Regulatory pro-tech-tion: insurers are embracing new software technologies that not only aid in regulatory compliance, but offer operational fringe benefits as well.Key Points * New software technologies are helping insurers become automatically compliant with state and federal regulations. * Insurers are becoming more innovative in the way they approach software technologies for compliance, using in-house In-house In the context of general equities, keeping an activity within the firm. For example, rather than go to the marketplace and sell a security for a client to anyone, an attempt is made to find a buyer to complete the transaction with the firm. tools when possible and finding ways to achieve operational benefits from them as well. * A sharper interest in regulatory compliance by top company officers is one reason carriers are embracing such technology. * A Celent study identified a three-part cycle and a five-level technology stack A Technology stack refers to the layers of components or services that are used to provide a software solution or application. Traditional examples include the OSI seven layer model, the TCP/IP model and the W3C technology stack. that insurers must traverse traverse - traversal in order to meet compliance requirements Compliance requirements are a series of directives established by United States Federal government agencies that summarize hundreds of Federal laws and regulations applicable to Federal assistance (also known as Federal aid or Federal funds). . The combination of regulatory compliance requirements and operational needs can create some hard choices for insurance companies. "We realized compliance is becoming an increasingly important part of the overall IT and project environment within insurance companies, and just like technology, it should play a significant role in helping a company achieve its goals:' said Donald Light, senior analyst with Celent LLC (Logical Link Control) See "LANs" under data link protocol. LLC - Logical Link Control and author of a 2006 study, Compliance & Technology: Best Practices for Insurers. "Operationally, we thought it would be interesting to see how technology could help a company reach its compliance requirements," especially for carriers licensed in multiple jurisdictions, Light said. "If you write in 50 states, you have to keep pace of 50 sets of laws and regulations. Some requirements are federally mandated regardless of how many states you write in." The answer may lie in new software technologies that are not only helping insurers more easily achieve compliance with state and federal regulations, but are streamlining other operations as well. The Compliance Cycle The Celent study identified three basic models of organization that insurance companies have to deal with during the compliance cycle: monitoring and analyzing new laws New Laws: see Las Casas, Bartolomé de. and regulations; prioritizing and implementing compliance initiatives; and operating and auditing the degree of compliance. "If a company is big enough, it may have several lines of business--personal lines, standard commercial lines, specialty commercial lines--that operate fairly independently of one another. Yet all of them have to comply with all of the regulations in every state they operate in," Light said. "In terms of the compliance process, how do you establish seniority?" Hence, the cycle: "When a new law or regulation is established, you have to first find out that it's there. What does it mean for me and my company or nay nay adv. 1. No: All but four Democrats voted nay. 2. And moreover: He was ill-favored, nay, hideous. n. 1. A denial or refusal. division? Assuming it does impact you, how do you prioritize pri·or·i·tize v. pri·or·i·tized, pri·or·i·tiz·ing, pri·or·i·tiz·es Usage Problem v.tr. To arrange or deal with in order of importance. v.intr. it to fit into time overall stream of projects? When does it have to be in effect? And then once you put it into effect and implement it, you operate and audit--you keep on doing what you're doing, but now you're in compliance," Light said. "The auditing function is the internal check to make sure there's no flip-page back to a noncompliant state." The Celent study profiled recent efforts by Hartford Life, Humana and Allianz Life as "examples of three different good ways insurers have dealt with the overall compliance challenge," Light said. Allianz Life represents "a good government structure," Light said: "They have government management control over a multitude of compliance projects that are likely to be going on over the course of time." Allianz Life has three primary businesses that subject it to multiple sources of compliance requirements: individual insurance (fixed life, fixed annuities Fixed annuities Contracts in which an insurance company or issuing financial institution pays a fixed dollar amount of money per period. and long-term care long-term care (LTC), n the provision of medical, social, and personal care services on a recurring or continuing basis to persons with chronic physical or mental disorders. ), variable annuities Variable annuities Investment contracts whose issuer pays a periodic amount linked to the investment performance of an underlying portfolio. and a retail broker/dealer. The company uses a governance Governance makes decisions that define expectations, grant power, or verify performance. It consists either of a separate process or of a specific part of management or leadership processes. Sometimes people set up a government to administer these processes and systems. model--an Enterprise Operating Committee--that sets priorities for all IT projects, including compliance, among all business units. At the time of the study and throughout 2006, Allianz provided every proposed IT project with two calculated scores for value and risk, then placed the project into one of seven IT portfolio categories (projects in the first four categories, including "regulatory and compliance," have first claim on project resources). Allianz's EOC EOC Emergency Operations Center EOC Equal Opportunities Commission (UK) EOC Educational Opportunity Center EOC End Of Course EOC Epithelial Ovarian Cancer EOC Environment of Care (JCAHO) then would perform a qualitative review of the implementation with a focus on lessons learned. Recently, Allianz Life started to track benchmark key performance indicators Key Performance Indicators (KPI) are financial and non-financial metrics used to quantify objectives to reflect strategic performance of an organization. KPIs are used in Business Intelligence to assess the present state of the business and to prescribe a course of action. to assess the effectiveness of projects, said Vice President of Compliance Rhonda Schwartz. Regulatory expectations and effective risk management require ever-increasing surveillance and oversight
Oversight may refer to:
"Technology enables the compliance department and the business lines to monitor data and report trends or transactions that signal potential sales violations or high-risk high-risk adjective Referring to an ↑ risk of suffering from a particular condition Infectious disease Referring to an ↑ risk for exposure to blood-borne pathogens, which occurs with blood bank technicians, dental professionals, dialysis unit sales behavior," Schwartz said. "Such surveillance enables the company to more effectively target oversight and thereby more effectively detect and prevent sales practice violations." Allianz implemented an operations platform for new business in its fixed annuities product line, which helped the company build in compliance requirements up-front, Schwartz said. "This system is instrumental in allowing the company to review suitability on an automated au·to·mate v. au·to·mat·ed, au·to·mat·ing, au·to·mates v.tr. 1. To convert to automatic operation: automate a factory. 2. basis for all new business because it identifies cases requiring further review and assessment based on an electronic rules engine." The company is continually con·tin·u·al adj. 1. Recurring regularly or frequently: the continual need to pay the mortgage. 2. looking for Looking for In the context of general equities, this describing a buy interest in which a dealer is asked to offer stock, often involving a capital commitment. Antithesis of in touch with. ways to enhance its systems, which could result in additional practices during 2007, she said. The Tech Stack When instituting compliance technology, "everybody starts at exactly the same place," determining the path they will take, Light said. He outlined a five-level technology stack, or five broad categories of technology that are relevant to compliance: * Solutions for monitoring the legal and regulatory environment; * Collaborative and project management solutions; * Enterprise solutions such as business process management, business rules and enterprise content management; * Core process applications that can be configured con·fig·ure tr.v. con·fig·ured, con·fig·ur·ing, con·fig·ures To design, arrange, set up, or shape with a view to specific applications or uses: or recoded to meet new regulatory requirements Regulatory requirements are part of the process of drug discovery and drug development. Regulatory requirements describe what is necessary for a new drug to be approved for marketing in any particular country. , such as underwriting Underwriting 1. The process by which investment bankers raise investment capital from investors on behalf of corporations and governments that are issuing securities (both equity and debt). 2. The process of issuing insurance policies. , policy administration, claims, and finance and accounting; and * Point solutions developed specifically to address certain laws and regulations. For instance, anti-money laundering Anti-money laundering ("AML") is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities. , e-mail and correspondence screening and retention, filing with state insurance departments, and tracking the license and application status of agents and brokers. "It's not so much best practices, but a way of sorting out types of technology and how they relate to one another," Light said. "So, all insurance companies have to be in compliance; here are the different kinds of technology they should be making use of." Solving Specific Problems Like all life companies, Hartford Life needed an anti-money-laundering initiative to track customer identities and information across numerous operating divisions, Light said. "This impacted pretty much all of the business units." Anti-money-laundering basically is a "know-your-customer" tool used to identify prospects that maybe the company should not be working with, or those that should be reported to federal agencies, he added. But Hartford Life encompasses several life companies and broker-dealers, and a mutual fund family--with some 35 administration, check disbursement DISBURSEMENT. Literally, to take money out of a purse. Figuratively, to pay out money; to expend money; and sometimes it signifies to advance money. 2. , new business and other systems--and did not want to have to address each unit separately. The system it came up with allows Hartford Life's various business units to comply with anti-money-laundering and regulations of the Office of Foreign Asset Control in a cost-efficient manner, and without significant disruption disruption /dis·rup·tion/ (dis-rup´shun) a morphologic defect resulting from the extrinsic breakdown of, or interference with, a developmental process. to their new business and customer services processes, Light said. "They built some software solutions that allowed them to be in compliance but also allowed them to get a more comprehensive understanding of their customer base," Light said. "Like a lot of companies, a classic problem is if a customer buys three products from three different divisions, each division doesn't know about the other two relationships. The anti-money-laundering project they did took them a good distance down the road to allowing that broader or more comprehensive view." Likewise, Humana was facing numerous operating and technology challenges in complying with the Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when . Yet the company was able to address those needs and improve its claim flow management, Light said. HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, regulations mandate that health-care payers receive, process and pay claims submitted in a specific electonic-data-interchange format, ASC ASC Ambulatory surgery center, see there X12. There also are several state "prompt payment" regulations requiring that claims be processed within certain specified periods, as soon as two-to-four weeks. Through growth, however, Humana had established three major claims platforms and processed claims through more than 100 provider groups and pharmacies--each with its own claims systems; each would have to be modified individually unless the company came up with an alternate plan. So, Humana created a team of business and IT people with "deep knowledge" of its major claim systems, who together came up with eHUB: a single platform that receives an electronic or paper claim in the ASC X12 format from any provider, identifies the correct Humana claims system for the claim, translates it into the correct format, and transmits it to the claims system, Light said. The eHUB has allowed Humana to be one of the first health-care payers to be in compliance with HIPAA claims provisions and facilitated compliance with the state prompt payment regulations, he said. It also provided the company with added benefits: * It gave hospitals and physicians a single view of Humana, making the company easier to do business with; * It increased the proportion of submitted claims processed straight through to payment to 71% of electronic claims and more than 50% of paper claims, reducing processing expenses and speeding payments to providers; * And it provided claims managers with a daily and hourly view of claims volumes from various sources, which allowed early detection of problems and better internal resource management and planning. "Additionally, aside from meeting legal or regulatory requirements, it enabled them to process claims more quickly, a benefit for both them and the providers," Light said. Best Practices A new interest in regulatory compliance by top company officers is one reason carriers are embracing such technology. "Five years ago, maybe one or two obscure CEOs would go to jail in a year. Today it's different," Light said. "There have been extremely well-publicized cases of 10-to-15 executives, or more, that have ended up with jail sentences jail sentence jail n → peine f de prison . This is an extreme end of the spectrum of negative consequences there are for not being in compliance. But the point is, it's really catching the attention of the executive suite." "So compliance initiatives always go near the front of the queue Pronounced "Q." A temporary holding place for data. See queuing, message queue and print queue. (programming) queue - A first-in first-out data structure used to sequence objects. Objects are added to the tail of the queue ("enqueued") and taken off the head ("dequeued"). because if that passes 'go' and you collect $200, you want to make sure you're doing it efficiently," Light said. "That's the point of the monitoring." A best practice for insurance companies would be to make sure there are ways people with responsibility in each part of the compliance cycle have the information they need, and that the flow of specific projects is monitored and controlled from tier to tier, he said. "Things don't get lost," Light said. "Someone can find out where everything is and how everything is proceeding at a given time." Another best practice would be for a company to measure its compliance efforts to understand how many resources are being used, and how efficiently. The cost of compliance specifically is not something that is often measured by insurance companies, but insurers should be looking at it as another best practice. "You cannot improve something unless you can measure it. It's an old saying that happens to be true," Light said. "One of the most important things about compliance is it's not optional." Another best practice would be for insurers to achieve operational benefits from the compliance technology used, as demonstrated by both Hartford Life and Humana, he said. Yet another would be for insurers to use an organizational focus toward compliance. "The complexity of the compliance requirements are such that you need to have one person who ultimately really understands what they are and how they fit into the role, the organizational operating environment In computing, an operating environment is the environment in which users run programs, whether in a command line interface, such as in MS-DOS or the Unix shell, or in a graphical user interface, such as in the Macintosh operating system. of the company--one person to oversee all of this," Light said. Current Efforts The creation and implementation of new compliance software technologies is ongoing. In December, Standard Retirement Services, a subsidiary of StanCorp Financial Group, launched Compliance Data Review--a new Web-based tool designed to help employers quickly and securely prepare retirement plan data for annual reporting and compliance testing. The company announced the launch in February. Other subsidiaries of the group include Standard Insurance Co. and Standard Life Insurance of New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of . CDR (1) See CD-R and extension. (2) (Call Detail Reporting) See call accounting. (3) (Common Data Rate) A standard sampling rate for digital video for 480i and 576i systems. The rate is 13.5 MHz. See ITU-R BT. affords clients easier plan management by giving them one secure location to view and update information, such as plan and participant data related to compliance testing and government filings; clients no longer need to track information on multiple spreadsheets The following is a list of spreadsheets. Freeware/open source software Online spreadsheets
n. Compliance. Noun 1. compliancy - a disposition or tendency to yield to the will of others complaisance, obligingness, compliance, deference tests, which used to take a week to check manually. The software also eliminates double entries and other possible manual errors. "This is really the law under the Internal Revenue code The Internal Revenue Code is the body of law that codifies all federal tax laws, including income, estate, gift, excise, alcohol, tobacco, and employment taxes. These laws constitute title 26 of the U.S. Code (26 U.S.C.A. § 1 et seq. . In order to gain a tax-favorable status for the employees in 401(k) plans, they need to jump through certain hoops. This is one of them," said Keith Feist feist also fice n. Chiefly Southern U.S. A small mongrel dog. [Variant of obsolete fist, short for fisting dog, from Middle English fisting, , second vice president, retirement plans administration, for Standard. "In our record-keeping system we would run some reports and validate To prove something to be sound or logical. Also to certify conformance to a standard. Contrast with "verify," which means to prove something to be correct. For example, data entry validity checking determines whether the data make sense (numbers fall within a range, numeric data the data found, then find a way to get that information to the employer in a secure manner; they would correct and send it back to us, and we would key it in," Feist said. "Now it's sent directly to a secure interface, where the employer can change data directly, then send it directly through the system to our administration system." Standard built CDR in-house as an extension of its other Web servers; CDR focuses on the annual compliance testing component "so we can quickly and accurately complete compliance tests that are required for the reporters," Feist said. This is the first technology product Standard has used expressly for compliance testing. "We really think it improves the security and accuracy of the transfer of data." Learn More Allianz Insurance Group A.M. Best Company # 70187 Distribution: Independent agents Hartford Life Insurance Co. A.M. Best Company # 06518 Distribution: Brokers, consultants, third-party administrators and trade associations Humana Group A.M. Best Company # 69866 Distribution: Agent/brokers, direct to employees, direct Standard Insurance Group A.M. Best Company # 70398 Distribution: Brokers and consultants For ratings and other financial strength information about these companies, visit www.ambest.com. Creating Compliancy The only thing insurance companies have in common is insurance--otherwise, each has its own unique business model, making compliancy efforts different for everyone, said Thomas C. O'Neil, executive director, technology, with property/casualty software purveyor (World-Wide Web) Purveyor - A World-Wide Web server for Windows NT and Windows 95 (when available). http://process.com/. E-mail: <info@process.com>. Insurity of Hartford, Conn. "We spend a lot of time looking at regulations that are promulgated prom·ul·gate tr.v. prom·ul·gat·ed, prom·ul·gat·ing, prom·ul·gates 1. To make known (a decree, for example) by public declaration; announce officially. See Synonyms at announce. 2. by various bureaus," O'Neil said. "We're monitoring regulatory bureaus for things as basic as what are their published rates? How are their premiums calculated? What policy contact confirmations are required under certain circumstances CIRCUMSTANCES, evidence. The particulars which accompany a fact. 2. The facts proved are either possible or impossible, ordinary and probable, or extraordinary and improbable, recent or ancient; they may have happened near us, or afar off; they are public or ? What disclosure notices or other types of documentation must be part of the policy?" GAB Robins Inc., a Parsippany, N.J.-based provider of loss adjusting, claims administration and risk management solutions, does the same, said Dean K. Harring, executive vice president and chief claims officer. "In the insurance marketplace, rules and regulations are complex and continually evolving, so a major challenge for insurers is staying current on requirements while adjusting their processes to ensure compliance," he said. Interdependencies are considered when designing or building a system to support the software, O'Neil said: "We really need to look at the big picture and see where things overlap, where data that's required by one body might also be usable USable is a special idea contest to transfer US American ideas into practice in Germany. USable is initiated by the German Körber-Stiftung (foundation Körber). It is doted with 150,000 Euro and awarded every two years. for somebody else." Insurers just want to be sure that the software is collecting and aggregating data in the manner regulators expect it to be reported to be spoken of; to be mentioned, whether favorably or unfavorably. See also: Report . They also want software that's compliant but not burdensome, as "unobtrusive to users as possible," O'Neil said. "Usability How easy something is to use. Both software and Web sites can be tested for usability. Considering how difficult applications are to use and Web sites are to navigate, one would wish that more designers took this seriously. See user interface and usability lab. is balanced with compliance. It's a balancing act. That's high on the list of priorities for insurance companies."
The Compliance Technology Stack
A five-level stack of technology solutions is available to insurers
as they navigate through the compliance cycle. The following table
provides a summary of each level of the stack, including the
solutions and their functionality.
Level Solution Functionality
Monitor Commercial Monitoring Track proposed and enacted laws
and regulations impacting
operations and reporting.
Trade Associations Same
Regulatory Sites Same
Manage Collaboration Facilitate information access
and workflow among compliance
monitoring and implementation
teams.
Project Management Plan and control resources,
activities, durations, usually for
implementation and deployment.
Enterprise Business Process Orchestrate workflow among
Management systems, people and data.
Business Rules Control decisions based on
specific circumstances and data.
Enterprise Content Create, use, modify and store
Management documents and other content.
Core Underwriting and Process and maintain policies,
Systems Policy Administration sometimes also providing product
development, rating, quoting and
other functions.
Claims Receive, adjust and pay claims.
Finance and Record and report financial
Accounting transactions for internal and
external use.
Point Anti-Money Laundering Know your customer and review
Solutions transactions per Patriot Act,
Office of Foreign Asset Control
requirements.
E-mail Retention Store, search and access e-mail
over specified period.
State Filing Prepare, submit and monitor filing
to state insurance departments.
Agent Appointment Record and access records of agent
and broker license status and
appointments.
Source: Celent
|
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion