At a Norton Rose Fulbright-hosted event, Executive Director of insurance at the Prudential Regulation Authority (PRA), Charlotte Gerken, set out her priorities for the insurance sector in 2022. The speech expands upon the priorities set out in the ‘Dear CEO’ letter sent to insurance companies on 12 January 2022. The speech focused on the importance of four of the issues considered in the letter: climate change, diversity and inclusion, operational resilience and third-country branches. Set out below are the summary points made in respect of each of these issues.
- Climate change and Environmental, Social, and Governance (ESG). Under its objectives the PRA must satisfy itself that firms, including insurance companies, can identify and manage the financial risks from climate change – whether physical, transition or liability. The Climate Change Adaptation Report, published by the PRA in October 2021, provided an update on how firms are responding to the risks arising from climate change. The report indicated that some firms have gone further to prepare than others. For insurers, the Climate Biennial Exploratory Scenario will provide the PRA with a better view of the risks that insurance companies face. Importantly, Charlotte Gerken noted that the Climate Change Adaptation Report considered the role that capital requirements play in terms of supervision. Over the course of 2022 the PRA will consider whether the current capital framework is fit for purpose. The PRA will hold a conference later in 2022 on the capital framework and climate change.
- Diversity and inclusion. The PRA’s focus on diversity and inclusion is specifically on ‘diversity of thought’. A discussion paper last year (DP 21/2) sought views on how best to accelerate meaningful change in the financial services sector. Research shows a clear correlation between diversity and inclusion and positive outcomes in risk management, healthy working cultures and innovation. The 2008 global financial crisis was partly caused by unhealthy ‘group think’, where behaviours went unchecked.
- Operational resilience. Business recovery and continuity have become priority concerns after the COVID-19 pandemic. The past couple of years in which people have been forced to work remotely has exacerbated the need to manage workplace operations. Cyber risks remain a cause of major disruption and the PRA expects firms to do more than simply have a cyber-insurance policy in place. What is expected by the PRA is a cyber risk management framework. The PRA will expect insurance firms to understand the services that they provide and invest to protect these services and their customers, as well as the wider financial system. While cloud-based services can offer better resilience, the Financial Policy Committee has recently expressed concerns about the concentration risk from firms relying upon a small number of cloud service providers. Charlotte Gerken reminds firms that they have responsibility for managing the risks posed by outsourcing arrangements.
- Third country branches. The PRA is assessing applications to form branches in the UK against a clear set of criteria. One of these criteria is the “supervisability” of each branch. The PRA must be satisfied that the level of supervisability of the branch and its parent is commensurate with the level of risk it poses to the PRA’s statutory objectives. But the PRA is not prepared to hold branches to lower standards than UK insurers. Accordingly, limits have been set on the level of retail insurance liabilities that some branches have and those insurers with a large exposure to the UK retail mark will be expected to establish subsidiaries so that they are subject to direct supervision.
Charlotte Gerken closed her speech by highlighting the importance of the above four areas for the effectiveness of insurance firms.