Three blind spots: industry faces up to compliance burden
Law firm Clyde & Co has flagged three “common blind spots” for insurance industry managers as companies look to bed down a raft of new compliance requirements.
The firm says the three key regulatory changes from an Australian Securities and Investments Commission (ASIC) perspective are:
- Claims handling as a financial service
- ASIC RG 271 Internal Dispute Resolution – new complaints handling requirements
- Enhanced ASIC breach reporting regime
Clyde & Co Special Counsel Yvonne Lam tells insuranceNEWS.com.au the three reforms, which spun out of the Hayne royal commission, are all linked.
And while they were introduced last year, the work continues in earnest this year as companies start to put the requirements into practice.
The claims handling reform means insurance companies need to bring that side of the business into line with other ASIC regulated areas.
“They now have to quite quickly skill up and make sure they are compliant in ASIC’s view,” Ms Lam said.
“They need to think about whether anything that they told ASIC they were planning to do as an organisation – training, other sorts of compliance frameworks to support the application – is actually happening in practice, being monitored and evolved as conditions change over time.”
Complaints handling goes hand-in-hand with the claims piece, she says.
“Under the claims licensing requirements, if you’re dealing with retail clients you also need to have a strong internal dispute resolution scheme in place and make sure any complaints coming in from your retail clients are being dealt with under the new expectations in RG 271, which took effect from October last year.”
Ms Lam says the requirements are “actually quite onerous” on insurers and other licensees.
“The expectation is that insurers acknowledge complaints within 24 hours of receipt of complaints and keep the complainants updated on progress. There’s an expectation that you will issue an outcome within 30 calendar days.
“It is quite prescriptive now and very geared towards responsiveness to customers, especially the more vulnerable retail customers, and transparency and feedback, not just sitting on claims or complaints.”
The new ASIC breach reporting regime, which also took effect in October last year, focuses on timeliness.
“There’s now a stricter requirement that licensees are going to be investigating their potential breaches,” Ms Lam said.
“There is a 30-calendar-day requirement to report to ASIC if you start looking into whether there is a significant breach of a core obligation.
“Even if it doesn’t turn out to be a breach then ASIC still wants to know about it if the investigation continues for more than 30 calendar days. ASIC says it doesn’t matter that you are investigating, we need to know if there is a potential issue to make sure you are not sitting on potential breaches for years and years.”
Ms Lam says while the “heavy lifting” for the three reforms was done last year, insurers now need to make sure that they can comply in practice.
“It’s the human element. Last year was more about documentation and making sure that you are telling the regulator that this is what we will be doing.
“This year and going forward it’s more about making sure your personnel know what to do so they can swing into action, in line with what has been told to the regulator.
“In some ways it’s going back to basics. It’s coming down to the expectations from a community perspective and bringing that into line from a regulatory perspective and having the force of the law line up with what community expectations seem to be trending towards.”