On October 10, 2014, the European Insurance and Occupational Pensions Authority ("EIOPA") published a speech (dated September 26, 2014) given by Gabriel Bernardino, EIOPA Chairman, on a number of topics, including the role of the chief risk officer ("CRO").

Points of interest inMr. Bernardino's speech include the following:

  • CROs have helped to shape the new risk-based regime in insurance. In return, regulators have placed risk management as one of the main building blocks. This opportunity should be used to embed a strong culture in firms' day-to-day operations, ensuring that business units themselves "think and act" from a risk management perspective.
  • It is important to emphasize that risk management goes well beyond compliance. It is about making sure that risk considerations, and their capital consequences, are explicitly taken into account in the strategic decisions of the firm. The matching of the firm's funds to its risk profile should help to promote a strong risk culture, and can be an essential tool in the sound running of the business.
  • Sound governance and risk management evolve over time. It is now particularly important to include adequate strategies and processes to deal with conduct and consumer risk in the governance system. From product design to claims management, insurers need to put customers at the centre of their business decisions. CROs are instrumental in delivering these results, but progress takes time, commitment, effort and a clear "tone from the top".
  • In an optimal world, CROs are at the centre of a firm's organization as the failure to take risk behavior into account when setting business strategies and plans puts the firm itself, and its shareholders, in danger. A strong CRO is a very good signal of strong governance from a supervisory perspective, and it definitely helps in attaining the regulatory objectives of increased financial stability and consumer protection. However, having a strong CRO should be seen as sound business practice, and not a regulatory requirement.
  • CROs need to find a balance between being the devil's advocate, offering challenge and alternative views, and at the same time being involved in business development and strategy. It is a dual role, where each CRO needs to be "independent but involved".
  • EIOPA expects each CRO to set an appropriate risk framework, capable of dealing with risk concentrations and emerging risks. It expects CROs to contribute to driving the business and to setting the strategy on a sound and sustainable path. To perform this job, the CRO should have a place in the firm's structure that allows the CRO to play an effective role in strategy setting and decision making. CROs need to raise their status within their firm and be part of the board or report directly to the chief executive officer. EIOPA sees a clear movement in this direction, but there are still some firms where the current reporting lines have to be challenged and should be rethought.

Originally published 11 November 2014

Visit us at mayerbrown.com

Mayer Brown is a global legal services provider comprising legal practices that are separate entities (the "Mayer Brown Practices"). The Mayer Brown Practices are: Mayer Brown LLP and Mayer Brown Europe – Brussels LLP, both limited liability partnerships established in Illinois USA; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales (authorized and regulated by the Solicitors Regulation Authority and registered in England and Wales number OC 303359); Mayer Brown, a SELAS established in France; Mayer Brown JSM, a Hong Kong partnership and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.

© Copyright 2014. The Mayer Brown Practices. All rights reserved.

This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.