General Insurer Conduct – The Capacity Constraint
Introduction
Conduct is more than the client interaction; it’s about the entire structure of a company.
Good conduct is reliant upon capability and commitment, which in turn relies upon capital, cost, and (organisational) configuration. The culture that binds all this together, that evolves on the back of these key ‘Cs’ and determines the quality of that conduct, is all down to the capacity of the organisation to execute.
And it is another ‘C’, competition[1] - not just for customers but also for investors, and the laws framed to prevent collusion, that conspire to dull delivery of a clear and keen conduct framework.
In the author’s experience, C-suites, boards and regulators do not fully appreciate, or, if they do, fully understand, the need to deal with the drag on good conduct created by the lack of organisational resource (systems, people and capital), i.e. capacity, and the constant re-prioritisation of activity that more pressing drivers such as revenue and profitability induce – to the extent that much of the work necessary to embed a sharp and effective conduct framework never gets done.
This is the underlying reason for the lack of meaningful progress to date and the key risk to the achievement of regulatory objectives.
It is the fundamental root cause of ongoing issues and must be directly addressed.
This means a re-calibration of the outcome-focussed approach to regulation to one that is more prescriptive without being too rigid.
But, to make that happen, competition law needs reframing.
The Regulatory Imperative
In July 2021 New Zealand’s Financial Market Authority (FMA), the equivalent of the Australian Securities & Investments Commission (ASIC), produced a report into the conduct and culture of general insurers[2] –
This was the output from the 2nd phase of FMA activity consequent upon the Financial Markets Conduct Act 2013 and the production of a guide to their view of conduct in February 2017 https://www.fma.govt.nz/assets/Guidance/170202-A-guide-to-the-FMAs-view-of-conduct-v2.pdf .
It’s findings were scathing –
In particular, our review found:
? The level of conduct maturity was low, with some insurers demonstrating that they did not see conduct and culture as relevant to their organisation.
? Product and policy-holder review processes need to be improved.
? Insurers need to have a clearer line of sight on commissions paid to intermediaries, including whether they are fair and reasonable to customers, and understood by customers.
? Insurers should have greater oversight of how intermediaries are selling and managing the insurers’ products.
? Many boards are yet to support the development of an organisational culture that promotes good conduct, rebalance shareholder and customer interests, and set an appropriate conduct risk appetite.
? Not enough has been done to ensure remediation activity is completed promptly and addresses the root cause of issues.
While each of the findings reflect the current malaise of New Zealand’s insurance sector and clearly need addressing, the report missed an opportunity to re-enforce how critical a key causal factor, resourcing, is to effectively address conduct. It was there to tease out, both in the 2017 conduct guide - “Consistently good outcomes require sound systems and controls, …”[3] - and in the 2021 report - “These issues were mostly related to weak systems …”[4] - but the FMA only highlighted root cause analysis in the sixth finding on remediation associated with pricing issues.
In the 2017 conduct guide was this statement,[5] –
reflecting policy developed in thrall of the political ideology of the time.
Immediately after that document was released in NZ, Australians watched on in disbelief as The Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (the Hayne Inquiry) unfolded, revealing attitudes and practices at the highest level and in the biggest institutions completely at odds with the intent of existing market conduct legislation.
So, for NZ’s FMA, was the report into the conduct and culture of general insurers, tabled well after Commissioner Hayne delivered his report, an opportunity lost? From the perspective of identifying the symptoms (conduct concerns), no, but, in not drilling down into the root causes to show they understood the underlying health issues, yes. While this was most likely unintentional (probably set aside in the interest of brevity and maintaining insurer ‘ownership’ of the fixes) - the FMA’s regulatory touch being focussed on the outcome rather than being prescriptive about how insurers achieve it - the author has no doubt clear thinkers in the insurance industry and the regulators (incl. NZ’s Reserve Bank and the Australian Prudential Regulatory Authority (APRA)) understand the structural weaknesses that must be addressed to embed an effective conduct regime.
Across Australasia the pace of reform has been sluggish, progressing in what can politely be described as a measured fashion (designed to bring the market along as issues and learnings present). Australia has learnt that an accommodative approach to re-regulation - marching in step with the industry’s capacity for change - while not kicking the can down the road, does little to change the addictive sugar hit that can contained.
While New Zealand is only in the 2nd year of ‘conduct’ licensing of insurers, and it can be expected the MFA will revisit pace and pressure as insurers respond to identified issues and the licence renewal process matures, it need only look across the Tasman (where many of NZ’s largest insurance industry players have their headquarters) to see what happens when regulation doesn’t get to the nub of issues[6] or there isn’t enough resources allocated to regime implementation and oversight.
Regulators do understand the challenge from a broader system perspective but, from the author’s experience, neither they nor the organisations they oversee fully appreciate the most prominent risk for insurers and their distribution partners (agents & brokers)[7] in making meaningful progress improving conduct, adequate capacity. And both suffer from a lack of that fundamental element.
The Capacity to Respond
?‘Systems’ mean different things to different people. For the purpose of this article it means an integrated method of control, including appropriate structures and the frameworks that underpin them, that ensure comprehensive oversight by management of the value/process chain and product/client lifecycle, with embedded checks in process flows that cannot be ignored or overridden, requiring a specific governance action directing decisions to an appropriate level where accountability is clear and competing priorities can be properly balanced.??
To “consistently deliver good (conduct) outcomes” [8] organisations must have fully integrated processes & processing systems, quality information & data, automated workflows, and the indicators/dashboards to oversee performance – but the insurance industry still has a long way to go.
Capacity also includes having the right level of staffing (that allows proper assessment and execution of customer needs via right products and effective processes) in the first place.
Without this capacity, organisational capability is wasted. In fact, organisations may well not know that they don’t know they have a conduct problem; or they choose to ignore what they do know because they don’t want to know. For example, insurers and their distributors with weak incident reporting processes (especially for ‘near misses’) remain blissfully unaware of how close to the line they’re treading. Individual employees may be aware of the weakness but have insufficient evidence to back up a lift in priority and resourcing to address the incident identification & reporting mechanics that would help resolve the lack of data.
Limited enterprise awareness was most recently highlighted during the preparatory phase for the implementation of APRA’s Prudential Standard CPS230 Operational Risk Management (in particular, resiliency and conduct), and their Financial Accountability Regime (e.g. the identification of important functions that accountable persons have responsibility for). This, again, highlighted to industry insiders how existing dysfunctional structures - especially in matrixed organisations reliant on key service providers and outsourced[9] critical processes - heighten the risk of sub-optimal customer outcomes and responsibility diffusion through unclear delineation of who does what; compounded by inadequate data (to monitor outcomes) and unstructured hand-offs. In the author’s experience, the bigger the business the badder the outcome; the more global the less local the focus.[10]
This is the big difference between business/regulatory theory and practical application at the coalface. The whole system must be integrated and be able to hang together under pressure at any point. Like a building, it must be structurally sound and weathertight.
Just like climate-change has shifted market paradigms, so will social pressures. In the history of insurance this has happened before[11] and will do so, again, as the decline in consumer/voter trust results in governments leaning in more.
But the average consumer/voter has little appreciation of the dynamics associated with marking regulation to (a functional) market which, in turn, requires a stable, co-operative political environment, especially when it comes to policy on fundamental economic and social matters.
To get this started, the clashes between a comprehensive, sustainable[12] outcome (for the customer and the business) and business owners’ performance expectations,[13] must be addressed.
But, there is a significant barrier to navigate through for this to happen – competition law.
The Competition Hurdle
As the FMA shifts its weight from guidance to enforcement it would be appropriate to address the overall structure of the insurance market; including a review of the broader business laws that apply .
In the existing environment (the product of 40 years of de-regulation) it is unlikely that any insurer would willingly become a first mover – any conduct advantage being very much longer-term and heavily outweighed by current short/medium-term disadvantage.[14]
The environmental, social & governance (ESG) wave of the last 20 years or so, despite the sound principles involved, simply has not achieved the necessary cut-through; the ‘S’ in ESG and the social licence to operate remaining an ethereal concept.
领英推荐
Like the competition-driven short-cuts in construction that delivered leaky buildings and flammable cladding, it takes years for the lack of effective product and system boundaries to become evident. The same applies to financial services and, unless there is a clear playing field and a firm referee, the commercial reality short game will always trump the conduct long game. ?
The Characteristics of an Inadequate Conduct Structure
Conduct is not just about the transactional interaction with customers. It is the organisational state of being that sets the scene.
Insurance industry challenges are comparable to where the construction industry finds itself after 40 years of no effective market regulation – a lack of quality and resiliency.[15] Quite simply, markets characterised by fundamental information asymmetry (building and insurance being high on that list) cannot and must not regulate themselves, or, where they do in part, they do so only with an effective backstop. Repeat insurance code of conduct reviews in Australia and NZ attests to this; as does the neutering of product disclosure statements (PDS) by the policy wording being used as a substitute.
Regulators in Australia and New Zealand have made much of their recent ‘successes’ in addressing pricing (discount) failures, mostly self-reported by insurers. But, absent from the publicity was any substance on how insurers were going to prevent this or, for that matter, other inappropriate outcomes from pricing algorithms, recurring. Nor was there any meaningful commentary indicating stakeholders understood pricing was just one of a number of symptoms pointing to structural inadequacies that, if not also addressed, won’t resolve the overall conduct problem.
Examples of inadequacies include –
1.????? Policy Wordings - insurers unable[16] to produce policy schedules that match the related policy wording, resulting in incomplete insurance contracts presented to customers.
2.????? Sales & Administration - manual interfaces within insurers and with their distributors/suppliers, incl. the lack of formal agreements (especially in NZ) addressing who’s responsible for what.
3.????? Legacy Systems – generational lack of investment, with a multitude of overlays and bolt-ons that no one fully understands and/or where programming specifications have been lost.
4.????? Information – where the demand for comprehensive & accurate data (e.g. for liability valuations and pricing models) has outstripped the ability of administration systems to provide.
5.????? Workflow & Dashboards -? absent or incomplete process chain monitoring of product/service delivery tools (and the data to drive them).
6.????? Access Integrity - such as sales portals using common passwords or, where individual passwords are used, infrequent list maintenance.[17] A lack of agreements governing use is also a feature.
But, even more broadly than these administrative impacts, wider, fundamental, segment and market implications include –
·??Model Policy Wordings – the absence thereof, incl. structured levels of cover, which make it next to impossible to effectively compare insurers and explain differences.
·??Risk-Based Pricing – where overemphasis undermines the fundamental insurance principle of community sharing of risk.
·??Cover Availability – following on the above two points, the societal expectation of continuous access to (affordable) insurance as a risk transfer mechanism.
·??Accounting Integrity – reliance on manual interfaces to post from administrative to finance systems, incl. the absence of trial balances or adequate verification of transactional data, that compounds unreconciled balances and compromises effectiveness, e.g. credit control.
And, to round out with a representative example of the short-term thinking on product development and investment decisioning, the minimum viable product approach, with its design limitations and speed-to-market short-termism is, in part, a product of competition law holding back consumer-centric outcomes. Consumers are not sandpits, testbeds, nor crash test dummies. They deserve better; including products/services that are complete and sustainable on initial delivery.
Oh, and by the way, when it comes to distributors (esp. the independents), insurers compound their exposure to conduct risk by outsourcing aspects of their product design/delivery and financial advice responsibilities to organisations still fundamentally compromised in their ability to effectively balance revenue and governance drivers.?
The Conduct Compass – True North
The author knows regulators understand markets won’t move by themselves, but they are often hamstrung by the doctrine of their political masters. Free markets are all well and good, and the author has no doubt that the change we’ve seen over the last 40 years has predominantly been positive, but the underlying expectation that markets can self-regulate has, again, proven wrong.
Contrast the successful ‘fit-for-purpose’ legislation requiring faulty product replacement with the current environment where legislators are still struggling to find the right balance with systems/services not easily replaced and expected to perform consistently over the long-term (e.g. buildings and financial products). As a society we’ve achieved acceptable levels of safety with, for example, vehicles and aircraft (said noting some recent missteps rooted in corporate hubris – see Boeing example[18]) but, with services now contributing ~70% of developed countries GDP, protection is lagging; with the legal system an increasingly ineffective backstop.
While the outcome of service failures are not as immediately dramatic as airplane crashes or building collapses, the impact can be widespread, long-lasting and have tragic financial consequences.
Just as the focus on performance-based outcomes led to a degradation in the quality and resilience of the built environment, so this approach to insurer conduct has and will continue to do so if the FMA doesn’t add the how to the what via enforceable guidelines (standards) setting out best (expected) practice and the necessary system(s) to underpin it.
There is no substitute for balanced, modulated regulation, including prescriptive elements with flexibility and a well-resourced regulator with power, as a central plank in that conduct compact.
It can’t be that hard to establish a workable, tri-partite partnership between consumers, insurers and government that delivers a stable, investable environment with smoothed-out cycles essential to the continuity and sustainability of products/services with fiduciary components.[19]
Only then will regulation reflect real world risks rather than theoretical economic/market philosophies that have characterised the legislative approach of the last 40 years.
[1] i.e. the initial cost/price hurdle organisations face in justifying the significant spend in the first place to set up an effective conduct structure without compromising their competitive position.
[2] This followed a January 2019 report on life insurance sector conduct - both highly correlated.
[3] Pg 7, para 4.
[4] Pg 9 Product and portfolio reviews, para 2.
[5] Pg 4 Why conduct matters, para 6.
[6] e.g. by placing too much emphasis matching the industry’s capacity to respond via limited design or carve-outs (such claims handling not being defined as a financial service – which has belatedly been corrected and NZ has at least recognised and avoided that particular mistake).
[7] APRA’s CPS 230 places the responsibility on insurers to ensure their distributors, including insurance brokers, have adequate systems/processes. It is highly likely NZ’s FMA will follow suit.
[8] Pg 4 A guide to the FMA’s view of conduct, Sec. Why conduct matters, para. 6.
[9] Internally or externally.
[10] The smaller the country operation the less likely its specific requirements will be reflected in global processes or that it will be separately allocated the necessary resources. NZ (and Australia to some extent) is simply not big enough in most sectors for a free market to reign (or, where it does, is compromised by oligopolies) and must accept that means bespoke governance at higher cost. If the playing field is otherwise level and comparable country regulators work in lock-step, it shouldn’t compromise the supply chain or a balance in the mix of market participants.
[11] e.g. government insurance offices and mutuals.
[12] See ISO 26000 Social Responsibility https://www.iso.org/iso-26000-social-responsibility.html .
[13] Most commonly expressed by narrowly focussed, short-term and over-weight KPIs.
[14] The only possible exception to this generalisation would be product/service start-ups targeting specific customer segments, with none to date having achieved the critical mass necessary to move the market.
[15] The author uses this comparison deliberately as the knock-on effect of poor building resiliency/risk mitigation has significant implications for insurance pricing and availability; as does the ability of businesses to manage ESG risk, e.g. directors & officers liability.
[16] Or unwilling – shifting responsibility to their distribution partners (another issue in itself).
[17] Cyber risk is another of the ‘C’s that arise due to underinvestment driven by competition, i.e. inadequate investment in, and oversight of, technology use and access to business systems.
[19] Afterall, it is the consumers’ money insurers are handling and it must be used in insureds’ best interest.