Earlier this month, the Prudential Regulation Authority (PRA) released its Internal Model Approval Process (IMAP) data review findings. The report summarizes extensive reviews of 50 insurance firms as they prepare for the introduction of Solvency II; and its finding make for some very interesting reading.
First, the good news. The PRA found that insurers are making real progress in complying with Solvency II, and that data governance has now been embedded into the business practices of most insurance firms. However, the report also made clear that many insurers are still struggling when it comes to data management. For example, the PRA highlights a disproportionate focus on exposure data (policy data, asset data, and referential data) at the expense of valuation data (prices, rates, ratings, longevity, and claims development) and risk data (historical records of valuation data, assumption stresses, etc.).
The clear takeaway from this crucial report is that in the face of Solvency II insurance firms are still struggling to define and classify data, assign data ownership as part of their data governance operating model and represent data flow in a clear or precise way. The report goes on to note that as a result of this, some firms had to re-perform audits, while others have had to revisit elements of their audits.
The overall picture painted by the PRA’s report is of an insurance industry that is struggling to keep up with the huge data management responsibilities Solvency II has placed on it. In many ways this should not be a surprise – insurance companies have never had to deal with the volume of data and the complexity of its management that Solvency II has brought about. As a result, insurers are seeing increasing costs and time delays caused by the need to re-run audits.
As insurers look to get to grips with Solvency II, they might invest more money and time into getting their internal teams up to scratch. But the magnitude of this task should not be taken lightly. As the PRA report highlights, many insurers lack even the basic data management skills required to assess data quality effectively.
A different approach – and one that is less expensive and easier to implement – is to outsource Solvency II obligations to a managed service provider who should have the data governance experience and scale to take on even the biggest of data management challenges and provide what is certainly the simplest approach to Solvency II compliance – one that seamlessly integrates with the business and requires no re-audits.