Job automation has shaped cultures and economies since
before the agricultural revolution, throughout industrial revolutions and into
the current digital age. The insurance industry is not immune, with automation
and innovation continuing to drive the scope for significant change.
Traditional automation has been transformative in automating simple, repeatable tasks in back-end processes. Robotic process automation (RPA) combined with artificial intelligence and machine learning capabilities can be, and are being, used to automate high volume and high frequency tasks that have traditionally required human intervention.
In this paper, Milliman’s George Barrett, Claire Booth and Tanya Hayward discuss how automation has affected—and will affect—the nature of insurance companies’ processes and the nature of their clients’ needs. They cover numerous examples of how automation and RPA are transforming the way insurance companies operate and discuss the impact of job automation on insurers.
As part of a holistic digital transformation, insurance and reinsurance companies can enhance their businesses by adopting cloud services. With that scope in mind, the European Insurance and Occupational Pensions Authority (EIOPA) recently published a consultation paper providing guidelines for insurers outsourcing to cloud service providers. These guidelines will affect all outsourcing arrangements entered into or amended on or after 1 July 2020.
In the paper “EIOPA’s guidance on cloud outsourcing,” Milliman consultants explore the implications for firms and discuss some relevant information technology (IT) considerations. The paper also provides a checklist of the steps firms need to consider before, during, and after engaging in an agreement with a cloud service provider.
Advances in technology have enabled insurers to operate in a dynamic digital world. However, a reliance on technology, cloud-based platforms, outsourcing, and remote working increases a firm’s vulnerability to operational risks. This interconnected system allows risks to spread and increases exposure to single points of failure. This environment has caused a surge in the number of cyberattacks.
As a response, operational resilience has become a focal point for regulators in Europe. Multiple regulatory and industry bodies have recently released discussion and consultation papers on the topic. Operational resilience refers to the ability of firms to prevent, respond, recover and learn from operational disruptions.
In this paper, Milliman consultants discuss the regulatory landscape related to the issue. They also offer several steps firms can take to improve their operational resilience.
This analysis by Milliman consultants compares information provided in Quantitative Reporting Templates (QRTs) and Solvency and Financial Condition Reports (SFCRs) and draws conclusions about the balance sheets and risk exposures of 15 UK private medical insurance and health cash plan providers. The analysis also highlights noteworthy trends between the 2017 and 2018 publications.
Under Solvency II, European insurers are required to publish their Solvency and Financial Condition Reports (SFCRs). Two sets of SFCRs have been published, with the first publication for most entities occurring in May 2017 and the second one in May 2018.
The SFCRs contain a significant amount of information including details of the company’s performance over the reporting period, system of governance, risk profile, valuation basis and capital requirements. In addition, the SFCRs include a number of Quantitative Reporting Templates (QRTs) providing details of the company’s financial position under Solvency II.
This analysis by Milliman consultants compares information provided in the QRTs and SFCRs and draws conclusions about the balance sheets and risk exposures of European health insurers. It also highlights substantial trends between the 2017 and 2018 publications.
In May, the new General Data Protection Regulation (GDPR) was issued. The GDPR strengthens rules regarding the way in which companies use data and should enable individuals to have a greater level of control over what companies do with their personal data.
The GDPR is applicable across the European Union, and as such all UK companies should currently be complying with the regulation. There have been many papers about the legal aspects of the GDPR. But few papers have covered the practical realm of how to design a risk management framework that insurance companies can use for the GDPR and data protection risk analysis.
Data protection is important to all types of businesses:
• Collecting, sorting and analysing data is unavoidable, whether it involves handling policyholder data directly or collecting personal data of a company’s employees or clients.
• There is a high price to pay for any error or breach of data, both in terms of direct remedial costs such as regulatory fines and additional staff, or ongoing reputational consequences which damage ongoing business performance.
In this paper, Milliman’s Claire Booth, Tanya Hayward and Peter Moore walk through the high-level requirements of the GDPR and also detail specific considerations on the implementation steps. They provide an overview of the new GDPR rules, discuss the aspects that firms should consider in light of these changes and explore the implications of the GDPR for a firm’s risk management framework.