An agreement of principles (BMA code of conduct)
The Bermuda Monetary Authority (BMA) will be introducing its new code of conduct shortly, intent upon strengthening corporate governance for the Island’s insurance sector. Here, Paul O’Neill, senior manager—advisory at KPMG, responsible for the firm’s approach to regulation and compliance, addresses the new measures and how Bermuda captives are preparing for the July 1 deadline.
In simple terms what is the code of conduct?
The easiest way to describe the code is that it is a series of general statements issued by the BMA with respect to the duties and standards it expects all insurers in Bermuda to comply with, addressing corporate governance, risk management and outsourcing.
How does the code tie in with Solvency II equivalence and the BMA’s efforts to strengthen regulatory oversight?
For class 3a and 3b captives, the code of conduct is very much an integral part of the BMA’s equivalence project with respect to risk-based capital and the Bermuda Solvency Capital Regime Pillar II requirements. Whilst for class 1, 2 and 3 captives, it strengthens Bermuda regulatory regime proportionately without imposing a burdensome requirementto calculate their solvency using the BSCR risk-based calculation. By strengthening good governance, the BMA and Bermuda captives are flagging up to global regulators their adherence to high standards in respect to risk management and good governance.
How can captives best prepare themselves for the code?
For those that have them, the first thing they should do is speak to their captive manager and to understand what measures they have in place to help them implement the code, and how they are going to work with them to achieve compliance. That’s going to be your first port of call. For those that don’t have a captive manager, as with any project, the first step is to identify an individual or group of people who will be responsible for implementation, and then beyond that, objectively look at what the captive currently does today in respect to risk management, corporate governance and outsourcing, and determine whether there are any gaps between what its current practices are and what the code requires. Captives then need to take a proportionate approach, based on their size and complexity, to developing a plan regarding how to implement any changes, whilst bearing in mind what elements of the code they can implement using a light-touch approach because of their activities or size.
What are the implications of the code of conduct for captive boards?
For boards that have already implemented strong risk management and good governance, the impact will be minimal, and it will probably equate more to some fine-tuning of frameworks and controls they already have in place. Those captive boards that have not adopted strong governance principles already could have quite a lot of work to do between now and the July 1 deadline for implementation.
"By strengthening good governance, the BMA and Bermuda captives are flagging up to global regulators their adherence to high standards in respect to risk management and good governance."
I think that many of the Bermuda captives have only to fine-tune existing processes, but I will say that one of the biggest challenges will be in evidencing what you are doing, and documenting the governance framework and risk management approach—the level to which this has been done having varied quite widely in the past. You might have been implementing appropriate practices previously, but it hadn’t all been written down. The challenge now is getting it all down on paper in a very short timeframe. This documentation will then be there for on-site inspections to demonstrate that you have policies and procedures in place for good governance and risk management, as opposed to just being able to talk about them to the BMA.
How does its application to captives vary as opposed to the commercial insurance sector?
The biggest difference between captives and the commercial insurers in terms of the code is the difference in size and complexity of the two types of company. Commercial insurers tend to be big, diverse organisations that underwrite multiple lines of business, across multiple geographies, to a diverse range of clients; whereas captives tend to be rather simpler organisations with simpler structures and often less complex business models. This means that the level that they need to drill into the code of conduct to evidence compliance can be less in the case of many captives. The exceptions to this are the class 3a and 3b captives—which although small in size in terms of the organisation—often have many of the characteristics in terms of scale and complexity of commercial insurers and can have quite large balance sheets. Therefore, 3a and 3b companies need to reflect these differences in scale and complexity in how they implement the code; but in general, captives will have less to do to implement the code than their commercial cousins.
What are the major benefits of being compliant?
Frankly, because we are talking about international best practice, good governance and risk management, it is generally accepted that those captives that successfully implement such practices tend to generate higher returns than those that don’t. More locally though, regulatory sanctions, which are a potential consequence of non-compliance, will likely entail intervention from the regulator in what you want to do, which tends to take up management time and resources, which in turn takes management focus away from the profit-generating side of the business. Compliance therefore makes considerable sense from a business perspective. On the international side, a general lack of compliance by the captive market could strengthen the EU’s argument regarding why captives should be included in the scope of risk-based capital; so a responsible approach by the industry in Bermuda can serve multiple purposes.
How can captives prove that they are conforming to the new code?
There is no mechanism at the moment for proving you are compliant, but if you are asked to self-certify compliance, a board of directors is unlikely to do so if you are not. In addition, code of conduct documentation and practices will be a significant area of focus when the BMA performs its on-site inspections.
What are the implications for those captives that fail to conform to the code of conduct?
The consequences of not taking a responsible attitude towards corporate governance could result in the BMA taking a firmer line on some of the more commercial decisions that you want to take and could result in the BMA requiring firms to increase either the quality or quantity of their statutory capital. Frankly, if you are not doing the basics, the BMA is likely to take a much harder line with companies that don’t have the basic corporate governance elements in order. Having said that, if firms use best endeavours to get the job done within the timescale allowed, I think the BMA will take a collaborative approach in terms of getting you the rest of the way.
And do you expect greater intervention from the BMA under the auspices of the code?
I think, yes. The BMA recognised the concerns of the market in December and extended the deadline for compliance to July to give people more time to prepare. I think that firms that have failed to use the extension constructively to get done what they need to get done will frankly not find themselves viewed in a favourable light by the BMA. Not having finished preparing for the code might not be the end of the world, but not having started is not going to be regarded as acceptable.
How significant has corporate good governance become in the day-to-day management of captive business?
It is no longer a ‘nice to have’; these days it is expected by a whole range of stakeholders—from regulators, parent companies, shareholders, customers, brokers and especially the rating agencies. But having said that, implementing best practice does not necessarily mean spending a lot of money; it’s mainly about tackling the important risks and putting good governance around those. Good governance is now regarded as a measuring stick by which all firms’ performance is measured.
Paul O’Neill is senior manager—advisory at KPMG, Bermuda. He can be contacted at: pauloneill@kpmg.bm