With the implementation of Solvency II, all insurers and reinsurers across Europe will be required to demonstrate that the data feeding their technical provisions (claims reserves to you and me), meets high quality standards. So, firms are bracing for a Sherlock Holmes level inquiry into their data and data quality.
For example, those firms wishing to receive approval to calculate their Solvency Capital Requirement (SCR) using an Internal Capital Model will need to provide evidence that their data is “accurate, complete and appropriate”. For the EU financial regulators to give this approval – and to feel comfortable about the firm’s data quality standards – regulators will need to perform a type of data audit.
“Oh! A mystery is it?”
Before looking at what a Data Audit will focus on, it helps to understand why there is so much attention on data. In a nutshell, it comes down to the saying, “rubbish in, equals rubbish out.” With the sheer volume of data flowing into a complex statistical capital model, it is extremely important that the data is most definitely not rubbish. And the types of data that will be under the magnifying glass include market, credit, policy and claims data; mortality rates and accident rates.
It’s also worth remembering that financial regulators were heavily criticised for approving the banks’ capital and risk models that played no small part in the recent banking crisis. Regulators don’t want that to happen again with the insurance industry.
So, given the number and diversity of checks required to achieve Internal Model Approval [the Financial Services Authority (FSA) has outlined approximately 300 requirements], how can the regulators possibly hope to complete all of the Data Audit checks for all of the models to be approved? The answer lies in two phrases, Proportionality and Self-Assessment.
“The science of deduction”
In the UK, the FSA has outlined three levels of review:
- Self-assessment. This means the firm has to challenge itself as to whether it justifiably meets the required standards.
- Independent review. This review could be completed by an internal audit function or external audit company.
- Audit by regulator. This audit could be performed by the regulator if it requires greater assurance than can be achieved by the other review types.
It is likely that all firms will need to do the first, and most will need to engage in the second level of review, with just the biggest and most economically impactful models receiving the full regulatory scrutiny. Of course, there will be different approaches across the EU states with some regulators only having a very small number of models to review or where those regulators lack skilled staff.
Data audits will begin during the phase known as the Internal Model Approval Process. (In some EU states this has begun already.) But for those firms seeking to have their internal models approved before the go-live date (currently proposed as Jan. 1, 2014), the regulators will need to have conducted the reviews during the next 12 – 14 months and give written approval by Dec. 31, 2013. Regulators will then have an ongoing duty to conduct reviews as part of the Supervisory Review Process. This means that insurance firms will need to maintain their focus on data quality and embed these improved systems and processes into their day-to-day activities.
“… a tall man, left-handed, limps with the right leg …”
Of course, this means that those firms that are already focused on data quality will be the best prepared for the Data Audit. And those that can demonstrate the highest levels of evidence and understanding may well benefit from a lower level of regulatory scrutiny. Inevitably, these efforts will result in firms looking to technology to help them achieve their own self-assessments over their data quality systems and controls. So when asked “How on earth did you achieve such high standards of data quality…”, the successful firms will confidently reply, “Why, it was elementary my dear ….”
In this free white paper, Data Management and Solvency II: A Critical Partnership, you’ll find more information to help you plan for Solvency II compliance. Download it today.