Businesses should by now be in the final stages of cleaning up the contractual arrangements needed to comply with GDPR having got their policies and procedures approved and operational. There may also still be some IT work underway depending on the size and complexity of legacy systems and the business but in general everyone’s GDPR project should look more like a mopping up exercise than a full-blown project by this point.
Brexit also still hangs over everyone’s heads and action is required now for those intermediaries who have left it as long as they can if they want to be secure that their business model is as protected as can be given the continuing uncertainty. For insurers who have not acted yet it may already be too late.
So, what else does that leave for everyone to be thinking about this year?
There are two significant changes coming up. In October the Insurance Distribution Directive (IDD) will come into force and in December the Senior Managers and Certification Regime (SMCR) takes effect. While both of these are additive to regimes in operation already (the IDD replaces the Insurance Mediation Directive and SMCR is additive to Senior Insurance Managers Regime) both are likely to require reasonably significant work in order to meet the new rules and there are overlaps.
The implementation of the IDD brings with it a plethora of changes depending on the nature of your business. There are some issues which have to be dealt with by both insurers and intermediaries, such as setting up appropriate training regimes, getting Insurance Product Information Documents (IPID) agreed, making changes to TOBAs and other pre-contractual disclosure documents and determining who is the manufacturer of a product for the new approach to product governance before determining how the defined responsibilities should be managed, contractually or otherwise. By far the businesses with the most work will be those businesses not previously caught within the FCA regulatory perimeter who may not be fully adjusted to the FCA approach and have a lot to do. Businesses which have not started on these issues will be busy over the summer months and cannot afford to wait until after the holiday season. In many cases the changes will require multi-disciplinary engagement including the firm’s governance team and the compliance, legal, risk, broking or underwriting, claims and HR functions.
We should also not overlook the introduction in the IDD of the “best interests” rule which will impose on all distributors of insurance products (including insurers distributing direct and MGAs) the requirement to act in the best interests of the customer. This may sound not too different to Treating Customers Fairly and Conduct Risk principles but in reality there is a hidden menace. It creates an overriding obligation (with possible legal consequences) on firms where no one previously existed.
SMCR on the other hand is more limited in terms of the changes to be introduced but will be more concerning to those in management and governance. The changes are relatively small evolutions to SIMR in number but absolutely critical when it comes to the regulatory and legal responsibility of individuals for their personal actions. SMCR sees the introduction of a set of specific responsibilities for those caught by the regime, the scope of which is increasing, and the increase in identification of the responsibilities of individuals by way of the production of maps which will identify the responsibilities of each relevant individual, with the intent of making it easier for the FCA and/or PRA to hold such individuals to account.
Accordingly, the answer to the title question is that both of these legislative and regulatory changes are going to require attention and sooner rather than later. It may be that one has a higher focus from management than the other but that does not mean that both do not require their attention and that of others to be in place and operational in time.
These are issues we are already helping clients address and we will be exploring them further over the coming months in a series of articles focused on real-life examples that cover some of the key aspects and issues relating to the changes including:
Insurance Distribution Directive:
- A discussion of key issues for addressing the implementation of IPIDs and other new disclosure requirements including remuneration and the need for greater focus on a customer’s needs whether on advised or non-advised sales;
- Product governance in the new world;
- The increased professional requirements.
We have already covered the introduction of the “Bests Interests” rule and its interplay with the product governance requirements in a previous article which is well worth reading.
Senior Managers and Certification Regime:
- An overview of how to address some of the changes and some key operational considerations which will arise
If you are experiencing any particular challenges that you would like to discuss, please do let us know by contacting either myself or Jason Jones.
