Risk Management: IORP II requirements

The IORP II requirements place significant focus on improving the risk management function in order to ensure that:

• own-risk assessments are carried out triennially, or after any significant change in risk profile
• risk management is integrated into all management processes & decision making
• risk is considered from the perspective of members and beneficiaries, including the risk of benefit reductions or loss of indexation.

A risk management system is required comprising strategies, processes and procedures, with independent actuarial input where appropriate, to identify, measure, monitor, manage and report risks, including:

• Underwriting and reserving
• Asset-liability management
• Investment, in particular derivatives, securitisations and similar commitments
• Liquidity and concentration risk management
• Insurance and other risk-mitigation techniques
• Environmental, social and governance risks relating to investment assets
• Operational risks

The own-risk assessment must describe how it is used in the management and decision-making processes, and must include assessment of:

• preventions of conflicts of interest where the sponsor carries out functions, or where outsourcing in place
• funding needs, including any recovery plan
• operational risks in a qualitative manner
• protection mechanisms (eg guarantees, sponsor covenants, insurance, government/industry protection) in a qualitative manner
• new and emerging risks, including environmental, and regulatory risks related to investments
• the overall effectiveness of the risk management system.

Back to main IORP page.

Read more on the IORP requirements around governance and member communication.