The outlook for insurance firms in 2019/20
29 April 2019
The FCA’s 2019/20 Business Plan raises issues for the insurance sector, in both the sector and cross-sector priorities.
Insurance companies are already operating under SMCR. All FCA regulated firms will be by the end of 2019. Whether firms are operating under the regime or not, the FCA is sending a clear message that senior management need to demonstrate effective oversight and control within the organisations they manage, and be at the forefront of driving a customer centric culture.
The 2019/20 priorities are a continuation of the FCA’s activities in the insurance sector over the past 12 months, from mis-selling enforcements, to thematic reviews. For example, in their work on the General Insurance distribution chain, the FCA highlighted two primary causes of potential harm:
- Firms having a purpose and culture with insufficient focus on customers, particularly in relation to value and customer outcomes.
- Poor governance and oversight of product design, manufacture and distribution processes and practices – both over firms’ own business activities and where these were undertaken by other parties in the distribution chain.
There is a clear expectation that firms will be considering the fairness of pricing, and the underlying value of policies to customers. Firms will need to be able to evidence this by showing active internal discussions, effective monitoring and MI and a robust product governance process.
The FCA will also be continuing their focus on distribution chains (and delegated authority). This was flagged in the recent Dear CEO letter, with the following expectations:
- All GI firms should maintain appropriate systems and controls over the remuneration they receive.
- All GI manufacturers should have sufficient knowledge of the roles and remuneration of all entities in the distribution chains they use to be able to assess the impact they have on the value customers receive.
- All GI firms must maintain appropriate systems and controls (including the production and use of appropriate management information) over their GI products and services. This includes when delegating authority to another business.
- All GI distributors should consider the impact of their distribution strategy (including the distribution method and the level of remuneration they receive) on the overall value of the product for their customers.
Across the diverse areas of product development, business strategies, commission arrangements, and remuneration policies, the unifying driver of detriment can often be distilled down to an over-focus on cash rather than customers. We explore this theme in greater depth in our recent paper ‘Financial Drivers of Conduct Risk’.
Operational Resilience within the insurance sector
The FCA (alongside the PRA and Bank of England) highlighted operational resilience as a key issue in their July 2018 discussion paper, and it continues to be a focus in the 2019/20 plans. Ensuring continuity of service, and safeguarding data integrity is a core requirement for all firms. However, operational processes within the insurance sector present particular challenges:
- A high reliance on IT – often hampered by legacy systems and internal incompatibilities
- A data driven process – containing highly sensitive customer data
- Outsourced business models – with some inadequate oversight and due diligence
- Demand fluctuations – weather events can push systems to breaking point.
It is important for all firms in the insurance sector to fully quantify the risks the face, across all spheres – internal failures (ineffective change management, and system outages), failures of external suppliers (the loss of service from a third party supplier), and the malicious actions of criminals (cyber attacks). Operational resilience is too important to be left to operations and IT. Senior management should demonstrate effective oversight, review relevant MI (uptime, capacity, near misses etc), and demonstrate they understand the issues, and have taken appropriate action.
Firms should also be very much aware that the Regulator’s response to any reported data loss will be much harsher if the organisation cannot demonstrate that GDPR has been fully adopted, and the controls are operating effectively in BAU.
Fair treatment of existing customers
While fair treatment of existing customers is a cross-sector priority, there is a clear focus on the insurance sector. This focus has been sharpened by the recent Citizens Advice super-complaint and the action by the Competition and Markets Authority. Both of these highlight the inherent problems with the business model for insurance firms – the money is made from renewal customers and the back book.
The FCA is already conducting the General Insurance Pricing Practices Market Study, which is expected to feed back interim findings in the late summer. The Regulator will also be reviewing compliance with the 2017 rule changes to increase transparency and engagement at renewal in general insurance markets.
There will also be increased scrutiny of how the pricing and product governance processes work for existing customers – in terms of product value, and also in terms of continued access to insurance. Firms will face challenges if they cannot justify their approach:
- Price escalators for renewal customers, which bear no relationship to increasing costs or risks
- Renewal customers priced or excluded out of cover
- Different methodology used for calculating premiums – particularly in the home insurance market
- The failure to apply current good practice on exclusions to back book customers
- Enhanced product benefits only available to new customers
- Variations in fees and charges.
What can firms do?
The insurance sector is a clear priority for the FCA. This is across the sector in general, and within GI in particular. From their recent Dear CEO letter, they identified ‘significant potential for harm and poor outcomes for customers arising from the product development and distribution approaches in some sectors of the GI market’. These harms include, for example, customers purchasing products that are not appropriate for them or customers paying increased prices due to remuneration paid to firms in the distribution chain who incur little cost or deliver little benefit. These potential harms are caused by firms not adequately considering the value of the products or services provided to customers, as well as failures in product design, weak oversight of the distribution chain, poorly designed distribution strategies and conflicts of interest caused by firms’ remuneration structures.’
Therefore, it is important for all firms to ensure they have their processes and controls in line with regulatory requirements – before any potential visit.
Effective product governance and good management of distribution chains is a core part of the IDD requirements, introduced last year. There will be no excuse (as far as the Regulator is concerned) for any firm who is not fully compliant with the rules. So six months after launch, now is the right time for an IDD health check to make sure the controls put in place are working properly. Both within the firm and, just as importantly, with your distribution partners.
Many brokers are still at the early stages of development of their implementation plans for SMCR. Our advice is to not to consider it just another regulatory box to tick, but look at it as a framework for enhanced business improvement and control – why would you not want to know whether you have the right people, in the right roles within your organisation? For further insights into this, brokers and intermediaries can join us on the 21st of May for our SMCR roundtable.
For firms already operating under SMCR, as with IDD, now is a good time to take a step back and assess whether the process is working as expected, and where it could be streamlined or improved.
The impression given from the FCA is that culture is an overarching principle to drive their assessment of how firms are approaching ensuring good customer outcomes, and maintaining market integrity. In this, it builds on the pre-FCA foundations of TCF, and the concepts of Conduct Risk.
It is evident that if things go wrong, the Regulator will be looking to the culture within a firm as a key factor. And if the culture is found lacking, they will be using the SMCR framework to identify who is responsible.
However, despite its importance, it is often low down on the priorities within firms. This is largely due to the fact that culture change is seen as too intangible, to complicated, too costly. The cost and complexity issues are not helped by people’s experience of all those grandiose cultural transformation projects which over promised and under delivered, because they attempt to impose culture from 30,000ft, detached from the reality of the firm.
Successful change programmes see culture for what it is – another lever to pull (albeit a crucial one). It is a force multiplier for control, a mitigator for risks. By embedding culture within the overall control framework, firms can make the intangible tangible, and build positive norms and values which are aligned to clear objectives.