Solvency II

Solvency II (2009/138/EC), applicable to EU insurance and reinsurance undertakings since January 2016, establishes a risk-based capital adequacy framework structured around three pillars. Pillar 1 defines quantitative capital requirements: the Solvency Capital Requirement (SCR) — the amount of capital needed to ensure a 99.5% probability of not failing over a one-year period — and the Minimum Capital Requirement (MCR). Insurers can calculate the SCR using either EIOPA's Standard Formula or an approved Internal Model. Pillar 2 covers governance and risk management requirements: the Own Risk and Solvency Assessment (ORSA), the fit and proper requirements for key function holders, the actuarial function, and the risk management function. Pillar 3 covers supervisory reporting and public disclosure: quantitative reporting templates (QRTs) submitted to NCAs and the Solvency and Financial Condition Report (SFCR) published annually. The Solvency II Review (2021 delegated regulation amendments, 2023 directive amendments) introduced long-term equity investments, sustainability risk integration, and proportionality improvements for small/medium-sized insurers.

The technology implications of Solvency II are concentrated in actuarial modeling, data management, and regulatory reporting. SCR Standard Formula calculation involves modular risk modules (market risk, counterparty default risk, life underwriting risk, non-life underwriting risk, health underwriting risk, operational risk) with specified correlation matrices and shock parameters — computationally intensive calculations that must run over the full balance sheet and be recalculated at least quarterly. Internal Model approval requires demonstrating that the model is used in business decisions (the "use test"), that governance around the model is adequate (SR 11-7 equivalent governance), and that the model meets statistical quality, calibration, and validation tests defined in the Solvency II Directive. QRT reporting uses XBRL taxonomy (published by EIOPA) for submission to NCAs, with over 60 templates covering balance sheet, own funds, SCR, MCR, technical provisions, reinsurance, and investment data.

Solvency II creates significant data aggregation requirements. The technical provisions calculation under Article 77 requires best-estimate liability calculations using risk-free yield curves published by EIOPA (with adjustments for matching adjustment or volatility adjustment where approved) — the yield curve publication creates a hard dependency on EIOPA data delivery in the calculation cycle. For group-level supervision, Group Solvency II requires calculating consolidated SCR and MCR across the insurance group, with inter-company transaction elimination and group-specific diversification effects. Post-Brexit, UK Solvency II (PRA's retained version, currently under reform through the Solvency UK program) is diverging from the EU standard, creating dual-reporting obligations for insurance groups with UK and EU entities. The ORSA requirement — a forward-looking internal assessment of solvency needs under the insurer's own risk profile — requires scenario analysis capabilities that go beyond Standard Formula stress tests.

We build Solvency II calculation platforms with modular SCR Standard Formula engines parameterized to current EIOPA technical specifications, integrated with EIOPA risk-free rate curve data feeds for automatic yield curve updates at each reporting period. Our QRT reporting pipelines generate EIOPA XBRL-compliant submissions from actuarial calculation outputs, with automated validation against EIOPA validation rules before NCA submission. For Internal Model governance, we implement model risk management frameworks aligned to EIOPA's Internal Model pre-application process requirements, including model change policy automation and use test evidence documentation.

Compliance-Native Architecture Guide

Design principles and a structured checklist for building software that is compliant by default — not compliant by retrofit. Covers data architecture, access controls, audit trails, and vendor due diligence.