Kristin R. MoyerMaureen O’Neil and Juergen Weiss here. Although the worldwide insurance markets have not yet been as severely impacted as the banking industry, it is already obvious that a new wave of regulation will wash over the industry. This new wave of regulation will extend beyond Solvency II, Sarbanes-Oxley and the U.S. Health Insurance Portability and Accountability Act (HIPAA).
Private insurers should expect that they will have to comply with regulations that formerly affected only public companies. Insurers will need to expend more time and money to provide transparency and comply with potentially new, stringent regulations. Regulatory agencies in specific jurisdictions will likely establish additional compliance rules (such as the optional federal charter in the U.S. or new rating agency requirements) that will require additional risk management and compliance investments.
In addition, it is very likely that national regulators will continue to collaborate even more closely with each other and that regional regulations such as Solvency II in Europe will impact other geographies as well or even serve as role models. In a recent note on Solvency II, Gartner discussed the growing impact of risk management on core business processes.
Bottom line: CIOs should prepare for compliance and risk management to play an even greater role in the business strategy of many insurers in the very near future.
Category: Uncategorized Tags: hipaa, insurance, regulation, solvency II, sox
17 responses so far ↓
1 Jerry October 30, 2008 at 11:14 am
What do you think will be the biggest challenge faced as firms look to revamp their business strategy? How bad is it behind this mysterious curtain?
2 Young October 30, 2008 at 11:19 am
Wonder which country’s regulators will take the lead in this. US rating agencies themselves should start ramping up considering they arent currently taking any of the blame, but it is pretty clear that they dropped the ball.
3 Nina October 30, 2008 at 11:26 am
it will create even more inefficiencies and delays in an already slow moving world – although i wonder if it’s a good time to be a compliance officer? also hoping that maybe the US can lead the worldwide effort in creating international insurance standards.
4 Tom October 30, 2008 at 11:46 am
Be prepared? I say beware. Who exactly will implement and be responsilbe for this ‘new wave of regulation’? More to the point, who exactly will pay for it, the consumer? Insurance companies, like all financial services companies are not perfect, but it appears looking from the outside, blame for this crisis is not sitting at the doorstep of insurance products, yet. Let’s hope these new regulations are thought thru and truly ‘transparent’ to the consumer.
5 Juergen Weiss October 30, 2008 at 12:03 pm
To Young, Nina, Tom:
One of the key lessons learned from the current financial crisis is that separate or isolated initatives haven’t been extremely helpful. It remains to be seen though how willing individual countries or (in the case of the US) states will be to share or even give up authorities. regarding costs – risk management will have its price and one can expect that customers will at least partly have to pay the price…
6 Jerry October 30, 2008 at 12:30 pm
I didnt know there would be a test. Can we expect some type of mutlinational SRO? Is that even possible?
7 Steve Leigh (Gartner) October 30, 2008 at 12:41 pm
Juergen and Maureen,
My sense is that this next wave of regulation discussed here will be around reserves, investment and financial management. Do you have a sense of whether there will be corresponding regulation for insurance operations as well? Will there be more forms for customers to sign and more disclosures for agents to distribute?
8 Juergen Weiss October 30, 2008 at 1:21 pm
To Steve:
This is already happening – regulation is expanding beyond the financial aspect. The European broker directive in Europe required insurers and brokers to establish high quality standards during the entire quotation and policy issuance process. Brokers and agents have to handle much more paper work now.
9 Maureen O'Neil October 30, 2008 at 1:23 pm
Jerry
You asked a great question about business strategy and risk management. Insurers face the challenge of embedding risk management into their overall strategy, establish a dialog between risk managers, the business and IT departments, and approach risk management and compliance from a holistic perspective.
The first priority in managing risk is to determine an appropriate business context against which risk categories and tolerances can be identified. Insurers need to conduct risk assessment in concert with their strategies to run the business more efficiently, grow their market share or transform their business model. Each of these stages contributes to the business in different ways, and their relevant tolerance and risks must be assessed differently.
10 Don October 30, 2008 at 1:28 pm
I actually think federal regulation would be good for consumers, bad for small insurance companies though.
Insurance regulation has been great, you haven’t seen any insurance companies going under, just those that own non-insurance investment subs.
Insurance companies have to comply with all sorts of things that prevent large exposure to risky financial instruments including – risk based capital calculations that penalize concentration of investments & risky investment classes, sever limitations on how much of a portfolio can be invested in stocks, etc.
11 Lauren October 30, 2008 at 2:52 pm
Federal legislation invariably comes with many strings attached, which in the long run may prove more costly to consumers than beneficial. I would expect added costs associated with risk assessment and increased transparency to ultimately be borne by the consumers in the form of higher premiums.
12 Juergen Weiss October 31, 2008 at 3:25 am
To Don, Lauren:
Federal regulation would have pros and cons of curse. It would definitely be easier for larger insurers to expand beyond their home turf hileit might be redundant and indeed more expesnive for smaller insurers. The US could learn from other regions here. Solvency II for example is designed on the principle of proportionality which means that the level of regulation would vary with the size of the insurer.
To Young:
Let’s see whether Solvency II regulation in Europe (which does foresee a group supervision and a reduced influence of national regulators in this context) will be passed by the European Commission and European Parliament. If this regulation is accepted it could turn out to be a role model for other geographies.
13 Young October 31, 2008 at 11:11 am
Thanks Juergen, I just did a quick read on Solvency II, and am curious to see how much cooperation / how quickly they can implement a standard valuation approach to evaluating specifically credit and mkt risk in the industry. From my experiences it seems like a tough task as many firms are reluctant to share in depth infomation on their models, but I guess that this is somewhat covered by the supervisory model they are proposing. Regardless, the standardization across the EU can only help, and I guess we can only hope that, as you say, it turns out to be the role model we are looking for. Thanks for the interesting and timely post!
14 Vincent Oliva October 31, 2008 at 12:25 pm
Vinny Oliva here. Yes there will be more regulation. We have to keep it in perspectibve when considering the effectiveness of an overall enterprise risk management program. If proper risk management is practiced accross the enterprise, including the underwriting and investment sides of an insurance company, proper levels of risk tolerance are set and adheared to, and risk management is conducted in the context of overall corporate performance management, most regulations become more about reporting than new discipline.
15 Steve Leigh October 31, 2008 at 1:51 pm
Don,
Steve Leigh here. Good thoughts on the positive results of regulation on keeping insurers healthy. I don’t disagree that there have clearly benefits to this financial regulation. When it comes to consumer disclosures and notices, however, it seems that these compliance mandates have done little to help consumers understand insurance products and processes. A single simple disclosure would probably be read and understood by consumers, but the increasing number of disclosure documents have diluted the importance and comprehension of the important elements of the underwriting process in the mind of consumers. Simple clear, and concise documents would improve the customer experience, but not simply more regulation and documents.
16 Jenn O'Meara November 3, 2008 at 3:21 pm
What role do you ultimately foresee a CIO or an IT playing in terms of risk management within the insurance sector? Also, in the US, will one type of insurance product generate more risk management issues than another?
17 Juergen Weiss November 4, 2008 at 6:56 pm
To Jenn,
risk management is going to affect the entire value chain of the insurance company – including product design, commissions calculation or sales. In my research note on Solvency II (“Much More Than Compliance: How Solvency II Will Impact Insurance Business Processes and IT Systems”) I’ve highlighted some of the consequences of risk management respectively regulation/compliance. If we take Solvency II as a role model for other geographies such as the US than it is for example obvious that the type of insurance products is going to have different risk management implications. Products which include more guaranteed revenues such as Variable Annuities will be for example more impacted than products which create no risk for carriers.