This country-specific Q&A gives a pragmatic overview of the law and practice of insurance & reinsurance law in the United Kingdom.
It addresses topics such as contract regulation, licensing, penalties, policyholder protection, alternative dispute resolution as well as personal insight and opinion as to the future of the insurance market over the next five years.
This Q&A is part of the global guide to Insurance & Reinsurance. For a full list of jurisdictional Insurance & Reinsurance Q&As visit http://www.inhouselawyer.co.uk/index.php/practice-areas/insurance-reinsurance
How is the writing of insurance contracts regulated in the jurisdiction?
The regulation of insurers and reinsurers (collectively, "(re)insurers") in the United Kingdom ("UK") has undergone a period of substantial change following the 2007-2008 financial crises and the implementation of the Solvency II directive.
The Financial Services and Markets Act 2000 ("FSMA") established a system for the regulation of various “regulated activities”, as set out in the Financial Services and Markets Act 2000 (Regulated Activities Order) 2001 ("RAO"). Whilst the UK's regulatory framework derives mainly from FSMA and its related implementing legislation and rules, it is also substantially influenced by and, where required, implements various European laws, including the Solvency II Directive.
Under FSMA no person may carry on a "regulated activity" in the UK unless they are an "authorised person" or an "exempt person". Authorisation to carry on (re)insurance business in the UK may be obtained directly from the relevant UK regulator, or for a European head quartered (re)insurer firm, by passporting into the UK from that European head office's jurisdiction.
A review by the UK government in the wake of the crisis led in 2013 to the then single financial services regulator, the Financial Services Authority ("FSA"), being replaced by, and its functions distributed between, two new regulatory authorities, the Prudential Regulation Authority ("PRA") and the Financial Conduct Authority ("FCA") (together "the Regulators").
(Re)insurers are regulated by both the Regulators (and are therefore described as being "dual-regulated"), although the PRA acts as the "lead regulator" and therefore is the main point of contact for supervisory decisions. Insurance intermediaries are regulated by the FCA only (see further paragraph 4 below).
The UK's regulatory system also applies to Lloyd's of London ("Lloyd's), a specialist reinsurance market in the City of London within which multiple financial backers, grouped in syndicates, come together to pool and spread risk. Both Lloyd's and syndicates operating within it are dual-regulated. The majority of reinsurance business written by underwriters at Lloyd’s (also known as "members") is placed through brokers and both members and brokers are regulated by the FCA.
Are types of insurers regulated differently (i.e. life companies, reinsurers)?
In principle, all types of (re)insurers are regulated in the same way, all being (subject to a few exceptions) subject to Solvency II and to prudential regulation by the PRA.
The capital requirements under Solvency II are intended to be risk sensitive, realistic and market consistent, with (re)insurers having to hold sufficient assets to cover expected future liabilities. However, given the long-term duration of liabilities for life business in particular, there are a few provisions which relate specifically to life insurers. For example, the matching adjustment and volatility adjustment can be applied, with the consent of the PRA, to ensure that assets held to protect longer term liabilities are suitable and correctly reflect the risks associated with such contracts.
Conduct of business regulation for all (re)insurers falls under the remit of the FCA which has extensive rules relating to advertising and the promotion of insurance contracts, including rules to ensure the fair treatment of customers, for example. Broadly, conduct rules for life and long-term insurance business are governed by the FCA's Conduct of Business Sourcebook (COBS) whilst general business is covered by the Insurance Conduct of Business Sourcebook (ICOBS) – both sourcebooks are extended to apply to intermediaries also. The perceived risk to policyholders and efforts to reduce financial mis-selling influences the degree of regulation by the FCA, for example, sales of long term (i.e. life) insurance products which have an investment element to consumers are subject to additional requirements to ensure that customers are given as much information as possible before entering the contract.
Under FSMA reinsurers are treated as in the same way as direct insurers unless a rule specifies that they are excluded or subject to an alternative approach. There are certain provisions which are applied differently to "pure" reinsurers.
Are insurance brokers and other types of market intermediary subject to regulation?
Various activities undertaken in relation to contracts of insurance (including arranging a contract of insurance or assisting in the administration and performance and advising on contracts of insurance) are regulated under FSMA. Accordingly, authorisation must be sought from the FCA to act as an insurance intermediary (note that the PRA does not regulate insurance mediation).
It is also possible for an entity to become an appointed representative of a regulated firm in order to carry out mediation activities without itself being regulated, on the basis that the regulated principal has full responsibility for the actions of the appointed representative.
Is authorisation or a licence required and if so, how long does it take on average to obtain such permission?
Permission must be sought from the PRA to carry on insurance business in the UK, i.e. to effect or carry out a contract of insurance) and from the FCA to act as an insurance intermediary. In either case ‘Part 4A permission’ authorisation application must be made and the relevant Regulator must make a decision on complete application within 6 months. If permission is granted, then the firm will receive a ‘Scope of Permission’ notice which will state the regulated activities that the firm has permission to carry out, when the permission starts and any requirements or limitations that the firm may be subject to.
Authorised firms appear on a publicly searchable Financial Services Register which shows which permissions they have been granted in relation to regulated activities.
Are there restrictions over who owns or controls insurers (including restrictions on foreign ownership)?
It is a criminal offence to acquire or increase control in an insurer authorised in the UK without the prior approval of the PRA. The PRA may approve the change in control unconditionally, impose conditions or object to the acquisition.
A person will acquire control for their purposes if (i) they (alone or with their associated persons) hold 10% or more of the shares or voting power in an insurance undertaking (or its parent company) or (ii) they are able to exercise significant influence over the undertaking.
Approval by the PRA is also required when an existing controller proposes to increase its shareholding or voting power in an undertaking (or its parent company) above 20%, 30% or 50%.
There are no legislative restrictions on non-UK (or EU) nationals owning insurance companies.
Is it possible to insure risks without a licence or authorisation? (i.e. on a non-admitted basis)?
FSMA prohibits any person from undertaking a regulated activity by way of business in the UK without authorisation. However, simply insuring/reinsuring a policyholder/risk located in the UK does not itself amount to carrying out (re)insurance business in the UK unless activities are also carried on in the UK which amount to the effecting or carrying out of a contract of (re)insurance. Therefore, it is possible for overseas firms to structure their business such that, for the purposes of FSMA, they are not deemed to be carrying on (re)insurance business "in the UK". However, it should be noted that there is a significant amount of case law and regulatory guidance on the question of whether the business of an offshore (re)insurer is deemed to be carried on "in the UK" and the position is ultimately one to be determined on the basis of all the relevant facts and circumstances.
What penalty is available for those who operate without appropriate permission?
It is a criminal offence to undertake a regulated activity in the UK without permission, punishable by up to two years imprisonment or a fine. An agreement entered into without permission is unenforceable by the unregulated firm against the other party. A policy entered into by an unauthorised insurer is void at common law, accordingly the insured would be entitled to recover premium paid and can recover compensation for any loss sustained as a result of entering into a contract with an unauthorised business. There are limited exceptions that allow the contract to be upheld where just and equitable to do so.
How rigorous is the supervisory and enforcement environment?
The PRA and the FCA have extensive statutory enforcement powers set out in FSMA. Where someone has breached the prohibition on carrying out a regulated activity without permission they may be imprisoned or fined. The sanction of withdrawal of authorisation is available to the Regulators where a business ceases to meet the threshold conditions (that is the minimum requirements both Regulators require for authorisation). The Regulators can also vary permissions, censure firms and individuals publicly for breaches of regulatory requirements and impose financial penalties, apply for an injunction where either regulator believes that a person or business will contravene a requirement of FSMA, seek a restitution order to recover assets received in contravention of a regulatory requirement and issue a prohibition order against an individual carrying on a regulated activity.
Both the PRA and FCA have investigatory powers. The PRA has the ability to outsource investigations to either the FCA or a third party expert ("skilled person").
All regulated businesses are under an ongoing obligation to inform the regulator of anything relating to the firm of which the regulator would reasonably expect notice.
How is the solvency of insurers (and reinsurers where relevant) supervised?
UK (re)insurers are subject to the European Solvency II regime (introduced on 1 January 2016). Solvency II is a forward-looking risk-based capital regime which was implemented across the EEA from 1 January 2016. Solvency II replaces the previous Solvency I regime (set out in various separate insurance and reinsurance directives) which required insurers to use a formula-based approach when calculating solvency requirements rather than assessing individual risks. Solvency II uses a market consistent approach to value insurers' assets and liabilities (i.e. the price at which a willing buyer would take them).
The regime applies to most insurers and reinsurers with head offices in the EEA. The Solvency II directive is a 'maximum harmonisation' directive aiming to implement a consistent regulatory framework across the EEA. The directive is supplemented with a Delegated Act – an EU Regulation which is directly applicable in each EEA state. The regime is also supported by Technical Standards which are directly applicable, and guidelines produced by the European Insurance and Occupational Pensions Authority (“EIOPA”) which apply to member states on a 'comply or explain' basis.
The Solvency II framework is broadly structured into three pillars: quantitative requirements (Pillar 1); qualitative requirements and supervisory review (Pillar 2); and transparency requirements (reporting and disclosure) (Pillar 3).
In the UK the PRA has responsibility for ensuring that firms comply with Solvency II.
What are the minimum capital requirements?
Solvency II introduced a risk-based capital regime, requiring insurers to assess the individual risks they are subject to on both sides of the balance sheet and hold sufficient capital against these risks.
There are two capital requirements under Solvency II: the minimum capital requirement (“MCR”) and the solvency capital requirement (“SCR”). SCR is the quantity of capital required to be held to protect against unexpected losses over the following year subject to a confidence level of 99.5%. MCR is set at a lower threshold - a confidence level of 85%. Insurers calculate their SCR using a standard formula, which is a standardised calculation set out in the Delegated Acts, or (subject to prior regulatory approval) a full or partial internal model which is tailored to the risk profile of the particular insurer.
Life Insurers may also seek regulatory approval to apply a 'matching adjustment' when calculating their liabilities which provides capital relief when holding certain long-term assets which match the cash flows of a designated portfolio of life or annuity insurance and reinsurance obligations.
Breach of SCR triggers regulatory intervention, designed to ensure SCR capital levels are restored, and breach of MCR can lead to an insurer losing its authorisation if the breach is not remedied within three months.
Is there a policyholder protection scheme?
The Financial Services Compensation Scheme (“FSCS”) protects policyholders (including consumers and small businesses) should an insurer become insolvent. Compensation is only available for financial loss. In the event of insolvency 100% of a claim is protected in respect of a compulsory insurance policy, professional indemnity insurance or life and long-term sickness policies. In all other cases, 90% of the claim is protected.
How are groups supervised, if at all?
Under Solvency II groups are subject to supplementary supervision in addition to the solo supervision of individual insurance companies in order to protect policyholders against risks that might be present within a group but not necessarily apparent where only the individual insurance company is considered. The Solvency II Directive sets out the circumstances in which group supervision is triggered. Only one insurance entity within a corporate group need be headquartered in the UK (or elsewhere in the European Union) for group supervision to be applied.
Where a European headquartered Solvency II group is identified, it must hold eligible own funds equal to or in excess of a group SCR. Group own funds must be transferable and fungible across the group. The group capital requirement can be calculated using either a standard formula or an internal model (similar to individual entity capital requirements). The recognition of individual company own funds (in excess of any applicable solo capital requirement) at the group level depends on their availability and transferability between group entities. In addition, group-wide governance, reporting and intra-group transaction and risk concentration monitoring shall apply.
Where a group is headquartered outside the EU, Solvency II group supervision may still apply, either to a sub-group or to the worldwide group, depending, for example, on whether a finding of equivalence has been made in relation to relevant third country jurisdictions.
Do senior managers have to meet fit and proper requirements and/or be approved?
FSMA requires that individuals in certain ‘controlled’ functions must be approved by the regulators. Certain roles in the business are therefore either classified as Senior Insurance Management Functions (the list of functions identified by the PRA) or Approved Persons (the list of functions identified by the FCA). It is possible for an individual in a PRA function to also require approval for one of the FCA functions. Before taking up any controlled function an application must be made to the relevant regulator for approval. Both the PRA and FCA will seek to ensure that the individual is fit and proper for the role. They will consider the individual’s honesty, integrity and reputation as well as their competence and capability and financial soundness.
Solvency II requires that individuals in key functions within a (re)insurance business are fit and proper for their roles. This requirement exists alongside the Senior Insurance Management Functions and Approved Persons. Key function holders include all “persons who effectively run the undertaking” and those in “other key functions”, likely to include the board and senior management and other individuals who lead significant business units.
On 26 July 2017, the FCA and PRA published their proposals to extend the senior managers and certification regimes ("SM&CR") to the UK insurance sector. Fundamentally, via this extension, the Regulators aim to put the insurance industry under the same level of scrutiny as the banking sector, by enforcing individual accountability as a means of ensuring policyholder protection. The SM&CR proposals are likely to have a significant impact for UK firms currently subject to the PRA's senior accountability regimes.
Are there restrictions on outsourcing parts of the business?
In accordance with Solvency II, where an insurer outsources part of its business it will remain fully responsible for discharging all of its obligations under law, regulation and administrative provisions. Specifically, insurers must not outsource any critical or important part of the business in such a way as might lead to any material impairment in the quality of the firm’s systems of governance, any increase in operational risks, impairment of the ability of the supervisory authorities to monitor compliance or undermining of continuous and satisfactory service to policyholders.
How are sales of insurance supervised or controlled?
The FCA is obliged, under FSMA, to advance certain strategic objectives, including protecting customers. It is with these objectives in mind that the FCA has set out both rules and guidance in relation to sales of insurance policies. The requirements primarily seek to balance information asymmetries between the insurer and the policyholder; particularly where the policyholder is a consumer.
In addition to the rules and guidance set out in its Handbook, the FCA also requires all regulated firms to meet certain principles for businesses. Principle 6 requires firms to pay due regard to the interests of customers and treat them fairly. In order to meet these requirements, the FCA expects firms to meet six Treating Customers Fairly (“TCF”) objectives. The six objectives seek to ensure that products and services are marketed fairly, meet the needs of customers, are sold with clear and comprehensible information, any advice received is suitable and that customers do not face any post sales barriers.
Are consumer policies subject to restrictions? If so, briefly describe the range of protections offered to consumer policyholders.
Consumer policies must meet the requirements of the Consumer Rights Act 2015 (“CRA 2015”). The CRA 2015 prohibits the use of unfair contract terms in consumer agreements and consumer notices (including announcements, promotions and renewal letters). A term will be unfair if, contrary to the requirement of good faith it causes a significant imbalance in the parties’ rights and obligations under the contract, to the detriment of the consumer. Core terms (i.e. terms that either relate to the main subject matter of the contract or to the price to be paid) cannot be assessed for fairness to the extent that they are sufficiently transparent and prominent. Importantly, in insurance contracts core terms will include exclusions and conditions. To ensure that the insurer is able to rely on such terms both policy conditions and exclusions must be transparent (which will require drafting in plain and intelligible language) and also prominent (so that the consumer is sufficiently aware of the term). Certain terms are likely to be unfair such as high cancellation charges, terms that allow the insurer to determine the characteristics or price after the contract has been entered into. Any term found to be unfair will not bind a consumer.
Are the courts adept at handling complex commercial claims?
The commercial court in the High Court of Justice has a long history of dealing with complex insurance claims; the experience and quality of the judiciary that will hear international insurance claims is unrivalled. The English judiciary are widely regarded as impartial and expert in commercial disputes – frequently dealing with international parties. The extensive guidance provided by judicial precedent provides parties with a degree of certainty as to the outcome of commercial disputes.
Is alternative dispute resolution well established in the jurisdiction?
London Market insurers are some of the greatest users of alternative dispute resolution.
The UK is a signatory of the New York Convention. The use of both arbitration and mediation is well established. In England and Wales, the relevant law governing arbitration is contained in the Arbitration Act 1996 and any arbitration must be conducted within the framework of this Act. There are limited opportunities to appeal the decision of an arbitral tribunal.
What are the primary challenges to new market entrants?
The UK has a long-established and therefore mature insurance market that covers all product lines in life, general insurance and reinsurance and it has an infrastructure and depth of professional expertise rivalling any other global insurance hub. However, the past few years have seen extensive market consolidation in the pursuit of growth in an environment where rates have been falling, especially in competitive commercial lines. The soft market has resulted in low premium income in many lines and the ongoing low interest rate environment has made the operating environment challenging for any new market entrants.
The political and commercial uncertainty introduced following the EU referendum has meant that new market entrants do not have the same degree of certainty in relation to the breadth of market they can operate in as was the case before the Brexit vote. Potential new entrants looking to benefit from access to European markets may now consider jurisdictions other than the UK until there is greater clarity about the outcome of the UK Government’s plans to leave the EU.
In addition to market challenges, the UK is a highly regulated market. The cost of compliance can pose a significant challenge to new entrants, particularly in the light of the highly sophisticated Solvency II supervisory regime. On a more positive side, there have been a large number of Insurtech developments which offer insurers access to new data sources and a new customer base and may present an appealing proposition for new capital providers.
To what extent is the market being challenged by digital innovation?
The London Market is expected to be transformed by digital innovation such as distributed ledger technology (“DLT). From the sharing of identical information across networks, to the cryptography-based protections built into the technology, DLT represents an exciting development in the fight against cybercrime for insurance industry stakeholders.
Similarly, the harnessing and use of Big Data (a term referring to the increasing amount of digital information being generated and the analytical technologies which are being developed to make sense of this data) will change underwriting as insurers will have far greater access to personal (or at least risk-specific) information than ever before. With more personalised information and with automated processes, for example automated claims handling, insurers are seeing an opportunity to offer customers new product lines with potential cost savings.
Adapting to new business models will require significant investment (whether in research and development or acquisitions) by existing market players and start-ups are attracting funding. New market entrants that design their business models around new technology and the use of digital information may be able to steal a march on their competitors. In an overcrowded market, many existing product lines are likely to struggle without adaptation to the new digitally-reliant environment.
Over the next five years what type of business do you see taking a market lead?
Because of the pressures on growth in established markets UK insurers are likely to continue to seek growth in new markets such as Africa and Asia. Because of the regulatory and market pressures in Europe consolidation is likely to continue for the next few years. Buyers are likely to include investors from outside the traditional insurance markets, including private equity. For life businesses the quest for returns is likely to result in insurers investing in different asset classes such as infrastructure projects.
Cyber threats are challenging not just global business but also individuals and governments. Insurers that can genuinely offer credible solutions to both mitigate and manage cyber threats and adapt to the changing risk environment are likely to fare much better than those insurers relying on traditional product lines.