Monthly Archives: September 2016

4th webinar: EU/US boards’ approach to cyber risk governance: towards a common view?

eu-us-boards-cyber-risk-governance-banner
Time: Friday 14 October 2016 at 15.00 CET, 14.00 GMT

capture-cover-eu-us-boards-cyber-risk-governance

Click above for more details and complete biographies

With the exclusive presence of the Honorable John Carlin, US Assistant Attorney General for National Security.

A unique chance to get insights on the way the US federal government is supporting businesses to mitigate cyber risk.

Philippe Cotelle (Head of Insurance and Risk Management of Airbus Defence & Space, member of AMRAE) will complement the discussion with the Risk Manager’s’ perspective and the necessity to provide organisations with decision-support tools for mitigation and recommendations for risk transfer.

Other speakers include Mark Hughes (CEO BT Security), Mark Camillo (Head of Professional Indemnity & Cyber, AIG) and Roger Barker (IoD/ecoDa) to moderate the debate.

Presentations are available here below:


FERMA Newsletter 73

newsletter-72Download Newsletter 73
September 2016

 


Knowledge Corner September 2016

Credit insurance 

Introduction to credit insurance (English)

Aon

http://www.aon.com/unitedkingdom/products-and-services/risk-services/attachments/aci/aci-introduction-credit-insurance.pdf

Cyber risks

Ciber Elcano no 16 includes interview with Augusto Pérez Arbizu, President of IGREA and Director of Risk and Insurance for Telefónica (Spanish)

http://www.realinstitutoelcano.org/wps/portal/web/rielcano_es/contenido?WCM_GLOBAL_CONTEXT=/elcano/elcano_es/zonas_es/ciber-elcano-16-julio-2016/&utm_source=Ciberelcano16&utm_medium=email&utm_campaign=Jul2016

Data protection

EU General Data Protection Regulation 2016 (English)

Allen & Overy

http://www.allenovery.com/SiteCollectionDocuments/Radical%20changes%20to%20European%20data%20protection%20legislation.pdf

Drones

Managing the unique risks associated with unmanned aircraft systems (English)

Allianz Global Corporate & Specialty

http://www.agcs.allianz.com/insights/white-papers-and-case-studies/rise-of-the-drones/

Sanctions

International sanctions – EU and US

Japan P&I Club, Norton Rose Fulbright (English)

https://www.piclub.or.jp/jorg6cnk2-499/?action=common_download_main&upload_id=9595

Political violence

Political violence contagion (English)

Lloyd’s of London

https://www.lloyds.com/~/media/files/news%20and%20insight/risk%20insight/2016/political%20violence%20contagion.pdf

Power generation

Analysing the causes of power generation losses (English)

https://www.marsh.com/uk/insights/research/global-loss-trends-analysing-the-causes-of-power-generation-claims.html

Member publications

Airmic News (English)

https://www.airmic.com/news

GVNW Die Versicherungspraxis (German)

http://www.gvnw.de/publikationen/die-versicherungspraxis-ausgabe-09-2016/?L=0

NARIM

Jubilee Magazine 20th anniversary (Dutch)

http://www.narim.com/userfiles/File/NARIM_jubileumuitgave_mei_2016.pdf

 


Cyber awareness challenge

 

How cyber aware are you? Here are some questions that will provide food for thought. The answers are a mixture of fact and judgement.

When will the EU Data Protection Regulation start to apply?

A. 25 May 2018
B. 25 March 2017
C. 1 June 2017
2. How quickly do you need to notify a data protection breach to your supervisory authority under the EU Data Protection Regulation?
A. Within 24 hours
B. Within 72 hours
C. It’s voluntary
3. What is the maximum fine a business can face for a breach of the EU Data Protection Regulation?
A. 2% of global turnover
B. 4% of global turnover
C. € 20 million
D. €10 million
4. What digital risks are you most concerned about?
A. Theft of personal data
B. Loss of intellectual property
C. Hacks for ransom
5. What is a bit coin?
A. A euro cent
B. Something left over from your holiday
C. A unit of digital currency
6. How does your organisation cover the cost of cyber risks?
A. Through existing property/casualty policies
B. Stand-alone cyber insurance in addition to existing coverages
C. We don’t think any insurance will make enough difference to a big data breach or hack
7. How satisfied are you with your organisation’s procedures for dealing with data breach and cyber attack?
A. Reasonably satisfied but it needs updating
B. Satisfied, but it can always be improved
C. Something I worry about

ANSWERS 

  1. A
  2. B.
  3. B: but all are possible, depending on the circumstances;
  4. Data breach is the most likely but all are possible.
  5. C.
  6. All are possible.
  7. B, hopefully.

All the answers correct? Share and consolidate your knowledge by attending the digital risks roundtable and interactive cyber security workshop at the FERMA Seminar on 4 October.

Most of the answers right: The FERMA Seminar on 4 October is a good place to build your knowledge.

Less than half the answers right: You definitely need to come to the FERMA Seminar digital risks roundtable and workshop on cyber risks on 4 October. Bring a colleague.

http://www.ferma.eu/ferma-seminar-2016/session/session-5-benchmarking-or-national-association/


Expert view: Questions to ask to identify and remove modern slavery from business

Expert view: Non-financial reporting

The Thomson Reuters Foundation describes the issue of modern slavery for business and lists questions for risk managers to ask.

Modern slavery is a $150 billion industry affecting 45.8 million people worldwide according to the 2016 Global Slavery IndexIt may exist in your enterprise. This is, perhaps, not surprising if we consider the complexity of modern supply chains.

Governments around the world have enacted a raft of laws and updates to tackle the modern slavery industry and ensure transparency – from the EU Non-Financial Reporting Directive, the UK Modern Slavery Act, and the US Trade Facilitation and Enforcement Act and proposed Business Supply Chain Transparency on Trafficking & Slavery Act.

This is an essential part of the solution, but it is ultimately up to companies themselves to act.  What should you as a risk manager be asking?

 

Expert view:

Questions to ask to identify and remove modern slavery from business

 The Thomson Reuters Foundation, the charitable arm of Thomson Reuters, has launched the Stop Slavery Award, a business-friendly initiative to recognise companies that transparently disclose information about their supply chains and take concrete steps to remove instances of forced labour. It will be awarded for the first time in November 2016.

All companies applying for the award completed a detailed questionnaire, an extremely useful starting point for any risk manager wanting to be more aware of the issue.

The questionnaire aims to highlight best practices relating to corporate commitment and reporting, together with performance measurement, business partner engagement, training, risk assessment, business authentication, and investigation and remediation.

Key questions for risk managers to ask:

  • Have you developed partnerships with other businesses, NGOs or government actors to gain a better understanding of the risks faced by workers at your operations or within your supply chain?
  • Do you complete risk mapping, risk analysis and due diligence to identify and prioritise the risk of slavery at your operations and within your supply chain?
  • Does your risk assessment go beyond your direct (first-level) business partners?
  • Do you have a defined approach to addressing or mitigating risk, where a possible or probable risk of slavery is identified?
  • Do you conduct unannounced “spot audits” or inspections at your own operations? Do you conduct unannounced “spot audits” or inspections at your suppliers’ operations?
  • Do you engage a third party to carry out or assist with the audits or inspections? Are your audits or inspections tailored to take account of local or regional differences, including more prevalent risks?
  • Do you require your business partners to report on risks and remedial steps taken to eradicate slavery at their respective operations?

To download the full questionnaire and view all questions pertaining to risk assessment, business authentication, and investigation and remediation, click here.

The Thomson Reuters Foundation acts to promote socio-economic progress and the rule of law worldwide. It does so through its four key programmes: journalism training and media development, coverage the world’s under-reported stories, its global pro bono service TrustLaw, and the Trust Women conference.

 


Talking about risk management in Germany

FERMA President Jo Willaert joined Germany’s GVNW Chairman Alexander Mahnke and Vice Chairman Hans Jörg Schill to talk about the merger which created this new risk management association and its priorities for the future. 

Risk management conversation in Germany  

Members of Germany’s two risk management associations, DVS and Bfv, drove their merger earlier this year, and the combined new organisation, GVNW, now represents the whole range of risk managers and insurance buyers from SMEs to multi-nationals, according to its Chairman Alexander Mahnke.

He was speaking with FERMA President Jo Willaert on the occasion of the first symposium held by GVNW, which took place in Munich from 7 to 9 September. They were joined by GVNW Deputy Chairman Hans Jörg Schill.

Alexander said: “My impression is people have seen this as such a natural development that we all have to ask ourselves why we hadn’t done this before. I was one of those who at the very beginning said – don’t go too fast. I was sure there were more people opposing that development, which has been proved completely wrong.”

Hans Jörg added: “When we had the elections, DVS was 100% and in our association 99%. That means one was against the merger, or fusion, however you call it, and one who was not decided. So it was perfect. We already had about 40 who were members of both Bfv and DVS.”

Jo commented: “I think it is good for FERMA because now we have one spokesperson from Germany.”

It was not a worry in the past to have two associations, said Hans Jörg: “For representation, Jo, within FERMA, it was not hindering because Bfv was founded for in-house brokers and that is very special for Germany. But for us, now, it is very important that we now have one association.”

Jo commented on a change in the symposium this year. “My first impression is that it is much more international than I remembered. Then it was very German. The topics were German. It was very local.”

Said Alexander: “There is a fine line to walk. We share a lot of topics with our colleagues in other countries, and also we are and will remain a German association focussing on the topics that are of importance for our members.”

Priorities

Jo wanted to know about GVNW’s priorities for the year ahead. According to Alexander, internally, it has to differentiate what it will do for the different groups of owners. “On the outside from a strategic point of view, there is no order of priority. It is international insurance programmes. It is education, training and finding talent. Those are all highly important.”

Added Hans Jörg: “For captives, Solvency II is a very important subject at the moment.”

In terms of the big picture, Alexander said: “Lobbying is something we have to get a lot better at and getting some of our members understand it is not something fishy! It is something you need, because otherwise you will not be heard. That needs to be done nationally and also internationally. You also need some capabilities to be able to play on the international field. It is also about bringing the association into the next generation.”

FERMA has similar issues, said Jo, having grown from a very small organisation with one staff member to a group with teams. “We need really to adapt the way of working given the new challenges of the market of our members. We did a survey of our members, and I started at the beginning with communication, education and leadership, to look at the mission of our job in the company. The risk manager is supporting the decision making process of the company.

“It is good that you are thinking along the same lines. You have topics – captives, global programmes – but these are specific items, and we are talking about long term strategy. What should we be in two years?”

http://www.gvnw.de/home/?L=0


Expert view: the future of captives

FERMA board member Dirk Wegener answers some questions about captives.

FERMA: When companies are deciding to set up or maintain a captive, how important are:
Coverage that isn’t generally available on the commercial market?
Higher limits than available at an acceptable price from the commercial insurance market?
Better pricing on frequency risks (avoiding euro for euro trading with insurers)?
Better loss information?
Ability to plan better for severity losses?

Dirk: In principle, all of the above can motivate a company to set up a captive and the ultimate goal is to optimise the total costs of insurable risks. However, such a decision has always to be taken in light of the individual risk appetite of the company for self-insurance and the regulatory framework of the captive territory. Moreover, the captive has to operate on a sound business case, including risk-based underwriting, proper claims handling, and solid risk, capital and asset management procedures, because it needs to be run on an “arm’s-length” basis.
More from Dirk on captives [insert url]

FERMA: What factors govern the choice of domicile for a captive?

Dirk: It is fair to say that the predominant consideration is the territorial scope of a captive domicile, meaning the type and quantity of risks of the company and in what territories can be insured by the captive. Then, (prospective) captive owners are certainly interested in a supportive environment of their endeavour, which includes responsive and experienced regulators, a reasonable regulatory framework and the possibilities of outsourcing non-core functions.

FERMA: Do European companies typically look for an onshore domicile like Dublin or Luxembourg?

Dirk: Yes, this is generally the case. The EU Freedom of Service principles are instrumental in allowing a parent company to cover a significant volume of risks through an EU-domiciled captive, and some territories have demonstrated more interest than others in providing this attractive environment to captives. Moreover, the EU Solvency II regulatory regime is an advanced risk-based framework to grant a level plain field across the EU regards regulation, which thereby narrows even further the competition of EU captive domiciles on service capabilities.

FERMA: To what extent does it depend on the class(es) of business you want to use the captive for? Or the location of the risks?

Dirk: In principle, all typical captive domiciles allow insurance of all relevant classes of insurance contracts, but there might be some niche product which can only be insured in specialised domiciles or by setting up a structure for the purpose, such as protected cell captives. The location of the risks is a more distinct denominator. Some insurance classes can only be insured by domestic (captive) insurers, for example, such as insurance-based employee benefit schemes. In such cases, non-domestic captives alternatively often act as a reinsurer of a fronting insurer which meets the regulatory requirements.

FERMA: How does a captive support the ERM of a multi-national?

Dirk: Not only is the captive an established tool to optimise the total costs of insurable risks, it also provides transparency on global loss distributions by risk types/exposures and the efficiency and effectiveness of internal loss prevention measures. These insights, gathered from an internal data base via a process which is consistent across all risk types/exposures, makes possible a solid ERM process for existing sites and processes. It also supports investment decisions on future locations.

FERMA: To what extent do you think BEPS will increase costs for captive owners? Is this increase likely to make some captives unattractive for their owners?

Dirk: Firstly, owners of EU-domiciled captives are very disappointed that their captives are exempt from the regular procedures applicable to all other insurance companies. Throughout the entire process of the implementation of the Solvency II regime, we were told to accept being treated like any other insurance company, as we were not any different. Now, we are told we deserve a “special treatment”. This inconsistency is neither fair nor helpful to support the captive concept as effective risk mitigation tool.
And yes, proving to be compliant with the BEPS requirements will absolutely increase costs for captive owners. My hope is that the already complex Solvency II data analytics and reporting will be instrumental to prove BEPS compliance at moderate additional cost for EU-domiciled captives and, therefore, will be not prohibitive to continue the captive as such.

Read the FERMA position paper on captive insurance companies.


FERMA speaks out to change misperceptions of captive insurance

FERMA has launched a campaign to change misperceptions of captive insurance by tax authorities and other public bodies.

Click here to read the position

Click here to read the position

As a starting point, FERMA has today published a position paper on captive insurance companies, which it will submit to the OECD so that the views of European risk managers are considered when the OECD discusses the implementation of its Base Erosion and Profit Shifting (BEPS) measures with member governments.

FERMA will urge its 22 member associations across Europe to use the position paper to approach their national tax authorities, who will be responsible for deciding how to implement the BEPS measures, to explain the real risk management value of captives.

In light of the latest corporate transparency and anti-tax avoidance measure at European Union level, FERMA will also reach out to the Commission and Parliament to increase their understanding of the role of captives in the European economy. This follows the adoption in July of the Anti-Tax-Avoidance (ATA) Directive by the Council of the EU.

Jo-WillaertJo Willaert, the President of FERMA, said: “Captives serve an important enterprise risk management role for European business and other organisations. We believe it is important that EU tax authorities understand better how European captives operate to preserve these risk financing capacities. This is not about tax, but a fear that the administrative costs of owning a captive will become uneconomic.

FERMA will also raise the issues at the European Insurance and Occupational Pensions Authority (EIOPA) stakeholder group through its representative Marie-Gemma Dequae.

Key points in the paper include:

• Captive insurance enables European businesses to increase their capacity to take risk;
• The parent company gets a tailor-made risk coverage and pricing, and it can target risk reduction more effectively thanks to better loss information;
• Captive insurance contracts are genuine risk transfer transactions with pricing based on the same approaches as commercial insurers;
• European captives are regulated as other insurance entities under Solvency II;
• Many aspects of captive operations, such as the payment of insurance premium tax in source countries, demonstrate their genuine, non-tax functions.

Said Jo Willaert: “We find it ironic that Solvency II was designed to include as much as possible captives as normal regulated insurance companies, despite requests from the risk management community for more proportional regulation, and now BEPS and Commission initiatives are differentiating captives from the rest of insurance companies.

BEPS and EU anti-tax avoidance and financial transparency initiatives will be the subject of a risk managers only discussion at the FERMA Seminar in Malta on 3 and 4 October. There will also be a presentation on captive insurance and cells in Malta. For more information, see http://www.ferma.eu/ferma-seminar-2016/