Blog: Senior Insurance Managers Regime: four things you need to do ahead of Solvency II
Mick Campbell is director of risk and regulation at Deloitte in Scotland and Northern Ireland
It’s fair to say that the insurance industry is undergoing a revolution. The first things that come to mind are pension liberation and the level to which technology is transforming the industry. Yet there are other important changes also on the horizon – most notably the well documented journey of Solvency II and its required implementation by January 2016.
Within the scope of this directive are changes to capital requirements. Insurers are well aware of these and have been implementing changes to address new requirements for some time. Less evolved in terms of implementation, are areas like the Senior Insurance Mangers Regime (SIMR), aimed at fundamentally increasing responsibility and accountability across the sector.
Although there has already been analysis of what the regime proposes, little detail is available on what firms should be doing to prepare for its introduction in the early part of 2016 – that might seem like light-years away, but it’s going to come around quickly.
By then, the Prudential Regulation Authority (PRA) will want to see evidence that insurers are adhering to the new framework. But there are a lot of question marks over how that can be demonstrated and what exactly separates the new proposals from existing standards.
The reality is that there’s a great deal of work involved and plenty of new information to provide. Here are four ways insurers can get ready:
Look at where it fits in
Understanding where the SIMR fits into a firm is going to require a gap analysis or an assessment of existing practices against the new requirements. How are you currently meeting the requirements? Where do you need to improve? Simple questions, but if you don’t find the answers it will be difficult to determine what additional work is required and how you are going to set about meeting these in advance of the regulatory deadline. Setting up a project team to evaluate the new regime’s impact is a good way of tackling this, but if you have a wider change programme underway already it may well fit in with that. In our experience the teams delivering the assessment will normally consist of representation from the Compliance, Human Resources, Company Secretariat and Risk functions.
Identify who it affects
One of the biggest challenges for insurers will be identifying who the Regime will affect. Firms will be able to use the work they have delivered to identify the ‘key functions’ (as defined by Solvency II) within their businesses to inform this activity. However, it should be noted that the scope of these key functions may well need to increase upon a review of the Regime guidelines. The additional piece of work may involve identifying who has responsibility or holds an important role within these key functions. Some of the people now caught under the regime may not have experienced the level of scrutiny before. As such, this could require training and further alignment with Human Resource initiatives and processes.
Design a Governance Map
As mentioned previously, many insurers will have a great deal of existing information on their governance structures, key functions, people and supporting roles and responsibilities. However, we often find this data is spread across various systems or stored in the minds of people in different parts of the company who have the ‘corporate knowledge’.
To comply with new standards, insurers will be required to present and maintain a “governance map”, or have a coherent set of documentation, outlining how responsibilities and key functions are laid out within the firm. It’s up to the company to define the key functions and the crucial roles within them, so this requires careful thought. We expect insurers will aim to use existing governance, roles and responsibilities documentation as much as possible – such as: three lines of defence definitions, RACI matrices, existing training and development plans for controlled functions role holders and performance management documentation. Pulling all this information together will provide a valuable data source for firms and an opportunity to update and streamline existing processes.
Get IT systems ready
These changes are going to create the need to manage and co-ordinate governance data more effectively and efficiently than ever before. Increased scrutiny of a larger pool of people will mean more paperwork and documentation which may warrant the need to be stored on IT systems made readily available for the regulator to inspect. It could also potentially require a significant amount of resource being set aside to put more staff through “Fit and Proper” assessments. Firms should make preparations and plans to deal with this increased workload and data, which could be enabled by deploying easy to maintain and controllable IT platforms. One approach we have noted others taking in the industry is exploring how existing risk and compliance systems could be used to store this information, such as combined governance, risk and compliance solutions.