The majority of insurance companies already maintain a rigorous corporate governance model to protect the financial interests of their policyholders and shareholders. So why does the Sarbanes-Oxley act have the industry aflutter? New research from TowerGroup finds insurers are realizing that the Act can serve as a catalyst for long- term financial systems architecture strategy and process improvements.
"The globalization of insurance and the current complex regulatory environment necessitate a systematic, integrated approach to risk management," said Cindy Saccocia, senior analyst in the Insurance practice at TowerGroup and author of the research. "Sarbanes-Oxley regulation drives a tight alignment between top-office and daily internal control activities. It calls for improvements to financial management in areas such as risk and capital management that can enhance operational discipline and corporate governance across insurers' total operations."
US insurers are already in Sarbanes-Oxley investment mode. Between 2004 and 2005, TowerGroup expects individual firms to invest an average of $250,000 to $750,000 each on Sarbanes-Oxley related activities. These investments will peak by 2006, with some individual insurers expected to invest over $1 million that year to comply with the Act.
Highlights of the research include:
- Insurers are approaching Sarbanes-Oxley prudently and carefully. Any insurance company's technology spending for the Act will be a long-term strategy to attend to operational changes needed to comply with key requirements.
Their initial focus is to document the reporting process and assess gaps that present risk in compliance and reporting. Later in the cycle, they will move through stages of technology integration, enhancement and, finally, maintenance.
- TowerGroup expects the next round of IT spending by insurers, buoyed by Sarbanes-Oxley compliance needs, will be for key applications to close operational and reporting gaps and integrate them with the existing architecture. For some insurers, this will mean large-scale investment in enterprise applications. For others, it will mean small-scale investments in point solutions.
- While the Act requires compliance only from publicly-traded financial institutions, mutual insurers are keeping a close eye on their competitors to mitigate competitive differentiation. That is because top-rate insurers will embrace the legislation as an opportunity to become more agile and responsive to change.
Regulatory compliance clearly often results in additional cost and complexity for the business of insurance. Saccocia noted that insurers must maintain flexible enterprise architecture so that regulation does not place undue burdens on the operation to comply. "Sarbanes-Oxley has exposed weaknesses in the infrastructure, and compliance with the Act can be an opportunity for insurers to realize the benefits of real-time reporting as a step toward enterprise risk management," she said.
Those interested in purchasing a copy of the reports may contact TowerGroup at 1.781.292.5200 or [email protected].