Intact Financial Corporation And its Canadian P&C Insurance Companies (jointly called the “Company”)

I. Purpose

The Risk Management Committee (the “Committee”) is a committee of the Board of Directors of the Company (the “Board”). It assists the Board with its oversight role with respect to the management of the Company and its subsidiaries (the “Group”) in order to build a sustainable competitive advantage, by fully integrating the Enterprise Risk Management Policy into all business activities and strategic planning of the Group and operations, including its pension funds.

The Committee defines the Group’s risk appetite while also monitoring the risk profile and performance of the Group relative to its risk appetite.

The Committee also oversees the identification and assessment of the principal risks facing the Group and the development of strategies to manage those risks. The principal risks include strategic risk, insurance risk, financial risk and operational risk.

The Committee monitors compliance with risk management policies implemented by the Group and ensures an appropriate balance of risk and return in pursuit of the Group’s strategic business objectives.

II. Membership

1. Number

The Board will appoint no fewer than three of its members to the Committee, on the recommendation of the Governance and Sustainability Committee.

2. Composition and Qualifications

The Committee consists of directors who are “independent” as that term is defined from time to time in relevant legislation, and who are non-executives of the Group. All Committee members must have, or be willing and able to acquire within a reasonable period of time following their appointment, sufficient knowledge of the risk management of financial institutions as that term is defined in applicable legislation.

In addition, the composition of the Committee, and qualifications of its members, will comply with such additional requirements as may be imposed by applicable legislation and best practices as determined by the Board.

3. Chair

The Board will appoint the Chair of the Committee annually, to be selected from the members of the Committee. If, in any year, the Board does not make such an appointment, the incumbent Chair will continue in office until a successor is appointed. In the event the Chair is not able or willing to act as Chair of the Committee for any reason, the Board may appoint another Chair on an interim or permanent basis. The Chair is bound to act in accordance with this mandate. The Chair of the
Board may not serve as Chair of the Committee.

4. Tenure

Each member of the Committee will be appointed annually by the Board and will hold office at the will of the Board or until their successor is appointed.

5. Removal and Vacancies

Any member of the Committee may be removed and replaced at any time by the Board and will also automatically cease to be a member of the Committee as soon as such member ceases to be a director. The Board may fill vacancies by appointing members of the Board to the Committee. If and whenever a vacancy exists, the remaining members may exercise all the powers of the Committee as long as a quorum remains in office.

III. Process and Operations

1. Meetings

The Committee meets at least four times per year and otherwise as needed. 

The Committee shall also meet from time to time with the Audit Committee of the Company, as required to fulfill their respective mandates.

The following individual may call a meeting of the Committee at any time:
• Chair of the Committee
• The chair of the risk committee of the Company’s subsidiaries in the United Kingdom
• Group Chief Risk Officer (“CRO”)

2. Private Meeting of the Committee and Private Meetings with Members of Management

Following each meeting, the Committee meets privately without the presence of management.

Following each regular meeting, the Committee meets in private with the CRO, and with any other members of management required in respect of this mandate. The Committee may meet members of management in private after each non-regular meeting. The Committee may also meet with any other employees of the Group, as it deems appropriate.

3. Quorum

A quorum at any meeting shall be a simple majority of the members of the Committee.

4. Report to the Board

Following each meeting, the Committee reports to the Board on matters reviewed by the Committee.

IV. Duties and Responsibilities of the Committee

1. Risk Management

The Committee oversees the Group’s risk management policies and procedures which identify principal risks, while monitoring the implementation of appropriate systems and processes to manage these risks and the Group’s compliance with such policies and procedures.

The Committee monitors, reviews and periodically (unless otherwise indicated) approves or recommends the following to the Board for approval:
- at least annually, reviews the Enterprise Risk Management Policy, including the corresponding risk appetite framework, and recommends them to the Board for approval;
- reviews the market and economy risks that can affect the Group;
- at least annually, reviews and recommends to the Board for approval, the Company's investment policies and monitors investment performance on a quarterly basis;
- at least annually, reviews the risks and asset-liability management of the Group’s employee pension funds and approves the Statement of Investment Policies and Procedures (SIP&P)
- at least annually, reviews and approves significant risk management policies other than the Enterprise Risk Management Policy;
- annually reviews management’s own risk and solvency assessment (ORSA) of the Company;
- reviews the quarterly risk reports including periodic stress testing;
- reviews the regulatory capital requirements from time to time and assesses the impact and the trends relating thereto;
- on an annual and on a continuing basis reviews and assesses the key risks of the business plans and new business initiatives of the Group;
- reviews the reinsurance programs of the Group;
- reviews the Financial Condition Testing Report with the Appointed Actuary;
- reviews climate risk management;
- reviews, approves or recommends to the Board for approval any other matter in relation to managing the risks of the Group.

The Committee undertakes its responsibilities with a constant view to effectively identifying, assessing and managing the Group’s principal risks, the risk targets for such principal risks and to monitor any exposure when such designated targets are exceeded. It takes the appropriate measures to adjust such targets, if judged appropriate, and to redress and correct such breaches.

The Committee exercises its functions with a view to adopting robust risk management systems and processes while balancing the risks undertaken by the Group and any business opportunity identified by the Group.

2. Risk Management Function

The Committee reviews and approves the organizational structures of the Group’s risk management function.

The Committee:

  • reviews and recommends to the Board for approval the appointment, assessment or
    termination, (if applicable) of the CRO;
  • periodically reviews and approves the mandate of the risk management function and the CRO mandate
  • annually obtains assurances that the risk management function has the necessary independence, budget and resources to meet its mandate and reports to the Board any issue in relation thereto;
  • reviews the regular and special regulatory investigations or inspections conducted periodically in relation to risk management or containing comments in relation to significant risks, including management’s responses and recommendations to ensure effectiveness and adequacy of the risks management function;
  • annually reviews the objectives of the CRO and risk management executives; 
  • annually reviews the effectiveness of these functions and ensures that they are periodically independently reviewed and assessed;
  • obtains assurances from the CRO that the oversight of the risk management activities of the Group are (i) independent from operational management, (ii) adequately resourced, and (iii) have the appropriate status and visibility throughout the Group.

3. Compliance with Risk Policies

The Committee:

  • reviews, at least annually, the Group’s compliance with the Enterprise Risk Management Policy, its risk appetite and its risk management policies and programs;
  • reviews risk monitoring programs and receives quarterly reports on risk monitoring activities, including risk tolerance limits, stress testing and investment risk monitoring;
  • reviews the manner in which material exceptions to policies are identified, monitored, measured and controlled; 
  • and reviews and agrees on remedial action and measures to be taken in case of breaches of such programs and policies.

V. Access to Independent Consultants

The Committee may retain and terminate independent consultants, at the Company’s expense, as it deems necessary or advisable to carry out its duties.

In case of differences of opinion between the members of the Committee or with management in relation to the hiring of such consultants, the Board may decide on the issue or delegate the review of such issue to the Governance and Sustainability Committee.

VI. Delegation

The Committee may designate a sub-committee or individual(s) to review any matter the Committee can delegate by law.

VII. Self-Assessment

On an annual basis, the Committee evaluates and reviews the assessment reports on the adequacy of the Committee, its Chair and each of its members.

VIII. Committee Mandate

On an annual basis, and as otherwise may be required, the Committee reviews this mandate and recommends any changes to the Board.

Approved by the Board of Directors of Intact Financial Corporation and its Canadian P&C Subsidiaries on August 1, 2023.