A Company must have effective Control Functions with the necessary independence, authority and resources covering Risk Management, internal audit, compliance and actuarial. The effectiveness of the Control Functions must be assessed periodically by the Board.
2.
The existence of a control function does not relieve the Board and Senior Management of their responsibilities.
3.
Control functions must be well resourced, with qualified staff who must receive regular training relevant to their roles.
4.
Control Functions must an have appropriate level of authority. The head of the control function must not participate in operational business responsibilities, such as underwriting, investment, reinsurance, sales or accounting.
5.
The head of each control function must have access to the Board or the Board risk and/or audit committees and must submit periodic reports on the matters determined by the Board. The head of each control function must be able to meet regularly with the chair of any relevant Board committee without the presence of management.
6.
Duties of the Board related to Control Functions include:
a.
The Board must approve and document the authority and responsibilities of Control Functions, which must be reviewed periodically based on the recommendation of each Control Function.
b.
The Board or the relevant Board committee must approve the appointment, dismissal, compensation, performance and any disciplinary action taken against the heads of Control Functions.
c.
The Company must not dismiss the heads of Control Functions without first obtaining the no-objection of the Central Bank.
7.
Compensation of employees in the Control Functions must be determined independently of the performance of the Company.
8.
Control Functions must avoid Conflicts of Interest. Where any conflicts remain and cannot be resolved with Senior Management, these must be brought to the attention of the Board for resolution.