The ORSA Requirement for Insurance Companies

The NAIC’s Own Risk Solvency Assessment (ORSA) requirements will become fully effective on Jan. 1, 2015. The ORSA process is one element of an insurer’s broader enterprise risk management (ERM) framework that links insurer’s risk identification, measurement, and prioritization processes with capital management and strategic planning. Each insurer’s ORSA process will be unique, reflecting its business, strategy and approach to ERM. While some insurers appreciate the flexibility and freedom afforded by the NAIC, the lack of an accepted framework can complicate the process as insurers attempt to determine what their respective state insurance departments will want to see included in their ORSA Summary Reports.

The ORSA Summary Report should discuss three major areas:

Section 1 - Description of the Insurer’s Risk Management Framework
Section 2 - Insurer’s Assessment of Risk Exposure
Section 3 – Group Risk Capital and Prospective Solvency Assessment

Some key elements to keep in mind when developing an ERM/ORSA program are:

  • A robust risk appetite and limits framework enhances risk governance and provides a platform on which to engage every stakeholder.
  • A key component of successful ERM is a risk culture that involves the entire organization and fosters shared responsibility for risk management.
  • The ORSA process is also an ideal opportunity to perform a comprehensive stress, reverse stress and scenario testing exercise. ORSA should take place in conjunction with an organization's business planning process, leading to a high degree of coordination between the risk, underwriting, strategy, finance, and compliance functions.
  • Economic capital models are very useful tools in risk management and risk aggregation, but even those organizations that have them in place do not necessarily use the information to the fullest to make strategic decisions. Given the business-critical uses to which capital models are put, ORSA requires models to meet the highest quality standards, be appropriately calibrated and fully tested and documented.

Since most insurers have some of the pieces already in place, they should evaluate what they already have and develop a plan to fill in the gaps.

Jerry Ravi is a Partner and Practice Leader specializing in Process, Risk, and Technology Solutions (PRTS). His focus is Enterprise Risk Management ERM and internal audit and compliance. He assists in designing enterprise risk management programs ERM which include deploying risk-based internal audit plans to enhance governance processes and monitor on-going compliance.

Contact Jerry

* Required