1 September 2010Life

Leveraging technology to support regulatory change

New regulatory frameworks have the potential to lead to, or even demand, innovation and the acceptance of new rules and technologies, for organisations. This is the case for the Bermuda Monetary Authority and the firms it regulates, as it conducts its multi-year regulatory change programme. The Authority’s focus, in terms of advancing its use of technology to support this programme, is on innovation, in addition to supporting its objective of achieving broad equivalence with other key jurisdictions.

The Authority is also mindful of the opportunity to leverage technology to support co-operation between supervisors globally. As regulatory frameworks become more harmonised internationally, and developments such as group supervision are implemented, the importance of facilitating effective and appropriate collaboration and exchange of information among supervisors increases.

In addition, regulatory initiatives for the insurance sector, such as the Solvency II Directive in Europe, are changing the process by which information on companies’ performance and capital positions are measured, recorded and communicated for supervisory purposes. Solvency II represents a change in the method of calculating capital requirements for insurance companies. In addition, the directive seeks to bring about changes in companies’ systems of internal control, risk management, governance and the means of communication used for a firm’s interactions with supervisory authorities and the market. Such developments drive the need for insurance companies and regulatory authorities alike to use new technological approaches for managing information effectively and efficiently.

With this in mind, organisations are using eXtensible Business Reporting Language (XBRL) to transform the way financial information is being transmitted. XBRL is a globally adopted standard for the interchange of financial information that promises to play a central role in current developments in the global insurance sector. Consequently, the Authority is leveraging the XBRL platform as it advances its own use of technology within its supervisory activities. The intention is to use XBRL as a key aspect of enhancing the Authority’s operational and regulatory transactions with the market, as well as to support its co-operation with fellow regulators worldwide.

How will this platform be used?

With new technologies, the Authority intends to enhance the manner in which it collects, analyses, measures and shares information. The vision is that such technology, and the increased strategic use of electronic processes to support supervisory oversight and review, will create greater efficiencies, richer data analysis and improved reporting capability from the Authority’s systems. This will be achieved through a combination of information standardisation and process automation using XBRL.

A specific example of how the Authority’s new technology will be used is in the collection of information it will require from insurers as part of firms’ Commercial Insurer’s Solvency Self Assessment (CISSA) return—an equivalent to Solvency II’s Own Risk Solvency Assessment (ORSA). Firms will make CISSA filings electronically, thereby automating the collection process and facilitating efficient retrieval and analysis of the data submitted. Consistent with the ORSA, the CISSA data collected will allow the Authority to obtain the re/insurer’s view of the capital resources required to achieve its business objectives, and to assess the governance, risk management and controls surrounding this process. New technologies will also be applied to company filings for the Bermuda Solvency Capital Requirement (BSCR), the standard capital adequacy model implemented for Class 4 and Class 3B firms, and the planned modified BSCR for Class 3A firms. Company filings and returns related to the Authority’s internal capital model approval regime, long-term insurers’ regime and groups’ regime are also within the scope of its new technology platform.

What are the major benefits of the system—to the Authority and to firms?

The Authority’s technology plans will build on its supervisory effectiveness by introducing enhanced reporting and analytical tools into its processes. Importantly, firms as well as the Authority itself will benefit from the improved workflow and efficiencies that these technological advances will bring, without companies being mandated to adopt an additional level of systems infrastructure within their own operations. New delivery channels, including the Internet, have generated an explosion of e-commerce and the emergence of a knowledge-intensive economy globally. The financial services industry in Bermuda and around the world has also changed because of these same technologies, leveraging the operational and transactional benefits they bring. The sophistication of the Bermuda market and existing high adoption of technological innovation from an operational standpoint lends itself to further use of technology to enhance the interaction between the Authority and regulated entities.

Similarly, technology will be pivotal in facilitating the work of financial regulators in the context of unprecedented global regulatory change and the implementation of new supervisory regimes. Another priority will be applying technology to the measurement of risk, and providing support to corporate reporting and regulatory oversight, which is becoming complex and, at the same time, extremely essential. The Authority’s goal is to introduce its robust technology platform in parallel with new regulatory policy to enhance the quality of its information and increase efficiencies in its supervisory operations.

The Authority’s view is that these efficiencies are necessary for it to be able to cost-effectively deliver on its mandate as a leading risk-based financial regulator. In addition, the enhanced analytical capabilities that will also be generated from this initiative will support the supervisory rigour necessary to achieve broad regulatory equivalence with key markets overseas, including under Solvency II. Overall, the Authority’s technology programme will facilitate the delivery of an agile regulatory framework that is able to adapt to changing regulatory needs, as well as offering improved cross-sector analysis, deeper intra-sector analysis, wider systemic modelling opportunities and even greater efficiencies in regulatory filing processes for firms.

Why are these changes relevant for achieving regulatory equivalence, for example, under Solvency II?

Overall, a major consideration in relation to achieving regulatory equivalence, including under Solvency II, is ensuring that there is a sufficient amount of depth and rigour in the analytic capability of the supervisory review process. Being able to demonstrate such capabilities will be critical in relation to meeting the expectations and requirements of regulatory equivalence, specifically regarding how effectively supervisors are actually implementing their regimes. The Authority’s use of the XBRL platform to enhance its capabilities in this regard is therefore significant, both strategically and operationally, in relation to achieving regulatory equivalence.

In addition, the standardised data reporting that will be part of the Authority’s enhanced technological platform will be important in terms of supporting global supervisory co-operation, which complements the regulatory equivalence process. The Authority intends to leverage this standardised data reporting to enhance its collaboration with other regulators, particularly to facilitate group-wide analysis and solvency calculations under its group supervision framework.

The technological developments at the Authority are designed to support the types of priorities described above and are therefore a key aspect of the Authority’s preparations for regulatory equivalence.

How far can companies and regulators alike use technology and information management to support effective risk management, and what will be the final product in that regard for the Authority?

Because of the financial crisis, operational risk has moved to the forefront of good corporate governance. Regulators and stakeholders are demanding that companies understand and disclose the risks being taken in specific lines of business, plus account for the effect that risks in one area of their business could have on other areas. To facilitate these changes, insurance companies may have to implement new information architectures to be able to effectively track and manage their operational risk. The new information architectures would ideally interact with supervisory tools established by regulatory authorities and lead to an effective risk management system for the entity. An effective risk management system is one that is owned and implemented by the senior management of a firm, and is respectful of the fact that delegation of responsibilities does not mean dilution of responsibility.

In addition, Solvency II is a ‘framework directive’ focused on elaborating the basic enduring principles underpinning the solvency system; whilst there is also a reliance on additional implementation guidelines. Having the implementation guidelines separated from the framework directive makes it easier for regulation to keep up with the changes in the real world of fast-changing financial markets. It also means that such implementing guidelines can change as time passes, and will require risk management systems and processes implemented by insurance companies and the Authority to be flexible to adapt to changing requirements as the governance mandates evolve. Such flexibility requires a certainty and confidence in the quality of data available to assess and analyse risk.

It is against this backdrop that the Authority’s technology platform is being deployed and, as such, the final product will not only be tools, but processes as well. Together, the tools and processes, built around free open standards, will be flexible, robust and established within a controls framework that is commensurate with the expected requirements of a leading risk-based regulatory framework.

Taking these steps is part of the Authority’s commitment to enhance its framework continually to ensure it not only meets its regulatory equivalence goals, but also maintains a regulatory environment in Bermuda that is predicated on the highest regulatory standards and innovation.

John Dill is director of information technology at the Bermuda Monetary Authority. He can be contacted at: jdill@bma.bm