2014 Trends in the Insurance Industry


Published on

Published in: Business, Economy & Finance
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

2014 Trends in the Insurance Industry

  1. 1. 2014 Trends in the Insurance Industry Introduction Changes in the insurance industry historically move at a slow and steady pace, yet in recent years, by industry standards, they have become increasingly dynamic and fast-paced. This is due to a number of different and unique elements converging and impacting the insurance industry. This article focuses on five of these elements, or trends, and discusses their implications for the industry. The elements we focus on include the Own Risk and Solvency Assessment (ORSA), anti-money laundering (AML) compliance, big data and legacy data, social media, and the U.S. Department of the Treasury’s Federal Insurance Office (FIO) report. Own Risk and Solvency Assessment (ORSA) The development of the ORSA requirement by the National Association of Insurance Commissioners (NAIC) will bring significant changes in the way U.S. insurers conduct, report and govern risk management. The ORSA is being developed as a future-driven process of solvency regulation, which will allow regulators to look through the front window and see how insurers identify, assess, monitor and manage risk, as opposed to looking in a rearview mirror at events that have already occurred. State insurance commissioners are aiming for the final ORSA Model Act to be ready for implementation by state governments in 2015. Under the proposed rules, all insurers and their associated groups of companies will be required to file an ORSA (subject to certain premium thresholds). The ORSA process encourages insurers to develop continuous, forward-looking assessments of both enterprise-level risks and risks the insurer may face based on the insurer’s business plan under either normal or stress scenarios. It seeks to develop a link between the insurer’s risk assessment and its capital views on both current and future solvency. Comprehensive and exhaustive documentation of the insurer’s risk management framework, processes, controls and governance is a compulsory element of the ORSA. U.S. insurers are not waiting until 2015 to prepare for the ORSA; they are taking a long, hard look at their enterprise risk management frameworks and engineering the structure of their ORSA draft reports based on their risk management approach, processes and views of risk. Many of the ORSA guiding principles align with leading industry practices and rating agency perspectives. Companies know that the expectation of the ORSA is for insurers to develop an internal risk process that will provide regulators with the front window view of how a company manages risk on an ongoing basis.
  2. 2. Protiviti | 2 AML Compliance in the Insurance Industry Under the USA PATRIOT Act, all entities defined as financial institutions are required to establish an anti-money laundering (AML) program. Since May 2006, certain insurance carriers have been required to assess and help mitigate the risk of criminals and terrorists who seek to exploit vulnerabilities in insurance products for the purpose of money laundering. In the insurance industry, AML regulations extend to any person or entity engaged in the business of issuing or underwriting so-called “covered products” in the United States. Covered products are defined as:  A permanent life insurance policy, other than a group life insurance policy;  An annuity contract, other than a group annuity contract; and  Any other insurance product with cash value or investment features. Products relating to property casualty coverage, health insurance and term life insurance, as well as other insurance-related products not listed above, are excluded from AML regulations, but are subject to Office of Foreign Assets Control (OFAC) regulations, as are all U.S. businesses. While insurance brokers and agents are considered an essential part of the insurance industry, there is no requirement that brokers or agents maintain a separate AML program. Instead, the regulation requires the carrier’s AML program to incorporate the customer-information-related functions and procedures performed by insurance brokers and agents. As outlined in the USA PATRIOT Act, an insurance company is required to establish a documented AML program that applies to the covered products being sold by the company. The program needs to be designed in a way that prevents criminals from using the insurance company to facilitate money laundering. This means that the company needs not only to identify and assess the risks of this happening, but take steps to mitigate these risks. In addition, the program needs to have the approval of senior management, and management must be able to provide evidence of the program to the Department of the Treasury upon request. There is no “one size fits all” approach to an AML program, and certainly no expectation that the program will be able to capture and prevent all instances of illicit money laundering activities. At a minimum, however, the Department of the Treasury and the Financial Crimes Enforcement Network (FinCEN) require an AML program to include the following four key elements: 1. A compliance officer who is responsible for ensuring that the program is implemented effectively 2. Policies, procedures and internal controls 3. Ongoing training of appropriate persons in their responsibilities under the program 4. Independent testing to monitor and maintain an adequate program Under the Bank Secrecy Act (BSA), with respect to covered products, companies operating in the insurance industry are required to report any suspicious transactions or activity to FinCEN. The following are examples of suspicious transactions and customer behavior:  The purchase of an insurance product inconsistent with the customer's needs  Unusual payment methods, such as cash or cash equivalents  Early termination of a product, especially at a cost to the customer  The transfer of the benefit of a product to an apparently unrelated third party
  3. 3. Protiviti | 3  A customer who shows little concern for the investment performance of a product, but a great deal of concern about the early termination features of the product  A customer who is reluctant to provide identifying information when purchasing a product, or who provides minimal or seemingly fictitious information  A customer who borrows the maximum amount available soon after purchasing the product In recent years, multi-million-dollar penalties on banks and other financial institutions have become more common in instances where money laundering has been uncovered by the regulators. Going forward, the regulators are likely to place a similar focus on companies operating in the insurance industry. In addition to financial penalties, regulators are also permitted to place limits on a company’s mergers and acquisitions activity until violations or deficiencies in the company’s AML program are addressed, which may affect the company in more ways than one. It is therefore worthwhile for insurance companies to take a close look at their existing compliance programs and re-assess whether they meet today’s standards. Big Data Big data represents both the next major challenge and the next new opportunity across many industries, including the insurance industry. Since the advent of social media and digital communication, companies have access to a staggering amount of data, in addition to their own customer, transactional and legacy data. The key to unlocking the promise of big data is determining the best new methods for securely storing and effectively analyzing the unprecedented volume of information companies now have access to and create.1 “Big data” refers to unstructured and semi-structured data that, in combination, creates unprecedentedly voluminous datasets from a large variety of new and legacy systems. These datasets are too large and complex for traditional relational databases and software tools to capture, aggregate, store, manage and analyze effectively. A major concern across companies of all sizes and industries is how to manage and store big data, including their legacy data, securely. As news stories continue to break around invasive government practices and unethical business behavior, consumers are becoming increasingly wary of the threat posed to their privacy by improperly managed data. Heightened consumer awareness may also lead to increased regulatory focus, further driving the need for companies to develop and maintain comprehensive and responsible programs for managing big data. Big data is a key strategic asset for all companies, including insurers, and as such, must be carefully controlled and protected. The challenge of securing and controlling data can be addressed through a comprehensive enterprise data governance program. Enterprise data governance is comprised of many different components, including data quality, data management, data availability, data policies, storage, business process management, and risk management, with the goal of ensuring an organization’s data management strategies are in line with its business objectives. As the data environment becomes increasingly more vast and complex, it is essential that organizations implement a coherent strategic approach across all enterprise levels and maintain consistent controls throughout the data lifecycle and across the business enterprise. Managing big data securely and efficiently offers opportunities for insurers as well, allowing them to maximize ROI through targeted marketing, underwriting and product development 1 McKinsey & Company, Big data: The next frontier for innovation, competition, and productivity, www.mckinsey.com/insights/business_technology/big_data_the_next_frontier_for_innovation
  4. 4. Protiviti | 4 processes. To this end, companies are beginning to hire data scientists and devote research efforts to analyzing big data for repeatable business patterns and other actionable information. These new efforts have only recently started to be incorporated into the overall data governance programs of larger carriers. At midsize and smaller companies, data governance steering committees are also beginning to think strategically about ways to employ similar efforts while remaining cost-efficient.2 Social Media Social media platforms (Facebook, Twitter, LinkedIn, etc.) have become integral parts of the insurance world and an arena in which brand recognition is extremely valuable, as evidenced by the wide social presence and familiarity of the Geico gecko and Flo from Progressive. Whether these platforms are used aggressively to reach potential or existing customers or passively to maintain brand recognition among an easily distracted audience, social media provides, along with its undoubted benefits, certain inherent risks to organizations. The largest and most encompassing is reputational risk. Back in 2004, when Facebook was not yet introduced to the world and Twitter was not the way we received our news, a post on an Internet site accusing a company of wrongdoing or expressing customer dissatisfaction had a very restricted audience and often phased out within a few days. Today, these comments can be re-posted, re-tweeted or re-submitted through hundreds of different social media streams and be viewed by millions of people in a matter of minutes. Almost instantly, thousands of people can begin to pass judgment on a company based on one unsatisfying interaction with the business or even a false claim. A social media comment or post has a much more powerful effect on consumers than any official company statement, as the claims by a “real” person are perceived as unfiltered and authentic versus controlled and commercialized. In these situations, credibility of the claimant is often an afterthought. Another type of reputational risk can occur with careless use of social media by employees. An employee’s opinions and actions can often be viewed as reflections of a company-held view or belief. Companies have only recently begun to implement training and awareness guides to educate their employees on the consequences of social media use. While the task of controlling social media in all its iterations seems daunting, a company can mitigate social media risks by creating and enforcing a well-thought-out social media policy. The policy needs to be effective, yet flexible and responsive to ever-evolving social media content and platforms. Focusing on other types of business communications and their infrastructure is relevant, including training programs, dedicated teams and leadership, and internal controls. Being involved with social media is no longer optional for any company. It is as vital for businesses to use this strong and efficient method of reaching customers as it is to reduce the risks associated with the medium as much as possible. 2 Chander Ramamurthy, Big Data in Action – Opportunities for Carriers (Part II), Insurance Networking News, www.insurancenetworking.com/blogs/insurance-technology-data-management-machine-learning-33687- 1.html?ET=insurancenetworking:e4752:2066411a:&st=email
  5. 5. Protiviti | 5 FIO Report In December 2013, the U.S. Department of the Treasury’s Federal Insurance Office (FIO) released a report3 on how to modernize and improve the system of insurance regulation in the United States. The report was mandated under Title V of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) and highly anticipated, even though it was delayed from the originally announced release date by more than two years. It outlines several responsibilities of the FIO, including monitoring the insurance industry, coordinating federal involvement on international insurance matters, and preparing reports for Congress. (The Dodd- Frank Act requires a consideration of the costs and benefits of federal regulation across various lines of insurance.) The FIO report does not focus on whether regulation of insurance should be state or federal; rather, it discusses whether federal involvement in the current system is reasonable. It concludes that insurance regulation should be viewed as a hybrid model, i.e., state and federal oversight should play complementary roles defined by the strengths and opportunities that each brings. This hybrid insurance regulation approach provides a rational guide to modernizing the U.S. insurance regulation system. The recommendations outline near-term reforms for states to undertake and point to areas appropriate for federal involvement. The report examines all branches of the insurance industry except health insurance. The report is organized into six main sections:  Section I, Introduction  Section II, Executive Summary  Section III, which includes a discussion regarding the financial performance and condition of the principal insurance sectors. This section also includes a review of recent insurer insolvencies, risk management and portfolio investment activities.  Section IV, which reviews significant legal and regulatory developments affecting the current insurance industry  Section V, which discusses current and emerging trends that may have an impact on the industry  Section VI, Conclusion The insurance industry’s opinion of the importance of the FIO report varies, from deeming it very important and transformational to viewing it as interesting but not too informative. Even though the report received a fair amount of press, its impact on the insurance industry is still to be determined. Conclusion The changes these emerging market forces bring to the insurance industry cannot be overlooked. Insurers should think about the impacts of each of these on their organization, and whether they have the right focus, resources and investments to address these and additional changes to come in a timely manner. 3 Federal Insurance Office, How to Modernize and Improve the System of Insurance Regulation in the United States, www.treasury.gov/initiatives/fio/reports-and-notices/Pages/default.aspx
  6. 6. © 2014 Protiviti Inc. An Equal Opportunity Employer M/F/D/V. Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services. About Protiviti Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit, and has served more than 35 percent of FORTUNE 1000® and FORTUNE Global 500® companies. Protiviti and its independently owned Member Firms serve clients through a network of more than 70 locations in over 20 countries. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index. Contacts Shawn Seasongood Managing Director U.S. Insurance Practice +1.646.242.7567 shawn.seasongood@protiviti.com Michael Pisano Director U.S. Insurance Practice +1.212.708.6353 michael.pisano@protiviti.com Cory Gunderson Managing Director – U.S. Financial Services Practice Leader Global Leader, Risk & Compliance Solutions +1.212.708.6313 cory.gunderson@protiviti.com