In order to capture the qualitative aspects of risk-oriented supervision, The Federal Office of Private Insurance FOPI relies on a methodology that is heavily characterized by principle-based targets. Together with the Swiss Solvency Test (SST), the Swiss Quality Assessment (SQA) constitutes a central element of the new insurance supervision regime, which was introduced on 1 January 2006 by the new Insurance Supervision Act (ISA). FOPI supplements these modern supervision tools with traditional means of supervision, achieving an integrated, modern overall concept talking account of the challenges of the insurance industry and strengthening policyholder protection.
The main focus of qualitative insurance supervision is on corporate governance, risk management, and internal control. As a matter of principle, a qualitative evaluation without the active participation of the insurance undertakings is hardly feasible. The regulator therefore relies on inclusion of the undertakings and has chosen the method of self-assessment for this purpose.
The self-assessment by the undertaking is followed by validation by FOPI. FOPI determines to what extent the supervised insurance undertakings realise corporate management based on the approval requirements and checks and balances, and to what extent they have established risk management appropriate to their risk profile. At the same time, FOPI verifies whether an effective internal control system is established and implemented. A risk dialogue with key decision-makers in the insurance undertaking is then carried out. If needed, recommendations are made or supervisory orders issued.
Article 14 of the Insurance Supervision Act (ISA) requires that the persons responsible for overall direction, supervision, control, and management must guarantee sound and proper business operations. Article 22 ISA requires every insurance undertaking subject to supervision to establish and maintain risk management appropriate to its risk profile. The undertaking must be organised in such a way that all its significant risks can be captured, limited, and monitored. For this purpose, an effective internal control system must be established, covering all business operations (article 27 ISA). These legal requirements are set out in detail in articles 12 et seq., 96 et seq., and 195 et seq. of the Supervision Ordinance. In FOPI Directive 15/2006 on Corporate Governance, Risk Management, and the Internal Control System, the practice pursuant to these legal foundations is explained.