SECTION 2 Functions
Article 268Specific provisions
Insurance and reinsurance undertakings shall incorporate the functions and the associated reporting lines into the organisational structure in a way which ensures that each function is free from influences that may compromise the function's ability to undertake its duties in an objective, fair and independent manner. Each function shall operate under the ultimate responsibility of, and report to the administrative, management or supervisory body and shall, where appropriate, cooperate with the other functions in carrying out their roles.
The persons performing a function shall be able to communicate at their own initiative with any staff member and shall have the necessary authority, resources and expertise as well as unrestricted access to all relevant information necessary to carry out their responsibilities.
The persons performing a function shall promptly report any major problem in their area of responsibility to the administrative, management or supervisory body.
Article 269Risk management function
The risk management function shall include all of the following tasks:
assisting the administrative, management or supervisory body and other functions in the effective operation of the risk management system;
monitoring the risk management system;
monitoring the general risk profile of the undertaking as a whole;
detailed reporting on risk exposures and advising the administrative, management or supervisory body on risk management matters, including in relation to strategic affairs such as corporate strategy, mergers and acquisitions and major projects and investments;
identifying and assessing emerging risks.
The risk management function shall fulfil all of the following requirements:
fulfil the requirements set out in Article 44(5) of Directive 2009/138/EC;
liaise closely with the users of the outputs of the internal model;
co-operate closely with the actuarial function.
Article 270Compliance function
The compliance function of insurance and reinsurance undertakings shall establish a compliance policy and a compliance plan. The compliance policy shall define the responsibilities, competencies and reporting duties of the compliance function. The compliance plan shall set out the planned activities of the compliance function which take into account all relevant areas of the activities of insurance and reinsurance undertakings and their exposure to compliance risk.
The duties of the compliance function shall include assessing the adequacy of the measures adopted by the insurance or reinsurance undertaking to prevent non-compliance.
Article 271Internal audit function
The persons carrying out the internal audit function shall not assume any responsibility for any other function.
Notwithstanding paragraph 1, and in particular by respecting the principle of proportionality laid down in paragraphs 3 and 4 of Article 29 of Directive 2009/138/EC, the persons carrying out the internal audit function may also carry out other key functions, where all of the following conditions are met:
this is appropriate with respect to the nature, scale and complexity of the risks inherent in the undertaking's business;
no conflict of interest arises for the persons carrying out the internal audit function;
the costs of maintaining persons for the internal audit function that do not carry out other key functions would impose costs on the undertaking that would be disproportionate with respect to the total administrative expenses.
The internal audit function shall include all of the following tasks:
establish, implement and maintain an audit plan setting out the audit work to be undertaken in the upcoming years, taking into account all activities and the complete system of governance of the insurance or reinsurance undertaking;
take a risk-based approach in deciding its priorities;
report the audit plan to the administrative, management or supervisory body;
issue recommendations based on the result of work carried out in accordance with point (a) and submit a written report on its findings and recommendations to the administrative, management or supervisory body on at least an annual basis;
verifying compliance with the decisions taken by the administrative, management or supervisory body on the basis of those recommendations referred to in point (d).
Where necessary, the internal audit function may carry out audits which are not included in the audit plan.
Article 272Actuarial function
In coordinating the calculation of the technical provisions, the actuarial function shall include all of the following tasks:
apply methodologies and procedures to assess the sufficiency of technical provisions and to ensure that their calculation is consistent with the requirements set out in Articles 75 to 86 of Directive 2009/138/EC;
assess the uncertainty associated with the estimates made in the calculation of technical provisions;
ensure that any limitations of data used to calculate technical provisions are properly dealt with;
ensure that the most appropriate approximations for the purposes of calculating the best estimate are used in cases referred to in Article 82 of Directive 2009/138/EC;
ensure that homogeneous risk groups of insurance and reinsurance obligations are identified for an appropriate assessment of the underlying risks;
consider relevant information provided by financial markets and generally available data on underwriting risks and ensure that it is integrated into the assessment of technical provisions;
compare and justify any material differences in the calculation of technical provisions from year to year;
ensure that an appropriate assessment is provided of options and guarantees included in insurance and reinsurance contracts.
The actuarial function shall assess whether the methodologies and assumptions used in the calculation of the technical provisions are appropriate for the specific lines of business of the undertaking and for the way the business is managed, having regard to the available data.
The actuarial function shall assess whether the information technology systems used in the calculation of technical provisions sufficiently support the actuarial and statistical procedures.
The actuarial function shall, when comparing best estimates against experience, review the quality of past best estimates and use the insights gained from this assessment to improve the quality of current calculations. The comparison of best estimates against experience shall include comparisons between observed values and the estimates underlying the calculation of the best estimate, in order to draw conclusions on the appropriateness, accuracy and completeness of the data and assumptions used as well as on the methodologies applied in their calculation.
Information submitted to the administrative, management or supervisory body on the calculation of the technical provisions shall include at least a reasoned analysis on the reliability and adequacy of their calculation and on the sources and the degree of uncertainty of the estimate of the technical provisions. That reasoned analysis shall be supported by a sensitivity analysis that includes an investigation of the sensitivity of the technical provisions to each of the major risks underlying the obligations which are covered in the technical provisions. The actuarial function shall clearly estate and explain any concerns it may have concerning the adequacy of technical provisions.
Regarding the underwriting policy, the opinion to be expressed by the actuarial function in accordance with Article 48(1)(g) of Directive 2009/138/EC shall at least include conclusions regarding the following considerations:
sufficiency of the premiums to be earned to cover future claims and expenses, notably taking into consideration the underlying risks (including underwriting risks), and the impact of options and guarantees included in insurance and reinsurance contracts on the sufficiency of premiums;
the effect of inflation, legal risk, change in the composition of the undertaking's portfolio, and of systems which adjust the premiums policy-holders pay upwards or downwards depending on their claims history (bonus-malus systems) or similar systems, implemented in specific homogeneous risk groups;
the progressive tendency of a portfolio of insurance contracts to attract or retain insured persons with a higher risk profile (anti-selection).
Regarding the overall reinsurance arrangements, the opinion to be expressed by the actuarial function in accordance with Article 48(1)(h) of Directive 2009/138/EC shall include analysis on the adequacy of the following:
the undertaking's risk profile and underwriting policy;
reinsurance providers taking into account their credit standing;
the expected cover under stress scenarios in relation to the underwriting policy;
the calculation of the amounts recoverable from reinsurance contracts and special purpose vehicles.
The actuarial function shall produce a written report to be submitted to the administrative, management or supervisory body, at least annually. The report shall document all tasks that have been undertaken by the actuarial function and their results, and shall clearly identify any deficiencies and give recommendations as to how such deficiencies should be remedied.