Skip to content

(Re)insurers prepare for tighter boardroom governance rules

With new rules on the governance of insurance company boards coming into force from the end of this month, Paul Péporté and Helena Finn outline the main changes.

The new CAA Circular Letter 22/15 (CL22/15) relating to the board of directors of (re)insurance companies, containing rules i.a. on the composition, operation and responsibilities of the boards of insurance and reinsurance companies will take effect at the end of this month with further rules coming into force in March 2023.

CL22/15, focuses on members of the board of directors (or such other relevant parties) depending on the type of structure of the relevant company – such as the supervisory board), rather than the authorised management. The new provisions apply to insurance and reinsurance companies, as well as holding companies heading a group that falls under the supervision of the CAA. 

CL 22/15 builds on existing rules on the governance of (re)insurance companies put in place to ensure companies have sound and prudent management, have a transparent organisational structure with management duties and responsibilities clearly allocated, as required by the Solvency II directive.

Some companies will be excluded from CL22/15: captive insurance and reinsurance companies and non-captive reinsurance companies with gross annual premiums of less than €100m.

CL22/15 aligns with CAA Circular 21/12 relating to key functions defined by Solvency II, which provided for specific rules relating to the appointment of key function holders, their independence and competence and notifications to the CAA.

Board composition and qualification 

The circular sets out rules on the composition and qualification of the board which apply both collectively to the board as a whole and individually. 

For instance, at a collective level, CL22/15 specifies that the board should have sufficient members (at least three) to supervise the business in a professional manner. The board should also be made up of people who have the right knowledge, skills and experience to reflect the nature and complexity of the business. Directors should have knowledge of specific sectors and an excellent understanding of the business, including its risk profile, strategy and business model. 

Individually, directors should have the necessary professional qualifications and skills to carry out their supervisory role and be sure that their mandate is compatible with other roles he or she might have, making sure that they are available when needed and free from conflicts of interest. 

CL22/15 also provides specific rules relating to the independence of the Board, requiring the number of executive directors to remain below the number of non-executive directors (both terms being expressly defined by CL22/15). The CL22/15 provides for an express requirement for insurance and reinsurance companies considered as “public interest entities” [1] under the supervision of the CAA to appoint at least one independent director. The concept of independent director is expressly defined by the CAA in its circular. 

Compliance with these principles must be documented by the board.

Notification rather than approval

The CL22/15 helpfully specifies that the CAA does not approve the appointment of directors to boards, as is the case with regulators of some other financial institutions, but it does require companies to notify it of any changes, doing so in a timely manner.

Under the new guidance, companies must indeed notify the CAA of any change in the composition of the board within a maximum of four weeks of the change and companies are given the option of notifying the regulator in advance of any new appointment being made.

When a director leaves the board, for whatever reason, the CAA must be informed within a maximum of two weeks.

Although the CAA does not approve appointments, it will assess the composition of the board on a regular basis.

Functioning of the board and refocussing on Luxembourg

Although the CL22/15 provides that each board must define its own way of functioning, one key provision of the new guidance – and perhaps one of the most challenging for some multinational insurers – is the stipulation that the majority of board meetings must be held in Luxembourg. Companies must also avoid having recourse to proxies and circular resolutions, in order to maintain a culture of informed discussion, collegiality, independence and diversification of qualities and competences. 

In Luxembourg, many insurance and re-insurance companies have either headquartered in Luxembourg or set up a hub here to serve both the local market and other member states, using the EU’s passporting mechanism.

During the Covid pandemic, many board meetings took place virtually with directors, unable to travel, meeting by conference call instead, in line with specific – and temporary – rules that were provided during the pandemic. 

With CL22/15, t4e CAA is reminding companies that it wants to see decisions taken in Luxembourg in face-to-face board meetings, thus ensuring that the entity’s central administration is effectively in Luxembourg. From a practical perspective, if the board meets four times a year, three of those must be in person, and in Luxembourg. We expect that the CAA will be increasing checks to make sure this happens.

This is also in line with the increased scrutiny of the substance of entities operating in the (re)insurance sector, evidenced in particular in the EIOPA’s recent public consultation relating to a draft supervisory statement on the use of governance arrangements in third countries, where EIOPA underlines “the need for insurance undertakings to not display the characteristics of an empty shell company, and instead demonstrate an appropriate level of corporate substance, including the presence of key decision-makers, function holders and staff to an extent proportionate to the nature, scale and complexity of the entity’s business in the European Economic Area (EEA)” [2].

Specific duties

As well as organising and regularly documenting the company’s governance system, the board’s specific duties are written out in the circular.

These duties include appointing authorised managers, key functions holders, the person responsible for compliance with the professional obligations relating to anti-money laundering and financing or terrorism and the person responsible for the distribution of insurance and re-insurance products.

Once again, the CAA must be notified of these appointments and, although the regulator will not approve the appointments, the CAA may oppose them if the person is considered unfit to carry out his or her duties. Specific rules relating to the appointment of key function holders are provided for in CL21/12. 

More general boardroom duties include a specific role for responsibility of certain matters, such as the Own Risk and Solvency Assessments (ORSA) and the solvency and financial condition report (SFCR).

The Board must also stay informed pertaining to the reputation and financial strength of shareholders and associate businesses with a qualifying holding in the company, as part of its responsibility to ensure the overall company is managed in a sound and prudent way. The CAA must be immediately informed if evidence of a potential reputational risk arises for the company or its subsidiaries.


The provisions of CL22/15 take effect at different times. 

The rules about notifying the CCA of board appointments or departures take effect as of September 30, 2022. Other provisions, including those on the composition of boards and documenting internal assessments of the governance system, will apply from March 31, 2023.

Although the demand that most board meetings are held in Luxembourg may prove problematic for some, other provisions, such as the need simply to notify the CAA of board changes rather than seek its approval, actually represent a simplification of procedures.

While the new rules will require a greater amount of documentation and in drawing up what is a consistent approach to regulating the sector, we would expect that the CAA will carry out the necessary verifications to ensure that companies are compliant.



1i.e. all insurance and reinsurance companies excluding mutual undertakings, organisations providing benefits in the event of death, reinsurance undertakings closing their activities, pension funds referred to in point (14) of Article 32(1) of the law of 7 December 2015 on the insurance sector, as amended (the LIS), captive insurance undertakings referred to in point (8) of Article 43 and captive reinsurance undertakings referred to in point (9) of Article 43 of the LIS.


Related expertise