Case Study
How an Insurance Provider Used Process Documentation to Demonstrate Control to the Regulator
“We have been able to improve understanding of business procedures across the board, thus decreasing inefficiency. With the documented governance and oversight process mapping, we are able to on-board and manage our Appointed Representatives effectively by ensuring that all related work follows the agreed process maps. This helps improve efficiency and is also a useful tool that we can share with our Appointed Representatives to better explain the requirements.”
Head of Compliance
Background
- Our client, a principal firm within the insurance sector, engaged Map Your Process (MYP) to document and review their processes relating to the management of Appointed Representatives.
- This was driven by a thematic review by the Financial Conduct Authority (FCA) which highlighted areas of concern across the industry, particularly around oversight and control.
- The client felt that their ways of working fell short of what was required by the regulator and sought external help to identify and correct any issues.
Requirement
- The client wanted MYP to assess the existing controls, identify where risk points existed and bring consistency to how they managed their Appointed Representatives (AR) network.
“Having process maps of the systems and controls in place to manage our Appointed Representative network governance and oversight, reduces the risk to our regulatory obligations.”
Head of Compliance
Approach – Documentation
- Our start point was to identify all processes that supported AR management by first creating a process hierarchy (e.g. onboarding, monitoring, action) and then the underlying processes.
- The detailed process maps were created by interviewing the members of the compliance team responsible for performing the
various activities. - Each process was enriched to show information around risk points and the associated controls (where present).
- Processes were reviewed with other members of the compliance teams to identify any instances of variation.
Approach – Analysis and Improvement
- Once the processes were captured, we focused on three key areas: insufficient or missing controls, ineffective escalation processes and process simplification.
- Created a simple risk register to understand where the key risks existed and provide evidenced guidance on where controls needed to be improved.
- Built escalation paths for each process by initially understanding the ultimate sanction available, and then working back to ensure all other actions carried an escalation to that point.
- Different ways of working were reviewed with the Head of Compliance to develop a ‘best of breed’ way of working.
- Overlaid the updated maps with clear guidance as to what constituted a breach at all relevant points of the process.
What We Delivered
- A documented, agreed view of all processes related to the governance of the Appointed Representatives network.
- Elimination of all instances of process variation.
- Clearly identified and defined controls to mitigate all instances of risk.
- Specific escalation processes attached to each control point, providing clarity around the triggers and escalation points.
- A clear process for raising, assessing and implementing any change requests to the as-is way of working.
- The means for the client to provide a clear, specific response to regulator requests, resulting in a first time approval.
- Additional versions of the process maps to provide to Appointed Representatives to show what they needed to do to ensure compliance.
“We have since used this process library to demonstrate all the systems and controls in place at our firm when tendering for new business and responding to due diligence requests”
Head of Compliance