The Own Risk and Solvency Assessment (ORSA) has evolved from arelatively unknown requirement to a present reality, and companiescontinue to adapt their plans to comply with the mandate.

While the ORSA may not have initially come together as manypredicted, the planning process has provided tangible benefits.Gaps have been identified, action plans developed, and processesimproved. Risk identification, monitoring, and mitigation for manyinsurance companies have become more prominent and transparent thanever before.

The inaugural year of the ORSA process and its accompanyingSummary Report presented significant challenges and opportunitiesfor insurance companies. Although based on an organization's ERMframework, ORSA was a totally new regulatory requirement thatdemanded a substantial investment of resources and time—and indeedstill does.

The challenge presented by the ORSA requirement is to develop aprocess and produce a Summary Report that closely matches theunique goals, policies, and practices of the insurer while avoidinga cookie-cutter approach.

This challenge is also an opportunity to take a fresh look atthe organization's risk protocols, deployment of capital, andERM-related computer systems, perhaps leading to meaningful changesor simply confirming the adequacy of the current practices.

In essence, the ORSA is a mandated process thatrequires insurers to create internal processes to asses their riskmanagement and solvency positions under normal and stressedscenarios.

It requires an insurer to analyze any and all relevant risksthat could have an adverse impact on its ability to meet financialpolicyholder obligations. It is designed to be a nonprescriptiveapproach to risk management, where insurers are asked to use theirbest judgment in formulating their assessments of current andfuture risks. 

Although it can be viewed by some as an annual report, the ORSAis designed to be continually evolving and should have a prevalentrole in the enterprise risk management function.

Insurers mandated to comply with ORSA are required to:

• Conduct an ORSA no less than annually
• Document processes and results of the ORSA internally
• Provide an ORSA Summary Report to the lead state insurancecommissioner annually, if the insurer is a member of an insurancegroup, and upon request to the domiciliary statecommissioner 

As the emphasis is on the "Own" in Own Risk Solvency Assessment,insurers are left to decide what would best represent their presentsituations. And that means there is room for error. 

A lot has been learned about what does and doesn't work over thefirst few years of ORSA compliance. Insurance companies havediscovered that producing a high quality summary report can createan undue organizational burden even if the process is carefullyplanned. However, many companies have learned how to prevent theORSA process from becoming a burden on resources and organizationalcosts while still complying with the regulation.

Check out this blog to learn 10 best practicesto follow when determining how best to create your ORSAprocess.