[Skip to content]

Sign up for our daily newsletter
The Actuary The magazine of the Institute & Faculty of Actuaries

A platform for risk management

Recent changes in the socio-economic environment and investment conditions have brought new risks and challenges to the insurance market. Recently the Association of British Insurers announced a record high for attempted fraud in 2009, with 122,000 detected fraudulent claims worth £840 million — fraud ultimately affecting policyholders through higher premiums. Another front-page story related to the billions of pounds that Equitable Life customers lost and for which they will not get compensated.

These two examples alone show that risk mitigation has become a key business factor for any insurer. In line with this, insurance companies have to comply with an increasing number of regulations — including, most recently, Solvency II — spanning different geographic regions, business sectors and service levels. Better control of internal processes is required to enforce regulations, ensure capital adequacy and mitigate overall operational risks.

Traditionally, risk management and compliance have been predominantly manually based processes within the insurance industry. In the past, the response to new market challenges and regulations has often been to increase manpower and manually implement new rules, processes and compliance requirements.

However, the lack of agility, auditability and control that invariably comes with manual processes, and the move towards integrated risk management — which includes looking at capital adequacy, sanctions compliance, know-your-customer compliance through to implementing anti-fraud measures — now means that insurance companies are increasingly evaluating technology solutions to manage their complex risk-based compliance and antifraud requirements.

There is no ‘silver bullet’ solution to managing all risk processes within an organisation, but there are technology platforms that allow for specialisation by risk and regulatory requirements without replacing existing back-end systems. A business process management (BPM) solution can provide an over-arching technology that overlays and integrates with existing applications, maximising previous technology investments. This brings together an automated system of data capture with the application of business rules and intelligence for specialised risk processes ensuring transparency and efficiency.

It lets insurance companies directly translate business objectives and best practices into a rules engine. With no need for help from the IT department, business users can set up rule-driven policies and procedures to drive decision-making and the administration of best practices. This allows consistent application of compliance and regulations across the organisation with specialisation by risk type, and brings with it improved control of work processes that initiate risk mitigation or remediation activities where appropriate.

Increased transparency, control and auditability
A BPM system automatically puts a time and date stamp on each action performed and every rule used within the system. This provides maximum transparency with fully auditable processes through unified policies and procedures, automatic alerts and transparent, real-time dashboard reporting that gives a comprehensive view of risk controls within the system to further increase the effectiveness of compliance processes, and lets business users and management assess and manage changes in risks as they occur.

The application of intelligence within automated BPM technologies enables insurers to fine-tune risk profiling. The BPM system presents a much more comprehensive picture of each customer and their activity, with dynamic risk rating based on pre-defined rules provided automatically in real-time based on pre-defined criteria. It gives a helicopter view of each customer’s activities and transaction histories across several policies and accounts they may hold as opposed to a siloed view providing a customer view of risk versus a policy or account view. This means a greater level of protection, both in terms of compliance and commercial risk.

Aside from serving as a risk-management backbone and increasing transparency and control within the organisation, a BPM solution also increases operational efficiency by automating and supporting processes such as underwriting, claims management and customer on-boarding. Regulatory and business requirements can be applied to every business process in line with the organisation’s risk-management strategy, so individual steps cannot be accidentally missed or sidestepped in undertaking the necessary due diligence.

Increased intelligence provided by a BPM solution further helps manage risks, especially when it comes to confirming the legitimacy of an account or transaction. For example, when processing a new or existing customer application, the system automatically checks the application against similar existing and related accounts. It gathers and validates risk data in real-time at the point of sale or change, and calculates risk rating automatically, so the riskmanagement professional does not have to collect information from a range of disparate systems and assess risk manually.

Risk management has come to the forefront of insurers’ and regulators’ agendas, and the right technology platform can take some of the pressure off the insurance organisation. An important point when considering a BPM solution is how flexible it is in adapting to new requirements. With ever-changing regulatory imperatives and risk circumstances, the proof of value of any technology platform is ultimately how quickly and easily it adapts to allow insurers to stay on top of a comprehensive riskmanagement strategy.


Reetu Khosla is a director of risk, fraud and compliance solutions at Pegasystems