Hong Kong Risk-Based Capital (RBC) Roadmap

Key steps and considerations for implementing the Hong Kong Insurance Authority’s incoming capital framework

Hong Kong’s Insurance Authority (IA) is currently developing HK RBC, a risk-based capital regime that is consistent with core principles issued by the International Association of Insurance Supervisors (IAIS). Under this regime, the capital requirements of licensed insurers will be determined based on the level of risk faced by the insurer. Once in effect, HK RBC will significantly transform the current capital framework defined in the Hong Kong Insurance Ordinance (HKIO).

Similar to requirements globally (e.g. Solvency II and IAIS Insurance Capital Standards (ICS)), HK RBC is a three-pillar approach which covers:

  • Pillar I - quantitative capital requirements
  • Pillar II - qualitative enterprise risk management (ERM) and own-risk and solvency assessment (ORSA)
  • Pillar III - reporting and disclosure

Playback of this video is not currently available


RBC is on the horizon: it’s time to get prepared

Playback of this video is not currently available


Revisions to Inland Revenue Ordinance

With the rollout of the regime fast approaching, insurers should begin their preparations early. This new regulation will bring about large-scale changes to how organisations view and operate risk management functions, requiring material changes across insurance and business functions. Our RBC Roadmap provides a holistic view of the path towards implementation and the critical considerations along the way. Our roadmap views HK RBC as a transformation journey towards not only compliance, but also establishing value-creating risk management. 





Phase 1: Strategise and assess

Insurers will need to prepare their risk management function holistically to face new regulatory and market challenges. 
Phase 1: Strategise and assess

Design the risk management function of the future

  • Move beyond a “tick-the-box” attitude and invest in the risk function
  • Ensure the involvement of the Board and senior management
  • Define the role of the ORSA

Develop and update policies and strategies

  • Understand and interpret the requirements
  • Identify the documentation needed and fill the gaps
  • Enhance or develop the Risk Appetite Statement




Develop models

  • Refine cash flow (CF) models
  • Capital projection models for use in the ORSA (that are also able to quantify the impact of stressed scenarios)
  • Margin over current estimate (MOCE)
  • Capital requirements – prescribed capital requirement (PCR) and minimum capital requirement (MCR)

Improve data flow and quality

  • Identify sources for missing data
  • Make available data with sufficient granularity
  • Automate data collection and transfer, build data hub(s) if needed

Phase 2: Design and develop

Data and information are keys to enhancing risk management. Insurers should look to augment data capabilities and create intelligent models to produce insights. 
Phase 2: Design and develop




Phase 3: Implement and improve

As the IA asks more of insurers, it is critical to implement a risk management framework that takes into account not only processes and controls, but also reporting requirements and emerging risks.
Phase 3: Implement and improve

Improve risk management processes

  • Design and implement effective risk management processes, including controls
  • Document processes, roles and responsibilities

Develop reporting capabilities

  • Satisfy regulatory reporting requirements
  • Design a robust process for producing the ORSA
  • Improve internal reporting

Evolve and adapt

  • React to emerging risks
  • Optimise risk management
  • Build a strong risk management culture




Digitise your risk management function

  • Automation of risk and compliance processes
  • Automated controls and reconciliations
  • Invest in InsurTech and RegTech to improve efficiency and quality
  • Develop risk management dashboards

Phase 4: Digitise, operate and review

Using technology to proactively manage risk management efforts can transform an insurer’s risk and control environment. Governance, risk and compliance (GRC) technology can help eliminate duplication of effort and increase efficiency in risk management, monitoring, and oversight.


{{contentList.dataService.numberHits}} {{contentList.dataService.numberHits == 1 ? 'result' : 'results'}}

Contact us

Billy Wong

Billy Wong

Hong Kong Insurance Leader, PwC Hong Kong

Tel: +[852] 2289 1259

Nigel Knowles

Nigel Knowles

Partner, PwC Hong Kong

Tel: +[852] 2289 1816

Follow us