Transcript Control Framework Breakfast Group Presentation July 2013
Control Framework
Breakfast Group agenda
9:00 9:20 9:25 9:50 10:20 10:30 Arrival, Breakfast & networking Welcome Direct Reporting Demonstration All Ali Dove Sharmi Bakrania Phase 2 Control Framework Update Jaana Rouvari & John Hibbert Q & A Close All Ali Dove
DIRECT REPORTING
Direct reporting RECAP
What is it ?
A process that enables Managing Agents to report regulatory & tax information directly to Lloyd’s for Service Company business Data is at a transactional level as opposed to reporting information being derived from the bureau accounting process Breaks the link between accounting and reporting (on cash)
DIRECT REPORTING
CLARITY OF SCOPE
In Scope
• 100% business – where an insurer underwrites the whole risk. • ‘Separate’ subscription business - where an insurer underwrites part of a risk using a separate insurance document to other insurers which underwrite that risk.
Out of Scope
• ‘Conventional’ subscription business - where all underwriters underwriting part of a risk use the same market reform contract for subscription.
DIRECT REPORTING
CURRENT STATUS
• Solution is now complete in final stages of testing • Met with all bar one Managing Agent – 3 should be live by year end • Confirming with those interested to go live on 1/1/14 • Meeting with IT suppliers 4
DIRECT REPORTING
KEY ELEMENTS - REMINDER
Service Company business Include
all
Territories ACORD standard XML message Offer reporting service to all managing agents via Core Market Return route
DIRECT REPORTING
What Do I need TO DIRECT REPORT?
www.lloyds.com/directreporting • Direct Reporting Data Requirements • Direct Reporting Gap Analysis Spreadsheet • Direct Reporting Data Model • Direct Reporting Roadmap
DIRECT REPORTING
DIRECT REPORTING
Direct Reporting Demo
DIRECT REPORTING
Control Framework
Control framework phase II
Why it’s important What is it and who does it affect?
How is it implemented?
The risk model and how it applies Coverholder audit Delivery roadmap 2013 & 2014 Board sign off… For more information… Questions?
10 © Lloyd’s
Control Framework
WHY it’s important
Increasing regulatory and tax authority scrutiny around the information that Lloyd’s returns are based upon.
Increasing sophistication of the business being written (cross border) through coverholders resulting in regulatory risk increasing.
Confidence in data quality is not currently based on evidence and so is difficult to demonstrate. 11 © Lloyd’s
Control Framework
What is it?
Identifies for the first time explicit minimum information requirements covering tax and regulatory reporting.
A structured, documented process that allows managing agents to demonstrate they have adequate controls in place.
Nothing new!
12 © Lloyd’s
Control Framework
WHO does it affect?
Control Framework is the managing agents’ responsibility
Phase I Phase II Phase III Service Companies – Completed Coverholders – Deadline 31 st December 2014 Open Market - TBA Phase I – Completed
39 managing agents successfully signed off on time!
Phase II – Commences in July 2013
Framework does not change, it simply extends the scope to include coverholder business.
Key stakeholders- 55 managing agents, approx. 200 brokers and 5000 coverholders Presentations at Market Forums to raise awareness on “raising the bar” around quality of information.
Our own page on Lloyds.com.
Monthly Breakfast Group for managing agents and brokers.
© Lloyd’s 13
Control Framework
How it’s implemented
Process for continuous improvement to “raise the bar”
Information Requirements Confidence gained Risks Evidence gathered Controls described or defined How the risks apply
14 © Lloyd’s
Control Framework
The risk model
RISK 1 Requirements are not understood HOW IT MAY TRANSPIRE There are many reasons why this risk may crystallise. It could be that the person interpreting the requirements does not have the requisite skills or experience, human error, or the requirements being unclear or ambiguous 2 Data capture is inadequate 3 Data is processed incorrectly 4 Data is corrupted This may relate to data not being captured, being captured more than once (duplicate) or that the data captured is erroneous. It may also be that data is not refreshed at the appropriate point (if relevant). Between capture and reporting data will undergo some form of processing. In some cases this will be about using different elements of data to compute other information, but it also relates to things such as erroneous report definitions. Typically, this risk can also be used to cover security and continuity risks, but given the specific focus in the Operating Principles these have been broken out.
Data may be corrupted accidentally or on purpose. Typically this involved inadvertent or erroneous changes to data when it is being adapted outside of core processing systems.
5 Data is lost and cannot be recovered This is most likely to crystallise where historic information is not contained in core processing systems that are subject to a robust backup regime, but in end user computing facilities such as spreadsheets or user maintained databases.
15 © Lloyd’s
Control Framework
How the risks apply
How these risks might apply to your organisation or any associated third party undertaking information capture or processing on your behalf.
Understand how these risks could be addressed
What existing controls are in place? How are these risks currently mitigated and managed? 16 © Lloyd’s
Control Framework
Coverholder audit
Coverholder audit scope extended to include questions addressing the Control Framework
Proposed questions address: Location of risk How this is determined for system entry What considerations are taken when business is transacted across border How tax liability is determined Collation/ creation of the bordereaux Whether Lloyd’s tools are used in the process of determining risk location and tax liability (Crystal, Risk Locator Tool, etc).
17 © Lloyd’s
Control Framework
Delivery road map - 2013 Q2 2013
• Pre project consultation • Development of Lloyd’s project tool kit
Q3 & Q4 2013
6 month analysis phase • Review and confirm coverholders in phase II • Coverholder risk rating exercise completed and returned to Lloyd’s • Audit schedule in place • Governance and resources in place to see through implementation of phase II • Confirmation of project delivery timescale 18 © Lloyd’s
Control Framework
Delivery road map - 2014
Q1 2014 • Assess risks • Identify controls and gaps • Review audit findings (continually as audits are performed) Q2 & Q3 2014 • Develop remediating controls • Implement controls • Review audit findings (continually as audits are performed) Q4 2014 • Agree assurances to be shared with Lloyd’s • Test controls and procedures in operations • Confirm evidence for sign off • Formal SIGN OFF!
19 © Lloyd’s
Control Framework
Board Sign-off…
20 © Lloyd’s
Control Framework
Lloyd’s project structure
Executive Sponsor
Luke Savage
Project Board
Mark Edwards- Tax Andrew Gurney- International Regulatory Affairs Peter Montanaro- Delegated Authorities Rob Humphreys- Market Operations Ali Dove- Market Operations
Programme Manager
Ali Dove
Project Team
Jaana Rouvari- Project Manager John Hibbert- Stakeholder Manager Laura Fletcher- Business Analyst Lucy Evans- PMO 21 © Lloyd’s
Control Framework
For more information
22 © Lloyd’s
Control Framework
23 © Lloyd’s
Control Framework
Questions?
24 © Lloyd’s
Control Framework
Update on broker engagement
John Hibbert
Control Framework
Who have we seen?
Millers CSWH Intergro Decus AJG Willis Tysers Aon Julian Sawyer Les Doel Dan Lott John Harris Phil Branch John Higgs David Green Simon Archer/ Tony Rhoades Endeavour Towers Watson Cooper Gay THB Bell & Clements CSP AonBenfield Lockton Robert Campbell Geoff Davies Rod Joyce Catherine Nicoll Graham Lindus Stephen Bryant Emma Syrett Ian Derry
Control Framework
Questions that were raised
Q. Why is the DA not involving this in Coverholders audits?
This is happening. New CF-specific audit questions are being introduced into the Coverholder audit scope. Q. Coverholders will be audited anyway over the next couple of years – is this not enough? This covers part of it, but we need to look at the controls in place through out the information chain.
Q. Are MAs “starting again” with third party coverholders? The distribution model is the same as with service companies won’t the systems already be there?
Many are confident that the data is there, it is just the case of evidencing this.
Q. Have the responsibilities of leads and follows been considered?
Yes this has certainly come into the mix. However as far as the regulators are concerned, there is no difference between them.
Q. Are TPAs part of this initiative?
Yes TPAs are considered within the CF.
Control Framework
In summary
• A common issue is that Managing Agents ask for data even though it has already been provided by the Broker. The first option has to be to look internally rather than going straight to the Broker . Lloyd’s needs to give guidance so that is a consistent approach from Managing Agents. • It is essential for Managing Agents and Brokers to work together towards an agreed approach.
• This project should be very helpful for Brokers in that it will address data consistency.
CONSISTENCY IS THE KEY
Control Framework
Q & A
29 © Lloyd’s
Control Framework
Close
Further information on Direct Reporting – [email protected]
Further information on Control Framework – [email protected]
Next Breakfast Meeting – Tuesday 27 th August 2013 Control Framework Broker Conference Event – 17 th September 2013 Control Framework Phase I end of project celebration – end of September date TBC 30 © Lloyd’s