1 / 15

Brian Reilly, Senior Vice President & Chief Auditor St. Paul Travelers

COMPLYING WITH SARBANES-OXLEY SECTION 404: MANAGEMENT’S ASSESSMENT OF THE ACTUARIAL CONTROL ENVIRONMENT. Brian Reilly, Senior Vice President & Chief Auditor St. Paul Travelers. September 12, 2006. Management’s Assessment of the Actuarial Control Environment. OVERVIEW

stacey-daniels
Télécharger la présentation

Brian Reilly, Senior Vice President & Chief Auditor St. Paul Travelers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COMPLYING WITH SARBANES-OXLEY SECTION 404: MANAGEMENT’S ASSESSMENT OF THE ACTUARIAL CONTROL ENVIRONMENT Brian Reilly, Senior Vice President & Chief Auditor St. Paul Travelers September 12, 2006

  2. Management’s Assessment of the Actuarial Control Environment OVERVIEW • Sarbanes-Oxley Act Overview • Internal controls over financial reporting • Implications to the Actuarial Community • Significant judgment involved in setting reserves • Management’s best estimates • Focal point for external auditors

  3. Management’s Assessment of the Actuarial Control Environment OVERVIEW • SOX 404 Requirements • Management’s assessment of controls • Documentation of process • Assess control design • Assess effectiveness of controls • Evidence of control effectiveness is critical • External Auditor’s Report • Evaluation of management’s assessment • Independent assessment of internal controls over financial reporting

  4. Management’s Assessment of the Actuarial Control Environment WHY CONSIDERED A KEY RISK AREA? • Reserves can be inadequate or unreasonable. • Inaccurate analysis of reserves, • Inappropriate interpretation of data, • Faulty assumptions, judgments or methodologies. • Key dependency on integrity of data. • Heavy reliance on spreadsheets/data models (EUC tools). • Reserve selection process may be flawed. • Perceived management of earnings.

  5. Management’s Assessment of the Actuarial Control Environment OBJECTIVE: EVALUATION OF RISKS AND CONTROLS • Management must identify all the financial statement risks and assess the key controls that mitigate the risks. • If no controls exist, or existing controls are weak, management must develop compensating controls. • If not addressed, likely at least a significant deficiency.

  6. Management’s Assessment of the Actuarial Control Environment To evaluate the risks and controls: Assess the materiality of reserves to the entity Develop an understanding of the risks Assess the controls that mitigate the risks

  7. Management’s Assessment of the Actuarial Control Environment Assess the materiality of reserves to the entity • Assume loss reserves are material to financial statements • Also need to consider: segment vs. consolidated reserves

  8. Management’s Assessment of the Actuarial Control Environment Develop an understanding of the risks • Development and documentation of loss triangles. • Analysis and selection of actuarial indications. • Booking of management’s best estimate to the financials. • Risks & controls differ depending on the organizational structure (centralized vs. decentralized). • Data integrity: complete, accurate and timely.

  9. Management’s Assessment of the Actuarial Control Environment Assess the controls that mitigate the risks • Evaluation of results – • ~Change in position and ending position • ~Segments and consolidated • Data Gathering & Data Integrity. • System Controls. • Balancing Controls. • Documentation of management’s best estimate determination. • Controls over modeling & development of actuarial indications. • Reconciliation controls.

  10. Management’s Assessment of the Actuarial Control Environment Assess the controls that mitigate the risks • Data Gathering & Data Integrity • Sufficient data extraction procedures and documentation to prove integrity, completeness and accuracy.

  11. Management’s Assessment of the Actuarial Control Environment Assess the controls that mitigate the risks • System Controls • Access/security controls • Servers • Models • Cells • Backup and recovery • End user computing

  12. Management’s Assessment of the Actuarial Control Environment Assess the controls that mitigate the risks • Controls over modeling & development of actuarial indications • Peer review (QA) • Independent reviews • Quarterly certification process

  13. Management’s Assessment of the Actuarial Control Environment Assess the controls that mitigate the risks • Documentation of management’s best estimate determination (segment & consolidated basis) • Business Group management reviews. • Review and approval by Chief Actuary and CFO/CEO. • Audit Committee executive session with Chief Actuary.

  14. Management’s Assessment of the Actuarial Control Environment Why is it important to have a sound control environment? • Management must be able to rely on the results of the actuarial analysis. • SEC: Sarbanes-Oxley implications. • IRS: Tax implications/challenges. • Rating Agencies: Company rating concerns. • State Regulators: Solvency and oversight responsibilities. • External Auditors: Attesting to the accuracy of the organization’s financial results.

  15. Management’s Assessment of the Actuarial Control Environment Questions?

More Related