Preparing for a Risk-Focused Financial Examination
Understanding the Process - The risk-focused process for the conduct of on-site financial examinations is an important milestone in state regulators’ efforts to develop a more effective, integrated and efficient approach to the financial regulation of insurers. The process is based on the identification, understanding and assessment of organization-wide business risks. It builds upon risk-based capital requirements and other regulatory tools that seek to identify and address the risks specific to the business activities and operations of each insurer. In general, the focus of the financial examination process has shifted from primarily determining whether an insurer’s statutory financial statements contain any material misstatements of its financial condition at a specific point in time (the “as of” date of the examination) to a broader, more qualitative assessment of the risks inherent in each insurer’s operations and the insurer’s efforts to identify and mitigate those risks. This fundamental shift has resulted in significant changes in the procedures followed by the Pennsylvania Insurance Department (Department) and other state regulators in planning and conducting financial examinations. The risk-focused financial examination process is described in detail in the NAIC’s Financial Condition Examiners Handbook, which is available from the NAIC at: http://www.naic.org/store_pub_fin_receivership.htm#exam_handbook
*A critical first step in preparing for a risk-focused examination is obtaining a copy of the handbook to become familiar with the goals of the risk-focused process and the guidelines and procedures the Department’s examiners will follow to achieve those goals.
Facilitating the Process - The risk-focused examination procedures include steps to allow Department examiners to:
Develop an understanding of an insurer’s key functional activities and the risks associated with those activities
Evaluate the effectiveness of an insurer’s risk mitigation strategies and controls
These steps require a top-down approach, including interviews with C-level and other executive management as well as selected board members. To be performed as efficiently as possible, the risk-focused process requires a collaborative effort on the part of the Department, the insurer and the insurer’s independent certified public accountant (CPA). Although Department examiners must independently evaluate information provided by the insurer or the insurer's CPA, they will consider utilizing any information that can assist in achieving the goals of the risk-focused process.
*The next step in preparing for a risk-focused examination is considering what information could be useful to Department examiners and how to best provide that information when requested.
The following brief example of what the new process may involve for an examination as of 12/31/2011 may be helpful in these efforts.
- Insurer receives a pre-examination planning survey from the Department.
- The insurer’s response to the pre-examination planning survey is submitted to the Department.
- Department holds kick-off meetings with insurer management teams and staff relating to information technology needs and coordination of examination activities.
- Department begins to develop an understanding of the insurer’s key functional activities by reviewing business plans, and prior year CPA work papers, including an evaluation of any Model Audit Rule or SOX-related work or any other insurer prepared or verified documentation.
- Department conducts interviews with the insurer’s internal audit staff, the chair of the insurer’s audit committee, the chief executive officer, chief financial officer, chief operations officer, other selected board members and key management staff as part of the effort to sufficiently understand the insurer’s operations.
- Department begins to document its understanding and assessment of the insurer’s risk mitigation strategies. This effort includes coordinating current year-end CPA work with examination work, e.g. attending the CPA’s walk-through of the insurer’s control system.
January 2012—June 2013
- Department finalizes risk identification and assessment of risk mitigation strategies and internal controls; completes actuarial work and all substantive examination procedures; issues a report of the examination and management letter; and identifies areas requiring on-going monitoring.
Participating in the Process - The risk-focused approach to financial regulation is designed to provide continuous, more efficient regulatory oversight using a process structured to provide a forward-looking view of an insurer’s risk profile with a specific focus on areas of greatest risk to that insurer. As with any regulatory tool, the process will continue to be refined and improved by state regulators.
*As with financial reporting and other regulatory tools, the final and ongoing step is monitoring NAIC activities relating to risk-focused financial examinations and providing input and feedback on ways to continue to improve upon the process.
1. what the process is
2. what the process is not
3. why the approach
4. how to prepare
5. what to expect
Questions, concerns and requests for additional information may be directed to:
Annette B. Szady, CPA, Director
Bureau of Financial Examinations
Pennsylvania Insurance Department
Office of Corporate and Financial Regulation
1345 Strawberry Square
Harrisburg, PA 17120
Phone: 717.787.3952 | Fax: 717.787.8557