Integrity policy

Regulatory framework

  1. Solvency II Law: Articles 42, § 1, 5° (integrity policy) and 8° (whistleblowing), and 44 (role of the board of directors)
  2. Delegated Regulation 2015/35: Articles 258(5) (conflicts of interest) and 270 (integrity)
  3. Underlying thematic NBB Circular: /
  4. EIOPA Guidelines: /

Sound governance cannot be achieved through organisational structures, procedures and control mechanisms alone, but to a great extent rely on the commitment and dedication of all members of staff of the insurance company.

In this regard, the Law of 5 December 2017 amending the Solvency II Law reinforces the role of the board of directors as regards compliance risk management. In addition to establishing and supervising the integrity policy, the board of directors must annually provide the Bank with a report on the assessment of the proper functioning of the compliance function. In this way, the board of directors shall report on its responsibilities regarding compliance: in particular, it ensures that compliance risks are sufficiently detected and managed. Additionally, the Solvency II Law provides for the obligation for insurance companies to develop a whistleblowing system. 

9.1. Integrity policy

In accordance with the Solvency II Law, the board of directors shall establish the company’s integrity policy. This policy must contain the essential elements of the integrity rules the company imposes on itself. At least the following subjects should be covered:

  1. Company goals and values;
  2. Prevention of money laundering and terrorist financing (in case of life insurance activities);
  3. Conflicts of interest;
  4. Whistleblowing.

These different subjects must then be translated into thematic policies or internal procedures, as the case may be. This integrity policy must be updated periodically or whenever significant events occur that could influence the company’s compliance risk profile. The compliance function fulfils an important role in the updating of this policy.

It is important that the board of directors establish the strategic goals and business values of the insurance company, as well as the internal codes of conduct or formal rules, which determine how business is done in a spirit of integrity and engagement with the stakeholders of the company. These goals, values and codes are communicated and promoted throughout the company. For the application of these values, it is important that the management impose strict rules of conduct on itself and set the good example (tone at the top).

The internal rules of conduct cover subjects such as corruption, commercial gestures (voluntary bearing of costs for claims), accepting or giving gifts, undue self interest in transactions between staff and the company, and all sorts of other unethical or illegal conduct within the activities inside or outside the insurance company.

The insurance company must set up an appropriate organisation and procedures to find out whether or not the company’s members of staff are irreproachable. Apart from the usual checks at the time of recruitment, the insurance company must permanently take the necessary measures to supervise compliance by its staff with the legal and regulatory provisions relating to integrity and conduct.

9.3. Prevention of money laundering and terrorist financing

Insurance companies authorised to perform life insurance activities referred to in Annex II to the Solvency Law in Belgium are expected to incorporate the policy for the prevention of money laundering and terrorist financing (AML/CFTP) referred to in Article 8 of the Law of 18 September 2017 into the integrity policy. In the AML/CFTP policy, each insurance company concerned should mention the AML/CFTP related objectives it sets itself and the guidelines to be complied with in this area (two main parts: money laundering and terrorist financing risk management and customer acceptance). For more information, please refer to the AML/CFTP section of the Bank’s website.

9.4. Whistleblowing/whistleblower’s policy

Compliance with the company values and internal codes of conduct, and the effectiveness of the insurance company’s internal control, are promoted when there are channels available to staff to internally communicate, in good faith, legitimate concerns regarding significant breaches of these company values and codes or on the subject of unethical or illegal behaviour relating to aspects that are under the powers and supervision of the insurance company.

To that end, the insurance company shall provide for a procedure and information channel to directly or indirectly (ombudsman, compliance, internal audit) report complaints to the management outside the normal hierarchical channels. Bona fide whistleblowers shall be protected against direct or indirect disciplinary measures or decisions with equivalent effects. 

The proper functioning of the whistleblower policy relies on clear rules which clearly explain the subjects on which complaints may be lodged and what steps and escalation rules the procedure entails. The management shall ensure that the information provided by the whistleblowers is effectively investigated and that the necessary measures are taken to tackle irregularities.

The policy must be in line with the legislation on privacy and data protection (cf. the GDPR). Recommendations from the competent authorities on the subject can help the companies test their policies against these provisions.

9.5. Conflicts of interest

The business of an insurance company is characterised by the convergence of myriad interests, often in parallel but equally as often divergent or conflicting, which require an appropriate framework.

Conflicts of interest can, inter alia, exist between:

  • shareholders and the company;
  • directors and the company;
  • members of staff and the company;
  • the company and its clients, as a consequence of the business used and/or the different services and activities offered by the company;
  • clients between themselves;
  • the company and its parent undertaking, subsidiary or other affiliated enterprises in intra-group transactions.

The main objectives for the management of conflicts of interest should be specified in a conflicts of interest policy to be incorporated in the insurance company’s integrity policy. Furthermore, without prejudice to the application of the provisions of Articles 7:96, 7:115 and 7:117 of the CAC and 45bis of the Solvency II Law or other specific rules that apply, Delegated Regulation 2015/35 sets out that the company must have effective processes and procedures to prevent conflicts of interest and identify potential sources of conflicts of interest, and must establish procedures to tackle such conflicts.