Insuranceciooutlook

2021 Digital Transformations: Operation Risk Is Top-of-Mind

Art Nazzaro, Principal, FS.AIArt Nazzaro, Principal,FS.AI
Operational Risk Management is at the top of mind in the Insurance industry as we enter 2021. Accelerating the need to mature this enterprise program are concurrent mandates: 1) to create greater data transparency and accountability; 2) to measure and validate operational resilience; 3) to evaluate the impact of new forms of technology, digital products, and customer engagement.

Here are the Top 10 Trends observed by FinservAI Teams for 2021:

1) Operational Risk Management (ORM)

Driven by the need to address exposures during rapid change while reducing operating costs and addressing changing industry compliance standards and regulations, it's time to put ORM at the top of the list. In this challenging environment, identifying operating issues in the insurance enterprise requires understanding underlying transformations and trends to mitigate inherent risks.

2) Cyber & Information Security (SASE)

Secure Access Service Edge (SASE) is an emerging enterprise strategy that combines network and security functions with wide area network capabilities to support today's organizations' dynamic, secure access needs. SASE converges SD-WAN and network security services—and includes next-generation firewall (NGFW), secure web gateway (SWG), Zero-trust network access (ZTNA), and cloud access security brokers (CASB)—into a single service model.

3) Financial Model Retraining

More Transparent methods through-out the lifecycle are needed to build more cooperative adaptive processes between Actuary, Investments, Underwriting, Finance & Accounting to accommodate resilient risk models in all areas. An AI Lab can discover interdependent processes, sub-processes, and workflow and inform a standard data model building an agreed-upon knowledge map. Then, utilizing predictable algorithms and machine learning, models are adapted and retrained.

4) Financial Close Automation

Insurance Quarterly (Closing) presents inherent risks where there are many implicit controls, except in the accounting process, many explicit but manual controls exist.
Given the Industry Guidelines and Regulations' direction, the demand now exists for greater data transparency, digitalization, and the formation of more explicit controls throughout the closing process. This automation needs to occur across the silos: Actuarial, Investment & Accounting. The Controller/CFO and internal and external Auditors will begin to bear the brunt of advancing this requirement in the formulation, finalization, and audit of financial statements and regulator reporting, e.g., IFRS 17/9; 2018-12 ASU.

5) Digital Risk Products

Beyond a single GRC platform, this approach develops and deploys products that build upon common data sets which serve to provide timely insights across governance, risk, and compliance regimens to bring to life monitoring, validation, and reporting of previously siloed information, to manage and support enterprise-wide risk automation and actionable integrated risk dashboards.

6) Distributed (Hybrid) Cloud

Successful Cloud-first strategies are firmly positioned in hybrid deployments that include both on-premises and cloud-based elements that can behave like a private cloud to address data consistency and information security and customer privacy data concerns. Enterprise Hybrid Cloud Production ends the debate of public v private cloud and can extend on-site, full-stack containers into native cloud provider architectures.

7) Third-Party Management (TPKRIs)

The aggregated product and services vendor supply chain needs to be evaluated and scored regularly, informed by their domain offering's categorical risk imperatives and internal and external background and historical performance data.

8) AI/ML System

NIST, ISO, ITIL compliant processes and their supporting BPM, PaaS and utility SaaS technologies will need to ingest more data; map more processes and systems; integrate more monitoring; test and validate more end to end workflows and operationalize model governance to meet the internal & external policies and standards,.

9) Real-Time Event-Driven Data

Stale data or intermittent time-stamped data will no longer suffice to support corporate risk mandates to perform mark to market valuation, update decision models in light of rapidly changing incidents and crises or perform internal or external audits of critical processes. Data derived from Event Logs and the creation of thresholds and trigger actions can drive a data governance function that assures consistency and accuracy.

10) Cognitive Process Automation

RPA that picks off iterative repeatable tasks and automates the ingestion and processing of previously manual tasks differs from Cognitive (Process) Automation that seeks to augment human cognition through pre-trained automation capabilities that can support, be supervised, and or provide shared autonomous learning.
Share this Article:
Top 10 Risk Management Solution Companies - 2020