Control Framework
Breakfast Group agenda
9:00 Arrival, Breakfast & networking All 9:20 Welcome Ali Dove 9:25 Direct Reporting Demonstration Sharmi Bakrania 9:50 Phase 2 Control Framework Update Jaana Rouvari & John Hibbert 10:20 Q & A All 10:30 Close Ali Dove
DIRECT REPORTING
Direct reporting RECAP
What is it ? A process that enables Managing Agents to report regulatory & tax
information directly to Lloyd’s for Service Company business Data is at a transactional level as opposed to reporting information
being derived from the bureau accounting process Breaks the link between accounting and reporting (on cash)
CLARITY OF SCOPEIn Scope• 100% business – where an insurer underwrites the whole risk. • ‘Separate’ subscription business - where an insurer underwrites
part of a risk using a separate insurance document to other insurers which underwrite that risk.
Out of Scope• ‘Conventional’ subscription business - where all underwriters
underwriting part of a risk use the same market reform contract for subscription.
DIRECT REPORTING
CURRENT STATUS
4
• Solution is now complete in final stages of testing• Met with all bar one Managing Agent – 3 should be live by
year end• Confirming with those interested to go live on 1/1/14• Meeting with IT suppliers
DIRECT REPORTING
KEY ELEMENTS - REMINDER
Service Company business Include all Territories ACORD standard XML message Offer reporting service to all managing agents
via Core Market Return route
DIRECT REPORTING
What Do I need TO DIRECT REPORT?www.lloyds.com/directreporting
DIRECT REPORTING
• Direct Reporting Data Requirements• Direct Reporting Gap Analysis Spreadsheet• Direct Reporting Data Model• Direct Reporting Roadmap
DIRECT REPORTING
Direct Reporting Demo
DIRECT REPORTING
DIRECT REPORTING
© Lloyd’s
Control framework phase II Why it’s important What is it and who does it affect? How is it implemented? The risk model and how it applies Coverholder audit Delivery roadmap 2013 & 2014 Board sign off… For more information… Questions?
10
Control Framework
© Lloyd’s
WHY it’s important
Increasing regulatory and tax authority scrutiny around the information that Lloyd’s returns are based upon.
Increasing sophistication of the business being written (cross border) through coverholders resulting in regulatory risk increasing.
Confidence in data quality is not currently based on evidence and so is difficult to demonstrate.
11
Control Framework
© Lloyd’s
What is it?
Identifies for the first time explicit minimum information requirements covering tax and regulatory reporting.
A structured, documented process that allows managing agents to demonstrate they have adequate controls in place.
Nothing new!
12
Control Framework
© Lloyd’s
WHO does it affect?
Phase I – Completed39 managing agents successfully signed off on time!
Phase II – Commences in July 2013 Framework does not change, it simply extends the scope to include coverholder
business. Key stakeholders- 55 managing agents, approx. 200 brokers and 5000 coverholders Presentations at Market Forums to raise awareness on “raising the bar” around
quality of information. Our own page on Lloyds.com. Monthly Breakfast Group for managing agents and brokers.
Phase I Service Companies – CompletedPhase II Coverholders – Deadline 31st December 2014Phase III Open Market - TBA
Control Framework is the managing agents’ responsibility
13
Control Framework
© Lloyd’s
How it’s implemented
Information Requireme
nts
Risks
How the risks apply
Controls described or defined
Evidence gathered
Confidence gained
Process for continuous improvement to “raise the bar”
14
Control Framework
© Lloyd’s
The risk modelRISK
Requirements are not understood
1 There are many reasons why this risk may crystallise. It could be that the person interpreting the requirements does not have the requisite skills or experience, human error, or the requirements being unclear or ambiguous
HOW IT MAY TRANSPIRE
Data capture is inadequate
2 This may relate to data not being captured, being captured more than once (duplicate) or that the data captured is erroneous. It may also be that data is not refreshed at the appropriate point (if relevant).
Data is processed incorrectly
3 Between capture and reporting data will undergo some form of processing. In some cases this will be about using different elements of data to compute other information, but it also relates to things such as erroneous report definitions. Typically, this risk can also be used to cover security and continuity risks, but given the specific focus in the Operating Principles these have been broken out.
Data is corrupted
4 Data may be corrupted accidentally or on purpose. Typically this involved inadvertent or erroneous changes to data when it is being adapted outside of core processing systems.
Data is lost and cannot be recovered
5 This is most likely to crystallise where historic information is not contained in core processing systems that are subject to a robust backup regime, but in end user computing facilities such as spreadsheets or user maintained databases.
15
Control Framework
© Lloyd’s
How the risks apply How these risks might apply to your organisation or any
associated third party undertaking information capture or processing on your behalf.
Understand how these risks could be addressed What existing controls are in place? How are these risks currently mitigated and managed?
16
Control Framework
© Lloyd’s
Coverholder auditCoverholder audit scope extended to include questions addressing the Control FrameworkProposed questions address:
Location of risk
How this is determined for system entry
What considerations are taken when business is transacted across border
How tax liability is determined
Collation/ creation of the bordereaux
Whether Lloyd’s tools are used in the process of determining risk location and tax liability (Crystal, Risk Locator Tool, etc).
17
Control Framework
© Lloyd’s
Delivery road map - 2013
Q2 2013 • Pre project consultation• Development of Lloyd’s project tool kit
Q3 & Q4 2013
• Review and confirm coverholders in phase II
• Coverholder risk rating exercise completed and returned to Lloyd’s
• Audit schedule in place• Governance and resources in place to
see through implementation of phase II• Confirmation of project delivery timescale
18
6 month analysis phase
Control Framework
© Lloyd’s
Delivery road map - 2014Q1 2014
• Assess risks• Identify controls and gaps• Review audit findings (continually
as audits are performed)
Q2 & Q3 2014• Develop remediating controls• Implement controls• Review audit findings (continually
as audits are performed)
Q4 2014
• Agree assurances to be shared with Lloyd’s
• Test controls and procedures in operations
• Confirm evidence for sign off• Formal SIGN OFF! 19
Control Framework
© Lloyd’s
Board Sign-off…
20
Control Framework
© Lloyd’s
Lloyd’s project structure
21
Control Framework
Executive SponsorLuke Savage
Project Board
Mark Edwards- TaxAndrew Gurney- International Regulatory Affairs
Peter Montanaro- Delegated AuthoritiesRob Humphreys- Market Operations
Ali Dove- Market Operations
Programme ManagerAli Dove
Project TeamJaana Rouvari- Project Manager
John Hibbert- Stakeholder ManagerLaura Fletcher- Business Analyst
Lucy Evans- PMO
© Lloyd’s
For more information
22
Control Framework
© Lloyd’s
Questions?
24
Control Framework
Control Framework
Update on broker engagement
John Hibbert
Control Framework
Who have we seen? Millers Julian Sawyer CSWH Les Doel Intergro Dan Lott Decus John Harris AJG Phil Branch Willis John Higgs Tysers David Green Aon Simon Archer/
Tony Rhoades
Endeavour Robert Campbell Towers Watson Geoff Davies Cooper Gay Rod Joyce THB Catherine Nicoll Bell & Clements Graham Lindus CSP Stephen Bryant AonBenfield Emma Syrett Lockton Ian Derry
Control Framework
Questions that were raisedQ. Why is the DA not involving this in Coverholders audits? - This is happening. New CF-specific audit questions are being introduced into
the Coverholder audit scope.
Q. Coverholders will be audited anyway over the next couple of years – is this not enough? - This covers part of it, but we need to look at the controls in place through out
the information chain.
Q. Are MAs “starting again” with third party coverholders? The distribution model is the same as with service companies- won’t the systems already be there? - Many are confident that the data is there, it is just the case of evidencing this.
Q. Have the responsibilities of leads and follows been considered? - Yes this has certainly come into the mix. However as far as the regulators are
concerned, there is no difference between them.
Q. Are TPAs part of this initiative? - Yes TPAs are considered within the CF.
Control Framework
In summary• A common issue is that Managing Agents ask
for data even though it has already been provided by the Broker. The first option has to be to look internally rather than going straight to the Broker. Lloyd’s needs to give guidance so that is a consistent approach from Managing Agents.
• It is essential for Managing Agents and Brokers to work together towards an agreed approach.
• This project should be very helpful for Brokers in that it will address data consistency.
CONSISTENCY IS THE KEY
© Lloyd’s
Q & A
29
Control Framework
© Lloyd’s 30
Control Framework
Close
Further information on Direct Reporting – [email protected]
Further information on Control Framework – [email protected]
Next Breakfast Meeting – Tuesday 27th August 2013
Control Framework Broker Conference Event – 17th September 2013
Control Framework Phase I end of project celebration – end of September date TBC