Corporate governance of insurers in Germany. German National Report

In your jurisdiction, what corporate governance models are available to insurance companies? In case multiple models are available, describe the main differences and the allocation of management and monitoring powers among the relevant bodies/committees and which model is generally or ideally adopted by insurance companies.

In Germany, insurance may be tendered only by certain types of corporations (excluding the fact that the freedom of service and the freedom of establishment especially afforded to insurance undertakings established in other Member States of the EU and the EEA may allow other types of corporations to sell insurance or provide cover within Germany). Only undertakings incorporated in the form of an Aktiengesellschaft (AG; joint-stock company), a Societas Europaea (SE; [European] joint-stock company), a Versicherungsverein auf Gegenseitigkeit (VVaG; insurance association on mutuality) or an öffentlich-rechtliches Versicherungsunternehmen (public insurance company) may provide such financial services.

Insurance undertakings that are incorporated as Aktiengesellschaften are by law required to implement a dualistic model (also called two-tier system) with the constitution of a Vorstand (in the following executive board) and an Aufsichtsrat (in the following supervisory board). While the size and the election modalities of the supervisory board may differ especially in relation to the size and employment figures of the insurance undertaking in question, the creation of a supervisory board per se is not contingent on the principle of proportionality.

Where an insurance undertaking is incorporated in Germany in the form of an SE, which in practice remains an exception in the insurance sector,² the founders have an option between a dualistic system (two-tier system) and a monolithic system (one-tier system). As for the moment, where an SE has been chosen, most have opted for the two-tier system, turning it rather unnecessary to elaborate on the possibility of the one-tier system.

As concerns the Versicherungsverein auf Gegenseitigkeit (VVaG), German law requires the corporate governance to be virtually identical to that of an Aktiengesellschaft, i.e. it requires an executive board and a supervisory board and thus a dualistic model.³

What are the main sources of regulation addressing corporate governance of companies (and in particular of insurance companies)? e.g., statutes, regulations, other rules/recommendations issued by national and supranational supervisors/regulators, self-regulation, codes of best practice, codes of ethics.

Concerning Aktiengesellschaften the non-optional dualistic model and the constitution of the executive respectively supervisory board and the rights and duties of its members are provided by secc. 76 et seqq. respectively secc. 95 et seqq. AktG (Joint-Stock Companies Act). Sec. 107 AktG furthermore obligates all joint stock companies to implement a governance system partitioned in an internal control system and a risk management system. This provision is, however, rather without importance for insurance companies since they are subject to more elaborate specifications by insurance regulatory law.⁴

Concerning Versicherungsvereine auf Gegenseitigkeit the executive and supervisory board and the rights and duties of its members are regulated by secc. 184, 188 and 189 Versicherungsaufsichtsgesetz (VAG; Insurance Supervisory Act) which in their turn declare applicable mutatis mutandis most of the aforementioned provisions of the AktG.

The construction and constitution of the governing bodies (including the option between a monistic and dualistic model) of a SE are regulated in artt. 38–51 European Company Regulation,⁵ secc. 15 et seqq. SE-Ausführungsgesetz (SEAG; SE-Implimentation Law⁶) and concerning employee participation in the management of the company in the provisions of the SE-Beteiligungsgesetz (SEBG; SE-Participation Law⁷).

Irrespective of the type of corporation an insurance undertaking has chosen, the supervisory minimal requirements of the governance of an insurance undertaking are regulated by secc. 23–34 VAG (which transpose artt. 40–50 Solvency II Directive⁸ into national law), artt. 258–275 Solvency II Delegated Reg.⁹, the EIOPA Guidelines on the System of Governance¹⁰ and the MaGo-circular issued by the German supervisory authority BaFin¹¹ (some governance aspects are also clarified by interpretative decisions of BaFin, e.g. Interpretative Decision on the Remuneration System, or by explanatory leaflets, e.g. Explanatory Leaflet on the Fitness and Propriety of Key Function Holders or of Executive Board Members or of Supervisory Board Members).

Additionally, German Insurers often follow the rules of the soft-law instrument of the (German) Corporate Governance Kodex¹²; such insurers whose shares are publicly traded must annually declare if they oblige by the rules of this codex. In comparison to what German insurance undertakings are legally required concerning their governance system, the codex, however, bears little practical importance. Under the organisation of the German Insurance Association (GDV) many insurers have also adhered to the Code of Conduct for the Distribution of Insurance Products and the more recent Code of Conduct for Data Protection which regulate also some governance aspects.

In your jurisdiction, are you aware of any insolvency or distress of an insurer directly attributable to poor corporate governance standards or practices or failure to adequately implement and apply such principles? If so, please identify the main triggers of the insolvency.

Over the course of the last century, insolvencies or corporate crises have been rather rare in the German insurance sector (during the 20th century the last insolvency of a bigger German insurer dated back to 1929 with the Frankfurter Allgemeine Versicherungs-AG). Where an insolvency occurs, this will usually also have some relation with poor or sub-optimal corporate governance albeit not necessarily in the direct sense. One could hence argue that it is not the distressed life insurance undertaking’s fault that we are currently witnessing a low interest rate environment. One could, however, ask if a sound management should not have previsioned the possibility of such a low-for-long stress situation (at the latest when such a situation occurred in Japan, beginning in the late 1980s, lasting until the early 2000s, and severely threatening many Japanese life insurers) forcing the insurers to overthink their guaranteed interest rates or at least the guaranteed level at a much earlier moment. In principle, however, corporate distress of insurers will more likely be the direct result of adverse market situations rather than negligent governance, as can be seen e.g. in the insolvency of the small transport insurer East-West Assekuranz (Berlin) in the summer of 2017.

In your jurisdiction, is corporate governance regulation applied according to the nature, scale and complexity of an insurer’s business? If yes, please describe any significant differences and rationale for the differences.

The so-called Verhältnismäßigkeitsgrundsatz is one of the founding principles of German administrative (and constitutional) law and has served as (one of) the inspiration(s) for the establishment of the principle of proportionality in EU-law in general and in the Solvency II insurance supervisory system in particular. This principle applies, generally, to the application of all provisions which are not fully rule-based but have at least a principle-based element and thus afford a certain margin of discretion. For the German supervisory authority, the necessity to apply the principle of proportionality is now explicitly provided by sec. 296 subsec. 1 VAG.

In the application of the proportionality principle, one must distinguish two situations: First, where a provision is drafted in a rule-based manner, it is the legislator or regulator, which is obligated to observe the proportionality principle. There are hence several black letter rules that have a built-in proportionality principle. For example, a Versicherungsverein auf Gegenseitigkeit may be declared by BaFin to be a mutual society whose operations are limited to a certain range of business, territory or group of persons (so-called small VVaG) which by operation of law, sec. 210 VAG, dispenses them inter alia from the obligation to establish a supervisory board. The same applies also to the delegated legislator, i.e. the Commission in conjunction with EIOPA on the European level and the Federal Ministry of Finance which are supposed to establish all legal rules in application of the principle of proportionality. More commonly—this is at least the abstract concept of the whole Solvency II-System—the rules will, however, remain principle-based which means that their application and result will be in general subject to the principle of proportionality. Hence, the undertakings’ duties concerning corporate governance are to be established while paying heed to the nature, scale and complexity of its business. How the proportionality principle may come into play in creating stricter or more lenient supervisory obligations can e.g. be observed in sec. 23 subsec. 1 VAG (which transposes art. 41 of the Solvency II Directive):

All insurance undertakings shall have in place a system of governance, which is effective and proper, and which is appropriate in view of the nature, scale and complexity of its business. Other than providing for the observance of legal, regulatory and supervisory requirements the system of governance must ensure a sound and prudent management of the business. Other than the observance of the requirements provided for by this chapter the system shall especially include an adequate transparent organizational structure with a clear allocation and appropriate segregation of responsibilities and an effective internal communication system.

In this subsection there is hardly a term which is not broad (and vague) and thus open to interpretation, which serves at the same time as a trigger for the application of the principle of proportionality. In many instances, the Commission, EIOPA or BaFin have, however, concretised some aspects of certain elements of the governance system. These concretisations have often been phrased in the form of minimal standards (or expectations). Here, the principle of proportionality could no longer alter the obligation for the undertaking (at least if the concretising rule is itself proportional and thus “constitutional”).

Please provide specific examples of corporate governance structures and practices that are better implemented through self-regulation rather than through legal or supervisory requirements.

Generally, it seems more appropriate that the legislator or regulator/supervisor limits itself to minimal requirements concerning corporate governance since the setting of legal obligations encroaches on the freedom of the executive body to manage the business under application of the business judgment rule according to its proper needs. In view, however, that within the insurance industry the interest of several other stakeholders must be considered, i.e. the policyholders, insured, beneficiaries, owners, employees, and the public at large concerning the functioning of an effective insurance market, it also seems appropriate that these minimal requirements are more encompassing than in other economic sectors.

There nevertheless exist areas that should rather remain outside the scope of legal governance requirements and should best be addressed by self-regulation. As an example, the German insurance law historically left it for the insurers to decide whether to implement an internal or external complaint handling mechanism (nowadays they are by law required to at least have an internal complaint handling mechanism). This freedom to self-regulate made it possible for the German insurance industry to create a very consumer friendly Ombudsman procedure.¹³ The Ombudsman may be petitioned by any aggrieved policyholder and the decisions are up to an amount of 10,000 Euros fully binding on the insurer while the policyholder always remains free to petition the courts. Under German constitutional law such a mechanism could probably not have been provided by statute because of its particular character of passing only one-sided binding decisions (and thusly depriving the insurer of their legal judge). Other examples might be the question, how much green or sustainable investments an insurer makes. While sustainability considerations should very well be part of any sound business management—and be it only to hedge technical insurance risks caused by climate change or to hedge investments in businesses potentially harmful to the environment (which might become problematic due to changing perceptions of investors)—the concrete investment decision under such considerations should be outside the scope of legal requirements. It should hence be for the undertakings to decide on an appropriate level of green or sustainable investments which could be institutionalised by self-regulation,¹⁴ which would allow insurers to distinguish themselves on the market and attract policyholders that put a large premium on green finance.

In case your jurisdiction was recently requested to implement domestically certain corporate governance principles set forth by supranational regulations, describe the main obstacles and problems (if any) that resulted from such process.

If one were to regard the EU as a supranational body—which goes against common wisdom which perceives it as a confederation of states sui generis—much could be said concerning the problems in transposing the Solvency II System into national law and in implementing it into practice. Especially the preparatory phase for the application of Solvency II, during which the old VAG representing the Solvency I-System remained in force, but undertakings needed to be made ready for the immediate entering into force of the Solvency II System without any legal transition period created a host of dogmatic and practical problems.¹⁵

If one considers the difficulties in implementing corporate governance principles by other truly supranational bodies, the problems are now rather reduced. Since Solvency II is in general regarded on the international level as one of the best practices of insurance supervisory law, it appears rather unlikely that international standards are created that are not at least roughly in line with the German standards. Further, the new regulatory regime is for the most part principle-based. By this way, the system is flexible enough to allow the supervisor to concretise duties on the supervisory level, be it for certain undertakings (e.g. GSIIs) or be it for certain aspects of governance for all undertakings. If such is not possible, especially if the alteration appears to be material and thus requiring legislative action, the Solvency II System is flexible in the sense that it applies the so-called Lamfalussy Procedure, which allows many legislative alterations to be taken by the Commission in conjunction with EIOPA. If this flexibility is good news for the principle of democracy is another question.

Are there any significant differences between general corporate governance rules and the specific rules governing insurance companies?

The differences in legal governance requirements for insurers in comparison to other companies are vast. While other financial sectors, especially banking, are equally densely regulated, such is not true for other sectors, especially the real economy. The most pronounced example for this is the regulatory requirement to establish the four key functions, i.e. the independent risk management function, the compliance function, the actuarial function and the audit function, a requirement germane to the insurance (and banking) sector. Equally, the regulation on how and when outsourcing of relevant functions may be operated is not in the same way applied to undertakings of other sectors. Lastly, the ORSA procedure that insurance (and banking) undertakings must implement do not have an equivalent in other sectors.

Are there any laws or regulations already adopted or any proposals in your jurisdiction, relating to the qualification and composition of board directors in an insurance company? If so, please explain.

Concerning the composition of the executive board of Aktiengesellschaften sec. 76 subsec. 2 AktG only requires there to be one director or for companies with a corporate capital of more than 2 million Euros at least 2 directors (unless the articles of association provide otherwise). In this regard the four-eye-principle applies (only) in principle to the executive board. Companies may, however, choose there to be more directors. Most insurers make use of this option and partition the executive board in resorts. For the Versicherungsverein auf Gegenseitigkeit sec. 188 subsec. 1 phrase 1 VAG requires the executive board to consist of at least two persons (without exceptions). Concerning the supervisory board of an Aktiengesellschaft sec. 95 phrase 1 AktG requires there to be at least three members. The provision, however, affords the company the possibility to provide for more members under the condition that the number can be divided by three (the latter only applies where employment participation rules in the supervisory board apply) and that the number does not exceed certain maximum numbers in relation to the corporate capital; the absolute maximum is twenty-one members. For the supervisory board of Versicherungsvereine auf Gegenseitigkeit basically the same applies by virtue of sec. 189 subsec. 1 VAG, with the exception that only an absolute maximum number is set (i.e. twenty-one) and there are no relative maximums in relation to the size of the corporate capital and the number must always be dividable by three. Where employment participation regulation applies (i.e. more than 500 employees) the exact (minimal) number—and of course the nomination modalities—of members of the supervisory board are altered irrespective of the corporation form chosen.

As for the qualification of the members sec. 24 subsec. 1 VAG—setting the fit and proper-requirements—applies. This provision requires:

All Persons who effectively run the insurance undertaking or have other key functions must be personally proper and professionally fit. Professional fitness requires professional qualifications, knowledge and experience that enable a sound and prudent management of the undertaking. This requires appropriate theoretical and practical knowledge of the insurance business as well as, in the case of the transferal of executive functions, adequate management experience. Adequate management experience is in principle to be assumed, where a three-year employment in a managing function at an insurance undertaking of comparable size and line of business is proven. […]

This requirement is amended (and superseded) by the higher-ranking art. 273 of the European Solvency II Delegated Reg. which reads:

Insurance and reinsurance undertakings shall establish, implement and maintain documented policies and adequate procedures to ensure that all persons who effectively run the undertaking or have other key functions are at all times fit and proper within the meaning of Article 42 of Directive 2009/138/EC.

2. The assessment of whether a person is fit shall include an assessment of the person’s professional and formal qualifications, knowledge and relevant experience within the insurance sector, other financial sectors or other businesses and shall take into account the respective duties allocated to that person and, where relevant, the insurance, financial, accounting, actuarial and management skills of the person.

3. The assessment of whether members of the administrative, management or supervisory body are fit shall take account of the respective duties allocated to individual members to ensure appropriate diversity of qualifications, knowledge and relevant experience to ensure that the undertaking is managed and overseen in a professional manner.

4. The assessment of whether a person is proper shall include an assessment of that person’s honesty and financial soundness based on evidence regarding their character, personal behaviour and business conduct including any criminal, financial and supervisory aspects relevant for the purposes of the assessment.

These requirements are than further concretised on the supervisory level by the EIOPA Guidelines 11 and 12 of the Guidelines on System of Governance (EIOPA-BoS-14/253):

“Guideline 11—Fit requirements

Guideline 12—Proper requirement

On the national level the requirements are further concretised by BaFin’s MaGo-circular¹⁷ which for the fit and proper standard in turn declares applicable the Explanatory Leaflets on the Fitness and Propriety of executive and supervisory board members¹⁸. The latter set out in much detail the standard to be observed, the circumstances to be disclosed and evaluated, and the evaluation standard to be applied.

In your opinion, what factors, conditions, or incentives might weaken the independence of the board of directors or individual members of the board?

In light of their function, both executive and supervisory board’s members can never be fully independent. This follows out of the fact that they often are in a position to balance diverging interests of different stakeholders. An executive board member, for example, must take into account the shareholders’ interest of maximising profit while balancing this off against the policyholders’ interest of optimal protection (e.g. making especially prudent capital reservations for future insured events). For supervisory board members that serve as employee representatives this conflict is even more marked, since their main purpose of being is the adequate representation of the employees in the management—or rather the supervision of the management—of the undertaking. Such threats to the independence of the board members are, however, hedged by the (supervisory) law making these persons and the undertaking liable for the appropriate management of the undertaking and thus binding them to the supervisory goals. Since supervisory action would harm the interests of all stakeholders in a comparable manner, this conflict is to a certain degree neutralised.

Supervisory law, thus, focuses not on abstract threats to the independence out of the function of the board member, but on concrete circumstances out of the person of the member that endanger his or her independence. In this regard circumstances that call into question the independence of the board member in a permanent manner hinder their propriety and thus their execution of the function. Certain threats to the independence may, however, only require the disclosure (within the company) and appropriate actions through internal guidelines or other instruments to effectively contain the conflict of interest. As a rule, all personal circumstances or economic activities that are suitable to call into question the independent execution of his or her executive or supervisory function by the member are to be considered. Such a conflict of interest may, for example arise where members of the executive and the supervisory board are related to each other or to senior management or key function holders. If such hinders the execution of the function altogether is to be assessed on a case by case basis. It is furthermore in principle inadmissible—other for supervisory board members elected as representatives of the employees—for supervisory board members to be employees of the undertaking in question. Furthermore, the independence is for all members called into question if an undertaking of the member or one of his or her relatives has an economic relationship with the insurance undertaking in question that can be assessed as creating an economic dependence.¹⁹

One particular threat to independence that has caught the public’s interest since the financial crisis is the remuneration of board members (especially the variable part of the remuneration) and the execution of a multitude of board functions (in different undertakings). German law sets concrete limits (and requirements) for all these factors to contain the risk.

Regarding the remuneration of board members, secc. 87 and 113 AktG set concrete guidelines and limits for all Aktiengesellschaften (for publicly traded stock companies, the shareholder meeting may vote on the system of remuneration of the executive board members pursuant to sec. 120 subsec. 4 AktG). Per secc. 188 et seq. VAG these rules also apply to Versicherungsvereine auf Gegenseitigkeit. Other than these corporate law rules, German supervisory law provides for further requirements of the remuneration system for board members. Sec. 25 subsec. 1 VAG regulates the remuneration system to having to be appropriate, transparent, and aimed at a sustainable development of the undertaking. This does not imply a regulatory maximum for the remuneration, nor does it force the undertaking to remunerate its executive board members with a mixed, i.e. fixed and variable, salary, nor does this mean that the remuneration of supervisory board members cannot contain a variable component. This is for the most part a question of proportionality and it is for the undertaking to make certain, that the concrete remuneration system does not create false incentives. Where, however, variable components are used (and these variable components attain a certain amount) art. 275 Solvency II Delegated Reg. sets certain limits. In this case, said rule provides:

(a) where remuneration schemes include both fixed and variable components, such components shall be balanced so that the fixed or guaranteed component represents a sufficiently high proportion of the total remuneration to avoid employees being overly dependent on the variable components and to allow the undertaking to operate a fully flexible bonus policy, including the possibility of paying no variable component;

(b) where variable remuneration is performance-related, the total amount of the variable remuneration is based on a combination of the assessment of the performance of the individual and of the business unit concerned and of the overall result of the undertaking or the group to which the undertakings belongs;

(c) the payment of a substantial portion of the variable remuneration component, irrespective of the form in which it is to be paid, shall contain a flexible, deferred component that takes account of the nature and time horizon of the undertaking’s business: that deferral period shall not be less than three years and the period shall be correctly aligned with the nature of the business, its risks, and the activities of the employees in question.

How does an insurance company ensure that individual board members and the board collectively have enough knowledge to monitor and oversee the activities of the insurer appropriately, particularly where specific expertise is needed?

An appropriate corporate governance structure does not only include a cross supervision of particular function holders by each other (and the supervisory authority) but should (or under German law must) include a regular (annual) self-assessment of all board members. Out of the results of the self-assessment and the global assessment on the functioning of the boards and its members must also be established individual (and global) development plans. These plans should identify for individual members specific education measures that either aim at safeguarding their personal fitness or to establish the corporal fitness of the board in question in a particular area, where a deficit has been identified. In light that all board members are under a perpetual duty to undertake education measures to safeguard their fitness such can in principle be enforced by the undertaking (or as a last measure by the supervisory authority in threatening the removal of the particular member). In general, undertakings should, however, already in their nomination practices place importance on an appropriate composition of their boards, since it would e.g. be rather difficult for a member coming from another profession to build up in short time the necessary knowledge in financial and actuarial analysis.

Are there significant differences in terms of requirements and duties between executive and non-executive members of the board of directors of an insurer?

Under the German dualistic model, the management of the insurance company is the unencumbered prerogative of the executive board. The supervisory board’s duty and right is the supervision of the executive board’s management of the company in the past and the advisement of the same for the future without any executive function. Whilst the proper-requirement follows, pursuant to the understanding of the legislator, a uniform standard that applies in the same way to all persons submitted to supervision in the same way, such is not true for the fit-requirement. Here a function specific approach is followed. One marked divergence between executive and supervisory board members can be seen in sec. 24 subsec. 1 phrase 3 VAG which requires executive board members, in order to be fit, to have acquired appropriate management experience. Such is not requested from supervisory board members. In a more general sense, it is assumed that the requirement of fitness for the average supervisory board members must remain below the threshold for executive board members. Otherwise only executive board members of other undertakings or former executive board members would be eligible, which would undermine the legislative goal of diversity and heterogeneity within the board.²⁰

In your jurisdiction are there any black letter rules or general principles that enable directors to rely upon external opinions when addressing issues or aspects where specific expertise in needed?

German supervisory law provides for explicit rules, on how the outsourcing of (important) functions must be operated and supervised by the insurance undertaking; sec. 32 VAG, art. 274 Solvency II Delegated Reg., Guideline 14 of EIOPA Guidelines on the System of Governance (EIOPA-BoS-14/253); no. 13 MaGo-circular²¹. From this one can take that the performance of outsourced functions remains ultimately the responsibility of the executive board and it remains obligatory for the supervisory board to supervise that the outsourcing is properly administrated. It remains, however, a not decisively settled question (in the field of corporate liability law but also supervisory law) to what extent an outsourced function must be controlled (the same applies to the general question regarding the extent to which one may rely on the expertise of a third person). It is common ground that the board at least needs to exercise a feasibility control.²² Thus, blind trust would always be non-compliant behaviour. There is, however, a marked tendency to demand much more than a mere feasibility test. In the field of outsourcing in the insurance sector, for example, BaFin requires undertakings that wish to outsource important functions to (strongly) consider the creation of an outsourcing (key) function within their undertaking which would imply the employment of a person possessing the expertise to fully control the external provider of the outsourced function.

Describe the extent and scope of supervisors’/regulators’ intervention with reference to the qualifications and to the activities of the board of an insurer.

Are there any special rules and regimes applicable to the governance of subsidiaries belonging to an insurance group, also in terms of information flows?

The Solvency II-System also addresses regulatory requirements of insurance groups. These provisions address particular duties in all three pillars of Solvency II, i.e. quantitative, qualitative, and transparency requirements. Hence, there are also particular provisions requiring the creation of a group internal governance and information system, not only in relation to subsidiaries but to other related undertakings as well. The observance of these requirements is also especially supervised not only on a national level but through the so-called supervisory colleges in which the group supervisor (usually the national supervisor of the [main] participating insurer [parent]) and all national supervisors of related undertakings and EIOPA cooperate in the supervision of the group as a whole.

In your opinion, what is the biggest risk challenge (e.g. regulation, capital standard, pricing, interest rate, cyber, terrorism, etc.) facing the insurance industry today in your jurisdiction?

Whilst the evolution of regulation was often perceived as a burden, some insurers have come to realise that it has also served as a protection against competition from financial start-ups. It is, however, clear that this just postpones the inevitable. If one wants to pinpoint one risk that threatens all insurers equally it would probably be cyber in a large sense. In so far, it is for the insurance industry to prepare for the implications of big data, for the growing importance of alternative distribution channels, for the increased expectation of policyholders to communicate via numerous channels, for competition from new forms of risk transfer mechanisms and the like.

What specific laws or regulations, actual or pending in your jurisdiction, will present significant implementation risk challenge toward the insurance industry?

Insurance Supervisory Law in Germany (and in all of Europe) has experienced an unprecedented overhaul in the last few years. The transition from Solvency I to Solvency II is now, however, for the most part accomplished. Insofar there appear to be no further implementation risks (other than some detail problems, which were partly discussed in the present) hailing from insurance regulatory law. Whilst many of the recalibrations of the supervisory system appear to have been necessary, one should not forget that insurance undertakings engage in activities that are often very long-term in nature (esp. life insurance but [to a lesser degree] also health insurance and the like). In order to properly structure and price its products and plan its investments, the insurance industry is especially dependent on regulatory stability and predictability. Insofar one might hope for insurance regulation to enter a period of tranquillity, instead of the almost Trotskyite state of permanent revolution in which it remained in recent years. Insofar the biggest risk would be an overzealous and hasty attempt to prepare a transition to a future Solvency III-System. This is, however, not to say that regulatory projects from other areas of the law might not pose very noticeable challenges for the insurance industry, such is for example the case regarding the compliance with the reformed rules on data protection.²³

Please provide any concrete examples where business ethical standards and/or corporate social responsibility standards have been applied and have changed the behaviors of the insurance company.

Corporate social responsibility and ethical standards, focused on the individual undertaking, play a much less pronounced role in Germany than for example in the US. This is due to the fact, to give one example, that German employees enjoy a more complete protection and inclusion than their American counterparts. Constitutionally guaranteed union freedom, salary tariff practices, the right to form works councils and their participation rights, the employees’ representatives’ participation within the supervisory board and many employee protection provisions in German Employment Law (e.g. prolonged sick pay, long minimal vacation times, maximum work hours, restrictive termination protection, long maternity leave) force German (insurance) undertakings to safeguard a level of corporate responsibility that many of the most socially responsible American companies would not even consider. It is, thus, little surprising that German undertakings found it unnecessary to establish or underwrite specific corporate social responsibility standards. Nevertheless, there are today many, who have established such standards. But this especially applies to larger German undertakings which are active on a global level, who either wish to telegraph their high standards to the outside world or are under a legal obligation to do so, for being active in a country that requires such.

All of the above is, of course, not to say that German insurance undertakings in general do not follow certain ethical convictions but just that such are usually not standardised within the undertaking in the form of an ethical codex.

If one wants to give one example, where an ethical standard has influenced insurance behaviour in Germany’s insurance sector one could mention the Code of Conduct for the Distribution of Insurance Products prepared under the auspices of the German Insurance Association (GDV). One has to keep in mind that the German insurance industry has always relied heavily on independent insurance agents to distribute its products. Such a distribution system is especially prone to create problems in safeguarding the proper advisement, counselling, and information of potential policyholders. In the past, Germany suffered several minor and bigger scandals regarding improper incentives offered to insurance intermediaries and resulting systematic miscounselling of policyholders (especially regarding the transfer of cover [in life insurance]) against their own interest. Even though the established ethical standard for the distribution of cover did little more than reiterate what insurers were already obligated to do under insurance supervisory and insurance contract law, i.e. provide themselves proper council, advise and turn over all legally required information or make certain that the insurance intermediary fulfils their duty for them and its proper duty to counsel, advise, and turn over all legally required information. Nevertheless, the creation of this ethical standard helped to clarify the legal requirements and make many insurers look closer at their distribution system and alter it in favour of compliant or over-compliant behaviour.

A comparable influence may be attributed to the Code of Conduct for Data Protection (by Insurers) also established by GDV. This codex, in its changing iterations, has certainly aided in making insurers ready to the steadily increased standard of data protection exacted by law. Whether the standard ever required the underwriting member undertakings to grant a level of data protection that would turn them into market leaders of good practice remains, however, dubious. In view of previous practices—where insurers of the past very liberally exchanged information with each other concerning policyholders, with little regard to the policyholders’ interest—the codex must, nevertheless, be applauded for bringing insurance practice more into line with general legal standards.

In your jurisdiction, are there any specific laws or regulations already adopted or any proposals, or any arrangements in place in the governance system, relating to the protection of policyholders’ and/or financial consumers’ interests?

In a way the complete insurance supervisory law is aimed at the protection of the policyholder. Sec. 294 subsec. 1 VAG declares that the protection of policyholders and beneficiaries of insurance benefits is the main goal of supervision to be given prime importance by the supervisory authority. However, insurance supervisory law aims at the protection of the globality of policyholders and not the individual policyholder (or investor). Individual protection thus remains to be the domain of the ordinary courts, however, with the particularity that all financial sectors have created an Ombudsman procedure²⁴ that is intended to protect the individual (also, an aggrieved consumer may lodge a complaint with BaFin which may ease in the protection of said policyholder). Some governance supervisory requirements, furthermore, aim at bettering the position of the individual policyholder, for example by requiring all insurance undertakings to establish an appropriate internal complaint system. That notwithstanding policyholder protection remains to be afforded for the most part by the rules applicable to the insurance contract (right of withdrawal etc.).

In your jurisdiction, is an insurance company required to produce an annual Corporate Social Responsibility (CSR) report or a Global Sustainability Initiative (GSI) report? If so, what context needed to be disclosed in these reports?

The German legislator has transposed in the spring of 2017 the European CSR-directive (Corporate Social Responsibility Directive²⁵).²⁶ Pursuant to this rule, German insurers, though there are exceptions concerning the size of the insurer, must enrich the annual management report (Lagebericht) or group report (Konzernbericht) with a non-financial declaration or must create a separate non-financial report. The content of this non-financial declaration is first the business model (for insurance undertaking this is not a new requirement) and second at least the following aspects: environmental, social and employment matters, respect for human rights, as well as anti-corruption and bribery matters.²⁷

In your opinion, what mechanisms shall be in place or considered in an insurance company to ensure the transparency of its governance structure? (e.g., the articles of association, the organization chart, any existing committees, the major shareholders, the ethical standard, corporate social responsibility, etc.)

One rather important question is, how an insurance undertaking should make its governance structure transparent, which would at the same time also put the administration under self-induced pressure to respect the governance structure internally. Considering the rather rapid change that insurance regulation has exhibited in the last years, it appears rather problematic to provide for precise requirements for transparency of the governance structure in the articles of association. Such a line of action would rather require insurance undertakings to having to alter their articles in a very high frequency. Transparency should, thus, be safeguarded by other means such as certain inclusions concerning the governance structure and principles within supervisory and public reports and permanent disclosures on the website of the undertaking. As such it seems desirable, on the one hand—much of this is required by German law—, that the supervisor but also the public has permanent access to at least the key information on the undertaking and its governance. Such information should include (as a bare minimum) the articles of association, an organizational chart of the undertaking and the group structure—if it is included in one—, on the persons of function holders (requiring to disclose publicly all potential conflicts of interests that these persons need to disclose annually internally [and to the supervisor] seems to be rather overburdening), and the existing committee-structure. The choice to disclose precise information permanently to the public on their website concerning the major shareholders should be left to the undertaking (and the shareholder) unless a disclosure seems necessary pursuant to the amount of the share. To the supervisory authority, however, such disclosure must be made at least in Germany (and quite understandably so), since these major shareholders are also submitted to a fit and proper standard. If, on the other hand, insurance undertakings wish to make public the ethical standard or corporate social responsibility standards which they follow should be completely up to them, since the adherence to ethical or social standards, which are not enforced by the legislator by basing concrete enforceable legislation on them, should be outside the purview of the law. It should, thus, be for the undertaking to decide if it wishes to advertise with the fact that it holds itself to a higher standard than the law requires. If such disclosure is made, the nonadherence to such standards may (and should), however, have legal implications.

Are there any governance practices that, in your opinion, can best be achieved through disclosure rather than through specific supervisory requirements? Which governance practices should be mandatory for an insurance company?

As highlighted above, transparency and governance should not be seen as two exclusive but rather as two interlinked concepts. It is hence, on the one hand, a question of (good) governance to make certain that mandatory disclosures are properly made and what kind of voluntary disclosures are rendered public. On the other hand, an effective transparency policy can further the governance of the undertaking by positioning it in a favourable spot on the market. Nevertheless, the question remains if under certain circumstances it would not be better to require undertakings only to render public certain particular aspects of their governance rather than obliging the undertakings directly to structure the governance system in a certain way.

The question of how an undertaking is governed should, in every liberal society, in principle be the inviolable freedom of the director and in last instance of the owners of the undertaking. Thus, every regulatory system should err on the side of not requiring a certain kind of governance (except for setting general principles) but rather only requesting transparency of certain governance related facts. In reality, financial supervision, especially due to (perceived) negative developments in the banking sector, has taken another turn. Nevertheless, the rule should apply that the regulator should only provide for mandatory structural governance instruments if the intended (important) goal cannot be achieved by requiring the undertaking to disclose certain facts to the public. This, however, requires an informed public, since markets would only “punish” bad governance if they can perceive it. The legislative choice of what goals may be equally achieved by relying on a market corrective, thus depends on the market in question. The factors to be considered here are for example: Is there a sufficient amount of competition (allowing a policyholders to switch from badly governed to well governed insurers); are there appropriate consumer or policyholder protection associations; do (large) investors take into account bad governance, where such does not threaten the short- or medium-term returns on the investment but rather (exclusively) endangers policyholders’ rights in the long-run; is there a well-informed media coverage (with adequate financial expertise); and is the public at large sufficiently educated in financial matters and the management of an undertaking. In many instances experience has shown that a laissez-faire-approach, requiring only transparency, seems inapt to bring about an appropriate level of protection of policyholders in the insurance sector (even though these are often lessons transferred from the banking to the insurance sector). Such should, however, not be seen as carte blanche to legislators and supervisory authorities which remain under a constant duty to assess whether or not more leeway should be given to undertakings.

What is the interplay between market abuse regulations and other disclosure/transparency rules applicable to listed insurers and industry specific rules applicable only to insurance companies?

It is one of the main criticisms of the Solvency II-System that it does not address the interrelation between the insurance supervisory (transparency) requirements and those from other legal fields. Insofar an undertaking remains obligated to fulfil independently their disclosure duties under commercial, accounting and capital market law, which especially concerning quantitative requirements may imply transparency according to rather diverging accounting standards (e.g. HGB-accounting, IFRS, US-GAPP, Solvency II). In other areas, Solvency II has aimed at bringing its standards in line with other transparency requirements (e.g. market abuse transparency, money laundering, terrorist financing). Nevertheless, insurance undertakings will often be obligated to make different disclosures to different addressees.