The Global Risks Report 2018

Publié le par hanswillertbleuazurconsultingeu

Last year’s Global Risks Report was published at a time of heightened global uncertainty and strengthening popular discontent with the existing political and economic order. The report called for “fundamental reforms to market capitalism” and a rebuilding of solidarity within and between countries.

One year on, a global economic recovery is under way, offering new opportunities for progress that should not be squandered: the urgency of facing up to systemic challenges has, if anything, intensified amid proliferating indications of uncertainty, instability and fragility. Humanity has become remarkably adept at understanding how to mitigate conventional risks that can be relatively easily isolated and managed with standard riskmanagement approaches. But we are much less competent when it comes to dealing with complex risks in the interconnected systems that underpin our world, such as organizations, economies, societies and the environment. There are signs of strain in many of these systems: our accelerating pace of change is testing the absorptive capacities of institutions, communities and individuals. When risk cascades through a complex system, the danger is not of incremental damage but of “runaway collapse” or an abrupt transition to a new, suboptimal status quo.

In our annual Global Risks Perception Survey, environmental risks have grown in prominence in recent years. This trend has continued this year, with all five risks in the environmental category being ranked higher than average for both likelihood and impact over a 10-year horizon. This follows a year characterized by high-impact hurricanes, extreme temperatures and the first rise in CO2 emissions for four years. We have been pushing our planet to the brink and the damage is becoming increasingly clear. Biodiversity is being lost at mass-extinction rates, agricultural systems are under strain and pollution of the air and sea has become an increasingly pressing threat to human health. A trend towards nation-state unilateralism may make it more difficult to sustain the long-term, multilateral responses that are required to counter global warming and the degradation of the global environment.

Cybersecurity risks are also growing, both in their prevalence and in their disruptive potential. Attacks against businesses have almost doubled in five years, and incidents that would once have been considered extraordinary are becoming more and more commonplace. The financial impact of cybersecurity breaches is rising, and some of the largest costs in 2017 related to ransomware attacks, which accounted for 64% of all malicious emails. Notable examples included the WannaCry attack—which affected 300,000 computers across 150 countries—and NotPetya, which caused quarterly losses of US$300 million for a number of affected businesses. Another growing trend is the use of cyberattacks to target critical infrastructure and strategic industrial sectors, raising fears that, in a worst-case scenario, attackers could trigger a breakdown in the systems that keep societies functioning.

Headline economic indicators suggest the world is finally getting back on track after the global crisis that erupted 10 years ago, but this upbeat picture masks continuing underlying concerns. The global economy faces a mix of long-standing vulnerabilities and newer threats that have emerged or evolved in the years since the crisis. The familiar risks include potentially unsustainable asset prices, with the world now eight years into a bull run; elevated indebtedness, particularly in China; and continuing strains in the global financial system. Among the newer challenges are limited policy firepower in the event of a new crisis; disruptions caused by intensifying patterns of automation and digitalization; and a build-up of mercantilist and protectionist pressures against a backdrop of rising nationalist and populist politics.

The world has moved into a new and unsettling geopolitical phase. Multilateral rules-based approaches have been fraying. Re-establishing the state as the primary locus of power and legitimacy has become an increasingly attractive strategy for many countries, but one that leaves many smaller states squeezed as the geopolitical sands shift. There is currently no sign that norms and institutions exist towards which the world’s major powers might converge. This creates new risks and uncertainties: rising military tensions, economic and commercial disruptions, and destabilizing feedback loops between changing global conditions and countries’ domestic political conditions. International relations now play out in increasingly diverse ways. Beyond conventional military buildups, these include new cyber sources of hard and soft power, reconfigured trade and investment links, proxy conflicts, changing alliance dynamics, and potential flashpoints related to the global commons. Assessing and mitigating risks across all these theatres of potential conflict will require careful horizon scanning and crisis anticipation by both state and nonstate actors.

This year’s Global Risks Report introduces three new series:

  1. Future Shocks,
  2. Hindsight,
  3. Risk Reassessment.

Our aim is to broaden the report’s analytical reach: each of these elements provides a new lens through which to view the increasingly complex world of global risks.

Future Shocks is a warning against complacency and a reminder that risks can crystallize with disorientating speed. In a world of complex and interconnected systems, feedback loops, threshold effects and cascading disruptions can lead to sudden and dramatic breakdowns. We present 10 such potential breakdowns—from democratic collapses to spiralling cyber conflicts—not as predictions, but as food for thought: what are the shocks that could fundamentally upend your world?

In Hindsight we look back at risks we have analysed in previous editions of the Global Risks Report, tracing the evolution of the risks themselves and the global responses to them. Revisiting our past reports in this way allows us to gauge risk-mitigation efforts and highlight lingering risks that might warrant increased attention. This year we focus on antimicrobial resistance, youth unemployment, and “digital wildfires”, which is how we referred in 2013 to phenomena that bear a close resemblance to what is now known as “fake news”.

In Risk Reassessment, selected risk experts share their insights about the implications for decisionmakers in businesses, governments and civil society of developments in our understanding of risk. In this year’s report, Roland Kupers writes about fostering resilience in complex systems, while Michele Wucker calls for organizations to pay more attention to cognitive bias in their risk management processes.

GRR2018 1

GRR2018 2

Click here to access WEF – Marsh’s detailed Global Risk Report 2018

Technology Driven Value Generation in Insurance

Publié le par hanswillertbleuazurconsultingeu

The evolution of financial technology (FinTech) is reshaping the broader financial services industry. Technology is now disrupting the traditionally more conservative insurance industry, as the rise of InsurTech revolutionises how we think about insurance distribution.

Moreover, insurance companies are improving their operating models, upgrading their propositions, and developing innovative new products to reshape the insurance industry as a whole.

Five key technologies are driving the change today:

  1. Cloud computing
  2. The Internet of Things (including telematics)
  3. Big data
  4. Artificial intelligence
  5. Blockchain

This report examines these technologies’ potential to create value in the insurance industry. It also examines how technology providers could create new income streams and take advantage of economies of scale by offering their technological backbones to participants in the insurance industry and beyond.

Cloud computing refers to storing, managing, and processing data via a network of remote servers, instead of locally on a server or personal computer. Key enablers of cloud computing include the availability of high-capacity networks and service-oriented architecture. The three core characteristics of a cloud service are:

  • Virtualisation: The service is based on hardware that has been virtualised
  • Scalability: The service can scale on demand, with additional capacity brought online within minutes
  • Demand-driven: The client pays for the services as and when they are needed

cloud

Telematics is the most common form of the broader Internet of Things (IoT). The IoT refers to the combination of physical devices, vehicles, buildings and other items embedded with electronics, software, sensors, actuators, and network connectivity that enable these physical objects to collect and exchange data.

The IoT has evolved from the convergence of

  • wireless technologies,
  • micro-electromechanical systems,
  • and the Internet.

This convergence has helped remove the walls between operational technology and information technology, allowing unstructured, machine-generated data to be analysed for insights that will drive improvements.

IoT

Big data refers to data sets that are so large or complex that traditional data processing application software is insufficient to deal with them. A definition refers to the “five V” key challenges for big data in insurance:

  • Volume: As sensors cost less, the amount of information gathered will soon be measured
    in exabytes
  • Velocity: The speed at which data is collected, analysed, and presented to users
  • Variety: Data can take many forms, such as structured, unstructured, text or multimedia. It can come from internal and external systems and sources, including a variety
    of devices
  • Value: Information provided by data about aspects of the insurance business, such as customers and risks
  • Veracity: Insurance companies ensure the accuracy of their plethora of data

Modern analytical methods are required to process these sets of information. The term “big data has evolved to describe the quantity of information analysed to create better outcomes, business improvements, and opportunities that leverage all available data. As a result, big data is not limited to the challenges thrown up by the five Vs. Today there are two key aspects to big data:

  1. Data: This is more-widely available than ever because of the use of apps, social media, and the Internet of Things
  2. Analytics: Advanced analytic tools mean there are fewer restrictions to working with big data

BigData

The understanding of Artificial Intelligence AI has evolved over time. In the beginning, AI was perceived as machines mimicking the cognitive functions that humans associate with other human minds, such as learning and problem solving. Today, we rather refer to the ability of machines to mimic human activity in a broad range of circumstances. In a nutshell, artificial intelligence is the broader concept of machines being able to carry out tasks in a way that we would consider smart or human.

Therefore, AI combines the reasoning already provided by big data capabilities such as machine learning with two additional capabilities:

  1. Imitation of human cognitive functions beyond simple reasoning, such as natural language processing and emotion sensing
  2. Orchestration of these cognitive components with data and reasoning

A third layer is pre-packaging generic orchestration capabilities for specific applications. The most prominent such application today are bots. At a minimum, bots orchestrate natural language processing, linguistic technology, and machine learning to create systems which mimic interactions with human beings in certain domains. This is done in such a way that the customer does not realise that the counterpart is not human.

Blockchain is a distributed ledger technology used to store static records and dynamic transaction data distributed across a network of synchronised, replicated databases. It establishes trust between parties without the use of a central intermediary, removing frictional costs and inefficiency.

From a technical perspective, blockchain is a distributed database that maintains a continuously growing list of ordered records called blocks. Each block contains a timestamp and a link to a previous block. Blockchains have been designed to make it inherently difficult to modify their data: Once recorded, the data in a block cannot be altered retroactively. In addition to recording transactions, blockchains can also contain a coded set of instructions that will self-execute under a pre-specified set of conditions. These automated workflows, known as smart contracts, create trust between a set of parties, as they rely on pre-agreed data sources and and require not third-party to execute them.

Blockchain technology in its purest form has four key characteristics:

  1. Decentralisation: No single individual participant can control the ledger. The ledger
    lives on all computers in the network
  2. Transparency: Information can be viewed by all participants on the network, not just
    those involved in the transaction
  3. Immutability: Modifying a past record would require simultaneously modifying every
    other block in the chain, making the ledger virtually incorruptible
  4. Singularity: The blockchain provides a single version of a state of affairs, which is
    updated simultaneously across the network

Blockchain

Oliver Wyman, ZhongAn Insurance and ZhongAn Technology – a wholly owned subsidiary of ZhongAn insurance and China’s first online-only insurer – are jointly publishing this report to analyse the insurance technology market and answer the following questions:

  • Which technologies are shaping the future of the insurance industry? (Chapter 2)
  • What are the applications of these technologies in the insurance industry? (Chapter 3)
  • What is the potential value these applications could generate? (Chapter 3)
  • How can an insurer with strong technology capabilities monetise its technologies?
    (Chapter 4)
  • Who is benefiting from the value generated by these applications? (Chapter 5)

 

Click here to access Oliver Wyman’s detailed report

Insurance Data Integrated Platform

Publié le par hanswillertbleuazurconsultingeu

The insurance industry today is poised for a paradigm shift in the way that technology is deployed to provide products and services to customers. This has primarily been driven by changing business needs and the innovations brought about by myriad insuretech firms, leading to an inevitable shift towards adopting the new digital innovations.

Analysts have forecast significant investments geared towards the digitalization of the industry and expect such investments to continue pouring in for several years. It is also expected that an increasing number of new insurance companies will be driven by technology companies to bring better products, services, and customer service in the insurance industry.

A forward-looking plan of action, sufficient operational flexibility, an effective implementation strategy, and a willingness to adopt digital disruptions in every aspect of their organization – those insurers that have all of the above can position themselves to leverage the impending digital disruptions to propel their organization to the very forefront of the industry.

DEALING WITH THE DIGITALIZATION OF THE INSURANCE INDUSTRY

These adopters of digital technology will have a clear upper hand against their competition. Suitably equipped to cut costs and design more attractive offerings, the digital insurance carriers are sure to acquire a whole new set of customers, thus increasing market share. Those who fail to quickly adopt the new technologies, on the other hand, will struggle to maintain their competitive positions in the midst of a customer-centric, price-sensitive market.

Data has always been at the center of the insurance industry, and despite the changes that are to come, data will continue to be the focal point of the industry. In fact, it’s set to play a bigger role to play than ever before.

The continued criticality of data in the insurance landscape is ensured by carriers’ need for information-driven strategies in the digitalized business scenario. They’ll have to leverage data as an asset, enabling automated decision-making in critical business processes, in order to thrive. This, in turn, is why a digital business technology platform – one that incorporates information management and analytical capabilities – will become a necessity in the future.

Without a system in place to support the analytics and reporting needs of the business, decision-makers may be left with no choice but to rely on conventional time-consuming manual processes those are more qualitative rather than quantitative in nature. This is bound to cause serious repercussions for the organization, ultimately resulting in missed opportunities and loss of competitiveness.

According to a Gartner study, the two following technology platforms are essential for any digital business:

  1. Data and analytics platform – This platform should consist of data management programs and analytics applications to enable data-driven decision making
  2. Ecosystems platform – This platform’s role should be to support the creation of and connection to external ecosystems, marketplaces, and communities

MFX

 

Click here to access MFX’s detailed White Paper

 

Keeping up with shifting compliance goalposts in 2018 – Five focal areas for investment

Publié le par hanswillertbleuazurconsultingeu

Stakeholders across the organization are increasingly seeking greater compliance effectiveness, efficiency, cost cutting, and agility in compliance activities to further compete in the expanding digital and automated world.

Organizations are being reinforced this way to continuously improve their compliance activities, because in the future, integration and automation of compliance activities is an imperative. To prepare for tomorrow, organizations must invest today.

When positioning your organization for the future, keep in mind the following five areas for investment:

1. Operational integration

Regulators are increasingly spotlighting the need for operational integration within a compliance risk management program, meaning that compliance needs to be integrated in business processes and into people’s performance of their job duties on a day-to-day basis.

When approaching the governance of managing compliance efforts, a more centralized, or a hybrid approach, strengthens the organization’s overall compliance risk management control environment.

2. Automation of compliance activities

The effectiveness of compliance increases when there is integration across an enterprise and successful automation of processes. Compliance leaders are turning toward intelligent automation as an answer for slimming down compliance costs, and becoming more nimble and agile in an ever-increasingly competitive world. When intelligent automation is on the table to support possible compliance activities, some important considerations must be made:

  • Compliance program goals for the future
  • Implementation dependencies and interdependencies
  • Determining how automation will and can support the business
  • Enhancing competitiveness and agility in executing its compliance activities

Automating compliance activities can also help augment resource allocation and realize greater accuracy by implementing repetitive tasks into the automation.

3. Accountability

Regulators increasingly expect organization to implement performance management and compensation programs to encourage prudent risk-taking. In fact, identified by the KPMG CCO Survey, 55% of CCOs identified “enhancing accountability and compliance responsibilities” as a top 3 priority in 2017.

It is essential that disciplinary and incentive protocols be consistently applied to high-level employees. To do so sends a message that seniority and success do not exempt anyone from following the rules.

4. Formalized risk assessments

Regulatory guidelines and expectations released in 2017 set forth specific focal areas that compliance leaders should ensure are covered in their risk assessments.

  • Evaluating the data needs of the compliance program can help the organization migrate to a more data-driven metrics environment in a controlled way.
  • Availability, integrity, and accuracy of data is needed to understand and assess compliance risks enterprise-wide. The use of data quality assessments to evaluate the compliance impact can help address this challenge.
  • Implementing a data governance model to share data across the 3 lines of defense is a good way of reassuring data owners and stakeholders that the data will be used consistent with the agreed upon model.
  • Further integration and aggregation of data is needed to avoid unintentionally ‘underestimating” compliance risks because of continuous change in measurement of compliance programs and data & analytics.
  • To maximize the benefits of data & analytics, leading organizations are building analytics directly into their compliance processes in order to identify risk scenarios in real time and to enhance their risk coverage in a cost-effective way.

5. Continuous improvement

Compliance efforts by organizations need to continuously evolve to ensure the control environment remains firm while risk trends appear, risks emerge, and regulatory expectations shift.

Compliance and business leaders must continuously improve their compliance activities in pursuit of greater effectiveness, efficiency, agility, and resiliency. Because by continuously improving, organizations can methodically position their organizations for the future.

KPMG

Click here to access KPMG’s detailed White Paper

The General Data Protection Regulation (GDPR) Primer – What The Insurance Industry Needs To Know, And How To Overcome Cyber Risk Liability As A Result.

Publié le par hanswillertbleuazurconsultingeu

SCOPE

The regulation applies if the

  • data controller (organization that collects data from EU residents)
  • or processor (organization that processes data on behalf of data controller e.g. cloud service providers)
  • or the data subject (person)

is based in the EU. Furthermore, the Regulation also applies to organizations based outside the European Union if they collect or process personal data of EU residents. Per the European Commission, “personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from

  • a name,
  • a home address,
  • a photo,
  • an email address,
  • bank details,
  • posts on social networking websites,
  • medical information,
  • or a computer’s IP address.”

The regulation does not apply to the processing of personal data for national security activities or law enforcement; however, the data protection reform package includes a separate Data Protection Directive for the police and criminal justice sector that provides robust rules on personal data exchanges at national, European and international level.

SINGLE SET OF RULES AND ONE-STOP SHOP

A single set of rules will apply to all EU member states. Each member state will establish an independent Supervisory Authority (SA) to hear and investigate complaints, sanction administrative breaches, etc. SA’s in each member state will cooperate with other SA’s, providing mutual assistance and organizing joint operations. Where a business has multiple establishments in the EU, it will have a single SA as its “lead authority”, based on the location of its “main establishment” (i.e., the place where the main processing activities take place). The lead authority will act as a “one-stop shop” to supervise all the processing activities of that business throughout the EU. A European Data Protection Board (EDPB) will coordinate the SAs.

There are exceptions for data processed in an employment context and data processed security, that still might be subject to individual country regulations.

RESPONSIBILITY AND ACCOUNTABILITY

The notice requirements remain and are expanded. They must include the retention time for personal data and contact information for data controller and data protection officer must be provided.

Automated individual decision-making, including profiling (Article 22) is made disputable. Citizens now have the right to question and fight decisions that affect them that have been made on a purely computer generated basis.

To be able to demonstrate compliance with the GDPR, the data controller should implement measures which meet the principles of data protection by design and data protection by default. Privacy by Design and by Default require that data protection measures are designed into the development of business processes for products and services. Such measures include pseudonymizing personal data, by the controller, as soon as possible.

It is the responsibility and liability of the data controller to implement effective measures and can demonstrate the compliance of processing activities even if the processing is carried out by a data processor on behalf of the controller.

Data Protection Impact Assessments must be conducted when specific risks occur to the rights and freedoms of data subjects. Risk assessment and mitigation is required and prior approval of the Data Protection Authorities (DPA) is required for high risks. Data Protection Officers (DPO) are to ensure compliance within organizations.

DPO must be appointed:

  • for all public authorities, except for courts acting in their judicial capacity
  • if the core activities of the controller or the processor consist of
  • by their nature, their scope and/or their purposes, require regular and systematic
    monitoring of data subjects on a large scale
  • processing on a large scale of special categories of data pursuant to Article 9 and
    personal data relating to criminal convictions and offences referred to in Article 10
    processing operations which, for the purposes of national

GDPR in a Box

 

Click here to access Clarium’s detailed paper

Mastering Risk with “Data-Driven GRC”

Publié le par hanswillertbleuazurconsultingeu

Overview

The world is changing. The emerging risk landscape in almost every industry vertical has changed. Effective methodologies for managing risk have changed (whatever your perspective:

  • internal audit,
  • external audit/consulting,
  • compliance,
  • enterprise risk management,

or otherwise).

Finally, technology itself has changed, and technology consumers expect to realize more value, from technology that is more approachable, at lower cost.

How are these factors driving change in organizations?:

Emerging Risk Landscapes

Risk has the attention of top executives. Risk shifts quickly in an economy where “speed of change” is the true currency of business, and it emerges in entirely new forms in a world where globalization and automation are forcing shifts in the core values and initiatives of global enterprises.

Evolving Governance, Risk, and Compliance Methodologies

Across risk and control oriented functions spanning a variety of

  • audit functions,
  • fraud,
  • compliance,
  • quality management,
  • enterprise risk management,
  • financial control,

and many more, global organizations are acknowledging a need to provide more risk coverage at lower cost (measured in both time and currency), which is driving reinventions of methodology and automation.

Empowerment Through Technology

Gartner, the leading analyst firm in the enterprise IT space, is very clear that the convergence of four forces,

  • Cloud,
  • Mobile,
  • Data,
  • and Social

is driving the empowerment of individuals as they interact with each other and their information through well-designed technology. In most organizations, there is no coordinated effort to leverage organizational changes emerging from these three factors in order to develop an integrated approach to mastering risk management. The emerging opportunity is to leverage the change that is occurring, to develop new programs; not just for technology, of course, but also for the critical people, methodology, and process issues. The goal is to provide senior management with a comprehensive and dynamic view of the effectiveness of how an organization is managing risk and embracing change, set in the context of overall strategic and operational objectives.

Where are organizations heading?

“Data Driven GRC” represents a consolidation of methodologies, both functional and technological, that dramatically enhance the opportunity to address emerging risk landscapes and, in turn, maximizing the reliability of organizational performance. This paper examines the key opportunities to leverage change—both from a risk and an organizational performance management perspective—to build integrated, data-driven GRC processes that optimize the value of audit and risk management activities, as well as the investments in supporting tools and techniques.

Data Driven GRC

Click here to access ACL’s detailed White Paper

Digital Strategy and Transformation

Publié le par hanswillertbleuazurconsultingeu

Digital Strategy for a B2B World

It’s easy to see why so many view companies like Uber, Amazon and Google as the business models of the future. They’ve redefined their industries. They’ve rewired the customer experience. They’re not afraid to fail fast, learn from mistakes and make the changes necessary to stay well ahead of the market.

None of this is news to leaders of industrial and other business-to-business (B2B) companies. But these executives also know full well that what works in the consumer realm doesn’t always translate in a B2B context. Failing fast? That’s problematic in industries such as chemical processing or offshore drilling, where the smallest mistake can trigger epic disaster. Moving quickly? We’ll get back to you when our channel partners get back to us.

Redefining the industry? Easier said than done in a business like aviation, where many stakeholders operate in a complex, interdependent ecosystem. The truth is B2B is different than business-to-consumer (B2C) when it comes to digital strategy, and it requires a different approach. There are many lessons to be learned from digital innovators like Amazon, and the opportunities are very real. But simple comparisons to what works for these digital standouts aren’t always useful in an industrial setting and often come off as naive or impractical, feeding the notion that digital is more hype than reality. This gets in the way of deciding how digital can, in fact, transform important parts of a business and makes it hard to create alignment around the right path forward.

Digital Destination

Click here to access BAIN_BRIEF-Digital_Strategy_for_a_B2B_World

Digitalization in Insurance: The Multibillion Dollar Opportunity

The business of property and casualty insurance— assessing risk, collecting premiums and paying claims— hasn’t changed much since 1861, when a group of underwriters sold the first policies to protect London homeowners against losses from fire. Recently, though, the insurance industry has embarked on a radical transformation, one spurred by a series of digital innovations whose widespread adoption is just a few years away. Bain & Company and Google have identified seven key technologies—namely,

  • infrastructure and productivity,
  • online sales technologies,
  • advanced analytics,
  • machine learning,
  • the Internet of Things,
  • distributed ledger
  • and virtual reality

—that have already begun to disrupt the industry and whose impact will accelerate in the next three to five years. These new technologies are likely to be a boon for consumers, bringing more choice, better service and lower prices.

For those insurers ready to seize the initiative, digitalization presents an immense opportunity. The companies that stand to benefit the most are those that use the impetus of digitalization to rethink all their operations, from underwriting to customer service to claims management. The impact on both revenues and costs can be enormous. An analysis by Bain and Google shows that a prototypical P&C insurer in Germany that implemented these technologies could increase its revenues by up to 28% within five years, reduce claims payouts by as much 19% and cut policy administration costs by as much as 72%.

These pioneers in digital technology can gain an edge over their rivals by becoming more effective and efficient. They’ll be able to trim costs and pass on those savings to their customers, thereby winning new business and gaining market share. The digital laggards, by contrast, will find themselves fighting an intensified price war and scrambling to protect their competitive positions.

Digital P&C

Click here to access BAIN_BRIEF_Digitalization_in_Insurance

Six IT Design Rules for Digital Transformation

Superior performance in the digital age calls for an adaptable technology infrastructure that manages the complexities of a multicloud environment, embedded security and compliance policies, and deep business alignment. Best-in-class IT operations and the software vendors that support them are adopting a playbook based on six core rules for IT design.

  1. Break boundaries across IT stacks. Given that companies are unlikely to achieve complete migration to the public cloud anytime soon, CIOs need monitoring, discovery and confi guration tools that function in hybrid, multicloud environments as well as up and down the stack, from legacy systems to consumer-facing apps.
  2. Embrace DevOps. As firms increase the cadence of their digital offerings, they have no choice but to integrate software development and IT operations. Already, as many as 60% of enterprises are using or planning to use a DevOps approach to building and installing software, according to a survey by Gartner. Modern IT organizations require software that works across the production chain and that’s designed for rapid testing and validation.
  3. Be open. No modern solution can be an island. As designers produce focused, best-in-class solutions instead of massive monolithic systems, openness becomes critical. Companies need modular, opensource and application-program-interface–friendly software that is designed for easy extensibility and integration with other apps. CIOs expect to be able to combine the capabilities of their disparate systems to serve new needs.
  4. Incorporate policy engines. Cost pressures have driven CIOs to seek to automate their IT operations. They want to escape the massive manual efforts that they currently rely on to monitor policies, including compliance, data governance and security rules. They need solutions that have builtin logic to identify and remediate against rules in order to enable policy management across a hybrid infrastructure.
  5. Induce insights. As digital apps proliferate, companies are becoming fl ooded with an abundance of data—some of it useful, some of it not. CIOs need analytical tools that use techniques such as machine learning to glean insights from disparate sources.
  6. Insist on user-friendly experiences and tools. In a complex world, IT professionals are demanding intuitive, easy-to-use software. They are no longer satisfied with hard-to-master, second-rate applications; they want a consumer-level user experience. They need solutions that are software-as-a-service (SaaS) capable, simple to install and have immediate, out-of-the-box functionality.

IT Transformation

Click here to access BAIN_BRIEF_Six_IT_Design_Rules_for_Digital_Transformation

 

EIOPA’s Supervisory Statement Solvency II: Solvency and Financial Condition Report

Publié le par hanswillertbleuazurconsultingeu
  • The majority of insurance undertakings and groups published the (Solo/Group) SFCR on a timely basis and generally complied with the relevant Solvency II requirements. In some cases Groups went the extra mile to make the Group SFCR accessible to all stakeholders: The SFCRs are generally easy to find in the websites of most of the disclosing entities. However, some undertakings still do not own a website. In the websites of the insurance groups, in general, in addition to the Group SFCR, the solo SFCRs of the major entities of the group are also available at the same address and versions in English are available which facilitates access regarding the full group. The reports follow the structure as of Annex XX of the Delegated Regulation, but for non-applicable items, it is important to have a clear indication that the information is not applicable.
  • The use of different language styles and different formats to disclose SFCR information makes difficult the definition of a common disclosure approach to all types of stakeholders: EIOPA expects that care is taken when deciding the content and language style of the SFCR and in particular of the Summary of the SFCR. The Summary is the part of the SFCR that will most interest the policyholders. They should be the main addressees of this part of the Report. In the remaining sections of the SFCR it is not expected that the full content of EU or national legislation is reproduced in the SFCR. The Report should instead include relevant undertaking-specific information under each section to make it easy to efficiently identify and read the relevant specific information.
  • The need for a more fit-for-purpose ‘Summary’: EIOPA encourages insurance groups/undertakings to improve the content and clarity of the Summary. The SFCR Summary should encompass relevant SFCR areas and briefly provide relevant information. Given the importance of the SFCR Summary for the policyholders and the range of different approaches EIOPA clarifies the expectations on its minimum content from a supervisory perspective.
  • Quantitative Reporting Templates (QRTs) in the context of the SFCR: The placement of QRTs in an Annex to the SFCR, although a good practice, should not prevent undertakings/groups from providing quantitative and qualitative information into the body of the SFCR. Relevant information covered by the QRTs and additional information not covered by the QRTs in the Annex to the SFCR, such as background information that allows the reader to understand the information in the templates should be included in SFCR. If appropriate, parts of the QRTs should be repeated, or complemented through the narrative information of the SFCR.
  • Information on the own-risk and solvency assessment (ORSA) under the SFCR is by its very nature undertaking/group specific. This means that undertaking/group specific information needs to be included, even when referring only to the process and not to the outcome: The information disclosed should go beyond repeating the laws, regulations and administrative provisions on how the ORSA needs to be integrated into the organisational structure and decision making process.
  • The information on the risk sensitivity to different scenarios or stresses, should be better structured and more comprehensive: The information regarding the SCR and risk sensitivity is not comparable across different undertakings/groups. It is expected that the reporting of sensitivities to different scenarios or stresses is disclosed in a more structured format. The sensitivity to the different risks should be shown under the section ‘Risk Profile’. In addition under each risk section information on the overall impact should be provided.
  • Information on the bases, methods and main assumptions used for the valuation for solvency purposes should include undertaking/group specific information and address the uncertainties around the valuation: the SFCR should include more relevant, undertaking/group specific information, in particular regarding valuation of investments, valuation of deferred tax assets and deferred tax liabilities and valuation of technical provisions. Regarding the later the SFCR should provide a description of the level of uncertainty, by linking it at least to the assumptions underlying the calculation, such as economic and non-economic assumptions, expected profits in future premiums, future management actions and future policyholder behaviour.
  • Information on eligible own funds: EIOPA encourages undertakings/groups to disclose information about the management of the own funds in the context of the undertaking’s/group’s strategy and business model, including information on the time horizon used for business planning and on any material changes over the reporting period. The information of the eligible own-funds items, classified by tiers should be complemented by explanations of the most material own-funds items, including the extent to which they are available, subordinated, as well as their duration and any other feature that is relevant for assessing their quality.
  • In next year’s SFCR undertakings/groups should also include comparative information in certain areas of the SFCR. EIOPA expects that when providing comparative information the format of tables is used as much as possible in the narrative part of the SFCR. These tables could include amounts for both reporting years or focus on the material differences between both reporting years. Qualitative information on material differences between two reporting years are also expected to be included in the report. Publication of QRTs for current and the previous reporting year as an Annex alone is not sufficient to be considered compliant with the comparison requirement.

 

Click here to access EIOPA’s SFCR report

State of Digital Analytics: The Persistent Challenge of Data Access & Governance

Publié le par hanswillertbleuazurconsultingeu

Disjointed, inaccessible data is a major productivity inhibitor for analytics teams, diverting skilled resources from contributing to valuable business intelligence.

Analytics teams struggle with data access. In addition to listing data silos and data access among both their top data and analytics challenges, above, nearly three in five said it takes days or weeks to access all the data needed for their work or the work of the teams they manage. Only a third were able to access all their data in a day or less.

AMOUNT OF TIME FOR ANALYSTS AND ANALYTICS TEAMS TO ACCESS DATA

Nearly two in five analytics professionals are spending more than half of their work week on tasks unrelated to actual analysis. Forty-four percent of managers reported that more than half of their team’s work week is spent accessing, blending, and preparing data rather than analyzing it, while 31 percent of analysts said they spend more than half of their work week on data housekeeping.

TIME SPENT PREPPING DATA, RATHER THAN ANALYZING IT

As a result, the majority of analysts have found it necessary to learn programming languages specifically to help them access and/or prepare data for analysis. Outside of mandates from their employers, a full 70 percent of analysts reported taking it upon themselves to learn to code for this reason, and more than a quarter of those analysts have spent 80 or more hours learning to program.

ANALYSTS LEARNING PROGRAMMING SKILLS TO OVERCOME DATA ISSUES

It should go without saying that data professionals tasked with analyzing organizational information meaningfully and actionably cannot adequately perform their core job function without accurate data. Yet in addition to raising the data access challenges above, the industry is also split in terms of confidence in data accuracy. Nearly half reported that they question the accuracy of the data they or the teams they manage use regularly, while a little more than half said they are confident about their data.

Data Analysis

Click here to access TMMData’s detailed Survey Results

How digital reinventors are pulling away from the pack

Publié le par hanswillertbleuazurconsultingeu

Digitization is a long way from running out of steam, since the bulk of company revenues in most industries still come from traditional sources. Yet the results from McKinsey’s latest survey on digital strategy suggest that a digital divide is already taking shape. Companies competing in traditional ways (that is, without applying digital technologies and strategies in their businesses) have seen lower rates of revenue and earnings growth than have companies competing in digital ways—and those rates are tightly correlated with the level of digitalization, or digitization, in their respective sectors. But other players are seeing tremendous growth as digitization advances. The companies making digital moves—digital natives, industry incumbents competing in new and digital ways, and incumbents moving into new sectors—are out-performing their traditional-incumbent counterparts.

We call these companies digital reinventors. While most respondents say that their companies are making at least marginal investments in digital, we found last year that few had achieved top-quartile growth and high returns—not surprising, given the lukewarm response to digitization the average respondent reports in this year’s survey. Digital reinventors, in contrast, are embracing digital with both their investments and their strategic decision making. Our results indicate that companies in this group are not only investing more in digital but also investing and executing differently. The reinventors are investing at scale in

  • technology,
  • analytics,
  • and digital talent

—not just playing on the margins—and investing much more aggressively in business-model innovations or entirely new business models. They make more digital-related acquisitions and divestitures than traditional incumbents do; they are likelier to accelerate changes in their own businesses; and they are using more advanced, innovative technologies. The results indicate that their efforts are paying off: the reinventors are seeing larger gains in revenues and earnings than are traditional incumbents that have yet to embrace digitization.

Growing pressure on incumbents

As digitization continues to progress, its expected effects on revenues seem pronounced. When respondents were asked how much of their companies’ revenues would be at risk in the next three years if those companies took no further action to address digital pressures, they estimated that almost one-third could be lost or cannibalized. Consistent with our earlier research showing that increased levels of digitization produce shrinking profit and revenue pools at the industry level, the revenues at risk are even greater in the industries (high tech, as well as media and entertainment) experiencing the highest levels of digitization.

But the level of digitization is only part of the industry picture. Despite a common belief that digital natives are the greatest threat to an industry’s existing market share, the results indicate that incumbents competing in digital ways pose just as great a threat to other companies, if not a greater one.

The correlation between the market share owned by digital natives and revenues at risk is on par with that of incumbents playing digitally. This finding is consistent with other work suggesting that incumbents can have a strong effect on the market and on the pace of digital disruption in a given industry, and this effect is only magnified by the more powerful positioning of these incumbents. Since those competing in digital ways already own a larger market share than digital natives do, on average, they can also make larger shifts in the economics of their respective markets.

To date, the loss of revenues as digitization has expanded is already clear. Nearly 20 percent of all respondents report negative revenue growth in the past three years. But some companies can thrive in a more digitized landscape: specifically, those trying to reinvent themselves by embedding digital technologies in the core of their business models and by launching new digital businesses. Respondents at incumbents playing digitally are twice as likely as traditional incumbents to report exceptional financial growth (that is, an average compound annual growth rate of more than 25 percent) during this same period.

Digital Reinventors

Click here to access McKinsey’s detailed survey analysis