In June 2024, the Central Bank of Ireland (“Central Bank”) published its (“Newsletter”). The Newsletter is an important communication tool used by the Central Bank to convey news and insights relevant to the insurance sector as well as the Central Bank’s expectations and priorities around existing requirements and views on future developments.

Some key highlights from this edition include;

1. Insights into Natural Catastrophe (“NatCat”) Modelling

The Central Bank explain that it is working with EIOPA on the topic of NatCat modelling and that it has a particular focus on “monitoring the flood and risk protection gap in Ireland”. In accordance with this work, the Central Bank recently completed a Thematic Review of NatCat modelling for its regulated insurance firms. This review contained two phases.

• Phase 1 issued a survey to 20 in - scope firms to provide a high level overview of material NatCat exposures in Ireland, the range of modelling practices and possible limitations and risks of approach taken.
• Phase 2 was an in depth examination of 6 firms and how they approach the risk management associated with the use of NatCat models and how they comply with relevant regulations.

Exposures and modelling practices

The wide range of NatCat exposures highlight the diversity of the Irish insurance market. Roughly 60% of the Irish insurance sector’s NatCat exposures exposure relates to European risks, primarily Ireland (18%), Germany (10%) and the UK (6%). The remaining 40%  risks located outside of Europe. The majority of firms use both internal and external models for NatCat modelling.

Exposure data granularity was “reasonably good” particularly internal data fed into external vendor models primarily on Group expertise and support for the modelling of their NatCat risks. This method can be beneficial in terms of expertise, however an increased amount of local oversight and involvement is required in some cases.

Observations and good practice:

The Central Bank outlined a number of observations and good practices which it states may assist firms in improving their NatCat risk modelling practices.

• Maintaining a model change log outlining the details of the model  changes over time;
• Firms are required to complete an Own Solvency Needs Assessment in order to identify any material limitations in the Standard Formula calibration for their risk profile. If the firm concludes that the Standard Formula is appropriate for the NatCat risk profile, documentation should be available which supports this conclusion. Irish Flood is not included in the current version of the Standard Formula 1 and it was noticed that some insurers with exposures to Irish Flood risk did not identify this limitation;
• The Central Bank advises firms to review the material of their reliance on group and to consider the appropriateness of the governance over such activity.
• An area for improvement throughout the industry is the Board oversight of NatCat risks. Additionally, the Central Bank highlighted that raining should be provided in correlation with the firm’s scale and complexity of NatCat exposures; and
• Firms are expected to consider gross risk exposures and if appropriate, model them and to have a strong second line oversight and challenge regarding the effectiveness of reinsurance.

2. Individual Accountability Framework

The Central Bank reminds firms which are captured by SEAR of their core obligations from 1 July 2024. Of note in particular are the comments regarding the seeking of approval for PCF’s (with the exception of ((I)NEDs). That firms must submit a Statement of Responsibilities for that proposed PCF holder with the Individual Questionnaire (IQ). A guide on how the Central Bank Portal is to be used for the SEAR, including how to submit a Statement of Responsibilities with an IQ, will be published on our website on 1 July 2024.

Additionally, the Central Bank’s comments regarding implementation of IAF are noteworthy. They explain that from 1 July 2024, their initial supervisory focus will be on reviewing the Statement of Responsibilities along with their corresponding IQ. This focus will expand throughout the year and by 2025, other elements of IAF will enhance supervisory engagements. The Central Bank will be requesting two – way engagement on the implementation experience.

3. Sustainable Insurance Updates

Double Materiality – Climate Risk Guidance and the CSRD

The Central Bank shines a spotlight on the principle of double materiality. It speaks to the cross over between the treatment of double materiality under CSRD and under the Central Bank’s own Climate Change Guidance. While the Central Bank’s Guidance is framed  on financial risk, the CSRD focuses on the impact of a firm’s climate activities and how risks and opportunities affect the financial position of the company. The Central Bank maintains that they “see there being benefits in aligning the approach between the two in relation to climate change risk”.

EIOPA Sustainability Activities

Sustainability continues to be a priority for EIOPA and the Central Bank. The Newsletter provides high level summaries in respect of some recent communications from EIOPA.

4. Insurance Updates

Stakeholder engagement

As ever, the Central Bank acknowledges the importance of stakeholder engagement and highlights upcoming sector speaking engagements and events. Of particular importance is the flagging by the Central Bank of a number of forthcoming thematic and information requests that will occur in Q3 of 2024. They include:

• The National Claims Information Database – analysis of the cost of claims, the cost of premiums, and claims settlement patterns in July 2024;
• A Pricing and Underwriting Review – focus on Commercial Pricing and Home Insurance Underwriting in Q3 2024;
• A DORA Register of Information ‘Dry Run’ Exercise in Q3 2024; and
• A Risk ‘Sentiment’ Survey in August or September 2024.

Dividend Distributions and Intercompany Loans

The Central Bank strongly requires insurance firms and their Boards to exercise prudence with regards to proposals to make dividend distributions and attentively examine the impact of those proposals of the financial resilience of the firm. (Re)insurance firms are no longer obligated to alert their supervisors before any proposal to pay a dividend or to make or increase intercompany loans, as was the case during covid, however, they must continue to comply with supervisory requirements under Solvency II and evidence compliance with the Central Bank’s own guidance on Intragroup Transactions and Exposures.

5. DORA

The Central Bank provides some guidance to insurers regarding the implementation of DORA. In particular, the modification impact of Solvency II, namely Article 41 which now requires insurance and reinsurance undertakings to “set up and manage network and information systems in accordance with EU 2022 / 2554”. Solvency II will also refer to particular DORA requirements on implementing measures regarding governance requirements, risk management, internal controls and internal audit.

Finally, the Central Bank explains that at the “current time, all firms should have a good understanding of the requirements set out in DORA and the supporting RTS / ITS that are available, and have started a gap analysis to their existing frameworks, policies and processes. This analysis should inform the work required to achieve DORA compliance by January 2025”.

On 21 June 2024, the Central Bank of Ireland ("Central Bank") published the latest edition of its "Intermediary Times" newsletter, a twice yearly publication by the Retail Intermediaries supervision team of the Central Bank's Consumer Protection Directorate. The newsletter covers topics of interest, significant work and regulatory issues that retail intermediary firms need to be aware of.

Some key highlights from this edition include:

Thematic Review of MCC and KYC / Sustainability  

The Central Bank highlighted its recently released Thematic Review (“Review”) findings on Retail Intermediaries’ compliance with the Minimum Competency Code (“MCC”), Know Your Customer (“KYC”), and suitability requirements of the Consumer Protection Code ("CPC").  In particular, it summarised weaknesses as well as the good practices identified during the Review and set out its expectations and actions as follows:

• all retail intermediaries must meet minimum MCC and KYC / suitability compliance standards regardless of firm size;  and
• the Central Bank expects all Retail Intermediaries to review the findings and complete the required actions outlined in the industry letter which was recently sent. Firms must document their review and have an action plan approved by senior management by 31 August 2024.  This document and evidence of senior management signoff must be available for future review. 

This industry letter was considered in more detail in FIG Top 5 at 5 dated 6 June 2024.

Regulatory and Supervisory Outlook Report – February 2024

The Central Bank brought firm’s attention to the Regulatory and Supervisory Outlook Report, which details key trends and risks shaping the financial sector and underscoring priorities for the next two years.  Regarding Retail Intermediaries in particular, it explains that the Report highlighted the following:

• Risk that customers’ needs are not being adequately met;
• Commissions and ineffective disclosure risks; and 
• Changing operational landscape.

This Report was considered in more detail in the FIG Top 5 at 5 dated 7 March 2024.

Mortgage Intermediary License Renewal Update – Q4 2023

The Central Bank explains that it has launched the mortgage intermediary license renewal initiative to help firms with time-dated licenses obtain “evergreen” licenses.  Over 50 firms expressed interest, with applications prioritised by license expiry date. Two groups of firms have been invited to submit their applications to date, the first group are nearly all authorised and the second group are currently going through the authorisation process. The Central Bank offered advice to future applicants as follows: 

1. ensuring client information aligns with authorisation types; 
2. that financial data matches annual returns; and 
3. turnover provided must be accurate and in line with market averages. 

Certificate of Authorisations/Registrations

The process for requesting replacement certificates of authorisation or registration under the Investment Intermediaries Act 1995, EU (Insurance Distribution) Regulations 2018, EU (Consumer Mortgage Credit Agreements) Regulations 2016, and the Consumer Credit Act 1995 has changed.  Firms must now submit a specific ‘Change Request’ via the Central Bank’s portal to obtain replacement certificates. 

Consumer Protection Code Review Update - March 2024

The Central Bank provides a brief summary of the ongoing review of the Consumer Protection Code highlighting in particular, proposals regarding securing customers interests, developing a more integrated, accessible code and the importance of stakeholder engagement. 

Changes to Professional Indemnity Insurance Limits

The Central Bank explains that changes to Professional Indemnity Insurance (“PII”) set out in draft Regulation technical standards in June 2023 were published in the Official Journal and apply from 9 October 2024. Importantly, the Central bank explains firms must ensure their PII meets these new requirements. 

Individual Accountability Framework ("IAF")

The Central Bank provides a summary of the elements of the IAF which apply to intermediaries and individuals in Controlled Function (“CF”) roles, including conduct standards and amendments to the Fitness and Probity (“F&P”) Regime.

• Conduct Standards: The IAF sets Conduct Standards for firms and their employees, applicable across all sectors. These include Common Conduct Standards for CFs and Additional Conduct Standards for significant influence roles like CF-1.
• Certification:  Under the IAF, firms must annually certify that CFs including Pre-Approval Controlled Functions (“PCF”), comply with F&P standards.  The Central Bank’s guidance specifies firms must submit annual confirmations to the Central Bank: one for each PCF role holder and another confirming overall certification for other CF role holders.  Initial submissions for the 2024 calendar year can begin from 1 January 2025, per the PCF Annual Confirmation Guidance.

Phishing Emails

The Central Bank highlights the need for firms to be aware of the risks associated with phishing emails and sets out a number of steps which firms could take to better protect themselves. 

Industry Funding Levy 2023

The Central Bank reminds firms that the Industry Funding Levy notices for 2023 are scheduled to be issued later this year and stresses the importance of accurately report fees and commission income in the firm’s Annual Return’s Financial Information section.  Common errors which firms should be aware of include:

• keying mistakes and inaccuracies in reporting gross fee and commission income before deductions;
• firms reporting zero income must justify this in the return.  It's crucial that all figures are supported by documentary evidence, such as audited or management accounts, available for Central Bank review upon request; and 
• firms not actively trading should explain their need for Central Bank authorisation or consider a voluntary revocation application if no longer trading.

Thematic Review on Early Mortgage Arrears - April 2024

Finally, the Central Bank provided a high level summary of the findings of its Thematic Review on Early Mortgage Arrears including highlighting expectations for regulated firms in safeguarding consumers amidst economic changes.  The review assessed how effectively firms manage the borrower journey, particularly in terms of engagement and communication during early arrears.  While the consumer protection framework generally supports borrowers engaging in the Mortgage Arrears Resolution Process ("MARP"), the review identified areas for enhancement, including clearer information provision and improved borrower support throughout MARP stages.  The Central Bank emphasised the critical role of robust customer service in ensuring borrowers receive timely and accurate assistance, emphasising that early engagement remains pivotal in achieving satisfactory outcomes. 

For more details on this thematic review, please see the FIG Top 5 at 5 dated 2 May 2024.

On 18 June 2024, the three European Supervisory Authorities (“ESAs”) issued a Joint Opinion on the assessment of Sustainable Finance Disclosure Regulation (“SFDR”) to the European Commission (“Commission”). The Joint Opinion is largely based on two consumer testing exercises which found the current SFDR ‘complicated and hard to read’, as some of the market material labels used mis-sold products as of sustainable quality and undermined the intention of the disclosures. The following are some of the recommendations made.

The ESAs have made proposals to the SFDR to include more simplified frameworks that balance the green transition and consumer protection, with a focus on the way categories for financial products can be introduced. The proposals take the form of two voluntary product categories that firms can use to educate customers, particularly retail investors, on their product’s purpose and reduce greenwashing risks:

• Sustainable; and
• Transition.

These categories would have clear criteria or thresholds to be met to define the product category, with the sustainability indicator referring to product environmental sustainability, social sustainability, or both, with this indication illustrated in a scale. The benefit of this categorisation, the ESAs believe, would be the sustainability disclosures not needing to be as extensively detailed as is required under the current SFDR.

Additionally, the Joint Opinion recommended the Commission reexamine the definitions ‘Taxonomy-aligned investment’ in the EU Taxonomy (“Taxonomy”) and of ‘sustainable investment’ contained in the SFDR. In particular, the ESAs prioritise the completion of the Taxonomy to include social sustainability in its overall classification of sustainable investment decisions, which utilises scientific-based methodologies for its environmental sustainability measurements. Regarding the definition of a ‘sustainable investment’ under Article 2(17) of the SFDR, the ESAs have recommended that it be revisited, in tandem with the suggestions referring to Articles 8 and 9, as it too is open to interpretation by firms as to what should be disclosed as a sustainable investment. Therefore, the definition should be based on a more prescriptive methodology that is less flexible and is applied more uniformly to firms making self-disclosures regarding the sustainability of their investments.

The ESAs also recommended that improvements in disclosures for retail and institutional investors be catered for separately, taking into account the distribution methods and consistency of information disseminated. The key difference being, the ESAs opined, that retail investors be prioritised with only essential information, with institutional investors subsequently receiving the option of more in-depth disclosure information.

Next Steps

It should be noted that the Joint Opinion is an initiative of the ESAs that is not legally binding on the Commission. We will monitor the Commission’s review of the SFDR Framework and indicate if any of the ESAs recommendations are reflected in the Commission’s final position.

1. The EBA updates the Pillar 3 disclosure framework finalising the implementation of the Basel III Pillar 3 framework

On 21 June 2024, the European Banking Authority (“EBA”) published a final draft implementing technical standards (“ITS”) on public disclosures by institutions that implement the changes in the Pillar 3 disclosure framework introduced by Capital Requirements Regulation III (“CRR 3”). These ITS are aimed at ensuring that market participants will have adequate information to assess the risk profiles of institutions and to comprehend the compliance with the CRR 3 requirements.

The new ITS implement the CRR 3 prudential disclosures by introducing new requirements on:

• output floor;
• credit risk;
• market risk;
• CVA risk;
• operational risk; and
• a transitional disclosure on exposures to crypto – assets. 

These ITS comprise the first Pillar 3 deliverable that featured in the EBA Roadmap on strengthening the prudential framework which was released in December 2023. The ITS will repeal Commission Implementing Regulation (EU) 2021 / 637  to make technical standards more user – friendly for institutions.

2. Jose Manuel Campa speech on the final phase of Basel III implementation

On 19 June 2024, Jose Manuel Campa, Chairperson of the European Banking Authority (“EBA”) delivered a speech on the final phase of  the Basel III implementation. In his speech, he outlined the current stage of Basel III, the risk perspectives that are being observed and what the EBA is working towards.

Operational Risk

The EBA is responsible for delivering a broad spectrum of technical mandates outlined in the EU Banking Package (“Package”). This is done through a phased approach by developing a comprehensive set of regulatory and implementing technical standards. The new Package granted the EBA 140 mandates mainly consisting of technical standards (60), guidelines (29) and reports and opinions (37). To clarify the development of the mandates to stakeholders, a Roadmap was published in December 2023 which was discussed in the FIG Top 5 at 5 dated 14 December 2023.

An important area for operationalisation: reporting

In the supervisory reporting and Pillar 3 disclosures, the EBA follows a two step approach. Step 1 prioritises the mandates and changes that resulted from CRR 3 and CRD VI which are necessary to implement Basel III requirements in the EU. In Step 2, the EBA will implement the disclosure requirements which are not related to Basel III along with requirements that depend on other level 2 substance policy mandates. The consultation papers regarding this disclosure were published in December. For more details, please see FIG Top 5 5 at dated 21 December 2024.

Mr Compa also highlighted the consultation papers covering crypto assets and operational risk which were published in February 2024. For more details, please see FIG Top 5 at 5 dated 14 March 2024.

Finally, he explained that the two final draft technical standards for Step 1 disclosure and reporting frameworks are likely to be published in June / July – see the above update for details.

Coherent Implementation

The implementation of the Basel III framework is essential for guaranteeing global financial stability. Mr. Campa highlighted the EBA’s support for the implementation of the Basel III framework stating that international convergence across all jurisdictions is essential for attaining an internationally consistent standard.

IRRBB

Another task for the EBA is to ensure that the banks are managing interest rate risk alongside the European Central Bank (“ECB”). In last year’s stress test, the EBA published the size of the portfolios that had the highest yield to maturity, including the hedges that had this type of interest rate to match the risk associated with the portfolio. The EBA commented on their plans for the IRRBB focusing on three sections; the regulatory framework, the scrutiny plans to date and the main areas of examination that were identified. Mr Campa explained that the findings from this is that there are some policy aspects requiring further examination such as proportionality aspects and consistent exchanges with regulators and supervisors.

Sustainability

Mr. Campa explained that evidence shows that climate change and the associated requirement to move to an environmentally stable economy will expose the financial sector to many risks and opportunities. Clear ESG risk management is required as only a strong banking sector can fund the transition towards a sustainable European economy. This can be achieved by a phased regulatory approach. The EBA plays a crucial role in providing the supervisory tools towards supporting the European banking sector towards the objectives of transitioning to a more sustainable economy. The EBA’s objectives are outlined in the EBA roadmap on sustainable finance and ESG risk.

Technology

Mr Campa detailed that in relation to the EBA, the cyber and innovation agenda can be split into:

• implementing existing legislation ie DORA and MiCA;
• the EBA’s thematic priorities;
• monitoring of policy initiatives; and
• guaranteeing that supervision does not fall behind technological advances.

Mr Campa provided high level details of the work that the EBA is doing on each of the fronts.

Deposit Insurance Scheme and Crisis Management

Mr Campa concluded by stressing the importance of completing the Banking Union and particularly a European Insurance Scheme.

The past seven days have seen a significant number of legislative developments published in the European Union’s Official Journal (“EU OJ”), marking the beginning of various implementation phases.  The following is a summary of some key developments:

AML Package

On 19 June 2024, the following three pieces of anti-money laundering legislation were published in the EU OJ:

• Regulation on the Prevention of the use of the Financial System for Money Laundering or Terrorist Financing ((EU) 2024/1624)
• Effective Implementation Date: 9 July 2024
• Regulation establishing the Anti-Money Laundering Authority ((EU) 2024/1620) –Effective Implementation Date: 26 June 2024
• 6^th Money Laundering Directive ((EU) 2024/1640)
• Effective Implementation Date: 9 July 2024
• Transposition Deadlines:
  • General: 10 July 2027
  • Article 71: 10 July 2025
  • Article 11-13, 15: 10 July 2026
  • Article 18: 10 July 2029

Banking Package

On 19 June 2024, the following components of the EU banking package was published in the EU OJ:

• Regulation Amending the Capital Requirements Regulation (575/2013) ("CRR") ((EU) 2024/1623)
  • Effective Implementation Date: 9 July 2024
    
• Directive Amending the CRD IV Directive (2013/36/EU) ((EU) 2024/1619)
• Effective Implementation Date: 9 July 2024
• Transposition Deadlines:
  • General: 10 July 2027
  • Article 1(4) and (5): 10 July 2029

Directive on Cross-Border Law Enforcement Access to Bank Account Registries.

On 29 June 2024, the directive on Cross-Border Law Enforcement Access to Bank Account Registries was published in the EU OJ

• Directive Amending Directive (EU) 2019/1153 ((EU) 2024/1654)
  • Effective Implementation Date: 9 July 2024
  • General Compliance Deadline: 10 July 2027
  • Specific Compliance Deadline for BARIS (Article 1(4) and (5)): 10 July 2029

Delegated regulations on ICT incident classification, contractual policy, and risk management tools under DORA published in OJ:

On 25 June 2024, Delegated Regulations supplementing DORA were published in the EU OJ.  These include:

• Regulation (EU) 2024/1772 sets standards for identifying and reporting major ICT incidents and cyber threats.
• Regulation (EU) 2024/1773 details what should be included in contracts with third-party ICT service providers, especially those supporting critical functions. 
• Regulation (EU) 2024/1774 outlines tools and methods for managing ICT risks and provides a simplified risk management framework. 

These regulations will take effect on 15 July 2024.

Delegated Regulation on the RTS for prudential consolidation of investment firm groups under IFR published in OJ.

On 25 June 2024, a Delegated Regulation was published in the EU OJ containing regulatory technical standards ("RTS") specifying the scope and methods for prudential consolidation of an investment firm group under the Investment firm Regulation. 

On 19 June 2024, the Council of the EU (“Council”) agreed on a proposal to simplify reporting requirements in financial services and investment support.  This proposal updates existing rules on data sharing between European Supervisory Authorities ("ESAs") and other financial sector authorities to reduce administrative burdens.  It rationalises reporting requirements, enhancing data-sharing efficiency and easing administrative tasks for national administrators and financial sector entities.

The Council’s position notes:

• support for proposal objectives;
• agrees with the measures to streamline reporting and data sharing;
• that information exchange should involve the ESAs and the European Systematic Risk Board;
• the European Central Bank's single supervisory mechanism and the single resolution board are included, while the AMLA is excluded, pending revaluation in two years; and
• authorities may grant access to information to the commission and third parties under specific conditions.

Next Steps: The European Parliament adopted its negotiating mandate on 12 March 2024.  This agreement allows interinstitutional negotiations to begin in order to finalise the text. 

On 19 June 2024, the Council agreed that it had a negotiating mandate to review the crisis management and deposit insurance ("CMDI") framework for banks.  This review aims to enhance the EU crisis management framework, particularly for small and medium-sized banks, and supports the completion of the Banking Union as agreed by Eurogroup in June 2022 through a series of legislative proposals including:

1. safeguards to prevent moral hazard;
2. proper burden sharing;
3. stricter requirements for banks with assets between €30 billion and €80 billion;
4. general preference for deposits in insolvency rankings; and
5. outlines the permissible forms of public financial support in extraordinary circumstances.

Next Steps: The European Parliament adopted its position in April 2024. This agreement sets the stage for interinstitutional negotiations, aiming to reach an agreement in the early second reading.