The concept of risk is fundamental to the insurance industry, of course, but insurance companies themselves face a range of risks. For example, in large global organisations in particular, the very complexity of the business – with multiple divisions and subsidiaries operating in different countries and using different currencies – creates a fundamental risk of overreaching, ie writing more risk than they have the capacity to cover.
In response, insurers have established sizable governance and compliance functions that are designed to avoid costly breaches of the regulations that set out how they manage their finances. The most important of these are the European Union’s Solvency II regime, which seeks to protect consumers by requiring firms to maintain sufficient capital to ensure they can meet their obligations to policyholders, and the Senior Managers and Certification Regime, which makes individuals in an insurance company responsible for the organisation’s conduct and confidence.
Even so, obtaining and maintaining visibility of the policies being written in every part of a multinational business is difficult, and in recent years there have been some high-profile instances of companies that have fallen foul of a lack of such oversight. For example:
- An insurance company was fined more than £1 million for breaches of Solvency II. The company was discovered to have overstated its solvency position, having incorrectly calculated its solvency capital requirements. In the wake of the fine, it implemented recommendations for improving its internal controls and reporting processes for Solvency II.
- A financial services company got into difficulties when a group of insurers that were insuring a significant proportion of its working capital announced that they would no longer provide this coverage. This decision was made after the lead insurer discovered that an employee at one of its subsidiaries had provided coverage that exceeded its risk limits.
- Two insurance firms were the victims of fraud when a company that issued surety bonds on their behalf wrote business that exceeded its authorised limits, exposing the insurers to greater liabilities than they had agreed. When they audited the company, it produced false documents intended to show that it had kept within the terms of the binding authorities.
So how can insurers create the necessary oversight across their operations to protect themselves against these risks? In the past they have attempted to do so using traditional manual processes, supported by email and spreadsheets, but this can be extremely time-consuming and doesn’t provide the visibility insurers need. More recently, many have started to digitise their authority management processes, but this too can be expensive, particularly if carried out in a piecemeal fashion.
This is where regulatory technology (RegTech) can provide the solution. RegTech is bespoke technology designed to help financial services companies comply with their regulatory requirements, using advanced technologies such as artificial intelligence, cloud computing and machine learning to help minimise the risk of human error by automating key processes.
Authority Hub is a prime example of this, having been designed to solve a specific set of problems around giving insurance organisations visibility of their total risk exposure. It’s a web-based platform that enables insurers to redefine the way they manage and govern underwriting, claims and non-insurance authorities, helping them to adhere to regulations such as Solvency II and avoid conduct breaches.
Authority Hub automates the creation, amendment, and management of delegated authorities, reducing errors and freeing up valuable administrative time. It gives visibility of the spread of authority throughout the organisation’s hierarchy and, by ensuring that authority information is up to date and easily accessible for the end user, it reduces the risk of an authority breach. It also helps the compliance function by automatically creating the evidence and audit trails required for regulatory purposes.
Of course, it is still possible for breaches to occur. But by giving insurance organisations the oversight of their total risk exposure that they need, Authority Hub reduces the risk of overwriting risk.