This InsuranceERM article (subscription required) cites Milliman’s William Coatesworth and John McKenzie’s publication summarizing a Financial Services Authority (FSA) report. The FSA report states that although most European firms are doing well meeting internal model data process (IMAP) requirements, others are struggling with basic governance issues.
Here is an excerpt from Milliman’s review:
Three challenges were identified in relation to the implementation of the data policy:
I. Most firms underestimated the time required to embed the data governance framework into business as usual (BAU)
This resulted in many firms having to recruit additional resources to manage BAU data governance activities. In many cases, internal data quality reporting remained under the responsibility of the project workstream with considerable inconsistencies in the metrics reported on, and how they were used on BAU.
Specifically, the report notes that firms were not always able to articulate what the terms “accurate”, “complete” or “appropriate? Meant in practice and hence were unable to assess data quality effectively – by the way of an example, the FSA highlighted the ability of underwriting teams to assess the materiality of data errors in catastrophe exposure data as an issue.
The FSA has commented that it expects firms to have a consistent process to measure, analyse and monitor data quality in BAU. Where firms are replying on on-going, and often complex, IT implementations to support data governance, they should either provide assurance that the existing system of data governance is adequate or provide details of the materiality of any gaps and when these will be addressed.
II. Most firms found it difficult to assign data ownership as part of their governance model
The FSA notes that while ownership of, and accountability for, the data is not specifically covered in the Solvency II Directive, the assignment of ownership of individual data items between producer and consumer roles, as seen in many firms, can help ensure the various stakeholders are aware of their responsibilities for maintaining data quality.
III. Many firms struggled with ensuring a consistent interpretation and application of group-wide policy and standards
This is an area where the FSA has commented it will look to ensure consistency, both in the adoption of standards, and in the metrics used for monitoring and escalation – although it notes the processes at solo level may be different. Where a self-certification based governance mechanism is used, firms should ensure there is a strong process for challenging and auditing these self-assessments.