US Insurance RegTech: Deloitte Insights (PDF)

Summary

This document discusses the role of technology, particularly RegTech, in modernizing insurance compliance functions and operations. It examines both the challenges and opportunities associated with embracing RegTech innovations in the US insurance industry. The publication explores various aspects of RegTech solutions.

Full Transcript

InFocus
Insurance regulation and technology:
Adding business value to compliance
 Top takeaways

Rapid technology advancements Drivers for modernizing the By using RegTech to automate Within the next three to five
are transforming the insurance insurance compliance function more costly human functions years, we expect that insurance
industry. Insurers’ regulatory are coming from three directions: and do routine processes RegTech solutions using
compliance organizations are emerging RegTech technologies, more intelligently and cost- sophisticated analytics, data
being challenged by the risks internal cost challenges, and effectively, compliance integration, robotic process
associated with insurance continual regulatory changes. professionals can respond to automation, natural language
technology (InsurTech) changing regulatory demands generation/processing, artificial
advancements, as well as and focus on higher-order intelligence, and other emerging
the opportunities to harness activities to become more technologies will be positioned
new regulatory technology valuable business partners to produce a sea change in how
(RegTech) capabilities. and advisers. insurance company compliance
organizations operate.

InFocus | Insurance regulation and technology: Adding business value to compliance 1
Rapid advancements in technology are transforming the US What’s driving insurance RegTech’s growth?
insurance industry. Companies are embracing the use of
advanced and predictive analytics, robotic process automation “RegTech is designed to help firms automate the more routine
(RPA), artificial intelligence (AI), and cognitive technologies in their compliance tasks and reduce operational risks associated
quest to improve business operations. with meeting compliance and reporting obligations. In the
Insurers’ regulatory compliance organizations are being longer term, it should empower compliance functions to make
challenged by the risks associated with InsurTech advancements, informed risk choices based on data and provide insight about
as well as opportunities to harness new RegTech capabilities—to the compliance risks it faces and how it mitigates and manages
change their focus from hindsight to foresight and better align those risks.”
with business strategy in a drive toward greater efficiency —Sean Smith, Risk Advisory partner at Deloitte Ireland
and effectiveness.1

By using RegTech to automate routine processes—thereby Drivers for modernizing the insurance compliance function are
potentially improving quality and reducing costs—compliance coming from multiple directions (see figure 1). Increasing regulatory
professionals can better respond to changing regulatory demands mandates, perpetual talent squeezes, mounting demand for
and apply analytics to advise business functions and determine increased cost reductions, and a growing need for additional
areas of heightened regulatory risks, such as agent sales capacity for new and emerging risks and regulations are
practices, rate and form filings, customer and third-party fraud, challenging insurance companies’ ability to respond in a timely
and business operations. and cost-effective manner.2

InFocus | Insurance regulation and technology: Adding business value to compliance 2
Figure 1. Drivers for modernizing compliance Emerging technologies
Pressure for change is coming from many directions Regulatory technology (RegTech)
-- Cognitive compliance
Internal challenges -- Risk sensing
Lack of executive leadership buy-in -- Automation/Robotics-integrated governance, risk,
Fragmented regulatory/compliance and compliance (GRC)
change management Big data and analytics
Lack of compliance strategic vision -- Increased use of unstructured, high-volume data to
Lack of clarity and engagement with first line of drive risk identification and process enhancement
defense groups -- Predictive analytics
Resource/staffing challenges Emerging
technologies
Weak governance and oversight Regulatory pressures
Ineffective coordination across multiple Heightened standards and expectations
jurisdictions Increased regulatory examination and inspections
Disparate risk methodologies Increased enforcement actions, fines, and penalties
Ineffective interaction/leverage of technology New regulatory requirements
Inefficient operating models Multiple regulator oversight
Internal Regulatory
Lines of defense confusion challenges pressures Multiple jurisdictions with complex or conflicting
laws/regulations

Source: “Modernizing compliance: Enabling and moving with the speed of business,” Deloitte, 2017.
InFocus | Insurance regulation and technology: Adding business value to compliance 3
Insurance companies want to be more predictive and analytical in RegTech allows insurance company compliance professionals
their compliance efforts—to be able to proactively evaluate risks to work over and around legacy infrastructure impediments
and address issues before they become problems. This capability to connect and analyze information more smartly in order to
is important because many companies’ business functions are understand where the organization may have risks and exposures
using InsurTech to gain competitive advantages and want their based on a larger data population than was previously accessible.
compliance organizations to assist them in understanding where For example, insurers traditionally have used small sample file
they might be subject to consumer and regulatory risks. Similarly, audits to identify potential distribution/sales channel issues or
insurance regulators reportedly plan to innovate and incorporate policy rating accuracy; this method consumed significant resources
newly available technology tools into their expanding regulatory and addressed only a limited portion of the population. RegTech
arsenal.3 According to results from Deloitte’s Insurance Regulator and analytics may help make the process more efficient because
Technology Adoption Survey 4 (see page five), state regulators insurers can monitor an entire population and pinpoint areas that
expect their use of technology to grow in coming years, both may be problematic.
to help improve oversight and to respond to changes in an
increasingly digital, tech-driven industry. In addition, the National
Association of Insurance Commissioners (NAIC), as part of its State
Ahead plan,5 is building an infrastructure to provide its members
with new analytics, technology, and tools by 2020 to more
effectively regulate their markets.

InFocus | Insurance regulation and technology: Adding business value to compliance 4
Key insights: Insurance Regulator Technology reducing costs of operations (54 percent); responding to
Adoption Survey insurers’ increased use of technology (54 percent); and
increasing speed and quality of oversight (42 percent).
The Deloitte Center for Financial Services sent its online Insurance
Regulator Technology Adoption Survey 6 to all 56 jurisdictions in the Regulators today use technology primarily to monitor
National Association of Insurance Commissioners in late August/ insurer solvency and audit insurer financials, areas that
early September 2017; 28 jurisdictions responded. The survey’s require analyzing quantifiable and mostly formatted financial
intent was to see what insurance regulators thought about data. Going forward, regulators expect to ramp up technology
regulatory technology, how they might use it, and how they saw use in market conduct-related areas such as investigating
insurers using it. Findings show: noncompliance and data manipulation, and in consumer
education and response.
State insurance regulators expect their use of technology to
increase, both to improve oversight of the market and to More than one-half of the regulators surveyed felt that insurers’
respond to market changes in an increasingly digital, use of technology could be a motivation for using the same
tech-driven industry. technology to regulate them.
Drivers include automating manual processes (77 percent);
replacing and/or integrating legacy systems (69 percent);
responding to changing regulatory demands (58 percent);

InFocus | Insurance regulation and technology: Adding business value to compliance 5
How quickly and effectively insurers put RegTech solutions to
work may be crucial to their future success as they seek to
reduce costs, enhance efficiency and, ultimately, establish more
robust compliance programs that withstand regulators’
evolving expectations.

What should insurers know and do as they move forward with
their RegTech plans? Looking across the typical components
of an insurance compliance function reveals numerous, high-value
opportunities for applying RegTech (see figure 2). Companies may
want to begin with lower-cost, high-impact projects that
can help bolster the business case for more expensive,
long-term investments.

InFocus | Insurance regulation and technology: Adding business value to compliance 6
Figure 2. RegTech solutions: Adding value to a compliance function
Where are the high-value opportunities for RegTech?

Criteria Typical examples Code of
Policies and
conduct/
procedures
High transaction Candidates for RPA need not necessarily be limited to high-value transactional ethics
volume/value processes. Any process that is labor intensive, has high throughput time, or
transaction could result in high-cost impact errors is a good candidate. New laws and
Regulatory
filings regulations
High number of A process that typically requires employees to access multiple independent
systems used systems to complete.

Manual activities in the process can result in a substantial number of errors due Components
Prone to errors Advertising Fraud
or rework
to human operator mistakes (e.g., flexibility of workforce, complexity of work, or
and sales
of an insurance detection and
infrequency of activity).
materials compliance reporting unit

Limited exception
Simpler processes with few exceptions in delivery are strong candidates for function
RPA in the beginning. After initial RPA work, the organization can expand to
handling processes that are more complex or error prone. Regulatory
interactions/ Anti-money
A process with litte automation support and large chunks of manual work laundering/
Significant market conduct
involved often benefit more from robotics, although the process does not need OFAC
manual work
to be completely “straight-through processed.” exams

Monitoring Complaint
High The process needs to be defined by a set of unambiguous business rules that and testing handling
predictability describe it. No need for full documentation, but it certainly helps!

Source: “Insurance regulation and technology: A rapid transformation underway?,” Deloitte, 2018.
InFocus | Insurance regulation and technology: Adding business value to compliance 7
 Potential insurance RegTech solutions
Audio monitoring solutions—Audio monitoring can be enhanced using audio
processing, analytics engines, and dashboard reporting to gain greater insights
Sea change in insurance compliance operations into audio data (e.g., call center operations, outbound sales calls, transactions
with seniors).
Within the next three to five years, we expect that insurance Regulatory reporting—RPA can be used to prepare regulatory reports (e.g.,
market conduct annual statements, data calls, etc.).
RegTech solutions using predictive analytics, data integration, RPA,
Sales surveillance—RPA can be used to automate surveillance and identify
natural language generation/processing, artificial intelligence, and noncompliance instances (e.g., insurance replacement transactions, anti–money
other emerging technologies may produce a sea change in how laundering, etc.).

insurance compliance organizations operate (see sidebar). Regulatory extraction—Natural Language Processing (NLP) can be used to extract
regulations and identify regulatory and control requirements.
In addition to enabling improved compliance, insurance RegTech Compliance testing aggregation—RPA, analytics, and integrated data repositories
can be combined to provide an enterprise-level view of compliance risk and testing.
solutions can work in concert with other back-office systems to
Anti–money laundering (AML)—Natural Language Generation (NLG) can be
positively impact insurers’ broader business operations by helping used to automate the generation of regulatory AML reports (e.g., suspicious
to streamline the input, handling, processing, and completion of activity reports).
operational tasks supporting policyholders. Policy and procedure mapping—NLP can be used to perform mapping between
policies and procedures and regulatory requirements.
Even regulators think that insurers will benefit from RegTech Advanced analytics—Predictive models and data visualization can be used
technology. Seventy-six percent of respondents to Deloitte’s survey to analyze rate and forms, sales practices, compliance and ethics culture, and
occurrences of fraud (internal and external).
cite increased operational effectiveness and 71 percent expect
GRC solutions—Shared risk and compliance language can help enhance risk
increased efficiency for the overall market as likely results. portfolio and risk treatments.
Blab*—Social intelligence platform can use statistical analysis to forecast volume
and velocity of social conversations to sense emerging and reputational risks.
State rate accuracy tool*—Rating engine technology combined with advanced
analytics can determine if your charged rates equal your filed and approved rates.

*Deloitte proprietary solution. InFocus | Insurance regulation and technology: Adding business value to compliance 8
How and where to invest? How do we create the RegTech business case to drive greater
executive and organizational buy-in?
Most insurance companies planning to use technology to
modernize their compliance process are proceeding with caution How do we stay abreast of the ways that regulators and peer
as they consider how and where to invest to attain maximum value. companies are deploying advanced technologies and data
Among important questions insurers should ask when preparing analytics so we don’t fall behind?
their RegTech strategy:

Which compliance functions are candidates for automation, as What’s next?
ranked by value measures (time savings, capacity enhancements,
Insurance companies’ regulatory compliance functions have an
error resolution, efficiency gains) and complexity measures
opportunity to better align with business strategy in a drive toward
(scope, size, variability)?
efficiency and effectiveness. Organizations should consider the
Does our company have the right operating model to move to a numerous, high-value opportunities RegTech provides to improve
more analytics-driven and predictive focus with our compliance and support broader operational efficiencies.
compliance effort?
If you want to learn about how and where your organization can
Do we have the right people to develop and lead a technology-
employ RegTech solutions, we should talk.
driven approach to compliance? Do we need external assistance?

Should we develop or acquire the capabilities we need?

InFocus | Insurance regulation and technology: Adding business value to compliance 9
Contacts Endnotes

Timothy Cercelle 1. “Modernizing compliance: Enabling and moving with the speed of business,”
Managing Director | Deloitte Risk and Financial Advisory Deloitte, 2017.
Deloitte & Touche LLP 2. Ibid.
[email protected]
3. “Insurance regulators in an era of advanced technologies: Challenges and opportunities
George Hanley in oversight,” Deloitte Center for Financial Services, 2018, https://www2.deloitte.com/in-
Managing Director | Deloitte Risk and Financial Advisory sights/us/en/industry/insurance/advanced-technologies-insurance-regulators-challeng-
es-opportunities.html?icid=dcom_promo_standard|us;en.
Deloitte & Touche LLP
[email protected] 4. https://www2.deloitte.com/insights/us/en/industry/insurance/advanced-technolo-
gies-insurance-regulators-challenges-opportunities.html.
Andrew N. Mais
Senior Manager | Deloitte Center for Financial Services 5. https://www.naic.org/state_ahead.htm.

Deloitte Services LP 6. https://www2.deloitte.com/insights/us/en/industry/insurance/advanced-technolo-
[email protected] gies-insurance-regulators-challenges-opportunities.html.

InFocus | Insurance regulation and technology: Adding business value to compliance 10
About Deloitte

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network
of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL
(also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the
US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States, and their respective
affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see
www.deloitte.com/about to learn more about our global network of member firms

This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business,
financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional
advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any
decision or taking any action that may affect your business, you should consult a qualified professional advisor.

Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.

Copyright © 2018 Deloitte Development LLC. All rights reserved.