Alistair Bennett is business advisory and accountancy firm Mazars' senior IT consultant.
As FSA regulation looms closer Alistair looks at how regulation affects technology spending.
The article prompts questions about whether regulation will help companies that are forced to stretch budgets to meet tough new rules.

A survey carried out by Mazars showed that the regulatory pressures on insurance industry have had a damaging effect on how much was being spent on new technology in 2004.

Mazars' Insurance Broker Industry Survey found new accounting requirements, regulatory changes and technology improvements affecting how much big businesses spend on developing comprehensive IT systems.

As a result of the findings, Mazars carried out a review of selected review of certain brokerages to see how FSA regulatory systems and general IT governance controls affected spending in the workplace.

The review produced a number of significant findings across three key areas: systems fragmentation, new systems implementation control and IT governance and security.

·There are few industry standards and cost-efficient ways to implement and manage insurance related transactions using off the shelf technology as a platform. Many organisations have chosen to build either their own systems or choose off the shelf applications that are then significantly tailored to fit the business. Such a strategy is high risk and creates a prohibitive environment for new and smaller brokers and underwriters who are looking to expand and/or gain access to the market

·There are significant issues for brokers and insurance organisations who are planning to acquire, as the cost of integrating and standardising systems could be quite high and the quality and level of reporting may lead to immediate systems replacement in order to meet the FSA reporting requirements

·Of the organisations reviewed, 37% were implementing a significant upgrade, had introduced one recently or were in the process of planning a change. With changes in systems, especially if they are customised, increased control is required. This should be on several levels - financial control in the form of the right cost-benefit analysis and maintenance of the spend on a project; operational control based on having the right skills and experience to specify requirements; and management control by ensuring that final acceptance by the business is in place.
Structuring and monitoring a practical approach for measuring the risk of IT is becoming increasingly important.

What is interesting is that as many as one quarter of smaller companies do not have a formal contract of service with their main technology suppliers. The analysis also shows that many larger intermediaries are employing good management practice when monitoring on-going systems performance (80%).

However, less than half are obtaining service level agreements with key technology providers / outsourcers (40%) and a significant number are neither implementing formal budgetary control (33%) nor have board-level IT representation (27%) - two important controls which, if ignored, increase business risk.


Topics