Special Report
NO29 2018

EIOPA made an important contribution to supervision and stability in the insurance sector, but significant challenges remain

About the report EIOPA, as one of the three European Supervisory Authorities (ESAs), has the mission of supporting the stability of the financial system and protecting consumers in the fields of insurance and occupational pensions. The insurance market with assets worth around two-thirds of the EU GDP is a significant part of the financial market in Europe. Its failure could negatively affect the real economy and consumers’ well-being. We examined whether EIOPA made an effective contribution to supervision, supervisory convergence and financial stability. For the latter we focused on the 2016 insurance stress test.

We concluded that EIOPA has made good use of a wide range of tools, although their design and follow-up should be improved. We found a number of systematic challenges with regard to supervision of cross-border businesses and internal models. They need to be addressed by EIOPA itself, by national supervisors and by legislators, particularly in the context of the ongoing ESAs’ review.

This publication is available in 23 languages and in the following format:
PDF
PDF General Report

Executive summary

I

The insurance industry accounts for a significant part of the EU financial sector. It manages assets valued at around two-thirds of EU annual GDP. Failure on the part of insurance companies could potentially disrupt the operations of the financial sector and negatively affect the real economy and consumers’ well-being.

II

The European Insurance and Occupational Pensions Authority (EIOPA) was established in 2011, following the reform of EU financial sector supervision after the financial crisis of 2007-2008. EIOPA acts as an independent advisory body to the European Commission, the Parliament and the Council.

III

EIOPA’s core responsibilities are to support the stability of the financial system, the transparency of markets and financial products, and to protect insurance policy holders. It also monitors potential risks and vulnerabilities in the sector. Its responsibilities come under four broad categories: regulation, supervision and supervisory convergence, financial stability and consumer protection.

IV

We examined whether EIOPA makes an effective contribution to supervision and financial stability in the insurance sector. In particular, we analysed EIOPA’s actions in the field of supervision and supervisory convergence (co-operation with National Competent Authorities (NCAs), their work on internal models and cross-border business), the 2016 insurance stress test as well as the adequacy of EIOPA’s resources and governance.

V

The audit primarily covered EIOPA’s supervisory activities between 2015 and 2017 as well as the 2016 stress test. The audit evidence came from visits to EIOPA and a documentary review on the spot, as well as meetings with the relevant Commission departments, the European Systemic Risk Board, NCAs, academic experts and stakeholders. The audit also took account of the results of two surveys.

VI

Our overall conclusion is that EIOPA has made good use of a wide range of tools to support supervisory convergence and financial stability. However, there are still significant challenges to be addressed by EIOPA itself, by national supervisors and by legislators, for example in the context of the European Supervisory Authorities’ (ESAs) and Solvency II reviews.

VII

EIOPA’s actions to ensure consistent supervision by NCAs were based on sound analysis and, for the most part, had a comprehensive scope. EIOPA identified through its work important weaknesses in the way the NCAs work and regularly monitors the developments. However, EIOPA has no systematic arrangement for following up its recommendations.

VIII

We found that the current legal framework for supervising cross-border business in the EU feature systemic weaknesses and create a situation where supervision depends on the legal form of a business rather than its nature. This results in the wrong incentives for both supervisors and insurers, which take advantage of a lower level of supervision in certain Member States. EIOPA made an effort to deal with the resulting problems, but was not in a position to overcome the systemic weaknesses and achieve supervisory convergence.

IX

Insurance companies use internal models so as better to adjust risk assessment to their business and ease their capital requirements. There are significant differences in how strictly NCAs supervise internal models. EIOPA attempted to improve supervisory convergence in this area. This was not fully effective due, among other reasons, to limitations in access to information placed by NCAs.

X

In 2016, EIOPA carried out a stress test to assess how the insurance sector would react to adverse market developments, in particular to a prolonged period of very low interest rates and an asset price shock. A number of companies proved vulnerable to such circumstances, as their solvency would have worsened significantly. The scope of the stress test was appropriate and the scenarios identified the main risks for the sector. However, we found shortcomings in their calibration. In particular, EIOPA was unable to justify the strength of one of the scenarios in a sufficiently detailed manner.

XI

Following accurate validation of the data, EIOPA mostly presented the results of the stress test in an appropriate manner. Because of its legal mandate, there was no company-level publication. Recommendations issued after the stress test were sometimes too general, although EIOPA made efforts to follow up the extent to which NCAs implemented them.

XII

In all its activities, EIOPA relies largely on co-operation with NCAs, but it does not always receive their full support. NCAs have a decisive say in EIOPA’s main governing body, which means that they are in a position to decide the scope of EIOPA’s action to review their own effectiveness. EIOPA has not yet accomplished a shift from regulation to supervision. With only 20 staff members working on oversight issues and a further seven on related topics, EIOPA is faced with a real challenge in terms of carrying out the broad range of complex tasks for which it is responsible.

XIII

We recommend that for improving the efficiency and effectiveness of EIOPA’s actions, EIOPA should:

  1. better focus and follow up its supervisory tools in a systematic way;
  2. co-operate with the Commission and the co-legislators to address systemic weaknesses in the supervision of cross-border business;
  3. co-operate with the Commission and the co-legislators to address limitations on access to information about internal models and provide NCAs with more support on how to supervise them;
  4. further improve the soundness of stress test scenarios;
  5. issue more specific and relevant recommendations to the NCAs after the stress test;
  6. promote the publication of stress test results at company level;
  7. ensure that the stress test methodology is more transparent; and
  8. strengthen human resources assigned to supervision.

Introduction

The insurance market in the European economy

01

With assets worth more than two thirds of the EU annual GDP and market penetration that differ across Member States (see Figure 1), insurance accounts for a significant proportion of the financial sector. It contributes to economic growth and financial stability by taking on risks and mobilising savings. Given their important role, the failure of insurance companies can disrupt the provision of financial services and the economy at large, and so negatively affect consumers.

Figure 1

Insurance penetration in Europe (share of premiums in GDP)

Source: ECA, based on EIOPA’s Financial Stability Report 2018.

02

One of the key challenges for the insurance market today is low interest rates. Insurers, especially in the life business, which accounts for 65 % of the EU insurance market, face significant problems earning the interest rate guaranteed for products sold in previous years. Therefore, life insurers’ business models are currently undergoing far-reaching changes, one consequence of which is additional risk-taking. Furthermore, digital technologies and greater use of big data have significantly re-shaped the insurance market (Fintech), creating not only opportunities for business but also a number of new challenges and risks for clients.

03

From a regulatory perspective, a key development for insurers was the application of the Solvency II framework in January 2016. Solvency II is the first harmonised EU legal framework concerning the taking-up and pursuit of the business of insurance and reinsurance. It covers also insurance supervision and aims at ensuring a fair level playing field within the Single Market. It defines how much capital companies need to hold in order to cover their risk, as well as risk-management, governance and reporting requirements.

EIOPA as part of the European system of financial supervision

04

The European Insurance and Occupational Pensions Authority (EIOPA) was established in 20111 as part of reforms to the way the EU’s financial sector is supervised, in response to the financial crisis of 2007-2008. EIOPA acts as an independent advisory body to the Commission, the Parliament and the Council. It is active in the fields of insurance companies, reinsurance companies, intermediaries and institutions for occupational pension provision.

05

EIOPA is part of a European System of Financial Supervision (ESFS) that comprises three European Supervisory Authorities (ESAs): one for the banking sector (the European Banking Authority – EBA), one for the securities sector (the European Securities and Markets Authority – ESMA), and one for the insurance and occupational pensions sector, as well as the European Systemic Risk Board (ESRB). The rationale for setting up the ESAs was to ensure closer cooperation and exchanges of information between national supervisors (also called National Competent Authorities – NCAs), to facilitate the adoption of EU solutions to cross-border problems, and to advance the consistent application and interpretation of rules.

06

EIOPA’s core responsibilities are to support the stability of the financial system, the transparency of markets and financial products, and the protection of insurance policyholders, pension scheme members and beneficiaries. EIOPA is commissioned to monitor and identify trends, potential risks and vulnerabilities stemming from the micro-prudential level, across borders and across sectors. To this end, EIOPA has responsibilities that come under four broad and interrelated categories: regulation, supervision and supervisory convergence, financial stability, and consumer protection (see Table 1). Following finalisation of the work on the main legislative framework for the insurance sector and the need to ensure its effective implementation, EIOPA intended to shift the strategic focus of its work from regulation to supervision. In this audit, we focus on supervision and supervisory convergence, which is key for consumers, and the stress test, falling under the objective of ensuring financial stability.

Table 1

EIOPA’s responsibilities

Field of responsibility EIOPA’s role
Regulation Drafting technical standards which are subsequently endorsed by the Commission, and discussing any changes made.

Advising the Commission in areas where it has the power to adopt delegated acts relating to EU work.
Supervision and supervisory convergence Facilitating and coordinating NCAs in their supervisory activities in order to establish consistent, efficient and effective supervisory practices within the ESFS, and to ensure the common, uniform and consistent application of EU Law.
Financial stability and crisis management Contributing to the work of the ESRB’s macro-prudential supervision by submitting data and reports.

Conducting stress tests for the insurance and pensions sector, and ensuring coordinated crisis prevention and management, as well as maintaining financial stability in times of crisis.
Consumer protection and financial innovation Protecting consumers from excessive risk-taking when buying/investing in financial products by drafting regulations, monitoring market trends, improving the information available etc.

Prohibiting financial products if they pose a risk to financial stability in the EU; analysing and reporting on new financial innovations/products on the market.

Source: ECA.

ESA reform process

07

As the nature of challenges in the financial markets is evolving, the Commission proposed a package of reforms in September 2017 to strengthen the ESFS. The overall aim was to improve the mandates, governance and funding of the three ESAs, as well as the functioning of the ESRB. A number of the Commission’s proposals would be directly applicable to EIOPA, such as creating an independent Executive Board (to be in charge of case-by-case decisions and certain supervisory matters), strengthening EIOPA’s role in validating internal models, and enhancing its available tools to foster supervisory convergence.

08

The Commission’s proposals for changes in EIOPA’s legal framework will now follow the standard legislative process, including discussion in the Council and the Parliament. The expectation is that the amended legal acts will be adopted in 2019. Our audit may usefully contribute to this debate.

Audit scope and approach

09

The audit examined whether EIOPA effectively contributed to supervision and financial stability in the European insurance sector. The focus of the audit reflected the recent shift in EIOPA’s priorities from regulation to supervision. We addressed in particular the following areas:

  1. EIOPA’s actions in the field of supervision and supervisory convergence; our review included a sample of instruments used by EIOPA (Parts I, II and III);
  2. the stress test for the insurance sector carried out in 2016 (Part IV); and
  3. horizontal aspects crucial for the effectiveness of all EIOPA’s actions (the use of legal instruments to ensure compliance with EU law, the adequacy of human resources, and the appropriateness of the governance structure; Part V).
10

EIOPA’s activities in supervision and supervisory convergence cover in practice three broad areas: (i) fostering supervision by national authorities, (ii) ensuring adequate supervision of cross-border entities, and (iii) internal models. For the sake of clarity, we discussed these topics in three subsequent parts of the report (I, II and III), but they contribute jointly to our assessment of EIOPA’s work in the field of supervision and supervisory convergence. In the field of financial stability, we focused on the stress test for the insurance sector, given its importance for identifying future risks in the market.

11

The report did not cover the work of the NCAs (which work closely with EIOPA in all its activities). The ESRB, which was involved in designing one of the stress test scenarios, was not an auditee, as responsibility for and ownership of both scenarios remains with EIOPA. As the audit focused on the insurance market, it did not include EIOPA’s activities in the occupational pensions sector.

12

The audit covered EIOPA’s supervisory activities that took place primarily in 2015-2017, and the stress test of 2016 (including the lessons learned from the previous stress test in 2014). For each audited activity, we selected the cases/files for review in such a way as to ensure that the sample is representative of EIOPA’s work and features a diverse range of typical problems.

13

The main audit work involved visits to EIOPA and reviews of documents on the spot. We also collected evidence at information-gathering meetings and video conferences with the relevant Commission departments, the ESRB, NCAs, academic experts and stakeholders (consumer and business associations). The results of two surveys further informed the audit:

  1. the first was sent to all NCAs in the EU’s Member States and concerned overall co-operation with EIOPA (supervision and stress testing). 24 out of 28 NCAs responded;
  2. the second was sent to a sample of insurance companies and concerned the stress test. 35 out of 66 companies responded.

Observations

Part I - EIOPA’s actions to ensure consistent supervision by NCAs are sound, but lack a systematic approach to follow-up

14

Under its objectives to contribute to better and more consistent supervision across EU Member States, EIOPA engages in a number of activities to facilitate and co-ordinate the work of national supervisors (NCAs). By doing so, EIOPA envisages a European supervisory culture, meaning a common understanding of the way supervisors think, behave and work within their community. This means a level playing field for insurance companies across Europe and a similar level of trust for consumers that their insurance companies comply with regulatory requirements.

15

As far as the co-ordination of NCA work is concerned, our audit looked at three main instruments serving the purpose of supervisory convergence: structured dialogue with NCAs (with spot/country visits as a key component), the supervisory handbook and peer reviews (see Figure 2). The handbook and peer reviews were co-ordinated by EIOPA, though the work was carried out in very close co-operation with NCAs. The reviewers delegated by NCAs provide most of the content and peer assessments. In addition to the audited ones, EIOPA applied a number of other instruments2, both as directly set out in the founding Regulation and on its own initiative.

Figure 2

EIOPA’s tools for ensuring consistent supervision

Source: ECA.

EIOPA identified significant weaknesses in supervision quality

16

By means of structured dialogue with the NCAs, EIOPA has identified a number of weaknesses in critical aspects of insurance supervision (see Figure 3). The peer reviews also revealed important areas where NCAs should improve their supervisory practices (see Annex I). EIOPA’s assessments show that NCAs’ approaches to supervision often diverged in terms of how intrusive, risk-based and forward-looking they are. This means that a given practice by an insurance company (e.g. in the field of risk management) could be accepted in one Member State but challenged in another. As part of the structured dialogue process, NCAs responded to the findings of EIOPA’s reports. However, EIOPA did not systematically analyse the responses and did not provide a comprehensive written feedback to NCAs.

Figure 3

Areas with identified weaknesses in supervision by NCAs

Source: ECA, based on EIOPA’s findings.

EIOPA’s recommendations reflect the weaknesses identified, but lack follow-up

17

In view of the weaknesses identified, EIOPA recommended actions for specific NCAs. In the case of structured dialogue, EIOPA made more than 30 recommendations for each NCA in our sample without any form of prioritisation. Peer reviews resulted in a significantly smaller number of recommendations. Although the recommendations were clear, they were sometimes general and not suited to the NCAs’ specific situations.

18

EIOPA has made no provision for systematically following up the implementation of recommended actions either for structured dialogue or for peer review. As a result, EIOPA has no overview of whether NCAs have taken its recommendations on board. However, it has made an effort to follow up some specific issues on an ad hoc basis (e.g. during subsequent visits to NCA or through informal contacts; there was also one specific follow-up peer review) and could demonstrate some specific improvements in NCA practices and governance (see Box 1).

Box 1

Example of EIOPA’s impact on the work of NCAs

Following EIOPA’s assessments and advice, one EU NCA:

  • changed its decision-making by merging some departments and boosting data capability to strengthen its analytical capacity;
  • shifted internal priorities towards supervising cross-border business.

The underlying work was mostly thorough and comprehensive, but the processes were time-consuming

19

Despite the complexity of the area covered, the structure and clarity of EIOPA’s work in the field of supervision and supervisory convergence was generally good and was based on sound analysis and methodology. EIOPA staff prepared their visits to individual countries by collecting a broad range of documents and information, including a questionnaire to be filled in by NCAs. This enabled the scope of the visits to be customised in the light of the specific problems encountered by individual NCAs. Peer reviews were based on detailed methodology specifying all steps to be followed by the reviewer. However, the guidance that participants were given sometimes lacked a structured approach and project-related specifics.

20

The specific topics covered by EIOPA’s supervisory work were broad and relevant. The scope of the tools ensured a comprehensive approach, but sometimes meant that the most important issues were not sufficiently prioritised. The scope of the handbook was decided by the Steering Committee and covered all major relevant areas, although some NCAs identified a few gaps (see Figure 4). These related to important aspects of supervision, as actual convergence requires not only common principles, but also a coherent approach at technical level.

Figure 4

NCAs’ views on the scope of EIOPA’s tools

Source: ECA survey.

21

EIOPA missed an opportunity to achieve more synergy by collecting best practices and targeting its advice in the area of conduct supervision by means of structured dialogue with NCAs and peer reviews, because they focused exclusively on prudential supervision3. We note, however, that EIOPA has dedicated tools in place in the field of conduct supervision.

22

EIOPA has developed supervisory tools regularly, and launched most of them by 2014. However, EIOPA finalised the supervisory handbook only in April 2018, i.e. four years after the start of the project (excluding the preparatory phase) and over two years after the implementation of Solvency II, which it is supposed to support. The time needed to complete peer reviews ranged from 14.5 months to two years, which is long, but reflects complexity of the topics. However, the NCAs found the duration problematic, as it required them to make long-term commitments for staff participating in the reviews.

Part II: Systemic weaknesses in the current supervisory system for cross-border business remain, but EIOPA made an effort to protect policyholders

23

The supervision of cross-border insurance groups in the EU is structured through colleges of supervisors. The colleges are supposed to ensure adequate supervision through exchanges of information and cooperative supervision by all NCAs concerned. The college is led by the home supervisor, which supervises the headquarters of the insurance group. The other NCAs are known as host supervisors. There are currently 88 colleges established within the EU.

24

EIOPA is a member of all colleges. Its role is to ensure that EU law is consistently applied and that colleges function consistently. Furthermore, EIOPA is also supposed to facilitate a common supervisory culture and prevent regulatory arbitrage4. The De Larosière Report5 identified these objectives as crucial for the Single Market.

Set-up of the college system creates wrong incentives for insurers and supervisors

25

Although insurance services in the past were mainly provided by subsidiaries established in the relevant country, many insurers have started to provide more cross-border services via branches or in a direct capacity (based on the Freedom of Establishment or respectively Freedom of Services envisaged under the Single Market). In 2016, 750 insurers provided business worth 59 billion euros to other European Economic Area (EEA) Member States without a local subsidiary (see Figure 5). While cross-border business allows insurers to reduce their administrative and regulatory burden, the current system creates the wrong incentives for insurers and supervisors.

Figure 5

Share of received cross-border business as a percentage per Member State

Source: EIOPA.

26

Under the current college system, supervision is determined by the legal structure of the group rather than the nature of the business. Thus, a college needs to be established for a very small insurance company with a subsidiary in another Member State, although such resource-intensive supervision via a college would not be necessary. By contrast, for large international insurance groups, which provide cross-border services without subsidiaries, there are no colleges, even if it would be essential for ensuring adequate supervision and financial stability (see Figure 6).

Figure 6

The supervisory arrangements differ, depending on an insurer’s structure

Source: ECA.

27

This leads to a situation where NCAs supervise business in other Member States without having to bear the consequences of poor supervision, because it has no impact on the home market. They also often lack sufficient knowledge of national specifications and laws. Furthermore, the Member State in which the service is provided needs to rely fully on the supervision of the home supervisor of the insurer without exerting influence over the supervision process. This system has not been designed to supervise a Europe-wide market in a way that is effective and based on EU citizens’ interests. Several NCAs confirmed that the current supervision of cross-border business and cooperation is unsatisfactory (see Box 2).

Box 2

NCA view of cross border supervision

“Supervision of cross-border groups really improves the level of consumer protection across EU countries. However, […] the current set-up does not yet ensure the same quality of supervision by and cooperation between supervisors for groups, which provide a significant proportion of their business via freedom of establishment or the freedom to provide services, as is the case for groups, which have activities within subsidiaries.”

28

We found that a number of problems were attributable to systematically wrong incentives. For instance, several NCAs prioritised their supervision based on factors such as the “impact on national financial stability”. Consequently, insurance companies with a large share of cross-border business were a low priority for supervision. This means that insurance companies had every incentive to use regulatory arbitrage by moving to Member States that have adopted such an approach, and then concentrate on cross-border services (see Box 3).

Box 3

Actual example of regulatory arbitrage and the impact of EIOPA’s action

Several NCAs approached EIOPA about an insurance company that was doing cross-border business in their markets but offering unusually low premiums and showing evidence of fast growth. As the home supervisor chose to not to focus its supervisory activities on cross-border business, it did not regard the insurance company as a priority. Following EIOPA’s intervention, the home supervisor found that the insurance company was not viable, was in a distressed financial position and did not fulfil its capital requirements. As a result, the company’s authorisation for new business was withdrawn.

29

Furthermore, we found that the way business is done also has direct implications for consumer protection in the event that an insurer fails. Europe’s Insurance Guarantee Scheme system is currently fragmented, leading to a situation where consumers are not informed about their level of protection when they buy cross-border insurance services (see Box 4). Consumers are not necessarily aware that they are buying an insurance product from a subsidiary, branch or company without a physical presence in their own Member State.

Box 4

Example of the impact on consumer protection

As Insurance Guarantee Schemes (IGS) differ from country to country, a consumer buying life insurance from the branch of one European company in a different EU Member State is protected by the national IGS, which is mandatory in the company’s country of origin. However, the same consumer buying identical insurance from the subsidiary of the same company in another EU Member State is not protected under the country of origin’s IGS.

EIOPA responds by developing ad hoc tools to protect consumers but supervisory convergence remains a challenge

30

In view of the risks and challenges posed by the current system of supervision for cross-border insurance business, EIOPA has made efforts to protect consumers by establishing cooperation platforms. EIOPA set up the platforms, in the absence of colleges, under its mandate to promote effective exchanges of information between NCAs and ensure effective and consistent supervision. Since 2016, EIOPA has established 13 cooperation platforms, both on its own initiative and in response to requests from NCAs. They operate in a similar way to colleges.

31

We found that EIOPA’s platforms provided a helpful ad hoc solution to tackling problems arising from cross-border services. In several cases, EIOPA helped to facilitate between NCAs and successfully pushed for solutions. For instance, EIOPA asked the home supervisor to answer a set of questions about insurers that displayed typical risk indicators (see Figure 7). This ensured that the insurer’s situation is subject to an assessment.

Figure 7

Typical risk indicators and questions for identifying non-viable business

Source: ECA.

32

The platforms then created peer-pressure for the home supervisor, meaning that it felt obliged to take adequate supervisory action in view of the information that is available. This measure ensured that consumers were protected. However, in the absence of a robust legal mandate in the area of cross-border services, EIOPA had to rely on NCAs’ actual willingness to cooperate.

EIOPA played a helpful role in several colleges of cross-border groups, despite limited co-operation by NCAs

33

EIOPA is responsible for ensuring that colleges functioning consistently. We found that EIOPA prioritised its attendance at and contribution to colleges on the basis of comprehensive and well-established criteria. Prioritisation considered various factors, including the size and risk of the insurance group, the size and experience of participating NCAs, and the outcome of the joint risk assessment. Since the introduction of Solvency II in 2016, EIOPA has attended 100 college meetings. However, it has never attended 23 other colleges (see Figure 8). Scarce resources (see paragraph 86) also explain this result.

Figure 8

EIOPA’s attendance of college of supervisor meetings in 2016 and 2017

Source: ECA.

34

Furthermore, EIOPA’s level of engagement in the colleges it attended varied significantly. For example, it added significant value to some colleges by providing detailed input for discussion and feedback reports. In view of its priorities, EIOPA did not provide comparable added value to some other colleges because it restricted itself to administrative and horizontal support.

35

To support colleges and enhance supervisory convergence, EIOPA requested from NCAs the insurers’ Own Risk and Solvency Assessment (ORSA) reports. The ORSA report is an elementary instrument of insurance supervision and defines insurers’ risk appetite, analyses the available risk capital, and decides it will be allocated. It is therefore a key forward-looking tool that should be used for pro-active supervision. We found that although EIOPA made an effort to obtain ORSA reports, it did not always receive them. Some ORSA reports were provided only after a lengthy, bureaucratic process, entailing legal justification and high-level intervention. The limited and burdensome provision of ORSAs restricted EIOPA’s instruments for supporting supervisory convergence and was detrimental to efficient use of its resources.

36

In the course of its college work, EIOPA identified many issues within colleges and insurance groups, such as the following:

  1. Some NCAs did not share important documents such as the ORSA report with other members of the same college. EIOPA supported these members in obtaining helpful documents but was not always successful. The absence of important information for college members showed a lack of trust between some NCAs and hampers effective group supervision.
  2. Significant valuation mistakes and major deficiencies in risk management by insurance groups were found, and it was recommended that the NCAs should tackle them. Although EIOPA did make an effort to support colleges and facilitate adequate supervision, it did not comprehensively follow up issues that had been identified.

Part III - Lack of convergence in internal model supervision, despite first steps made by EIOPA

37

Based on the Solvency II framework, aiming to protect consumers and ensure financial stability, insurers in Europe are required to calculate their individual risks. For these risks, insurers need to hold sufficient risk-absorbing capital (see Figure 9) to ensure that they can provide compensation for claims. Insurers can either calculate their capital requirements with a given standard formula or use a so-called internal model. While the standard formula is the default option, insurers need to seek authorisation for any internal model they would like to use. NCAs must only authorise internal models, which fulfil several legally defined requirements and are therefore suitable for calculating risks in an adequate way. While overestimation of risks can lead to premiums, which are not competitive, underestimation can compromise the protection of policyholders and financial stability.

Figure 9

The basics of capital requirements for insurers

Source: ECA.

38

Internal models are very complex and give insurers significant discretion in calculating their risks. This includes expert judgements and reliance on internal historical data. Consequently, internal models supervision requires extensive resources and expertise within NCAs. Due to their impact on the protection of policyholders and financial stability, and the challenges they pose to supervisors, internal models are a crucial area, where EIOPA must facilitate supervisory convergence across Member States. Inconsistent supervision, leading to regulatory arbitrage and therefore distortion of fair competition, can have severe adverse consequences.

Convergence in the area of internal models remains very limited

39

One of EIOPA’s key tasks is to ensure that insurers and supervisors apply the rules consistently across the EU including internal models. To achieve it, EIOPA attended college meetings when internal models were discussed, visited NCAs to assess the supervision of internal models and acted as facilitator between NCAs. Despite EIOPA’s efforts, we found several problems, proving a persistently low level of supervisory convergence in this area.

40

Authorising and supervising internal models is extremely resource-intensive6. To achieve similar supervision within the EU, it is important that NCAs have sufficient resources to fulfil such a challenging task. However, NCAs stated that they have very different levels of staff for supervising internal models and EIOPA confirmed this during its visits. EIOPA found that several NCAs had insufficient resources and expertise to supervise internal models adequately, which highlights the importance of EIOPA’s work in this area.

41

EIOPA found that supervisory culture and the application of common rules still varies greatly within the EU. NCAs applied very different levels of strictness when authorising internal models. For instance, several NCAs did not clearly communicate unacceptable modelling practices to insurance companies. In other cases, NCAs applied very strict authorisation requirements. We found that some supervisors tried to protect local insurers through lower capital requirements, while others request stronger supervision and higher capital requirements.

42

In another case, the supervision of an internal model should have been transferred from one NCA (country A) to another (country B) in order to cover the whole group. However, the supervisor in country B required the insurance company to improve its internal model significantly before it could be authorised for use in their market. However, the internal model had already been authorised by the supervisor and applied in country A. The case illustrated different standards and approaches for approving internal models. EIOPA tried to facilitate between the two supervisors but no agreement could be reached. In the end, the internal model remained operational in country A only.

EIOPA made an effort to enhance convergence through consistency projects

43

To follow up on some of the recurring risks and inconsistencies in supervisory approaches, EIOPA organised consistency projects with a view to tackling five key areas (see Table 2). As all of these areas could lead to inadequate estimation of insurers’ risks, we believe that EIOPA defined the scope of the consistency projects appropriately.

Table 2

Key inconsistencies identified and follow-up

Different approaches between NCAs were identified regarding… Followed up by EIOPA through…
modelling of the volatility adjustment* Consistency project
treatment of sovereign risk Consistency project
aggregation of risks Not yet followed up
expert judgements Not yet followed up
model changes NCA visits

*Reduces the impact of market volatility on the capital to be held.

Source: ECA.

44

Through its consistency projects, EIOPA confirmed that the NCAs had fundamentally different supervisory approaches in approving some methods used in the internal models by insurance companies. The different methods had a material impact on the overall risk calculated by the insurer, but EIOPA was not able to quantify it. In general, EIOPA has no data on the impact of internal models when compared with the standard formula, although this would be essential for adequate supervision.

45

EIOPA reported in detail on the issues identified. Although it used further tools (e.g. opinions) to ensure consistency, EIOPA did not always achieve it. For instance, EIOPA still allows different methods to model volatility adjustment. However, it required NCAs to ensure that neither method results in lower capital requirements.

46

EIOPA also carried out a special consistency project on the modelling of market risk. This is one of the many risks assessed by internal models. EIOPA asked insurers to use their internal models to calculate the risks for a realistic virtual portfolio as defined by EIOPA. The outcome allowed different internal models to be compared directly for the first time. The project revealed some fundamental weaknesses in the internal models operated within the EU. For instance, questionable interest rate expectations were used to reduce the expected risks. In addition, EIOPA considered the extreme variation of estimated risks through different internal models for the same assets as unacceptable.

47

We found that EIOPA’s projects provided NCAs with essential insights into supervised internal models and helped to improve convergence. However, they revealed that internal models in the insurance sector bear significant risks and that the knowledge about the impact of internal models is insufficient.

EIOPA does not have sufficient access to data on internal models to perform oversight

48

As of June 2018, in the EEA, there were 212 internal models authorised by 17 different NCAs (see Figure 10). Given its shortage of resources, EIOPA decided to prioritise by focusing its direct assessments on the five largest insurance groups with an internal model. These groups accounted jointly for 47 % of all assets covered by internal models in the EEA. In 2015, EIOPA started to request full information about these models from the respective NCAs.

Figure 10

Scope of EIOPA’s internal models team involvement

Source: ECA, data as of June 2018.

49

Given the NCAs’ reluctance to provide information, EIOPA took a pro-active approach through extensive exchanges of communication for over three years. In particular, EIOPA provided written legal justification as to why it requires the information in order to fulfil its tasks. Our survey shows that one of the underlying reasons for the NCAs’ refusal to provide information was diverging interpretations of EIOPA’s mandate in the field of internal models. As the survey explicitly stated, at least two NCAs believe that EIOPA currently goes beyond its mandate. By contrast, several NCAs would like EIOPA to perform significantly more work on internal models and believe that it does not sufficiently fulfil its mandate in this crucial area.

50

Despite a pro-active approach, EIOPA has not received sufficient information about any of the five largest internal models that it prioritised for its work. Consequently, EIOPA did not have a full understanding of the models and was unable to carry out the intended assessments. The lack of access to information significantly impeded EIOPA in performing its tasks. On the other hand, in 2016 one NCA provided EIOPA with all information on the internal model for a large insurance group. Although this would have been an opportunity to assess a first internal model, EIOPA decided not to provide support to the NCA, explaining that the specific case was not among its priorities. Thus, EIOPA has still not assessed any internal model in detail.

Part IV - EIOPA did reliable work to conduct the 2016 insurance stress test, but we found shortcomings in its design and recommendations

51

According to its founding regulation, EIOPA is responsible for conducting regular Union-wide stress tests in order to assess the resilience of financial institutions to adverse market developments. EIOPA insurance stress tests aim at financial stability and the protection of policyholders, and are organised biennially (interchangeably with the pension funds stress test). The EIOPA stress test is not a “pass or fail” exercise for individual participants, their results do not prompt specific regulatory action. We focused on the 2016 stress test, which assessed the vulnerability of insurance companies that were active in life and other long-term business. In line with its initial timetable, EIOPA launched the exercise in May 2016 and published the results on an aggregated basis, including recommendations for NCAs, in December 2016.

The scope of the stress test and the identified risks were appropriate, however, the scenarios used had shortcomings in calibration and justification

52

In the 2016 stress test, the sample comprised 236 individual companies from 30 countries7, offering both traditional life and composite (life and non-life) business. The NCAs sampled the companies, based on the criteria provided by EIOPA in the technical specifications. The sample was representative of each national market and covered at least 75 % of the relevant business, in line with the assumptions of the stress test. The 2016 stress test was conducted at legal entity (individual company) level, and so did not include potential diversification and re-insurance benefits stemming from group level.

53

For the 2016 stress test, EIOPA identified persistently low risk-free rates and volatility in equity markets as a main concern for the viability of the insurance sector. This was in line with regular risk assessments by EIOPA, the ESRB and insurance companies, as our survey confirmed (see Figure 11). Focusing on the risks considered in the stress test meant that other, insurance-specific factors (e.g. longevity, pandemics or natural catastrophes) were omitted, but this was justifiable given the first year of Solvency II implementation, which posed a challenge for insurance companies.

Figure 11

Risks in the insurance sector and scope of the stress test

Source: ECA survey.

54

Considering the focus on market risk, the choice of the long-term insurance business was appropriate. The low-yield environment hits life insurance business particularly hard, as it typically has long-term obligations towards policyholders and struggles to earn the interest rates guaranteed in the past. The choice to use a market shock was relevant, given insurers’ significant role as institutional investors, and hence their impact on the stability of the financial market as a whole.

55

The 2016 stress test included two scenarios, “Low Yield” and “Double Hit”, which accurately reflected the risks identified by EIOPA as key for the insurance sector (see Annex II for main parameters and assumptions). To create the Low Yield scenario, EIOPA used its own capabilities and made specific discretional assumptions, while the Double Hit scenario was set up in cooperation with the ESRB, which derived the shocks from the financial shock simulator tool, capturing historical dependencies in the data.

Low Yield scenario
56

The starting point for this scenario was a low risk-free yield curve for different maturities (up to 20 years for the euro), which EIOPA derived by identifying the lowest rates actually observed in the market over a period of two years. We estimate the probability of such an event to be at least 3 %, or much higher than the usual threshold of 1 %8. Therefore, the probability is too high to consider this element alone as severe enough. The second element of the scenario was an additional stress applied to the yield curve (a downward shift of 15 basis points - bp). In addition, to calculate the value of the liabilities of insurers in the very long term, EIOPA used the so-called Ultimate Forward Rate (UFR), set at 2 % to reflect the assumption of persistently low yields. The two latter elements (a 15 bp downward shift and the UFR) decrease the probability of the scenario but it is not possible to estimate to what extent. However, the strength of these two elements alone was limited, as they were fairly close to the market situation at the time9.

57

While most of the NCAs participating in the survey considered the scenarios well-calibrated, some of them shared the aforementioned concerns about the severity of the Low Yield scenario (see Figure 12). EIOPA did not attempt, even for the purposes of internal analysis, to quantify the probability of the initial (liquid) part of the curve. It also did not provide any other sufficiently detailed justification for the soundness of the overall scenario.

Figure 12

Stress test participants on the severity of the Low Yield scenario

Source: ECA survey.

58

The stress level for currencies other than the euro was derived using an assumed multiplier of the euro curve. However, EIOPA did not use this method fully appropriately, because it did not consider the dependence between interest rates for various currencies during the reference period.

The Double Hit scenario
59

The Double Hit scenario assumed falling interest rates and a market shock, reflected as a rapid increase in yields on sovereign and corporate bonds and a drop in prices on equity and other asset classes. The ESRB estimated the probability of the two main triggering events at 0.50 % for swap rate shocks and 0.75 % for a government bond yield shock. The scenario was strong enough, as it combined a severe stress on the asset side of the balance sheet with an element of swap shock added to stress the liability side.

60

The plausibility of the Double Hit scenario depended heavily on the set of historical data used in the financial shock simulator. It contained dependence between different relevant economic variables and was based on 11 years of historical data (2005-2015). However, the selected period, even if it covered two recent crises, was too short to warrant stress level that was strong enough for all countries across Europe (see Box 5).

Box 5

Example of NCAs’ views of the Double Hit scenario

“Regarding the calibration of the market scenarios, the shocks on government bonds were not equally distributed across countries, leaving some countries almost without shock.”

61

For instance, the stress level was lower for Bulgaria’s 10-year bond yield (an increase of 111 bp compared to the baseline) than for Belgium’s (116 bp) or Croatia’s (155 bp). Furthermore, we noted that the stresses were relatively low for Slovakia and the UK (with, respectively, 95 bp and 94 bp for their 10-year bond yield, compared to an average stress of 121 bp). If the historical sample were longer (e.g. 20 years), the results would be more robust and possibly return cases with higher stress for some countries.

62

While the Double Hit scenario defined specific stress levels for some asset classes held by insurance companies outside the EU, it left the stocks held in these countries unstressed. Stressing stocks held outside the EU is highly relevant for the plausibility of the stress test, given that a downward movement of the stock market in the EU is not isolated from other stock markets worldwide (in times of crisis, the dependence between stock markets goes up to 90% correlation). Therefore, it is necessary to include the shocks on stocks outside the EU as well, instead of confining the risk only to the EU.

Justification and communication
63

Considering that important elements of the stress test were discretional, EIOPA did not make sufficient efforts to justify them in a transparent manner. In the technical specifications, EIOPA did not clearly explain how it derived the scenarios, or how it arrived at the assumptions underlying them. This was supported by some NCAs and industry representatives (see Box 6). To some of the latter, it was also unclear whether the scenarios represented a shock that is similar to or more severe than the one required under the Solvency II regime. This led to some incorrect interpretations of the nature of the stress test. EIOPA did not make it entirely clear, for example by explaining why and how they differ from the Solvency II regime.

Box 6

Examples of difficulties faced by industry and NCA with regard to justification for scenarios

“The calibration of the stresses by EIOPA was not clear to us and therefore we were unable to assess the severity of the stress.”

“Technical specifications left leeway for interpretation about some items: this meant that the results were not fully comparable.”

EIOPA accurately validated and aggregated the data

64

The data validation process for the stress test run in three rounds: one at national level, conducted by NCAs, and two at central level, carried out by the validation team, composed of EIOPA and NCA staff. EIOPA developed an Excel validation tool to analyse and aggregate data. This proved useful in the process of data validation as it helped to harmonise the NCAs’ different approaches. Overall, EIOPA carefully analysed the data that insurance companies had provided and clearly pointed out any inconsistencies, although the ultimate decision-makers on data reliability were NCAs.

65

Our checks on data aggregation showed that EIOPA accurately computed the overall results of the stress test. However, the aggregation included companies whose product portfolios – and, hence, their risk profiles – were highly diverse (see an example in Figure 13). This was an inherent feature of the sample, but EIOPA did not attempt before aggregation to classify companies according to their products, a step which would add value to the interpretation of results10. In this respect, EIOPA carried out only ex-post analysis with the aim of identifying the drivers behind the different stress sensitivities.

Figure 13

Example of two sampled companies with different risk exposure

Source: ECA.

EIOPA presented relevant results which showed the vulnerability of the sector

66

The results of the stress test confirmed that the life insurance sector was vulnerable to the low interest environment and a sudden market shock, which could have an impact on financial stability as whole. Under the Low Yield scenario, the excess of assets over liabilities in the balance sheets of participating companies would shrink by 100 billion euros (-18 %). Under the Double Hit scenario, the overall hit on the companies would amount to 160 billion euros (-29 %). This meant that 44 % of insurers would lose more than a third of their excess in assets over liabilities, and 2 % would lose everything. The impact of both scenarios would be significantly greater if the so-called long-term guarantee (LTG) and transitional measures11 were excluded (under the Double Hit scenario, 31 % of companies would not maintain any excess of assets over liabilities).

67

Overall, the stress test report was comprehensive and supported by relevant figures and graphs. As regards indicators, the report presented the results expressed as an excess of Assets over Liabilities. For analytical purposes, however, it would be more relevant to use the capital requirements as they are defined in Solvency II. This would demonstrate the actual impact on solvency positions, and establish whether capital requirements were still met after the stress test. We note, however, that re-calculating these ratios was not intended by EIOPA as it would be technically very challenging and complex, and would require insurance companies to provide significantly more detailed information than was requested of them in 2016.

68

The results of the 2016 stress test were published only on aggregated basis to form an opinion on the resilience of the life insurance sector. Unlike the EBA, EIOPA does not have a specific legal mandate to publish the results for individual companies. To do so, EIOPA needs to obtain written consent from participants, which it did in the 2018 stress test. This was a step in the right direction, considering the aim of the stress test – i.e. to restore confidence. In this sense, transparency – as regards both the methodology applied in the stress test and its results – is crucial. Disclosure about individual companies could help to raise awareness of risks and so enhance market discipline.

Some of the recommendations were too general and did not propose specific action

69

Following the stress test, EIOPA made three broad recommendations to the NCAs, which contained a number of measures they could take. However, many of these suggestions were very general in nature and did not lead to specific action aimed at ensuring financial stability. For instance, the suggestion to “align internal risk management processes to the external risk faced” merely expresses any company’s overall goal of sound risk management. Running an exercise as complex as a stress test was not necessary to arrive at such general recommendations, as our survey confirmed. Lastly, some suggestions (e.g. “reviewing guarantee clauses” or “stopping dividend payments”) went beyond the remit of some NCAs. This is because NCAs’ supervisory powers are not fully harmonised across Member States, meaning that the extent to which recommendations can be applied may differ.

70

Soon after the stress test results were published, EIOPA approved a plan for systematically following up the recommendations. As one recommendation was that NCAs should analyse the stress test’s potential impact at group level, EIOPA launched a dedicated survey so that the relevant NCAs could report on their analysis and the action they had taken. Analysis of the extent to which other recommendations were followed up was based on the information EIOPA had collected during country visits, college meetings and meetings with group supervisors. In January 2018, EIOPA drafted a report showing that the NCAs had taken a range of follow-up measures to address its recommendations. The report also identified good practices, and analysed the results of the NCAs’ survey regarding the impact of the stress test at group level12.

EIOPA organised the stress test in a structured way, with some problems in timing and documentation

71

The timing of the 2016 insurance stress test coincided with the implementation of the Solvency II Directive, which entered into force on 1 January 2016. Until the end of May 2016, all insurance companies in the EU had to provide a substantive reporting package for the first time. Immediately thereafter, the stress test started (see Annex III). This chronological sequence of Solvency II reporting and the stress test was difficult for insurers to handle in terms of workload. The NCAs validated the data over a period of six weeks, between mid-July and the end of August. In our survey, the NCAs expressed the view that the time given was appropriate, albeit challenging due to their workload and limited resources over the summer period. Notably, not all NCAs were able to devote sufficient time and resources to thorough data validation.

72

Throughout the stress test process, EIOPA communicated with the NCAs and insurance companies through a number of channels, which we consider good practice (see Box 7). Despite having several dialogue tools, EIOPA was not sufficiently clear in explaining to participants why it required certain information. EIOPA was ultimately able to justify the need to receive these data for validation purposes. However, the fact that participants lacked an explanation created an image of excessive and unduly detailed data requirements. EIOPA did not consult participants on the design of the scenarios.

Box 7

EIOPA’s channels of communication with NCAs and insurance companies

  • A workshop with industry and actuaries’ representatives to discuss the stress test process, methodology, technical documentation and the framework of the various scenarios.
  • Several web seminars and videoconferences for NCAs, focusing on technical documentation and procedures for the data validation phase.
  • “Questions and Answers” (Q&A) published on a weekly basis, with the fifth and last edition being issued two weeks before the submission deadline. The Q&A helped to clarify the data requirement.
73

EIOPA provided participating companies with a dedicated template for the stress test, which they had to fill in within seven weeks and send to the NCAs. The templates were generally user-friendly, and replicated as far as possible the categories of financial data used for Solvency II reporting. This ensured consistency, and provided participants with clarity about the data they needed to submit.

74

The complexity of the tables reflected the purpose and scope of the stress test, but this meant, however, that some participants faced difficulties in performing the calculations by the deadline (see Box 8). Numerous updates of stress test-related material during the process created an additional burden. EIOPA updated the technical specification three times and the templates four times, and published the last version only two weeks before the submission deadline. However, for each of the four template alterations, EIOPA provided a useful automatic “updater tool”, which quickly filled in the content participants had already provided in the previous template version.

Box 8

Insurance companies’ views on data requirements for the stress test

“A lot of information had to be provided. (…) In our opinion, all the details were not necessary but we do not see the consolidation process that was performed.”

“The level of granularity requested was significantly greater than we had easily available. We initially indicated that we would not provide the detail requested in some areas, but we were asked to do so even if approximations were required. The approximate approach (…) increased the resource requirement materially, and would have made the combined results less reliable than desirable.”

75

EIOPA introduced a number of improvements in the 2016 stress test, based on lessons learned from the previous test in 2014. For example, it shared a validation tool with the NCAs and reduced the number of updates to the stress test template (see Annex IV). EIOPA had no overall planning in place for the “lessons learned” process. The conclusions primarily followed the discussions in two meetings with stakeholders, but EIOPA did not conduct a survey for industry representatives and NCAs as it had done after the stress test in 2014.

Part V - EIOPA’s governance and limited resources create a challenge in achieving the objectives

76

In this part of the report, we analysed those procedural and organisational aspects of EIOPA’s work that horizontally affect the efficiency of its actions. In particular, we focused on the risks related to the reliance on NCAs’ work and the current governance framework, the use of legal instruments to ensure compliance with guidelines and regulations, and the adequacy of EIOPA’s resources.

The effectiveness of EIOPA’s work relies on the NCAs’ contributions, and its governance creates challenges

77

EIOPA co-operated very closely with the NCAs in all the actions covered by our audit. Although this co-operation was generally positive and reflected EIOPA’s mission to support and coordinate the work of national supervisors, the efficiency and effectiveness of EIOPA’s work often relied on the quality of the NCAs’ input and their willingness to co-operate. For example, it took a very long time to obtain agreement from some NCAs just to organise the country visits. Despite visible efforts by EIOPA to obtain the NCAs’ support, some of them questioned the rationale and scope of the visits. As a result, EIOPA ultimately managed to visit all NCAs, but the last visit took place three years after the cycle of visits had started. This delay visibly hampered EIOPA’s effectiveness in ensuring supervisory convergence. The quality and timeliness of NCA inputs also largely determined whether EIOPA’s other products, such as the supervisory handbook and peer reviews, could be produced on time.

78

As far as country visits, work on cross-border activities, and internal models were concerned (see paragraphs 35-36 and 49), we found cases where EIOPA did not receive all the information it had requested from the NCAs. As a result, EIOPA was unable to perform some types of analysis that it had originally intended to carry out. In the course of some country visits, for example, EIOPA was not able to discuss with the national authorities certain companies’ approaches to supervising risk management, and only covered the NCAs’ overall procedures in this respect. Given its nature, reliance on the quality of NCA inputs was also heavy in the stress test process (see Box 9).

Box 9

Reliance on NCAs in the stress test process

Sampling: Based on EIOPA’s criteria, the NCAs selected the companies participating in the stress test. EIOPA had neither thorough knowledge of all EU insurance markets nor sufficient data to verify whether the NCAs used correct data for sampling purposes, and so confined itself to checking market-share thresholds.

Data validation: The NCAs remain the ultimate decision-makers as regards the accuracy of reported data. In the event of doubts about the quality of the data the NCAs had provided, EIOPA challenged the NCAs and requested additional clarification; however, it was not ultimately in a position to override their judgement (e.g. by excluding data from the sample). Unlike the EBA, EIOPA is not allowed to ask participants in the stress test directly for any information.

79

EIOPA’s current governance structure gives NCAs the power to influence the extent to which their own work will be reviewed and also the conclusions of such reviews. This is because the ultimate decision-making body at EIOPA is the Board of Supervisors, which consists of 28 NCA representatives and the EIOPA chairperson (as well as observers from the ESRB, the EBA, the ESMA and the European Free Trade Association). The Board of Supervisors approves all of EIOPA’s key documents and products, including the oversight strategy (which defines the priorities for spot visits to NCAs), the topics and final reports of peer reviews, the assumptions, scenarios and reports following the stress test. This creates a challenge for independence, considering that some of EIOPA’s instruments (notably country visits and peer reviews) are intended to provide constructive but critical feedback on the NCAs’ work. The stress tests can also indirectly reveal weaknesses in prudential supervision in the Member States, and lead to recommendations for the NCAs.

The procedures for using legal instruments are sound, but sometimes lack transparency and a pro-active approach

80

To ensure that NCAs and insurance companies comply with EIOPA’s guidelines and regulatory requirements, EIOPA can take action under the “comply or explain” (Article 16 of the EIOPA Regulation) and “Breach of Union Law” (Article 17) procedures. However, the actions that EIOPA can take are essentially limited to monitoring and reporting cases of non-compliance rather than sanctioning them.

81

Under the “comply or explain” procedure, NCAs have to confirm that they apply each of the approximately 700 guidelines issued by EIOPA by providing reference to their own legal framework, or justify why they have not done so. In practice, cases of non-compliance with guidelines are rare, since NCAs are involved in developing them, and EIOPA has an effective procedure for registering and reporting such cases. We found the “comply or explain” procedure to be an effective tool for monitoring compliance but it did not fully ensure transparency towards external stakeholders and consumers. The compliance tables uploaded onto EIOPA’s website were not always up to date, and the summary nature of the information they contained, which varied depending on the quality and comprehensiveness of the information NCAs have provided, meant that they were of limited use to the public.

82

EIOPA established the “Breach of Union Law” procedure in 2011, and has since recorded 28 complaints (most of which EIOPA considered inadmissible). EIOPA applied its procedure for investigating breaches of Union law consistently, and its investigations were thorough. When investigating alleged breaches as reported by a complainant, EIOPA only provided a limited number of updates about the procedure, and periods of non-communication can sometimes be lengthy due to the complexity of individual cases. As a result, complainants - including consumer organisations - did not have a comprehensive overview of EIOPA’s actions, and sometimes mistakenly regarded non-communication as evidence of inactivity.

83

The “Breach of Union Law” procedure did not provide for systematic monitoring of potential cases. EIOPA monitored such cases informally, but the cases that came to its attention in this way are dealt with at closed meetings of the Board of Supervisors. They were typically not recorded in the breach of Union law register and investigated accordingly. EIOPA adopted this approach in order to foster trust among NCAs, but it did not give stakeholders full confidence that EIOPA is taking appropriate action at their request. This approach also lacked transparency, as external stakeholders (such as consumer organisations) cannot monitor it.

84

Given the nature of the process, it was not possible for us to verify whether EIOPA launched the procedure in all cases each time it becomes aware of an alleged breach of Union law (unless formally reported and registered). We found one case where EIOPA identified serious shortcomings in an NCA’s decision but did not launch a “Breach of Union Law” procedure, instead opting to act as a mediator between two NCAs (see Box 10).

Box 10

Breach of Union Law procedure not applied

Solvency II requires owners and managers of insurance companies to be fit and proper to perform their duties. In the case of one insurance company, the NCA deemed its manager fit and proper even though certain evidence indicated that the person did not meet the requirements. The insurance company wanted to perform cross-border business with another Member State, but the NCA of the country concerned was opposed. Although EIOPA acted as a facilitator between the NCAs and strove to find a solution that protected consumers, its efforts were unsuccessful. Despite its concerns regarding the soundness of the home NCA’s decision, EIOPA has not launched a “Breach of Union Law” procedure against it. As of June 2018, EIOPA was still reviewing this case.

EIOPA’s resources for carrying out supervisory work were limited and not transferred from regulatory activities

85

Given the scope of responsibilities and the range of actions in the field of supervision, EIOPA worked with very limited resources. In February 2018, the oversight department had 20 staff, representing only 14 % of EIOPA’s human resources (142 members of staff). EIOPA’s oversight department is responsible for visits to NCAs, coordination of peer reviews, support and attendance at college meetings, facilitation between NCAs and oversight of internal models. Some other staff members (equivalent to four FTEs) were dedicated to the development of supervisory convergence initiatives and three staff members were working on data and business intelligence tasks which support oversight work.

86

Resource limitations became even more apparent at team level. For example, the team responsible for internal models effectively had three full-time employees (after accounting for long-term absences and commitments to other tasks), as opposed to the 5.25 listed in the work programme. Considering that the team co-operated with 17 NCAs that supervise 212 complex internal models and was responsible for further horizontal tasks such as consistency projects, the effective allocation of resources posed a significant challenge. Most NCAs in our survey felt that EIOPA’s staffing for internal models oversight could be improved. This was particularly important because NCAs themselves had limited resources for supervising internal models, particularly due to the considerable demands of the job. By providing more support in this field, EIOPA could close an important expertise gap in Europe’s insurance supervision system.

87

Following the implementation of Solvency II, and having finalised its work on the core of the new regulatory framework, EIOPA adopted a strategy of shifting its focus from regulation to supervision. This was also expected by stakeholders, including businesses and consumers, namely that EIOPA should focus on ensuring that the new common regulatory framework for insurers is equally applied across the EU. The allocation of staff, however, did not reflect this shift. Between 2015 and 2017, the policy department decreased by 13 people, but the oversight department increased by only five, it was though supported by a limited number of staff working in other departments (see Figure 14).

Figure 14

Staff allocation to the policy and oversight departments, 2014-2018 (in FTEs)

* Development of oversight function for 2018 as known to date. Potential recruitments are not taken into account.

Source: ECA, based on EIOPA documents.

88

As the posts in the oversight department required business-specific knowledge and hands-on supervisory experience, EIOPA struggled in several recruitment campaigns to find appropriate candidates. This was due to, among other factors, high demand for finance professionals in the local labour market in Frankfurt, combined with the high costs of living. However, EIOPA did not compromise on its requirements, and employed staff with appropriate experience.

89

For the stress test, the core team consisted of three adequately-qualified EIOPA staff members. The staff allocation was appropriate considering the current division of responsibilities, which largely relies on input from NCAs (see paragraph 78). However, with these resources, EIOPA would be unable to carry out more detailed checks on data accuracy, or to communicate directly with participants of the stress test, even if considered this useful. Furthermore, EIOPA did not have an overview of the resources used by all partners involved (including the NCAs) to organise and conduct the stress test. The overall costs remained therefore unknown.

Conclusions and recommendations

90

Our overall conclusion is that EIOPA made a good contribution to supporting the quality of supervision and stability in the EU insurance sector. In doing so, however, EIOPA faced limitations in terms of the architecture of the supervision system, scarcity of resources and, in some instances, insufficient support and collaboration from NCAs. As a result, much still needs to be done by EIOPA, legislators and NCAs to achieve supervisory convergence, i.e. a level playing field for insurance businesses operating across EU Member States and for their customers.

Coordination of NCAs’ work

91

EIOPA used a wide range of tools, both as envisaged in its founding Regulation and on its own initiative, to ensure that NCAs follow a common approach when supervising insurance companies. We found that EIOPA staff prepared thorough, well-founded analyses in this respect that made it possible to identify significant weaknesses in supervision by NCAs. The weaknesses included risks to the institutional independence of NCAs and insufficiently rigorous supervision, which follows a formalistic rather than a risk-based approach (see paragraphs 14 to 16 and 19).

92

Some of EIOPA’s tools, notably visits to NCAs and peer reviews, were covering supervision issues in a comprehensive way, but that meant they were very broad in scope. Therefore, it took a considerable amount of time to finalise them, and the NCAs needed significant resources to prepare for and participate in such activities. The NCA visits also resulted in a high number (over 30 in some cases) of non-prioritised recommendations (see paragraphs 17 and 20 to 22).

93

We also found that EIOPA has had no arrangements in place to follow up on the recommendations of NCA visits and peer reviews in a systematic way. As a result, it had no overview of progress in supervisory convergence and the challenges that remain. Nevertheless, EIOPA did make an effort to discuss selected problems with NCAs on ad hoc basis, and can also demonstrate gradual improvements in the practices that some of the have followed (see paragraph 18).

Recommendation 1 – Improve the focus and follow-up of supervisory tools

EIOPA’s should better focus and follow up its supervisory tools. In particular:

  1. The spot visits should be centred on a few of the most pressing issues, selected on the basis of their impact on supervisory convergence and consumer protection. They should lead to a smaller number of clearly prioritised recommendations with a specific timeframe for implementation.
  2. EIOPA should define the scope of the peer reviews so that they focus on a single issue in supervisory convergence and can be finalised, as a rule, within a year.
  3. EIOPA should analyse whether the NCAs effectively implemented each recommendation issued as part of a process of structured dialogue and peer reviews. It should register the results of its analysis in order to have an overview of the progress made and challenges faced in achieving supervisory convergence across Member States, and should make its overall findings publicly available.

Target date: 1.1.2020.

Supervision of cross-border companies

94

The current set-up for supervising cross-border business has systemic weaknesses and creates a situation, where the method of supervision depends on the legal form of the business. Insurers, which operate abroad via subsidiaries, are subject to supervision through colleges. However, companies which operate abroad, either through branches or directly, are supervised solely by the home supervisor (see paragraphs 23 to 26).

95

This set-up for cross-border supervision created the wrong incentives for supervisors and insurers. As some companies are not subject to supervision by a college, insurers will take advantage of a lower level of supervision in certain Member States. The system has not been designed to supervise a Europe-wide market in a way that is effective and based on EU citizens’ interests. This means that the objective, as set out in the De Larosière Report, of avoiding competition distortions and regulatory arbitrage as a result of different supervisory practices has not yet been achieved. EIOPA did make an effort to deal with the resulting problems, for example by creating the cooperation platforms, but was not in a position to overcome systemic weaknesses (see paragraphs 27 to 32).

96

EIOPA was able to contribute to the colleges’ work, despite scarce resources and – in some cases – limited co-operation by the NCAs. However, many issues remained in terms of the consistency of cross-border supervision (such as different risk assessment frameworks, staffing shortages in NCAs. (see paragraphs 33 to 36).

Recommendation 2 – Strengthen the supervision of cross-border companies

EIOPA should:

  1. co-operate with the Commission and the co-legislators to address systemic weaknesses in the supervision of cross-border business, e.g. by improving legal provisions through the ESAs’ review process. In particular, it should aim to ensure an equal level of supervision for companies running their business in another Member State, regardless of the chosen business model;
  2. in parallel to these efforts, continue to protect consumers by acting through cooperation platforms and by monitoring cross-border activities.

Target date: 1.1.2019.

Supervision of internal models

97

Supervising internal models is a highly complex and resource-intensive process, and the level of convergence in this area is still not satisfactory. This means that supervisors have different approaches to assessing how accurately the internal models reflect the actual risks held by insurers. The result may be unfair competitive advantages, and adverse effects for consumers and financial stability. EIOPA made efforts to address these issues through consistency projects, and, in so doing, did achieve some results, although there was no effective convergence of supervisory approaches. EIOPA’s attempts to become involved in reviewing the internal models of selected companies were largely unsuccessful because access to information was limited. In another case, however, EIOPA was asked to support an NCA in its work on internal models, but did not do so, as the request did not reflect its priorities (see paragraphs 37 to 50).

Recommendation 3 – Enhance arrangements for the supervision of internal models

EIOPA should:

  1. co-operate with the Commission and the co-legislators to address the limitations in access to information concerning internal models for its own staff and host supervisors. EIOPA should provide supervisors with more information and support on how to assess and/or challenge those models;
  2. assist supervisors when authorising and supervising complex internal models, whenever asked to do so and on its own initiative.

Target date: 1.1.2019.

The insurance stress test

98

EIOPA carried out its 2016 insurance stress test to assess how the insurance sector would react to adverse market developments, in particular a prolonged period of very low interest rates and an asset price shock. A number of companies did indeed prove vulnerable to such a situation, as their solvency would significantly worsen. For the most part, the scope of the stress test and the focus on the life and long-term business were appropriate given the test’s objectives (see paragraphs 50 to 54 and 66).

99

The stress test scenarios were effective at addressing the main risks identified for the sector, but we found shortcomings in the way they were calibrated and justified. Although the goal of the stress test is to simulate an extreme event, for one scenario EIOPA was unable to demonstrate that it was severe enough. Some of its parameters, which were based on professional judgement, nevertheless proved to be relatively close to market reality. For the other scenario, we found inconsistencies in the level of applied shocks across Member States. Therefore, there is a risk that the results of the stress test did not provide a full picture of developments in the insurance sector in the event of extremely adverse circumstances. This is of crucial importance from a financial stability perspective and for policyholders, considering that, even given the assumptions that EIOPA adopted, the sector proved to be highly vulnerable (see paragraphs 55 to 63).

Recommendation 4 – Improve the design of the stress test scenarios

EIOPA could improve its stress test scenarios further with a view to making them more robust and sound in terms of severity, plausibility and consistency. This could be achieved by:

  1. analysing and assessing the severity and plausibility of developed scenarios, e.g. by quantifying the probability of the relevant triggering events or using other available methods and/or tools, and documenting this analysis to justify the soundness of the scenarios; and
  2. relying more on ESRB capabilities for the market scenarios (e.g. by intensifying the use of the shock simulator tool) and/or other expert advice (e.g. by bringing together an external panel of experts to evaluate the scenarios).

Target date: As from the 2020 stress test.

100

We found that, overall, EIOPA accurately validated and presented the stress test results. Given the demonstrated vulnerability of the sector, the stress test led to recommendations being made to NCAs. However, some of the recommendations were too general and did not propose actions that were sufficiently specific. Moreover, some recommendations went beyond the remit of certain NCAs, meaning that they were not in a position to implement them. EIOPA made an effort to follow up on the recommendations and to analyse the progress made (see paragraphs 64 to 65; 67 and 69 to 70).

Recommendation 5 – Issue more relevant recommendations to the NCAs

Following the stress test, where needed, EIOPA should issue recommendations to the NCAs requiring them to take action that is both more specific and relevant for all concerned. EIOPA should assess the feasibility of the recommended action on an ex-ante basis, by considering whether the NCAs have the means to apply it effectively and in a timely manner.

Target date: As from the 2020 stress test.

101

EIOPA published the results of the 2016 stress test only on an aggregated basis as, unlike the EBA, EIOPA does not have a specific legal mandate to publish results for individual companies. In order to do so, EIOPA needs to obtain written consent from participants, which it was not ready to ask for in 2016 but which it did seek for the 2018 stress test. We consider this to be a step in the right direction, as disclosing individual companies’ results could help to increase transparency, raise awareness of risks and so enhance market discipline (see paragraph 68).

Recommendation 6 – Promote publication of individual stress test results

EIOPA should promote the publication of stress test results on an individual basis. To increase participants’ confidence, EIOPA could refer to the improved transparency of the stress test methodology (recommendation 7) and sounder design of the scenarios (recommendation 4). EIOPA should also ensure that the way of presenting the individual results leaves no leeway for interpretation.

Target date: As from the 2020 stress test.

102

Overall, EIOPA organised the stress test smoothly, although the timing was very challenging for participants. It used a range of channels to communicate with NCAs and participating companies. Despite numerous updates during the reporting period, the templates were a practical tool for enabling companies to provide data. However, EIOPA did not sufficiently justify the need to receive certain data, or the design of the scenarios and their underlying assumptions. This was unhelpful in terms of instilling confidence in the NCAs and participants whose contribution was crucial for the reliability of the stress test results. EIOPA learned lessons from the 2014 stress test to improve its organisation in 2016, but the approach was not systematic (see paragraphs 71 to 75).

Recommendation 7 – Increase transparency of the stress test methodology

Stress test methodology should be more transparent and EIOPA should do more to help stakeholders and participants understand it, e.g. by:

  1. organising workshops for participants and industry representatives before launching the stress test proper, so as to explain the test and the scenarios more clearly and gather non-binding feedback for a better informed stress test;
  2. using the technical documentation so as better to explain to participants in greater detail the way scenarios (underlying assumptions) are calibrated and the scope of the data required for this purpose;
  3. conducting meetings with stakeholders after the stress test so as to receive feedback and learn from previous stress tests in a systematic way (i.e. with specific timelines, communication channels and participants).

Target date: As from the 2020 stress test.

Governance and resources

103

In most of its activities, EIOPA worked very closely with the NCAs. However, in particular where country visits and work on internal models were concerned, in some instances it received insufficient support from national supervisors. As access to information and documents was restricted, EIOPA was unable to perform some of the checks and analyses it had planned. As NCAs also have a decisive say in EIOPA’s main governing body, they are in a position to decide about the scope of EIOPA’s action to review the effectiveness of their work. This posed a challenge in terms of the independence of such action.

104

We found that EIOPA had a well-established procedure in place for following up instances of non-compliance with EU law, despite some weaknesses regarding transparency towards external stakeholders (see paragraphs 76 to 84).

105

Given the complexity of EIOPA’s tasks, particularly in the field of supervision, its resources were very limited. The team responsible for overseeing 212 internal models has had only three full-time employees. Overall, only 20 staff members (14 % of all EIOPA staff) work directly in the oversight department and there is a limited number of staff who deal with supervisory issues in other departments. Thus, the intended strategic shift in EIOPA’s focus from regulation to supervision has not yet taken place (see paragraphs 85-89).

Recommendation 8 – Strengthen human resources assigned to supervisory tasks

  1. EIOPA should gradually ensure a significant increase in the number of staff assigned to supervisory tasks and set itself a specific and justified objective in this respect in the annual work plan.
  2. Following a detailed needs analysis, EIOPA should also consider requesting additional resources by clearly specifying the tasks for which they are necessary and their impact on the quality and convergence of supervision and financial stability.
  3. The additional resources should be used specifically to intensify EIOPA’s work on internal models, cross-border supervision and identifying instances of non-compliance with EU law.

Target date: 1.1.2020.

This Report was adopted by Chamber IV, headed by Mr Neven MATES, Member of the Court of Auditors, in Luxembourg at its meeting of 2 October 2018.

For the Court of Auditors

Klaus-Heiner LEHNE
President

Annexes

Annex I

Overview of EIOPA’s Peer Review recommendations

Topic of the review Adoption of final report Work done Actions recommended by the peer reviews
Key Functions Final adoption expected in 2018. The aim of this Peer Review is to get an insight into how NCAs apply the proportionality principle when supervising undertakings’ key functions, taking into account the implementation of key functions requirements introduced by the SII Directive.

Scope: all NCAs in EEA Member States

Self-assessment questionnaire sent to EIOPA members and reviewed.

Visits to 8 Member States organised and conference calls with 22 NCAs held.
EIOPA:

-should consider the outcome of this peer review in a revision of the Guidelines on system of governance, especially in relation to the guideline 14 regarding outsourcing

-should take into account in its work on the Supervisory Review Process the practical findings, best practices and recommended actions of this peer review

NCAs (selected):

-should develop and implement adequate supervisory procedures and criteria to assess governance requirements regarding KFs in a risk-based supervisory framework according to Article 29 of the Solvency II Directive

-should require all (re)insurance undertakings to have in place an effective system of governance which provides for sound and prudent management of the business

-should take into account nature, scale and complexity when applying the proportionality principle in general

-should increase the monitoring process of combinations between KFHs and the knowledge of the situation in the national market and assess whether combinations of KFs fulfil the necessary conditions in relation to fitness and independence in the undertaking’s organisation structure

-in the situation where the actuarial function is fulfilling tasks in the remit of the risk management function NCAs should assess conflicts of interest

-should specifically pay attention to the risk management function (…)

-should increase the monitoring process of combinations of KFHs and operational tasks (…)

-should carry out fitness assessments also for KFHs other than actuarial function holders

-should also assess the fitness of KFHs after having received the notification of the KFH’s appointment whereby a risk-based approach can be used.

-should complete fit (and propriety) assessments for all KFHs

-should develop and implement adequate supervisory procedures and criteria to assess governance requirements regarding KFs (…)

Freedom to Provide Services 29.01.2015 Analysis of practical experience with freedom of services.

All 31 Member EEA States were concerned
Main conclusion is the need to improve the cooperation between NCAs at the different stages of the supervisory process, in particular regarding data storage and record keeping, exchange of information at the moment of authorisation, identification of risks and complaints handling.

-EIOPA should make the collection of data regarding business written by way of freedom of services through branches in another MS mandatory.

-NCAs should have a data storage system allowing extracting information about the domestic undertakings having notified their intention to carry out activity by freedom of services in other EEA Member States.

-NCAs should have in place a system, which provides specifically up to date data about the number of undertakings per country having notified their intention to provide services in their territory.

-Improve storage of data regarding freedom of services and freedom of establishment notifications while avoid overloading of registers with inactive notifications

-NCAs should identify the potential risks linked to freedom of services activities and define an approach of supervision adapted to those risks

-NCAs should investigate why authorisation is requested in one MS when the activity is planned to be exclusively or mainly carried out in other MS;

-Address the issue of complaints handling in the case of freedom of services.

Annex II

Underlying assumptions of the 2016 insurance stress test

  Low Yield (LY) scenario Double Hit (DH) scenario
Technique No specialised tool used Financial shock simulator
Risks covered Market risk:

(1)Prolonged period of low interest rates.

Market risk:

(1)Low-yield environment simulated by a fall in the EUR-SWAP rates and Ultimate Forward Rate (UFR) at 4.2 %;

(2)A rapid increase in yields on sovereign and corporate bonds (both financial and non-financial) and shock (drop in price) on equity and other asset classes (e.g. hedge funds, commodities); fall in commercial and residential property prices.

Input to scenario – Liability side

-A low-yield curve (fall in EUR-SWAP rates) generated from the lowest rate observed on 20.04.2015 (over a period of two years 2014-2015) for different maturities (2, 5, 10 and 20 years) in the Euro Area,

-An additional downward shift of 15 basis points,

-Factors deduced from the EUR-SWAP rates for other currencies,

-UFR at 2 % (value close to market rate, i.e. 1.561 % for 50 years EUR-SWAP on 31.12.2015).

-A low-yield curve (fall in the EUR-SWAP rates) derived from the simulator, and

-UFR at 4.2 % (used to derive the risk-free rate curve).

Input to scenario – Asset side No direct impact.

-A rapid increase in yields on sovereign and corporate bonds (both financial and non-financial);

-a shock (drop in price) on EU stocks prices and other asset classes (e.g. hedge funds, commodities, property).

Nature of shock The scenarios were derived assuming a simultaneous and instantaneous occurrence of the assumed shocks.
Historical data/ horizon set The lowest point on the EUR-SWAP curve over two years 2014-15. 2005-2015, set on a quarterly horizon.
Probability At least 3 % yearly probability for the liquid part of the curve.
Not possible to precisely estimate the probability of the entire scenario due to the addition of UFR (which was close to the market and therefore quite probable).
As swap rates and government bond yields (closely related in the past) move in the opposite directions, the joint probability of the scenario is much lower than the estimated marginal probability of the two trigger events (0.75 % for government bond yield shock, 0.5 % for swap rate shocks, measured over a one-year horizon).

Annex III

Timeline of the 2016 stress test

Source: ECA, adapted from EIOPA.

Annex IV

Lessons learned from the 2014 STRESS TEST and follow-up in 2016

  Problems identified in 2014 Stress Test Follow-up in 2016 Stress Test
Timeline

-Number and complexity of scenarios and late delivery of final preparatory templates

-Too many corrections of the templates during calculation phase

-Time required for industry calculations was reduced as the stress test had less scenarios and they were significantly simpler compared to 2014

-Fewer corrections of the technical specifications (three instead of seven revisions on stress test 2014)

Quality assurance

-Considering involving more on-site supervision type of expertise on validation

-Implementation of validation checks took too long

-NCAs would like EIOPA tools for own validation purposes

-On-site supervision of NCAs finally not applied because of the time demanded to supervisors to travel to EIOPA’s premises

-EIOPA shared validation tool with NCAs on 30 June 2016

Technical specifications and reporting templates

-Consider investing more time in technical specification drafting

-Last minute concretion of key inputs (e.g. risk-free rates)

-Several updates and new versions of the templates and specifications

-More time on building and testing templates prior to launch

-Ensure clarity

-Technical specifications shared with industry stake holders in advance

-Several updates (three versions for technical specifications, five for templates)

-Solvency II regime in place, templates more stable

Communication Q&A

-No clear communication with industry and NCAs

-Q&A: important answers provided close to deadline for submission, with no effective time for participants to react

-No communication with press and other analysts

-Webinars and teleconferences ahead of publication

-Last Q&A update was published two weeks ahead of the deadline for submission

-FAQ prepared and available at EIOPA website

Source: ECA, adapted from EIOPA.

The replies of EIOPA

I. Executive summary

V

EIOPA would like to thank the ECA for the good cooperation during the audit. The work of the ECA is of immense value for the European system as a whole to further improve its functioning.

VI

Overall, EIOPA appreciates the recognition that the ECA is giving in its assessment of the effective contribution EIOPA is making to the supervision and financial stability in the insurance sector. We also welcome the calls on the co-legislators to further strengthen the legal framework in a view to support EIOPAs decisive task with respect to cross border business by FoS/FoE. In order to further ensure the well functioning of the internal market weaknesses identified in the supervision of cross-border business need an adequate and timely response from all parties involved as significant challenges still need to be addressed.

The ongoing negotiations on the ESAs review as well as the upcoming negotiations on the Solvency II review provide the co-legislators with the opportunity to discuss how the legislative framework could be strengthened to ensure that sound supervisory responses can be given on a national as well as on a European level.

VII. & VIII. [Common reply to paragraphs VII and VIII.]

To ensure the continuous well functioning of the internal market in the interest of having a level playing field and the same level of consumer protection across the EU further legislative changes enhancing the functioning of the internal market are supported by EIOPA. In the internal market, the quality of national supervision is no longer solely a national or regional issue; it is a European Union issue. Hence, tools are needed to ensure that all Supervisory Authorities live up to the required standard.

X

EIOPA welcomes the recognition of the appropriateness of the scope and scenarios in terms of identifying the main risks of the sector. Going forward, EIOPA will put focus also on the areas of improvement regarding the explanation of scenarios, notwithstanding the fact that it is not technically possible to estimate the probability or severity of specific triggering events (e.g. change of the UFR) or of full scenarios that combine different triggering events.

XI

EIOPA indeed conducted appropriate and accurate validation of the stress data. Regarding the general nature of some recommendations, EIOPA recognises room for improvement, however, it must be noted that more specific recommendations would be possible following the publication of individual, non anonymised, results. EIOPA can only issue recommendations based on the results of stress test exercises, that are consistent with the level of disclosure of the results and its legal powers.

XII

EIOPA supports the ECA view that more resources are needed to strengthen supervisory convergence work. So far the allocation of FTEs to EIOPA each year has been in line with the present MFF, devised before 2013. Despite EIOPA’s requests for more resources to support the objective of supervisory convergence the present MFF did not reflect these needs.

XIII

EIOPA accepts all recommendations. Specific comments on the individual recommendations are provided further down.

II. Observations

EIOPA’s recommendations reflect the weaknesses identified, but lack follow-up 17

EIOPA’s strategy on its independent oversight has incorporated the suggestion for a smaller number of more focussed recommendations towards its NCAs, and to accompany this with a structured follow-up process.

21

EIOPA’s first Strategy on conduct of business supervision (published in 2016) envisaged an incremental development of the available tools – Thematic Reviews, the Consumer Trends Report, Retail Risk Indicators, and Enhanced Market Monitoring.

The Regulatory frameworks in the prudential and conduct supervision developed at different speeds throughout Europe, and in EU law. The regulatory framework on the conduct side developed only following the implementation of the Insurance Distribution Directive (IDD) (application 1 October 2018) and the Regulation on Packaged Retail and Insurance-based Investment Products (PRIIPs) (application 1 January 2018). As laid down in a further Strategy Paper EIOPA’s aim is to begin to apply the same supervisory convergence and oversight tools developed in its experience with Solvency II increasingly in the conduct of business supervision area, and to increasingly integrate conduct aspects into its prudential work. The prudential and conduct works starts at different speeds, but ultimately should converge, allowing for more and more synergies to be realised.

22

The development of the supervisory handbook was an iterative process, where many chapters were approved in 2016 and 2017, and the final four chapters in April 2018. In many of the new areas of Solvency II experience was needed before drafting recommendations on good practices. To support this statement, 17 NCAs answered “yes” and only 4 NCAs “no” on the question: “Was the timeline of the publication of the handbook appropriate for your purposes?”.

27

EIOPA agrees that the supervision of cross-border business needs further regulatory strengthening. To address this situation already within the current framework, EIOPA has issued the Decision on the collaboration of the insurance supervisory authorities which addresses the collaboration between supervisors of cross border activities through branches and freedom to provide services when starting the activity and supervision on a continuous basis.

44

The further improvement of data available for the comparison of models and the monitoring of model development is a key priority for EIOPA going forward and will be one of the elements to closely examine in the upcoming Solvency II review.

50

EIOPA agrees with the ECA that the opportunity to assess an internal model in more detail could provide EIOPA with further valuable insights. However, as also noted by the ECA, EIOPA has limited resources in this area. Considering the ongoing work of the experts and low risk profile of the specific insurance group EIOPA unfortunately had to deprioritise this request in favour of other ongoing activities.

52

During the first year of implementation of Solvency II, EIOPA managed to conduct a stress test exercise that, as acknowledged, identified the main risks for the sector within a new framework.

EIOPA is confident on the appropriateness of the calibration of the scenarios but is nonetheless committed to continue developing its methodological framework and improving the explanation of the scenarios.

56

EIOPA does not consider the partial estimation of the probability of this scenario as an appropriate method to justify the severity of the scenario, in particular, if it excludes the impact of the change of the UFR from 4.2% to 2%. A partial estimate regarding only the liquid part of the curve could lead to misinterpretations as the assumption of a different UFR is the core element of this scenario.

EIOPA believes that by incorporating the change of UFR, the scenario becomes sufficiently severe.

EIOPA considers that the comparison found in footnote 9 between the regulatory UFR and market rates, is not appropriate for the estimation of the severity of the scenario. Solvency II imposes the application of a UFR of 4.20% (for 2016) for the European Insurance Sector. Therefore an appropriate estimation of the severity of the scenario should be between the (fixed at the time) UFR of 4.2% and the scenario UFR of 2%, not the market rates at the time, that may not be deep, liquid and transparent in the long tenors.

57

There is no commonly accepted methodology to derive the probability of a scenario that combines a change in market rates with a change in a regulatory set parameter such as the UFR. EIOPA did not quantify the probability of the initial (liquid) part of the curve, as it would not be technically sound to estimate a partial probability for the scenario.

58

The scope of the 2016 exercise was based on solo entities with the majority of business underwritten in a single country. With that in mind and the assumptions that the scenario entails, EIOPA considers the method applied as appropriate for the goal. EIOPA prioritised the goal of obtaining a proportionate impact to all the participants in a EEA-wide exercise rather than generating an additional fully market consistent scenario.

59-62. Paragraphs 59-62 and Box 5

EIOPA developed the double-hit scenario in cooperation with the ESRB. In line with the technical disagreement of the ESRB, EIOPA believes that:

  • A longer sample period of, e.g., 20 years rather than the 11-year sample period that was used, would not have led to more robust results. We doubt that this would have significantly reinforced the overall quality of the scenario or guaranteed a more even distribution of shocks. In particular, an extension of the sample period to 20 years would have led to the inclusion of observations pertaining to an economic phase of unsustainable financial exuberance and exceptionally low volatility.
  • EIOPA stress test is by nature a 28-Member-State wide exercise. Therefore, there will always be a tension between the economic consistency of the scenario and the perceived ‘equal distribution of shocks’ on asset prices such as government bonds.

EIOPA considers that Box 5 and 6 put too much emphasis in support of some views. It should be noted that such views may go against the principle of market consistency of the scenarios.

63

EIOPA technical specifications were completed by the public Q&A updates and focused on the application of the shocks and instructions to fill in the templates for clarity and economy of resources, rather than on the theoretical grounds. This was also based on feedback and lessons learned from previous exercises where participants demand concrete examples and explanations on the one hand and in other instances flexibility and low level of prescription for their facility.

EIOPA does not consult on the severity of the scenarios, also in line with the non pass/fail nature of the exercise. The narrative of the scenarios is publicly available in relative ESRB1 and EIOPA2 documentation.

65

In an EU-wide exercise, contrary to what is the case in a national exercise, the results are presented at country level rather than per homogenous products. This distinguishing characteristic is one of the key advantages of such reports.

EIOPA stress test report contains the results of the ex-post analysis referred to in paragraph 88 onwards which also includes a separation between key product categories/characteristics. This methodological choice to a large extent provides similar insights as to what an ex ante segregation would.

Figure 13

EIOPA is aware of the heterogeneity of the sample participants which was transparently presented in the EIOPA stress test report and also taken into account when analysing the results.

In particular see section 3.1.4 of the EIOPA stress test report and paragraph 90 (an example of conclusions) explains how the results seem to suggest a clear role of the regulatory capital requirements being higher for companies which are exposed to the risk of such a scenario. This finding is important as it illustrates that companies that are relatively more sensitive to changes in market conditions (as tested by the stress test), are not necessarily in any worse or riskier position than those in the other groups due to relatively higher levels of capitalisation.

67

Already in the 2018 exercise, EIOPA has requested an estimation of the post stress capital position of participants notwithstanding the technical difficulties of the request and allowing for flexibility.

68

For the 2018 stress test exercise, EIOPA has already asked the written consent of participants for the individual disclosure of results.

69

The recommendations of the 2016 stress test were general in nature, in line with the context of a non-individual disclosure of results and the fact that 2016 was the first year of Solvency II implementation, a period that was challenging also for the NCAs.

The recommendation of fostering sound risk management although broad in nature, is key for a period that the requirement of ensuring proper risk managements practices within undertakings was just established.

72

Notwithstanding the fact that EIOPA agrees on the need to further enhance communication with stakeholders, there are always some elements that are dealt only within the supervisory community. Communicating in detail the specific use of validation templates, may endanger the validation process.

In addition, consulting participants in the design of the scenarios, although it may have merits in a national exercise, it is counterproductive in the EU context.

74

The complexity is difficult to avoid in such an exercise and as a consequence up-dates are needed. As stated EIOPA always tries to minimise the effect of such up-dates by providing supporting tools.

83

EIOPA uses many ways of gathering information in respect to potential Breach of Union Law cases. EIOPA gathers information during peer reviews, oversight visits, college work or informal meetings with stakeholders to identify potential cases of “Breach of Union Law”. EIOPA also stands ready to receive information from its Stakeholder Groups or external parties.

In cases where the potential Breach of Union Law is linked to supervisory action towards a specific entity the preparatory discussions take place during the closed session of EIOPA’s Board of Supervisors between supervisory authorities to ensure the necessary confidentiality which is needed for the exchange of confidential information.

Box 10 – Breach of Union Law procedure not applied

EIOPA was still reviewing this case in view of the underlying complexity regarding cross border implications and underlying diverging supervisory judgement by NCAs which required sound in-depth assessment.

87

To support the shift from regulation to supervision, EIOPA performed an internal reorganisation in 2016 leading to the establishment of dedicated teams focussing on supervisory convergence in the Supervisory Processes department, the Oversight department and the Conduct of Business Oversight Team. All these areas have seen considerable growth since 2016 and are planned to develop further in the coming years.

Furthermore, it has to be noted that EIOPA maintains an important role in contributing to the regulatory framework for both insurance and pensions sectors. It is therefore necessary to keep an adequate level of staff and expertice in the policy area as well. A number of crucial initiatives are ongoing, such as InsurTech and Sustainable finance, with the review of Solvency II coming up in the forthcoming years.

Recommendation 1 - Improve the focus and follow-up of supervisory tools

EIOPA accepts the recommendation to further strengthen its processes in the area of its independent oversight and peer reviews.

95

The internal market delivers, through the mechanism of competition, a wider choice of products and better prices for the citizens of the Union. Consumer protection, through high quality, consistent and convergent supervision, both on the prudential side and on conduct of business, is at the heart of EIOPA’s mission and mandate.

In order to further ensure the well functioning of the internal market weaknesses identified in the supervision of cross-border business need an adequate and timely response from all parties involved as significant challenges still need to be addressed to ensure that the internal market can deliver its full potential to the benefit of its citizens.

The ongoing negotiations on the ESAs review as well as the upcoming negotiations on the Solvency II review provide the co-legislators with the opportunity to discuss how the legislative framework could be strengthened to ensure that sound supervisory responses can be given on a national as well as on a European level.

Recommendation 2 - Strengthen the supervision of cross-border companies

EIOPA accepts the recommendation and will continue to envisage all efforts and cooperation with co-legislators to further strengthen the legal framework in a view to support EIOPAs decisive task with respect to cross border business by FoS/FoE.

The systemic weaknesses identified in the supervision of cross-border business is the key outcome that needs an adequate and timely response from all parties involved as significant challenges still need to be addressed.

EIOPA stands ready to share its experience with the co-legislators and the Commission to provide insight on the challenges faced and suggestions on how to improve the current legal framework to address them.

Recommendation 3 - Enhance arrangements for the supervision of internal models

EIOPA accepts the recommendation and agrees that the consistent and convergent supervision of internal models across the internal market requires additional efforts from all parties involved and welcomes the support of the ECA.

99

EIOPA would like to stress the acknowledgement of the ECA’s overall positive assessment of the following:

  • Effectiveness of scenarios in addressing the main risks of the sector
  • Appropriateness of the scope and methodology considering the first year of implementation of Solvency II
  • Absence of any validation or data errors

EIOPA, in line with the ESRB retains the technical disagreement with the comments regarding the calibration of the scenarios.

Nonetheless, EIOPA does acknowledge the room for improvement regarding the explanation of the scenarios to stakeholders and plans to keep working in that direction.

Recommendation 4 - Improve the design of the stress test scenarios

EIOPA accepts the recommendation of further improving its scenarios. Already in the 2017 IORP stress test, but also for the 2018 Insurance stress test, EIOPA is relying on ESRB and ECB shock simulator for the market scenarios. The insurance specific scenarios (e.g. natural catastrophes events) necessitate different expertise and are dealt by EIOPA, NCA and external insurance experts.

Nonetheless, the probability of the full scenarios cannot be estimated. When it is possible to quantify, EIOPA will document the probability of the different triggering events for the purposes of internal analysis and during the scenario approval process.

Furthermore, EIOPA plans to continue to cooperate with the ESRB/ECB and make use of external experts, such as experts from EIOPA members, to analyse and evaluate the scenarios.

Recommendation 5 - Issue more relevant recommendations to the NCAs

EIOPA accepts the recommendation.

Based on the results of the stress tests, EIOPA plans to issue recommendations that are consistent with the level of disclosure of results and its legal powers. More specific recommendations would be possible following the publication of individual, non anonymised, results.

Recommendation 6 - Promote publication of individual stress test results

EIOPA accepts the recommendation.

EIOPA will promote the publication of stress test results on an individual basis, particularly when it is relevant for financial stability considerations. Already for the 2018 exercise, consistent with its current legal powers, EIOPA has requested the consent of participants for the disclosure of individual results. The technical specifications and data templates already mention the specific data and indicators that are subject for individual disclosure.

Recommendation 7 - Increase transparency of the stress test methodology

EIOPA accepts the recommendation.

EIOPA plans to further enhance and formalise the communication and consultation with stakeholders and participants along the lines recommended by the ECA.

105

Please see EIOPA answer to paragraph XII from the Executive summary.

Recommendation 8 - Strengthen human resources assigned to supervisory tasks

EIOPA accepts the recommendation and welcomes its support for additional resources to be allocated to EIOPA to deliver on necessary tasks to increase the quality and convergence of supervision and financial stability.

Abbreviations

BoS: Board of Supervisors

BP: Basis point

EBA: European Banking Authority

ECA: European Court of Auditors

EEA: European Economic Area

EIOPA: European Insurance and Occupational Pensions Authority

ESAs: European Supervisory Authorities

ESFS: European System of Financial Supervision

ESRB: European Systemic Risk Board

FTE: Full-time equivalent

IGS: Insurance Guarantee Scheme

IM: Internal model

NCA: National competent authority

ORSA: Own Risk and Solvency Assessment

SCR: Solvency Capital Requirement

UFR: Ultimate Forward Rate

Glossary

College of supervisors: A college of supervisors is a permanent but flexible structure for coordinating and facilitating decision-making about the supervision of an insurance group that is active in more than one Member State.

European System of Financial Supervision: The ESFS is a system of micro- and macro-prudential financial supervision, and is centred around the three European Supervisory Authorities (ESAs) – EBA, EIOPA and ESMA, the European Systemic Risk Board (ESRB) and national supervisory authorities.

European Systemic Risk Board: The ESRB is responsible for macro-prudential oversight of the EU financial system and the prevention and mitigation of systemic risk. The ESRB monitors and assesses systemic risks and, where appropriate, issues warnings and recommendations.

Internal model: An internal model is an advanced approach to calculating risks stemming from an insurer’s business. Insurers can choose to use an internal model to calculate their overall risk situation better than with the standard formula; the calculated risk situation then determines the capital requirement. Any internal model needs to fulfil several requirements and be authorised by the responsible supervisor(s).

National Competent Authority: NCAs are the national authorities in each Member State that are empowered to supervise insurance companies (they are therefore also referred to as national supervisory authorities). An NCA which is responsible for supervising an insurer that has obtained its license in that NCA’s Member State is called the home supervisor. All other NCAs are host supervisors for the insurer in question if it conducts business via a subsidiary in their respective Member States.

Own Risk and Solvency Assessment: An ORSA is an annual internal process undertaken by insurers to assess the adequacy of their risk management and solvency positions under both normal and stress scenarios. An ORSA represents an insurer’s own assessment of its current and future risks.

Solvency II: The EU’s Solvency II Directive came into effect in 2016 and put solvency risk at the heart of a harmonised regulatory framework for insurance companies. The framework places demands on the required economic capital (‘Pillar 1’), governance and risk management (‘Pillar 2’) and reporting standards (‘Pillar 3’) of all insurance companies in Europe. The stated aims of Solvency II are to improve consumer protection, modernise supervision, deepen EU market integration by harmonising supervisory regimes, and increase the international competitiveness of EU insurers.

Solvency Capital Requirement: The SCR is the amount of capital that insurance companies must hold to meet Pillar 1 requirements under the Solvency II regime. This should ensure that insurers meet their obligations towards policyholders and beneficiaries with a very high level of probability (99.5 %) over a 12-month period.

Standard formula: The standard formula is the default approach for calculating an insurer’s risk situation in accordance with Solvency II. The standard formula is divided into risk modules, which are aggregated and determine the capital requirement.

Ultimate Forward Rate: The UFR is the risk-free interest rate towards which the risk-free yield curve converges beyond the so-called Last Liquid Point (e.g. 20 years for the euro). The UFR is used for very long-term liabilities due to a limited number of transactions (not sufficient liquidity) in the market in order to obtain the yield curve.

Endnotes

1 Based on Regulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), setting out EIOPA’s mission, tasks and organisation (OJ L 331, 15.12.2010, p. 48).

2 Further tools come in the form of written guidance for NCAs (e.g. EIOPA Guidelines on the Supervisory Review Process, and Opinions), other engagements with NCAs (e.g. training and conferences, and dedicated balance-sheet reviews carried out for Bulgaria and Romania) and ongoing contacts.

3 Prudential regulation requires financial firms to control risks and hold adequate capital as defined by capital requirements; this is in contrast to market conduct regulations, which define the rules on how companies should distribute their products in the marketplace.

4 Firms taking advantage of loopholes in regulatory systems to avoid certain types of regulation (e.g. providing services from a location with lower supervision).

5 In November 2008, the Commission authorised a high-level group chaired by Jacques de Larosière to make recommendations on how to strengthen European supervisory arrangements with a view to providing better protection for citizens and rebuilding trust in the financial system. In February 2009, the De Larosière Group published its final report.

6 For instance, the Austrian Court of Auditors reported in report 46/2017 that the Austrian NCA had used 51 % of its overall human resources solely for authorising internal models.

7 All EU Member States and two EEA Member States: Norway and Liechtenstein.

8 The stress test scenarios should be “severe enough to be meaningful, yet plausible enough to be taken seriously” (see M. Quagliarello, Stress Testing the Banking System: Methodologies and Applications, January 2009, Cambridge University Press). The usual practice is not to choose a probability rate higher than 1 % over a yearly period.

9 The 50-year bond on 31 December 2015 (i.e. the end of the sample) was at 1.561 %, as compared to the UFR of 2 % (source: Bloomberg). The 15 bp downward shift of the liquid curve, compared to the downward trend of 9 bp in the data, cannot be regarded as a significant shock.

10 The different products in the sample might affect the balance sheet in different way in the event of a shock.

11 The so-called long-term guarantee (LTG) and transitional measures were introduced in the Solvency II Directive in 2014 to ensure treatment of insurance products that include long-term guarantees, and to allow firms to move gradually to full Solvency II implementation.

12 In a limited number of cases, the outcome of the stress test of individual entities had a significant impact at group level. It would, however, be reduced due to diversification benefits stemming from other non-life business.

 

1 https://eiopa.europa.eu/Publications/Surveys/ESRB%20Double%20hit%20scenario%20for%20EIOPA%202016%20insurance%20stress%20test.pdf

2 https://eiopa.europa.eu/Publications/Surveys/FAQ%20Insurance%20Stress%20Test%202016%20PublicFinalFinal.pdf

Event Date
Adoption of Audit Planning Memorandum (APM) / Start of audit 5.12.2017
Official sending of draft report to EIOPA 19.7.2018
Adoption of the final report after the adversarial procedure 2.10.2018
EIOPA’s official replies received in all languages 26.10.2018

Audit team

The ECA’s special reports set out the results of its audits of EU policies and programmes or management topics related to specific budgetary areas. The ECA selects and designs these audit tasks to be of maximum impact by considering the risks to performance or compliance, the level of income or spending involved, forthcoming developments and political and public interest.

This report was produced by Audit Chamber IV – headed by ECA Member Neven Mates – which has a focus in the areas of regulation of markets and competitive economy. This audit was led by ECA Member Mr Rimantas Šadžius. He was supported in the preparation of the report by Mindaugas Pakštys, Tomas Mackevičius, Aušra Maziukaitė and Niamh Carey from his private office; Zacharias Kolias, director; and Kamila Lepkowska, head of task. The audit team consisted of Matthias Blaas, Vasileia Kalafati, Marion Kilhoffer, Anna Ludwikowska and Josef Sevcik. Linguistic support was provided by Mark Smith.

From left to right: Zacharias Kolias, Kamila Lepkowska, Tomas Mackevičius, Niamh Carey, Mindaugas Pakštys, Rimantas Šadžius, Matthias Blaas, Anna Ludwikowska, Josef Sevcik, Vasileia Kalafati, Aušra Maziukaitė.

Contact

EUROPEAN COURT OF AUDITORS
12, rue Alcide De Gasperi
1615 Luxembourg
LUXEMBOURG

Tel. +352 4398-1
Enquiries: eca.europa.eu/en/Pages/ContactForm.aspx
Website: eca.europa.eu
Twitter: @EUAuditors

More information on the European Union is available on the internet (http://europa.eu).

Luxembourg: Publications Office of the European Union, 2018

PDF ISBN 978-92-847-1200-7 ISSN 1977-5679 doi:10.2865/934198 QJ-AB-18-027-EN-N
HTML ISBN 978-92-847-1212-0 ISSN 1977-5679 doi:10.2865/579921 QJ-AB-18-027-EN-Q

© European Union, 2018.

For any use or reproduction of photos or other material that is not under the European Union copyright, permission must be sought directly from the copyright holders.

GETTING IN TOUCH WITH THE EU

In person
All over the European Union there are hundreds of Europe Direct Information Centres. You can find the address of the centre nearest you at: https://europa.eu/european-union/contact_en

On the phone or by e-mail
Europe Direct is a service that answers your questions about the European Union. You can contact this service

FINDING INFORMATION ABOUT THE EU

Online
Information about the European Union in all the official languages of the EU is available on the Europa website at: https://europa.eu/european-union/index_en

EU Publications
You can download or order free and priced EU publications from EU Bookshop at: https://publications.europa.eu/en/web/general-publications/publications. Multiple copies of free publications may be obtained by contacting Europe Direct or your local information centre (see https://europa.eu/european-union/contact_en)

EU law and related documents
For access to legal information from the EU, including all EU law since 1951 in all the official language versions, go to EUR-Lex at: http://eur-lex.europa.eu/homepage.html?locale=en

Open data from the EU
The EU Open Data Portal (http://data.europa.eu/euodp/en/data) provides access to datasets from the EU. Data can be downloaded and reused for free, both for commercial and non-commercial purposes.