On 4th April 2015 the Insurance & Surety Institutions Law, enacted in April 2013 on the initiative of Mexico’s National Insurance & Sureties Commission [Comisión Nacional de Seguros y Fianzas (CNSF)], came into force, with the aim of reinforcing insurance and sureties legislation with respect to their solvency, stability and security, in line with international standards and best practices.

One of the most interesting points of this law is the provision for those institutions wishing to determine their own solvency-capital requirements according to their risk exposure, which they then submit to the CNSF for the corresponding authorisation.

To achieve its purposes, the Law introduces some mechanisms to bolster corporate governance structures. Specifically, the third section “On institutions’ organisation and corporate governance” states that companies must have an efficient corporate governance system that ensures their activity is managed on a robust and sensible basis, with the Board of Directors taking responsibility for introducing and tracking oversight systems. Any scheme used must be organised in a transparent and appropriate manner, with a clear division of roles, as well as effective mechanisms to guarantee timely information transfer.

The policies and procedures implemented by companies for their corporate governance must bear in mind the following factors, among others:

• Their integrated risk management system will be handled by a specific company department and will manage information policies, strategies, processes and procedures necessary for measuring, controlling, mitigating and supervising the risks to which the firm may be exposed.
• The internal control function will, at least, design, implement and update measures and controls that assist compliance with the internal and external standards applicable to the institution.
• The internal audit function will be carried out by a specific area of the firm, and will periodically check that the policies and norms laid down by the board of directors are being appropriately implemented, as well as verify that the internal control system is operating correctly.
• The audit committee, which is a mandatory board committee and a consultative body for the board, will be in charge both of overseeing compliance with internal regulations and with the legal and administrative provisions that apply. It will be chaired by an independent board member and will consist of between three and five members.

The document also regulates other areas worth noting, in particular those relative to company boards: their responsibilities, composition and roles; how board members are appointed; powers that may not be delegated; intrinsic incompatibilities with the role of board member; definition of related parties; the duty to avoid situations which create conflicts of interest; the definition of the independent board member as someone who, as well as being removed from the firm’s executive management, has had at least five years of proven high-level decision-making experience, etc.

For these reasons, the introduction of the law has posed major challenges for insurance and sureties institutions. They have had two years since it was enacted to change their business management methods, renew their organisational culture and apply the changes at all levels, reforming their corporate governance systems, as well as adapting to and complying with the new requirements on solvency and reporting.