Compliance vs. cybersecurity: Insurers face competing priorities
Over the next 12 months insurers will face competing priorities for resources and time, with cybersecurity preparedness challenging overall regulatory compliance readiness, according to Wolters Kluwer Financial Services.
Sixty percent of insurance professionals surveyed said cybersecurity will receive escalated priority at their organization, followed by regulatory risk at 42 percent.
However, more than 60 percent of insurance professionals are concerned about their organization’s ability to stay informed of changing laws (62 percent) and maintaining compliance with changing regulations (61 percent).
The Indicator Score, the measure of regulatory complexity and the compliance and risk management challenges facing insurers, dipped slightly below its baseline of 100 this year to 97 amid a heightened regulatory environment. This score is the result of steady regulatory activity and enforcement actions, a decline in the overall amount of fines issued, along with reduced investment in compliance staff and technologies over the last 12 months.
Based on the survey’s results, senior insurance executives understand the compliance challenges facing their organizations. More than 70 percent said they are concerned about their organization’s ability to track and meet the compliance standards of changing regulations. But surprisingly, only 26 percent of insurance professionals said their organization had made investments in compliance staff in the last 12 months. Twenty-seven percent said their organization had made investments in compliance technology for the same time period.
“In the last year, regulatory changes have increased 14 percent and enforcement actions remained steady at over 800,” said Kathy Donovan, senior compliance counsel at Wolters Kluwer Financial Services. “There was a decline in assessed financial penalties during the same period. But overall regulatory activity remains high and insurers need to continue investing in their governance, risk and compliance programs to strengthen their compliance efforts.”
The silver lining for the insurance industry is that less than half (48 percent) of insurance professionals are concerned about their ability to invest in new compliance technologies. The majority of insurance professionals believe they have access to the budget required to address their compliance concerns.
“Maintaining compliance in today’s complex regulatory environment requires a continuous investment in compliance staff and technologies,” said Donovan. “Compliance management, like cybersecurity, is a cyclical process. Once a cybersecurity threat is resolved, another threat emerges. Today’s regulatory environment is also continually evolving and requires proactive diligence and planning to stay ahead of new requirements and mitigate negative outcomes from market regulation actions.”