Entity-level controls and internal control system
Entity-level controls and the internal control system (ICS) are key elements in the proper functioning of corporate governance.
Insurance companies are legally obliged to establish an effective internal control system (ICS) for their entire business (Art. 27 ISA). The ICS covers a company’s internally prescribed processes, methods and measures designed to secure adequate management control, leading to effective business processes, reliable financial reporting and compliance with laws and regulations.
Within the “ICS assessment – self-assessment of the company-wide controls & internal control system” (ICSA) survey, FINMA periodically collects information about the internal control system in place at the insurance company, the insurance group or the insurance conglomerate. The focus is on the underlying processes, methods and measures for ensuring that there is an appropriate level of assurance regarding the risks of the business. Information about the maturity of the ICS is also gathered.
The information obtained helps FINMA to assess the ICS structure and processes (ICS framework) in place at the insurance company, group or conglomerate.
The findings from the ICS assessment are incorporated into the overall assessment of the insurance company group or the conglomerate as well as FINMA’s supervisory process. They can lead to follow-up activities either for individual insurance companies, selected groups of insurance companies or for the overall market.
The legal basis for the survey is provided by the two FINMA Circulars 2017/02 "Corporate governance – insurers" and 2018/03 "Outsourcing – banks and insurers".
Within the “ICS assessment – self-assessment of the company-wide controls & internal control system” (ICSA) survey, FINMA periodically collects information about the internal control system in place at the insurance company, the insurance group or the insurance conglomerate. The focus is on the underlying processes, methods and measures for ensuring that there is an appropriate level of assurance regarding the risks of the business. Information about the maturity of the ICS is also gathered.
The information obtained helps FINMA to assess the ICS structure and processes (ICS framework) in place at the insurance company, group or conglomerate.
The findings from the ICS assessment are incorporated into the overall assessment of the insurance company group or the conglomerate as well as FINMA’s supervisory process. They can lead to follow-up activities either for individual insurance companies, selected groups of insurance companies or for the overall market.
The legal basis for the survey is provided by the two FINMA Circulars 2017/02 "Corporate governance – insurers" and 2018/03 "Outsourcing – banks and insurers".
