Compliance Assurance Corporation Survey Reveals Insurers’ Processes for Regulatory Change Management Are Lacking

PITTSBURGH, PA  – Compliance Assurance Corporation (CAC), a leading provider of regulatory compliance solutions for the insurance industry, today released the results of its regulatory change management survey. The poll was conducted during "Managing the Hydra of Regulatory Change," the first installment of CAC's Compliance 2.0 webinar series. Compliance 2.0 is defined by a set of programs, tools and organizational behaviors that enable compliance professionals to expose their function as a strategic, vital asset in their organization's growth equation and be recognized for the value they deliver.

Responses from nearly 50 compliance executives working in the U.S. insurance space revealed that the majority of current organizational processes for managing regulatory change are falling short. Attendees were asked to classify their organizations' processes against the five-level 'Regulatory Change Management Maturity Model' of governance, risk management and compliance (GRC) analyst firm GRC 20/20 Research. Including the levels of ad hoc, fragmented, managed, integrated and intelligent, the model is a framework to measure the maturity of an organization's process for managing regulatory change in the context of a dynamic and shifting regulatory environment.

Twenty-eight percent of respondents identified their processes as being aligned on the fragmented level of the scale, which is characterized by a lack of consistent structure, lack of institutionalized processes for sharing regulatory information and disjointed use of technology. Limited oversight and accountability is also typical of firms taking a fragmented approach to managing regulatory change.

Respondents (35%) most commonly classified their regulatory change management approach as managed, the mid-range of the maturity model. Marked by at least some usage of technology to manage process and provide accountability, inconsistencies still remain at this level as well. Lacking the integration of technology and content, a managed approach delivers some visibility into regulatory change across the business, but reporting tends to not go beyond the department level.

According to Jerry Shafran, CEO of CAC, "With insurers dealing with over 3,500 state-based regulatory changes in a given year, constant change is the norm in today's regulatory environment and one of the most pressing concerns for CCOs, CEOs and their organizations. Even without considering the likelihood of responders over-assessing their organizations' capabilities, these findings are worrisome. The insurance sector is rapidly becoming a technology business. To retain a competitive edge, insurers must seek new innovative ways to grow revenues, manage costs and mitigate risks."

Only 10% of respondents self-identified their processes as intelligent, the model's most advanced rating, which features business-process automation that enables full oversight and seamless management of regulatory change. The same percentage classified their organization's practices as ad hoc – the lowest level of the regulatory change management maturity model categorized by the lacking of a defined regulatory taxonomy and low to no use of technology. 17% selected integrated, the second highest level noted for common technology architecture enabling consistent management of regulatory change.

Mr. Shafran continues, "To reduce risk and remain competitive, insurance organizations are wise to evolve their execution of regulatory change management to a more effective and efficient process, one that is scalable and consistently meets the demands of business and regulatory environments. Process and technology innovation can drive efficiency while delivering tangible benefits to the business and more open engagement between compliance and the organization's business owners."

# # #

About Compliance Assurance Corporation

Compliance Assurance Corporation (CAC) delivers workflow-enabled technology solutions that automate and simplify tasks related to regulatory compliance. The firm's flagship Comply on Demand Enterprise (CODE) platform provides the combination of regulatory intelligence and a comprehensive framework for managing regulatory changes across an organization. CODE has been implemented by some of the nation's largest P&C, Life and Health insurance companies. CAC is a division of StoneRiver Risk and Compliance.

For more information on CAC and CODE, visit or call 1-877-690-6201.

Eric Clements
Director of Marketing & Communication
This email address is being protected from spambots. You need JavaScript enabled to view it.