Compliance and cyber security competing priorities for U.S. insurers

Insurers in the United States will face competing priorities for resources and time over the next 12 months, with cyber security preparedness challenging overall regulatory compliance readiness, argues Wolters Kluwer Financial Services.

While both cyber security and regulatory readiness will be major concerns over the coming year, notes the latest Regulatory & Risk Management Indicator for the U.S. insurance industry, concerns persist. [click image below to enlarge]

Developed from surveys of 300-plus insurance professionals completed in September 2015 and 2014, the indicator tracks 10 factors across two consecutive 12-month periods to illustrate the overall level of regulatory and risk management pressures facing U.S. insurers, the Netherlands-based Wolters Kluwer Financial Services reported Monday.

Overall, 60% of polled insurance professionals report that cyber security will receive escalated priority at their organization, followed by regulatory risk at 42%, notes a statement from the company, which offers risk management, compliance, finance and audit solutions and maintains operations in more than 170 countries.

Despite those positives, though, more than 60% of respondents report being concerned about their organization’s ability to stay informed of changing laws (62%), maintaining compliance with changing regulations (61%) and demonstrating compliance to regulators (59%).

“Two of the factors represent an incremental bump from last year, with concern for maintaining compliance down from 64% in 2014,” states the report.

“Maintaining compliance in today’s complex regulatory environment requires a continuous investment in compliance staff and technologies,” emphasizes Kathy Donovan, senior compliance counsel at Wolters Kluwer Financial Services.

Like cyber security, “today’s regulatory environment is also continually evolving and requires proactive diligence and planning to stay ahead of new requirements and mitigate negative outcomes from market regulation actions,” Donovan says.

“Overall regulatory activity remains high and insurers need to continue investing in their governance, risk and compliance programs to strengthen their compliance efforts,” she suggests.

More than 70% of respondents say they are concerned about their organization’s ability to track and meet the compliance standards of changing regulations, the company statement notes.

Wolters Kluwer Financial Services reports that the indicator score – calculated based on respondents’ perceived ability to track regulatory changes, maintain compliance with changing regulations, demonstrate compliance to regulators, invest in compliance staff, manage risk across all business lines, configure risk management processes, and identify, manage, control and report risks – dipped slightly below its baseline of 100 this year to 97 amid a heightened regulatory environment. “This score is the result of steady regulatory activity and enforcement actions, a decline in the overall amount of fines issued, along with reduced investment in compliance staff and technologies over the last 12 months,” the company notes.

“When respondents were asked what types of risk will receive escalated priority at their organization over the next 12 months, it became clear they are facing competing priorities for resources and time,” the report states. [click image below to enlarge]

The top risk management challenges over the next 12 months, the report indicates, is cyber security, regulatory risk, data governance, IT risk, operational risk, market risk and model risk.

The top risk management challenges over the next 12 months, the report indicates, is cyber security, regulatory risk, data governance, IT risk, operational risk, market risk and model risk

The good news for the U.S. insurance industry is that less than half (48%) of polled insurance professionals report being concerned about their organization’s ability to invest in new compliance technologies. The majority of insurance professionals believe their organizations have the budget available to invest in new compliance technologies to address their compliance concerns.

Asked if their organizations had made investments in compliance technology over the past 12 months, 42% say they had not, but 27% report they had and 29% note their organization had increased staffing levels to help monitor and manage compliance with changing regulations.