ISAP 6 and standards for ERM

The Actuarial Standards Board is in the process of adding Part 8000 to the CIA Standards of Practice, which will cover enterprise risk management, and draws from the sixth International Standard of Actuarial Practice. Mario Robitaille, FCIA and Chair of the designated group responsible for these changes, joins us to discuss what is included in this new part.


Fievoli: Welcome to Seeing Beyond Risk, a podcast series from the Canadian Institute of Actuaries. I’m Chris Fievoli, Staff Actuary, Communications and Public Affairs at the CIA.

Over the past few years, the International Actuarial Association has developed a number of international standards of actuarial practice, known more commonly as ISAPs. The CIA and the Actuarial Standards Board have been following the development of the ISAPs closely to determine how they should be incorporated into Canadian guidance.

One of these is ISAP 6, which covers enterprise risk management. And joining us today is Mario Robitaille, Chair of the ASB designated group responsible for the development of ERM standards.

Thanks very much for coming on the podcast today.

Robitaille: Thank you, Chris. Good to be here.

Fievoli: So up until now, we have not had any standards addressing the topic of enterprise risk management. What are the reasons for now including it?

Robitaille: Well, you’re right. Currently in our Canadian standards of practice we don’t have anything on enterprise risk management.

I’d say that one of the strong arguments that goes in favour of including ISAP 6 on enterprise risk management is the fact that ERM has taken a growing importance as an area of practice within the Canadian actuarial field.

I’d say over the last decade, we’ve seen this increase and more formally we’ve seen the insurance companies, banking, as well as companies introduce formal programs, and we see more and more of these programs going in other industries as well.

So clearly, we see a growing interest through the Canadian Institute of Actuaries, existing committees and new committees that were created. So clearly, we felt that it was a good time at this moment to introduce such a standard within our standards of practice.

Fievoli: I understand that both ISAP 5 and ISAP 6 were included in the work of your designated group. Can you tell us what each of those cover and why are we focusing more on #6 at this time?

Robitaille: Let’s start with ISAP 5. ISAP 5 is called the insurer enterprise risk model, whereas ISAP 6 is on the enterprise risk management programs.

The mandate of our designated group was to make a recommendation to the Actuarial Standards Board to determine their appropriateness as to what should be included within our standards.

ISAP 5, being on models, is something that we already have in place within our standards that cover models. When we looked at it, we saw that it was very much similar in content to what we already have in place. Given that, the recommendation that we made was that there was no need to implement this one. So we quickly came to that recommendation, and the conclusion was that there was no need to go further on this front.

As far as ISAP 6 goes (on enterprise risk management), as I mentioned earlier, given the evolution of the practice in this field, we felt that it was positive that we could move forward on this front. Apart from the growing importance, one other element that we considered and discussed in the designated group was the fact that having standards for actuaries, we felt that it was a positive in the industry and compared to other non-actuaries practising in the field, we felt that it was something that would be seen positively by external clients.

Certainly, we discussed that at length within the designated group, as well as with other committees and subcommittees within the CIA. In the end, after that consultation, we felt that our position was clear to go further and propose that exposure draft to be included within our standards.

Fievoli: So if we compare this proposed new section in the standards, how does it look compared to ISAP 6? Is it similar or different?

Robitaille: Well, I would say for the most part, the content is quite similar. We made a few adjustments, but there are two bigger adjustments that are worth explaining.

The first one relates to the scope. We want to make sure that it is not too broad, and that it really relates to actuaries being involved in the enterprise risk management program itself. When we think of actuaries, we often call ourselves risk management or risk managers. We just wanted to make sure that it’s not all the work, every type of work being done by actuaries that has to follow this enterprise risk management section. So that’s the first element.

The second change that we’ve made is related to the fact that the ISAP 6 is specific to insurance companies. As I mentioned earlier, we see a growing positioning in terms of actuaries practising in pension plans, in banking and insurance companies, but also in different industries. So given the involvement in different industries, we wanted to make sure that it’s not insurance specific and that it covers the work of actuaries in any industry wherever they may work.

In the end, we want to make that new section in the standards of practice and want it to be a foundation for other standards of practice related to risk management that could be included in the future.

Fievoli: Great. What else can you tell us about the content in this new section of the standards?

Robitaille: I will do a quick overview of the contents. So, two sections within this standards of practice. The first one relates to the scope that I just explained, and the second one is a more general section, which is broken down within four different subsections.

The first subsection is called “Circumstances Affecting the Work” – considerations of elements required by regulation. So what’s in there is basically anything that relates to considerations on requirements for risk management policies for risk tolerance statements.

It also covers regulatory capital, where it applies for industries. It talks about own risk and solvency assessment, which is an important tool in risk and enterprise risk management and it also gives different considerations for proportionality and respect of the nature, the scale, and the complexity of the operations.

The second subsection is called Identification Assessment and Management of Risks. Basically, it describes what I would call the typical risk management process. So here we’re talking about the risk identification, the measurement, the mitigation strategies, the reporting of risk. So, it provides more details on the expectations there for actuaries.

The third subsection is Risk Management at the Enterprise Level. It talks about the aggregation of risks and the enterprise-level view that the actuary should have whenever working within an ERM program.

And the last subsection is called the Own Risk and Solvency Assessment, typically referred to as ORSA. This section describes the key considerations when performing an ORSA, which again is an important tool within any ERM program.

Fievoli: All right, let’s wrap up by just discussing the steps from here until implementation. What happens now leading up to the section formally being adopted to be part of the standards?

Robitaille: The first step is the comment period ending on September 30th and based on the comments that we receive and their nature, we could expect the final publication of the standard and this new section before the end of the year. Then the plan is to have that standard being effective no later than June 30, 2023, with early implementation being allowed.

Fievoli: All right. Well, thanks very much for joining us today to talk about this new section of the standards.

Robitaille: Thank you, Chris.

Fievoli: We now have over 100 episodes in our podcast series going back over the past three years, so we encourage you all to subscribe, and you can do that through whatever platform you use to get your podcasts. And we’d like to hear from you. So, if you have any suggestions or episode ideas, you can send them to podcasts@cia-ica.ca.

And we’re always looking for new content to post on our Seeing Beyond Risk blog. If you have some ideas that you would like to share, please contact us at seeingbeyondrisk@cia-ica.ca. And we’ve recently launched a new site covering all the exciting changes we are making to the CIA qualification requirements. You can reach that at www.education.cia-ica.ca.

Until next time. I’m Chris Fievoli and thank you for tuning in to Seeing Beyond Risk.

This transcript has been edited for clarity.

Follow us

Contact Us

Canadian Institute of Actuaries
360 Albert Street, Suite 1740
Ottawa, Ontario K1R 7X7

Subscribe to our emails