Skip to main content

GRC for Insurers: Keeping Up with Mounting Regulatory Requirements

Gijsbert Cox, EMEA Insurance Industry Leader
May 3, 2022

Recent years have brought no shortage of change to the insurance industry. Among those changes is a rise in governance, risk, and compliance (GRC) requirements. Effective in May 2018, the General Data Protection Regulation (GDPR) became the first major regulation to focus on protecting consumer data. Its implementation coupled with a global pandemic has kickstarted a rush to enact more laws surrounding data privacy. 

Several US states have proposed additional legislation in the same vein as GDPR, with California enacting the Consumer Privacy Act (CCPA) in January of 2020 and 26 states following suit by introducing similar bills. And consumer privacy laws aren’t the only regulations insurance companies need to keep top of mind. Deloitte predicts regulations in 2022 will center around digital assets, environmental, social, and governance (ESG) investing, and cybersecurity. In addition, insurers in the US will need to address impending FASB regulations on actuaries and, globally, upcoming IFRS 17 changes will be top of mind as well.

Heavy regulations call for adaptability. 

In a time of ever-evolving and increasing regulatory requirements for insurers, there’s one takeaway that is sure to be relevant now and into the future: adaptability is invaluable. Whether it’s a new regulatory requirement, the emergence of insurtechs and increasing competition, or another unpredictable change, insurers that can be agile and meet unpredictability face to face will withstand those imminent changes. 

When change inevitably comes and insurers need to meet new standards, adaptability will better prepare them to comply with new requirements. Emerging regulations can easily call for change to insurers’ fundamental business processes, from the way they onboard new customers to the businesses they choose to work with. All of these new or changed regulation requirements must be accounted for in business processes. This is precisely why adaptability is crucial: business processes deeply rooted in an insurer’s workflows could be upended at virtually any time. Insurers whose workflows are built to be flexible will have a much easier time than those with workflows rooted in disparate, decades-old technology. 

The tech that drives adaptive workflows.

To keep pace with evolving regulatory postures, insurers need solutions that lend themselves to changing with the business. But the reality is, many insurers have the opposite: tech that is old, siloed, and that throws a wrench in business operations in the face of even the most minor changes. 

Low-code platforms that are built to manage complexity in workflows and data help insurers improve their compliance efforts and boost their agility to better adapt to changing and emerging regulations. With discovery capabilities, rapid application development, and automation technologies in a single platform, it will be easier to meet specific business needs. 

What regulations will look like in the future is unknown, but if recent years are any indication of those ahead, insurance organizations should take steps now to adapt to compliance requirements, beginning with an application to manage regulatory and compliance efforts