As the U.S. and the rest of the world have been grappling with the possibility and consequences of a war with Iraq and we at home are learning to deal with such new realities as bio-terror and color-coded alerts, it has become clear we now live in what just might turn out to be a permanent state of vigilance.
Something else becoming abundantly clear is the insurance industrys role in the national security infrastructure. Since the end of 2001, the Terrorism Risk Insurance Act, the USA Patriot Act, and a renewed emphasis on OFAC are evidence not only of insurances integral role in the economy and the fight against criminal and terrorist activity but of the governments recognition of it, as well.
While those who determine the policies are not generally from the technology arena, the reality is much of the burden for effecting these regulations falls squarely on the shoulders of IT (see Law and Order). On the P&C side, companies need risk modeling tools that never have existed before, able to predict future losses based on (thankfully) scant prior experience. On the life side, the Patriot Act requires systems to establish patterns and send up red flags when suspicious activity surfaces. And for both, an ever-growing OFAC list means more to check against every time a transaction takes place. Industry insiders agree this translates into two major initiatives: (1) Data has to be cleaner than it ever was before; (2) companies have to take control of every piece of information and every transaction.
What are companies doing? According to a recent Gartner study of U.S.-based insurers, banks, and securities firms to determine the state of the market for anti-money-laundering tools, three-quarters of insurers have custom built their own compliance solutionsmore than either of the other segments.
Gartner points out: Through 2005, USA Patriot Act enforcement will center on highly publicized, limited efforts aimed at senior managers of nationally known companies and rely on stakeholder fear of negative publicity to enforce compliance elsewhere. This situation raises a caveat: Insurers must be careful to adequately fund ongoing maintenance. It also indicates P&C companies need to investigate adopting such programs, Gartner says, since their exemption only signifies regulators havent figured out as yet how a criminal can launder money in this arenanot that its impossible to do so.
So whats the bottom line? Insurance IT must get its arms around more data and processes than it ever has. Insurance IT has to think like investigators in ways much broader than old-fashioned insurance claims fraud.
If there ever was a time for the much-discussed business-IT partnership, its now. The stakes today are higher than ROI or competitive advantage. Technology professionals need to understand all the increasingly complex issues involved to figure out how to make systems work effectively. They need to be a part of the processeven if they have to initiate their inclusion in it.
No one wants to wind up on page one of the business section because of a compliance infraction. More importantly, no one wants to allow one technology slip or gap to enable those who would commit another 9/11 atrocity.
Sharon S. Schwartzman
Editor-in-Chief
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.