Slowly, but surely, and without a lot of fanfare, U.S. insurance regulators have been orchestrating a sea change in their interaction with companies over solvency. Not as dramatic as Solvency II in Europe, but the U.S. changes are actually happening while Solvency II remains mired in controversy a few steps from the finish line.
The most revolutionary part of new U.S. solvency oversight is the Own Risk and Solvency Assessment (ORSA). The ORSA requires management of insurers to disclose to regulators the process that they followed to determine the company’s solvency over the near future.
What’s the Big Deal?
There are two important revolutionary aspects to this requirement.
1. Shift in Responsibility
First, the opinion about solvency is to come from management, based upon their own judgment about what is needed. Since the early 1990’s the regulators have specified the solvency standard and exactly how to assess whether a company meets that standard. Asking insurers to make this determination themselves is a major shift in philosophy and responsibility.
Some companies have long been doing this anyway, but many have been relying upon the regulators and focusing more on what the rating agencies want in the way of surplus.
2. Looking Forward
Second, the ORSA takes a forward looking approach. Historically, solvency assessment has always been backwards looking. “Was surplus sufficient at the end of last year?” is the question that was typically asked. Now, with the ORSA, insurers need to look at solvency for next year or even the next several years into the future.
Who Should Prepare?
The ORSA comes into effect in 2015 according to the RMORSA model law that was adopted by the NAIC in 2012. Insurance groups with under $1 billion of direct premiums are exempted but single companies with more than $500 million of premiums are required to file an ORSA report with their home state insurance commissioner.
However, this exemption is not absolute. The model law gives the commissioner the authority to request an ORSA of any company and requires such assessment for particularly troubled companies regardless of size.
In addition, individual regulators who have been highly involved with the ORSA development process have suggested that once their peers have started to see the insights that they gain from a good ORSA report, they will be looking to have ORSA conversations with all insurers as a part of their quadrennial examination.
Preparing for the first ORSA report may take two to three years for a company that does not have any formal ERM program or risk evaluation system in place. For a company that has an ERM program and economic capital model in place, there still may be one to two years of work to fill out those programs to meet the broad requirements of the ORSA and to create the documentation that is expected to be backing up the ORSA report.
For insurers exempt from the formal ORSA filing requirements, a look at the NAIC ORSA guidance manual will be prudent. These firms may want to consider a much less formal internal ORSA process that puts them in position to immediately answer ORSA type questions during their next quadrennial exam.
Management and the Board are Now Involved
A major consideration in preparing for the ORSA is the management and board position on the company ERM program and risk model.
The ORSA, similarly to the Sarbanes-Oxley requirement on financial statements, requires management (not the company actuary) to submit their opinion on surplus adequacy and also requires that the board receive a copy of the ORSA report. For some companies, getting to full management buy-in on these topics will take significant time and discussion.
Boards will also need to be prepared. You would not want the board to be seeing all of the information contained in the ORSA report for the first time as it is on its way to the regulator.
No One Will Find ORSA Compliance a Walk in the Park
The heightened ORSA documentation requirements will come as a shock to insurers who have done ERM and economic capital modeling for some time without significant outside scrutiny.
In the summer of 2012, a committee of insurance regulators reviewed some voluntary ORSA reports. Their conclusion was that only about half of the reports submitted were likely to be ultimately seen as satisfactory. Those rejected were seen to lack the specificity of the satisfactory reports. Ultimately, the ORSA report submitted to the regulator is expected to be a summary of much more detailed materials that will be available for inspection by the regulators during the quadrennial exam.
So U.S. insurers need to start thinking about ORSA compliance needs now. Any failure to do so may result in not being able to comply with the January 1, 2015 deadlines for this new standard.