The key to successful operational risk management is a framework where insurers can define business processes and products and their associated risks, and put in place indicators and controls to manage those risks. IBM OpenPages GRC Platform provides the means to implement just such a framework. Furthermore, once established, the platform can offer a foundation for a wider solution to insurers’ increasingly onerous compliance and governance obligations.
The first step in implementing an op risk management framework is gathering the data from diverse sources across the organisation. To ease this often fraught and time-consuming process, IBM recently introduced an advanced application programming interface (API) for OpenPages that will link with almost any system and facilitate the extraction of information. “With the new API, the connectivity of our platform has come a long way – almost all of our customers wrestle with getting data from various places into their framework,” says Glenn Peters, IBM principal solution architect for OpenPages, who is based in Philadelphia.
Once brought into the platform, all information is gathered under a central data model – a key differentiator for IBM’s product, Peters says. “All operational risk data, compliance and policy details, and other relevant information that is required to manage op risk is collected into one structured database in OpenPages,” he says. This enables IBM to bring in its second heavy weapon – its Cognos Business Intelligence software reporting suite for analytics and monitoring.
Once an insurer has implemented its op risk framework on the OpenPages platform, it can begin to align it with the myriad of standards and regulations the industry is now subject to, says Peters. A third step is to bring policy documentation, and its management, onto the platform as well. This is increasingly important in an era where firms often have individual agreements with clients about products and coverage and there is a need to manage multiple risk profiles in terms of exposure and compliance, he says.
Germany’s Allianz chose OpenPages back in 2010 for its ability to map the company’s op risk management methodology and complex structures within the platform, as well as its flexibility to allow customisation to the company’s individual requirements, and its ability to provide a variety of detailed reports and analysis.
Allianz focused first on loss data capture and risk assessments and, over the past five years, has extended the platform to support all operational risk and internal control activities across 60 operating entities worldwide. In addition, Allianz customised OpenPages to support its risk governance and other requirements under Solvency II, including its model governance framework, supervisory issue tracking and as a repository for the application process for internal model approval. Recently, the company has decided to further extend the use of the platform to compliance risk management, with the ultimate goal of establishing a single integrated governance, risk and compliance tool across the organisation.
Allianz, along with other high profile users such as Netherlands-based Delta Lloyd Group and the UK’s Unum, demonstrate OpenPages’ success at the top end of the market. Meanwhile, a recent cloud-based version has made the platform more accessible to small and medium-sized insurers and led to a number of recent sales.
To take advantage of recent technological advances and in recognition of the changing way in which organisations and individuals like to work, IBM has also recently added support for mobile devices in OpenPages. Managers can capture risk assessment data in the field on tablets, while senior executives can access interactive dashboards on their mobile devices where they can view risk metrics and drill down into underlying data.
Almost all of our customers wrestle with getting data from various places into their framework