Insurance compliance has seen a steady increase in the demands for information, whether approval information, licensing and appointments, complaint handling, payment of proceeds, etc.— the list is just about endless. Records management has become essential for the compliance office.
A recent posting on the Society of Corporate Compliance and Ethics website was interesting because it highlights the importance of document management as distinct from records management. That distinction is key for compliance. It is not only tracking the record itself, but also tracking the content of the document and any responsibilities flowing from the content that will be the difference between compliance and noncompliance in today’s world. The discussion at SCCE was not specific to insurance compliance, but it was certainly relevant.
The posting on March 5, by Eric Newman, Esq., Social Media Manager for SCCE stated: “documents provide the evidence of business transactions and decisions, but it’s the data contained in the documents that drives the decisions and regulatory filings and reports…even with the best document management program, compliance officers can only retrieve a document and must then manually mine the document for data.”
That is a challenge many of our clients have faced with recent regulatory inquiries and we expect the future will bring more such demands for information – not the document itself, but the consistency of the company’s conduct with the content of the document. The recent inquiries by the Minnesota Insurance Department and Attorney General, on the issue of unclaimed property, was an example of a regulator’s general request wanting an analysis of policies and procedures that were in place and the actual business practices that flowed from them. It was not enough to pull out the document that laid out the policy; they wanted to know how it was implemented on an ongoing basis. They wanted a discussion of the substance of the documents, not just a reference to the documents themselves. That makes sense from a regulators perspective, but from compliance perspective, it poses tremendous challenges.
Managing the content of documents and ensuring that across the enterprise is no easy task. Each document, contract, or agreement has to be reviewed for content that may need to be tracked. Only automation can feasibly make that content retrievable. Who is responsible for that review and tracking? Historically that is something that has rarely been done in any comprehensive or centralized way, but more and more it is becoming essential. When the law department reviews a new policy, procedure, or agreement, do they then hand off the document to an internal or external resource to review for deadlines, renewal dates, reporting markers, and other obligations and then enter those into a system that can track them? Or is each business unit on their own to keep track of those obligations as well as their other day-to-day work? If the later, we have found that makes responding to regulator inquiries much more difficult and time consuming.
We all know that things often don’t get done when we wait for the time to do them when little else is going on. We are all pulled in too many directions for that approach to work for critical compliance issues. The regulatory and business climate changes daily, but often the systems used for compliance have been in place for many years and have been updated only on an ad hoc basis. This is an area that will be increasingly more important for compliance and we urge you to look at the degree to which your company has control over the content of your documents.
Cailie A. Currin, JD
Jonathan Young, of Counsel