So, again, you can look at board packages and reports, but sometimes things may not actually be exactly how they appear on paper, and we need to have a complete picture.
58:02
And so that is why we emphasize, and you can expect, that there would be regular communication and interaction throughout the process.
58:15
And the final step is, you know, communicating the overall risk rating and intervention level.
58:26
Yeah, the key point I want to make here, it isn't a process, you know, where we would go away, you wouldn't hear from us for a few weeks and then you get a Once we sort of complete the fieldwork, do the ratings, we will sit down with you, meet, communicate the rating, and you will have an opportunity to discuss that with us.
58:54
So that, you know, by the time you get the supervisory letter, you will already know what the rating is, what the issues are, and where any recommendations or requirements will be focused. Okay, next slide.
59:22
Okay, so this basically breaks down, you know, the types of supervisory work into, you know, there are three main types.
59:33
You know, ultimately, as I was saying earlier, our goal is to assess the risk profile of each insurer and determine the overall risk training, and to help us do that and tying it back again to the purpose of guidance earlier in the presentation, one of the key things we will do is assess the extent to which outcomes which are clearly laid out in the guidance are being achieved.
1:00:04
And, you know, our approach to doing assessments. We have a risk-based supervisory framework for insurers and reciprocals.
1:00:13
That's on our website. The two types of assessments are comprehensive and targeted.
1:00:21
A comprehensive assessment is, well, you know, we would basically assess all of the significant activities of insurer. A targeted, as the name implies, would not look at everything.
1:00:39
It would isolate a specific activity or activities, but not all of them.
1:00:48
And it might even focus on a where, you know, FISRA will periodically undertake a review of a specific business activity to better understand the risk exposures and how risks are being mitigated and managed by the insurer.
1:01:21
So, you know, for example, this could have to do with an emerging risk and wanting to Hey, you know, is this really a material issue in the sector or not?
1:01:33
And if it is, you know, how well is it being managed?
1:01:39
So it could be a product, it could be a particular segment of the market of a product, or it could even deal with the fair treatment of consumers in terms of purchasing a product.
1:01:54
And these issues come to light, again, through any and all of our supervisory work, whether it's conducting assessments, reviewing information that is filed, or, you know, ongoing dialogue that we may have with senior management and the boards of insurers.
1:02:19
And, you know, when we're doing this, again, we would want to understand what is the level of board awareness of the issue?
1:02:28
Do they understand it?
1:02:29
Are they receiving appropriate reporting?
1:02:33
Are they exercising appropriate oversight or not?
1:02:40
And yeah, we have an example of that.
1:02:43
That would be the take all comers review, which is available on our website.
1:02:53
And the final category of supervisory work is the ongoing monitoring, where we would, as I indicated earlier, review information such as board packages, the P &C forms, and whatever we may find out during meetings with management.
1:03:22
Okay, next slide please.
1:03:30
Okay, we've come, I guess, to the final slide of the presentation and the key takeaways and you know what I would say is you know we're trying to get people in the sector to not think of assessments as prescriptive audit type exercises.
1:03:53
I know it's a lofty goal but hopefully after 30 plus slides on this I hope we've succeeded somewhat in convening that this is not a past fail, but rather, you know, part of a larger effort to get to know you, your business, and your risk profile a lot better.
1:04:17
And you know, engagement, openness, and transparency, David talked about that earlier, that is the best approach when it comes to assessments.
1:04:28
And as David also indicated, trust is an important prerequisite in all of this, and building trust takes time, right?
1:04:39
It can't be gained unless what we say, the themes, the messages that we try to convey to you, you know, reflect how we actually act day to day.
1:04:53
So, you know, before we go to questions, I'll just end it off by saying that, you know, if some of the messages and themes that we've talked about today, you know, are not, perhaps not fully reflective of your experience, then I would encourage you to reach out to us.
1:05:12
It could be a learning opportunity for you and for us, and I would very much look forward to that and hearing from you.
1:05:25
Okay, and I think we've come to the question period.
1:05:35
Great, thank you, David and Steve for those very informative presentations today.
1:05:39
Yes, so we are now at the question and hopefully the answer portion of today's presentation.
1:05:43
So please take the opportunity to enter any questions that have come to mind over the last hour and five minutes since we started this presentation, we will be happy to try to get you some great answers today.
1:05:54
So the first is not a question, but it's more of a comment and a suggestion.
1:05:59
And that is that FISRA take the opportunity to contemplate longer consultation periods to facilitate having the board have the opportunity to review the guidance going forward as well as put it on the agenda and have a fulsome discussion before the submissions are sent to FISRA.
1:06:18
That's a great idea.
1:06:19
We will take that on our advisement.
1:06:21
We do want to have the board do that.
1:06:23
And I will hand it over to David to elaborate on that?
1:06:27
Yeah, just to say that we do periodically get requests for extension to provide feedback as part of these consultations.
1:06:39
And so if at any point, and certainly, we will take the feedback as to longer consultation periods, but if there is a specific, for example, board meeting that falls just outside the period where you think that it would be great for the board to have a discussion and ultimately feed their impressions back through the insurer's feedback process.
1:06:59
We are almost always in a position to accommodate those requests when we're given enough notice.
1:07:08
So please don't hesitate to reach out at the interim if you feel like you haven't had enough time to get your board involved in the consultation process.
1:07:19
Thanks, David.
1:07:20
We have a question now about the choice between, or how is a choice made between comprehensive and targeted assessment?
1:07:28
Who makes the decision?
1:07:29
How is that assessment, the decision, how is that decision made to undertake one or the other and do all insurers subject it to one or the other?
1:07:38
How is that determined?
1:07:44
Do you want me to start with that one, Steve?
1:07:46
Sure, sure.
1:07:49
So I, there's no set methodology for this.
1:07:53
Ultimately, as part of our ongoing efforts, every insurer will be subject to a comprehensive assessment at some point.
1:08:03
Targeted assessments are done when they're needed.
1:08:08
If we identify a specific element of an insurer that we feel needs particular attention in the short term, a targeted assessment is a way for us to shrink our timelines, focus our attention and our resources in a way that sort of bridges that knowledge gap.
1:08:27
So I think in terms of comprehensive versus targeted, it's very much situation-specific.
1:08:34
But to the second part of the question, eventually, again, as we continue to sort of build up our bandwidth, every insurer will be subject to a comprehensive assessment.
1:08:48
I'm not sure if you had anything to add there, Steve.
1:08:50
No, I think you've covered it off really well, David, thank you.
1:08:56
He has to say that.
1:09:00
All right, our next question is, early in the presentation, it was discussed about things that are coming up, new projects, new kinds that's coming up.
1:09:10
So questions about what, how is ESG or is ESG a part of operational risk and resilience or will it be assessed under that umbrella?
1:09:27
As well, will we be, and then the follow-up to that was will we be releasing any additional guidance around climate risk management?
1:09:36
Yeah, so, I mean, I can address this one.
1:09:39
I think those of you who reviewed the draft guidance for out-risk and resilience will have noted an information section at the end that says that we will seek to understand how climate risk is ultimately integrated into broader risk management considerations at our insurers.
1:10:00
And that continues to be sort of the extent of our engagement in that regard.
1:10:06
We want to understand what it is that you're already doing rather than dictating an approach.
1:10:11
That may end up changing at some later date, but I think Fizra is of the view at this stage that, you know, there's no explicit expectations that will be articulated at this point.
1:10:27
We want to have a conversation and understand what the implications are for you, for your business, and how you're managing them.
1:10:35
As far as the S and the G are concerned, I think those are sort of foundational to everything that you're already doing.
1:10:42
You're already sort of very much embedded in your particular communities and engaging in the core social aspects there.
1:10:50
From a governance perspective, we are certainly issuing guidance in that space, but again, seeking to understand why your current arrangements work for you.
1:11:01
So I think ESG will continue to be a foundational part of our interactions, but I certainly wouldn't expect P15 style guidance in the near future.
1:11:16
We are cognizant of again, the different business models that exist in the sector, but also some of the challenges around data, around modeling in this space.
1:11:27
And we will work with you to better understand again, what you're already doing.
1:11:39
All right, so we've captured the questions that have come in that we can answer at this time.
1:11:43
If anybody else has a question, please add it into the questions box, and we will be happy to provide you with an answer.
1:11:51
So I will not say, I will not dance, but I will wait patiently for another minute, and hopefully something will come through.
1:12:00
Yeah, I will say we are getting some questions about specific product lines, about specific disclosure requirements.
1:12:09
This isn't really the right forum for that, mostly because I would give you a completely wrong answer but ultimately we do have a lot of experts within FISRA and I would encourage you to reach out to your relationship manager to make sure that we get the right people around the table to answer your specific question. I'm just here for my looks.
1:12:37
All right so we have a question coming in, will this presentation be shared?
1:12:39
Yes so this this presentation has been recorded today and a link will be sent to every participant that registered for this presentation in the coming days.
1:12:50
And as far as the presentation, yes, that presentation, I believe will be shared with all participants as well.
1:13:01
Not only do I believe it will be, I will make a definitive statement.
1:13:04
Yes, the presentation will be shared along with a link to the recording so you can have both the hard copy and the audio.
1:13:26
While we're just waiting to see if any more questions, I just wanted to sort of, and you'll have heard it a number of times throughout the presentation, but sort of emphasize some of the changes in language that you're hearing from Fesra.
1:13:42
Steve talked about issues, for example, rather than findings.
1:13:48
We talk about assessments rather than examinations or audits.
1:13:54
And again, this is all sort of reflection of, first of all, sort of the principles that we're articulating, but also acknowledging that this is a change of approach and that we are now looking forward.
1:14:07
And I alluded to this a bit earlier, but I do want to emphasize that as we come in, we're looking to understand the current state of things, but we are looking prospectively at potential risks and looking not just at your ability to manage risk now, but your ability to be viable long-term given a rapidly evolving environment.
1:14:32
And so I would hope that you embrace that point of view when we do engage in these conversations, look at issues as what they are, just issues.
1:14:44
It's not like we're coming in, finding things, having a gotcha moment.
1:14:49
This is very much about talking together about what may arise and how we can potentially mitigate the risks.
1:15:04
So as David said, we are getting a couple of questions that are very specific that please reach out to the relationship managers for those questions and they can be, we'll get the team together to answer those questions.
1:15:15
At this time, I'm not seeing any new questions based on the feed at this point.
1:15:21
It is 16 minutes after two.
1:15:23
So I would like to thank everyone for taking time today to be with us.
1:15:27
I hope that these presentations were beneficial.
1:15:31
And as always, as David articulated, please reach out to your relationship manager if you have any other questions that come up in the days and weeks to come.
1:15:39
And finally, I hope you have a great rest of the day and bye for now.