Commenting on the findings, Craig Skinner, Advanced Risk and Compliance Analytics (ARCA) leader for Insurance and Investment Management at PwC, said: “The 10findings within today’s PRA’s report clearly highlight that whilst firms have made strides to comply with Solvency II requirements, many insurers are still struggling to articulate, design and implement effective controls over material data.
“Organisations are creating, collecting and storing ever increasing amounts of more and more complex data. Coupled with the complexities of the processes and using multiple - and often legacy - IT systems firms must apply ever more controls and ongoing assurance over material data in a pragmatic but rigorous manner.
“Insurers and Asset Managers must begin to think outside the box – those who treat their data as a strategic asset will find long-term commercial success and will lay the foundations for achieving Solvency II compliance as well as address a number of other regulation and legislation such as AMFID, MiFID II and DGPR.
“The General Data Privacy Regulation (GDPR) taking effect in 2018 will, on top of all the work completed to date regarding Solvency II, require firms to provide even more robust and transparent assurance over their data. With unprecedented amounts of data being collected, and with an ever changing data landscape within firms and with legislation, there is an increased likelihood that users will lack the necessary awareness of how data can be used correctly and consistently, thus risking costly data breaches and associated fines.
“Solvency II assurance must remain a continued focus for insurers and asset managers. Ensuring the quality of data used in the internal model is to be treated as the minimum requirement.
“Focusing on the fundamental requirements for Solvency II, the following areas of correctly operationalising the ‘building blocks’ for Solvency II assurance are particularly problematic for firms: namely (i) the overarching data governance framework and assessment, (ii) cross-organisational data quality reporting and associated remediation processes, and (iii) being able to design the data directory and controls such that they are effective, practical and can be leveraged to maintain the quality of material data.”
Yalini Pathy, UK insurance and investment management data governance leader at PwC, said: “The PRA findings are intrinsically linked and highlight the need for an effective data governance framework driven by bringing structure and consistency to an organisation’s approach to data.
“Firms must carefully consider a number of design principles to enable a solution is relevant and pragmatic, such that it can be successfully embedded. Specific to data quality - an evidenced, granular, system-based approach for data quality is key to ensuring data is appropriate, complete and accurate.
“Data governance, when pragmatically applied, does underpin wider commercial benefits. When data is protected and managed appropriately, there are benefits far broader than simple Solvency II compliance.
“The PRA findings complement our perspectives and experience, from supporting clients in the market, on the governance and controls that are to be applied to data used in the internal model.”
|