Out-Law Guide | 12 Mar 2015 | 1:10 pm | 1 min. read
The EU's Solvency II Directive codifies and harmonises EU insurance regulation. It sets out broader risk management requirements and requires firms to hold enough capital to cover all their expected future insurance or reinsurance liabilities. The new outsourcing requirements are set out in article 274 of the European Commission's delegated regulation which supplements the directive. This came into effect on 18 January 2015.
Article 274 contains some high level requirements that will apply to any outsourcing by an insurer, but many of them will only apply to the outsourcing of "critical or important operation functions or activities" (which replaces the existing concept of "material outsourcing"). While insurers will be required to set their own criteria for deciding whether a function or activity is critical or important, and whether it is being outsourced, guidelines on system of governance and own risk solvency assessment (ORSA) by EU regulator the European Insurance and Occupational Pensions Authority (EIOPA) (12-page / 297KB PDF) give some examples.
Critical or important functions
In broad terms, the more substantial or frequent the advice or service to be provided by a third party is, the more likely it will be an 'outsourcing' for the purposes of the rules. Critical or important functions or activities will include:
Outsourcing agreement requirements
In all cases where critical or important functions are to be outsourced, there must be a written outsourcing agreement which clearly states all of a number of requirements. These requirements include:
This is a development to the existing FCA Senior Management Arrangements, Systems and Controls (SYSC) rules, under which insurers are required only to have regard to certain items. In addition, the delegated act includes more detailed requirements on insurers' policies on, and governance of, outsourcing than under the existing regime.