Solutions

Risk management function for IORPs

IORP II requirements

The IORP II (Institutions for Occupational Retirement Provision) directive aims to provide a robust risk management framework for institutions for occupational retirement provision (IORPs). Part of these requirements include the creation of a new risk management function within IORPs.

“It is essential that IORPs improve their risk management while taking into account the aim of having an equitable spread of risks and benefits between generations in occupational retirement provision, so that potential vulnerabilities in relation to the sustainability of pension schemes can be properly understood and discussed with the relevant competent authorities.” 

Paragraph 57 of the IORP II Directive

Scope of the Risk Management Function for IORPs

Full ORA process, including ORA policy, exercise and report

Operational risks
  • Continuity, outsourcing, integrity, reputation, strategic, political and regulatory risks
  • IT and data (eg GDPR, privacy and cyber risks)
Financial risks
  • Investment risks, including: market, ALM, credit, liquidity and inflation
  • Actuarial risks, covering: solvency, model, financing, selection and insurance
  • ESG risks relating to the investment portfolio and their management

“Drawing up an effective and relevant ORA policy is a very important exercise to which IORPs must devote sufficient time.” 

FSMA communication – Transposition of IORP II

Own risk assessment (ORA)

The own-risk assessment is an exercise that must be performed at least every three years (or sooner following any significant change in the risk profile of the IORP). The full process consists of 3 parts:

  • ORA policy. This covers the objectives of the ORA, the decision making process, timeline and ORA frequency. The ORA policy must be approved by the board of directors of the IORP.
  • ORA exercise. This should include the analysis of the risks detailed, centered around actuarial, investment and operational risk. The effectiveness of risk management systems should also be considered, as well as the total financing needs of the IORP.
  • ORA reporting. The results of the ORA exercise should be summarized in a report, providing an overall assessment of the risk management processes in place. The ORA report should be submitted to the board of directors, approved by them and then sent to the FSMA.

“Ensuring an effective system of governance is therefore essential for the adequate management of risk and the protection of members and beneficiaries.”

Paragraph 52 of the IORP II Directive

A tailored solution

Innovative out of the box solutions

We have extensive experience in risk modelling and can offer a range of best-in-class solutions. Our approach includes:

  • Risk identification, including classification, prioritization and evaluation
  • Risk reconciliation, agreeing the risks identified with the relevant stakeholders
  • Risk allocation, ensuring the allocation and related accountability to the appropriate parties
  • Determining residual risk and specifying the compensating controls in place
  • Risk assessment and measurement, including reporting processes
     

ORA process

Full support on all stages of the ORA process including: ORA policy / governance, ORA exercise, ORA reporting, meetings with stakeholders and submission to the FSMA.

Bespoke requirements

In addition to our base set of solutions, we propose an approach tailored to your specific requirements. Examples of these include:

  • Coordination with other functions (e.g. the actuary / actuarial function, internal auditor, compliance officer, chief risk officer)
  • Integration with a multidisciplinary model approach, allowing for comparison with other functions such as non-financial risk, including operational and data risks
  • Dedicated bespoke support within risk committee meetings, including in-depth analysis of any entity specific risks
  • In-depth scenario and stress testing, focusing carefully on the entity specific risks identified
  • Focus on specific operational risks facing pension funds, including:
    • Business continuity
    • Outsourcing and integrity
    • Reputation and strategy
    • Political and regulatory
    • IT and data

Our team

In order to provide a complete risk management solution, we have established a team specialized in offering risk advisory services to pension funds.

Our specialist risk management team consists of over 100 dynamic and talented professionals with a broad range of experience covering actuarial, financial and operational risk projects. This range of experience allows us to bring a holistic view to the risk management function, considering the overall risk profile from multiple perspectives and viewpoints.

In addition to our specific team, we also collaborate closely with other Deloitte specialists across the firm, leveraging the knowledge of Deloitte’s more than 4,000 professionals across Belgium.

Risk management function for IORPs

Get in Touch

Dirk Vlaminckx

Dirk Vlaminckx

Partner, Audit & Assurance

Dirk is a Financial Services partner and Insurance sector leader. He started at Deloitte in 1998 and is an accredited auditor for banks, insurance companies and other financial institutions. Dirk is a... More

Caroline Veris

Caroline Veris

Partner, Risk Advisory

Caroline focuses on regulatory & compliance advisory services for FSI. This includes specialised services in the area of regulatory risk & strategy as well as compliance governance & organisation (e.g... More

Chris Verdonck

Chris Verdonck

Partner, Consulting & Advisory

Chris has over 25 years of consulting experience with Deloitte and serves a partner since 2001. He mainly focused on regulated businesses and serves clients in the areas of business and technology ris... More