of August 27, 2018 No. 198
About approval of Rules of forming of risk management system and internal control for the insurance (reinsurance) organizations, branches of the insurance (reinsurance) nonresident organizations of the Republic of Kazakhstan
According to the laws of the Republic of Kazakhstan "About insurance activity", "About the state statistics" the Board of National Bank of the Republic of Kazakhstan DECIDES:
1. Approve the enclosed Rules of forming of risk management system and internal control for the insurance (reinsurance) organizations, branches of the insurance (reinsurance) nonresident organizations of the Republic of Kazakhstan.
2. Recognize invalid regulatory legal acts of the Republic of Kazakhstan, and also structural elements of some regulatory legal acts of the Republic of Kazakhstan according to the list according to appendix to this resolution.
3. (Salimbayev D. N.) in the procedure established by the legislation of the Republic of Kazakhstan to provide to department of methodology of the financial market:
1) together with Legal department (Sarsenov N. V.) state registration of this resolution in the Ministry of Justice of the Republic of Kazakhstan;
2) within ten calendar days from the date of state registration of this resolution its direction in the Kazakh and Russian languages in the Republican state company on the right of economic maintaining "The republican center of legal information" for official publication and inclusion in Reference control bank of regulatory legal acts of the Republic of Kazakhstan;
3) placement of this resolution on official Internet resource of National Bank of the Republic of Kazakhstan after its official publication;
4) within ten working days after state registration of this resolution submission to Legal department of data on execution of the actions provided by subitems 2), 3) of this Item and item 4 of this resolution.
4. To management on consumer protection of financial services and external communications (Terentyev A. L.) provide within ten calendar days after state registration of this resolution the direction it to the copy on official publication in periodic printing editions.
5. To impose control of execution of this resolution on the vice-chairman of National Bank of the Republic of Kazakhstan Smolyakov O. A.
6. This resolution becomes effective after ten calendar days after day of its first official publication.
Chairman of National Bank
D. Akishev
It is approved Chairman of Committee according to the statistics Ministries of national economy of the Republic of Kazakhstan September 5, 2018 |
N. Aydapkelov |
Approved by the resolution of Board of National Bank of the Republic of Kazakhstan of August 27, 2018 No. 198
1. These rules of forming of risk management system and internal control (further - Rules) are developed for the insurance (reinsurance) organizations, branches of the insurance (reinsurance) nonresident organizations of the Republic of Kazakhstan according to part two of Item 1 of article 52-1 of the Law of the Republic of Kazakhstan of December 18, 2000 "About insurance activity", the subitem 2) of Item 3 of article 16 of the Law of the Republic of Kazakhstan of March 19, 2010 "About the state statistics" and determine procedure for forming of risk management system and internal control for the insurance (reinsurance) organizations, branches of the insurance (reinsurance) nonresident organizations of the Republic of Kazakhstan (further - the organization).
2. In Rules the following concepts are used:
1) underwriting - complex of procedures for acceptance on insurance or reinsurance of the declared object of insurance on the basis of assessment of insurance risks for the purpose of determination of insurance coverage, conditions of insurance, level of the franchize and insurance rate in the limits set by the actuary;
2) the management reporting - the instrument of internal control and assessment of organization activity;
3) gap analysis - methods of measurement of interest risk and liquidity risk on the basis of comparison of amount of the assets and liabilities of the organization subject to changes of rates of remuneration or due for settlement during certain terms;
4) limitation - establishment of high-quality, quantitative restrictions of the accepted risks, establishment of restrictions for transactions (transactions) of the organization.
In case of limitation the following parameters are determined:
indicator on which the limit is set;
method of measure calculation on which the limit is set;
limiting (maximum, minimum) measure value;
5) conflict of interest - situation in case of which there is contradiction between personal interest of officials of the organization and (or) his workers and proper execution of the ex-officio full powers by them or valuable and other interests of the organization and (or) his workers and (or) clients which can entail adverse effects for the organization and (or) his clients;
6) policy - set of the internal documents including the policy and (or) other internal documents determining the necessary criteria, parameters, approaches, the principles, standards, procedures and mechanisms providing effective functioning of the organization and compliance of its activities of strategy and to admissible risk level;
7) stress testing - methods of measurement of potential influence on financial position of the organization of exclusive, but possible events which can exert impact on organization activity;
8) risk - possibility of emergence of the circumstances causing uncertainty or impossibility of receipt of the expected results of organization activity, emergence of expenses (losses);
9) system of risks assessment - set of the coefficients intended for complex financial analysis of the organization;
10) risk management system - the permanent structured process established by the board of directors and board of the organization performed within all organization for the purpose of identification, assessment, monitoring, decrease in the risks and their consequences influencing goal achievement of the organization;
11) the card of risk - the graphical and text description of the risks of the organization located in the table according to which on one "axis" force of impact or the importance of risk, and on another probability or frequency of its origin is specified;
12) risk limit - means of quantitative or high-quality restriction of the accepted risk;
13) identification of risk – process of stay, creation of the list and description of risk elements;
14) risk measurement - determination of degree of risk probability and the sizes of potential expenses (losses) which are performed by means of assessment of consequences and probability of approach of event in the mathematical way by means of application of probability theory and the law of large numbers on the basis of statistical data;
15) authorized body - authorized body on regulation, control and supervision of the financial market and the financial organizations;
16) internal audit - indivisible element of managerial supervision by means of which the service of internal audit estimates the financial reporting, and also other data and information which are giving in to quantitative and quality standard of organization activity for the purpose of further reflection of degree of its compliance to the legislation of the Republic of Kazakhstan on insurance and insurance activity on compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing, internal documents, the international professional standards of internal audit;
17) internal control is the process performed by the board of directors, collegiate organs, board, employees of the organization, aimed at providing goal achievement on the following categories:
efficiency of activities;
reliability, completeness and timeliness of the financial reporting and other management reporting;
compliance with law of the Republic of Kazakhstan about insurance and insurance activity, about compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing;
18) internal control system - the set of control procedures, actions and techniques providing:
proper and effective conducting financial and economic organization activity;
observance of requirements of the legislation of the Republic of Kazakhstan on insurance and insurance activity, about compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing;
effective separation of responsibility;
timely and proper execution by employees of the organization of requirements of internal documents;
ensuring safety of property;
prevention and identification of the facts of fraud and managerial mistakes;
timeliness of preparation, reliability and completeness of the financial reporting and other management reporting.
In case of application of requirements of Rules to branch of the insurance (reinsurance) nonresident organization of the Republic of Kazakhstan:
the board of directors is understood as relevant organ of management of the insurance (reinsurance) nonresident organization of the Republic of Kazakhstan;
the board is understood as leading employees of branch of the insurance (reinsurance) nonresident organization of the Republic of Kazakhstan;
the capital is meant as the amount of the account of head office, reserves and results of activities of branch of the insurance (reinsurance) nonresident organization of the Republic of Kazakhstan;
the financial reporting is understood as the reporting under accounting data of branches of the insurance (reinsurance) nonresident organizations of the Republic of Kazakhstan.
Requirements of Rules do not extend to branch of the insurance (reinsurance) nonresident organization of the Republic of Kazakhstan regarding observance of requirements of the legislation on joint-stock companies and the security market, and also Items 13-1, 13-2 of Rules.
3. Risks of the organization are classified as follows:
1) the risks connected with implementation of insurance activity:
risk of underwriting - risk of the wrong (wrong) assessment accepted on risks insurance;
risk of insurance reserves - risk of forming of insufficient (inadequate) insurance reserves;
risk of insurance payments - the risk connected with implementation of insurance payments in defiance of conditions of insurance contracts;
catastrophic risk - risk that one event of the considerable size will give to insurance payments above regular;
risk of reinsurance - risk of insufficient reinsurance covering or inability of the overcautious person to perform payment for the agreement of reinsurance.
4. The board of directors and board provide availability of adequate risk management system and internal control and create conditions for execution by employees of the organization of the obligations in the field of risk management and internal control, and also provide functional and organizational independence of service of internal audit.
5. The board of directors for the purposes of implementation of requirements of Rules, depending on the size, nature and level of complexity of organization activity, organizational structure, risk profile and the number of board members of the organization makes the decision on creation of one and (or) several collegiate organs on various questions.
The board of directors of the organization excludes conflict of interest during creation of committees.
6. For the purpose of forming of adequate risk management system of underwriting, reinsurance, insurance payments and investment risks in the organization collegiate organs - underwriting council and council on asset-liability management are created.
Employees of the interested structural divisions, divisions on risk management and leading employees which affirms the board of directors of the organization are part of the specified councils.
Decisions of the specified councils are made by a simple majority vote members and drawn up in writing.
Decisions of the specified councils are recorded with detailed reflection of decision making process and application of documents based on which the decision was made, with indication of:
list and detailed description of cases in point;
the list of the documents submitted to council for decision making;
vote results on each case in point;
opinions of members with reasons, including in case of their disagreement with the made decision and availability of special opinion.
The protocol is signed by all members of the specified councils, attendees at meeting, and stored in the organization.
The board of directors estimates work of the specified councils and board based on their annual reports on results of work.
7. Risk management process includes the following stages:
1) risk identification:
assessment of riskoobrazuyushchy factors and risk (systematic and permanent tracking, analysis of all possible reasons of expenses (losses), their probability and sizes);
classification of risks (it is performed by results of research of specifics of risks and factors which lead to their origin, influence their development, expert evaluations of historical data, the analysis of the card of risks);
2) risks measurement which frequency of carrying out is established by the board of directors depending on the importance of risk, but at least two times a year;
3) implementation of regular stress testing and risk analysis;
4) choice and application of risk management method;
5) adjustment of risk management system.
8. The internal control system represents system of the organization, the policy, procedures and methods accepted by the organization for:
1) ensuring efficiency of organization activity, including effective management of insurance risks, assets and liabilities, ensuring safety of assets;
2) ensuring completeness, reliability and timeliness of financial, regulatory and other reporting for internal and external users, and also information security;
3) ensuring accomplishment by the organization of the legislation of the Republic of Kazakhstan on insurance and insurance activity, about compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to financing of terrorism and internal documents of the organization;
4) non-admissions of involvement of the organization and his workers in implementation of unlawful activity, including fraud, mistakes, inaccuracies, deception, legalization (washing) of income gained in the criminal way and terrorism financings.
9. The organization for check and objective efficiency evaluation of functioning of risk management system and internal control on all aspects of organization activity provides carrying out internal audit.
10. The insurance (reinsurance) organization provides observance of requirements to internal documents of risk management system and internal control, according to appendix 1 to Rules.
The branch of the insurance (reinsurance) nonresident organization of the Republic of Kazakhstan provides observance of requirements to internal documents of risk management system and internal control, according to appendix 1-1 to Rules.
11. Employees of the organization within the functional obligations observe requirements to risk management system and internal control, regulations of professional ethics and internal documents.
12. The organization annually no later than January 15 of the year following reporting represents to authorized body of the data on assessment of risk management system and internal control in form according to appendix 2 to Rules, with application of copies of supporting documents.
13. The organization based on financial and other reporting of the organization on reporting date performs stress - testing on risks.
The organization represents to authorized body stress testing on risks in form according to appendix 3 to Rules on quarterly basis no later than 15 (fifteenth) working days of the month following reporting quarter.
The conclusion of the division manager on risk management containing is attached to stress testing on risks:
analysis of exposure of the organization to risks;
risk identification, influencing more financial position of the organization.
13-1. The organization based on annual financial and other accounts performs the analysis of coefficients of system of risks assessment of the organization.
The organization annually after approval by the board of directors, but no later than April 30 of the year following reporting represents to authorized body the analysis of coefficients of system of risks assessment (with explanations on the coefficients which are going beyond the standard range) in form according to appendix 3-1 to Rules for the organization performing activities for industry "general insurance", and appendix 3-2 to Rules for the organization performing activities for industry "life insurance" and, in case of availability of four and more variations of coefficients of system of risks assessment of the organization from the approved limits of the standard range, the actions plan approved by the board of directors on improvement of coefficients of system of risks assessment or the solution of the board of directors on lack of need of plan development of actions for improvement of coefficients of system of risks assessment.
13-2. If the organization as of reporting date performs activities less than two financial years, in case of determination of quantity of variations of coefficients of system of risks assessment of the organization from the approved limits of the standard range coefficients in which calculation data for the end of each annual accounting period of the last two financial years are used are not considered.
14. The organization performing activities in industry "life insurance" represents to authorized body gap analysis for the insurance companies performing activities in industry "life insurance" in form according to appendix 4 to Rules on quarterly basis no later than 15 (fifteenth) working days of the month following reporting quarter.
15. For the purpose of the organization of effective risk management system the board of directors:
1) approves policy on risk management and the internal documents developed according to Rules;
2) is annually approved by the analysis of coefficients of system of risks assessment of the organization and, in case of availability of four and more variations of coefficients of system of risks assessment of the organization from the approved limits of the standard range, approves the actions plan on improvement of coefficients of system of risks assessment of the organization or makes the decision on lack of need of plan development of actions for improvement of coefficients of system of risks assessment;
3) regarding corporate management:
coordinates activities of collegiate organs, services of internal audit, board, structural divisions;
takes measures for decrease in probability of conflicts of interest in functional obligations of leading employees;
provides check of the fact of provision of preferential terms to the faces tied with the organization by the special relations;
other questions which are within the competence of the board of directors;
Considers 4) for the purpose of adjustment of strategic objectives:
the analysis of the current (future) demands of the organization in the capital which is carried out by division on risk management or other structural division as which carrying out the specified analysis belongs;
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.