Risk review committee mandate
This mandate provides terms of reference for the Risk Review Committee of each of Economical Mutual Insurance Company (“Economical”), Sonnet Insurance Company, The Missisquoi Insurance Company, Perth Insurance Company, Waterloo Insurance Company and Petline Insurance Company (collectively the “Companies” and individually the “Company”).
The Company’s Board of Directors (the “Board”) has established the Risk Review Committee (the “Committee”) to assist the Board in fulfilling its oversight responsibilities with respect to the management of the enterprise risk management framework with a view to promoting the achievement of agreed upon risk-adjusted returns and allocating capital accordingly. The Committee oversees the identification of major risks facing the Company and the development of strategies to manage and mitigate those risks, the review of compliance with approved risk management policies, the oversight of policies, practices and controls related to the Company’s capital structure, the review and monitoring of the Company’s annual capital plan, the review of the annual report on the Company’s expected future financial condition and periodic stress testing, and the monitoring of the effectiveness of the Company’s enterprise-wide Regulatory Compliance Management (RCM) program and framework.
Members and conduct
The Board shall appoint a minimum of three directors to be members of the Committee. The members of the Committee will be selected by the Board on the recommendation of the Corporate Governance Committee. Each year, the Board will appoint one member of the Committee to serve as Chair of the Committee. If, in any year, the Board does not appoint a Chair, the incumbent Chair will continue in office until a successor is appointed.
All members of the Committee will meet the criteria for independence referred to in the Board mandate. The Committee will include directors who have an understanding of the types of risks facing the Company and the techniques used to measure and manage those risks. Members have a duty to immediately notify the Chair of the Board if he or she ceases to meet the qualifications for Committee membership for any reason.
Any member may be removed and replaced at any time by the Board, and will automatically cease to be a member as soon as the member ceases to meet the qualifications set out above. The Board will fill vacancies on the Committee by appointment from among qualified members of the Board on the recommendation of the Corporate Governance Committee. If a vacancy exists on the Committee, the remaining members will exercise all of its powers so long as there is a quorum.
The Committee shall conduct itself in accordance with the Committee Operating Procedures prescribed by the Board from time to time. At least annually the Committee shall meet, at the Committee’s discretion, in separate in camera sessions with each of the Chief Risk Officer (CRO), the Appointed Actuary, the President and Chief Executive Officer, the Chief Financial Officer, and the Chief Compliance Officer (CCO). This mandate does not impose on any Committee member a standard of care or diligence that is in any way more onerous or extensive than the standard of care applicable to the Company’s directors generally.
The Committee is responsible for performing the duties set out below as well as any other duties delegated to the Committee by the Board from time to time.
Risk Appetite Statement
The Committee will, on an annual basis, review the Company’s Risk Appetite Statement and related risk control limits and, upon agreement, recommend them to the Board for approval.
Risk Identification and Assessment
The Committee will, at least annually, review and assess the reasonableness of:
- management’s assessment of the key current and emerging risks facing the Company, including insurance, financial, operational, strategic, and other related risk categories;
- the risk assessment of the Company’s Financial and Business Plans; and
- the report on the Company’s expected future financial condition and periodic stress testing performed in accordance with any regulatory or policy requirements.
Risk Management Oversight
The Committee will:
The Committee will, on an annual basis or more frequently as required, review:
- a report on the status of the information systems security program including data security, access security and the results of any external information system security audits;
- the adequacy of the Company’s business continuity and crisis management plans;
- management’s assessment of compliance with the Company’s risk management policies
The Committee will, on a quarterly basis, or more frequently as required, review:
- management’s assessment of key risk exposures and emerging trends that have reasonable potential to exceed the Company’s stated risk appetite and risk control limits, and where appropriate approve recommended action plans;
- management status reports on the effectiveness of any risk mitigation plans that have been implemented in response to identified non-compliance with prescribed risk control points, policy provisions or risk tolerance limits; and
- any issues raised by internal audit or any regulatory agency regarding the effectiveness of the risk management control environment, including management’s responses and recommendations.
The Committee will:
- review and discuss the Own Risk Solvency Assessment (“ORSA”);
- review the annual Capital Management Plan, including target internal and regulatory capital ratios, and, upon agreement, recommend its approval by the Board;
- monitor performance against the Capital Management Plan to support continued solvency; and
- ensure that capital management is integrated into the ERM framework and management’s decision making process.
Regulatory Compliance Management
The Committee will at least annually:
- review and discuss the Company’s RCM program and framework;
- review and assess the result of the Company’s RCM program and framework, including its overall effectiveness and exposure to material regulatory compliance risk;
- review and discuss reports from the CCO and/or Internal Audit on the effectiveness of the RCM program and framework, including the CCO opinion; and
Periodically, the Committee will review and upon agreement approve recommended changes to
- the definition of “materiality” in regard to exposures/weaknesses to regulatory compliance risks; and
- the statement of mandatory responsibility and authority of the CCO.
The Committee will regularly report to the Board on, among other matters:
- its review of the key current and emerging risks;
- its review of the risk management policies and its assessment of management’s compliance towards those policies;
- its review of the annual report on the Company’s expected future financial condition and periodic stress testing and any related action plans;
- the Company’s compliance with the Capital Management Plan;
- its review of management’s assessment of key risk exposures relative to the stated risk appetite and where appropriate the associated action plans;
- the CCO opinion on enterprise wide compliance with applicable regulatory requirements and the results of the Company’s RCM program and framework; and
- all other significant matters it has addressed and with respect to such other matters that are properly within its responsibilities.
At least annually, the Corporate Governance Committee will review the effectiveness of the Committee in fulfilling the responsibilities and duties set out in this mandate, in accordance with the evaluation process approved by the Board.
The Committee will review and assess the adequacy of this mandate at least once every three years and submit it to the Corporate Governance Committee for approval with such further amendments as it deems necessary and appropriate. The Corporate Governance Committee will review this mandate and submit it to the Board for approval with such further amendments as it deems necessary and appropriate. Minor technical amendments to this mandate, may be made by the Corporate Secretary of the Company, who will report any such amendments to the Board at its next regular meeting.
Access to records and outside advisors; reliance on experts
In carrying out its responsibilities, the Committee:
- is empowered to investigate any matter with full and unrestricted access to all books, records, facilities and personnel of the Company and its subsidiaries;
- may retain, remove, instruct and pay any outside advisor, including independent counsel, at the expense of the Company without Board approval at any time;
- has the sole authority to determine such advisor’s fees and other retention terms;
- may communicate directly and privately with the internal auditor, the external auditor and any other advisor engaged by the Committee or the Company at any time; and
- shall be entitled to rely in good faith upon:
- a report or advice of an officer or employee of the Company, where it is reasonable in the circumstances to rely on the report or advice, and
- a report of an actuary, lawyer, accountant, engineer, appraiser or other person whose profession lends credibility to a statement made by such a person.
No rights created
This mandate is a statement of broad policies and is intended as a component of the flexible governance framework within which the Board, assisted by its committees, directs the affairs of the Company. While it should be interpreted in the context of all applicable laws, regulations and listing requirements (if any), as well as in the context of the Company’s letters patent and by-laws, it is not intended to establish any legally binding obligations.