Survey: Insurers’ Regulatory Change Management Falling Short

Current organizational processes for managing regulatory change are falling short for insurers, according to recent survey results. Compliance Assurance Corporation (CAC) conducted a poll during “Managing the Hydra of Regulatory Change,” the first installment of CAC’s Compliance 2.0 webinar series. The provider of regulatory compliance solutions for the insurance industry asked attendees to classify their organizations’ processes using a five-level governance, risk management and compliance (GRC) framework to measure the maturity of an organization’s process for managing regulatory change in the context of a dynamic and shifting regulatory environment. The framework, from analyst firm GRC 20/20 Research, includes the levels of ad hoc, fragmented, managed, integrated and intelligent.

While the most respondents (35 percent) classified their regulatory change management approach as managed — the mid-range of the maturity model — 28 percent of the 50 respondents identified their processes as being aligned on the fragmented level of the scale. The fragmented level is characterized by a lack of consistent structure, lack of institutionalized processes for sharing regulatory information and disjointed use of technology. Limited oversight and accountability is also typical of firms taking a fragmented approach to managing regulatory change.

The managed level holds some usage of technology to manage process and provide accountability, but inconsistencies still remain, CAC said. Lacking the integration of technology and content, a managed approach delivers some visibility into regulatory change across the business, but reporting tends to not go beyond the department level.

Ten percent of respondents self-identified their processes as intelligent, the model’s most advanced rating, which features business-process automation that enables full oversight and seamless management of regulatory change. The same percentage classified their organization’s practices as ad hoc, the lowest level of the regulatory change management maturity model categorized by the lack of a defined regulatory taxonomy and low-to-no use of technology. And, 17 percent selected integrated, the second-highest level noted for common technology architecture enabling consistent management of regulatory change.

Insurers have to manage more than 3,500 state-based regulatory changes in a given year, according to Jerry Shafran, CEO of CAC.

“The insurance sector is rapidly becoming a technology business. To retain a competitive edge, insurers must seek new innovative ways to grow revenues, manage costs and mitigate risks,” Shafran said. “To reduce risk and remain competitive, insurance organizations are wise to evolve their execution of regulatory change management to a more effective and efficient process, one that is scalable and consistently meets the demands of business and regulatory environments. Process and technology innovation can drive efficiency while delivering tangible benefits to the business and more open engagement between compliance and the organization’s business owners.”

For reprint and licensing requests for this article, click here.
Security risk Core systems Compliance Policy adminstration
MORE FROM DIGITAL INSURANCE