The purpose of compliance is to Protect
Protect who?
𝘗𝘳𝘰𝘵𝘦𝘤𝘵𝘪𝘯𝘨 𝘤𝘶𝘴𝘵𝘰𝘮𝘦𝘳𝘴 & 𝘤𝘭𝘪𝘦𝘯𝘵𝘴, 𝘵𝘩𝘦 𝘣𝘶𝘴𝘪𝘯𝘦𝘴𝘴, 𝘪𝘵𝘴 𝘱𝘦𝘰𝘱𝘭𝘦 & 𝘱𝘢𝘳𝘵𝘯𝘦𝘳𝘴, 𝘴𝘵𝘢𝘬𝘦𝘩𝘰𝘭𝘥𝘦𝘳𝘴 & 𝘵𝘩𝘦 𝘤𝘰𝘮𝘮𝘶𝘯𝘪𝘵𝘺
Protect from what?
𝘩𝘢𝘳𝘮 𝘰𝘳 𝘥𝘦𝘵𝘳𝘪𝘮𝘦𝘯𝘵 – financial, reputational, loss of licence, lost management time, disqualification, systematic failures, industry mistrust, regulatory scrutiny, anxiety etc
Compliance provides a safe environment to operate, providing [insurance] products & services to customers.
It does not matter whether you are an APRA regulated insurer, an underwriting agency, an insurance broker, a Claims manager (TPA) or material service provider.
A systematic approach to compliance is critical.
𝙃𝙤𝙬 𝙙𝙤𝙚𝙨 𝙘𝙤𝙢𝙥𝙡𝙞𝙖𝙣𝙘𝙚 𝙥𝙧𝙤𝙩𝙚𝙘𝙩?
Think of a fortress, with inner & outer walls providing protection to those within.
The 1st layer of protection is 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗮𝗿𝗿𝗮𝗻𝗴𝗲𝗺𝗲𝗻𝘁𝘀 – policies, process, procedures , systems, trained & competent people that combined, form ‘a safe place to conduct business’
The 2nd layer is 𝙋𝙚𝙤𝙥𝙡𝙚 – employees, authorised reps, material service providers are ‘an early warning system’ reporting things that penetrate the 1st layer. Such as incidents, complaints, breaches, control breakdowns etc
The 3rd layer of protection is your 𝙈𝙤𝙣𝙞𝙩𝙤𝙧𝙞𝙣𝙜 𝙋𝙧𝙤𝙜𝙧𝙖𝙢 – ‘providing assurance’ to board, management & stakeholders.
The final layer of protection is 𝘾𝙪𝙡𝙩𝙪𝙧𝙚 – ‘a desire to do the right thing’, knowing what the right thing is, how to do the right thing & doing something when things go wrong – when no one is watching.
𝗧𝗵𝗲 𝟰 𝗣𝗶𝗹𝗹𝗮𝗿𝘀 𝗼𝗳 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲
It’s critical that the layers of protection are underpinned by a strong foundation. These are the ‘4 pillars of compliance’:
1. Governance & Frameworks
2. People & Culture
3. Procedures & Process
4. Systems & Reporting
The 4 pillars of compliance, when combined, ensure a consistent, risk-based approach to compliance, with inherent oversight, monitoring & continuous improvement.
The 4 pillars are used when:
1. Setting up & maintaining the compliance arrangements
2. Assessing the risk maturity of the arrangements
3. Managing regulatory change
4. Self-monitoring, highlighting potential areas of attention
𝙉𝙖𝙩𝙪𝙧𝙚, 𝙨𝙘𝙖𝙡𝙚 & 𝙘𝙤𝙢𝙥𝙡𝙚𝙭𝙞𝙩𝙮
A compliance framework, including the layers of protection & the 4 Pillars of compliance, is a conceptual, principle-based model that can be tailored to the nature, scale & complexity of any business operating within general insurance.
The framework provides a compliance operating rhythm that is part of normal business operations with in-built early warning lights, self-monitoring, data-producing & continually evolving to meet consumer, regulatory & business standards & expectations.