Back in February the FSA published their Internal Models Approval Process (IMAP) Thematic review findings, a paper that brought together their collective findings after a period of discussion and probing of a number of insurance firms. The intention of this paper was to use the information to help identify the better practices being employed by firms, to help the FSA better understand the areas discussed and to give firms some much needed gen into the FSA’s thinking as they approach the pre-application phase of the IMAP.
Personally I really like this paper and found it a breath of fresh air amongst the smog that is the usual regulatory documentation. It is written in an open and honest style and has many genuinely interestingly findings. I liked the fact that the FSA also sought to incorporate the views of a number of specialist consultants with regards to best practice. Perhaps this is some way admission that there is a lack of complete understanding of the Solvency 2 regulation even within the FSA.
The paper focuses on four key areas:
- Risk Management
- The Use Test
- Data Management
- Model Validation
Obviously I was keen to understand the findings related to data management and highlighted what I felt were the key themes in the paper. I’ve summarised these themes below:
- Firms need to have a comprehensive Data Policy in place that has the support of senior management. Policy should include the firm’s own concept of DQ.
- Suitable Data Quality policies/procedures in place with the suggestion that the FSA are keen for firms to have integrated (i.e. end-to-end) processes with adequate controls in place to safeguard integrity.
- Firms should have a documented interpretation of ‘complete, accurate, and appropriate’ (with agreed thresholds) and be able to demonstrate how compliant their data is. There is also the suggestion that firms should have systems in place to provide dedicated data quality MI.
- There should be dedicated and adequate DQ resource in place to support processes as well as adequate resource to meet the challenges of documentation.
- The FSA are keen to see evidence that data governance and data quality topics are being appropriately discussed at senior management (board & committee) forums.
- Firms should have process and system owners in place and their roles and responsibilities should be clearly defined and documented.
- There should be Data Custodians or similar type data governance roles in place, again with their roles and responsibilities clearly defined and documented.
- A Data Directory (not dictionary) should be in place to assist in the integration and coordination of people, process, systems, documentation and data (a mammoth undertaking in itself!).
- There is also strong push for firms to dramatically reduce their reliance on a spread-sheet landscape.
Getting ready for the pre-application phase will be no small task then! I think each of these themes probably warrants a post of their own to fully examine the detail. So, with that in mind I’d be interested to hear your thoughts on this paper and whether you agree with my interpretation of those areas being key.