March 2023
Doris Hsu
In order to effectively allocate limited financial regulatory resources, global financial regulatory authorities have adopted a Risk-based Approach (RBA) as the basis for financial regulatory implementation in recent years, and have been imposing regulatory measures that are commensurate with the risk level of the regulated subjects. The Financial Supervisory Commission of Taiwan (hereinafter referred to as the “FSC”), by following this trend, has recently adopted a step-by-step approach in introducing the RBA supervision principle for the administration of foreign investments by the insurance industry and outsourced operations of the financial industry to carry out differentiated supervision. The discussion on the trend and impact of the implementation of the RBA supervision principle in Taiwan through the regulations of the two aforementioned topics are as follows.
1. Differentiated Supervision Measures Adopted Based on the RBA Supervision Principle
The RBA supervision principle refers to the intensity of supervision based on the likelihood of harm in regulated affairs, as well as the range of damage to the financial stability and consumer rights and interests in the event of harm, in turn to take further corresponding differentiated supervisory measures.
The RBA-based supervisory measures are designed primarily to identify and acknowledge the risks of the organization, therefore, it is necessary to categorize the regulated subjects and the affairs involved so as to implement different levels of administrative means based on different categories after the risk assessment.
2. Amendments to the Regulations Governing Foreign Investments by Insurance Companies
Based on the RBA supervision principles, the FSC has implemented a meticulous control over the foreign investments by the insurance industry in which it has announced the amendments of the “Regulations Governing Foreign Investments by Insurance Companies” (hereinafter referred to as the “Regulations”), which came into effect on the day of the promulgation through the Jin-Guan-Cai-11204903341 Directive on February 16, 2023. The differentiated supervisory measures established under the RBA supervision principle for the purpose of risk control mechanisms strengthening for overseas investment in insurance-related enterprises by the insurance industry are as follows:
(1) Investment subjects are categorized with different barriers to entry
With respect to the administration of investment in the foreign enterprises by the insurance industry, the Regulations before amendment only imposed different qualifications requirements for foreign banks and insurance-related enterprises invested by the insurance industry, but it further categorize the invested foreign insurance enterprises into “foreign insurance companies, insurance agents, and insurance brokers (hereinafter referred to as the “Core Insurance Businesses”) and other “insurance-related enterprises” after the amendment.
The insurance enterprise was only required to reach a capital adequacy ratio of 250% when applying for the investment of overseas banking industries before the amendment while only 200% of the capital adequacy ratio is required for the investment of foreign insurance-related enterprises. The amendments took into account that the investment in insurance-related enterprises which are Core Insurance Businesses is also a cross-sector operation. In consideration of the business items and degree of complexity of different sectors vary with higher or lower corresponding risk levels, the required capital adequacy ratio is raised to 250% for the investment in insurance-related enterprises (that are not the Core Insurance Businesses) (Article 13-1, Paragraphs 1 and 2 of the Regulations).
If the invested entity belongs to the overseas banking industry, considering the business nature and professional requirements are entirely different for an insurance company seeking to invest in and operate a bank, it is additionally required that the insurance company shall jointly invest with a banking subsidiary of the financial holding company that the insurance company is affiliated with when applying for the investment, and the capital contributed by the insurance company shall not be higher than that of the banking subsidiary. This amendment is intended to avoid the risk of loss caused by the insurance enterprise’s lack of expertise in the banking industry through the co-investment with the banking subsidiary. In addition to ensure the effectiveness of the above-mentioned control, it is further required that the capital contributed by an insurance enterprise shall not be higher than the banking subsidiary in order to take into account both professional operation and risk management (Article 13-1, Paragraph 2, Subparagraph 3 of the Regulations).
(2) Different control mechanisms are adopted based on the intensity of control over the investing entities and invested entities.
To strengthen the administration of the post-investment of the overseas insurance-related enterprise by the insurance enterprise, the FSC has established relevant control mechanisms and implemented a differentiated administration mechanism for all insurance-related enterprises based on the condition of having a subordination or control relationship as well as the appointment of directors and supervisors. (Article 13-3 of the Regulations).
Take the major resolutions adopted by the board meetings of an investee for example, the Regulations after amendment impose different levels of reporting requirements based on the ability of the insurance enterprise to participate in the investee’s board of directors in which if the relationship of control or affiliation existed, major board resolutions shall be reported to the board of directors of the insurance enterprise and its affiliated financial holding company for discussion “in advance” since the insurance enterprise has a substantive influence on the investee and vice versa. (Article 13-3, Paragraph 1, Subparagraph 4 of the Regulations).
Take the formulation of relevant internal operation regulations as another example, in order to strengthen the administration of the post-investment of the overseas insurance-related enterprise by the insurance enterprise, the Regulations after amendment specifically provide that if the insurance enterprise has a relationship of control and subordination with the investee, the internal regulations on operation and management should include a control mechanism to timely obtain information regarding the insurance-related enterprise such as the business audit reports, audit reports issued by Certified Public Accountants, and financial inspection reports of the host government to enhance the transparency of operation (Article 13-3, Paragraph 1, Subparagraph 5(3) of the Regulations).
3. Draft Amendments of the Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation
Based on the RBA supervisory principles, and considering that the essence of the current outsourcing risk of financial institutions has changed with an increasingly diverse scope of application, the FSC has pre-announced the draft amendments of the Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation (hereinafter referred to as the “Draft Outsourcing Regulations”) through the Jin-Guan-Yin-Wai-11202705872 Circular of March 8, 2023.[1]
In light of the active introduction of several emerging technologies such as cloud computing and cloud storage by the financial institutions to enhance digital transformation and optimize financial services in recent years, which has led to a significant increase in the demands for outsourcing and a more diverse and complex scope of application, it is necessary to make adjustments according to the RBA supervision principles to achieve a more effective administration over financial institutions. Therefore, financial institutions will categorize their outsourcing activities according to the risk level, and shall take enhanced measures for higher risk outsourcing situations, while adopting relatively simplified measures for lower risk outsourcing situations. Therefore, financial institutions are required to establish appropriate policies and principles to assess risks, materiality, and impact on operations and customers’ rights and interests of outsourcing affairs, and take corresponding control measures in accordance with the RBA principles (Article 4 of the Draft Outsourcing Regulations).
Moreover, considering a greater potential impact may imposed on the operation of financial institutions and the rights and interests of customers if the information system of consumer finance business is entrusted to entities in foreign countries which possess a higher risk situation for outsourcing, a more prudent control standard shall thus be adopted. Therefore, the Draft Outsource Regulations specifically provide that the financial institution shall apply to the competent authority for approval in advance when it “outsource its material consumer financial business information system for overseas processing”. (Article 18, Paragraph 1 of the draft Outsourcing Regulations).
4. Summary
Take the draft amendments of the “Regulations Governing Foreign Investments by Insurance Companies” and the “Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation” for example, it can be concluded that the core concept of the RBA supervision principle refers to the consideration of the risk level regarding the regulated affairs throughout the selection of the regulatory approach and corresponding differentiated supervisory measures shall be taken. Since the financial industry is highly regulated, the application of RBA supervision principle and differentiated regulatory measures will undoubtedly become more extensive and refined in order to efficiently allocate and commit limited regulatory resources and management capacity of the regulatory authority and enterprises.
As for the financial industry, in view of the trend that the international community is moving towards the legal amendments in accordance with the RBA supervision principles, the FSC is likely to increase the level of refinement in the tiered regulation of various types of business in the financial industry in the future, therefore, the financial industry shall regularly and prudently analyze the changes in the regulation of financial business and conduct a prudent assessment on the legal applicability when operating business in order to reduce or avoid the likelihood of law violation.
[1] The submission of comments for the pre-announcement of the Draft Outsourcing Regulations will come to an end on May 8, 2023. Please refer to the draft Amendments to the Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation pre-announced by the FSC at https://www.fsc.gov.tw/ch/home.jsp?id=133&parentpath=0,3&mcustomize=lawnotice_view.jsp&dataserno=202303080001&dtable=NoticeLaw (Last reviewed on March 25, 2023)
The contents of all materials (Content) available on the website belong to and remain with Lee, Tsai & Partners. All rights are reserved by Lee, Tsai & Partners, and the Content may not be reproduced, downloaded, disseminated, published, or transferred in any form or by any means, except with the prior permission of Lee, Tsai & Partners.
The Content is for informational purposes only and is not offered as legal or professional advice on any particular issue or case. The Content may not reflect the most current legal and regulatory developments. Lee, Tsai & Partners and the editors do not guarantee the accuracy of the Content and expressly disclaim any and all liability to any person in respect of the consequences of anything done or permitted to be done or omitted to be done wholly or partly in reliance upon the whole or any part of the Content. The contributing authors’ opinions do not represent the position of Lee, Tsai & Partners. If the reader has any suggestions or questions, please do not hesitate to contact Lee, Tsai & Partners.