If you work for an insurance company and need to know what regulations you are subject to, and what their main aims and requirements are, this article is for you.
Insurance firms answer to several regulators. Most notably the Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), Information Commissioners’ Office (ICO), The Pensions Regulator (TPR), and the Financial Ombudsman Service (FOS). Each come with their own set of regulations that place high expectations onto firms. Let’s explore the key requirements from each regulator now, and the role of eLearning courses in aiding insurance compliance.
In this article
- Insurance compliance and FCA regulations
- Insurance compliance and PRA regulations
- Insurance compliance and ICO regulations
- Insurance compliance and TPR regulations
- Insurance compliance and FOS regulations
- Insurance compliance and other regulations
- Simplify insurance compliance with Ciphr eLearning
Insurance compliance and FCA regulations
The Insurance Distribution Directive
The Insurance Distribution Directive sets regulatory requirements for firms that design and sell insurance products. The FCA is responsible for its implementation and enforcement in the UK.
The Insurance Distribution Directive is a European Union (EU) Directive that entered into force on 22 February 2016. Member states were required to comply with it by 1 October 2018. It replaced the Insurance Mediation Directive (IMD), and covers authorisation, passporting arrangements, and regulatory requirements for insurance and reinsurance intermediaries.
The Insurance Distribution Directive is still applicable to UK firms following the UK’s decision in 2016 to leave the EU. The European Union (Withdrawal) Act 2018 converted the existing body of EU law into UK law through a process known as ‘onshoring’. All references to EU bodies and legislation were amended to the appropriate UK bodies and legislation.
What are the aims of the Insurance Distribution Directive?
The Insurance Distribution Directive has three interconnecting aims:
- Consumer protection
The main aim of the Insurance Distribution Directive is to improve the sales and distribution practices of retail insurance products across different distribution channels to deliver consistent consumer protection.
- Greater transparency and competition
To bring greater transparency and improved, more comprehensible, information to consumers. This will help to ensure that consumers buy products that better meet their needs. This will give consumers greater confidence in their insurance purchasing decisions, and in turn help improve competition.
- Knowledge and competence
For everyone involved in insurance distribution to possess an appropriate level of knowledge and competence appropriate to product complexity and nature of activities conducted.
Want to help your teams learn more about the directive, including its structure, main provisions, and future development? Our Insurance Distribution Directive eLearning course is here to help
The Senior Managers & Certification Regime (SM&CR)
The Senior Managers and Certification Regime (SM&CR) was introduced by the FCA and PRA to enhance accountability and conduct standards in financial services firms following the 2008 banking crisis. It applies to all financial services firms including insurance firms since December 2018.
What are the aims of the SM&CR?
The SM&CR is a crucial framework designed to foster a culture of responsibility and integrity within financial services firms, ultimately protecting consumers and enhancing the stability of the financial system. Its three main aims are to:
- Enhance accountability
By ensuring that senior managers are clearly accountable for their areas of responsibility, it encourages staff to take personal responsibility for their actions.
- Improve conduct standards
By setting basic standards of behaviour for all employees, it should improve conduct at all levels
- Increase transparency
By requiring firms to document responsibilities, firms and staff should clearly understand who does what, and be able to show this to the regulator.
We can help you and your teams get to grips with the SM&CR – including its structure, main requirements, and plans for future development. Take a look at our SM&CR eLearning course now
Insurance compliance and PRA regulations
Solvency II
Solvency II is an EU Directive that entered into force on 1 January 2016, after a long period of development that started in 2001. It sets out a single set of prudential and supervisory requirements. The PRA is responsible for its implementation in the UK.
In essence, Solvency II assesses the degree of risk of an insurance company and quantifies this in an overall reserve requirement. In doing this it looks at key elements of the business, especially the premiums the company writes and the reserves it holds against future losses. The calculation then assesses the potential losses the firm could possibly suffer in an extreme situation, and therefore the level of capital it would require to remain viable.
There are two important features in this calculation. First, the potential losses are calculated to a level of one year in 200, which is both strict and complex to calculate. Second, in calculating the required level of reserves, Solvency II allows ‘’diversification’’, ie to recognise that not all risks will crystallise at the same time.
Solvency II applies to almost all insurance and reinsurance firms, including Lloyd’s of London syndicates. Exceptions include:
- Firms with less than €5 million in annual gross written premium income
- Firms with less than €25 million gross technical provisions
However, these firms can elect to be regulated under Solvency II if they wish.
Solvency II is still applicable to UK firms following the UK’s decision in 2016 to leave the EU. The European Union (Withdrawal) Act 2018 converted the existing body of EU law into UK law. All references to EU bodies and legislation were amended to the appropriate UK bodies and legislation.
What are the aims of Solvency II?
Solvency II has three interconnecting aims:
- Policyholder protection
The main aim of Solvency II is to “ensure the adequate protection of policyholders and beneficiaries” according to European Insurance and Occupational Pension Authority (EIOPA), the European financial regulatory institution that acts as an independent advisory body to the European Commission, the European Parliament and the Council of the European Union.
This is achieved by ensuring the financial soundness of insurers and reinsurers, particularly through difficult periods, and seeks to protect both policyholders and the stability of the whole financial system.
- Greater transparency
Solvency II also seeks to provide greater transparency in firms’ decision-making process. This is achieved by requiring firms to complete self-assessments, publish details of the risks they face, and increase supervisory reviews and intervention.
- Enhancing the supervisory review process
Instead of rudimental compliance monitoring, supervision is now focused on evaluating insurers’ risk profiles and the quality of the risk management and governance systems.
Supervisors based at regulators across the EU increase their coordination by exchanging information in roundtable meetings known as ‘colleges’, to improve cross-border supervisions of insurance and reinsurance groups. These colleges typically last between one and three days. Supervisors from each regulator will take turns to share their findings and views on a particular firm.
We can help you get up to speed on Solvency II. Discover our Solvency II eLearning course now
Insurance compliance and ICO regulations
What is the ICO?
The Information Commissioner’s Office (ICO) is the UK’s independent regulator for data protection and information rights law. It upholds information rights in the public interest, promotes openness by public bodies, and promotes data privacy for individuals. Over one million companies are registered with the ICO across a wide range of sectors including finance, government, health, and utilities. If a firm is processing personal information, it needs to be registered with the ICO.
The ICO enforces and oversees the following legislation:
- Data Protection Act 2018 (DPA2018)
- General Data Protection Regulation (GDPR)
- Freedom of Information Act 2000 (FOIA)
- Environmental Information Regulations 2004 (EIR)
- Privacy and Electronic Communications Regulations 2003 (PECR)
What are the strategic objectives of the ICO?
The ICO has four strategic objectives:
- To safeguard and empower people by upholding information rights
- To empower responsible innovation and sustainable economic growth, by providing regulatory certainty about what the law requires, reducing the cost of compliance and clarifying what the ICO will do if things go wrong
- To promote openness, transparency and accountability. And to support the development of a modern Freedom of Information (FOIA) and Environmental Information (EIR) practice framework in the UK
- To develop the ICO’s culture, capability and capacity to deliver impactful regulatory outcomes, be recognised as an effective provider of public services and as a knowledgeable and influential regulator
Get better acquainted with the ICO. Our ICO eLearning course will get all your people on the same page
Insurance compliance and TPR regulations
What is TPR?
The Pensions Regulator (TPR) is responsible for regulating, and, ultimately, protecting, work-based pension schemes in the UK. These include defined benefit (DB), master trusts or broader defined contribution (DC) schemes and public service pension schemes. It is also responsible for ensuring that employers comply with their automatic enrolment duties.
TPR works with employers, trustees, pension specialists, business advisers and those running pension schemes so that they can fulfil their duties to scheme members. It is an executive non-departmental public body sponsored by the Department for Work and Pensions.
What are the statutory objectives of TPR?
The statutory objectives are set out in the Pensions Act 2004 (amended 2014):
To protect the benefits of members of occupational schemes
- To promote, and to improve understanding of, the good administration of work-based pension schemes
- To protect the benefits of members of personal pension schemes where direct payment arrangements are in place
- To reduce the risk of situations arising which may lead to compensation being payable from the Pension Protection Fund (PPF)
- In relation to DB scheme funding, to minimise any adverse impact on the sustainable growth of an employer
- To maximise employer compliance with employer duties and the employment safeguards introduced by the Pensions Act 2008
Help your people make sense of TPR. Check out our Introduction to the Pensions Regulator eLearning course
Insurance compliance and FOS regulations
What is the FOS?
The Financial Ombudsman Service (FOS) settles complaints between consumers and financial services businesses where they cannot reach a resolution themselves. It is a statutory dispute resolution scheme set up under the Financial Services and Markets Act 2000 (as amended). It works on a not-for-profit basis.
Over a million people contact the service every year. Once the FOS has assessed the facts of a case, it will make an independent and fair decision. Where necessary, it will use its powers to put things right for the consumer, including to require compensation payments to the consumer.
What are the values and commitments of the FOS?
Values
The FOS aims to:
- Do the right thing
- Treat their customers well and respect their needs
- Do what they say they will do
- Be inquisitive and build everyone’s knowledge
Commitments
Run a service with fairness at its heart
- Be a well-run and efficient service
- Earn the trust and respect of its customers
- Help everyone who needs its
- Share its knowledge to encourage fairness in financial services
- Attract, develop and keep staff who uphold their values
To learn more about the FOS, including how the FOS makes decisions, check out our FOS eLearning course
Insurance compliance and other regulations
This article has outlined the key regulations that apply to insurance firms. However, as a person working in an FCA-regulated company, you should also be aware of regulations that impact you personally such as those around Gifts and Inducements, Whistleblowing, and Treating Customers Fairly. Fortunately Ciphr has you covered: view all our FCA compliance eLearning courses here.
Simplify insurance compliance with Ciphr eLearning
We’re here to help you get regulations right with effective eLearning courses that make an impact. Created together with the author of this article, Victoria Sena, founder of Cherrybank Consulting, our suite of compliance courses is designed for organisations that are regulated by the FCA, PRA and other regulators. They’ll make sure that your firm remains up to date with the latest legislation and regulatory requirements. These off-the-shelf eLearning courses can be deployed in weeks – helping your teams get up to speed, fast. Or if you prefer a more tailored approach, we can work with you to customise our content or develop bespoke eLearning courses that deliver on your precise requirements. Speak with one of our expert advisors today to find out what’s right for you.
About the author
Victoria Sena is founder of Cherrybank Consulting, an innovative consultancy founded in 2019 with a wealth of experience in growing regulated financial businesses in the UK and internationally. Specialising in governance, operations, risk, and compliance, Cherrybank has worked with start-ups and scale-ups across the financial spectrum including banks, asset managers, funds, corporate finance advisers and open banking platforms. You can get in touch here.