In January 2016 the new insurance industry regulatory regime will establish EU-wide capital requirements and risk management standards designed to increase policyholder protection. By requiring insurers to hold enough capital to absorb significant losses, the rules aim to reduce the possibility of consumer loss or disruption in the event of a large-scale meltdown.
Comprised of three key ‘Pillars’ — Financial Requirements to ensure adequate liquidity; Governance & Supervision to improve risk management; and Reporting & Disclosure to improve transparency of market risks – Solvency II compels insurers to undertake a serious re-think of their business processes. Pillar Three however comes with technical complexities that could make it the trickiest to resolve.
Under it, insurance companies will be expected to demonstrate that all data received from administrators and data vendors is complete, accurate and appropriate.
> See also: How the 7 myths of PCI-DSS are holding back compliance
Since the January 2016 implementation deadline was announced corporates have been scrambling to get solutions in place that support multiple data reconciliation criteria, and reporting tools that can produce fast and flexible data analysis.
As is often the case with new EU regulation, however, many others are taking a wait & see approach to assess if deadlines will shift and all definitions will be clarified ahead of day zero. Sadly this will have many scrambling for a quick fix solution at the 11th hour — a classic case of letting the perfect get in the way of the good.
For Solvency II compliance it just won’t do. No matter how many weekends staff work, the harsh reality is that simply pushing existing systems and processes harder won’t be enough to address the demands of new regime’s rigorous reporting cycle.
Pillar of pain
The new reporting requirements focus on the construction, implementation and supervision of the risk models used for capital requirements. Data needs to be extracted from multiple sources and compiled in a consistent manner to feed the two main narrative reports: the Solvency and Financial Condition Report (SFCR) and the Regular Supervision Report (RSR).
Both cover quantitative and qualitative components, introducing more than 60 templates comprised of 20,000-plus data points.
The bulk of the work around Pillar 3 then will come from gathering, consolidating, reconciling and validating data from a variety of sources. That means ETL, data entry, calculation, and consolidation with stringent audit trails and traceability — all on a potentially bruising schedule. Frequency of reporting depends on the size of a company’s market share and can be annually and/or quarterly.
This gets even more complicated for insurance groups, where consolidation is required before group reporting. Traditional, spreadsheet-based systems will groan under the weight of these requirements
So what can you do?
Finding and implementing a solution for Pillar3 that suits existing processes and still ticks Solvency II’s working-day timetable box is going to be a challenge for any insurance company. A European Solvency II Survey conducted by Ernst & Young shows that preparedness for pillar 3 remains relatively low and with 5 months to go, action is needed by companies to meet the requirements on time.
Building your own proprietary solution as a stop-gap could be an option, however a robust and automated system centred on a reporting database is the optimal choice. Reporting needs to be repeatable and auditable on a regular basis, spreadsheets require manual intervention that consumes loads of staff resource, and the evolving nature of regulation means future-proofing will always be required of the software.
There are many Pillar 3 solutions available in the market and understanding the pros, cons and level of suitability to your business for each option takes time – which is quickly running out. Obviously it is essential to conduct a thorough analysis of the options and consider the likely ease of implementation. This analysis requires CFO as well as IT input.
> See also: The six steps to third-party compliance heaven
You need a solution that can deliver Pillar 3 reports with minimal effort from the business, integrates well with current IT systems and software, has validations and checks built into the tool, is capable of flowing through results from Pillar 1 and other analysis, is user friendly and maintains auditability and traceability of results, contains consolidation functionality to make group reporting easier, and enables the set-up of a workflow; pointing users what data to enter or reviews and allows the capability of doing approvals.
We know now that many companies addressed last year’s interim reporting requirements for Solvency II by waiting until the last moment, rushing to create a manual submission first, and then automating the process later.
This strategy turned out to be more expensive, more time consuming, and less accurate than automating the process from the outset.
Insurance companies should not make the same mistake with Solvency II’s compliance deadline looming. Automate now to reduce your cost and risk.
Sourced from Michelle Gewer, Senior application consultant, Tagetik UK