No room for weak links with compliance

Gallagher Bassett has the knowledge and capacity to help insurers get regulatory compliance right

No room for weak links with compliance

Cyber

By Bennett Richardson

This article was produced in partnership with Gallagher Bassett

Keeping up with compliance requirements is becoming tougher for insurers to handle on their own – and insurers know it.

A new survey by Gallagher Bassett, released as part of The Carrier Perspective: 2024 Claims Insights report, reveals issues such as data privacy, staying abreast of regulation changes and cybersecurity as some of the leading concerns for insurers both worldwide and in Australia.

Insurers with stretched resources in a tough market know they need to do something – but many have more questions than answers on how to handle the increasing burden.

“There are certainly important questions that need to be addressed. Do carriers have a comprehensive strategy or plan in place to address a cyber event? Are their vendors lined up to act promptly as needed? How do carriers ensure their data is encrypted, and do they have measures in place to duplicate data if necessary?”, said Archana Acharya, Chief General Counsel at Gallagher Bassett Australia.

Acharya’s answer is simple – a problem shared is a problem halved.

“Using outside specialists emerges as the foremost strategy, with many carriers seeking advice from claims management providers, legal advisors, and compliance consultants. The old adage that ‘you are only as strong as your weakest link’ requires insurers to be just as demanding of their supply chain, which is often vested with personal information, as they are of their own internal standards”, she said.

Compliance tasks likely to increase significantly

Regulatory compliance is an area that is only going to increase in complexity, making the task of getting it right more difficult for insurers that may have managed until now.

The growth of regulations globally around data matters is a key risk for tech firms with business offshore, for example. Most tech firms have reporting obligations in multiple regimes and the rules in those regimes are constantly on the move.

Several states in the US passed or amended privacy regulations in the last few years. Updates to privacy laws related to the General Data Protection Regulation (GDPR) in the EU or extension of regulations from the California Consumer Privacy Act with the California Privacy Rights Act, which took effect in 2023, are some of the latest rules that tech firms need to be across in terms of their professional indemnity obligations. In 2024, more regulatory change is also expected in the EU, the UK, Singapore, Australia, and Japan. 

This means that compliance resources at many insurers may become stretched to breaking point. But Gallagher Bassett is well placed to fill the role of compliance expert and not only relieve the burden, but also provide a better service to customers.

Partnering with experts can lift profits and competitiveness

“By leveraging specialist knowledge, insurers can navigate the complexities of customer-focused regulations. This approach facilitates compliance and underscores their commitment to a forward-thinking strategy”, said Acharya.

Gallagher Bassett research shows that 43% of global and 53% of Australian insurers plan to hire compliance consultants or claims and risk management experts to enhance and maintain compliance measures.

“Moreover, a strong trend is emerging around partnering with claims management providers, with 30% of global and 43% of Australian insurers exploring this avenue to fortify their compliance strategies”, said Joe Powell, Senior Vice President of Analytics at Gallagher Bassett.

“Collaborating with a claims and risk management provider can help streamline claims processes and foster a proactive approach to ongoing adherence to changing customer-focused regulations”, said Acharya.

Outsourcing compliance allows insurers more time to deal with other key aspects of the business, including customer care and seeking out new sources of revenue. These partnerships empower leaders to increase profitability, enhance brand reputation, and outpace competitors.

The compliance issues that most concern insurers

Both globally and in the UK, the main compliance and regulatory challenge that insurers anticipate for 2024 is data privacy and security compliance. According to the Gallagher Bassett survey, this issue was identified as the primary concern by 75% of global and 83% of Australian insurers.

For most anticipated compliance and regulatory challenges, Australian insurers were more concerned than their global peers, perhaps underscoring the increased level of regulation in the region and the growing burden it poses.

Staying abreast of regulatory change is more of a concern for Australian insurers than globally, as is cybersecurity and data breach regulations, adoption of consumer protection laws, and navigating international regulations.

A significant focal point for insurers worldwide is cybersecurity and data breach regulations: Gallagher Bassett data shows that 63% of insurers globally and 65% in Australia anticipate this evolving challenge.

Cyber issues increasing in volume and severity

Cybersecurity and data security threats are unlikely to abate any time soon. The 2024 Thales Data Threat Report, based on a survey of nearly 3000 IT and security professionals in 18 countries across 37 industries, found that 93% of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47% last year.

Thales found that there was a very clear correlation between compliance and data security. Of those organisations that had failed a compliance audit in the past twelve months, 31% had experienced a breach that very same year. This compares to just 3% of those who had passed compliance audits.

Regulatory reporting and documentation management is another key concern, with 48% of insurers in Australia expecting this to be challenging versus only 43% globally. This is pushing insurers to re-evaluate their reporting mechanisms.

Clearly, not keeping up with compliance in 2024 is not an option. In a fast changing regulatory and threat environment, there is inevitably a lag in understanding what systems, applications, and data are at risk, making it vital to line up proper and robust plans of action. 

“By embracing robust cybersecurity measures, reinforcing consumer protection laws, and optimising reporting processes, insurers can ensure adherence to regulatory standards and position themselves to adjust and grow in an era of unprecedented change”, said Acharya.

Gallagher Bassett is Australia’s leading provider of claims and risk management solutions for insurance carriers. Gallagher Bassett is committed to providing solutions that reduce risk, improve efficiency, and deliver superior outcomes.

Keep up with the latest news and events

Join our mailing list, it’s free!