Report on the Thematic Review of Insurance Managers' Client Take-on Procedures

Page 1 of 4 REPORT ON THE THEMATIC REVIEW OF INSURANCE MANAGERS’ CLIENT TAKE ON PROCEDURES 24 July 2015

Page 2 of 4 Introduction During April and May 2015 the Commission undertook a series of thematic visits to Insurance Managers (“Managers”) licensed in Guernsey. The purpose of this thematic was to to review client sourcing and take on procedures of this sample group of Managers. The Commission was concerned with the Managers’ understanding of the business they were taking on, their assessment of the potential risks, including reputational risk, involved with each client structure and the process leading up to the submission of an application to the Commission. For the avoidance of doubt, the Commission did not assess the Managers’ compliance with the Handbook for Financial Services Businesses on Countering Financial Crime and Terrorist Financing. The thematic was partly prompted by some instances of poor quality applications where the Commission found adverse information on the applicant which had not been discovered by the Manager or where the business rationale was not apparent and could not be adequately explained by the Manager. Methodology The visits were undertaken by members of the Commission and two independent skilled persons with extensive experience in the industry. A selection of Managers, which were representative of a cross section of the industry, were visited after having been asked to provide information in advance relating to:  Details of all new business accepted in 2013 and 2014 whether or not it resulted in an application  Details of any business that was rejected by the Insurance Manager in 2013 and 2014 and reasons why  Details of internal client take on and Due Diligence policies and procedures  Sections of any Internal Audit Reports which report on any client take on and Due Diligence policies and procedures Each visit comprised of interviews with Compliance Officers, staff with new business responsibilities and also those with client servicing roles. The findings are based largely on those interviews although some limited file reviews were also undertaken. This report summarises the Commission’s findings and observations; licensees where improvements are needed have already received communication from the Commission. Findings and Observations The Commission found many areas of good practice but there are some issues which we would recommend be given further consideration.

Page 3 of 4 Good Practice Through these visits the Commission found that Managers, whilst varied, generally had a robust and structured approach to client take on. Procedures in each case were clear and were described consistently by different members of staff. From the limited file reviews carried out it did appear that procedures were being followed. Whilst some Managers actively seek out business, others await referrals from their wider group network. Some Managers have a dedicated new business function, whilst others share the work around client teams and the Managing Director. However, each of the Managers visited emphasised the importance of meeting the prospective client face to face; the Commission considers this to be good practice. There was generally good separation of the New Business and Compliance functions although the Commission recognises that this can be difficult for smaller operations. When outsourced Compliance functions were utilised these tended to focus mainly on AML/CFT compliance rather than on a wider understanding of the business proposed. The client take-on process generally included a four eyes function where an independent review of the client and client file was undertaken. Independent, in this case, meaning someone that has had no involvement with the prospective client or the creation of the client file. This is good practice although there was not a lot of evidence of challenge during the four eyes process and it appeared to provide an administrative review rather than a fundamental review of the proposed business. The Commission observed that both the reputation of the Manager and of the Bailiwick of Guernsey were actively considered when assessing the suitability of the prospective client. In some cases there was formal documentation to show that this had been considered. It was observed that some Managers charge for their time from the outset and that this was used as a form of vetting to see if the client was serious. Others make no charge for initial work, seeing this as a loss leader, and some charge for feasibility studies but then deduct that cost from the first year’s management fee. The Commission considers that this is a business decision rather than a regulatory issue. The use of risk registers is common and is a useful tool although only one manager had a clearly set risk appetite in relation to new business. Areas for further consideration The quality of the work undertaken by the Managers at client take on is not always reflected in the quality of applications submitted to the Commission. Concentration on preparing an application as a stand-alone document, which provides all the information the Commission will need, would be helpful in preventing delays in the consideration of new applications. Even if the application is related to an existing licensee or cell it should still be a complete document in its own right and not simply cross referenced to prior applications.

Page 4 of 4 In some cases there has been an over reliance on the Commission’s prior approval when transferring business between Managers. It should not be assumed that because a company is licensed, it does not have issues and more thorough due diligence, including making enquiries with the outgoing Manager and the independent NED, should be considered. It appeared, in some cases, to be taken at face value that a client has decided to change Managers when, in fact, the outgoing Manager may have resigned for good reasons. When utilising an outsourced compliance function the board should carefully consider the extent to which broader issues, beyond AML/CFT, will be addressed. Conclusion The Commission considers that the sample of Managers selected to undertake this thematic was a good representation of the Insurance Management industry within Guernsey. The Commission was encouraged by the efforts of the Managers in achieving a high quality, good practice approach. One area which could benefit from more consideration prior to the application stage is the extent to which members of the public are impacted by the structure proposed. Many insurance structures in Guernsey are designed so that a firm can benefit from its relationship with its customers. In such cases the Commission is concerned to understand how the licensee will ensure that such customers will be treated fairly. This is an area of significant reputational risk for Guernsey. Overall, the Commission did not expect to find many serious areas of concern and was pleased to find that this was confirmed. However, it is apparent that the changing nature of the business coming to Guernsey produces further and different risks to those produced by the more traditional FTSE 250 pure captive business that was historically the main source of business. Insurance Managers should be cognisant of the risks and be prepared to address those risks within the narrative business plan rather than waiting for the Commission to raise issues. In summary, Insurance Managers should:  Ensure they meet face to face with prospective clients  Separate new business and compliance functions  Have a robust four eyes review of applications  Consider the reputation of the Bailiwick when assessing new business  Have a clear risk appetite and a risk register  Not rely upon the Commission’s approval or no objection as part of the due diligence  Consider the limitations of outsourced compliance functions The Commission is grateful for the cooperation received from the licensees that took part in this thematic.