-
How is the writing of insurance contracts regulated in your jurisdiction?
The regulation of insurers and reinsurers (collectively, “(re)insurers”) in the United Kingdom (“UK”) changed substantially following the 2007-2008 financial crisis and the implementation of the European Union’s Solvency II directive (“Solvency II Directive”) between 2009 and 2016.
In the UK, the Financial Services and Markets Act 2000 (“FSMA”) established a system for the regulation of various “regulated activities” as set out in the Financial Services and Markets Act 2000 (Regulated Activities Order) 2001 (“RAO”), which includes “effecting” and “carrying out” contracts of insurance (“(re)insurance business”). However, whilst the UK’s regulatory framework derives mainly from FSMA and its related implementing legislation and rules, it has also been substantially influenced by the implementation of various European laws including the Solvency II Directive, which was implemented before the UK withdrew from the European Union (“EU”).
Under FSMA, no person may carry on a “regulated activity” in the UK unless they are an “authorised person” or an “exempt person”. Authorisation to carry on (re)insurance business in the UK must be obtained directly from the relevant UK regulator. There are two relevant regulatory authorities in the UK, the Prudential Regulation Authority (“PRA”) and the Financial Conduct Authority (“FCA”) (together, the “Regulators”). Following the UK’s departure from the EU, it is no longer possible for a European Economic Area (“EEA”) headquartered (re)insurer or intermediary to passport into the UK from that EEA head office’s jurisdiction. However, such EEA firms may apply to the relevant UK regulator for authorisation to establish a branch in the UK.
(Re)insurers are regulated by both Regulators (and are therefore described as being “dual-regulated”), although the PRA acts as the “lead regulator” and therefore is the main point of contact for supervisory decisions. Insurance intermediaries are regulated by the FCA only (see Question 3 for further detail).
The UK’s regulatory system also applies to Lloyd’s of London (“Lloyd’s”), a specialist (re)insurance market in the City of London within which multiple financial backers, grouped in syndicates, come together to pool and spread risk. Both Lloyd’s and syndicates operating within it are dual-regulated. The majority of (re)insurance business written by underwriters (also known as “members”) at Lloyd’s is placed through brokers and both members and brokers are regulated by the FCA.
As noted above, much of UK insurance regulation derived from EU law. Following the UK’s departure from the EU on 31 January 2020 (“Brexit”) HM Treasury and the PRA have been conducting an ongoing review of the Solvency II regime in the UK. Any changes resulting from this review are expected to be communicated throughout the course of 2024.
Following the UK’s departure from the EU, the European Union (Withdrawal) Act 2020 repealed the European Communities Act 1972 but provided that almost all EU and EU-derived law would be “onshored” as at the end of the transition period on 31 December 2020. The Financial Services and Markets Act 2023 (“FSMA 2023”) has given HM Treasury broad powers to make regulations restating and revising EU law on financial services and markets and designating additional activities for regulation in the UK, including a new domestic “Solvency UK” regime tailored for the UK insurance market.
The Trade and Co-operation Agreement between the UK and the EU came into effect from the end of the transition period and provides a framework for their future cooperation. This contains limited provisions regarding the carrying on of (re)insurance and intermediation business into and out of the UK and the EEA, but there is currently no agreement on mutual recognition of regulatory regimes between the parties. It has, however, as noted above, led to an end of passporting rights for firms which operate cross-border in the UK and EEA, in respect of both passporting insurance permissions outwards from the UK to the EEA and inwards from the EEA to the UK.
Firms that were passporting into the UK at the end of the transition period were able to continue operating in the UK within the scope of their previous passport permission for up to three years under the UK’s temporary permissions regime (“TPR”). However, this limited period ended on 31 December 2023, and all (re)insurer and intermediary firms are now required to seek and obtain authorisation from the relevant regulator in the UK to carry on their business in the UK.
The European Insurance and Occupational Pensions Authority (“EIOPA”) had published recommendations for national EU insurance regulators with respect to how UK insurers operating in the EU should be treated in order to minimise disruption to policyholders. The guidelines recommend that EU member states take steps to ensure that UK insurers are able to run off existing cross-border business, although they will not be able to enter into new contracts or renew or extend existing contracts. These guidelines, however, have not been implemented consistently or comprehensively by EU member states and, even where they have been, often do not address the scenario that applies at the end of the transition period in the absence of current levels of market access. The UK and EU have agreed a financial services memorandum of understanding to create a “Joint UK-EU Financial Regulatory Forum” to discuss rulemaking for the sector. As at the time of writing, the forum has met twice, but there has not been significant progress on mutual recognition of regulatory regimes. For the time being, UK insurers will need to look to the regulatory position in each relevant member state to understand whether they are able to run off existing cross-border business now that the transition period has come to an end.
As noted above, HM Treasury and the PRA are currently undertaking a substantial review of the future regulatory framework in the UK and the UK’s regulatory capital framework which implemented the Solvency II Directive, seizing the opportunity to reform Solvency II in order to create a new “Solvency UK” regime. In each case, the reviews look at how the current regulatory framework and prudential rules which stem from EU law can be amended to better suit the requirements of the UK market. In 2023, the PRA published two consultation papers on the review of Solvency II covering its proposals to simplify, improve flexibility and encourage entry into the UK insurance market, as well as reform proposals for life insurers on investment flexibility and the matching adjustment. In February 2024, the PRA published a policy statement responding to feedback from its first consultation paper and is expected to publish an additional policy statement to its second consultation paper in June 2024. Implementation of the changes in rules and guidance arising out of these policy statements is expected to be before 31 December 2024. In June 2023, the UK Parliament also enacted FSMA 2023, which brought in a suite of reforms across the financial services sector in the UK, including a new competitiveness and growth objective for the Regulators which impacts (re)insurers operating in the UK.
-
Are types of insurers regulated differently (i.e. life companies, reinsurers?)
In principle, all types of (re)insurers are regulated in the same way, all being (subject to a few exceptions) subject to Solvency II/UK, as “onshored” and amended by UK law, and to prudential regulation by the PRA.
The capital requirements under Solvency II/UK are intended to be risk sensitive, realistic and market consistent, with (re)insurers having to hold sufficient assets to cover expected future liabilities. However, given the long-term duration of liabilities for life business in particular, there are a few provisions which relate specifically to life insurers. For example, the matching adjustment and volatility adjustment can be applied, with the consent of the PRA, to ensure that assets held to protect longer-term liabilities are suitable and correctly reflect the risks associated with such contracts.
Solvency II is currently the subject of an ongoing UK Government and PRA review, and announcements in respect of the proposed “Solvency UK” regime include reforms to the threshold for when Solvency II capital requirements apply as well as amendments to the risk margin and matching adjustment requirements under Solvency II. In November 2022, the UK Government published its consultation response to these proposed reforms to Solvency II, and changes to UK legislation to implement these reforms came into force in 2023-2024. Since then, the PRA issued two consultation papers on the proposed reform of Solvency II and recently published a policy statement on the Review of Solvency II: Adapting to the UK insurance market which relates to: (i) transitional measures on technical provisions and the risk-free interest rate; (ii) internal models; (iii) capital add-ons; (iv) flexibility in calculating group SCR; (v) third-country branches; (vi) mobilisation; (vii) thresholds; and (viii) currency redenomination. The PRA is also expected to publish a second policy statement relating to the risk margin and matching adjustment reforms by the end of June 2024. All changes to PRA rules and guidance resulting from the Review of Solvency II and detailed in the PRA’s policy statements are expected to be implemented by the end of 2024.
While the PRA deals with prudential regulation, conduct of business regulation for all (re)insurers falls under the remit of the FCA, which has extensive rules relating to the advertising and promotion of insurance contracts, including rules to ensure the fair treatment of customers, for example. Broadly, conduct rules for life and long-term insurance business are governed by the FCA’s Conduct of Business Sourcebook (“COBS”) whilst general business is covered by the Insurance Conduct of Business Sourcebook (“ICOBS”) – both sourcebooks are extended to apply to intermediaries as well. The perceived risk to policyholders and efforts to reduce financial mis-selling influence the degree of regulation by the FCA; for example, sales of long-term (i.e. life) insurance products which have an investment element to consumers are subject to additional requirements to ensure that customers are given as much information as possible before entering the contract. Such regulation has been recently bolstered by the implementation of the New Consumer Duty with effect from 31 July 2023 – see responses to Questions 21 and 23 for further details on the FCA’s New Consumer Duty.
Under FSMA, reinsurers are treated in the same way as direct insurers unless a rule specifies that they are excluded or subject to an alternative approach. There are certain provisions which are applied differently to “pure” reinsurers (i.e. reinsurers that only undertake reinsurance business).
-
Are insurance brokers and other types of market intermediary subject to regulation?
Various activities undertaken in relation to contracts of insurance (including arranging a contract of insurance, advising on contracts of insurance or assisting in the administration and performance of contracts of insurance) are regulated under FSMA. Accordingly, authorisation must be sought from the FCA to act as an insurance intermediary in the UK (note that the PRA does not regulate insurance mediation – both the prudential and conduct regulation of insurance intermediaries falls to the FCA).
It is also possible for an entity to become an appointed representative of a regulated firm in order to carry out mediation activities without itself being regulated. This “exemption” works on the basis that the regulated principal has full responsibility for the actions of its appointed representative.
-
Is authorisation or a licence required and if so how long does it take on average to obtain such permission? What are the key criteria for authorisation?
Permission must be sought from the PRA to carry on insurance business in the UK, i.e. to effect or carry out a contract of insurance, and from the FCA to act as an insurance intermediary. In either case, a ‘Part 4A permission’ authorisation application must be made and the relevant Regulator must make a decision on a complete application within six months, although, in practice, it may take some time to produce an application that the relevant Regulator deems to be “complete”. If permission is granted, then the firm will receive a Scope of Permission notice which will state the regulated activities that the firm has permission to carry out, when the permission starts and any requirements or limitations that the firm may be subject to.
Authorised firms appear on a publicly searchable “Financial Services Register”, which shows which permissions they have been granted in relation to regulated activities.
The key criteria for authorisation are expressed in the PRA and FCA’s ‘Threshold Conditions’. Each firm is expected to meet these conditions in order to obtain authorisation and must continue to meet these conditions on an ongoing basis.
The PRA’s Threshold Conditions are:
- Legal status – Insurers must be a body corporate (other than a limited liability partnership), a registered friendly society or a member of Lloyd’s;
- Location of offices – A UK incorporated company must maintain its head office and (if applicable) registered office in the UK. If the firm is not a body corporate, it must carry on its business in the UK;
- Prudent conduct of business – A firm must conduct its business in a prudent manner, which includes having appropriate financial and non-financial resources;
- Suitability – A firm must satisfy the regulator that it is a “fit and proper” person with regard to all circumstances to conduct a regulated activity. The firm’s management must have adequate skills and experience and must act with integrity; and
- Effective supervision – The firm must be capable of being effectively supervised by the PRA.
As well as meeting these requirements, the PRA expects firms to consider the overriding principle of safety and soundness and to ensure that they are able to secure an appropriate degree of protection for policyholders.
The FCA’s Threshold Conditions are:
- Location of offices – A UK incorporated company must maintain its head office and (if applicable) registered office in the UK. If the firm is not a body corporate, it must carry on its business in the UK;
- Effective supervision – The firm must be capable of being effectively supervised by the FCA;
- Appropriate non-financial resources – The firm must have appropriate non-financial resources with respect to the regulated activities it seeks to carry on and having regard to the FCA���’s objectives;
- Suitability – The firm must be a “fit and proper”’ person. The firm’s management must have adequate skills and experience and act with integrity. The firm must have appropriate policies and procedures in place and manage conflicts of interest appropriately; and
- Business model – The firm’s business model is suitable for a person carrying on the proposed regulated activities and does not pose a risk to the FCA’s objectives.
-
Are there restrictions or controls over who owns or controls insurers (including restrictions on foreign ownership)?
It is a criminal offence to acquire or increase control in an insurer authorised in the UK without the prior approval of the PRA, who will lead the assessment and approval of the application for a change in control application in relation to an insurer. The PRA will also consult with the FCA on the application and the FCA may make representations to the PRA as part of the process. The PRA may approve the change in control unconditionally, impose conditions or object to the acquisition.
A person will acquire control for these purposes if (i) they (alone or with their associated persons) hold 10% or more of the shares or voting power in an insurance undertaking (or a (direct or indirect) parent undertaking) or (ii) they are able to exercise significant influence over the insurance undertaking.
Approval by the PRA is also required when an existing controller proposes to increase its shareholding or voting power in an insurance undertaking (or its (direct or indirect) parent undertakings) above 20%, 30% or 50%.
There are no legislative restrictions on non-UK (or EU) nationals owning insurance companies.
-
Is it possible to insure or reinsure risks in your jurisdiction without a licence or authorisation? (i.e. on a non-admitted basis)?
FSMA prohibits any person from undertaking a regulated activity by way of business in the UK without authorisation. However, simply insuring/reinsuring a policyholder/risk located in the UK does not itself amount to carrying out (re)insurance business in the UK unless activities are also carried on in the UK which amount to the effecting or carrying out of a contract of (re)insurance. Therefore, it is possible for overseas firms to structure their business such that, for the purposes of FSMA, they are not deemed to be carrying on (re)insurance business “in the UK”. However, it should be noted that there is a significant amount of case law and regulatory guidance on the question of whether the business of an offshore (re)insurer is deemed to be carried on “in the UK” and the position is ultimately one to be determined on the basis of all the relevant facts and circumstances.
-
Is a branch of an overseas insurer, insurance broker and/or other types of market intermediary in your jurisdiction subject to a similar regulatory framework as a locally incorporated entity?
Insurers and intermediaries headquartered outside the UK can operate in the UK either through a branch or by forming a subsidiary. As a UK subsidiary is a separate legal entity from its parent, it will be subject to the direct supervision of the UK Regulators, as described above.
Overseas (third-country) insurers and intermediaries operating through a branch in the UK are subject to the Regulators’ rules on third-country branches. All third-country branches are required to obtain authorisation from the relevant Regulator to carry on insurance or intermediary business, as applicable, in the UK and to comply broadly with the same conduct of business requirements. As a result of Brexit, branches of EEA insurers and intermediaries who previously operated in the UK under the passporting regime may have been able to operate under the temporary permissions regime but were required to seek authorisation from the relevant Regulator in order to continue operating in the UK from 1 January 2024. The temporary permissions regime ended on 31 December 2023.
Different capital and governance requirements apply to branches, compared with subsidiaries, reflecting the different structure of branches. However, the legal entity seeking authorisation to operate through a branch as a whole is required to have sufficient financial resources and this will be assessed as part of the authorisation process. The Regulators will also need to be satisfied that the home jurisdiction of the legal entity (operating in the UK through a branch) has a “broadly equivalent” supervisory regime before authorising a third-country branch.
-
Are there any restrictions/substance limitations on branches established by overseas insurers?
As noted in response to Question 7, branches established by overseas insurers are subject to the Regulators’ rules on third-country branches. Such rules require overseas insurers to maintain financial soundness at branch level to ensure the branch has sufficient assets to cover its (re)insurance obligations for policyholders in the UK. From 31 December 2024 as part of Solvency II Reforms, the Regulator will no longer require third-country branches to calculate and maintain a branch SCR or MCR; however, they will still be expected to calculate and hold sufficient assets to cover its insurance and reinsurance obligations in the UK.
-
What penalty is available for those who operate in your jurisdiction without appropriate permission?
It is a criminal offence to undertake a regulated activity in the UK without permission, punishable by up to two years’ imprisonment or a fine. An agreement entered into without permission is unenforceable by the unregulated firm against the other party. A policy entered into by an unauthorised insurer is void at common law; accordingly the insured would be entitled to recover premium paid and can recover compensation for any loss sustained as a result of entering into a contract with an unauthorised business. There are limited exceptions that allow the contract to be upheld where it is just and equitable to do so.
-
How rigorous is the supervisory and enforcement environment? What are the key areas of its focus?
The PRA and the FCA have extensive statutory enforcement powers set out in FSMA. Where someone has breached the prohibition on carrying out a regulated activity without permission, they may be imprisoned or fined. The sanction of withdrawal of authorisation is available to the Regulators where a business ceases to meet the threshold conditions (that is the minimum requirements both Regulators require for authorisation). The Regulators can also vary permissions, censure firms and individuals publicly for breaches of regulatory requirements and impose financial penalties, apply for an injunction where either Regulator believes that a person or business will contravene a requirement of FSMA, seek a restitution order to recover assets received in contravention of a regulatory requirement and issue a prohibition order against an individual carrying on a regulated activity.
Both the PRA and FCA have investigatory powers. The PRA also has the ability to outsource investigations to either the FCA or a third-party expert (“skilled person”).
All regulated businesses are under an ongoing obligation to inform the relevant regulator of anything relating to the firm of which the regulator would reasonably expect notice.
The PRA is responsible for the prudential regulation of insurers and accordingly focuses primarily on the safety and soundness of the firms it regulates. It also has wider operational objectives which relate to promoting the safety and soundness of the financial system. Accordingly, its key areas of focus include:
- financial resilience, including firms’ capitalisation and liquidity levels;
- operational resilience, i.e. ensuring that firms have taken sufficient steps to mitigate the risk of disruption to business services;
- recovery and resolution, which include ensuring that firms have credible plans in place in order to enable them to respond to and recover from stress events and (for systemically important firms) to manage their potential failure;
- facilitating effective competition through the application of its regulatory approach; and
- firms’ governance and culture.
The FCA is a conduct regulator and its main operational objective is to ensure that customers of regulated firms are treated fairly. Accordingly, with respect to insurance, it primarily focuses on the treatment of customers throughout the product lifecycle to ensure that at each stage, communications are clear, fair and not misleading and that customer’s interests are protected. Recently, we have also seen the FCA focusing in particular on the treatment of vulnerable customers, the use of customer data and imposing new rules in relation to pricing practices which may lead to negative outcomes for customers. This includes implementing reforms in areas like price walking (increasing premiums at renewal without justification) and gender pricing (differentiating premiums based on gender). The FCA’s oversight of such pricing practices signals a change in approach for the regulator which has typically not commented on pricing practices.
FSMA 2023 introduced a new secondary objective for the Regulators to “facilitate, subject to aligning with relevant international standards, the international competitiveness of the UK economy (including in particular the financial services sector) and its medium to long-term growth” (known colloquially as the “competitiveness and growth objective”).
Finally, FSMA 2023 also introduced measures to enhance scrutiny in, and accountability of, the Regulators in the UK through implementing regular reporting requirements to HM Treasury and providing HM Treasury with greater powers to submit information requests to the Regulators.
-
How is the solvency of insurers (and reinsurers where relevant) supervised?
UK (re)insurers are (subject to any changes which the UK may make in the medium term, as discussed above) subject to the European Solvency II regime (introduced on 1 January 2016), as “onshored” by UK law at the end of the transition period.
Solvency II is a forward-looking risk-based capital regime which was implemented across the EEA from 1 January 2016. Solvency II uses a market-consistent approach to value insurers’ assets and liabilities (i.e. the price at which a willing buyer would take them). The directive is supplemented with a Delegated Act – an EU Regulation – and is also supported by Technical Standards which are directly applicable, and guidelines produced by the EIOPA (the EU’s Insurance Authority). As previously mentioned, all of the above was “onshored” as at the end of the transition period on 31 December 2020 by the European Union (Withdrawal) Act 2020.
The Solvency II framework is broadly structured into three pillars: quantitative requirements (Pillar 1); qualitative requirements and supervisory review (Pillar 2); and transparency requirements (reporting and disclosure) (Pillar 3).
In the UK, the PRA has responsibility for ensuring that firms comply with Solvency II.
As discussed above, the UK Government recently reviewed the UK prudential regulatory regime which derives from Solvency II. The purpose of the review being to ensure that the prudential regulatory framework in force in the UK properly reflects the unique structural features of the UK insurance sector and allow for regulation to balance the relatively prescriptive and rules-based model under Solvency II with a mix of judgement and rules which can be operated effectively by the PRA.
Over the course of the past 3 years, there have been various Calls for Evidence, Quantitative Impact Studies, Qualitative Questionnaires and Consultation processes. The PRA has modelled different approaches and a package of reforms was outlined in the UK Government’s consultation response to the proposed Solvency II reforms published in November 2022. The UK Government’s reforms to Solvency II focus on: (i) a substantial reduction in the risk margin, including a proposed cut of around 65% for long-term life insurers and 30% for general insurers; (ii) broadening the range of assets eligible for the matching adjustment portfolio; (iii) an increase in flexibility to allow insurers to invest in long-term assets such as infrastructure; (iv) a meaningful reduction in the current reporting and administrative burden on firms; and (v) encouraging innovation by supporting new market entrants through a new mobilisation regime with lower entry requirements and substantial increases to the thresholds from which Solvency II applies to (re)insurers in the UK.
During the course of 2023, the PRA issued two consultation papers on the reforms proposed by the UK Government and recently in February 2024, the PRA published a policy statement on the Review of Solvency II: adapting to the UK insurance market with proposed final rules on change to: (i) transitional measures on technical provisions and the risk-free interest rate; (ii) internal models; (iii) capital add-ons; (iv) flexibility in calculating group SCR; (v) third-country branches; (vi) mobilisation; (vii) thresholds; and (viii) currency redenomination. The PRA is also expected to publish a second policy statement with proposed final rules on changes to the risk margin and matching adjustment also by the end of June 2024.
All changes to PRA rules and guidance resulting from the Review of Solvency II and detailed in the PRA’s policy statements are expected to be implemented by the end of 2024.
-
What are the minimum capital requirements?
The Solvency II regime (as “onshored” into UK law) introduced a risk-based capital regime, requiring insurers to assess the individual risks they are subject to on both sides of the balance sheet and hold sufficient capital against these risks.
There are two capital requirements under Solvency II: the minimum capital requirement (“MCR”) and the solvency capital requirement (“SCR”). SCR is the quantity of capital required to be held to protect against unexpected losses over the following year subject to a confidence level of 99.5%. MCR is set at a lower threshold –– a confidence level of 85%. Insurers calculate their SCR using a standard formula, which is a standardised calculation set out in the Delegated Acts, or (subject to prior regulatory approval) a full or partial internal model which is tailored to the risk profile of the particular insurer.
Life insurers may also seek regulatory approval to apply a “matching adjustment” when calculating their liabilities, which provides capital relief when holding certain long-term assets which match the cash flows of a designated portfolio of life or annuity insurance and reinsurance obligations.
Breach of SCR triggers regulatory intervention, designed to ensure SCR capital levels are restored, and breach of MCR can lead to an insurer losing its authorisation if the breach is not remedied within three months.
-
Is there a policyholder protection scheme in your jurisdiction?
The Financial Services Compensation Scheme (“FSCS”) protects policyholders (including consumers and small businesses) should a UK-authorised insurer become insolvent. Compensation is only available for financial loss. In the event of insolvency, 100% of a claim is protected in respect of a compulsory insurance policy, professional indemnity insurance or life and long-term sickness policy. In all other cases, 90% of the claim is protected.
-
How are groups supervised if at all?
Under Solvency II, groups are subject to supplementary supervision in addition to the solo supervision of individual insurance companies in order to protect policyholders against risks that might be present within a group but are not necessarily apparent where only the individual insurance company is considered. The Solvency II Directive sets out the circumstances in which group supervision is triggered. Only one insurance entity within a corporate group need be headquartered in the UK for group supervision to be applied under UK legislation.
Where a UK headquartered Solvency II group is identified, it must hold eligible own funds equal to or in excess of a group SCR. Group-owned funds must be transferable and fungible across the group. The group capital requirement can be calculated using either a standard formula or an internal model (similar to individual entity capital requirements). The recognition of individual company own funds (in excess of any applicable solo capital requirement) at the group level depends on their availability and transferability between group entities. In addition, group-wide governance, reporting and intra-group transaction and risk concentration monitoring shall apply.
Where a group is headquartered outside the UK, Solvency II group supervision may still apply, either to a sub-group or to the worldwide group, depending, for example, on whether a finding of equivalence has been made in relation to relevant third-country jurisdictions. For example, the UK has declared EEA member states equivalent for group supervision purposes, a gesture which has not yet been reciprocated by the EU.
-
Do senior managers have to meet fit and proper requirements and/or be approved?
Senior managers of UK (re)insurers are subject to fitness and propriety requirements under the Senior Managers and Certification regime (“SMCR”) as well as under the FCA’s Conduct Rules (“Conduct Rules”).
The SMCR has applied to insurers from 10 December 2018, replacing the previous PRA Senior Insurance Managers regime (“SIMR”) and FCA Approved Persons regime. The SMCR was extended to apply to further firms including insurance intermediaries from 9 December 2019. Fundamentally, this regime aims to increase the individual accountability of senior managers in regulated firms whilst also making firms in most cases, rather than regulators, primarily responsible for assessing and ensuring the fitness and propriety of individuals who carry out certain controlled functions.
Under the SMCR, certain executive and non-executive roles are designated Senior Management Functions (“SMFs”). Appointment of an individual to an SMF requires pre-approval from the relevant regulator. Before taking up any SMF, an application must be made to the relevant regulator for approval. The PRA and/or FCA will seek to ensure that the individual is fit and proper for the role. They will consider the individual’s honesty, integrity and reputation as well as their competence, capability and financial soundness.
In addition to the SMFs, certain other additional responsibilities prescribed by the FCA need to be allocated amongst the firm’s senior managers (“SMs”). Each SM’s individual responsibilities must be set out in a “statement of responsibilities” which must be submitted to the regulators. Each SM so identified has a duty to take reasonable steps to avoid the firm breaching its relevant regulatory duties. A regulator may take individual action against an SM who fails to take such steps.
Firms are also required to prepare and maintain a “responsibilities map” setting out the key roles in the firm, the people responsible for them and lines of accountability.
The certification regime requires insurers to identify individuals performing certain “certification functions”, which are functions that relate to a firm’s regulated activities and involve or might involve a risk of significant harm to the firm or its customers. Firms must assess and certify each relevant individual’s fitness and propriety to perform that role at least annually.
Firms must also ensure that employees comply with certain Conduct Rules issued by the FCA. There are two tiers of Conduct Rules: the first tier applies to all employees and directors of a firm involved in carrying out its regulated and unregulated financial services activities; the second tier applies to senior managers. Each firm has notification, training and record keeping obligations in connection with these Conduct Rules.
Notably, the UK Government is currently reviewing the existing SMCR regime following a Call for Evidence, accompanied by a parallel Discussion Paper of the Regulators in March 2023. The review of the SMCR regime is spread across the financial services sector including (re)insurers in the UK. Feedback following the Call for Evidence is currently under review by the UK Government and Regulators and details on the outcome of the reviews and any potential reforms is expected in late 2024 – early 2025.
-
To what extent might senior managers be held personally liable for regulatory breaches in your jurisdiction?
Senior managers may be held personally liable for regulatory breaches in the UK and, as noted above, the introduction of the SMCR has greatly increased the level of individual accountability that senior managers of regulated firms face. Because an SM has a duty to take reasonable steps to avoid the firm breaching its regulatory duties, it is possible for an SM to be held personally liable even if he or she was not personally involved with the breach.
Where there is such a breach, individuals may face sanctions. These can include public censure, withdrawal of approval to hold an SMF, a ban on holding SMFs in the future, fines or, in particularly serious cases, custodial sentences.
-
Are there minimum presence requirements in order to undertake insurance activities in your jurisdiction (and obtain and maintain relevant licenses and authorisations)?
A firm conducting insurance activities in the UK needs to meet the FCA’s Threshold Conditions and, where applicable, the PRA’s Threshold Conditions as detailed above. Firms are also required to continue to comply with the UK’s minimum capital and governance requirements, amongst the provisions of the broader UK regulatory framework.
-
Are there restrictions on outsourcing services, third party risk management and/or operational resilience requirements relating to the business?
In accordance with Solvency II, where an insurer outsources part of its business, it will remain fully responsible for discharging all of its obligations under law, regulation and administrative provisions. Specifically, insurers must not outsource any critical or important part of the business in such a way as might lead to any material impairment in the quality of the firm’s systems of governance, any increase in operational risks, impairment of the ability of the supervisory authorities to monitor compliance or undermining of continuous and satisfactory service to policyholders.
Firms are required to demonstrate operational resilience against multiple forms of disruption including in relation to outsourced services. Enhancing the operational resilience of the sector remains a strategic priority for the PRA and FCA following the introduction of the final rules on operational resilience in March 2022. During the transitional period, which ends on 31 March 2025, firms are expected to develop their security controls and capabilities to manage the increasing risk of cyber threats, to have identified and mapped important business services, set impact tolerances for these, initiate a programme of scenario testing and identify any vulnerabilities.
Firms are required to meet regulatory expectations in respect of outsourcing and third-party risk management, which are intended to strengthen the regime on operational resilience and facilitate greater resilience of services provided by third parties, including the cloud and other technologies. The Regulators have set expectations for insurers to assess and diligence third parties as well as more specific expectations regarding data security, sub-outsourcing, business continuity, exit strategies and the Regulators’ rights to access, audit and seek information from third parties.
-
Are there restrictions on the types of assets which insurers or reinsurers can invest in or capital requirements which may influence the type of investments held?
Under Solvency II, investments made by insurers are governed by the “prudent person principle”. An insurer must only invest in assets and instruments where it is able to properly identify, measure, monitor, manage, control and report and appropriately take into account the risks of that asset or instrument when assessing its overall solvency needs. All assets of the insurer must be invested in such a way as to ensure the security, quality, liquidity and profitability of the firm’s investment portfolio as a whole, as well as localised such as to ensure their availability. In practice, that means that insurers are required to look closely at their investment portfolio to assess the relevant risks, set limits on counterparty and asset exposures and develop models for valuing any complex or illiquid investments.
Under Solvency II, certain investments attract a capital charge which is intended to offset the risk associated with holding that asset. For example, under the standard formula for calculating capital requirements, tier 1 equities attract a 39% capital charge, tier 2 equities attract a 49% capital charge and investments in real estate attract a capital charge of 25%. These capital charges influence the composition of insurers’ investment portfolios.
Some insurers may opt not to adopt the Solvency II standard formula and instead develop their own “internal model” for calculating solvency capital requirements. An internal model can offer more flexibility for insurers (particularly those who feel that the standard formula is not a good fit for assessing their business) but does require the Regulator’s review and approval before it may be used. Changes announced by the PRA as part of the Review of Solvency II are expected to offer greater flexibility to insurers when obtaining internal model permissions from the Regulators by introducing mechanisms to address potential non-compliance issues and by moving away from a rigid binary approval system.
There are some specific areas where additional criteria apply which can affect the treatment of assets held under Solvency II. For example, the “matching adjustment” under Solvency II gives insurers relief for holding certain long-term assets, where they can show that the cash flows of these assets match a portfolio of life or annuity (re)insurance obligations. The PRA is expected to issue a policy statement announcing changes to its rules on the matching adjustment by June 2024.
-
Are there requirements or regulatory expectations regarding the management of an insurer's reinsurance risk, including any restrictions on the level / type of reinsurance utilised?
Currently, UK authorised insurers must comply with the Prudent Person Principle, such compliance with which should account for the risks associated with reinsurance activities. In its 2024 priorities letter, the PRA renewed the Regulator’s focus on reinsurance risk within the market, with particular attention being paid to the continued high level of longevity reinsurance and the emergence of more complex “funded reinsurance” in the UK life market. Following on from its publication of a thematic review on funded reinsurance in June 2023, the Regulator reiterated that there would be continued monitoring of how market practices surrounding funded reinsurance is evolving.
-
How are sales of insurance supervised or controlled?
The FCA is obliged, under FSMA, to advance certain strategic objectives, including protecting customers. It is with these objectives in mind that the FCA has set out both rules and guidance in relation to sales of insurance policies. The requirements primarily seek to balance information asymmetries between the insurer and the policyholder, particularly where the policyholder is a consumer.
In addition to the rules and guidance set out in the FCA Handbook, the FCA also requires all regulated firms to meet certain principles for businesses. As part of the new Consumer Duty, the FCA recently introduced a new Principle 12 which states that “A firm must act to deliver good outcomes for retail customers”. In light of the Regulator’s increased focus on consumer protection across financial services, the new Consumer Duty was introduced with Principle 12 being supported by three cross-cutting rules requiring firms to: (i) act in good faith towards retail customers; (ii) avoid foreseeable harm to retail customers; and (iii) enable and support customers to pursue their financial objective. Four outcomes representing the key elements of the firm-customer relationship further set out the FCA’s expectations of firms under the Consumer Duty.
Principle 6 also requires firms to pay due regard to the interests of customers and treat them fairly. In order to meet these requirements, the FCA expects firms to meet six Treating Customers Fairly (“TCF”) objectives. These six objectives seek to ensure that products and services are marketed fairly, meet the needs of customers, are sold with clear and comprehensible information, any advice received is suitable and that customers do not face any post sales barriers.
-
To what extent is it possible to actively market the sale of insurance into your jurisdiction on a cross border basis and are there specific or additional rules pertaining to distance selling or online sales of insurance?
The UK implemented the EU’s Directive No. 2002/65/EC of 23 September 2002 on distance marketing of consumer financial services, which includes specific rules on distance selling of insurance, which has been “onshored” following the UK’s withdrawal from the EU. These include heightened disclosure rules which state what information a customer must receive prior to conclusion of the insurance contract and make clear to what extent this must be directly communicated to the customer. They also include a right for consumers to cancel financial contracts entered into through distance selling with no penalty for 14 days (general insurance) or 30 days (life insurance) following the conclusion of the contract.
-
Are insurers in your jurisdiction subject to additional requirements or duties in respect of consumers? Are consumer policies subject to restrictions, including any pricing restrictions? If so briefly describe the range of protections offered to consumer policyholders
Consumer policies must meet the requirements of the Consumer Rights Act 2015 (“CRA 2015”). The CRA 2015 prohibits the use of unfair contract terms in consumer agreements and consumer notices (including announcements, promotions and renewal letters). A term will be unfair if, contrary to the requirement of good faith, it causes a significant imbalance in the parties’ rights and obligations under the contract, to the detriment of the consumer. Core terms (i.e. terms that either relate to the main subject matter of the contract or to the price to be paid) cannot be assessed for fairness to the extent that they are sufficiently transparent and prominent. Importantly, in insurance contracts, core terms will include exclusions and conditions. To ensure that the insurer is able to rely on such terms both policy conditions and exclusions must be transparent (which will require drafting in plain and intelligible language) and also prominent (so that the consumer is sufficiently aware of the term). Certain terms are likely to be unfair such as high cancellation charges and terms that allow the insurer to determine the characteristics or price after the contract has been entered into. Any term found to be unfair will not bind a consumer.
Pricing rules, designed by the FCA to address harms to consumers that were identified through its general insurance pricing practices market study, have also recently been introduced in the UK, providing customer protections at the point of renewal of insurance policies. The rules apply to all types of general insurance and pure protection products, but primarily focus on insurers providing home and motor insurance. The rules include requirements on insurers: (i) to inform customers of whether the terms and conditions of the policy provide for automatic renewal, the effect of the renewal, and how the customer can easily cancel the automatic renewal element at any time (and actually make it easy for customers to effect such auto-renewal cancellation); (ii) in respect of home and motor insurance products, not to set a renewal price that is higher than the price that would be offered to a new customer of the same risk profile purchasing the same product; and (iii) to apply product governance rules to all general insurance products, and ensure that product approval process identifies whether a product provides fair value to customers, with an expectation that firms undertake product value reviews of all products at least annually. As a result of the new rules, pricing information reports are also required to be submitted to the FCA.
A new FCA Consumer Duty, which applies to insurers that sell products and services to retail customers, has also recently come into force. Since 31 July 2023, the FCA Consumer Duty applies to all new products and services and all existing products and services that are open to sale or renewal by an insurer. From 31 July 2024, the FCA Consumer Duty will also apply to all closed products and services. It also applies to all firms in an insurance distribution chain that can determine or “materially influence” retail customer outcomes. Insurers are, however, only expected to be responsible for their own activities and do not need to oversee the actions of other firms.
The Duty marks a return to a more outcome-focused approach by the FCA and places the onus on firms to proactively assess and evidence the extent to which and how they deliver good consumer outcomes. It is structured as an overarching new Principle 12 of the FCA Handbook that “a firm must act to deliver good outcomes for retail customers”.
It is supported by three cross-cutting rules which require firms to: (i) act in good faith towards retail customers; (ii) avoid causing foreseeable harm to retail customers; and (iii) enable and support retail customers to pursue their financial objectives. There are also four outcomes which provide guidance on how the FCA expects firms to deliver on the requirements of the new Consumer Duty in relation to: (i) products and services; (ii) price and value; (iii) consumer understanding; and (iv) consumer support.
-
Is there a legal or regulatory resolution regime applicable to insurers in your jurisdiction?
Whilst the UK has a number of insurance-specific rules and regulations that apply to (re)insurers in the UK in the event of their insolvency under the Insolvency Act 1986, there is currently no regulatory resolution regime for (re)insurers. However, in January 2023, the UK Government issued a consultation paper on a proposed Insurer Resolution Regime, which would give the UK Regulators new tools and powers to manage the failure of insurers so as to minimise disruption to policyholders and the wider economy that may be caused by a failing insurer. Notably, the UK’s proposed Insurer Resolution Regime has much in common with the EU’s proposed Insurance Recovery and Resolution Directive. The UK Government issued a consultation response in August 2023 and the implementation of an Insurer Resolution Regime in the UK is expected in 2025.
-
Are the courts adept at handling complex commercial claims?
The commercial court in the High Court of Justice has a long history of dealing with complex insurance claims; the experience and quality of the judiciary that will hear international insurance claims is unrivalled. The English judiciary are widely regarded as impartial and expert in commercial disputes – frequently dealing with international parties. The extensive guidance provided by judicial precedent provides parties with a degree of certainty as to the outcome of commercial disputes.
-
Is alternative dispute resolution well established in your jurisdictions?
The UK is a signatory of the New York Convention. The use of both arbitration and mediation is well established. In England and Wales, the relevant law governing arbitration is contained in the Arbitration Act 1996 and any arbitration must be conducted within the framework of this Act. There are limited opportunities to appeal the decision of an arbitral tribunal.
-
Is there a statutory transfer mechanism available for sales or transfers of books of (re)insurance? If so briefly describe the process
In the UK, books of (re)insurance business may be transferred under a mechanism set out in Part VII of FSMA (a “Part VII transfer”). This is a court-sanctioned process and is mandatory with respect to transfers of UK books of (re)insurance business. Part VII transfers are widely used, both in connection with mergers and acquisitions and also with respect to intragroup reorganisations. The full process typically takes from 12 to 18 months.
The process involves, in outline:
- preparation of the Part VII transfer scheme documents. This will include the appointment of an independent expert, who will write a report on the terms of the transfer scheme to assist the court in understanding the potential impact on policyholders;
- engagement with the regulators. The PRA leads the Part VII transfer process; however, the FCA also has a role and provides views to the court;
- a preliminary court hearing at which applications are made to court with respect to the process, including the insurer’s plans for notifying policyholders;
- publication of the transfer scheme document and notification of policyholders. An objection period must also pass to give time for policyholders to consider the proposal and lodge any objections; and
- a final court hearing at which the court is asked to decide whether or not to sanction the transfer. The regulators’ views are a key factor in the court’s decision. The court will also consider any policyholder objections.
If the court approves the Part VII transfer, it will issue an order effecting the transfer. It is also empowered to make ancillary orders in connection with the transfer, such as, for example, transferring connected reinsurance.
As the Part VII transfer process derives from European legislation, prior to Brexit it provided a mechanism for cross-border transfers of insurance business within the EU. However, the onshoring of EU legislation under the European Union (Withdrawal) Act 2020 has resulted in the Part VII regime only being available for transfers of business between UK authorised (re)insurance firms and/or branches.
-
What are the primary challenges to new market entrants? Are regulators supportive (or not) of new market entrants?
The UK has a long-established and therefore mature insurance market that covers all product lines in life, general insurance and reinsurance and it has an infrastructure and depth of professional expertise rivalling any other global insurance hub. Whilst the past few years have seen extensive market consolidation in the pursuit of growth in an environment where rates had been falling, especially in competitive commercial lines, recent catastrophe experiences and the COVID-19 pandemic have contributed to a hardening market in some lines, meaning the market continues to provide certain opportunities to new entrants and investors.
The political and commercial uncertainty introduced following the EU referendum has meant that new market entrants do not have the same degree of certainty in relation to the breadth of market they can operate in as was the case before Brexit, although this level of certainty is expected to improve following the implementation of the Solvency UK regime by the end of 2024. However, new entrants looking to benefit from access to European markets are now likely to consider jurisdictions other than the UK, though the UK remains an attractive marketplace for global specialty risks.
The UK is also a highly regulated market. The cost of compliance can pose a significant challenge to new entrants, particularly in the light of the highly sophisticated Solvency II supervisory regime.
We have however seen a number of steps being taken by the Regulators and the UK Government to increase the attractiveness of the UK to new market entrants and reduce the burden of regulatory requirements. This includes the launch of a new insurer start-up unit by the PRA and FCA to assist those looking to establish an insurer in the UK navigate the applicable authorisation and application process and comply with any ongoing regulatory requirements, as well as the introduction of the competitiveness and growth objective for the Regulators to facilitate international competitiveness of the UK economy and its growth in the medium to long term (see Question 10 above).
The UK Government’s reviews of the future regulatory framework and Solvency II regime in the UK looked specifically at how to make the UK regulatory and capital regimes more agile and user-friendly. In February 2024, as part of reforms of Solvency II, the PRA announced its finalised rules with reforms to: (i) meaningfully reduce the current reporting and administrative burden on firms; (ii) encourage innovation by supporting new market entrants through a new mobilisation regime with lower entry requirements; and (iii) substantially increase the thresholds from which Solvency II applies to (re)insurers in the UK. Changes to implement these reforms are expected by 31 December 2024.
As noted below, there is also widespread support from the Regulators and the UK Government for the digitisation of insurance and the use of technology. There have been a large number of Insurtech developments which offer insurers access to new data sources and a new customer base and may present an appealing proposition for new capital providers.
-
To what extent is the market being challenged by digital innovation?
The London Market is expected to be transformed by digital innovation in various ways. Lloyd’s originally launched ambitious plans to transform and digitalise its business model through its Future At Lloyd’s transformational programme. The first phase of this programme, Blueprint One, was launched in 2019 and Blueprint Two, the second phase of the programme, was launched in November 2020. Blueprint Two sets out Lloyd’s ambitions to create a “data-led digital market” and focuses on two core placement types – open market and delegated authority business – which between them account for more than 80% of the value and 90% of insurance contracts placed at Lloyd’s. It is expected that the Blueprint Two solutions will allow brokers and insurers collectively to reduce costs by over £800 million as a result of being able to innovate and operate more efficiently through automation. Phase 1 of Blueprint Two is targeted for October 2024 and will move all customers to a new single digital platform and processing service for open market and delegated authority business.
Similarly, the harnessing and use of Big Data (a term referring to the increasing amount of digital information being generated and the analytical technologies which are being developed to make sense of this data) will change underwriting as insurers will have far greater access to personal (or at least risk-specific) information than ever before. With more personalised information and with automated processes (for example, automated claims handling), insurers are seeing an opportunity to offer customers new product lines with potential cost savings. The ethical aspects of using Big Data will become ever more important especially as insurers’ underwriting algorithms become more sophisticated and make use of ever-expanding sets of data and machine learning capabilities which are difficult to control or audit, which may ultimately entail regulatory intervention and restrictions on the use of Big Data. The last year has also seen increased focus on AI, with the UK Government publishing its AI regulation white paper in March 2023 and hosting the first global summit on AI during the summer of 2023. A further area of significant innovation is automation throughout the insurance lifecycle. The goal for many insurers (primarily in the property and casualty space) is to implement completely automated insurance processes from initial customer communication to underwriting and paying out claims. Insurance automation aims to cut operational costs and the risk of overpayments and underpayments for the insurer, but also has the benefit of enhancing customer experience to attract and retain customers. Customers are also likely to be more willing to enter into insurance contracts that guarantee payout on a successful claim without having to go through a long claims process. Insurers employ various technologies to achieve this automation including mobile phone apps, AI-driven chatbots and claims systems, distributed ledger technology (“DLT”) based smart contracts and various combinations of all of these. Various market participants, insurtech start-ups and incumbents have already developed automated solutions for parts of the insurance lifecycle.
The COVID-19 pandemic has undoubtedly further highlighted the need for, and accelerated insurers’ progress towards, the development and use of digital solutions and technology to deliver more personalised services to customers and enhance the customer journey. Not only have insurers relied on technology to conduct their daily operations and provide essential services to customers throughout the pandemic, but COVID-19 has further contributed to changing customers’ views towards the way in which they expect to be able to purchase products and interact with insurers and intermediaries.
Adapting to new business models requires significant investment (whether in research and development or acquisitions) by existing market players, and start-ups are attracting funding. New market entrants that design their business models around new technology and the use of digital information may be able to steal a march on their competitors. In an overcrowded market, many existing product lines are likely to struggle without adaptation to the new digitally reliant environment.
-
How is the digitization of insurance sales and/or claims handling treated in your jurisdiction, for example is the regulator in support (are there concessions to rules being made) or are there additional requirements that need to be met?
In the UK, the FCA, PRA and the UK Government are officially supporting the development of new technology and the use of “Big Data”.
The FCA launched “Innovate” in 2014 as an area of the organisation with a specific remit to encourage innovation in the interests of consumers. The innovation support that the FCA provides includes a Regulatory Sandbox, which allows businesses to test new propositions in the market with real consumers and through the Innovate Hub and Advice Unit the FCA supports insurers and intermediaries with authorisation and regulatory requirements in connection with new business propositions.
More recently, the FCA partnered with the City of London Corporation to pilot a Digital Sandbox, which became a permanent digital testing environment from 1 August 2023 providing support to products and services which are at an early stage of development. And as noted above, the Regulators have launched a joint new insurer start-up unit, to assist new market entrants.
Nonetheless, the FCA in particular remains acutely aware of its obligations to protect consumers and ensure the safety and soundness of the insurance market, with a focus in recent announcements on the importance of good governance and firm culture needing to keep up with the modernisation of the sector.
-
To what extent is insurers' use of customer data subject to rules or regulation?
Use of personal data in the UK is regulated by the Information Commissioner’s Office (“ICO”). It is responsible for gathering and dealing with public concerns with respect to data usage and also for the enforcement of the General Data Protection Regulation (EU) 2016/679 regime, which remains part of UK law following Brexit as tailored by the Data Protection Act 2018 (“UK GDPR”). Under this regime, controllers and processors of personal data must implement appropriate technical and organisational measures to safeguard personal data. Personal data may only be processed if there is a lawful basis for doing so, one of these being consent. A data subject can revoke this consent at any time. Data controllers must also clearly disclose any data collection and the purpose for data collection.
As insurers’ use of Big Data rises, the FCA has also shown considerable interest in the related conduct and customer protection issues. It has taken views from the industry to better understand the use of Big Data by insurers and to understand the impact on customer outcomes. The FCA’s new Consumer Duty also places a higher standard of care on firms to ensure that they deliver good outcomes for consumers. Section 11.21 of the Consumer Duty Guidance [FG22/5] requires firms to “develop a strategy to gather the relevant information and data to inform their assessment of whether they are delivering good outcomes for customers and to meet their governance obligations”. This duty will involve personal data processing under the GDPR, which insurers will need to take into account in their data governance.
-
To what extent are there additional restrictions or requirements on sharing customer data overseas/on a cross-border basis?
The UK currently continues to permit transfers of personal data in line with the requirements of the UK GDPR to EEA member states and to other third-party countries that, as at the end of the transition period, had been designated as adequate by the EU (being Andorra, Argentina, Canada (for personal data subject to Canada’s Personal Information Protection and Electronic Documents Act), Faroe Islands, Guernsey, Israel, Isle of Man, Japan (for private sector organisations only), Jersey, New Zealand, Switzerland and Uruguay) as well as those that the UK has designated as adequate (South Korea).
There are restrictions on the transfer of data to other third-party countries, and firms will need to ensure there are “appropriate safeguards” in place for the protection of personal data, including the use of UK Binding Corporate Rules (“UK BCRs”) and standard data protection clauses using either an International Data Transfer Agreement (“IDTA”) or an International Data Transfer Addendum (“Addendum”), each as set out in the UK GDPR.
For transfers of data from the EEA into the UK, the EU GDPR rules on transfers apply. The EU has adopted data adequacy decisions in respect of the UK under the EU GDPR and the Law Enforcement Directive (LED), in both cases finding the UK to be adequate. The decisions mean that personal data can continue to be transferred from the EEA to the UK without firms needing to put additional arrangements (on top of existing safeguards) in place.
-
To what extent are insurers subject to ESG regulation or oversight? Are there regulations/requirements, including in connection with managing climate change and climate change related financial risks specific to insurers? If so, briefly describe the range of measures imposed.
The expectations and requirements of insurers result from a wider movement in ESG regulation and oversight of large UK companies, although the PRA and FCA are increasingly engaging with such regulations and setting their own expectations of insurers. ESG has been at the centre of corporate governance requirements in recent years, which has given rise to a change in the expectations and requirements of UK regulators on general corporate governance reporting and stakeholder engagement as well as on social and environmental matters.
Recent changes in the UK Corporate Governance Code (the “Code”) and narrative reporting rules have increased requirements for companies to engage with a wider variety of stakeholders and to reflect on, address and meet the interests and expectations of those stakeholders. The Code and the new statutory requirements on all large UK companies (including insurers) require the publication of: (i) a statement of their corporate governance arrangements; (ii) a “s. 172 statement” describing how the directors have had regard to their duty to promote the success of the company; (iii) employee engagement disclosures; and (iv) a declaration of how its board has monitored and reviewed the effectiveness of a company’s risk management and internal controls framework in their annual reports. The Regulators expect all insurers to adopt broadly equivalent corporate governance principles as listed companies.
From an environmental perspective, the UK’s largest businesses are required to disclose their climate-related risks and opportunities. There is further growing pressure on insurers specifically to disclose how climate change is likely to impact the future of their business, with the UK Regulators setting requirements and expectations around engagement with the Taskforce on Climate-related Financial Disclosure (“TCFD”) recommendations. The FCA has introduced a “comply or explain” requirement for premium listed UK companies (including insurers) to report on whether their disclosures are consistent with the TCFD recommendations. Furthermore, the Transition Plan Taskforce (“TPT”) published the TPT Disclosure Framework in October 2023 to help companies prepare and disclose transition plans to reach net zero greenhouse gas emissions and avoid perceptions of “greenwashing”. The PRA has also set a supervisory expectation for insurers to engage with the TCFD framework in developing their approach to climate-related financial disclosures. In addition to this, a designated senior manager function holder must be allocated responsibility for climate-related financial risk and that individual should expect regular engagement with the Regulators and boards will be expected to maintain appropriate oversight as the PRA continues to embed climate-related financial risk into its supervisory approach. The FCA has also prepared a package of new ESG disclosure-related measures, including a new anti-greenwashing rule which will come into force on 31 May 2024.
There has, furthermore, been a broadening and acceleration of regulatory initiatives in respect of diversity and inclusion, as well as the introduction of additional reporting in this area. The FCA has introduced new Listing Rules to clarify that disclosure of diversity policy may relate to ethnicity, sexual orientation, disability and socio-economic background. Alongside this, the FCA is considering whether “non-financial misconduct” relating to adverse findings in relation to an individuals’ conduct with respect to diversity and inclusion should be taken into account when assessing whether an individual satisfies the “fitness and propriety” test for the purposes of a controlled or senior management function.
-
Is there a legal or regulatory framework in respect of diversity and inclusion to which (re)insurers in your jurisdiction are subject?
In July 2021, the Bank of England, PRA and FCA in a joint discussion paper set out regulatory expectations and guidance for financial services firms, including insurers, to promote diversity and inclusion in their workplaces. The paper set out key actions that firms can take, such as setting targets for diversity and inclusion, ensuring fairness and inclusivity when recruiting, providing training and development opportunities for diverse talent, and establishing effective governance and accountability structures. Additionally, the PRA and FCA published consultation papers in September 2023 introducing a package of measures to promote diversity and inclusion in the financial services sector to achieve a healthier firm culture, reduce groupthink, unlock new talent and address consumer needs. The final regulatory requirements are expected during the course of 2024, with in-scope firms having a 12-month implementation period to address the reforms.
-
Over the next five years what type of business do you see taking a market lead?
As discussed above, technology is driving change across the industry and at every stage of the customer journey. We expect insurtechs and insurers with tech capabilities or strong relationships with tech companies to continue to take a market lead in the design and distribution of both retail and commercial products, for example, using technology to improve engagement with younger customers and meeting changing commercial demands and needs with a mixture of new products, self-executing contracts and more flexible traditional products. The COVID-19 experience and rise in popularity of generative AI in the last year has undoubtedly accelerated this change.
Support for and innovation in the Lloyd’s market also looks set to continue, with the implementation of their Blueprint for the Future and new launches into the Lloyd’s market as well as the launch of the Lloyd’s ILS platform.
A considerable amount of work has been done by the UK regulator in establishing a UK ILS regime which is adaptable enough to compete with the capabilities of other jurisdictions but from within the UK’s well regarded regulatory and tax regime which should lead to growth in this area. It remains to be seen to what extent the regime will compete with other well-established locations, such as Bermuda.
Cyber risk continues to be an area of growth, fuelled by an increasing number of high-profile data breaches affecting both companies and governments. As customers become more aware of the significance of cyber security and the consequences of its failure, insurance products that can offer credible solutions are likely to show growth ahead of traditional product lines.
In relation to life and longevity risk, there has been a large growth in the rate at which UK defined benefit pension schemes have been seeking to de-risk schemes by entering into buy-out and buy‑in products with insurers. In 2023, nearly £50 billion of bulk annuity business was underwritten by the nine key UK bulk annuity writers, and this trend is expected to continue for the medium term.
In recent years, we have seen high levels of consolidation due to regulatory and market pressures in Europe. We expect to see some further consolidation, although not necessarily at the same high levels. Brexit has seen some shifts of business from the UK to the EU27. COVID-19 slowed M&A activity in the short term but has created new opportunities for those with capital in the longer term. Additionally, the pension risk transfer market continues to grow in the UK and with full buyouts becoming more affordable, larger transactions are expected to take place.
Buyers are likely to include investors from outside the traditional insurance markets, including private equity. For life businesses, the quest for returns is likely to result in insurers investing in different asset classes such as infrastructure projects.
The COVID-19 crisis is also likely to have a lasting impact on the industry. As customer behaviours change in response to the ongoing pandemic, insurers are shifting their focus accordingly, with certain lines of business being de-prioritised and new lines of business emerging. Insurers’ conduct issues have also received a lot of regulator, public and press attention as the crisis unfolds. An increasingly strong focus on conduct including treating customers fairly with respect to product design, coverage and claims management is likely to be one of the legacies of the crisis.
United Kingdom: Insurance & Reinsurance
This country-specific Q&A provides an overview of Insurance & Reinsurance laws and regulations applicable in United Kingdom.
-
How is the writing of insurance contracts regulated in your jurisdiction?
-
Are types of insurers regulated differently (i.e. life companies, reinsurers?)
-
Are insurance brokers and other types of market intermediary subject to regulation?
-
Is authorisation or a licence required and if so how long does it take on average to obtain such permission? What are the key criteria for authorisation?
-
Are there restrictions or controls over who owns or controls insurers (including restrictions on foreign ownership)?
-
Is it possible to insure or reinsure risks in your jurisdiction without a licence or authorisation? (i.e. on a non-admitted basis)?
-
Is a branch of an overseas insurer, insurance broker and/or other types of market intermediary in your jurisdiction subject to a similar regulatory framework as a locally incorporated entity?
-
Are there any restrictions/substance limitations on branches established by overseas insurers?
-
What penalty is available for those who operate in your jurisdiction without appropriate permission?
-
How rigorous is the supervisory and enforcement environment? What are the key areas of its focus?
-
How is the solvency of insurers (and reinsurers where relevant) supervised?
-
What are the minimum capital requirements?
-
Is there a policyholder protection scheme in your jurisdiction?
-
How are groups supervised if at all?
-
Do senior managers have to meet fit and proper requirements and/or be approved?
-
To what extent might senior managers be held personally liable for regulatory breaches in your jurisdiction?
-
Are there minimum presence requirements in order to undertake insurance activities in your jurisdiction (and obtain and maintain relevant licenses and authorisations)?
-
Are there restrictions on outsourcing services, third party risk management and/or operational resilience requirements relating to the business?
-
Are there restrictions on the types of assets which insurers or reinsurers can invest in or capital requirements which may influence the type of investments held?
-
Are there requirements or regulatory expectations regarding the management of an insurer's reinsurance risk, including any restrictions on the level / type of reinsurance utilised?
-
How are sales of insurance supervised or controlled?
-
To what extent is it possible to actively market the sale of insurance into your jurisdiction on a cross border basis and are there specific or additional rules pertaining to distance selling or online sales of insurance?
-
Are insurers in your jurisdiction subject to additional requirements or duties in respect of consumers? Are consumer policies subject to restrictions, including any pricing restrictions? If so briefly describe the range of protections offered to consumer policyholders
-
Is there a legal or regulatory resolution regime applicable to insurers in your jurisdiction?
-
Are the courts adept at handling complex commercial claims?
-
Is alternative dispute resolution well established in your jurisdictions?
-
Is there a statutory transfer mechanism available for sales or transfers of books of (re)insurance? If so briefly describe the process
-
What are the primary challenges to new market entrants? Are regulators supportive (or not) of new market entrants?
-
To what extent is the market being challenged by digital innovation?
-
How is the digitization of insurance sales and/or claims handling treated in your jurisdiction, for example is the regulator in support (are there concessions to rules being made) or are there additional requirements that need to be met?
-
To what extent is insurers' use of customer data subject to rules or regulation?
-
To what extent are there additional restrictions or requirements on sharing customer data overseas/on a cross-border basis?
-
To what extent are insurers subject to ESG regulation or oversight? Are there regulations/requirements, including in connection with managing climate change and climate change related financial risks specific to insurers? If so, briefly describe the range of measures imposed.
-
Is there a legal or regulatory framework in respect of diversity and inclusion to which (re)insurers in your jurisdiction are subject?
-
Over the next five years what type of business do you see taking a market lead?