12:03 PM
2004 Top Insurance Business/Technology Issues
Compliance Concerns Still Dominate
If you thought that compliance was a hot topic in 2003, 2004 promises more of the same. In fact, this year, compliance mandates by federal and state legislators may carve out even more from IT budgets than they did last year.
"We are working with a lot of companies that are really working hard to completely comply with Sarbanes-Oxley," says Brian Lane, partner, enterprise risk services, insurance sector at Deloitte & Touche (Hartford). "IT's role in compliance is becoming a board-level discussion. The regulations have a lot of implications from an IT perspective and insurance companies are spending a lot of time to make sure they are compliant. For the first time, technology functions and processes have to be documented, recorded and tested so they can be audited." And a good portion of the funding for the documentation will most likely come out of existing IT budgets.
For instance, the Washington, D.C.-based Public Company Accounting Oversight Board (PCAOB), a private-sector non-profit corporation created by the Sarbanes-Oxley Act of 2002 to oversee the auditors of public companies, "mentions technology all of the time," according to Lane. "The PCAOB is on top of the technology and companies realize that technology plays a large role in compliance. For the most part, companies have the processing in place, but they still have to document, audit and test it."
Another way that IT can help insurance companies with compliance is by getting information to the right people at the right time, according to John Lucker, senior manager, quantitative services, Deloitte & Touche. "There are a lot of predictive modeling technologies that can help insurance companies with compliance," he says. "Predictive modeling can help senior executives get a good idea about where the company is headed and can help regulators when they look at the (financial) actions of a company. The modeling can outline how risk was handled from the underwriting to the end of the process."
When it comes to state regulations, adds Lucker, insurance companies aren't preparing for anything "out of the normal," but they are concerned about credit scoring. "The only thing that I have been seeing at the state level is about credit scoring," Lucker says. "If some states ban credit scoring, insurance companies want to be proactive and to be able to move away from the credit-scoring model quickly."
Finally, privacy and "knowing your customer for USA PATRIOT Act compliance" continue to float to the top of the to-do list for companies, especially as more states pass stricter privacy regulations such as California's SB 1386 security-breach disclosure law. "Privacy, knowing your customer, and HIPAA are not going away," Lane says. "Companies have measures underway to become compliant and technology," such as some knowledge management and data warehousing solutions, "are needed to assist companies with compliance."