Guidance Notes in relation to Auditor's Reports of insurers to be provided to the Isle of Man Financial Services Authority under the requirements of the Insurance Regulations 2025

Version 03 Issued on 30 September 2025 Guidance Notes in relation to Auditor’s Reports of insurers to be provided to the Isle of Man Financial Services Authority under the requirements of the Insurance Regulations 2025 Published by the Isle of Man Financial Services Authority under section 34 of the Insurance Act 2008 on 30 September 2025 INFORMATION In this document, where the Isle of Man Financial Services Authority indicates that it has exercised a power, this is not guidance but is information confirming that the power has been exercised as stated. STATUS OF THIS GUIDANCE The Authority issues guidance for various purposes including to illustrate best practice, to assist regulated entities (in this case authorised insurers, permit holders and registered insurance managers (as applicable)) to comply with legislation and to provide examples or illustrations. Guidance is, by its nature, not law, however it is persuasive. Where a person follows guidance this would tend to indicate compliance with the legislative provisions, and vice versa.

Isle of Man Financial Services Authority Version 03 Page 2 of 4 Issued on 30 September 2025 Contents

1. Interpretation and references ........................................................................................... 3
2. Introduction ....................................................................................................................... 3
3. Scope of Reporting ............................................................................................................. 3
4. Framework and level of assurance to be applied .............................................................. 4

Isle of Man Financial Services Authority Version 03 Page 3 of 4 Issued on 30 September 2025

1. Interpretation and references (1) In this document — “the Act” means the Insurance Act 2008; “the Authority” means the Isle of Man Financial Services Authority; “the Guidance Notes” means the Guidance Notes and Information Concerning the Insurance Regulations 2025 and the Corporate Governance Code of Practice for Insurers 2021; “the Regulations” means the Insurance Regulations 2025.
2. Introduction This guidance is published by the Authority under section 34 of the Insurance Act 2008, and is relevant to all authorised insurers and their auditors appointed under section 15 of the Act. This guidance sets out the level of independent assurance expected by the Authority under–

• regulation 19(6)(c)1 ; or
• in relation to an insurer that is a protected cell company, 19(6)(b)(ii)2 , (Auditor’s Report), as applicable to the insurer in question under the Regulations.

3. Scope of Reporting The current required form of Auditor’s Report (as applicable) can be found using the following links:

• in respect of regulation 19(6)(c): see form titled “Auditor’s Report” located on the Authority’s website.
• in respect of regulation 19(6)(b)(ii): see form titled “Auditor’s Report PCC version” located on the Authority’s website. This form (as applicable) is to be used in respect of long-term business insurers and non long-term business insurers, as the case may be. Paragraph (1) of the Auditor’s Report requires assurance in relation to certain elements of the regulatory returns of the insurer in question, as specified in footnote 2 of that Report. 1 As modified by the Authority in respect of non-commercial non long-term business insurers (the detail of that modification is set out under paragraph 5 of the Guidance Notes. 2 As inserted into regulation 19(6) by paragraph 8 of Schedule 5 to the Regulations, and as modified by the Authority in respect of non-commercial non long-term business insurers (the detail of that modification is set out under paragraph 5 of the Guidance Notes.

Isle of Man Financial Services Authority Version 03 Page 4 of 4 Issued on 30 September 2025 Paragraph (2) of the Auditor’s Report requires assurance in relation to certain certifications given by the directors of the insurer in question, as specified in paragraph (2) of that Report. 4. Framework and level of assurance to be applied In pursuing its regulatory objectives the Authority considers it important to provide guidance to auditors of insurers on the level of assurance it considers acceptable in order to reduce the risk of material misstatement of information reported to the Authority to a level that is appropriate. Where appropriate to the accounting standards adopted by the insurer in question in accordance with regulation 7 of the Regulations, the current version of the—

• International Standard on Assurance Engagements (UK) 3000 published by the Financial Reporting Council (FRC); or
• International Standard on Assurance Engagements 3000 (Revised) issued by the International Auditing and Assurance Standards Board (IAASB), Assurance Engagements Other Than Audits Or Reviews Of Historical Financial Information (the “ISAE 3000s”), or any successor of those standards (as applicable), provide a recognised framework that the Authority considers appropriate to be used for the Auditor’s Report. The relevant ISAE 3000 provides for both “reasonable assurance” and “limited assurance” reporting. In accordance with the framework set out under the relevant ISAE 3000, the Authority expects the assurance provided under—
• Paragraph (1) of the Auditor’s Report to be at the level of a “reasonable assurance” in the form set out in that paragraph; and
• Paragraph (2) of the Auditor’s Report to be at the level of a “limited assurance” in the form set out in that paragraph. In the Auditor’s Report a text box is provided in which any additional matters relevant to the above-mentioned assurances may be included, as indicated in the text in square brackets included within the box. All work necessary to providing the above-mentioned assurances should be planned and carried out in a manner that is consistent with the relevant ISAE 3000.