How rigorous is the supervisory and enforcement environment?
Insurance & Reinsurance (3rd edition)
SUSEP has comprehensive, adequate and rigorous legislation to punish administrative infractions. However, there is a general consensus amongst practitioners that the regulatory body needs to be modernized and better equipped to fulfill its institutional mission.
We view FINMA as being relatively strict in enforcing any violations against the applicable laws and in particular if companies operate in Switzerland without appropriate authorisation.
The FSC as the executive branch and the FSS as its executive arm rigorously supervise licensing, solvency, marketing and solicitation, underwriting and claims processes, etc. through examinations and periodic and/or special audits. The regulatory authorities strictly apply all aspects of the IBA and its subordinate regulations and decrees to insurers, reinsurers, agents, brokers, etc. The Korea Fair Trade Commission (“KFTC”) promotes consumer protection while seeking to eliminate anti-competitive behavior in relation to insurance rates and premiums, price-fixing and agreements between and among market participants.
Since 2018, the FSS continues to handle complaints made to various life insurers who allegedly mis-sold immediate annuities where holders of the annuities argued certain deposit amounts were wrongfully withheld at maturity. Also, since last year, there are a number of KFTC investigations related to bid-rigging allegations involving insurers and brokers.
Quite rigorous. The SBS is a solid entity in terms of audit, supervision and sanction. The General Law contains a development of its attributions and specific functions, providing the SBS with an appropriate control system over natural and legal persons under its supervision. Likewise, this is strengthened by the complaint mechanisms at disposal of insurance services users: the SBS claims portal (called “Defensoría del Asegurado”) and INDECOPI (consumer protection authority).
In 2018, CBIRC focused its supervisory on liquidity risks, solvency risks, corporate governance risks and fund investment risks. Also, in 2018, several new regulations were issued by the CBIRC to press ahead with the reform and development of the insurance industry, e.g. Notice of CBIRC on Liberalizing the Business Scope of Foreign-invested Insurance Brokerage Companies, Guidelines on Developing Individual Tax-deferred Commercial Pension Insurance Products, Notice of the CBIRC on Issues concerning the Establishment of Special Products by Insurance Asset Management Companies.
Based on the idea proposed by the CBIRC that “the main function of the insurance industry is to insure, the main function of CBIRC is to regulate”, 2019 will see the intensifying of insurance regulations, the active and prudent disposal of potential risks, and the promotion of supply-side structural reform, which will in turn give full play to the safeguarding function of insurance, and further ensure that the insurance industry serves the development of the economy and society.
The supervision and enforcement of insurance industry is touring towards a more rigorous end.
Following the implementation of the EU Solvency II Directive in 2016, the supervision and enforcement environment of insurance companies in Denmark have become in-creasingly tougher. Withdrawal of insurance companies’ licenses is, however, still very unusual in Denmark, and it has only been seen effectuated in very severe cases.
The French regulatory body, the ACPR, has two missions, namely: (i) the preservation of the stability of the financial system, and (ii) the protection of the clients, insureds, policyholders and beneficiaries of the insurers, reinsurers and intermediaries who operate under its control.
To these ends, the ACPR is empowered, inter alia, to:
- grant licenses,
- issue professional rules applicable to all insurance undertakings,
- investigate insurance undertakings, and
- hand down possible sanctions, such as warnings, reprimands, prohibitions from carrying out certain operations, temporary suspensions of entities’ directors and officers and partial or total withdrawal of entities’ licenses. The ACPR can also impose fines of up to 100 million euros or 10% of the entity’s annual turnover. It should be noted that the ACPR’s sanctions are published on its website and are not anonymized, which naturally constitutes an additional symbolic sanction and a significant deterrent.
Moreover, and as indicated above, certain violations of the applicable regulatory framework constitute criminal offences and can give rise to significant sanctions.
The ACPR rendered ten decisions in 2018, nine of which concerned the fight against money laundering and the financing of terrorist activities. As an example, the ACPR imposed a fine of €8,000,000 on an insurance company, on the grounds that its anti-money laundering and anti-terrorist financing safeguards and processes were inadequate, especially for a leading player on the French life and health insurance market and which belongs to the public sector (ACPR, 26 July 2018, n°2017-03).
In light of the above, there can be little doubt as to the fact that the supervisory and enforcement environment is indeed a rigorous one.
In recent years, the ACPR mainly focused its efforts on professional requirements (especially for insurance intermediaries), unclaimed life insurance policies, insurers’ duties to inform and advise potential insureds, corporate governance, unlawful writing of insurance contracts and anti-money laundering procedures.
BaFin has extensive supervisory powers which are, in particular, set out in Sections 294 to 310 of the Insurance Supervisory Act. In order to provide guidance on their supervisory practice, BaFin issues Interpretative Decisions (Auslegungsentscheidungen), Guidance Notices (Merkblätter) or Circular Letters (Rundschreiben) on several topics. Even though not technically legally binding, the Circular Letters in particular are usually deemed to be a clear indication of the regulator's expectations. Moreover, these publications will usually constitute a binding principle with the effect that BaFin has to treat similar cases alike.
The Commissioner of Insurance in Israel is very active. He has several teams who perform reviews and carry out unexpected checks of insurance companies and insurance agents. It investigates all complaints and issues appropriate sanctions, including revoking licenses. The financial sanctions imposed by the Commissioner can amount to millions of shekels.
When investigating breaches of the governing Acts, both APRA and ASIC have wide investigative powers to require all relevant information or persons with information to be produced or examined. The supervisory and enforcement approach of the regulators is dependent on the nature and severity of the contravention committed.
Unless significant contraventions have occurred, the focus for ASIC is on corrective and compensatory enforcement. The majority of contraventions are resolved through the issuing of infringement notices, recovering losses on behalf of entities, corrective disclosure orders and entering enforceable undertakings. Where the contravention is more serious, ASIC may seek criminal or civil penalties on the entities and individuals involved, extending to disqualifying individuals from providing financial services or managing a company.
With the overlap in the supervisory and enforcement responsibilities for APRA and ASIC, both regulators have a cooperation framework to guide their joint enforcement functions.
If there is suspicion that a company carries out (re)insurance activity or (re)insurance brokerage without the due authorization, IVASS requires the competent Tribunal to adopt the measures envisaged by article 2409 of the civil code or when the evidence are clear denounces the facts to the public prosecutor.
In all the other cases where IVASS has suspicion that an authorized company carries out (re)insurance activity in breach of the regulatory system or does not meet the solvency tests usually send out an inspective team and determine the extent of the breached or the shortage of the solvency limits. Of such inspective activity it is drafted a minutes signed by both the IVASS officer/s and the managers of the inspected company. Then a report with the proposed sanctions is notified to the inspected company and the latter has the opportunity to present their observations. If the observations are accepted, the sanctions are lifted otherwise confirmed and became executive.
It is worth to mention that anyone who obstructs the supervisory functions either refusing the access to the premises or denying the exhibition of documentation concerning the (re)insurance activity or of (re)insurance intermediation to IVASS officials may be punished with imprisonment of up to two years and a fine from ten thousand euros up to one hundred thousand euros.
Based on the Insurance Business Act, the regulatory authorities have the power to issue administrative dispositions to insurance companies, including orders to change the basic documents, orders for business improvement, orders for suspension of business, or orders for cancellation of a licence. In fact, a broad discretion has been given to the regulatory authorities, and those administrative dispositions against insurance companies invoked by the regulatory authorities are not necessarily based on the assumption that violations of law by insurance companies have taken place. With that as a background, entities targeted for supervision not only have to make sure that laws and regulations are being observed but must also follow the guidelines officially promulgated by the regulatory authorities (Comprehensive Guidelines for the Supervision of Insurers; the “Guidelines”).
The KNF exercises supervision and control over insurance and insurance intermediation activity within the scope set out in the Insurance Law, the Insurance Distribution Law and in the Act on Financial Market Supervision of 21 July 2006.
The KNF is generally responsible for granting authorisations and licences regarding regulated insurance and/or reinsurance activity and carrying out inspections in the regulated companies. It also performs disciplinary functions and initiates and/or opines on legislative changes. Its supervision of the financial market is aimed at ensuring its proper functioning, stability, security and transparency, trust in the financial market and protection of the interests of the participants by providing reliable information on the market.
The KNF issues recommendations, in which it sets out specific requirements for insurers in order to ensure compliance with the law, protect the interests of policyholders, to limit the risk occurring in their activities etc.
In the past, the KNF has also issued a number of guidelines for insurers. Such guidelines are not a formal source of law but rather a general indication of the KNF’s views on and interpretations of the law, nevertheless in practice they are observed by the market players.
The KNF analyses reports submitted by financial institutions and assesses whether they satisfy the capital requirements defined by law.
The KNF is generally open to cooperation with regulated entities but frequently takes a strict approach to the applicable regulations.
In the case of a violation of legal regulations, the KNF may impose financial penalties on regulated entities or their management board members or even withdraw the licence held by the financial institution.
From 2006 (i.e. the moment when the KNF was established) to the end of March 2018 the KNF has imposed 603 fines on regulated entities, with the highest one in the amount of PLN 5,700,000. The highest fine imposed on an insurance company amounted to PLN 2,300,000 (imposed in 2016 for delaying payments of insurance benefits and infringement of the information obligations).
Rigorous. There are considerable sanctions and fines applied by the CMF in recent years, for example in terms of prohibition of transactions between related parties, execution of activities outside the line of business authorised by law, as well as violation of rules on over-indebtedness.
Insurance and reinsurance operations in Mexico are regulated by both the Ministry of the Treasury and Public Credit (“SHCP”) and the CNSF.
The supervisory and enforcement environment contemplated in the LISF adopts a surveillance standard and framework similar to those established in the Securities Market Law and in the Banking Law, redefining the roles of the SHCP and the CNSF. In this regard, the LISF grants specific authority on a ‘macro’ level to the SHCP with respect to the design and operation of the insurance and bonding system, while the CNSF has the authority on all aspects related to the licensing and authorization procedures to insurance companies, going from their incorporation and operation to the revocation of their license and liquidation. Within this redistribution of capacities, the authority of the CNSF is broadened to grant such entity authority to issue general regulations aiming to regulate the insurance companies, which originally resided within the SHCP.
The new structure intends to standardize the legal framework of insurance and surety companies to that of other financial entities and regulators, which, in our opinion, creates an imbalance among the traditional authorities given to the SHCP as Ministry of State and regulator of financial activities, and the attributions now granted to the CNSF under the LISF, which, from being a technical and surveillance authority becomes a much more robust regulator of the insurance and bonding sectors, with new authorities while maintaining its supervisory role.
As a general rule, the SHCP has authority to interpret, implement and execute the LISF for administrative purposes. The CNSF has authority to grant and revoke authorisations to incorporate and operate insurance companies in Mexico, register reinsurance companies with the RGRE to take reinsurance from Mexican insurance companies and manage and operate the different registries contemplated in the LISF and CUSF, including the RGRE.
The CNSF is also responsible for supervising the operation of insurance and reinsurance companies and has authority to inspect, sanction and issue regulations applicable to the operations of Mexican insurance and reinsurance companies. All applicable regulations issued by the CNSF are compiled in the Circular.
The CNSF tends to be rigorous in the supervision and enforcement of regulations applicable to the operation of Mexican insurance companies and other market participants. However, such rigor is not evenly applied to all the aspects of insurance operations in Mexico, in some instances due to the difficulties to support breaches to the applicable laws and regulation as it is the case with the lack of significant precedents in the enforcement of legal and criminal actions against entities or individuals conducting non-admitted insurance operations on a cross-border basis or in certain activities that are deemed insurance operations such as prepaid health services.
Finally, insurance companies are also regulated by the National Commission for the Protection and Defence of Users of Financial Services (“CONDUSEF”), regarding protection to consumers of financial services (see Question 11 below).
The PRA and the FCA have extensive statutory enforcement powers set out in FSMA. Where someone has breached the prohibition on carrying out a regulated activity without permission they may be imprisoned or fined. The sanction of withdrawal of authorisation is available to the Regulators where a business ceases to meet the threshold conditions (that is the minimum requirements both Regulators require for authorisation). The Regulators can also vary permissions, censure firms and individuals publicly for breaches of regulatory requirements and impose financial penalties, apply for an injunction where either regulator believes that a person or business will contravene a requirement of FSMA, seek a restitution order to recover assets received in contravention of a regulatory requirement and issue a prohibition order against an individual carrying on a regulated activity.
Both the PRA and FCA have investigatory powers. The PRA has the ability to outsource investigations to either the FCA or a third party expert ("skilled person").
All regulated businesses are under an ongoing obligation to inform the regulator of anything relating to the firm of which the regulator would reasonably expect notice.
Since its inception in 2007, the IA has made huge strides in bringing the regulation of the UAE insurance market in line with international best practices. With regard to the IA, there has been a progressive increase in regulation (particularly since 2014), creating a robust legal framework in which insurers must operate. As the scope of IA governance includes insurance and reinsurance companies and licensed insurance intermediaries located or operating in the UAE it is evident that the supervisory environment is both wide-reaching and rigorous. In addition, the UAE has also witnessed an increase in regulators working cohesively, in order to strengthen confidence in the insurance market. Both the IA and the Emirates Securities and Commodities Authority (ESCA) recently launched the Middle East’s first financial advisory aggregator site (whichfinancialadviser.com (WFA)) which lists insurance advisory firms licensed and approved by the IA, the aim of which is to protect consumers from cold calling advisers and scammers.
Not only has the regulatory landscape increased but so has the enforcement of such regulations. Much of the enhanced scrutiny by the IA in relation to insurers and insurance intermediates has resulted in increased cooperation between the regulators and insurers and insurance intermediaries, which in turn provides both a strong and stable market providing conditions in which the market can thrive.
The NBB is no less rigorous than its larger neighbours in its scrutiny of prudential requirements and rules of conduct. Full and frank disclosure when preparing an application or responding to regulatory inquiry is required, but the NBB is also pragmatic, for example in the context of UK firms considering Belgium for their post-Brexit operations.
Enforcement of insurance rules by regulations varies depending upon the state in which any infraction takes place as well as other factors including the nature, severity, and scope of the infraction and any harm that it causes. As noted above, regulators have a broad array of enforcement actions that they may take in response to violations of their states’ laws, including monetary penalties, the suspension or revocation of licenses, and issuance of cease and desist orders.
The insurance sector is highly regulated and, as a consequence, the supervision and enforcement environment is quite rigorous. OJK’s supervisory powers, which are provided for under the Insurance Law, include, among other things: approving, rejecting and revoking insurance business licences; and approving and rejecting changes of controller, including by conducting fit and proper tests. OJK is also authorised to investigate insurance and reinsurance companies, and other parties affiliated with, or which provide services to, insurance companies.
OJK also exercises its supervisory powers through its review of reports, which are required to be regularly submitted to OJK by insurance and reinsurance companies. If a company fails to submit such reports, it may be subject to administrative sanctions, ranging from written warnings to the ultimate sanction of business licence revocation.
Further, OJK regularly conducts audits of insurance and reinsurance companies.
The insurance regulatory regime is highly regulated in India. The IRDAI has suo motu powers for undertaking inspection, conducting enquiries and investigations (including audit) of insurers, reinsurers, insurance intermediaries and other organizations who provide services within the insurance market.
Further, by way of the Insurance Laws (Amendment) Act 2015, the maximum penalty for non-compliance of the applicable regulations or directions issued by the IRDAI has been significantly increased from INR 5 lakh (c. US$ 7,226) to INR 1 crore (c. US$ 144,520).
The OIC has broad powers and authority to supervise insurance companies and businesses, as well as enforce compliance with regulatory requirements. For example, the OIC is empowered to announce regulations on several matters with which insurance companies must comply, such as matters regarding the collection of premiums, and wage or commission rates for insurance agents or brokers. With respect to the inspection, investigation and enforcement, the OIC is authorised to, among others, enter into the office of insurance companies, demand statements or documents to be provided to it, and order a temporary seizure of property of an offender. The approach of the OIC would be dependent on the nature and severity of the issued concerned.
In the past decade, there were several cases where the OIC demanded the revocation of a licence due to the licence holders’ non-compliance with requirements under the law. The supervision and enforcement environment of insurance companies by the OIC in Thailand has become increasingly rigorous and tough. Nonetheless, the OIC is generally open for corrective measures before serious sanctions, such as the revocation of a licence, are imposed.
With the implementation of the Solvency II Directive (2009/138/EC), the supervisory environment for insurance undertakings has become more stringent. In particular, the new regulatory regime introduced stricter rules as to solvency and capital requirements as well as reporting duties.
The FMA is vested with a wide range of powers to supervise insurance undertakings and enforce compliance with the supervisory rules. For example, the FMA monitors insurers closely, requires extensive stress tests and can conduct supervisory activities on-site. It can impose fines of up to EUR 100,000 for violations of supervisory rules.
Ireland has a long established efficient prudential regulatory infrastructure that complies with best international standards. The Central Bank is intent on ensuring a rigorous and effective supervisory and enforcement framework is in place. Under the Central Bank’s Administrative Sanctions Regime, the Central Bank has the power, where a breach is identified, to issue a supervisory warning, take supervisory action, agree a settlement, or refer the case to formal inquiry for determination and sanction.
As above, the Central Bank’s prudential supervisory framework, PRISM, focuses on the most significant firms, the risks they pose and the level of damage they could cause to the financial system, the economy and consumers if they were to fail. The Central Bank regularly conducts industry wide thematic reviews.
(Re)insurers are required to make quarterly and annual returns to the Central Bank.
We would not describe the supervisory environment for the insurance sector as rigorous in Norway. To our knowledge, the NFSA has not yet withdrawn a licence of an Norwegian licensed insurer, but there is a few cases for insurance intermediaries. We are not familiar with issuance of fines or other enforcement actions in the insurance sector initiated by the NFSA. We expect to see an increase in the number of fines issued by the NFSA related to the anti-money laundering obligations due to provisions set out in the 4th AML directive in the years to come.