On 7 October 2016, a revised (GN10) (“Revised GN10”) was issued by the Office of the Commissioner of Insurance (“OCI”). The Revised GN10 replaces the (GN10) (“Existing GN10”) which came into effect on 1 September 2003. It sets out the minimum standard of corporate governance that the OCI expects of insurers authorised to carry on insurance business in and from Hong Kong (“Insurers”), including the composition, role and responsibilities of the board; internal controls; and compliance with laws and regulations.
The timing of the proposed changes to Existing GN10 is not wholly surprising as one of the objectives of the Insurance Companies (Amendment) Ordinance 2015 (“Amendment Ordinance”), of which only selected sections (relating to the establishment of the provisional Insurance Authority) have so far been commenced, is to strengthen the corporate governance standards applicable to Insurers. The Amendment Ordinance will overhaul the regulatory insurance framework, which includes the transition from the OCI to the new independent Insurance Authority.
Revised GN10 is issued to align Hong Kong with updated international standards, in particular the International Association of Insurance Supervisors’ updated Insurance Core Principles (“ICPs”). ICP 7 is related to corporate governance and ICP 8 sets out standards relating to risk management and internal controls.
It is now an opportune time to consider some of the most note-worthy revisions to Existing GN10.
Revised GN10 applies to an expanded scope of Insurers. Existing GN10 applies to insurers incorporated in Hong Kong (except certain insurers in run-off and captive insurers), and Insurers incorporated outside Hong Kong (“Overseas Insurers”) with more than 75percent of their annual gross premium income attributable to Hong Kong insurance business, unless the Overseas Insurer obtains a written exemption from the OCI.
Revised GN10 will apply to Hong Kong-incorporated Insurers (except general Insurers that are in run-off (no new or renewal business), and long term Insurers that are in run-off (no new business and renewal business annual gross premium income less than HK$20 million) which is a continuation of the existing position), and certain Overseas Insurers. Revised GN10 lowers the annual gross premium income threshold of Overseas Insurers to 50 percent. Applicable Overseas Insurers may apply for derogation from the Revised GN10 from the OCI.
All Overseas Insurers, irrespective of the proportion of their Hong Kong insurance business, must comply with the applicable corporate governance of their home jurisdiction. General application of Revised GN10 to Hong Kong branches of Overseas Insurers has been a much-discussed topic in the market, bearing in mind the practical difficulties Overseas Insurers (with more than 50 percent of their annual gross premium income attributable to Hong Kong insurance business) might have in implementing a corporate governance structure that complies with Revised GN10 and the relevant laws of their domiciled jurisdictions.
For instance, since 1 January 2016, certain insurers licensed by the Bermuda Monetary Authority (“BMA”) in specified classes are required to establish and maintain their head office in Bermuda to ensure the BMA can exercise sufficient regulatory oversight over the business carried on by these licensed insurers. Of the factors the BMA uses to determine whether a commercial insurer has complied with its head office requirements are, for example, where the underwriting, risk management and operational decision-making of the insurer takes place, and the location of senior executives responsible for and involved in the decision making relation to the insurer. As at the beginning of November 2016, in Hong Kong there are twelve Bermuda-incorporated Insurers.
Captive Insurers were expressly exempted from Existing GN10. This position has been revisited such that captive Insurers are “encouraged to adopt” Revised GN10 as appropriate. What this means in practice is not yet clear. For example, if a board of a captive expressly adopts Revised GN10, what happens in case of non-compliance by that captive? This is an interesting development, as the captive sector is generally subject to a less onerous regulatory framework (eg, capital and solvency requirements), and under the new s. 64G to be introduced by the Amendment Ordinance, employees of captive Insurers carrying on regulated activities will be exempt from licensing requirements.
Existing GN10 relaxes certain provisions for small Insurers with both an annual gross premium income and total gross insurance liabilities at the end of the preceding financial year below HK$20 million. Revised GN10 expressly allows small composite Insurers to benefit based on the aggregate of the general and a long term elements of their business.
ICP 7 requires insurers to establish and implement a corporate governance framework which provides for sound and prudent management and oversight of their business whilst protecting policyholder interests.
Board Composition and Minimum Number of INEDs
There is no change to the minimum number of directors required on the board of an Insurer or the proportion of directors that should have sufficient knowledge and experience of insurance business. Revised GN10 expressly provides that a board should have “an adequate spread and level of expertise” and that this should be in a number of areas such as underwriting, actuarial, claims, in addition to the areas of finance and investment as set out in Existing GN10. A sufficient number of independent non-executive directors (“INEDs”) is an important check and balance against the influence of management. Small Insurers, with less than five directors must have a minimum of one INED, otherwise, the requirement for the proportion of INEDs on the board has been increased from one-fifth to one-third. A welcome revision is the express provision in Revised GN10 for a temporary exemption for the reduction of the number of INEDs where there is a valid justification, which, for example, Insurers may need to avail of in the unfortunate event of a death or serious illness of an INED prior to their being able to replace the individual or his return to health.
There are amendments to the independence criteria of INEDs. In particular, former employees of the Insurer or its group will be required to wait three years whereas Existing GN10 focuses on current roles only. A new factor on which the OCI is unlikely to consider a proposed director to be independent is if he is a director or controller of a company that has significant financial interest with the Insurer or any group company, for example, a major service provider.
Obligations of Individual Directors
This is a new section, building on existing legal and Existing GN10 requirements that individual directors owe fiduciary duties and a duty of care to the Insurer.
There is no limit on the number of directorships an individual director may hold, rather a principles-based provision that if an individual directors has other directorships he should ensure that he has sufficient time and can give sufficient attention to discharge his obligations to the Insurer.
Separation of Role of Chairman/CEO
Under Existing GN10, the Chairman and CEO should be separate unless there are appropriate controls. This requirement has been bolstered further in Revised GN10. Going forward, the Chairman should not be the CEO, appointed actuary or serve as chair of any board committee.
Under Existing GN10, other than for small Insurers, the establishment of an audit committee is mandatory, unless the Insurer is part of a group which has a group audit committee. Revised GN10 introduces requirement that it should be chaired by an INED and preferably have an INED majority. The particular committees established and their composition will depend on the board size.
A new mandatory requirement is the establishment of a risk committee. Small Insurers are exempt from this obligation.
The optional committees which the board of an Insurer should consider where appropriate having regard to the Insurer’s size, practical needs and business activities have not changed. These are an: investment committee – which must observe the (GN13); nomination committee; remuneration committee; underwriting committee; reinsurance committee; and claims settlement committee.
Membership of a remuneration committee should include INEDs, one of whom is chair. The remuneration committee would be expected to work closely with other relevant committees, including the risk committee to assess the impact of the Insurer’s remuneration policy on its risk-taking behavior. The provisions relating to the nomination committee have been strengthened to require that its membership should include at least one INED and that in addition to nominating suitable candidates for board roles, its brief extends to senior management appointments also.
Under Revised GN10 the functions of committees can be combined so long as their effectiveness and integrity is not compromised. A footnote clarifies that the mandatory committees are two separate committees. Revised GN10 notes that it may be necessary to consider rotating the membership of committees to avoid undue concentration of powers.
Group Policies and Group-Level Committees
A welcome clarification in Revised GN10 is the express acknowledgement that Insurers can adhere to applicable group policies and procedures. This is subject to the qualification that they are appropriate to maintain the Insurer’s sound and prudent operation. Insurers may also rely on group-level committees instead of establishing board-level committees, including in respect of the otherwise-mandatory audit committee and risk committee.
Internal Control Systems and Risk Management Framework
ICP 8 requires insurers to establish and maintain effective systems of risk management and internal controls, including effective functions for risk management, compliance, actuarial matters and internal audit. The risk management and internal control provisions of Existing GN10 are enhanced in Revised GN10.
As well as the new mandatory risk committee, Revised GN10 introduces an optional chief risk officer role with a direct reporting line to the board and be separate from the other executive functions.
Key Persons in Control Functions (“KPCFs”)
Under the Insurance Companies Ordinance, the appointed actuary of life Insurers, directors and controllers of Insurers are subject to regulatory scrutiny to promote good corporate governance. To comply with IAIS requirements, the Amendment Ordinance will require the prior approval by the regulator of senior executives of Insurers (other than captives) who carry out “control functions” (“CFs”) based on fit and proper criteria. A CF is likely to enable the individual responsible for it to exercise significant influence on the Insurer’s business. The Amendment Ordinance specifies the following CFs: risk management, financial control, compliance, internal audit, actuarial and intermediary management, and additionally provides for the Financial Secretary specifying others by notice. Revised GN10 introduces specific provisions on KPCFs and senior management.
Revised GN10 is more prescriptive than Existing GN10 in relation to remuneration. Insurers are required to establish a board-approved risk-averse remuneration policy, in-line with their objectives, business strategies and long-term interests, and providing a clear relationship between performance and remuneration. As well as the board, and where relevant, the remuneration committee, Revised GN10 requires the involvement of senior management and key persons in the risk management CF in the setting and monitoring of the remuneration policy.
The scope of application of remuneration policies is expanded by Revised GN10 to cover all directors (including INEDs) and employees, including senior management, KPCFs and “material risk-taking employees” whose individual actions, or aggregated of groups of employees, may have a material impact on the Insurer’s risk exposure through the assumption of material risk or by taking on material exposure.
Revised GN10 sets out detailed principles relating to remuneration structure, including:
- As regards the criteria for measuring performance, some subjectivity is permitted on top of pre-determined performance criteria.
- Specific parameters for the remuneration of KPCFs, noting the inherent potential conflicts of interest that could compromise their objectivity and indeed integrity.
- Generally, guaranteed bonuses should not be offered. The OCI notes that these are inconsistent with performance-based remuneration and sound risk management.
- Variable components linked to performance should not be disproportionate to the fixed part.
- Variable remuneration should take account of the Insurer’s capital management strategy, targets and regulatory capital requirements, and the majority of this component deferred for a suitable period according to the seniority and responsibility of the individual and the nature and time period of the risks he has undertaken.
- Safeguards to be implemented where variable remuneration comprises share-based elements.
Taking into account technological advancements since Existing GN10 was issued, a new section on cyber security obligations has been added.
Revised GN10 will largely take effect from 1 January 2017. In the meantime, Insurers remain subject to the requirements of Existing GN10. A later implementation date of 1 January 2018 applies to the revised requirements as to the minimum number of INEDs, the new remuneration requirements and the new mandatory requirement to establish a risk committee. Additionally, the provisions applicable to KPCFs will take effect when the statutory provisions have been commenced.
As 2017 is just around the corner, prompt steps must be taken by Insurers to perform a gap analysis of their corporate governance, risk management and internal control systems framework against the requirements of Revised GN10.