By Ross E. Chapman, Global Marketing Director, Aptitude Software
IFRS 17 is arguably the most significant change to insurance accounting that has ever taken place. The standard requires insurance CFOs to produce new financial reporting and will challenge their ability to explain the business clearly to investors, boards, regulators and other stakeholders.
The principles-based standard drives forward-looking estimates onto the balance sheet, placing finance teams under an even brighter ‘audit spotlight’ with the need for new controls and governance processes, extensive disclosures and the ability to substantiate reported results.
While initially the focus was on the addition of a new required calculation, the contractual service margin (CSM), insurers and advisors are realising that correctly calculating the CSM over time is just one aspect of achieving IFRS 17 compliance. Insurance IFRS 17 project teams recognise the challenge extends well beyond where to home the CSM calculation and are focused on delivering an end-to-end IFRS 17 reporting process.
IFRS 17 compliance requires a series of financial accounting changes. First, insurers need to fit their entire book of business into new measurement models, to create and apply complex accounting posting rules over hundreds of contract types and product lifecycle events.
Second, finance need a new IFRS 17 chart of accounts and to produce extensive new disclosures, delivering IFRS 17 accounting quickly within the ‘working day timetables’ which (for finance) are more frequent (monthly) and typically more accelerated than other regulatory insurance reporting such as Solvency II.
Finally, finance teams need to manage IFRS 17 transition closely, as new balances will drive profitability for years to come and will be under scrutiny from investors, regulators and tax authorities.
Importantly, IFRS 17 reporting cannot be delivered in isolation as financial balances are invariably affected by many other GAAP reporting standards including IFRS 9, IFRS 15 and other rules such as those that dictate the application of fair value.
An overview of finance’s IFRS 17 requirements
- Chief Financial Officers are vested with Chief Actuarial Officers to deliver IFRS 17 reporting accurately, on-time with controls and audit-ability
- Complying with IFRS 17 requires more than delivering Contractual Service Margin calculations – IFRS 17 requires finance to harmonise data, processing and control across the entire systems environment
- In a post-IFRS 17 world, CFOs will be challenged to clearly explain the business strategy and results, but it offers many obvious opportunities to improve finance’s capabilities
The challenge of explaining business performance in the post-IFRS 17 world
CEOs rely on their CFOs and clear financial reporting to explain their business to investors, boards, regulators and management teams. Many insurers expect IFRS 17 to result in more volatile results and the new standards may affect the ability of companies to pay dividends and even impact executive bonuses. In the IFRS 17 world, finance teams will have to focus on how all reporting processes across metrics will work together, including for things such as planning and forecasting.
“Whilst ultimate economic profits will not change, the emergence of those profits can change significantly. Both insurers and their analysts will need to assess the full impact in terms of telling the performance story of their companies.” – Alex Bertolotti, PwC
For the external audiences, the common language of IFRS 17 will (eventually) reduce variation in reporting practices and place pressure on CFOs to quickly and clearly substantiate financial results. Experience adjustments will have to be applied and explained, and accountants will have to understand how profit and loss statement changes can be attributed to changing assumptions such as interest rates.
Insurance companies need to deliver comparative reporting starting in 2020, challenging CFOs to explain the variations between reporting bases. Consistency of treatment across the business will be under much higher scrutiny, and investors will expect CFOs to explain variations across multiple GAAPs and regulatory reporting regimes.
“We should be able to produce a set of parallel books to let the users [of financial statements] make a judgment as to whether it is useful. But, that will be costly…we will need to run parallel systems and have to reconcile between the bases.”
Comparative reporting will challenge CFOs for many years to come, with many insurers already hearing from tax authorities that they will want to see results presented using old and new models for up to seven years, and managers wanting to continue non-IFRS 17-related KPIs for employee performance management processes.
What we learned with global European and Asian insurers through our first three IFRS 17 proof-of-concepts and hundreds of market interactions
- Most mid-sized and large-insurers will need to bridge the gaps between actuarial systems and general ledgers; between CSM engines and accounting; and data integration and calculations. One client had 250+ source systems, with many holding data in proprietary formats.
- Compliance requires tackling a whole host of detailed accounting requirements, e.g. managing full and delta ledgers, auto-reversing journals, the ability to manage manual adjustments, transition balance management, following the sun to produce IFRS 17 across Asian, European and American entities, simulation of accounting impact under different scenarios, aligning management information systems will with IFRS 17 financial data, and reconciling existing Solvency II and local GAAP accounting.
- IFRS 17 brings significant new volumes of accounting. Many firms are recognising the requirement to store contract or even lower “cover” level-data, but for many insurers this equates to hundreds of thousands (if not millions) of accounting line items per day.
- Finance need to “run the business” in a post-IFRS 17 world and many are incorporating finance improvements into their projects – including “fast close” requirements; chart-of-accounts consolidations; improvement of Solvency II reporting outputs and timetables; reducing manual processing; improving reconciliations cycles; standardising finance data across business lines; and “digitising”/modernising finance’s IT architecture.
- Coordinating across divisions and geographies will make IFRS 17 compliance more difficult. Many insurance companies have grown through acquisitions with federated business divisions and a single group finance function consolidating results. (Several of Aptitude Software’s prospects had more than 40 General Ledgers!) Group-level IFRS 17 project teams will need to define IFRS 17 accounting approaches, unit of account, measurement models, transition methods, using financial accounting hubs to ensure divisions deliver appropriate data and apply accounting policy correctly.
Who’s got financial control and governance?
Those insurance companies that have performed deeper analysis or completed proof-of-concepts have highlighted the need for finance teams to harmonise data, processing and controls across actuarial, policy administration and finance systems, to create and manage IFRS 17 portfolios, to ultimately produce highly-controlled financial results.
Expected cash flows sourced from actuarial systems environments will form the basis of most IFRS 17 calculations. A lot of these numbers have been done by actuaries for many years, but insurers will need higher levels of comfort and greater control frameworks around the actuarial data sets.
Ownership of these figures is driving actuarial and accounting teams much closer, but ultimately finance will need to be able to deliver the controls around the end-to-end process. This goes well beyond the CSM calculations.
Whereas data for these judgements may source from actuarial, pricing or policy systems, finance’s role is to manage the end-to-end process to deliver consistent, auditable results with the ability to quickly and clearly explain business performance to all stakeholders. Having the ability to drill down into the provenance and transformation of underlying data will be a key success factor for insurance CFOs.
“How are we going to link the ‘pricing guys’ to understand whether a contract is onerous, when information from pricing is not typically good enough to use in our finance systems? How will we allocate costs to groups of contracts? How are we going to show that the Premium Allocation Approach is applicable as it produces similar results to the general measurement model? On the life side, what are our rules for coverage units? How are we going to use discount rates, as it looks like it’ll be different from what’s in use for Solvency II? How do we deal with diversification? And where we hedge… how are we going to account for that in this new world?” – Questions raised by a lead technical accountant and member of the IFRS 17 Transition Resource Group
Summary of learnings from Aptitude Software’s 4Q 2017 Global IFRS 17 Readiness Assessment
- 39% of firms that have started their analysis expect to kick-off implementation projects in Q2 2018. The 8.2% that are already in active implementation phases have an average gross written premium (GWP) of £15.3bn ($20.4bn). The average GWP of companies at a pre-impact analysis phase is £6bn.
- IFRS 17 is challenging insurers of all types and sizes. It’s not just a life insurance issue; it is having a significant impact on smaller, regional and non-life insurers.
- The industry has learned that IFRS 17 requires much more than delivering CSM calculations.
- Functionally, CFO’s are taking the lead on IFRS 17 but working closely with chief actuaries with the goal of harmonising data, processing and control across finance and actuarial environments.
- With many insurance companies expected to start implementation in mid-2018 and with project teams consisting of 50+ FTEs, a major skills gap is expected.
Shifts in thinking – financial reporting requirements shadow CSM calculation decisions
84% of firms included in the Aptitude Global IFRS 17 Readiness Assessment cited a disparate actuarial environment, which will be a constraint to delivering consistent calculations (cashflows, discounting, risk adjustments, CSM).
Project teams are also grappling with how to capture granular contract data necessary to support the application of IFRS 17 measurement models, how to connect heterogeneous actuarial and finance systems environments, and how to manage the all-important transition balances.
88% of insurance company IFRS 17 project leads highlight that new processes are needed to support IFRS 17 disclosure requirements. Most insurers cited the need to incorporate parallel reporting requirements, including local statutory reporting standards and the new IFRS 9 accounting rules governing financial instruments. And many respondents expressed the desire to fix or improve Solvency II reporting requirements as part of their IFRS 17 project.
How do CFO’s equip themselves for their IFRS 17 expeditions?
It is possibly premature for insurers to seek ‘strategic benefits’ from their IFRS 17 programmes when their routes to compliance are not yet defined. However, when considering how to tackle the standard, it is important for CFOs to keep focused on improving (rather than reducing) their ability to explain business performance.
With this need in mind, some insurers are already tying their IFRS 17 programmes into broader finance improvement initiatives, with insurance CFOs wanting to gain a
single chart-of-accounts across their business, support new business models and product lines, deliver cost reductions (through reduced manual processing), and build better financial data foundations to drive better insights into the business. For some, these ‘strategic’ benefits come with an incremental cost but will provide insurance companies with important capabilities to compete effectively in a post-IFRS 17 world.
ISO 20022 migration: full speed ahead despite recent delays, says new Deutsche Bank paper
Today, Deutsche Bank has released the third installment in its “Guide to ISO 20022 migration” series, which offers a comprehensive update on the industry shift to the de facto global standard for financial messaging: ISO 20022. This paper comes at a critical time for the ISO 20022 migration, with a number of changes to existing timelines and strategies from SWIFT and the world’s major market infrastructures having been announced this year.
The paper explores the latest developments, including SWIFT’s year-long postponement of the migration in the correspondent banking space. The decision meets industry calls for a delay and also provides ample time to build the new central Transaction Management Platform (TMP) – a core feature of SWIFT’s new strategy that will allow the industry to move away from point-to-point messaging and towards central transaction processing.
It also details the wave of action that has been seen by market infrastructures around the world – with many, including the ECB, EBA CLEARING and the Bank of England, announcing revised migration approaches.
“Now more than ever, with shifting timelines and strained resources, it is vital that banks and corporates alike do not view the ISO 20022 migration as just another project that can be put on the back burner,” says Christian Westerhaus, Head of Cash Products, Cash Management, Deutsche Bank. “The delays in the correspondent banking space, and across several market infrastructures, should not be seen as an opportunity for banks to take their foot off the pedal. The journey to ISO 20022 is still moving ahead at speed – and internal projects need to reflect this.”
The Guide also highlights the implementation issues on the migration journey ahead – most notably surrounding interoperability between market infrastructures, usage guidelines and messaging formats. This is achieved through a series of deep dives, case studies, and points of attention drawn from Deutsche Bank’s internal analysis.
“As this year has proved, nothing is set in stone, “says Paula Roels, Head of Market Infrastructure & Industry Initiatives, Deutsche Bank. “The ISO 20022 migration involves a lot of moving parts and keeping abreast of the latest developments is critical for banks and corporates alike. As the deadlines near, and the ISO 20022 story develops, this series of guides will continue to highlight key points for consideration over the coming years.”
The Psychology Behind a Strong Security Culture in the Financial Sector
By Javvad Malik, Security Awareness Advocate at KnowBe4
Banks and financial industries are quite literally where the money is, positioning them as prominent targets for cybercriminals worldwide. Unfortunately, regardless of investments made in the latest technologies, the Achilles heel of these institutions is their employees. Often times, a human blunder is found to be a contributing factor of a security breach, if not the direct source. Indeed, in the 2020 Verizon Data Breach Investigations Report, miscellaneous errors were found vying closely with web application attacks for the top cause of breaches affecting the financial and insurance sector. A secretary may forward an email to the wrong recipient or a system administrator may misconfigure firewall settings. Perhaps, a user clicks on a malicious link. Whatever the case, the outcome is equally dire.
Having grown acutely aware of the role that people play in cybersecurity, business leaders are scrambling to establish a strong security culture within their own organisations. In fact, for many leaders across the globe, realising a strong security culture is of increasing importance, not solely for fear of a breach, but as fundamental to the overall success of their organisations – be it to create customer trust or enhance brand value. Yet, the term lacks a universal definition, and its interpretation varies depending on the individual. In one survey of 1,161 IT decision makers, 758 unique definitions were offered, falling into five distinct categories. While all important, these categories taken apart only feature one aspect of the wider notion of security culture.
With an incomplete understanding of the term, many organisations find themselves inadvertently overconfident in their actual capabilities to fend off cyberthreats. This speaks to the importance of building a single, clear and common definition from which organisations can learn from one another, benchmark their standing and construct a comprehensive security programme.
Defining Security Culture: The Seven Dimensions
In an effort to measure security culture through an objective, scientific method, the term can be broken down into seven key dimensions:
- Attitudes: Formed over time and through experiences, attitudes are learned opinions reflecting the preferences an individual has in favour or against security protocols and issues.
- Behaviours: The physical actions and decisions that employees make which impact the security of an organisation.
- Cognition: The understanding, knowledge and awareness of security threats and issues.
- Communication: Channels adopted to share relevant security-related information in a timely manner, while encouraging and supporting employees as they tackle security issues.
- Compliance: Written security policies and the extent that employees adhere to them.
- Norms: Unwritten rules of conduct in an organisation.
- Responsibilities: The extent to which employees recognise their role in sustaining or endangering their company’s security.
All of these dimensions are inextricably interlinked; should one falter so too would the others.
The Bearing of Banks and Financial Institutions
Collecting data from over 120,000 employees in 1,107 organisations across 24 countries, KnowBe4’s ‘Security Culture Report 2020’ found that the banking and financial sectors were among the best performers on the security culture front, with a score of 76 out of a 100. This comes as no surprise seeing as they manage highly confidential data and have thus adopted a long tradition of risk management as well as extensive regulatory oversight.
Indeed, the security culture posture is reflected in the sector’s well-oiled communication channels. As cyberthreats constantly and rapidly evolve, it is crucial that effective communication processes are implemented. This allows employees to receive accurate and relevant information with ease; having an impact on the organisation’s ability to prevent as well as respond to a security breach. In IBM’s 2020 Cost of a Data Breach study, the average reported response time to detect a data breach is 207 days with an additional 73 days to resolve the situation. This is in comparison to the financial industry’s 177 and 56 days.
Moreover, with better communication follows better attitude – both banking and financial services scored 80 and 79 in this department, respectively. Good communication is integral to facilitating collaboration between departments and offering a reminder that security is not achieved solely within the IT department; rather, it is a team effort. It is also a means of boosting morale and inspiring greater employee engagement. As earlier mentioned, attitudes are evaluations, or learned opinions. Therefore, by keeping employees informed as well as motivated, they are more likely to view security best practices favourably, adopting them voluntarily.
Predictably, the industry ticks the box on compliance as well. The hefty fines issued by the Information Commissioner’s Office (ICO) in the past year alone, including Capital One’s $80 million penalty, probably play a part in keeping financial institutions on their toes.
Nevertheless, there continues to be room for improvement. As it stands, the overall score of 76 is within the ‘moderate’ classification, falling a long way short of the desired 90-100 range. So, what needs fixing?
Towards Achieving Excellence
There is often the misconception that banks and financial institutions are well-versed in security-related information due to their extensive exposure to the cyber domain. However, as the cognition score demonstrates, this is not the case – dawdling in the low 70s. This illustrates an urgent need for improved security awareness programmes within the sector. More importantly, employees should be trained to understand how this knowledge is applied. This can be achieved through practical exercises such as simulated phishing, for example. In addition, training should be tailored to the learning styles as well as the needs of each individual. In other words, a bank clerk would need a completely different curriculum to IT staff working on the backend of servers.
By building on cognition, financial institutions can instigate a sense of responsibility among employees as they begin to recognise the impact that their behaviour might have on the company. In cybersecurity, success is achieved when breaches are avoided. In a way, this negative result removes the incentive that typically keeps employees engaged with an outcome. Training methods need to take this into consideration.
Then there are norms and behaviours, found to have strong correlations with one another. Norms are the compass from which individuals refer to when making decisions and negotiating everyday activities. The key is recognising that norms have two facets, one social and the other personal. The former is informed by social interactions, while the latter is grounded in the individual’s values. For instance, an accountant may connect to the VPN when working outside of the office to avoid disciplinary measures, as opposed to believing it is the right thing to do. Organisations should aim to internalise norms to generate consistent adherence to best practices irrespective of any immediate external pressures. When these norms improve, behavioural changes will reform in tandem.
Building a robust security culture is no easy task. However, the unrelenting efforts of cybercriminals to infiltrate our systems obliges us to press on. While financial institutions are leading the way for other industries, much still needs to be done. Fortunately, every step counts -every improvement made in one dimension has a domino effect in others.
Has lockdown marked the end of cash as we know it?
By James Booth, VP of Payment Partnerships EMEA, PPRO
Since the start of the pandemic, businesses around the world have drastically changed their operations to protect employees and customers. One significant shift has been the discouragement of the use of cash in favour of digital and contactless payment methods. On the surface, moving away from cash seems like the safe, obvious thing to do to curb the spread of the virus. But, the idea of being propelled towards an innovative, digital-first, cashless society is also compelling.
Has cashless gone viral?
Recent months have forced the world online, leading to a surge in e-commerce with UK online sales seeing a rise of 168% in May and steady growth ever since. In fact, PPRO’s transaction engine, has seen online purchases across the globe increase dramatically in 2020: purchases of women’s clothing are up 311%, food and beverage by 285%, and healthcare and cosmetics by 160%.
Alongside a shift to online shopping, a recent report revealed 7.4 million in the UK are now living an almost cashless life – claiming changing payment habits has left Britons better prepared for life in lockdown. In fact, according to recent research from PPRO, 45% of UK consumers think cash will be a thing of the past in just five years. And this UK figure reflects a global trend. For example, 46% of Americans have turned to cashless payments in the wake of COVID-19. And in Italy, the volume of cashless transactions has skyrocketed by more than 80%.
More choice than ever before
Whilst the pandemic and restrictions surrounding cash have certainly accelerated the UK towards a cashless society, the proliferation of local payment methods (LPMs) in the UK, such as PayPal, Klarna and digital wallets, have also been a key driver. Today, 31% of UK consumers report they are confident using mobile wallets, such as Apple Pay. Those in Generation Z are particularly keen, with 68% expressing confidence using them.
As LPM usage continues to accelerate, the use of credit and debit cards are likely to decline in the coming years. Whilst older generations show an affinity with plastic, younger consumers feel less secure around its usage. 96% of Baby Boomers and Generation X confirmed they feel confident using credit/debit cards, compared to just 75% of Generation Z.
Does social distancing mean financial exclusion?
As we hurtle into a digital age, leaving cash in the rearview, there are ramifications of going completely cashless to consider. We must take into consideration how removing cash could disenfranchise over a quarter of our society; 26% of the global population doesn’t have a traditional bank account. Across Latin America, 38% of shoppers are unbanked, and nearly 1 in 5 online transactions are completed with cash. While in Africa and the Middle East, only 50% of consumers are banked in the traditional sense, and 12% have access to a credit card. Even here in the UK, approximately 1.3 million UK adults are classed as unbanked, exposing the large number of consumers affected by any ban on cash.
Even when shopping online – many consumers rely on cash-based payments. At the checkout page, consumers are provided with a barcode for their order. They take this barcode (either printed or on their mobile device) to a local convenience store or bank and pay in cash. At that point, the goods are shipped.
There are also older generations to consider. Following the closure of one in eight banks and cashpoints during Coronavirus, the government faced calls to act swiftly to protect access to cash, as pensioners struggled to access their savings. Despite the direction society is headed, there are a significant number of older people that still rely on cash – they have grown up using it. With an estimated two million people in the UK relying on cash for day to day spending, it is important that it does not disappear in its entirety.
Supporting the transition away from cash
Cashless protocols not only restrict access to goods and services for consumers but also limit revenue opportunity for merchants. While 2020 has provided the global economy with one great reason to reduce the acceptance of cash, the payments industry has billions of reasons to offer multiple options that cater to the needs of every kind of shopper around the world.
Whilst it seems younger generations are driving LPM adoption, it is important that older generations aren’t forgotten. If online shops fail to offer a variety of preferred payment methods, consumers will not hesitate to shop elsewhere. With 44% of consumers reporting they would stop a purchase online if their favourite payment method wasn’t available – this is something merchants need to address to attract and retain loyal customers.
How to maximise your virtual communications for effective team meetings
By Tony Hughes, CEO at Huthwaite International leading global provider of sales, negotiation and communication skills development, shares advice on...
Business and data – building better operations
By Bryan Kirschner, Vice President Strategy, DataStax Building your business on data. What have we learned so far? Coming into...
REIT Trends: Innovative Data Strategies for Better Investments
By Josh Miramant, CEO and founder of Blue Orange Digital Data transformation is this decade’s differentiator for REITs (Real Estate Investment...
Financial transformation is the new digital transformation
By Luke Fossett, ANZ Head of Sales for global recurring payments platform, GoCardless The term ‘digital transformation’ has become somewhat...
RegTech 2020: Exploring financial crime and the emergence of RegTech in the USA
with host, Alex Ford, VP Product and Marketing, Encompass, and guests, Dr Henry Balani, Head of Delivery, Encompass; Pawneet Abramowski,...
86% of UK businesses face barriers developing digital skills in procurement
A shortage of digitally savvy talent, and a lack of training for technical and soft skills, hinder digital procurement initiative...
ISO 20022 migration: full speed ahead despite recent delays, says new Deutsche Bank paper
Today, Deutsche Bank has released the third installment in its “Guide to ISO 20022 migration” series, which offers a comprehensive...
What Skills Does a Data Scientist Need?
In this modern and complicated time of economy, Big data is nothing without the professionals who turn cutting-edge technology into...
The importance of app-based commerce to hospitality in the new normal
By Jeremy Nicholds CEO, Judopay As society adapts to the rapidly changing “new normal” of working and socialising, many businesses...
The Psychology Behind a Strong Security Culture in the Financial Sector
By Javvad Malik, Security Awareness Advocate at KnowBe4 Banks and financial industries are quite literally where the money is, positioning...