The Act implementing the EU Solvency II directive in the UK was originally going to come into force on December 31st 2012. However, implementation has now been delayed until 1st January 2014.
Solvency II is intended not just to provide an adequate level of consumer protection but to encourage the development of a single market for insurance services across the EU. This already exists to some extent, but Solvency II aims to widen participation and increase transparency.
Solvency II has three pillars:
- Pillar 1 - Quantitative Requirements: this includes the calculation of technical provisions and the rules relating to the calculation of capital requirements and investment management. More details on Pillar 1 are provided at (insert URL) but the key point is that most companies of any size are developing an "Internal Model" to meet the Solvency Capital Requirements (SCR) required by thy act. Many of the IT issues raised by the Solvency II regulations revolve around the creation of this Internal Model. For example, you must be able to prove to the supervisor that it is based on accurate information (the FSA states that data must be "accurate, complete and appropriate"), that it is actually being used to support business processes and is not just a theoretical exercise, and that it is updated at least every six months or three months for larger companies.
- Pillar 2 - Supervisor Review: this deals with the qualitative aspects of your company's internal controls, risk management processes and the approach to supervisory review. For more details see URL.
- Pillar 3 - Market Discipline: this is concerned with arrangements for disclosure to ensure market transparency. Companies are required to interpret the relevant disclosure requirements, and develop a strategy for making those disclosures available to analysts, regulators, shareholders and rating agencies through appropriate reporting mechanisms. Needless to say, you must develop the necessary processes and systems needed to produce these reports.
The Solvency II Directive affects all insurance and reinsurance companies in the EU. Compliance with the regulations will directly impact on the way that these companies manage their business, especially with regard to risk management and capital requirements, as well as having significant implications for IT.
There are a significant number of IT implications related to compliance with Solvency II, especially if you are building your own Internal Model. Elements that may be required include:
- Data quality tools (profiling and cleansing) and procedures to ensure that data is sufficient quality.
- Data governance dashboards and policies to ensure that data quality is maintained in good order on an on-going basis.
- Analytic software that will help to analyse existing data for risk profiles and to project risk going forward. Also included in this category might be spatial analytics and catastrophe modelling.
- A data mart or warehouse for storing the data to be analysed.
- Data integration software to load the data into the warehouse.
- A pre-built but customisable data model that is specific to the insurance sector, preferably with pre-packaged Solvency II extensions.
- Reporting software to meet Pillar 3 requirements.
- Master data management (optionally) to support functions such as a single customer view.
- Spreadsheet management software.
No vendors have solutions per se but various suppliers have offerings that enable at least partial solutionsa - basically the big data warehousing vendors, the data quality vendors, the data governance vendors and, arguably, the spreadsheet management vendors.
There are two final points to consider. Firstly, it is underwriters that will be most familiar with the data that is to be analysed and used within to help construct risk profiles. It will therefore be important that relevant software has facilities to enable business/IT collaboration. Secondly, many insurance companies rely on third party providers for, for example, claims databases and asset management. In order to comply with Solvency II insurers will need to ensure that those third party providers are also compliant.