Risk monitoring and reporting


Conditions Governing Business 3.1(1) and Non-Solvency II Firms – Governance 7.3(2) require an insurer to have documented procedures to measure, monitor and assess its risk exposures. As part of its risk management framework, the PRA expects an insurer to define its own risk metrics for its day-to-day operations, reflecting its own circumstances and risk profile. An insurer is expected to use a set of metrics such that it can clearly see whether it is within its liquidity risk appetite and any established risk tolerance limits. Monitoring these metrics against a number of time horizons, both short term and long term, is generally viewed as good practice as different sources of liquidity risk may crystallise over different time periods. Moreover, the use of metrics is expected to be applied consistently across relevant areas within an insurer, and where relevant, across the group.


The PRA expects an insurer to maintain minimum governance standards when defining risk metrics. It expects all metrics, including ownership, frequency, timeliness and distribution to be approved by the board, along with the insurer’s liquidity risk appetite. This will help to ensure that the board is approving the methods and operational means by which the insurer manages its liquidity risk.


The insurer is expected to assess its liquidity buffer in light of its chosen stress scenarios. It is prudent for assessments to capture low points within the chosen time horizons, rather than relying on end-point analysis to minimize the risk of a cash flow mismatch. One metric that an insurer may use in its assessment is a liquidity coverage ratio, which may be defined as the ratio of assets held in the liquidity buffer to net stressed cash out-flows. Another example is an excess liquidity metric, which is the difference between assets held in the liquidity buffer and net stressed cash out-flows. Other metrics may include those the insurer has included in the liquidity plan required by Conditions Governing Business 3.1(3) to apply the matching adjustment or volatility adjustment. An insurer may define other metrics for this purpose, but the PRA expects it to be aware of and be able to document the benefits and shortcomings of such metrics. An insurer is expected to set its liquidity risk appetite in terms of at least one of these metrics and set an appropriate target liquidity buffer(s). As noted previously, the insurer is expected to periodically conduct a holistic review and refresh of its stress testing approach and stress scenarios. The insurer is expected to regularly monitor its liquidity position and liquidity buffer against its liquidity risk appetite based on the refreshed stress scenarios.


Conditions Governing Business 2.2 and 3.1(1) and Non-Solvency II Firms – Governance 2.5 and 3.2 require an insurer to have a system in place that ensures the transmission of information such that risks can be identified, measured and managed. The PRA expects regular reports on liquidity to be provided to senior management and any risk committee of the board. It expects these reports to address the insurer’s compliance with its risk management strategy and policies, as well as alert management when the insurer approaches its liquidity risk appetite or risk limits. The PRA expects an insurer to produce liquidity risk monitoring metrics, along with stress test results and information on the insurer’s liquidity buffer for management at an appropriate frequency to allow for the effective identification, measurement and management of liquidity risk, taking into account the specificities of its business model and the liquidity risk associated with its activities. More frequent reporting may be appropriate when the operational environment or the nature or scale of the insurer’s activities changes.


The PRA views stress testing as a useful tool for an insurer to understand its exposure to risks. As such, the PRA expects stress test results to be:

  • reported to the insurer’s senior management and any risk committee of the board, highlighting any vulnerabilities identified and proposing appropriate remedial action;
  • in the case of insurers that are part of a group, reported to any risk committee of the group level board;
  • integrated in the insurer’s business planning process and day-to-day risk management;
  • taken into account when setting internal risk limits for the management of liquidity risk exposures;
  • used to update the insurer’s liquidity risk management strategy and relevant policies (elaborated on in Chapter 2);
  • used to support the establishment of the insurer’s risk monitoring metrics and any liquidity buffer(s) held by the insurer (set out in more detail in Chapter 5);
  • inform the insurer’s plan to deal with changes in expected cash inflows and outflows, as required by Article 260(1)(d)(iii) of the Delegated Act; and
  • used to inform the development of the insurer’s liquidity contingency plan (elaborated on in Chapter 7).


The insurer’s liquidity risk profile and adherence to its liquidity risk appetite and risk tolerance limits are expected to be considered regularly during meetings of any risk committee of the board. More frequent reporting may also be necessary if market conditions require, or there are material changes to the insurer’s liquidity profile. It is expected that the board and the PRA would be informed when the insurer approaches or breaches its liquidity risk appetite. Board involvement may be necessary in other circumstances and the PRA expects an insurer to establish and evidence a clear escalation process for issues to be raised to the board.


In accordance with Group Supervision 16.2, an insurer is required to report, on a group basis, risk concentrations that could threaten the group liquidity risk position. An insurer is also required to report intra-group transactions that materially influence the liquidity position of the group or one of the undertakings involved in these transactions.