Insurer Annual Returns Thematic Review 2018

1 Insurer Annual Returns Thematic Review 2018

2 Foreword The Commission presents the findings of its 2018 Thematic Review of insurer annual returns. The online portal for annual return submissions first went live for insurance licensees in 2016. It was therefore felt appropriate at this time to review the completeness and accuracy of regulatory reporting through the portal. The quantitative information received as part of the annual return forms a key part of the Commission’s supervisory approach, particularly for those firms that undergo reactive supervision. This Thematic Review highlighted a range of practices from across the industry, including in the design of effective and proportionate controls for the completion and review of annual returns before submission. There were a number of good practices, and these have been highlighted throughout this report for consideration by industry. The Commission acknowledges that some mistakes are inevitable in even the best-designed processes. However, there was a considerable number and scope of errors within the sample of annual returns that were reviewed in detail. In particular, over a third of sampled returns demonstrated errors in the “Key figures (in Sterling)” subsection of the annual return, while 19% demonstrated errors in the regulatory solvency assessment. While it is difficult for a Thematic Review to identify the “root cause” for those errors, it does raise concerns regarding the effectiveness of licensee controls around regulatory reporting. The Commission therefore intends to request all insurance managers to perform a self-certification exercise of the effectiveness of controls around regulatory reporting. The involvement of auditors in this process would be optimal, and the Commission will look to progress this with both the insurance managers and auditors in the immediate future. The Commission also intends to issue further guidance on completion of the annual return, which is intended to improve consistency in the preparation of certain sections of the annual return form. Following publication of this Thematic Review, the additional guidance and any required remedial action from the firms, it is expected that there will be an improvement in the overall quality of regulatory reporting. This report reflects the findings from the Thematic Review, which are applicable to all insurers and insurance managers, and we hope the content will be useful to all firms submitting regulatory returns to the Commission. Jeremy Quick Director of Banking and Insurance Division November 2018

3 Contents

1. Scope...............................................................................................................................................4
2. Current Responsibilities of Licensees.............................................................................................5
3. Approach.........................................................................................................................................6
4. Key Findings: External Auditor Questionnaire...............................................................................7 4.1. Financial Information..................................................................................................................7 4.2. Solvency Information................................................................................................................10 4.3. Other Questionnaire Topics......................................................................................................12
5. Key Findings: Insurance Manager and Self-Managed Firms Information Request......................15 5.1 Formalisation of Review Policies.............................................................................................15 5.2 Suitability of Preparers and Reviewers.....................................................................................18
6. Key Findings: In-Depth Annual Return Assessment....................................................................20 6.1 Key Figures Section..................................................................................................................20 6.2 Solvency Assessments..............................................................................................................22 6.3 Other Areas of the Return .........................................................................................................24

4

1. Scope Insurer Annual Returns were selected to be the subject of a Thematic Review by the Banking and Insurance Division (“BID”), following an assessment of emerging patterns in regulatory reporting by licensed insurers and consideration of international standards. The purpose of the Thematic Review was to assess whether the information that BID receives within the annual returns, submitted on behalf of licensed insurers, was complete and accurate. Particular focus was paid to the quantitative information submitted, such as that contained within the regulatory solvency assessment (“RSA”). BID also wished to understand what controls were in place to ensure that the annual returns submitted to the Commission were correct. The data submitted as part of annual returns is highly important to the supervision of licensed insurers, particularly for those that undergo reactive supervision. Quantitative information submitted with the return is used to assess the financial condition of insurers, with particular attention paid to the financial performance and solvency of such firms. The legal and regulatory requirements of firms, as detailed in section 2, are intended to provide the Commission with the information it requires to perform its statutory duties in a proportionate manner. The Thematic Review was therefore focused on those insurers that undergo reactive supervision, for whose annual returns a less comprehensive review is undertaken. This enabled BID to gather information on a segment of its supervised population that, due to its impact profile, undergoes less frequent, more reactive engagement. This resulted in a total population for the Thematic Review of 315 insurers (excluding the individual cells of Protected Cell Companies (“PCCs”)), from which a sample of 32 was selected for detailed review. The thematic review examined the most recent annual returns that were submitted to the Commission by insurance licensees, so that observations and findings were as relevant as possible given the length of time that may have passed. These were primarily annual returns for 2017 year-ends, with a small number of returns within the sampled population having a 31 March 2018 year-end.

5 2. Current Responsibilities of Licensees All financial institutions should deal with the Commission in an open and co-operative manner and should keep the Commission promptly informed of anything concerning the financial institution which might reasonably be expected to be disclosed.1 Section 33 of the Insurance Business (Bailiwick of Guernsey) Law, 2002, requires licensed insurers to submit an annual return in respect of each financial year in such a form, and containing such particulars and accompanied by such documents, as specified in the Insurance Business (Annual Return) Regulations, 2008. Examples2 of the items to be provided with the annual return include:  The audited financial statements of the insurer for that financial year.  A copy of the auditor’s management letter, where one has been issued.  A calculation of the insurer’s capital resources required to be maintained by the firm in accordance with the Insurance Business (Solvency) Rules 2015. This is generally undertaken using the RSA spreadsheet maintained by the Commission.  The Own Solvency Capital Assessment (“OSCA”) required to be prepared under paragraph 198 of the Insurance Business (Solvency) Rules 2015.  For PCCs, the aggregated management accounts of the company as a whole. Financial information is also provided for each individual cell. The General Representative of the insurer is responsible for making any return, depositing any accounts, reports and other documents, or furnishing any information required by or under any provision of The Insurance Business (Bailiwick of Guernsey) Law, 2002.3 The General Representative must either be an executive director of the insurer ordinarily resident in the Bailiwick or a licensed insurance manager approved by the Commission.4 The Insurance Business (Bailiwick of Guernsey) Law, 2002, requires the external auditor of a licensed insurer to declare any respect in which, in their opinion, the information given in the annual return is inconsistent with the audited financial statements of the insurer for the financial year to which the annual return relates. 5 A guidance note issued by the Technical Committee of the Guernsey Society of Chartered and Certified Accountants (“GSCCA”) in December 2015 to its member firms stated that, to comply with the above, external auditors sould agree the financial information included within the audited financial statements to the annual return as appropriate. Where information included in the annual return did not form part of the audited financial statements this would be considered to be outside of the scope for the statutory audit of the insurer. In certain circumstances, subject to the external auditor’s professional judgement, the guidance note did state that the external auditor might perform additional procedures where there was a higher perceived level of risk attributable to the solvency of the insurer.

1 See principle 10 of the Principles of Conduct of Finance Business 2 Please note this is not an exhaustive list for those holding licenses under the above laws and has been restricted to those items relevant to this thematic review. Documents to be submitted with the annual return are contained within Regulation 1 of The Insurance Business (Annual Return) Regulations, 2008. 3 Refer to section 29 (2) of The Insurance Business (Bailiwick of Guernsey) Law, 2002 4 Refer to section 29 (1) of The Insurance Business (Bailiwick of Guernsey) Law, 2002 5 Refer to section 2 (c) of schedule 3 of The Insurance Business (Bailiwick of Guernsey) Law, 2002

6 3. Approach The Thematic Review consisted of three stages:  A Questionnaire was sent to 14 external audit firms that were identified as performing the statutory audits of licensed insurers. Questionnaire responses were completed by 13 of the 14 external audit firms, who audit 84% of licensed insurers.  An Information Request was sent to 14 licensed insurance managers and 3 self-managed licensed insurers. Responses were received from all firms.  An in-depth Assessment was performed on the annual returns of 32 licensed insurers, which represented over 70% of the total assets and gross written premiums of the sampled population. The Questionnaire sought responses in a number of areas relating to the procedures performed by external auditors to verify the consistency of the annual return, and relevant appended documentation, with the audited financial statements. These responses are considered in section 4 of this report. The Information Request sought responses on the procedures in place at, and control activities performed by, insurance managers and self-managed insurers with respect to the pre-submission review of the annual return. For insurance managers, an example insurance licensee was selected by the Commission for which evidence was requested to demonstrate the review process. These responses are considered in section 5 of this report. The Assessment was a desk-based review of a sample of insurer annual returns that were submitted using the Commission’s online portal. This considered the completeness and accuracy of the quantitative information included in those annual returns compared to the audited financial statements submitted with the annual return and any guidance available from the Commission’s website. Observations from this are considered in section 6 of this report. This approach enabled the Commission to identify a spread of good practice, relevant to licensed insurers in general, and to consider specific areas where improvements are required. This included where there was divergence among licensed insurers as to how key figures in the annual return were presented, or what financial statement line items should have been included to arrive at those figures. The following pages consider how firms are discharging their responsibilities. Areas of good practice have been highlighted by way of examples. These examples should not be taken as guidance and are in no way prescriptive as they may not be appropriate for every licensee, but rather considered proportionately in light of the nature, scale and complexity of that licensee’s business. Please note that all graphs contained within this report are based on Questionnaire and Information Request responses received unless otherwise stated. Respondents to the Questionnaire either were given free-form answer boxes or were able to select multiple options in answering a question.

7 0 1 2 3 4 5 6 7 Post Year-End Procedures Review of Closest Draft to Signing Date Reliance on Client Directors / Management Do not perform procedures Number of Firms Final Annual Return Verification What procedures do you perform to verify the completeness and accuracy of the “Key figures (in Sterling)” subsection under “Detailed Information” in the annual return? ” “ ” 4. Key Findings: External Auditor Questionnaire In this section, we examine the responses by external auditors to the questionnaire sent regarding insurer annual returns. Each question is framed within quotation marks below and areas of good practice, or areas which require improvement, are highlighted throughout. 4.1. Financial Information 4.1.1. Key Figures Section of the Return  10 of the 13 respondents (77%) stated that they verified this section to the audited financial statements of the licensed insurer.  1 of the 13 respondents (8%) stated that they verified this section in the subsequent year’s audit.  2 of the 13 respondents (15%) stated that they performed no procedures on this section. AREA FOR IMPROVEMENT: It is recommended that external audit firms review their procedures, to ensure that financial information present within the “Key figures (in Sterling)” subsection of the annual return is checked for consistency against the audited financial statements. 4.1.2. Verification Procedures on the “Final” Return Responses to this question showed a large degree of variability, with the most common themes identified including:  Review of the submitted annual return after the year-end, generally during the subsequent year audit, to verify that this was correct. “ How do you verify that the annual return submitted to the Commission, as well as the supporting documentation to the annual return, agrees to the version you have performed your procedures on?

8 4.1.2. Verification Procedures on the “Final” Return (continued)  Review of the most recent draft annual return to the signing of the audit report and financial statements, in order to limit the risk of subsequent changes.  Reliance on representations made by the insurance licensee that the annual return submitted is consistent with that reviewed by the auditor. None of the respondents commented on whether they undertook an assessment of the design and implementation of controls around pre-submission review of the annual return. A number of respondents did examine the controls around other aspects of regulatory reporting, such as review of the RSA, which are discussed in more detail later in this report. GOOD PRACTICE: A combination of comparing the “final” draft annual return with the audited financial statements and confirmation that the “final” draft was consistent with that submitted post year-end would appear to be strong procedures. The Commission would discourage solely relying on management representations in and of themselves, as this is a comparatively weak form of evidence, and recommends that auditors re-evaluate what procedures are necessary in order that they meet their regulatory requirements. POINT OF NOTE: 4 of the 13 respondents (31%) provided additional comments that focused on the difficulty of reviewing the final version of the annual return due to its online format, particularly in instances close to the reporting deadline, which meant that the version actually submitted to the Commission would not be reviewed by the auditor. This leads to auditors placing reliance on management that they would be informed of any changes prior to submission, which would otherwise not become known by the auditor until after submission. The Commission has taken note of the comments raised in this regard but, having given the matter consideration, is of the view that the combination of the areas of good practice above should reduce the risk of material error to a sufficiently low probability. AREA FOR IMPROVEMENT: For the avoidance of doubt, the Commission notes that verifying that the submitted annual return was consistent with the version that had already been reviewed by the external auditor is consistent with the legal requirements and GSCCA guidance outlined in section 3. As highlighted above, there are examples of potential procedures that, in the Commission’s view, would reduce the risk of error to a sufficiently low probability.

9 “ ” 0 1 2 3 4 5 6 7 Yes, we use materiality consistent with our audit No, we do not assess errors on the annual return by reference to materiality No, we ensure that the annual return agrees in its entirety to the audited financial statements Other (Use of a Clearly Trivial Threshold) Number of Firms Application of Materiality 4.1.3. Applying Materiality to the Return As can be seen above, the majority of respondents (77%) stated that they either ensured there were no differences between the annual return and the audited financial statements, or did so by reference to a de minimis threshold. Minor differences (such as rounding errors) would not affect the Commission’s assessment of the financial information provided. The use of a value below which errors are considered trivial in practice therefore appears reasonable. Do you assess errors in the annual return with reference to materiality?

10 ” ” 4.2. Solvency Information 4.2.1. Regulatory Solvency Assessment Spreadsheet Procedures  All of the 13 respondents (100%) stated that they reconciled the values within the “Balance Sheet” tab of the RSA to the financial statements upon which they performed their audit procedures.  3 of the 13 respondents (23%) stated explicitly that they checked the arithmetical accuracy of the solvency calculations or performed recalculation procedures.  2 of the 13 respondents (15%) stated they undertook specific procedures in assessing the various risk modules within the RSA. GOOD PRACTICE: An example of good practice was where two respondents compared the credit ratings used in the “Credit Risk” module of the RSA with those available either in the notes to the audited financial statements, independent rating agencies (for example, Moody’s or Standard & Poor’s), or both. A further example of good practice was where two respondents, in addition to assessing the arithmetical accuracy of the RSA, ensured the RSA spreadsheet used was the latest version from the Commission’s website, that the formulas within the spreadsheet were linked and operating correctly, and reviewed the validation checks within the “Validation Summary” tab of the spreadsheet. 4.2.2. Own Solvency Capital Assessment Procedures  10 of the 13 respondents (78%) stated that they reconciled the amounts included within the OSCA to audited financial information.  4 of the 13 respondents (31%) stated they checked the arithmetic accuracy of the solvency calculations in the OSCA and performed other recalculation procedures. In some cases, this was in addition to what was performed above.  1 of the 13 respondents (8%) stated they did not review the OSCA, but did assess the insurer’s review controls for the OSCA.  1 of the 13 respondents (8%) stated they performed no procedures on the OSCA. AREA FOR IMPROVEMENT: Where there are accounting values transposed from the audited financial statements to the OSCA, the Commission would expect these to be reviewed by the external audit firm. As noted in section 6.2.3, there were instances where accounting values within the OSCA were different to those in the audited financial statements. What procedures do you perform to verify the completeness and accuracy of the Regulatory Solvency Assessment submitted with the annual return? “ What procedures do you perform to verify the completeness and accuracy of the financial statement data, and the minimum and prescribed capital requirements within the Own Solvency Capital Assessment / Own Risk and Solvency Assessment submitted with the annual return? “

11 ” 4.2.3. Capital Resource Requirement Review  7 of the 13 respondents (54%) stated that they reviewed the calculations performed by the insurer for arithmetical accuracy. Some firms also re-performed the calculation, to ensure this was in line with the relevant rules.  4 of the 13 respondents (31%) stated they assessed the design and implementation of insurer’s review controls.  2 of the 13 respondents (15%) reviewed reporting of solvency breaches and correspondence with the Commission, in addition to other procedures, to assess whether requirements were met throughout the period.  1 of the 13 respondents (8%) stated the extent of procedures was dependent on the insurer’s apparent margin of solvency, and that no procedures had been performed on insurers they audited. GOOD PRACTICE: An example of good practice where external auditors assessed the review controls of the insurer was where they reviewed the minutes of the board of directors. As part of this, they evaluated the board’s assessment of the solvency position of the insurer and its review of the solvency calculation. This would appear a strong procedure to address this risk. AREA FOR IMPROVEMENT: The Commission is of the view that procedures relating to the regulatory solvency requirements of an insurer should not be solely dependent on the apparent level of excess capital held above a regulatory minimum. Material errors in the RSA spreadsheet could significantly affect the solvency position of an insurer. An insurer’s solvency is correlated with its ability to continue as a going concern and, as such, the Commission would expect this to be considered as part of an audit of financial statements. “ How do you assess whether the licensee has maintained sufficient capital resources in line with its legal requirements?

12 ” 0 1 2 3 4 5 Within the ISA 260 Letter / Final Report to the Board Within a separate Management Letter submitted to the Commission Orally to Those Charged with Governance Orally to Senior Management Other Number of Firms Reporting of Errors 4.3. Other Questionnaire Topics 4.3.1. Reporting of Errors Respondents (i.e. auditors) were generally consistent in the manner in which errors were reported. Where respondents selected “Other”, this was to clarify the order in which they would raise issues with a licensee. The general approach would be to raise the issue with management first and request that it be corrected. Where this was not corrected, the error would be included in a letter to the board of directors; this letter would be provided to the Commission. If it was sufficiently material, the external auditor would consider whether this should be raised in their audit report as an “other matter”. Respondents stated that errors raised with management around the annual return were corrected. The expectation of the external auditor is that the amended return would be submitted by management of the licensee to the Commission. The Commission felt reassured by the responses received that errors in the annual return are being reported in an appropriate manner to the management and the board of directors of licensed insurers. “ Where you find reportable errors in the annual return, or the documentation submitted with the annual return, how are these reported to the Commission and Those Charged with Governance?

13 0 1 2 3 4 5 6 Don't audit Protected Cell Companies Don’t perform procedures on the management accounts Use and review management accounts as part of firm's audit procedures Check consistency of aggregated management accounts to the audited financial statements Number of Firms Procedures on Aggregated Management Accounts of PCCs ” 4.3.2. PCC Procedures Respondents to part (a) of this question generally provided consistent responses, in that the management accounts for the PCC were used in order to scope audit procedures to be performed on individual cells. Where this was not explicitly mentioned, the majority of respondents stated that the aggregated management accounts were reconciled to the audited financial statements on which they form an opinion. AREA FOR IMPROVEMENT: The Commission expects the financial information provided for PCCs within their annual returns to be internally consistent with the audited financial statements. The totals for the line items within the aggregated management accounts would be expected to be consistent with the audited financial statements of the PCC. The external auditor is required to declare in the audit report any respect in which the financial information included in the annual return is inconsistent with the audited financial statements. The Commission would therefore expect the aggregated management account totals to be able to be reconciled to the audited financial statements. As is noted in section 6.3.1, there are instances where this information is not consistent within annual returns submitted to the Commission. “ For Protected Cell Companies (“PCCs”): What procedures do you perform to verify the completeness and accuracy of the following financial information submitted with the annual return: (a) The aggregated management accounts of the PCC as a whole; and (b) The financial information for the individual cells of the PCC?

14 0 1 2 3 4 5 6 7 Don't audit Protected Cell Companies Stated they do not perform procedures Perform audit procedures based on Protected Cell Company materiality Check consistency of submitted information with the aggregated management accounts / audited financial statements Number of Firms Procedures on Financial Information of Individual PCC Cells 4.3.2. PCC Procedures (continued) Respondents in the same manner to part (b) were equally consistent in their reviews of the material submitted for individual cells. The majority of respondents stated that they agreed the financial information for cells to the accounting records on which they performed their audit work, which were in turn agreed to the audited financial statements. 3 of the 13 respondents (23%) elaborated that they performed procedures on specific line items for each cell. These were chosen based on materiality or qualitative aspects for that balance (such as it being an unusual transaction for the type of business conducted by the cell). 2 respondents (15%) clarified in their responses that they formed an audit opinion on the PCC as a whole. In each case, the respondents clarified what financial information they reviewed as part of the annual return (which included the RSA). 1 of the 13 respondents (8%) stated they performed no procedures on the financial information submitted for individual PCC cells. AREA FOR IMPROVEMENT: As noted above, the Commission expects that financial information provided for individual PCC cells be assessed for consistency against the audited financial statements of the PCC; this includes ensuring that the individual cells total to the values reported for the PCC. Each cell of a PCC has its own capital requirements are part of the PCC’s overall requirements. 6 As such, external auditors should consider whether procedures consistent with 4.2.3 should be performed for individual cells.

6 The regulatory capital resource requirements of PCCs and cells of PCCs are detailed in paragraph 13 and paragraphs 24 – 34 of Part 2 of The Insurance Business (Bailiwick of Guernsey) Rules 2015 (as amended)

15 ” ” 0 1 2 3 4 5 6 7 8 Procedures Manual / Notes Checklists / Forms In Process of Being Formalised No Formal Policies in Place Number of Firms Annual Return Procedures Documentation 5. Key Findings: Insurance Manager and Self-Managed Firms Information Request 5.1 Formalisation of Review Policies The respondents demonstrated a wide range of different practices with regard to pre-submission reviews of the annual return. Insurance managers and self-managed insurers were requested to demonstrate how the pre-submission review was undertaken. This was captured by the following two questions: 5.1.1. Documentation of Review Policies  6 of the 17 respondents (35%) had procedures manuals or guidance notes for the completion of the annual return.  7 of the 17 respondents (41%) had checklists or forms in place, which needed to be completed and signed-off prior to submission.  2 of the 17 respondents (12%) were in the process of formalising policies for the review of the annual return.  2 of the 17 respondents (12%) had no formal policies in place. GOOD PRACTICE: For one example, the checklist used in preparing the annual return was highly detailed. It included a separate point for each area of the annual return, which needed to be signed-off by the preparer and reviewer, and included details specific to the category of licensee (for example, including requirements around actuarial review for life insurers with long term business). The level of documentation for such procedures is a choice for the licensee, and should be proportionate to the nature and complexity of their business. However, all such documentation should be sufficiently detailed to ensure the annual return is completed accurately. Please provide a copy of the current policies and procedures relating to the preparation and review of Form 133 of the Insurance Manager / Firm (being the online Insurer Annual “ Return). Please provide a copy of the documentation evidencing the review of the latest Form 133 submitted to the Commission by the Insurance Manager for the “ Firm / by the Firm.

16 0 2 4 6 8 Online Portal Submissions Completion of Checklist Board Meeting Physical Review Informal or No Review Number of Firms Annual Return Review Process 5.1.2. Evidencing Review Processes in Practice Turning to review processes, the Commission observed a great deal of variability in terms of how review processes were controlled and documented by firms, as can be seen below.  6 of the 17 respondents (35%) used functionality within the online submissions portal itself to control the review process.  4 of the 17 respondents (24%) used completion and sign-off of checklists.  3 of the 17 respondents (18%) presented the documentation submitted with the annual return for review and sign-off by the board of directors.  2 of the 17 respondents (12%) used sign￾off through a manual, physical of the annual return.  2 of the 17 respondents (12%) had either informal or no independent review processes in place for the annual return. In our review of the information provided by insurance managers and self-managed licensees there was a large degree of variation in the extent of documentation held to demonstrate review; this reflected the differing size and complexity of the licensed insurers in question. Where formal review processes were in place, sufficient information was available to demonstrate the documentation that had been reviewed, as well as the level of detail of the review. GOOD PRACTICE: Those respondents that used the online submissions portal demonstrated broadly similar practices. For example, the preparer of the annual return would be given write-only privileges, and would complete the form and upload the relevant documentation for the annual return. A separate person would act as reviewer and would have permission to submit the form. In one case, all persons within the insurance manager that held this permission were approved by the board of directors of the insurance manager. The submission of the annual return in each case acted as confirmation that the annual return was completed appropriately. Caution should be taken, however, to ensure that there is an audit trail for any corrections made prior to submission.

17 5.1.2. Evidencing Review Processes in Practice (continued) AREA FOR IMPROVEMENT: For the avoidance of doubt, it is unacceptable for regulatory returns submitted to the Commission not to undergo sufficient independent review prior to submission. All firms must have robust review processes, to ensure that the annual return as a whole that is submitted to the Commission is complete and accurate. Given the findings above, as well as those discussed further in section 6, this is an area of ongoing focus for the Commission. To ensure that complete and accurate data is submitted the Commission will request all insurance managers to self-certify that the control processes around submission of the annual return are: I. designed appropriately for the size, nature and complexity of the licensees for which it acts as general representative; and II. operating effectively to mitigate the risk of error in the insurer annual return form and accompanying documents. Given the statutory obligations of external auditors, it is considered helpful were they also to be involved in the self-certification process in some way. The Commission will work with firms and industry bodies in the immediate future to consider the most appropriate way forward.

18 ” 0 1 2 3 4 5 6 7 8 9 Account Manager / Executive Multiple Administration Personnel Director of the Manager / Firm Number of Firms Annual Return Preparer 5.2 Suitability of Preparers and Reviewers 5.2.1. Annual Return Preparer Staff undertaking preparation of the annual return showed an appropriate level of experience and seniority to undertake their tasks, with the spread of persons involved reflecting the variability in size and complexity of firms. GOOD PRACTICE: In one example where multiple personnel were involved in preparing the annual return, a mixture of staff from accounting, administration and client executive areas were involved. This provides an appropriate balance of skills and knowledge, which should work to reduce the likelihood of error in certain areas of the return. POINT OF NOTE: It would normally not be expected for directors and senior management to be involved as preparers in this process. It was therefore interesting to note that 6 of the 17 respondents (35%) stated that a director of the insurance manager or firm prepared the annual return. This was generally the case for smaller insurance managers or insurers. While this is not inherently a poor practice, insurance managers need to be comfortable that the staff members reviewing the annual return have sufficient knowledge of the insurer, particularly where they may be less involved in its day-to-day administration. “ Please confirm the name(s) and title(s) of the staff engaged in the preparation of the latest Form 133 submitted to the Commission by the Insurance Manager for the Firm / the Firm.

19 ” 0 1 2 3 4 5 6 7 8 Client Service Director / Senior Manager Director of the Manager / Firm Compliance Officer / MLRO Number of Firms Annual Return Reviewer 5.2.2. Annual Return Reviewer The review was undertaken by a senior individual within the Insurance Manager, being either an executive director, the client services director for that licensee, or a senior member of compliance. POINT OF NOTE: In the instances where the annual return is reviewed and submitted by a member of compliance, there is a risk that they do not have sufficient knowledge of either the specific client or accounting to know whether some components of the return have been completed correctly. This risk was acknowledged by several respondents, who stated that their preference was for the client services director to submit the return. Compliance would only become involved for instances of staff absences. Staff reviewing the annual return should ensure they have an appropriate mix of experience and knowledge to review the return, in order to minimise the likelihood of error. “ Please confirm the name(s) and title(s) of the staff responsible for the pre￾submission review of the latest Form 133 submitted to the Commission by the Insurance Manager for the Firm / the Firm.

20 6. Key Findings: In-Depth Annual Return Assessment 6.1 Key Figures Section As part of this subsection, we consider the observations and areas for improvement noted in the review of the annual return itself, as opposed to documents submitted alongside the annual return. This review was undertaken by reference to the relevant audited financial statements. 6.1.1. Misstatement of Return Figures Within the “Key figures (in Sterling)” section of the annual returns that were examined, 11 of the 32 sampled returns (34%) contained errors. In a number of cases, these were material by value. These included:  Transposition of an incorrect value from the audited financial statements into the annual return. Examples of this included the use of retained profit rather than profit for the year, using the value for total assets rather than total equity, and the use of a value for underwriting expenses that did not match the audited financial statements.  Amounts being incorrectly included or omitted from headings in the annual return that were correctly present in the audited financial statements. For example, the total assets figure in the annual return excluding non-current assets.  The audited financial statements being presented in a non-Sterling currency but not being converted into Sterling when being transposed into the annual return. AREA FOR IMPROVEMENT: The frequency and size of these errors are much higher than the Commission expects, and licensees must consider how best to improve their policies and procedures in order to avoid such issues. This will be an area of supervisory focus and where similar errors are identified for licensees in the future the Commission will consider what further action may be required. The Commission will write to those licensed insurers where significant errors were identified as part of this Thematic Review, requiring the firm in question to correct those errors identified. This is in addition to the actions stated in section 5.1.2.

21 6.1.2. Variation in Classification of Return Figures In transposing values from the audited financial statements to the annual return, there was a wide range of practices for how certain values were included under specific headings in the “Key figures (in Sterling)” subsection. This creates inconsistency amongst return data, which makes data analysis more difficult and results in less desirable outcomes from a supervisory perspective. Examples of variability identified include:  The inclusion of other forms of underwriting income, such as fronting fees and commission fee income, under the heading “Net earned premium” by some licensees.  The inclusion of other income sources within “Underwriting expenses (inc. Claims)” or “Non￾underwriting expenses”. This included, for example, fronting fee income and interest income on fixed income instruments.  Foreign exchange gains and losses being included as part of “Non-underwriting expenses” for some licensees and not others.  Recoveries from outwards reinsurance contracts not being adjusted in “Underwriting expenses (inc. claims)”. POINT OF NOTE: In all cases, the above has the effect of reducing comparability between licensees that could be considered part of the same peer group. In a number of instances, the adjustments would appear to overstate ratios of underwriting performance. The Commission will therefore consider issuing future guidance, in order to standardise the completion of sections of the annual return (such as the “Key figures (in Sterling)” subsection). 6.1.3. Insufficiently Detailed Financial Statements There were a number of instances where the audited financial statements and notes did not provide sufficient detail to allow the Commission to reconcile these to values included within the “Key figures (in Sterling)” section of the annual return. An example of this was that a net figure was provided for underwriting income for 2 of the 32 sampled licensees (6%) with no accompanying note to provide further detail, which meant that the “Gross written premium” figure could not be reconciled. The implication of this is that the information provided to the Commission may not be easily verifiable without additional requests being made to licensees for information. AREA FOR IMPROVEMENT: Annual returns should include sufficient detail to enable verification of the financial information provided within the return. This can be achieved either through additional detail being included within the notes to the audited financial statements or through the inclusion of supplementary information within the annual return. Consideration should be given by the licensee as to which method would be most appropriate for their particular circumstances.

22 6.2 Solvency Assessments As part of this subsection, we consider the observations and areas for improvement noted in the review of the RSA spreadsheet and the OSCA included with the annual return submitted to the Commission. 6.2.1. Misstatement of RSA 6 of the 32 sampled firms (19%) had errors within their RSA. Examples of such errors include:  Absolute differences between the RSA and the audited financial statements in respect of “Prepayment and other debtors”, which could not be reconciled to other line items.  Values in the “Accounting Basis” column within the balance sheet presented in the RSA not agreeing to those presented in the audited financial statements, but rather to an actuarial assessment or the OSCA. The guidance accompanying the spreadsheet clearly states the “Accounting Basis” column should agree to the audited financial statements.  Offsetting line items for technical provisions and reinsurer’s share of technical provisions being excluded in their entirety from the RSA. This did not trigger any validation check errors in the RSA, due to the offsetting nature of the items. AREA FOR IMPROVEMENT: Because such errors have the potential to overstate the capital position and solvency of a firm, they present a real risk. In addition to the self-certification process noted previously, the Commission will write separately to those licensed insurers where material errors were identified within the RSA spreadsheet as part of this Thematic Review, requiring the firm in question to correct those errors identified.

23 6.2.2. Misclassification of Items in the RSA 14 of the 32 sampled firms (44%) misclassified items when transposing figures from the audited financial statements to the RSA spreadsheet. Examples of this include:  Fixed term deposits and certificates of deposit being included within “Cash and cash equivalents”, where these meet the definition of a “Deposit” within the spreadsheet.  Investments in money market and fixed income instruments being classified as “Investment funds”, where these are in fact held via a discretionary mandate with an investment manager rather than in an actual collective investment scheme. No capital charges were entered into the market risk module where this was the case.  Insurance reserves being presented on a net basis under a single header in the balance sheet within the RSA, rather than being presented on a gross basis and classified as the individual types of insurance reserve they actually represent.  Assets that are held to back unit-linked policyholder liabilities being recorded under other categories, such as “Investment funds”.  Loans to associated parties being instead recorded within “Prepayments and other debtors”. POINT OF NOTE: The Commission requires that the guidance within the RSA spreadsheet must be followed in its preparation, as this ensures the correct capital charges are computed. Errors such as the above risk misstating the capital position and solvency of the firm in question. Where such errors are identified and where these materially alter the firm’s minimum capital requirement or prescribed capital requirement ratios, the Commission will consider what further action is necessary to remediate these issues. 6.2.3. Errors within the OSCA7 3 of the 32 sampled firms (9%) had errors within their OSCA. 2 firms (6%) included values for the minimum capital requirement and prescribed capital requirement within the OSCA that did not match the RSA. A further one sampled firm (3%) calculated their level of capital within the OSCA based on values that did not agree to the audited financial statements. POINT OF NOTE: Firms should ensure that, where the assessment period for the OSCA is coterminous with the financial year, the RSA and the OSCA are consistent.

7 Refer to section 4.2.2, to which this finding is inter-related.

24 6.2.3. Errors within the OSCA (continued) Additionally, 5 of the 32 sampled firms (16%) did not include an OSCA with their annual return, nor did they include an explanation as to why this was not included. POINT OF NOTE: While there are acceptable reasons for non-inclusion of an OSCA under the Insurance Business (Solvency) Rules 2015, the Commission requires a rationale to be provided in all cases where an OSCA is not included as part of the return. The Commission will therefore look to make this a mandatory requirement for future annual returns. 6.3 Other Areas of the Return As part of this subsection, we consider the observations and areas for improvement noted in the review of other areas of the annual return. 6.3.1. Inconsistency of PCC Aggregated Management Accounts8 PCCs are required to submit consolidated management accounts with the annual return, pursuant to the Insurance Business (Annual Return) Regulations, 2008. This is in order to allow supervisors to reconcile the audited financial statements to the aggregated value of the individual cells of the PCC. There was one sampled firm where the aggregated management accounts did not agree to the audited financial statements. This was due to adjustments that were made in the allocation of expenses, which were not reflected in the aggregated management accounts. AREA FOR IMPROVEMENT: The Commission expects the financial information submitted with the annual return to be internally consistent with the audited financial statements. 6.3.2. Incorrect Audit Report Option Selected The annual return includes a question around whether a modified opinion or emphasis of matter has been included in the audit report. Firms are explicitly asked to select “No” where a derogation from the disclosure requirements of paragraphs 4.4 to 4.9 of FRS 103 – Insurance Contracts. 3 of the 32 sampled firms (9%) incorrectly selected “Yes” where either no such modification or emphasis of matter was included, or where one was included but this related to an FRS 103 derogation. One sampled firm (3%) selected “No” where an emphasis of matter was included with respect of significant uncertainty relating to the calculation of claims reserves. AREA FOR IMPROVEMENT: It is important that such entries are selected correctly, as firm’s should be reporting issues raised by their auditor in an open and honest manner to the Commission. In addition, false-positives or incorrect selections result in an inefficient allocation of resources on the part of the Commission.

8 Refer to section 4.2.2, to which this finding is inter-related.

25 6.3.3. Non-Inclusion of Parent Entity Audited Accounts for Branches For the annual returns of all branches that were sampled, no audited financial statements were provided for the parent entity. The general practice was that the management accounts for the branch were provided, with agreed upon procedures being performed by the external auditor to verify these had been correctly extracted from the financial information of the parent entity that had been audited. While this practice does provide the Commission with comfort that the financial information it is provided is complete and accurate, non-inclusion of the parent entity audited financial statements could make it difficult for the Commission’s ability to assess the financial condition and solvency where the parent company does not make its financial statements publically available. POINT OF NOTE: The Commission acknowledges this is an area where information has not previously been requested, and as such this is an area that will require future consideration. This will need to take account of what risks this would be used to assess, in addition to what information is already readily available for the Commission to make such an assessment.