For all the talk lately about cloud computing, one thing is certain: insurers are faced with more options than ever when it comes deciding the best option to transmit or house data. And it’s clear that the number and variety of cloud infrastructure, platform, and application services available are as numerous as the business problems they are deployed to solve. However, not all carriers are completely ready to lock in to a cloud-based service model in which core systems’ computing resources are shared and maintained on the Internet.
Such was the topic of discussion by two insurers of very different sizes who participated with me in this week’s INN editorial webinar, “Goodbye Data Centers: Why Insurers Love the Cloud.” The comments made by Ursuline Foley, Corporate Platform Officer & Interim Chief Data Officer, XL Group (XL Catlin) and Jon Ritchie, SVP, Corporate & Business Development, American Integrity Insurance Group, seemed to jive with a recent report issued in May by research and consulting firm Novarica, which presented results of a survey of insurer CIO members of the Novarica Insurance Technology Research Council, conducted in Q1 of 2016.
Of Novarica’s 75 participants in the study, 10 were large (over $1B in premium) 44 were midsize (under $1B in premium) P/C carriers; 14 were large life/annuity carriers, and 7 were midsize life/annuity. Of the 75 participants, only 23 had actually implemented core SaaS solutions. With more than $4B in GWP, XL Catlin (the product of a merger earlier in 2015) embraces cloud technology, but in measured form. “We understand cloud’s value, and its place within our organization,” Foley told the audience. “We use it in our corporate space, for example, in facility management and HR, but we are not yet at a point where we want to trust it to areas such as our general ledger.” Improving business processes, cost efficiencies and speed of response were some of the drivers impacting the carrier’s decision.
American Integrity, a regional company that appeared in the Florida market shortly after larger carriers began to move out of state as a response to cat-related risk, choose to deploy its core systems in a hybrid SaaS environment.
In response to a question posed by moderator and INN editor-in-chief Nathan Golia on their strategic approach, Ritchie told the audience that his organization started out conducting a buy-build-lease evaluation, “but what we really needed was scalability, stability and security of data transfer, so leasing was our best option.” Although the company viewed improving business processes and speed of response (the carrier needed to upgrade its core systems to in order to add a flood policy to its lineup of products), cost efficiencies were less of an issue, Ritchie said. “We see cost efficiencies in other things, like worrying less about the time to manage upgrades, and having more time to operate as an insurance company and less as an IT shop as a result.”
My view is that regardless of their depth of commitment to the cloud, insurers of all sizes tend to evaluate solving business problems in similar fashion, and they also share many of the same challenges. For example, finding and retaining a certain set of skills required to manage cloud computing, such as higher-level architectural, design and development/operations. Another challenge—and oftentimes a barrier to adoption—related to risk: the threats posed by security breaches, system and application vulnerabilities and data loss, to name a few.
All agreed there is a certain finesse required to manage an insurer’s cloud solution provider, which may or may not offer the level of platform maturity that they say they do. “Due diligence is critical because vendors don’t always share everything,” Foley said. At XL Catlin, an “assemblage” of key stakeholders, including head of privacy, security and compliance are involved in vendor vetting. “It’s up to us to determine their qualifications, best practices, see their certificates, and properly evaluate them.”
Both Foley and Ritchie agreed that deploying systems in the cloud requires Board involvement. “Moving to this environment is a big change in how we operate, so leadership has to be involved from an investment and education point of view,” Ritchie noted.
