A January 8, 2015 article by Ben DiPietro in the Risk and Compliance section of the Wall Street Journal reported on a PwC survey of compliance in the insurance industry. 86% of insurance executives responding to the survey reported having a chief compliance officer and 88% indicated that they expect to increase spending on compliance in the short term. The article specifically points to products that are increasingly complex as one of the reasons that there is a need for more compliance resources and attention.
I am a process person – one of those people who thinks how one does something is as important as what someone does. So I pay a lot of attention to where compliance lives within insurance organizations and on what that means for the compliance role and compliance outcomes. The PwC survey itself says:
Somewhat surprisingly, the stature of the CCO/HoC in the insurance sector lags behind that of the overall population. Only 20% of those in the insurance sector said their CCO/HoC was a C-suite-level position, compared with 26% overall. In line with overall respondents, 79% of insurance companies indicated that the position was a vice president or higher-level position. Contrary to what we’re seeing in many other highly regulated industries, CCOs in the insurance sector are still reporting predominantly to the general counsel (49%); only 34% report directly to the CEO or board of directors. To continue elevating the influence of CCO/HoC as environments keep on increasing in complexity, insurance companies may wish to reconsider the position’s level and its reporting relationship (Page 2).
Another important “process” issue is that 65% of responding organizations report that they have a compliance committee, up from 52% in 2013 (PwC, Page 9). There is a fairly wide range of members of the compliance committees and it is worth looking at the breakdown on page 10 for the details. Some notable changes from 2013 to 2014 include: Internal audit representation on compliance committees increased from 52% in 2013 to 69% in 2014; sales and marketing representation decreased from 35% in 2013 all the way down to 18% a year later; investor relations dropped from 13% to 4% between the two years; and, finally, information technology, not surprisingly, increased. But what I found very interesting is that even after the increase in 2014, only 33% of companies reported that IT sits on the Compliance Committee. In 2013, 26% of companies reporting said that IT had a seat at the compliance committee table. I believe we will see a dramatic increase in 2015. If I had to guess I would think that the jump for the current year would bring that figure to well over the 50% mark.
The issues that are of concern to respondents appear to be bunching up a bit with what may be more issues competing for compliance attention (PwC, Page 15). In 2013, 71% of respondents cited insurance-industry specific regulations as one of their three top concerns as perceived level of risk to their business, while that number was down to 48% in 2014. That seems like a huge drop. Privacy and confidentiality also fell out of the top three for some respondents, being at 59% in 2013 and only 48% in 2014 (note, however, that in 2014, privacy and confidentiality was the most frequently cited for a top three compliance concern). The increases in 2014 appear to represent new risk concerns. Risk areas in 2014 that did not make the list at all in 2013 include: social media, supplier compliance, ethical sourcing and import-export.