Article

Insurance in an era of regulatory change

Insurance is facing an unprecedented regulatory burden, leaders from across the insurance industry heard at our 2018 Insurance Conference on 14 June. Top of the agenda was the need for the sector to adapt to far-reaching regulatory change.

The introduction of the Insurance Distribution Directive, Solvency II, IFRS 17, GDPR, the extension of the Senior Managers and Certification Regime, are among the challenges being faced. At the same time, businesses are having to operate in a climate of ongoing Brexit uncertainty.

The conference explored some of the key aspects of this challenging landscape.

IFRS 17

Due into force at the beginning of 2021, IFRS 17 governs the accounting of insurance contracts. Its twin objectives are to create consistent reporting between countries, and to drive transparency for investors.

The sheer complexity of the new rules was illustrated by Vasilka Bangeova, head of our insurance technical team. Quoting a senior director with decades of experience, Vasilika said that IFRS 17 “is about insurance, but feels like quantum physics.”

It’s a view that is reflected in the results of our recent market survey. More than 80% of respondents described the new standard as ‘overly complex’.

In terms of their preparation for IFRS 17:

  • just over half are treating it purely as a compliance exercise, while only 5% are using it as an opportunity to transform the business
  • approximately two in five have carried out financial impact assessments to understand the effect on the bottom line
  • around a third have conducted a gap analysis on their current processes and systems, and begun planning for implementation
  • just a quarter have gone as far as setting out their accounting and actuarial methodology.

There is an expectation in some quarters that the work done for Solvency II will also facilitate IFRS 17 compliance. But this will only go so far, warned Simon Perry, our principal and IFRS 17 lead.

While there is some crossover, IFRS 17 introduces new demands, such as contractual service margin and new presentation and disclosure conventions. Meeting these will require specific data capabilities, systems and tools.

Data protection

‘GDPR Day’ (25 May) came and went without too much incident. And it’s fair to say that the insurance sector has mostly flown under the GDPR radar so far, at least compared to some high-profile tech and media firms.

But data protection isn’t simply a tick-box exercise. Iain Bourne, our data protection lead, stressed that it should be an ongoing effort to follow a set of principles that make sound ethical and commercial sense.

Embedding these principles will mean establishing a set of robust privacy values, and developing a culture of respect for individuals’ data. 

We help clients to achieve this by:

  • translating GDPR’s provisions into simple concepts that relate to typical business processes
  • breaking the regulation’s demands down into a series of manageable steps.

Following an ethical hacking demonstration that showed the results of not following good practices within the network environment, the discussion turned to the topic of cyber security.

For large and complex organisations, it is impossible to protect every piece of IT kit, and encrypt every bit of data. Instead, Manu Sharma suggested putting 80% of cybersecurity efforts into protecting a firm’s most critical data assets.

Manu also recommended implementing three sets of controls to protect against data breaches: preventative controls, detective controls and response controls.

Brexit

‘Uncertainty’ was the watchword during a lively panel discussion on the implications of Brexit for the insurance industry.

Clare Lebecq, operations head at JLT Specialty, described the current situation as a "minefield". She drew attention to some of the particular difficulties facing brokers, including:

  • keeping abreast of what each carrier is doing to prepare for Brexit
  • advising clients about the risk surrounding carriers as their preparations progress
  • advising on policies that are being written now, but expire after we leave the EU.

Regulator expectations

A more complex regulatory environment inevitably means closer scrutiny from the regulators themselves.

The conference heard from one such regulator about its expectations of insurance organisations as they adjust to deep-seated change.

Michael Sicsic of the Financial Conduct Authority (FCA) outlined three key priorities for his organisation:  

1 Governance: governance structures and practices must enable firms to quickly detect, escalate and resolve any issues that emerge 

2 Culture: firms should ensure that their cultures drive the right behaviours and the right customer outcomes

3 Fairness: insurance products should offer genuine value to consumers, and pricing policies must be equally fair to new and loyal customers

As Michael put it: “We expect firms to place customers at the heart of their efforts to adapt to change.”

Best practice

The regulatory developments facing insurance firms will have implications for all aspects of their operations, processes and systems.

Businesses will need to focus on three key objectives as they evolve their operating models in response to change:

1 Speed of reporting – a necessity driven by Solvency II and IFRS 17. This will demand closer collaboration and integration across the firm

2 Operational efficiencies – the need to do more with less. This requires streamlined processes, common IT systems and more effective use of data

3 Insightful analysis – equipping the finance function with the data and tools to be a strategic business partner

Achieving these objectives won’t be easy, cautioned Roy O’Neil, leading partner in our insurance business consulting team. It will require firms to take a holistic view of their operating models, and to coordinate activities across their organisations.

Better together

The session finished with Sarah Talbott, conference host and partner in our financial services advisory practice, calling for the sector to face its challenges together.

Sarah underlined the need for industry colleagues to come together at events like our Insurance Conference to find solutions, share best practice and learn from each other.

If you would like to talk to us about any of the issued raised, please contact Sarah Talbott.