Compliance Programs, Policies, and Procedures
“For heaven’s sake, don’t adopt policies that you’re not going to implement,” she said. “Make sure you know who should do what and that they’re doing it.” So concludes a February 5, 2012 piece written by Mark Schoeff, Jr. in InvestmentNews titled “SEC targets compliance.” The quote is attributed to Rosalind Tyson, director of the SEC’s Los Angeles office.
Ms. Tyson also suggests that firms’ core business activities should be the basis for the compliance programs they design and implement. The same holds true for insurance compliance departments.
As a qualified independent assessor under IMSA, part of what we did was to look at exactly these issues at life insurance companies. Since the demise of IMSA, there isn’t a formal process for life insurers to evaluate these issues independent of a market conduct exam. Based on what we are seeing, some of the processes and procedures that were put into place as a result of IMSA assessments are at risk for triggering the concern raised by Ms. Tyson in the context of broker/dealers.
As we get further and further away from those assessments, who is monitoring what happens to those processes and procedures as there is evolution of the business and changes to the practices? Many of the IMSA assessments pre-date the recession and many companies have cut significant numbers of jobs since then. Do the policies and procedures that are on the books and assigned to specific positions still work with the remaining jobs at these companies. We often find they do not.
The companies we work with have a clear commitment to compliance. However, time can be the enemy of a compliance office. With time comes change, while we also have less and less time these days to do those things that need to be done. As we all try to keep up with fewer and fewer resources, making sure that policies and procedures reflect the current structure and core business activities of our companies can get put off and put off under the increasing demands.
InvestmentNews put out the warning to firms that the SEC is targeting compliance and I think the same can be said of Insurance Departments for insurers and producers. Compliance is not glamorous, but ignore it at your peril.