Sink or Sail: The insurance sector guide to navigating a regulatory visit

12 September 2017

As with most things preparation is key to successfully navigating a regulatory visit. The nature of visits varies between the FCA and PRA in terms of their scope and focus because they have different statutory objectives which drive their approach to regulation and the focus of their regulatory activities. Each visit is important in building the regulators understanding of you and your business and influencing the nature of their future interactions with you. Preparing well and being in a position to articulate a thorough understanding of your business, the risks it faces and how these are being managed is essential if you want to sail safely through what can often be quite choppy regulatory waters. A good starting point in your preparations is to understand the context of the visit in terms of:

  • each regulator’s approach to supervising insurance firms
  • the respective statutory objectives of the FCA and PRA: and
  • the specific risks your firm is likely to pose to those objectives.

What is the purpose of regulatory visit?

A regulatory visit is one of the tools regulators use to supervise firms and to undertake firm risk assessments. These, and other types of direct interaction, form an important part of the supervisory toolkit used for gathering the evidence and insights regulators need to develop a comprehensive view of an insurer. The visit is aimed at enabling the supervisory team to make forward looking judgements about whether the business is sustainable and is being managed in a safe and sound manner, taking into account the specific risks and issues faced by the firm and the specific insurance sectors in which it operates.
For high impact insurers, which are considered by the regulators as posing the highest risks to their statutory objectives, they undertake risk assessment work on a continuous basis and regularly update their overall view of the firm through the regulatory cycle. This includes the risks the firms faces and the risks it poses to its customers and the market.

What should you expect in the run up to and during a visit?

A significant amount of the time the supervision team allocates to preparing for the regulatory visit will be spent undertaking a detailed desk based review of the key documents requested ahead of the visit. The focus of onsite activity at your offices will vary, but a key component of any visit will be interviews with selected Senior Managers, Executive and Non-Executive Directors.

What is the purpose of the regulatory interviews during the visit?

The interviews are used to drill down and probe the areas that the supervision team consider as likely to pose the most risk to the relevant regulator’s statutory objectives. The interviews are as much about unpacking those risks as they are about assessing the extent to which the people running the business have a good grasp of the firm’s business model, it’s associated risks and whether the decision making process and internal controls are likely to meet the regulators expectations around good governance and risk management.

What is the regulator likely to focus on during the visit?

Whilst the FCA and PRA have different statutory objectives, which drive the focus of their regulatory activities, both consider risk management, governance and the competence of the firm’s management to be fundamental and as such will cover these areas as a minimum in almost all visits. Other areas of regulatory focus are highlighted below but each visit will be tailored to the specific risks and issues they’ve identified in relation to each firm.


  • Outsourcing arrangements and IT resilience/cyber security
  • Product value v cost to the customers
  • Communication and transparency of information to customers
  • Financial crime in the insurance sector
  • Regulatory change projects (IDD & GDPR), and
  • Strengthening accountability of senior manager.


  • Capital adequacy/safety and soundness
  • Sustainability of the business model
  • IT resilience/cyber security, and
  • Brexit impacts and preparation.

What is the potential fall-out from a regulatory visit?

A visit could have potentially very serious consequences. Depending on the regulatory findings, it could trigger further probing which could lead to:

  • A costly ‘section 166’- skilled persons review to seek additional information, an assessment, further analysis, expert advice and recommendations, or assurance around a particular subject.
  • Enforcement action and financial penalties, including:
    –   Public censure and associated reputational damage
    –   Prohibition of the firm or individuals from conducting regulated activities.

How do you prepare for a regulatory visit?

It is essential that all personnel involved in preparing for the visit, particularly members of the Board, understand the context for the visit, the process and what the regulator will be focussing on. Things that you can do to prepare include:

  • Ensuring that you have a plan which covers all aspects you need to consider when preparing for your regulatory visit and that impetus is maintained throughout the visit.
  • Reviewing regulatory publications and speeches senior individuals at the regulator have made about your sector and how this might affect the focus of the visit.
  • Identifying the documents that the regulator will likely request and review them to ensure that they are fit for purpose. Such as:
    –   Board minutes
    –   Board packs
    –   Risk register, and
    –   Audit reports.
  • Carrying out “mock” interviews with each person selected for interview by the regulator to help them prepare.

Post interviews it is very useful for the Compliance function to carry out a post-visit feedback session with the individuals involved.

How we can help?

We have experience in helping firms ahead of visits to highlight their strengths to the regulator, communicate a coherent awareness of risk as well as facilitating honest and open dialogue. Many of our consultants have previously worked for regulators in a supervisory capacity and have lead several firm visits.

Our approach is highly tailored to your business and what you need. The mix of activities we can support you with ahead of the visit includes the following:

  • Review of the documents going to the regulator including minutes of meetings, board packs, risk reports, data etc.
  • Identification of areas where work needs to be done before the visit
  • Briefing those involved to bring them up to date on regulatory expectations, the latest “Hot Topics” and how to manage the interaction
  • Preparation of questions in the likely areas they will probe, and
  • Mock interview session with feedback specific to the role of the individuals being interviewed by the regulator.
Share this