Control Framework Breakfast Group agenda 9:00 Arrival, Breakfast & networking All 9:20 Welcome Ali Dove 9:25 Direct Reporting Demonstration Sharmi Bakrania 9:50 Phase 2 Control Framework Update Jaana Rouvari & John Hibbert 10:20 Q&A All 10:30 Close Ali Dove DIRECT REPORTING Direct reporting RECAP What is it ? A process that enables Managing Agents to report regulatory & tax information directly to Lloyd’s for Service Company business Data is at a transactional level as opposed to reporting information being derived from the bureau accounting process Breaks the link between accounting and reporting (on cash) DIRECT REPORTING CLARITY OF SCOPE In Scope • 100% business – where an insurer underwrites the whole risk. • ‘Separate’ subscription business - where an insurer underwrites part of a risk using a separate insurance document to other insurers which underwrite that risk. Out of Scope • ‘Conventional’ subscription business - where all underwriters underwriting part of a risk use the same market reform contract for subscription. DIRECT REPORTING CURRENT STATUS • • • • Solution is now complete in final stages of testing Met with all bar one Managing Agent – 3 should be live by year end Confirming with those interested to go live on 1/1/14 Meeting with IT suppliers 4 DIRECT REPORTING KEY ELEMENTS - REMINDER Service Company business Include all Territories ACORD standard XML message Offer reporting service to all managing agents via Core Market Return route DIRECT REPORTING What Do I need TO DIRECT REPORT? www.lloyds.com/directreporting • • • • Direct Reporting Data Requirements Direct Reporting Gap Analysis Spreadsheet Direct Reporting Data Model Direct Reporting Roadmap DIRECT REPORTING DIRECT REPORTING Direct Reporting Demo DIRECT REPORTING Control Framework Control framework phase II Why it’s important What is it and who does it affect? How is it implemented? The risk model and how it applies Coverholder audit Delivery roadmap 2013 & 2014 Board sign off… For more information… Questions? 10 © Lloyd’s Control Framework WHY it’s important Increasing regulatory and tax authority scrutiny around the information that Lloyd’s returns are based upon. Increasing sophistication of the business being written (cross border) through coverholders resulting in regulatory risk increasing. Confidence in data quality is not currently based on evidence and so is difficult to demonstrate. 11 © Lloyd’s Control Framework What is it? Identifies for the first time explicit minimum information requirements covering tax and regulatory reporting. A structured, documented process that allows managing agents to demonstrate they have adequate controls in place. Nothing new! 12 © Lloyd’s Control Framework WHO does it affect? Control Framework is the managing agents’ responsibility Phase I Service Companies – Completed Phase II Coverholders – Deadline 31st December 2014 Phase III Open Market - TBA Phase I – Completed 39 managing agents successfully signed off on time! Phase II – Commences in July 2013 Framework does not change, it simply extends the scope to include coverholder business. Key stakeholders- 55 managing agents, approx. 200 brokers and 5000 coverholders Presentations at Market Forums to raise awareness on “raising the bar” around quality of information. Our own page on Lloyds.com. Monthly Breakfast Group for managing agents and brokers. 13 © Lloyd’s Control Framework How it’s implemented Process for continuous improvement to “raise the bar” Information Requirements Confidence gained Risks Evidence gathered How the risks apply Controls described or defined 14 © Lloyd’s Control Framework The risk model RISK 1 Requirements are not understood 2 Data capture is inadequate 3 Data is processed incorrectly 4 HOW IT MAY TRANSPIRE There are many reasons why this risk may crystallise. It could be that the person interpreting the requirements does not have the requisite skills or experience, human error, or the requirements being unclear or ambiguous This may relate to data not being captured, being captured more than once (duplicate) or that the data captured is erroneous. It may also be that data is not refreshed at the appropriate point (if relevant). Between capture and reporting data will undergo some form of processing. In some cases this will be about using different elements of data to compute other information, but it also relates to things such as erroneous report definitions. Typically, this risk can also be used to cover security and continuity risks, but given the specific focus in the Operating Principles these have been broken out. Data may be corrupted accidentally or on purpose. Typically this involved inadvertent or erroneous changes to data when it is being adapted outside of core processing systems. Data is corrupted 5 Data is lost and cannot be recovered This is most likely to crystallise where historic information is not contained in core processing systems that are subject to a robust backup regime, but in end user computing facilities such as spreadsheets or user maintained databases. 15 © Lloyd’s Control Framework How the risks apply How these risks might apply to your organisation or any associated third party undertaking information capture or processing on your behalf. Understand how these risks could be addressed What existing controls are in place? How are these risks currently mitigated and managed? 16 © Lloyd’s Control Framework Coverholder audit Coverholder audit scope extended to include questions addressing the Control Framework Proposed questions address: Location of risk How this is determined for system entry What considerations are taken when business is transacted across border How tax liability is determined Collation/ creation of the bordereaux Whether Lloyd’s tools are used in the process of determining risk location and tax liability (Crystal, Risk Locator Tool, etc). 17 © Lloyd’s Control Framework Delivery road map - 2013 • Pre project consultation • Development of Lloyd’s project tool kit Q2 2013 6 month analysis phase Q3 & Q4 2013 • Review and confirm coverholders in phase II • Coverholder risk rating exercise completed and returned to Lloyd’s • Audit schedule in place • Governance and resources in place to see through implementation of phase II • Confirmation of project delivery timescale 18 © Lloyd’s Control Framework Delivery road map - 2014 Q1 2014 Q2 & Q3 2014 Q4 2014 • Assess risks • Identify controls and gaps • Review audit findings (continually as audits are performed) • Develop remediating controls • Implement controls • Review audit findings (continually as audits are performed) • • • • Agree assurances to be shared with Lloyd’s Test controls and procedures in operations Confirm evidence for sign off Formal SIGN OFF! 19 © Lloyd’s Control Framework Board Sign-off… 20 © Lloyd’s Control Framework Lloyd’s project structure Executive Sponsor Luke Savage Project Board Mark Edwards- Tax Andrew Gurney- International Regulatory Affairs Peter Montanaro- Delegated Authorities Rob Humphreys- Market Operations Ali Dove- Market Operations Programme Manager Ali Dove Project Team Jaana Rouvari- Project Manager John Hibbert- Stakeholder Manager Laura Fletcher- Business Analyst Lucy Evans- PMO 21 © Lloyd’s Control Framework For more information 22 © Lloyd’s Control Framework Or controlframework@lloyds.com 23 © Lloyd’s Control Framework Questions? 24 © Lloyd’s Control Framework Update on broker engagement John Hibbert Control Framework Who have we seen? Millers CSWH Intergro Decus AJG Willis Tysers Aon Julian Sawyer Les Doel Dan Lott John Harris Phil Branch John Higgs David Green Simon Archer/ Tony Rhoades Endeavour Towers Watson Cooper Gay THB Bell & Clements CSP AonBenfield Lockton Robert Campbell Geoff Davies Rod Joyce Catherine Nicoll Graham Lindus Stephen Bryant Emma Syrett Ian Derry Control Framework Questions that were raised Q. Why is the DA not involving this in Coverholders audits? This is happening. New CF-specific audit questions are being introduced into the Coverholder audit scope. Q. Coverholders will be audited anyway over the next couple of years – is this not enough? This covers part of it, but we need to look at the controls in place through out the information chain. Q. Are MAs “starting again” with third party coverholders? The distribution model is the same as with service companies- won’t the systems already be there? Many are confident that the data is there, it is just the case of evidencing this. Q. Have the responsibilities of leads and follows been considered? Yes this has certainly come into the mix. However as far as the regulators are concerned, there is no difference between them. Q. Are TPAs part of this initiative? Yes TPAs are considered within the CF. Control Framework In summary • A common issue is that Managing Agents ask for data even though it has already been provided by the Broker. The first option has to be to look internally rather than going straight to the Broker. Lloyd’s needs to give guidance so that is a consistent approach from Managing Agents. • It is essential for Managing Agents and Brokers to work together towards an agreed approach. • This project should be very helpful for Brokers in that it will address data consistency. CONSISTENCY IS THE KEY Control Framework Q&A 29 © Lloyd’s Control Framework Close Further information on Direct Reporting – sharmi.bakrania@lloyds.com Further information on Control Framework – jaana.rouvari@lloyds.com Next Breakfast Meeting – Tuesday 27th August 2013 Control Framework Broker Conference Event – 17th September 2013 Control Framework Phase I end of project celebration – end of September date TBC 30 © Lloyd’s