• PIN 2 PIN 2 MANAGEMENT AND CONTROL OF RISK

    • PIN 2.1 PIN 2.1 Introduction

      • PIN 2.1.1 PIN 2.1.1

        This Chapter applies to every Insurer.

        • Guidance

          1. This Chapter expands on the relevant provisions in the context of an Insurer. All Authorised Persons are subject to the systems and controls provisions of GEN Chapter 3.
          2. APP2 contains guidance for Insurers in respect of specific areas of risk management that are of particular relevance to Insurers.

    • PIN 2.2 PIN 2.2 Risk management

      • PIN 2.2.1

        An Insurer's risk management systems must:

        (a) be appropriate to the size, mix of business and complexity of the Insurer's operations;
        (b) be based on an enterprise-wide risk management approach, which integrates risk management with the conduct of its business and operations;
        (c) address all material risks, both existing and potential risks, financial and non-financial, to which the Insurer is exposed or likely to be exposed;
        (d) describe the relationships between the Insurer's risk tolerance limits, its capital requirements, economic capital and the processes and methods for assuming, pricing, and monitoring risk; and
        (e) be supported by adequate risk management policies and procedures which explain the risks covered, the measurement approaches used, and the key assumptions made.

      • PIN 2.2.2

        The risk management systems maintained by an Insurer must include:

        (a) a clearly defined risk appetite statement which outlines the risk tolerance of the Authorised Person and is approved by its board;
        (b) a written risk management strategy approved by senior management, which in the opinion of senior management addresses all material risks to which the Insurer is likely to be exposed;
        (c) risk management policies and procedures that in the opinion of senior management are adequate to identify, assess, mitigate, control, monitor and report on the material risks to which the Insurer is exposed;
        (d) clearly defined risk limits, norms, pricing parameters which are consistent with the board approved risk appetite; and
        (e) clearly identified managerial responsibilities and controls, designed to ensure that the policies and procedures established for risk management are adhered to at all times.

      • PIN 2.2.3

        Subject to Rule 2.2.4, where an Insurer is a member of a Group, the Insurer must take reasonable actions to ensure that the Group as a whole complies with the requirements of Rule 2.1.1 and 2.2.2 as though the Group as a whole were an Insurer.

      • PIN 2.2.4 PIN 2.2.4

        Rule 2.2.3 does not apply in respect of a Group where the Insurer is not the Holding Company and where the Holding Company of the Group is another Insurer.

        • Guidance

          1. The effect of Rule 2.2.4 is to avoid unnecessary duplication arising from complex Group structures. If an Insurer is a member of a Group whose Holding Company is another Insurer, the first Insurer need not apply Rule 2.2.3 in respect of that Group, because the Insurer that is the Holding Company is already required to apply that Rule.
          2. An Insurer should describe how its risk limits, norms, and pricing policies described in Rule 2.2.1(d) link with its board approved risk appetite described in Rule 2.2.1(a), corporate objectives, business strategy and current circumstances. An Insurer is expected to incorporate its risk limits into its day-to-day operations and its risk management policies and procedures.

    • PIN 2.3 PIN 2.3 Management of particular risks

      • PIN 2.3.1

        An Insurer must develop, implement and maintain a risk management system to identify, assess, monitor, mitigate and control balance sheet risk, including but not limited to:

        (a) reserving risk;
        (b) investment risk (including risks associated with the use of derivatives);
        (c) underwriting risk;
        (d) claims management risk;
        (e) product design and pricing risk; and
        (f) liquidity management risk.

      • PIN 2.3.2

        An Insurer must develop, implement and maintain a risk management system to identify, assess, monitor, mitigate and control credit quality risk.

      • PIN 2.3.3

        An Insurer must develop, implement and maintain a risk management system to identify the operational risks faced by the Insurer, including but not limited to:

        (a) technology risk (including processing risks);
        (b) reputational risk;
        (c) fraud and other fiduciary risks;
        (d) compliance risk;
        (e) outsourcing risk;
        (f) business continuity planning risk;
        (g) legal risk; and
        (h) key person risk.

      • PIN 2.3.4

        An Insurer must develop, implement and maintain a risk management system to identify, assess, monitor, mitigate and control reinsurance risk. Reinsurance risk refers to risks associated with the Insurer's use of reinsurance arrangements as cedant.

      • PIN 2.3.5

        Without limiting the generality of Rule 2.3.4, an Insurer's risk management system in respect of its use of reinsurance arrangements must include the development, implementation and maintenance of a written reinsurance management strategy, appropriate to the size and complexity of the operations of the Insurer, defining and documenting the Insurer's objectives and strategy in respect of reinsurance arrangements.

      • PIN 2.3.6 PIN 2.3.6

        An Insurer must develop, implement and maintain a risk management system which includes an explicit asset-liability management ("ALM") policy, which must clearly specify the nature, role and extent of ALM activities and their relationship with any other relevant function or activity of the insurer including, but not limited to, product development, pricing functions and investment management.

        • Guidance

          1. An Insurer's ALM policy should be appropriate taking into account the nature, scale and complexity of its ALM risks.
          2. The ALM policy should include details as to how:
          (a) the investment and liability strategies adopted by the Insurer allow for the interaction between assets and liabilities;
          (b) any correlations between assets and liabilities are taken into account;
          (c) the liability cash flows will be met by cash inflows; and
          (d) the valuations of assets and liabilities will change under an appropriate range of different scenarios.

    • PIN 2.4 PIN 2.4 Record-keeping

      • PIN 2.4.1

        An Insurer must maintain adequate records to enable it to:

        (a) fulfil its obligations under Contracts of Insurance it has effected; and
        (b) demonstrate compliance with the Rules in this Rulebook.
        Amended on (3 February, 2020).

    • PIN 2.5 PIN 2.5 Insurers that undertake surety Insurance Business

      • PIN 2.5.1

        This section applies only to Insurers that undertake Insurance Business in Class 7(b).

      • PIN 2.5.2

        An Insurer that undertakes Insurance Business in Class 7(b) must ensure that:

        (a) in any reporting period, the amount of its Gross Written Premium attributable to Class 7(b) does not exceed 5% of its total Gross Written Premium in all classes of non-life insurance;
        (b) the Person insured under any Contract of Insurance in Class 7(b) is:
        (i) a Body Corporate; or
        (ii) if not a Body Corporate, a Person whose activities are primarily financial in nature;
        (c) at the time of effecting a Contract of Insurance in Class 7(b), the Person insured under that contract has a rating of BBB or better; and
        (d) the maximum period of any Contract of Insurance in Class 7(b) does not exceed twenty years.

      • PIN 2.5.3

        Rule 4.1.4 applies in respect of the determination of ratings for the purposes of Rule 2.5.2(c).

      • PIN 2.5.4 PIN 2.5.4

        (1) An Insurer intending to undertake Insurance Business in Class 7(b) must:
        (a) notify the Regulator in writing of its proposal to undertake such business; and
        (b) provide the Regulator with a regulatory business plan for the business intended to be undertaken, which includes but is not limited to comprehensive risk management strategy, risk pricing approach, reserving models, and actuarial methodologies to determine technical provisions required.
        (2) The Regulator may object to a proposal made by an Insurer under (1).
        (3) If the Regulator decides to exercise its power under (2), the Insurer may refer the matter to the Regulatory Committee for review.
        (4) An Insurer must not effect any Contract of Insurance in Class 7(b) if the Regulator has objected to a proposal it has made under (1).

        • Guidance

          The current requirements relating to Class 7(b) do not cater to monoline specialist financial guarantee insurers. However, if such an Insurer wishes to operate in ADGM, the Regulator may introduce requirements that should apply to such an Insurer. In doing so, the Regulator will consider capital adequacy and other requirements that apply generally to such specialist Insurers in other jurisdictions.