yes_no

When most industry leaders hear about a “new regulation and compliance,” opportunity is not the term that comes to mind. This is as true for the insurance industry as it is for others. Todd Wright explains. 

As a highly regulated industry, insurers must comply with a range of rules that include Solvency ll, ORSA, IFRS9, and the SIFI designation (just to mention a few). Compliance with such regulations has generally been the main goal for insurers as well as being an enabler to better management of the business. After taking steps to comply with some of these regulations, they’ve found that compliance not only kept the regulators at bay – but their business as a whole saw marked improvements.

Business challenges and the GDPR – common ground

The General Data Protection Regulation (GDPR) is the latest in the list of regulations the insurance industry has had to deal with. While broad in its requirements and requiring a daunting amount of effort, early adopters of the GDPR have found that its add-on benefits made the effort worthwhile. Not only can the GDPR protect individual customers; it also has the potential ripple effect of helping every aspect of an insurer’s business.

To highlight what I mean, let’s take a look at some of the main trends and issues in the insurance industry today. They include: 

  • Pricing. Customers are becoming even more price conscious these days, with most choosing their insurer purely on the basis of cost. Competition is forcing insurers to adjust rates more frequently to retain existing customers and attract new business. As a result, underwriting and accurate product pricing based on deeper analysis of available data has become more important than ever.
  • Digitalisation and customer experience. Influenced by digital channels and other industries, insurance companies are focused on improving the customer experience. Traditionally, insurance companies have been product-focused. Now, they need to become more customer-centric so they can better enhance the customer experience. In a competitive market, the customer experience needs to be interactive – providing a “next-best action” to increase acquisition and improve loyalty. This can only be accomplished by having access to accurate, current and contextual policyholder data.
  • Fraud. Insurance fraud affects every insurance company. The general consensus is that suspicious activity is increasing and the tactics used by fraudsters are becoming more sophisticated. The fight against fraud takes place on many fronts. Insurers increasingly need to use technology (including big data) to combat opportunistic and organised fraud across all lines of business

Data management – key to achieving compliance and business success

From enhancing the customer experience to preventing fraud, insurance companies have their hands full. But these challenges aren’t without solutions. Good data management is the common factor among companies that are successful in taking on each new challenge.

One example is an insurance company from Europe. In its efforts to become a ‘total digital insurer,’ the company used the GDPR regulation as a catalyst for meeting its goal. In other words, it teamed up digital goals with the goal of meeting the upcoming GDPR deadline. The insurer’s data management program is recognised as vital in allaying any concerns customers may have about how their personal data is managed, and whether it’s being exposed due to technologies like the Internet of Things. The company’s program is part of a wider data governance framework in which they have developed a partnership with SAS that safeguards the insurance company’s policies and procedures in terms of the availability, completeness and accuracy of the information and data being managed. This company knew that the GDPR should not be seen as a burden – but an opportunity.

How can other insurers develop a similar data management program – one that addresses compliance concerns while positively influencing other business endeavors at an enterprise level? At SAS, we’ve developed a five-phase approach for managing data that not only assists with compliance, but also serves as a framework for enterprisewide data governance and data management programs. It includes:

  • Access. Access and blend data from many different file types, including relational data sources like Oracle and emerging big data technologies like Apache Hadoop
  • Identify. Data filters, sampling techniques and sophisticated algorithms identify and extract personal data from structured and unstructured data sources
  • Govern. Enforce governance policies, monitor data quality and manage business terms across the organisation – and assign owners to terms and link them to policies or technical assets, like reports or data sources
  • Protect. Role-based data masking and encryption techniques secure sensitive information and dynamically blend data without moving it to help minimise exposure of sensitive data
  • Audit. Interactive reports can identify the users, files, data sources and types of PII detected. It can also enable you to see who has accessed PII data, and how it’s being protected across the business

With the correct technology and processes in place, insurers can address an assortment of compliance requirements. For example, you can provide an overview of all data sources, determine the risk of each data source, and show that all the correct data protections are in place and are properly managed. These same requirements can directly benefit other business goals. Imagine:

  • You could improve fraud efforts by having an overview of all your data sources and being able to determine the risk of each
  • With a complete view of your customers and their policies, you could offer pricing discounts to keep them loyal
  • By having correct, governed customer data, you could turn a product-focused company into a customer-centric one

By Todd Wright, senior product manager at SAS


GDPR Summit London is a dedicated event which will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.

Further information and conference details are available at http://www.gdprsummit.london/