Corporate Governance Rules for Insurance Companies

With FINMA Circular 2017/2, effective January 1, 2017, the Swiss Financial Market Supervisory Authority (FINMA) further specifies the corporate governance principles for the organisation, management and control of insurance companies. In particular, it requires insurers to implement strict independence requirements for the board of directors by December 31, 2019. As FINMA may grant exceptions for legitimate reasons, a timely analysis and discussion with FINMA may be advisable.

1.  Circular 2017/2

The fully revised FINMA Circular 2017/2 "Corporate governance - insurers" replaces the existing circular 2008/32 and defines the corporate governance principles for the organisation, management and control of insurance companies. In particular, it includes provisions on the composition and organisation of the board of directors, the required number of board members and their independence. It also incorporates and restates the existing rules set out in the previously published circular 2008/35 "Internal audit - insurers".

These rules aim to implement the following corporate governance principles throughout an insurer's organisation:

• Clear allocation and documentation of duties, powers, responsibilities and reporting processes.
  
  
• Definition of principles, processes and structures for compliance with legal, regulatory and internal requirements as well as for identifying and dealing with conflicts of interest and abuses.
  
  
• Implementation of an effective and company-wide risk management system and an effective internal control system (ICS) including the control functions (risk management, compliance, internal audit) and periodic reviews of their appropriateness by an independent (internal or external) party.
  
  
• Implementation of processes to ensure that individuals responsible for overall management, supervision and control as well as the executive management of the insurance company have and maintain the required professional experience, specialist knowledge and personal aptitude.

2.  The Board of Directors in Particular

The new circular provides specific parameters with respect to the composition of the board of directors (Verwaltungsrat), or the supervising body of cooperatives (Genossenschaften) respectively. In particular, it specifies that the board has to consist of at least three members and that in total at least one third of its members must comply with independence requirements, meaning that the independent members may neither:

• be, and have not in the previous two years been, employed in some other function within the insurance company (as well as in a capacity as lead auditor of the regulatory auditor responsible for the insurance company);
  
  
• have commercial links with the insurance company which, in view of their nature and scope, would lead to conflicts of interest; and
  
  
• hold, directly or indirectly, 10% of the capital or voting rights in the insurer, or are able to otherwise significantly influence the course of business of the insurer (article 4 para 2 let. f ISA); or in case of a group, be a representative of such group.

With respect to the above, FINMA has clarified, that if the board member does not hold an executive position in the group but is only a member of the board of such insurer's subsidiary, parent or sister company or other affiliated company, such board member can still count as a independent board member (provided that there is compliance with the other aforementioned requirements).

These very specific requirements (in particular the exact number of required board members and the independence requirement) received some criticism during the consultation period as the argument was made that specific rules on the composition of a board should rather be determined by the legislator and not the regulator by way of a circular.

In particular, for small and mid size insurers the new requirements may be cumbersome. However, FINMA underlined the importance of the principle of proportionality, meaning that the size and complexity of an insurer's operations have to be taken into account and individual exemptions may be granted (e.g., for reinsurance captives).

Of course, the implementation of the requirements as set forth in the circular are also of relevance for large insurance groups. In this respect, FINMA clarified its view that these rules do also apply to insurance groups and insurance conglomerates which are subject to group/conglomerate supervision under article 2 para. 1 let. d in conjunction with articles 65 and 73 ISA, meaning that the governance rules need to be followed by all supervised group entities. The implementation of these governance principles at a holding or parent company level are not sufficient. FINMA may approve individual exemptions where there is good reason for doing so, e.g., subsidiaries of insurance groups and of conglomerates supervised by FINMA.

The independence requirement also applies to the audit and risk committees of the board of directors. At least one third of the members of the audit and risk committees must be independent, and the chairman of the board shall not be a member of the audit committee or the chair of the risk committee.

As all of the above described independence requirements are likely to cause substantial personal and organisational changes within many insurance companies, for its implementation the circular grants a time period up to the end of December 2019. However, if an insurer wants to obtain and rely on an individual exemption, or wishes to request an extension of the 2019 deadline, it is recommendable to discuss with FINMA well in advance. 

In particular with respect to the independence requirement, the governance of insurers is now largely aligned with the governance rules of banks (except that for banks these rules need to be implemented by the end of June 2018).

3.  Mandatory Implementation of Risk Management and Compliance Functions

Insurance companies need to implement objective and independent risk management and compliance functions and have to employ respective specialists with a remuneration system in place that prevents conflicts of interest with the controlled business units.

In view of article 27 para. 2 ISA, which gives FINMA the competence to exempt an insurer from its duty to implement an internal audit, it was suggested that FINMA should also have the competence to free insurance companies from the implementation of risk management and compliance functions.

In the consultation process of circular 2017/2, FINMA published its view that the applicable legislation does not allow a similar approach as with the internal audit and the implementation of a risk management and a compliance function is mandatory for each insurer.

4.  Other New Regulation 

As of January 1, 2017, three other circulars relating to the insurance sector entered into force:

• FINMA Circular 2017/5 "Business plans - insurers" that consolidates insurers' business planning practice which had previously been published in a number of different documents.
  
  
• FINMA Circular 2017/3 "SST" clarifies the provisions of the Insurance Supervision Ordinance (ISO) in relation to the Swiss Solvency Test (SST) and consolidates current practice, which had previously been defined in a variety of other documents.
  
  
• FINMA Circular 2017/4 "Actuary responsible" now requires that deputy arrangements be put in place for the responsible actuary.

The publication of these circulars marks the end of a revision process which started in 2015 with the revised Insurance Supervision Ordinance.