Jump to content

This site uses cookies, to make it work better.

Learn More

Is your Insurance IT System exposed to Operational Risk?

An underrated source of operational risk is known to come from incomplete system documentation, in this post the common causes and financial impacts are covered.

 

 

 

 

Like most long standing insurance companies, the core IT system has had many patches and updates over the years. A common problem at insurers with older systems is that a number of those patches have not been documented for various reasons, a popular reason is that one or more the administrators had lost trust in the accuracy in the documentation. Trust may of been lost when gaps were found in the official documented version, whether is be in an house developed system or vendor developed. Its understandable that when trust is lost, motivation to update is also lost.

If the system expert leaves for another company, which can often happen quickly. One of the best case scenario’s when a system problem arises, limited system knowledge is available internally or within the external vendor. But quiet often is the case, it can be difficult and time consuming to get ahold of the right people, schedules to align, investigations to be carried out, solutions to be discussed, developed and tested. For bespoke insurance systems a knowledge loss can be even greater, it can take new eyes weeks to just to figure out the internal workings of the system.

Worth looking into? A recent estimation of downtime is that it costs $14,836 USD per hour for a 40 person insurance company to have their system down (Source: Schneider Electric). And that’s not including the costs of fixing it and damages to the reputation of the company. Also if a potential customer is trying to get a quote and the system is down, that potential sale is most likely lost as well. How many website hits does your quoting site get per hour?

How can you measure your exposure? If your lucky enough to start with a good operational document, do all the updates in the system history logs have documentation to go with it? If not it may not be so easy to get the documentation fixed since amount of time has passed, the experts brain has most likely delt with countless other subjects since the system change has occurred. Maybe it’s time to conduct a review of your insurance systems, is the probability of operational risk greater than your comfortable with? Are there functional limitations that are limiting the companies profitability?