The insurance industry's response to fast-changing regulatory and corporate governance demands is characterized by a primary reliance on manual processes and ad-hoc measures, according to survey conducted by ILOG, a Mountain View, Calif.-based business rules software vendor, and Pearl River, N.Y.-based ACORD.Although specially appointed compliance officers generally have been assigned to manage the impact of regulatory demands, the survey reveals the industry is failing to fully embrace the high business value of information technology when addressing regulatory requirements such as HIPAA and corporate governance demands driven by mandates such as the Sarbanes-Oxley Act.
The survey, conducted over the course of two months from December 2003 to January 2004, asked representatives from P&C, life insurance and reinsurance companies to consider how effectively their organizations are addressing compliance mandates, and to report on the role of technology as it pertains to managing compliance regulations.
The study clearly demonstrates challenges for insurance companies seeking to streamline and automate core business processes to help manage the impact of compliance, including: a reactive rather than proactive culture (41%); inflexible technology infrastructures that do not easily support new and changing regulations (28%); and a continued reliance on manual and paper-based processes (14%). Key findings of the study are as follows:
- Human Involvement Drives Compliance Management: While 83% of insurance companies surveyed have appointed compliance officers to direct their company's response to the impact of regulatory compliance, only 17% directly involve IT while implementing guidelines to manage and minimize the impact of regulatory compliance.
- Ad-hoc Measures Characterize Response: Although the majority of insurance company representatives surveyed (83%) believe their organization is effectively managing the obligations imposed by the new compliance regulations, 42% of the companies surveyed address compliance regulation issues on an ad-hoc, reactive basis --an indication the industry is failing to put process-automating technologies in place to manage core business processes across lines of business.
- Limited Technology Implementations Planned: One quarter (25%) of the companies surveyed planned to implement an enterprise-wide strategy to address the obligations associated with regulatory compliance and related changes, while an equal number of respondents (25%) plan to implement a solution that allows monitoring for distinct lines of business.
"This survey reveals there is a clearly defined line between companies who are embracing IT to address compliance regulations head on and those who are not," says Kate Ciravolo, CPCU, vice president & counsel, government affairs for ACORD.
"While we're pleased that the industry is taking the first step by appointing compliance officers to manage the process, those companies that fail to leverage this opportunity to automate core business processes and standardize across their enterprises are likely to fall victim to increasingly complex Federal and state regulations."
Source: ILOG Inc.
