Document from CIS Legislation database © 2003-2021 SojuzPravoInform LLC

RESOLUTION OF BOARD OF NATIONAL BANK OF THE REPUBLIC OF KAZAKHSTAN

of August 27, 2018 No. 198

About approval of Rules of forming of risk management system and internal control for the insurance (reinsurance) organizations

(as amended on 22-12-2020)

According to the laws of the Republic of Kazakhstan of December 18, 2000 "About insurance activity", of March 19, 2010 "About the state statistics" the Board of National Bank of the Republic of Kazakhstan DECIDES:

1. Approve the enclosed Rules of forming of risk management system and internal control for the insurance (reinsurance) organizations.

2. Recognize invalid regulatory legal acts of the Republic of Kazakhstan, and also structural elements of some regulatory legal acts of the Republic of Kazakhstan according to the list according to appendix to this resolution.

3. (Salimbayev D. N.) in the procedure established by the legislation of the Republic of Kazakhstan to provide to department of methodology of the financial market:

1) together with Legal department (Sarsenov N. V.) state registration of this resolution in the Ministry of Justice of the Republic of Kazakhstan;

2) within ten calendar days from the date of state registration of this resolution its direction in the Kazakh and Russian languages in the Republican state company on the right of economic maintaining "The republican center of legal information" for official publication and inclusion in Reference control bank of regulatory legal acts of the Republic of Kazakhstan;

3) placement of this resolution on official Internet resource of National Bank of the Republic of Kazakhstan after its official publication;

4) within ten working days after state registration of this resolution submission to Legal department of data on execution of the actions provided by subitems 2), 3) of this Item and item 4 of this resolution.

4. To management on consumer protection of financial services and external communications (Terentyev A. L.) provide within ten calendar days after state registration of this resolution the direction it to the copy on official publication in periodic printing editions.

5. To impose control of execution of this resolution on the vice-chairman of National Bank of the Republic of Kazakhstan Smolyakov O. A.

6. This resolution becomes effective after ten calendar days after day of its first official publication.

Chairman of National Bank

D. Akishev

It is approved

Chairman of Committee according to the statistics Ministries of national economy of the Republic of Kazakhstan

September 5, 2018

 

N. Aydapkelov

Approved by the resolution of Board of National Bank of the Republic of Kazakhstan of August 27, 2018 No. 198

Rules of forming of risk management system and internal control for the insurance (reinsurance) organizations

Chapter 1. General provisions

1. These rules of forming of risk management system and internal control (further - Rules) are developed for the insurance (reinsurance) organizations according to the laws of the Republic of Kazakhstan of December 18, 2000 "About insurance activity", of March 19, 2010 "About the state statistics" and determine procedure for forming of risk management system and internal control for the insurance (reinsurance) organizations (further - the organization).

2. In Rules the following concepts are used:

1) underwriting - complex of procedures for acceptance on insurance or reinsurance of the declared object of insurance on the basis of assessment of insurance risks for the purpose of determination of insurance coverage, conditions of insurance, level of the franchize and insurance rate in the limits set by the actuary;

2) the management reporting - the instrument of internal control and assessment of organization activity;

3) gap analysis - methods of measurement of interest risk and liquidity risk on the basis of comparison of amount of the assets and liabilities of the organization subject to changes of rates of remuneration or due for settlement during certain terms;

4) limitation - establishment of high-quality, quantitative restrictions of the accepted risks, establishment of restrictions for transactions (transactions) of the organization.

In case of limitation the following parameters are determined:

indicator on which the limit is set;

method of measure calculation on which the limit is set;

limiting (maximum, minimum) measure value;

5) conflict of interest - situation in case of which there is contradiction between personal interest of officials of the organization and (or) his workers and proper execution of the ex-officio full powers by them or valuable and other interests of the organization and (or) his workers and (or) clients which can entail adverse effects for the organization and (or) his clients;

6) policy - set of the internal documents including the policy and (or) internal documents determining the necessary criteria, parameters, approaches, the principles, standards, procedures and mechanisms providing effective functioning of the organization and compliance of its activities of strategy and to admissible risk level;

7) stress testing - methods of measurement of potential influence on financial position of the organization of exclusive, but possible events which can exert impact on organization activity;

8) risk - possibility of emergence of the circumstances causing uncertainty or impossibility of receipt of the expected results of organization activity, emergence of expenses (losses);

9) system of risks assessment - set of the coefficients intended for complex financial analysis of the organization;

10) risk management system - the permanent structured process established by the board of directors and board of the organization performed within all organization for the purpose of identification, assessment, monitoring, decrease in the risks and their consequences influencing goal achievement of the organization;

11) the card of risk - the graphical and text description of the risks of the organization located in the table according to which on one "axis" force of impact or the importance of risk, and on another probability or frequency of its origin is specified;

12) risk limit - means of quantitative or high-quality restriction of the accepted risk;

13) identification of risk - process of stay, creation of the list and description of risk elements;

14) risk measurement - determination of degree of risk probability and the sizes of potential expenses (losses) which are performed by means of assessment of consequences and probability of approach of event in the mathematical way by means of application of probability theory and the law of large numbers on the basis of statistical information;

15) authorized body - authorized body on regulation, control and supervision of the financial market and the financial organizations;

16) internal audit - indivisible element of managerial supervision by means of which the service of internal audit estimates the financial reporting, and also other data and information which are giving in to quantitative and quality standard of organization activity for the purpose of further reflection of degree of its compliance to the legislation of the Republic of Kazakhstan on insurance and insurance activity on compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing, internal documents, the international professional standards of internal audit;

17) internal control is the process performed by the board of directors, collegiate organs, board, employees of the organization, aimed at providing goal achievement on the following categories:

efficiency of activities;

reliability, completeness and timeliness of the financial reporting and management reporting;

compliance with law of the Republic of Kazakhstan about insurance and insurance activity, about compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing;

18) internal control system - the set of control procedures, actions and techniques providing:

proper and effective conducting financial and economic organization activity;

observance of requirements of the legislation of the Republic of Kazakhstan on insurance and insurance activity, about compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing;

effective separation of responsibility;

timely and proper execution by employees of the organization of requirements of internal documents;

ensuring safety of property;

prevention and identification of the facts of fraud and managerial mistakes;

timeliness of preparation, reliability and completeness of the financial reporting and management reporting.

Chapter 2. Procedure for forming of risk management system and internal control

3. Risks of the organization are classified as follows:

1) the risks connected with implementation of insurance activity:

risk of underwriting - risk of the wrong (wrong) assessment accepted on risks insurance;

risk of insurance reserves - risk of forming of insufficient (inadequate) insurance reserves;

risk of insurance payments - the risk connected with the wrong, untimely implementation of insurance payments;

catastrophic risk - risk that one event of the considerable size will give to insurance payments above regular;

risk of reinsurance - risk of insufficient reinsurance covering or inability of the overcautious person to perform payment for the agreement of reinsurance;

2) investment risks - the risks arising in the course of reinsurance and investing activities.

Treat investment risks:

credit risk - risk of emergence of expenses (losses) owing to insolvency of debtors, changes of credit ratings of the bond issuing institutions who are available in investment portfolio of the organization;

liquidity risk - the risk connected with impossibility of quick sale of assets of the organization for repayment of the obligations;

market risk - probability of expenses (losses) connected with adverse movements of the financial markets owing to change of market value of financial instruments, interest rates, the foreign exchange rates, costs of precious metals.

Treat market risk:

currency risk - risk of emergence of expenses (losses) owing to adverse change of the foreign exchange rates;

price risk - risk of emergence of expenses (losses) owing to adverse change of market prices of financial instruments and derivative financial instruments under the influence of market factors;

interest risk - risk of emergence of financial expenses (losses) owing to adverse interest rate realignment on assets, liabilities of the organization;

3) operational risk - risk of emergence of losses owing to shortcomings (mistakes) during implementation of the internal processes allowed from the leading and other workers, inadequate functioning of information systems (technologies) and also owing to external events;

4) komplayens-risk - risk of emergence of expenses (losses) or application of measures of authorized body or loss of reputation and (or) conflict of interest owing to non-compliance by the organization and his workers of requirements of the legislation of the Republic of Kazakhstan on insurance and insurance activity, about compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to financing of terrorism and (or) internal documents of the organization, and (or) the legislation of foreign states exerting impact on organization activity;

5) strategic risk - risk of emergence of losses owing to incorrect management decisions, inadequate realization of the made management decisions and (or) inability of the organization to adapt to changes of business environment;

6) neighboring risks:

audit risk - the probability of recognition which is subjectively determined by the auditor following the results of audit inspection that the financial reporting may contain not revealed essential misstatements after confirmation of its reliability or contains essential misstatements when actually there are no such misstatements;

risk of group - risk of negative impact on reputation, marketing and financial condition of the organization of deterioration in financial condition of the organization of the same group which part the organization is;

systemic risk - the risk connected with drawing expenses (losses) the organization as a result of involuntary liquidation of other insurance (reinsurance) organization;

fraud risk - the risk connected with possibility of expenses (losses) as a result of fraudulent actions of workers and the third parties;

reputation risk - risk of emergence of expenses (losses) owing to negative public opinion or decrease in trust to the organization;

country risk - risk of emergence of expenses (losses) owing to insolvency or unwillingness of foreign state or resident of foreign state to answer for the obligations.

4. The board of directors and board provide availability of adequate risk management system and internal control and create conditions for execution by employees of the organization of the obligations in the field of risk management and internal control, and also provide functional and organizational independence of service of internal audit.

5. The board of directors for the purposes of implementation of requirements of Rules, depending on the size, nature and level of complexity of organization activity, organizational structure, risk profile and the number of board members of the organization makes the decision on creation of one and (or) several collegiate organs on various questions.

The board of directors of the organization excludes conflict of interest during creation of committees.

6. For the purpose of forming of adequate risk management system of underwriting, reinsurance, insurance payments and investment risks in the organization collegiate organs - underwriting council and council on asset-liability management are created.

Employees of the interested structural divisions, divisions on risk management and leading employees which affirms the board of directors of the organization are part of the specified councils.

Decisions of the specified councils are made by a simple majority vote members and drawn up in writing.

Decisions of the specified councils are recorded with detailed reflection of decision making process and application of documents based on which the decision was made, with indication of:

list and detailed description of cases in point;

the list of the documents submitted to council for decision making;

vote results on each case in point;

opinions of members with reasons, including in case of their disagreement with the made decision and availability of special opinion.

The protocol is signed by all members of the specified councils, attendees at meeting, and stored in the organization.

The board of directors estimates work of the specified councils and board based on their annual reports on results of work.

7. Risk management process includes the following stages:

1) risk identification:

assessment of riskoobrazuyushchy factors and risk (systematic and permanent tracking, analysis of all possible reasons of expenses (losses), their probability and sizes);

classification of risks (it is performed by results of research of specifics of risks and factors which lead to their origin, influence their development, expert evaluations of historical data, the analysis of the card of risks);

2) risks measurement which frequency of carrying out is established by the board of directors depending on the importance of risk, but at least two times a year;

3) implementation regular stress testing and risk analysis;

4) choice and application of risk management method;

5) adjustment of risk management system.

8. The internal control system represents system of the organization, the policy, procedures and methods accepted by the organization for:

1) ensuring efficiency of organization activity, including effective management of insurance risks, assets and liabilities, ensuring safety of assets;

2) ensuring completeness, reliability and timeliness of financial, regulatory and other reporting for internal and external users, and also information security;

3) ensuring accomplishment by the organization of the legislation of the Republic of Kazakhstan on insurance and insurance activity, about compulsory insurance, about joint-stock companies, about the security market, about counteraction of legalization (washing) of income gained in the criminal way and to financing of terrorism and internal documents of the organization;

4) non-admissions of involvement of the organization and his workers in implementation of unlawful activity, including fraud, mistakes, inaccuracies, deception, legalization (washing) of income gained in the criminal way and terrorism financings.

9. The organization for check and objective efficiency evaluation of functioning of risk management system and internal control on all aspects of organization activity provides carrying out internal audit.

10. The organization provides observance of requirements to internal documents of risk management system and internal control, according to appendix 1 to Rules.

11. Employees of the organization within the functional obligations observe requirements to risk management system and internal control, regulations of professional ethics and internal documents.

12. The organization annually no later than January 15 of the year following reporting represents to authorized body of the data on assessment of risk management system and internal control in form according to appendix 2 to Rules, with application of copies of supporting documents.

13. The organization based on financial and other reporting of the organization on reporting date performs stress testing on risks.

The organization represents to authorized body stress testing on risks in form according to appendix 3 to Rules on quarterly basis no later than 15 (fifteenth) working days of the month following reporting quarter.

To stress testing on risks the conclusion of the division manager on risk management containing is attached:

analysis of exposure of the organization to risks;

risk identification, influencing more financial position of the organization.

13-1. The organization based on annual financial and other accounts performs the analysis of coefficients of system of risks assessment of the organization.

The organization annually after approval by the board of directors, but no later than April 30 of the year following reporting represents to authorized body the analysis of coefficients of system of risks assessment (with explanations on the coefficients which are going beyond the standard range) in form according to appendix 3-1 to Rules for the organization performing activities for industry "general insurance", and appendix 3-2 to Rules for the organization performing activities for industry "life insurance" and, in case of availability of four and more variations of coefficients of system of risks assessment of the organization from the approved limits of the standard range, the actions plan approved by the board of directors on improvement of coefficients of system of risks assessment or the solution of the board of directors on lack of need of plan development of actions for improvement of coefficients of system of risks assessment.

13-2. If the organization as of reporting date performs activities less than two financial years, in case of determination of quantity of variations of coefficients of system of risks assessment of the organization from the approved limits of the standard range coefficients in which calculation data for the end of each annual accounting period of the last two financial years are used are not considered.

14. The organization performing activities in industry "life insurance" represents to authorized body gap analysis for the insurance companies performing activities in industry "life insurance" in form according to appendix 4 to Rules on quarterly basis no later than 15 (fifteenth) working days of the month following reporting quarter.

Chapter 3. Procedure for forming of risk management system

15. For the purpose of the organization of effective risk management system the board of directors:

1) approves policy on risk management and the internal documents developed according to Rules;

2) is annually approved by the analysis of coefficients of system of risks assessment of the organization and, in case of availability of four and more variations of coefficients of system of risks assessment of the organization from the approved limits of the standard range, approves the actions plan on improvement of coefficients of system of risks assessment of the organization or makes the decision on lack of need of plan development of actions for improvement of coefficients of system of risks assessment;

3) regarding corporate management:

coordinates activities of collegiate organs, services of internal audit, board, structural divisions;

takes measures for decrease in probability of conflicts of interest in functional obligations of leading employees;

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SojuzPravoInform LLC. UI/UX design by Intelliants.