19/10/2012. How do you monitor. (...And why should you?) CAS Annual Meeting - Henry Jupe



Similar documents
2012 US Insurance ERM & ORSA Survey Key results and findings

Regulatory Process for Reviewing Hurricane Models and use in Florida Rate Filings

R-3: What Makes a Good Rate Filing?

Extended Warranty, Availability, Power Guarantee, Design defect: How to Develop and Price the Alternative Energy Opportunities

DATA AUDIT: Scope and Content

Solvency II Data audit report guidance. March 2012

Lloyd s Managing Agents FSA Solvency II Data Audit

UBI-5: Usage-Based Insurance from a Regulatory Perspective

Compliance & Internal Audit Collaboration

New supervisory guidance on model Overview, analysis, and next steps

EIOPACP 13/011. Guidelines on PreApplication of Internal Models

UK Corporate Governance Code: Raising the bar on risk management Why this is not business as usual and what you need to do to comply

Auditing Standard 5- Effective and Efficient SOX Compliance

Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP

IAIS Insurance Core Principle 16

IFRS 15: Implementation challenges

Antitrust Notice 9/9/2013. Captive Insurance: Another View. Session Overview. Scott Anderson, Senior Vice President and Actuary, Gross Consulting

Efficiency and transparency Jaguar Land Rover

Insurance Guidance Note No. 14 System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive

Munich Re INSURANCE AND REINSURANCE. May 6 & 7, 2010 Dave Clark Munich Reinsurance America, Inc 4/26/2010 1

Central Bank of Ireland Guidelines on Preparing for Solvency II Pre-application for Internal Models

How To Manage Social Media Risk

Consulting in Procurement April 2015

Solvency II Detailed guidance notes

Navigating the Regulatory Maze. AIFMD Impact on Service Providers

The IRS Is Knocking Are You Ready?

Circular CSSF 12/552 on Central Administration, Internal Governance and Risk Management December 2012

COSO 2013 Internal Control Integrated Framework FRED J. PETERSON, PARTNER MOSS ADAMS LLP

Reserving for loyalty rewards programs Part I

Access Governance. Delivering value. What you gain. Putting a project back on track for success

Solvency II overview

Data Visualization Techniques and Practices Introduction to GIS Technology

Anti-Trust Notice. Agenda. Three-Level Pricing Architect. Personal Lines Pricing. Commercial Lines Pricing. Conclusions Q&A

Antitrust Notice. Overview. Massachusetts Personal Auto Insurance. Why make change? Challenges of change. Unique features of the Plan.

Southern California Casualty Actuarial Club Casualty Actuarial Society 2015 Spring Meeting

Commercial insurance: cyclicality and opportunity on the road to 2020 January 2016

Data analytics Delivering intelligence in the moment

Shared Service Center Mehr als eine Standortbestimmung Tag der Beratung 7. Juni 2011

The Board Agenda - What boards should be discussing. Corporate Governance Network

Oklahoma and Its Option

4th Annual ISACA Kettle Moraine Spring Symposium

Reserving for loyalty rewards programs Part III

Solvency II for Beginners

Proving its worth Audience measurement and advertising effectiveness

Managing the Shadow Cloud

Casualty Actuarial Society

The promise and pitfalls of cyber insurance January 2016

California Jury Awards Family of Brain-damaged Boy $12.1Million

Understanding ERP Architectures, Security and Risk Brandon Sprankle PwC Partner March 2015

Solvency II data requirements Raising the Bar

Industry Briefing on Central Bank Guidelines on Preparing for Solvency II

Confident in our Future, Risk Management Policy Statement and Strategy

Hot Topic: Employers liability insurance registers meeting the FSA s requirements FS Regulatory Centre of Excellence 23 March 2012

Aberdeen City Council IT Disaster Recovery

Making payroll pay Managing risk and compliance in an unprecedented era of change

The Use of Spreadsheets: Considerations for Section 404 of the Sarbanes-Oxley Act*

Software License Compliance Review

Aberdeen City Council IT Governance

Application of Insurer Authorisation in Hong Kong

Reserving for Loyalty Rewards Programs

Aegon Global Compliance

South Northamptonshire Council Contract Assurance: Leisure Contract

Stand out for the right reasons Financial Services Risk and Regulation. Hot topic. Solvency II Long Term Guarantee Package Update

9/13/2011. Miscellaneous Current Topics in Healthcare Professional Liability. Antitrust Notice. Table of Contents. Cyber Liability.

Financial Risk Management Top priorities for Corporate treasuries

Project Management: Improving performance, reducing risk When will you think differently about project management?

8/24/2012. No Fault: Concept versus Reality

A&CS Assurance Review. Accounting Policy Division Rule Making Participation in Standard Setting. Report

Case Study: Leveraging TPM for Authentication and Key Security

Using Role-Based Access Control (RBAC) to Replace Traditional Oracle E-Business Suite Responsibility-Based Security

Are you prepared to make the decisions that matter most? Decision making in retail

Internal Audit Testing and Sampling Techniques. Chartered Institute of Internal Auditors May 2014

The Corporation of the City of London Quarterly Report on Internal Audit Results

Large Account Pricing

Adding up or adding value?

G24 - SAS 70 Practices and Developments Todd Bishop

Audit Committee. Directors Report. Gary Hughes Chairman, Audit Committee. Gary Hughes Chairman, Audit Committee

Aberdeen City Council

Are you prepared to make the decisions that matter most? Decision making in manufacturing

White Paper: FSA Data Audit

Solvency II. PwC. *connected thinking. Solvency II GAP-analysis: practical experience (life and non-life business)

Vendor Risk Management in the New Regulatory Environment. kpmg.com

Data Visualization You ve got to see it to believe it

COMPLIANCE GUIDELINE April 2009

ESM Management Comments on Board of Auditors Annual Report to the Board of Governors for the period ended 31 December 2014

Issue 19: Joint Arrangements and Associates

Managing the Shadow Cloud

Financial Services Guidance Note Outsourcing

Real Property Portfolio Optimization

IBM asset management solutions White paper. Using IBM Maximo Asset Management to manage all assets for hospitals and healthcare organizations.

Navigating the next generation of cloud ERP Insurance

Intellectual Property& Technology Law Journal

Aberdeen City Council IT Security (Network and perimeter)

Practical guide to corporate governance

Objectives and key requirements of this Prudential Standard

Creating a compliant data management framework: the regulatory perspective

All I want for Christmas is accurate, complete and appropriate data

Advisory Services Oracle Alliance Case Study

J u n e N a t i o n a l R e s e a r c h C o u n c i l C a n a d a. I n t e r n a l A u d i t, N R C. Audit of Risk Management.

The Value of Vulnerability Management*

Transcription:

www.pwc.com How do you monitor data quality? (...And why should you?) CAS Annual Meeting - November 2012 Henry Jupe Antitrust notice The Casualty Actuarial Society is committed to adhering strictly to the letter and spirit of the antitrust laws. Seminars conducted under the auspices of the CAS are designed solely to provide a forum for the expression of various points of view on topics described in the programs or agendas for such meetings. Under no circumstances shall CAS seminars be used as a means for competing companies or firms to reach any understanding-expressed or implied-that restricts competition or in any way impairs the ability of members to exercise independent business judgment regarding matters affecting competition. It is the responsibility of all seminar participants to be aware of antitrust regulations, to prevent any written or verbal discussions that appear to violate these laws, and to adhere in every respect to the CAS antitrust compliance policy. PwC 2 Agenda Solvency II data quality standards Establishing a data quality framework 3 rd party data Solvency II and the IT environment PwC 3 1

Solvency II data quality standards 6 principles for assessing and managing data quality. Solvency II and its implementing regulations ascribe high importance to data quality Given the high importance of data in internal modelling, undertakings and supervisory authorities should strive for the highest data quality standards to be applied. CEIOPS Advice on Tests and Standards for Internal Model Approval PwC 5 Solvency II contains 3 fundamental data quality criteria The assessment of the quality of data should be carried out on the basis of three criteria: Accuracy, ness, and ness. is free from errors that create a material distortion in model outputs The impact of data error is understood, with proportionate tolerances set PwC 6 2

Solvency II contains 3 fundamental data quality criteria The assessment of the quality of data should be carried out on the basis of three criteria: Accuracy, ness, and ness. provides a comprehensive picture of the insurer / group Gaps or areas of weaker data are understood PwC 7 Solvency II contains 3 fundamental data quality criteria The assessment of the quality of data should be carried out on the basis of three criteria: Accuracy, ness, and ness. is relevant to the portfolio and a suitable basis for analysis Biases that may distort the model output are understood PwC 8 To these, three additional criteria may be added as part of a data quality framework Timely refers to a defined and consistent point in time is up-to-date so analysis can meaningfully influence decisions Accessible Comparable PwC 9 3

To these, three additional criteria may be added as part of a data quality framework Timely can be accessed in an appropriate format when and where needed Reporting is largely automated with minimal manual analysis Accessible Comparable PwC 10 To these, three additional criteria may be added as part of a data quality framework Timely Accessible is consistent across the insurer / group allowing meaningful comparison Comparable reporting can be produced at any level in the insurer / group Comparable PwC 11 Establishing a data quality framework How do you implement a data quality framework, and, more importantly, will it do any good? 4

governance under Solvency II what at we trying to achieve? Organizations need to ensure that data is of sufficient quality that the information generated is materially accurate and representative of the business and its risks. To do this successfully, an insurer will need to: 1. and prioritize the data to be subject to governance. 2. the quality requirements for the identified data. 3. the risks to achieving the identified quality requirements. 4. controls to mitigate the risks to an acceptable level. 5. Where deficiencies are identified, evaluate and remediate. 6. down! PwC 13 Setting scope and judging materiality are essential to proportional data governance & to to Most firms did not conduct an impact and risk assessment of the data used in the internal model and associated data processes. This was surprising, given the limited budget available for the data workstream, and the need for prudent allocation of resources and proportionate focus on material risks. UK Financial Services Authority Solvency II: IMAP Review Findings PwC 14 Setting scope and judging materiality are essential to proportional data governance & to to Solvency II applies explicit data quality standards to data used for the calculation of Technical Provisions (reserves), and data used by an approved internal model. However, similar data governance concepts can be applied across an organization. Some factors to consider: Numerical value, probability of error, sensitivity, combined impact, reference data, mitigating factors, developments over time. PwC 15 5

Defining data quality criteria is challenging, but aligns the governance framework to use of data & to to Format Descriptions Known Business Rules Known deficiencies Usage Priority Sensitivity Application descriptions Thresholds, Limits, Triggers Interview Techniques Techniques definitions Escalation policy Materiality policy Policy PwC 16 governance should address the material risks to achieving the defined data quality criteria & to to Solvency II requires an explicit link to be drawn between: the use of material data items; the quality criteria necessary to support that use; the risks to achieving those criteria; and the controls which are put in place to manage those risks. The assessment should focus on material risks to data quality. PwC 17 should be explicitly linked to the risks that they are intended to address & to to It is critical that firms are able to articulate the nature of data quality checks and of any resulting actions that are conducted on material data sets, and to demonstrate how the process is operating consistently with appropriate controls in BAU. UK Financial Services Authority Solvency II: IMAP Review Findings Most organizations already have processes and controls in place to manage data, but in many cases lack the explicit link to quality criteria required for Solvency II. Factors to consider: Evidence, reporting of exceptions, link to SOx. PwC 18 6

Defining data producers and data consumers can help firms manage data quality responsibilities & to to Claims Administration Claims Administrators Requirements Reserving Reserving Actuary Producers Provide Requested. Confirm required standards met. Consumers Specify required. Specify Requirements. PwC 19 Evaluation and remediation should take ongoing business as usual (BAU) into account & to to Evaluation should consider both the deficiencies themselves and the cause of those deficiencies. Remediation at source rather than at point of use. Expert judgment can be applied at all stages in the data process, including evaluation and remediation. Solvency II explicitly recognizes the role of expert judgment in data use and management, and requires appropriate governance over its application. PwC 20 Documentation is key to Solvency II, but useful for business as usual as well & to to Requirement Project Activity Business as Usual Policy A data policy compliant with Solvency II requirements must be documented and embedded within the organisation. Directory A directory of data, specifying the source, characteristics and usage of all data used to operate, validate and develop the internal model must be produced. Draft Policy Policy must comply with requirements and be specific on activities and responsibilities. Policy should not include detailed procedures. Implement & Embed Policy Policy must be communicated to the appropriate staff, and procedures, tools and training required to enable the policy to operate must be developed. Clearly defined scope of data The data in scope for Solvency II needs to be clearly defined at a detailed level. Details of relevant Sufficient detail over data in scope needs to be maintained, including a consistent definition of the scope, characteristics and source of data. This might include data materiality and the data quality criteria. Operate, Validate, All data used to validate and develop the internal model, and not just data used to operate the model, must be included in scope. Update Policy The Policy is regularly reviewed and updated as circumstances require. Monitor compliance with Policy Compliance with the Policy is monitored and periodically reviewed. Review materiality of data Over time the materiality of certain data items or sets may vary, and hence what was acceptable data quality may no longer be. Items in the data directory must be reviewed periodically to reconfirm their materiality and the relevant quality criteria. Update Directory As new data feeds or new products are included within the Internal Model, the Directory must be updated to reflect these changes. PwC 21 7

Documentation is key to Solvency II, but useful for business as usual as well & to to The Directory is meant to be a documented repository where different users can go to understand which data is being used in the model, where it comes from ( source ), how it is used ( use ) and what its specific characteristics are. UK Financial Services Authority Solvency II: IMAP Review Findings PwC 22 Documentation is key to Solvency II, but useful for business as usual as well & to to Nearly all firms struggled with an appropriate classification of data in the Directory Efficient classification requires assigning each data item to exactly one class, so that each data item is covered just once. UK Financial Services Authority Solvency II: IMAP Review Findings PwC 23 3 rd party data Managing data from outside the Managing data from outside the organization. 8

3 rd party data can present an additional challenge for Solvency II data governance Solvency II requires insurers to implement governance processes over 3 rd party data (e.g. bordereau data, catastrophe exposure data) as if it were internal data. This can pose significant challenges, where the ability to exercise control over 3 rd party data providers is limited. We found that where data was obtained from a third party, many firms relied on the controls operated at the third party despite having no mechanism to obtain assurance over the control environment and without independently validating the external data received. UK Financial Services Authority Solvency II: IMAP Review Findings PwC 25 Practical approaches to using 3 rd party data in a Solvency II context Potential options for 3 rd party data governance: audits. profiling. Audits of data providers. Outsourcing arrangements and expectations. Approach to data limitations. Application of expert judgment. All 6 data quality factors may potentially be relevant:,,, Timely, Accessible, Comparable. PwC 26 Solvency II and the IT environment For many insurers implementing Solvency II, IT infrastructure has been just as important as pure data. 9

Solvency II places substantial demands on IT, and many firms are upgrading their IT infrastructure Compliance with Solvency II can be IT-intensive (e.g. modeling, analysis, automation, reporting timelines), and many insurers are developing their IT systems in advance of the transition: warehousing. Consolidation of legacy systems. Dedicated Solvency II reporting systems. Automation/control v.s. spreadsheets and manual processing. Accounting and/or actuarial modeling systems. Most firms were replacing or building on their existing IT infrastructure as part of their Solvency II program. UK Financial Services Authority Solvency II: IMAP Review Findings PwC 28 Thank you... Henry Jupe henry.m.x.jupe@us.pwc.com 646-471-4944 This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. 2012 PwC. All rights reserved. "PricewaterhouseCoopers" refers to PricewaterhouseCoopers LLP, a Delaware limited liability partnership, or, as the context requires, the PricewaterhouseCoopers global network or other member firms of the network, each of which is a separate legal entity. 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information