The importance of checks and balances in compliance

With recent global happenings I've been thinking about the importance of checks & balances in compliance for General Insurance

Governance is a critical component of any Risk Management framework.

The Governance Institute of Australia defines governance as:

Governance encompasses the system by which an organisation is controlled and operates, and the mechanisms by which it, and its people, are held to account.

What does good Governance look like?

Board of directors

This is the governing body of the organisation. Their duties are regulated by sections 180 & 181 Corporations Act. Directors must exercise their powers and duties:

• with a reasonable degree of care and diligence; and
• in good faith and for a proper purpose

3 lines of defence model

Most APRA-regulated insurers adopt the 3 lines of defence model as an inherent part of their governance arrangements. The concept can be applied, on a scaled basis, to any size underwriting agency, insurance broker TPA or service supplier

1st line of defence

This is the business who does the doing. Risk is created through business operations therefore the 1st line business manages its risk through key controls, training, induction, systems, people, process and procedures, monitoring , supervision & reporting.

2nd line of defence

This is a person(s) who oversights the management of risk (including compliance) by the 1st line. The 2nd line implements risk & compliance frameworks, manages regulatory change, monitors, oversights, provides risk & compliance advice & challenges through conversation the work & thinking of the 1st line

3rd line of defence

This is the independent audit function. For an AFS Licensee, this is the auditor who compiles the annual audit report (FS 71)

Committees

Committees provide a level of governance through oversight & risk based conversations. The risk & compliance committee should be comprised of responsible managers, the business owners of risk & compliance, and business representatives.

The Committee should meet as part of the operating business rhythm, have a Charter and standing Agenda items.

Monitoring program

With AFSL, CPS 230 and Code obligations, all insurers, underwriting agencies, insurance brokers, TPAs & service suppliers should have a Montioring Program that:

• provides assurance that risk & compliance is being managed adequately;
• generates risk & compliance data that feeds into managment & board; and
• covers the activities of employees, directors, officers, owners, authorised representatives and service suppliers

Accountability

A significant component of Governance is personal accountability. This is a culture of wanting to do the right thing however also arises for general insurers due to a number of regulated roles:

• Directors & officers (Corporations Act regulated by ASIC)
• Responsible Persons (CPS 520 - APRA)
• Accountable Person (FAR - ASIC and APRA)
• Fit & Proper people (Corporations Act - ASIC)
• Responsible Managers (RG 105 - ASIC)

Documentation

Documentated compliance arrangements assist with consistency and provide the evidence of compliance.

Assistance with Governance arrangements

Should you require assistance with your Governance arrangements please contact me.