IFRS 17 turns focus to insurance providers
While many FIs are still struggling with IFRS 9 compliance, the new regulations may make for an even more daunting task
By Darryl Ivan, National Practice Lead, Risk Management at SAS, and Mahdi Amri, Partner at Deloitte, Nat D’Ercole, Partner at Deloitte
With the dust not even settled from the effort to comply with wide-ranging regulations governing the banking industry, a new challenge is on the horizon for insurance providers.
International Financial Reporting Standard (IFRS) 9 demanded banks and financial institutions meet a new set of standards for reporting, creating a whole new burden of governance and controls—and a huge change in the IT infrastructure that supports it. Canada’s largest banks are still struggling with the far-reaching impact on systems and business processes of IFRS 9, and face a November 2017 deadline for implementing the regulatory changes—with limited functionality in the solutions they have built.
If anything, IFRS 17, which targets insurance providers, presents an even more daunting task. Requiring a significant overhaul of financial systems and processes, IFRS 17 dwarves IFRS 9 in terms of technology spend, and could carry a one-time 10 to 20% hit to profitability.
IFRS 17 may have been approved by the International Accounting Standards Board (IASB) in May 2017, but it’s been almost two decades in the making, first appearing on the IASB agenda in 2001. Effective January 1, 2023 (with required prior-year comparative reporting) IFRS 17 replaces IFRS 4 as the accounting standard for the insurance industry. Exacerbating the problem is that insurers also have to comply with IFRS 9. Both impact an insurer’s net income and capital. Many insures don’t believe the deadline leaves adequate lead time.
What's IFRS 17 about?
The objective of IFRS 17 is to ensure that financial information provided by an insurance provider is relevant, and faithfully reflects the impact of insurance contracts on the issuer’s financial position, financial performance, and cash flow. The standard applies to insurance contracts, reinsurance contracts, and discretionary investment contracts (if the entity in question also issues insurance contracts). IFRS 17 lays out the principles concerning the recognition, measurement, presentation and reporting of such contracts. This will increase the comparability and transparency of industry reporting across the globe.
Like any regulation, the details are myriad, and beyond the scope of this article. (For more information, check out this information page. In a more general sense, insurance providers should be aware that:
* Reporting of contracts will have to be more granular. IFRS 17 requires entities to identify portfolios of insurance contracts, which comprise contracts that are subject to similar risks and are managed together. Each portfolio of insurance contracts issued shall be divided into a minimum of three groups:
- A group of contracts that are onerous at initial recognition, if any;
- A group of contracts that at initial recognition have no significant possibility of becoming onerous subsequently, if any; and
- A group of the remaining contracts in the portfolio, if any.
* That applies to existing past contracts as well. Data will have to be remodeled to accommodate the new standard, unless that’s deemed impractical by the IASB. In that case, entities can use a modified retrospective approach requiring only the only the reasonable and supportable data that can be retrieved without undue cost and effort, or a fair value approach, which determines the contractual service margin (CSM) as the difference between the fair value of a group of contracts and its fulfillment cash flows (FCF) on the date of the transition.
* All provisions under IFRS 9 apply to the asset side of the balance sheet (whereas IFRS 17 applies to the liability side). IFRS 9 becomes effective for insurance companies in 2023 aligning with IFRS 17.
Learning from other major IFRS implementaitons
IFRS 17 is the biggest reporting change for the industry in 20 years, and for European insurers it comes hot on the heels of the already disruptive (and expensive) Solvency II reporting requirements. It’s a tall order, but insurers have an advantage: They can draw on the lessons learned by banks and financial institutions in the implementation of IFRS 9.
As an example, IFRS 9 called for wholesale changes in the financial reporting of FIs in the wake of the credit meltdown of 2008. Instead of forecasting losses for a one-year window, FIs must now forecast losses over the life of the loan, requiring different risk modeling; they must take into account longer term macro-economic scenarios; and must calculate risk at the transaction level, not the portfolio level.
IFRS 17, while arguably a bigger proposition (at least for insurers), has much in common with IFRS 9 in a general sense.
* It’s easy to underestimate the scope of the task. While on the surface it may look like a straightforward series of procedural changes, once you’ve opened the can of worms, it becomes clear that there’s a lot more to it. Regulations are very specific, applying across business and technology disciplines. Waiting too long to start the compliance program or understaffing the resources devoted to IT and business change management is a recipe for a non-compliance disaster.
* It’s a Big Data problem. This granularity and frequency of reporting requirements demand exponentially more data collection and processing. Just consider the amount of data remodeling and extrapolation required to enable the reporting of past contracts; that’s not even the tip of the Big Data iceberg. New technological approaches to the collection, storage, processing, management and analysis of data will have to be harnessed.
* Know your operational systems, business rules and data. Profiling operational data will not uncover all the known front end and back-end business rules that are applied to process contracts. Review existing operational guides, interview and shadow client service managers who interact with customers and enter, modify and update contracts. This will help you understand how use cases are processed and how the data presents itself in the underlying system.
* SOX controls and control frameworks. Ingesting operational source data and positioning it for the IFRS engines needs to comply with the organization’s SOX controls. Don’t under-estimate the effort to design and build underlying reconciliations between the IFRS solution and operational systems.
* Test early and test often. The earlier you test use cases using real production data the better. Start by finding specific high-volume use cases in the data (known as fishing for a data set). Then move outwards to edge cases and keep materiality in mind. Often times, the cost of testing edge use cases is not worth the cost.
* Error handling and Error Management. Plan to design error handling into your IFRS solution. Error handling will identify missing attributes or non-conformance to IFRS data preparation business rules in processing operational data for the IFRS engines. Once error are logged in the IFRS solution, you should have a plan to resolve errors. This can be achieved by processing high volumes of data, triggering errors codes, grouping parent and child errors, analyzing the underlying root causes of each error code, and designing and testing methods to resolve the errors successfully.
* Plan to build a cross-functional team to support IFRS solutions. IFRS cuts across the operational and financial systems of the organization. Dedicate functional and technical resources, define new roles and enable resources to learn the new solution and processes by being actively contributing to implementation outcomes.
* While IFRS 17 and IFRS 9 are accounting standards, they represent a convergence across finance, risk and actuarial disciplines, with support from IT. No one system is capable of managing the new regime for reporting. A holistic approach will have to be taken; just as the regulations cross business disciplines, they must involve the corresponding IT infrastructures.
Not a system, but an ecosystem
Architecturally, there’s a difference between a system, wherein processes are centralized for distribution to other subsystems, and an ecosystem. Think of it this way: The former is FedEx. Packages are dropped off at various locations, sent to a hub, and then distributed to delivery locations. Packages come from all over, but everything goes through Memphis. In an ecosystem, trees, plants, climate, bodies of water, animals, etc., function independently yet interdependently.
Likewise, in the IFRS 17-compliant organization, data collection, storage, processing, management, applications, reporting, etc., contribute to providing an accurate, relevant picture of the financial status of an organization. In a similar vein, compliance is a program rather than a series of projects of limited departmental scope. It crosses myriad disciplines—actuarial, accounting, reporting, governance, and more. To prepare for IFRS 17, companies must envision what this ecosystem looks like to them.
Beyond compliance: seizing the opportunity
So far, IFRS 17 compliance may seem like a pit into which time, resources, money and organizational focus are thrown, with no return on investment aside from staying on the right side of the regulators. But most organizations will recognize an opportunity. An IFRS compliance program can be a catalyst for changes that will improve operational excellence.
* The increased granularity of data collection and management affords better pricing analytics for contracts and improved CSM.
* It’s a chance to review the existing business/IT platform to better accommodate existing business processes and maintain the flexibility to build new ones. By the same token, this openness of platform can leave an organization better prepared for future rounds of regulatory changes.
* Envisioning the IFRS-compliant ecosystems is an opportunity to revisit the company’s strategic vision. Where can we optimize resources? What service improvements can we offer? What new lines of business might be facilitated by the new platform?
Becoming IFRS 17 compliant is an onerous undertaking. But companies can ease the implementation effort and maximize return on a mandated investment by adhering to a few guiding principles.
* Don’t underestimate the enormity of the task. Start as soon as possible, dedicate the required resources to the effort, and set milestones to help monitor progress—and ring alarm bells when they’re not being met.
* Align your capabilities with the regulations. Chances are you’ll need a lot more modeling, data management, reporting and governance capabilities than your existing platform provides.
* Leverage the technology investments made for IFRS 9 to help become IFRS 17-compliant. An open, holistic approach lays the groundwork the response to future regulatory changes.
* Remember, it’s an ecosystem. Envision what that ecosystem looks like in your business. Take the opportunity to apply that vision to your broader corporate strategy and build an infrastructure that accommodates regulations and business processes of today, while being open to those of the future.
Darryl Ivan is National Lead Risk Management SAS Canada. In his role Darryl works with financial institutions to advise on Financial and Risk Management solutions. With over 15 years of risk management experience, Darryl has extensive knowledge designing and implementing risk management capabilities in the financial services sector.
Mahdi Amri is a Partner in Deloitte’s Strategic Analytics and Modeling practice. In his role, he is responsible for building and developing Data and Analytics talent, market profile and differentiation and, most importantly, driving revenue growth for all Deloitte Analytic Services businesses.
Nat D’Ercole is a Partner in Deloitte’s Analytics and Information Management practice. He has led large IFRS programs and has advised clients in their IFRS transformations. He is also the technology lead for Deloitte’s IFRS 17 solution offerings.