1. Home /
  2. About us /
  3. CACEIS Insights /
  4. Is DNB’s FIRM risk model in compliance...

Is DNB’s FIRM risk model in compliance with IORP II?

IORP II, the EU directive that comes into force on 19 January 2019, explicitly identifies a number of risk areas European pension schemes must manage. Until now, Dutch legislation did not enforce pension schemes to demonstrate they are in control of certain risk areas. However, pension schemes often used DNB's FIRM risk model as a framework for risk management. IORP II will introduce the admittance of risk areas into Dutch legislation. Will the admittance of IORP II’s risk areas into Dutch legislation affect schemes’ current risk management?

29 Nov 2018

Share on  

The risk areas under IORP II

IORP II identifies several risks that pension schemes should manage, where the risks apply for the pension scheme. Legislation has included the IORP II risks in the draft version of art. 18 of the Decree on the financial assessment framework for pension funds (Decree ‘Ftk’, financieel toetsingskader pensioenfondsen). These are risks that can occur in the following areas:

  • engaging in pension commitments and building up reserves;
  • coordinated assets and liability management (ALM);
  • managing investments, particularly of derivatives, securitisations and similar commitments;
  • managing liquidity and concentration risk;
  • operational risk management;
  • insurance and other risk mitigation techniques;
  • inclusion of environment and climate, human rights and social relations into the investment portfolio and management of the portfolio (ESG - environment, social, governance).

Current risk management - FIRM

Until now, risk areas were not explicitly defined in Dutch legislation. However, to improve supervision, the Dutch Central Bank (DNB) set up a risk framework for financial institutions. In 2005 DNB drew up the Financial Institutions Risk Analysis Method (FIRM), a now widely used framework in the financial sector in the Netherlands, including by many pension funds. FIRM distinguishes 10 risk areas, consisting of 4 financial risks and 6 non-financial risks. The four financial risks are: matching/interest rate risk, market risk, credit risk and insurance risk. The six non-financial risks are environmental risk, operational risk, outsourcing risk, IT risk, integrity risk and legal risk.

FIRM compared to the IORP II risk areas

In order to examine whether the new legislation will lead to changes in pension funds’ current risk management, we compare the FIRM risk areas with the IORP II risk areas in the table below.

Table 1 IORP II and DNB FIRM risk terrain

Pension obligations and forming reserves - Insurance related risks (long life risk, short life risk, incapacity to work risk)
Asset & Liability Management (ALM) - Matching-/interest risk (interest exposure, inflation risk, currency exposure)
Investments, mainly in derivatives, securitisations and
similar commitments
- Market risk (price risk, liquidity risk, concentration risk)
- Credit risk
Liquidity and concentration risks - Market risk (price risk, liquidity risk, concentration risk)
Operational risks - Integrity risk 
- Operational Risk
- Outsourcing risk
- IT risk 
- Environmental risk
- Legal risk
Insurance and other risk mitigation techniques - Market risk (price risk, liquidity risk, concentration risk)
- Legal risk
Environment and climate, human rights and social
relations (ESG)

This table shows that the FIRM risk framework is more comprehensive and detailed than most aspects of the IORP II risk areas. Pension funds that currently use the FIRM risk framework for their risk management will be in compliance with risk management that IORP II prescribes. The pension scheme only need to add ESG risk management to stay compliant under the new directive. DNB expects that as of January 2019, pension schemes will have identified all risks under the guideline. Pension schemes can give further shape to the exact implementation of risk management throughout 2019.

Identifying and determining ESG risks is one thing, but how to set up ESG risk management? In the next blog we will discuss ESG risk management in further detail. If you would like to talk about ESG risk management or other IORP risks before that time, please contact us.

Stay connected, we keep you up-to-date

Monique Jager-Smeets

More on ESG risk management?

Monique Jager-Smeets

+31 (0)20 5572402