Product development under the IDD1 and in the BGfo
Since the implementation of the Financial Markets Amendment Decree 2013 on January 1, 2013, specific rules regarding product development apply to certain financial enterprises in the Netherlands. This marked a pioneering step for the country. However, the introduction of the Insurance Distribution Directive (IDD) signals the end of this unique position, as uniform rules for product development will now be applicable across all European Union member states. The IDD mandates compliance with European regulations on product supervision and governance for developers of insurance products. These regulations are further detailed in a delegated regulation, distinguishing between ‘developers’ and ‘distributors.’ In this contribution, we explore the regulations applicable to developers and identify several practical scenarios that require additional attention.
- Product Developers
The current Dutch regulations regarding product development, as laid out in Article 32 of the Financial Supervision Act (Besluit Gedragstoezicht financiële ondernemingen Wft or BGfo), apply to various financial enterprises and a variety of financial products. In both cases, it involves a collective concept. Therefore, Article 32 BGfo is not only applicable to financial service providers5 offering, advising on, mediating in, or acting as (sub)authorized agents for insurance but also to other financial enterprises and financial products other than insurance. The rules outlined in Article 25 IDD and the delegated regulation regarding Product Oversight and Governance Requirements (‘POG requirements’), on the other hand, exclusively pertain to insurers and insurance intermediaries developing insurance products for sale to customers. The (sub)authorized agent, as known in the Netherlands, is – unlike a managing general.
No insurance intermediary, so Article 25 IDD and the delegated regulation do not apply to this financial service provider. A European regulation has direct effect. This means that it does not need to be transposed into national laws and regulations but applies directly and takes precedence over national law. In the context of the IDD, this entails that the provisions of the regulation must be complied with by insurance distributors, and the Financial Markets Authority (AFM) must ensure that this is indeed the case. The provisions of Article 25 IDD should be seen as an elaboration of Article 41(1) of the Solvency II Directive8, according to which insurers must have an effective governance system ensuring sound and prudent management.
Under the IDD regime, an insurer is a ‘developer’ – except when advising and/or mediating in an insurance product developed by another insurer or by an insurance intermediary. In that case, the other insurer or the insurance intermediary is.
When an insurer is not only a developer but also a distributor of an insurance product, only the POG requirements apply to them. If they distribute an insurance product not developed by them, they only need to comply with the rules applicable to the distribution of insurance products. From Article 3 of the delegated regulation, it can be inferred that an insurance intermediary is not easily considered a developer. According to Article 3(1), this is only the case when a general analysis of their activities reveals that they play a role in the decision-making about the design and development of an insurance product for the market. This is particularly true, as indicated in Article 3(2), when they autonomously determine essential features and significant components of an insurance product – including coverage, price, costs, risk, target market, and entitlement to benefits – that are not significantly altered by the risk-bearing insurer.
Article 3(4) of the delegated regulation addresses the situation where both an insurer and an insurance intermediary are developers. In such cases, they must document in a written agreement, signed by both parties, how they fulfill the POG requirements, the procedures they agree upon for defining the target market, and each party’s role in the product approval process.
In its extensive 837-page (!) final report responding to feedback on its consultation document, EIOPA delves into the question of when an insurance intermediary can be considered a developer. The starting point is that this is the case when the insurance intermediary plays a decisive role in designing and developing insurance products. Based on examples provided in the final report, it can be determined whether or not there is a decisive role.
The POG Requirements: According to Article 25(1) of the IDD, developers of insurance products intended for sale to customers are subject to six requirements, further detailed in the delegated regulation. These POG requirements, however, do not apply when personalizing and adapting existing insurance products for individual customers or when developing bespoke contracts at the request of an individual customer. According to Article 3(3) of the delegated regulation, this is not considered product development.
2.1. Product Approval Process: Article 25(1) of the IDD and Article 4(1) of the delegated regulation require developers to have a product approval process for newly developed insurance products and significant modifications to existing insurance products and to apply and evaluate this process. If they outsource the design of insurance products, they remain fully responsible for compliance with the product approval process, as stipulated in Article 3(5) of the delegated regulation.
The product approval process must be documented in a policy document accessible to all employees involved in product development.
Two requirements apply to the product approval process. The first requirement is the implementation of measures and procedures related to designing, monitoring, evaluating, and distributing insurance products. These measures and procedures must align with the complexity and risks of the products, as well as the nature, scale, and complexity of the developer’s business activities. The second requirement is that the product development process must allow for corrections if an insurance product proves detrimental to customers. The product approval process, documented in a policy document, must be accessible to all employees involved in product development. The product approval process serves a multi-faceted purpose:
(i) considering the objectives, interests, and characteristics of customers,
(ii) ensuring customers are not harmed,
(iii) preventing or limiting harm to customers, and
(iv) handling potential conflicts of interest with care.
The product approval process must be approved by the entity responsible for product development at the developer – ultimately, this is the statutory board of directors. This entity holds ultimate responsibility for establishing, implementing, and evaluating the product approval process and must continuously ensure its adherence. Developers must possess a valid and up-to-date product approval process, regularly evaluating and adjusting it as needed.
Determining the target market involves considering the characteristics, risk profile, complexity, and nature of the insurance product. Insurance products introduced to the market must align with the needs, characteristics, and objectives of customers within the target market. Whether this is the case must be assessed by the developer based on the extent of (i) availability of information for customers in this target market and (ii) financial literacy of these customers. A developer can also determine for which customer groups a product is not suitable. Developers must consider the wide variety of insurance products, including mandatory and complex ones such as those with an investment component. According to EIOPA, no insurance product has a mass market; therefore, describing the target market requires a high level of detail.12 To understand insurance products brought to the market and the interests, objectives, and characteristics of customers within the target market, employees of developers involved in designing and developing insurance products must have the necessary skills, knowledge, and expertise.
2.3. Product Testing
Article 6(1) of the delegated regulation mandates product developers to appropriately test the insurance products they bring to the market. The definition of what constitutes an appropriate test is outlined in EIOPA 17/048, p. 18-20. For existing insurance products, a product test is required before a significant modification is made to an insurance product or if the target market undergoes a significant change. To the extent relevant, especially for insurance products with an investment component, this involves conducting scenario analyses. An insurance product must meet the established needs, objectives, and characteristics of the target market throughout its entire duration. The qualitative and – depending on the type and nature of the insurance product and the associated risk of harm to customers – quantitative product test examines whether this is the case. According to Article 6(2) of the delegated regulation, developers are prohibited from bringing an insurance product to the market. The prohibition applies if the test results indicate that the product is not aligned with the established interests, objectives, and characteristics of the target market. This applies to both new products and significantly modified versions of existing products. There are no regulations specifying how existing products should be handled in the case of a significant change in the target market.
2.4. Monitoring and Evaluation
An important obligation for a developer is the continuous monitoring of the insurance products they bring to the market and regularly evaluating them. A developer can determine the evaluation interval themselves, taking into account the size, scale, contractual duration, and complexity of the insurance products, as well as the distribution channels used for them. Relevant external factors, such as changes in applicable legal regulations, technological developments, and shifts in the market situation, must also be considered.
A developer must prioritize the customer and act proactively. The evaluation aims to identify events that could significantly impact the key features, risk coverage, or guarantees of those products. Through this monitoring and evaluation, a developer can – and must – ensure that their insurance products continue to meet the needs, characteristics, and objectives of the target market. Additionally, they must ascertain whether these products are only reaching customers within the target market or are also reaching those outside it. A developer must prioritize the customer and act proactively. This is reflected in Article 7(3) of the delegated regulation. If a developer identifies a situation regarding an insurance product that could have adverse consequences for customers, they must take appropriate measures to remedy the situation and prevent its recurrence. Furthermore, there is a transparency obligation: in such a case, the developer must promptly inform the relevant insurance distributors and customers of the measures taken.
2.5. Distribution
A developer must, considering the specific characteristics of their insurance products, carefully choose suitable distribution channels for the target market. Regarding the chosen insurance distributors, the developer has an information obligation: they must provide them with all appropriate information about the respective insurance products, the target market, and the distribution strategy. The developer must also inform them about the key features and characteristics of the insurance products, the risks and costs, including implicit costs, of these products, as well as the circumstances that could lead to an adverse conflict of interest for the customer. The information provided must be clear, complete, and up-to-date. The obtained information should enable insurance distributors to (i) understand the insurance products, (ii) gain insight into the established target market for these products, (iii) determine for which customers these products are not suitable based on their needs, characteristics, and objectives, and (iv) act in the best interest of their customers. Additionally, developers have an obligation to ensure that insurance distributors adhere to their product approval process. This entails the developer regularly verifying whether the respective insurance products are being distributed in the designated target market. If a distributor, in the developer’s judgment, does not act in accordance with the goals of their product approval process regarding these products, the developer must intervene. In such a case, they are required to take appropriate, unspecified measures.
- Implementation
The Implementation Decision of the Insurance Distribution Directive (‘Implementation Decision’) provides for the implementation of IDD articles not implemented by the Implementation Act13, including Article 25 IDD. At the time of writing this contribution, the Implementation Decision had not been published. Therefore, the following is based on the consultation document and the clarifications mentioned in the consultation report, to be included in the explanatory memorandum. Article 32 BGfo does not only concern insurance products. It applies to various financial enterprises offering or assembling their financial products and making them available in the market. According to the explanation14 of this article, assembly is usually done by intermediaries. The legislator gives an example: “the situation where the intermediary assembles a product from two or more financial products and makes this product available in the market to a consumer or client. This involves, for example, intermediaries who combine a mortgage credit with a financial product used to cover that credit, such as life insurance, and present it as a product.” Regardless of whether combining different financial products from different providers can be considered product development under the IDD, the given example is a form of tied selling. Indeed, according to Article 24(1) IDD, this occurs when an insurance product is offered as part of a package along with an ancillary product (mortgage credit) that is not insurance. The financial enterprises referred to in Article 32 BGfo must, according to Article 32(1) BGfo, have adequate procedures and measures ensuring that the development of these products takes into account the interests of customers and any beneficiaries in a balanced manner, and that the product demonstrably results from this weighing of interests. Articles 32(2), 32(3), and 32(4) BGfo contain detailed provisions regarding product development and the applicable procedures and measures. According to the Implementation Decision, two adjustments are made to Article 32 BGfo. In Article 32(8) BGfo, the financial enterprises mentioned therein that fall outside the scope of Article 32 BGfo are added: financial service providers15 offering or assembling insurance for large risks and making them available in the market. The explanation indicates that this is done to implement Article 25(4) IDD. Additionally, a new paragraph 9 is added, stating: “In the application of this article, financial service providers offering or assembling insurance and making them available in the market shall comply with the rules laid down in Article 25(2) of the Insurance Distribution Directive.
Article 25(2) IDD is a delegation provision that contains the legal basis for establishing the delegated regulation on product oversight and governance. This new provision in BGfo is not explained. It seems to be a complicated way of indicating that the POG requirements and other provisions of the directly applicable delegated regulation must be complied with by developers, including qualifying insurance intermediaries acting as developers. Moreover, the consultation version of the Implementation Decision does not add this delegated regulation to the Decision on the implementation of EU financial markets regulations16, but it does include the delegated regulation (EU) 2017/2359 (rules for insurance-based investment products). However, according to the consultation report, all articles related to the product development process from the delegated regulation will still be separately punishable in this Decision. Furthermore, a new Article 32e is introduced in the BGfo. The new Article 32e(1) BGfo imposes an information obligation on financial service providers offering or assembling insurance and making it available in the market. They must inform advisors, insurance intermediaries, and (sub)authorized agents distributing this insurance about the characteristics of the insurance, the procedures and measures referred to in Article 32(1) and (2) BGfo, the target group, and the applicable distribution strategy. This information obligation applies not only, as in Article 25 IDD, to developers and insurance intermediaries identified as developers, but to all financial service providers17. For insurers, it is not always clear how the division of roles within the organization should be and what should be understood by the product approval process. Article 32e(3) BGfo resembles the added Article 32(9) to Article 32 BGfo, although this provision also applies to all financial service providers – regardless of whether they offer or assemble insurance and make it available in the market. According to Article 32e(4) BGfo, Article 32e BGfo does not apply to financial service providers distributing insurance for large risks.
- Practice
The IDD regime, and more specifically the POG requirements, should bring about few changes in practice. This is because the Dutch legislator, based on the consultation version of the Implementation Decision, apparently assumes that Article 32 BGfo already reflects the IDD rules on product oversight and governance. It remains questionable whether this is the case, partly due to the unclear purpose of the added paragraph 9 and partly because of how the product approval process has been implemented by insurers. For insurers, the division of roles within the organization and the understanding of the product approval process are not always clear. In many cases, there is uncertainty about the latter.
There is a contamination issue: the product approval process has often become a catch-all for processes that are tangentially related to product development but do not necessarily consider the interests of customers. This includes portfolio management, return analyses, and market studies.
4.1. Design
A developer must have a adequately designed product approval process. It is not only important that a process is in place, but also that it is fully integrated into the developer’s organizational structure. While the product approval process is exclusively the domain of employees involved in the development of a product and/or the determination of a target group or distribution channel, everyone working in or for the developer’s company must be aware of the nature of the products, the target audiences they are intended for, and the distribution methods. Employees involved in the product development process should be able to easily and accessibly use internal tools to determine how and when a product qualifies for regular reassessment and when there is a need for an interim reassessment. This requires them to respond promptly to market developments, technological advancements, and changes in laws and regulations. Additionally, thinking from the customer’s perspective, including every user of a product developed by the developer, should be prominently present in the DNA of these individuals.
4.2. Product Testing
The prescribed product tests consist of scenario analyses and product comparisons. Insurers generally handle this well, at least for new products. They have clearly defined test plans, and prior to the introduction of a new product or substantial modification of an existing product, they conduct user and/or acceptance tests. This is generally not the case for insurance intermediaries qualifying as developers. In a scenario analysis, predefined situations in which a customer needs or can make a claim on their insurance are considered. It is verified whether the product performs its intended functions, if the customer has all product information, and if they can find this information, etc. Product tests for existing products are usually conducted during system changes or product adjustments, which may result in certain products being reassessed only after a long time or not at all. Therefore, it is preferable to establish an assessment cycle for each new and existing product, where the length of the cycle depends on the nature of the product and the target audience. If the developer does not act as a distributor of a product they developed, it is important to test whether the scenarios at the distributor have the intended impact as envisioned by the developer. In this case, it is also important that the developer is informed by the respective distributors about their experiences with the distribution and suggestions for potential product or target group adjustments. The developer should not wait to be spontaneously informed but should actively seek periodic updates from the distributors – per product!
4.3. Assessment Criteria
The AFM will undoubtedly provide further details on how, in its view, developers should operate under the IDD regime. For now, it suffices to act in accordance with the assessment frameworks previously published by the AFM regarding both processes and products. This involves using the framework for processes and the framework for products. Products should be assessed based on the so-called KNVB criteria, of which the supervisory authority states: “The AFM considers it important that insurers independently assess their products against the criteria of cost-effectiveness, usefulness, safety, and comprehensibility. This is to prevent products from entering (or remaining in) the market that do not sufficiently prioritize the customer’s interests.” Additionally, for pension insurers, there is an extra criterion: the product must remain suitable for the target audience. To determine the target audience for payment protectors, the AFM has provided guidelines that are generally applicable. “The description of the target audience should clarify the product’s objective and for which target audience the product is suitable. As part of this, it must also be determined which target audience is unsuitable for the product. If the product has specific features (unique selling points), this becomes even more important. Specific features often narrow down the target audience, making the product less suitable for certain consumers.”
4.4. Non-Selling Products
Non-selling products require special attention from developers. These non-selling products often pose a significant risk to an insurer. This is especially true if the characteristics of these products are no longer in line with comparable products in the active product portfolio, if these products are no longer suitable for the target audience to which these customers belonged, or if these products no longer align with the goals or needs of customers in a particular segment. The product approval process includes clearly defined (periodic) evaluation moments for active products, either based on the passage of time or a specific trigger. The question is whether this ongoing product evaluation is also well-established for non-selling products. In any case, it is advisable to regularly assess these products against the KNVB criteria. If a non-selling product does not meet one or more of these criteria or is no longer aligned with the financial needs of the target audience, the developer must take action. They can modify the non-selling product or propose replacing it with a fitting current product. If the developer is an insurer, they may choose to transfer non-selling products to a party not qualifying as a developer or not subject to the IDD regime, which will handle the runoff of these products.