Control Framework

Breakfast Group agenda

9:00 Arrival, Breakfast & networking All 9:20 Welcome Ali Dove 9:25 Direct Reporting Demonstration Sharmi Bakrania  9:50 Phase 2 Control Framework Update Jaana Rouvari & John Hibbert 10:20 Q & A All 10:30 Close Ali Dove

DIRECT REPORTING

Direct reporting RECAP

What is it ? A process that enables Managing Agents to report regulatory & tax

information directly to Lloyd’s for Service Company business Data is at a transactional level as opposed to reporting information

being derived from the bureau accounting process Breaks the link between accounting and reporting (on cash)

CLARITY OF SCOPE

In Scope• 100% business – where an insurer underwrites the whole risk. • ‘Separate’ subscription business - where an insurer underwrites

part of a risk using a separate insurance document to other insurers which underwrite that risk.

Out of Scope• ‘Conventional’ subscription business - where all underwriters

underwriting part of a risk use the same market reform contract for subscription.

DIRECT REPORTING

CURRENT STATUS

4

• Solution is now complete in final stages of testing• Met with all bar one Managing Agent – 3 should be live by

year end• Confirming with those interested to go live on 1/1/14• Meeting with IT suppliers

DIRECT REPORTING

KEY ELEMENTS - REMINDER

Service Company business Include all Territories ACORD standard XML message Offer reporting service to all managing agents

via Core Market Return route

DIRECT REPORTING

What Do I need TO DIRECT REPORT?

www.lloyds.com/directreporting

DIRECT REPORTING

• Direct Reporting Data Requirements• Direct Reporting Gap Analysis Spreadsheet• Direct Reporting Data Model• Direct Reporting Roadmap

DIRECT REPORTING

Direct Reporting Demo

DIRECT REPORTING

DIRECT REPORTING

© Lloyd’s

Control framework phase II

Why it’s important

What is it and who does it affect?

How is it implemented?

The risk model and how it applies

Coverholder audit

Delivery roadmap 2013 & 2014

Board sign off…

For more information…

Questions?

10

Control Framework

© Lloyd’s

WHY it’s important

Increasing regulatory and tax authority scrutiny around the information that Lloyd’s returns are based upon.

Increasing sophistication of the business being written (cross border) through coverholders resulting in regulatory risk increasing.

Confidence in data quality is not currently based on evidence and so is difficult to demonstrate.

11

Control Framework

© Lloyd’s

What is it?

Identifies for the first time explicit minimum information requirements covering tax and regulatory reporting.

A structured, documented process that allows managing agents to demonstrate they have adequate controls in place.

Nothing new!

12

Control Framework

© Lloyd’s

WHO does it affect?

Phase I – Completed

39 managing agents successfully signed off on time!

Phase II – Commences in July 2013

Framework does not change, it simply extends the scope to include coverholder business.

Key stakeholders- 55 managing agents, approx. 200 brokers and 5000 coverholders

Presentations at Market Forums to raise awareness on “raising the bar” around quality of information.

Our own page on Lloyds.com.

Monthly Breakfast Group for managing agents and brokers.

Phase I Service Companies – Completed

Phase II Coverholders – Deadline 31st December 2014

Phase III Open Market - TBA

Control Framework is the managing agents’ responsibility

13

Control Framework

© Lloyd’s

How it’s implemented

Information Requireme

nts

Risks

How the risks apply

Controls described or defined

Evidence gathered

Confidence gained

Process for continuous improvement to “raise the bar”

14

Control Framework

© Lloyd’s

The risk modelRISK

Requirements are not understood

1 There are many reasons why this risk may crystallise. It could be that the person interpreting the requirements does not have the requisite skills or experience, human error, or the requirements being unclear or ambiguous

HOW IT MAY TRANSPIRE

Data capture is inadequate

2 This may relate to data not being captured, being captured more than once (duplicate) or that the data captured is erroneous. It may also be that data is not refreshed at the appropriate point (if relevant).

Data is processed incorrectly

3 Between capture and reporting data will undergo some form of processing. In some cases this will be about using different elements of data to compute other information, but it also relates to things such as erroneous report definitions. Typically, this risk can also be used to cover security and continuity risks, but given the specific focus in the Operating Principles these have been broken out.

Data is corrupted

4 Data may be corrupted accidentally or on purpose. Typically this involved inadvertent or erroneous changes to data when it is being adapted outside of core processing systems.

Data is lost and cannot be recovered

5 This is most likely to crystallise where historic information is not contained in core processing systems that are subject to a robust backup regime, but in end user computing facilities such as spreadsheets or user maintained databases.

15

Control Framework

© Lloyd’s

How the risks apply

How these risks might apply to your organisation or any associated third party undertaking information capture or processing on your behalf.

Understand how these risks could be addressed

What existing controls are in place?

How are these risks currently mitigated and managed?

16

Control Framework

© Lloyd’s

Coverholder audit

Coverholder audit scope extended to include questions addressing the Control Framework

Proposed questions address:

Location of risk

How this is determined for system entry

What considerations are taken when business is transacted across border

How tax liability is determined

Collation/ creation of the bordereaux

Whether Lloyd’s tools are used in the process of determining risk location and tax liability (Crystal, Risk Locator Tool, etc).

17

Control Framework

© Lloyd’s

Delivery road map - 2013

Q2 2013 • Pre project consultation• Development of Lloyd’s project tool kit

Q3 & Q4 2013

• Review and confirm coverholders in phase II

• Coverholder risk rating exercise completed and returned to Lloyd’s

• Audit schedule in place• Governance and resources in place to

see through implementation of phase II• Confirmation of project delivery timescale

18

6 month analysis phase

Control Framework

© Lloyd’s

Delivery road map - 2014

Q1 2014

• Assess risks• Identify controls and gaps• Review audit findings (continually

as audits are performed)

Q2 & Q3 2014

• Develop remediating controls• Implement controls• Review audit findings (continually

as audits are performed)

Q4 2014

• Agree assurances to be shared with Lloyd’s

• Test controls and procedures in operations

• Confirm evidence for sign off• Formal SIGN OFF! 19

Control Framework

© Lloyd’s

Board Sign-off…

20

Control Framework

© Lloyd’s

Lloyd’s project structure

21

Control Framework

Executive SponsorLuke Savage

Project Board

Mark Edwards- TaxAndrew Gurney- International Regulatory Affairs

Peter Montanaro- Delegated AuthoritiesRob Humphreys- Market Operations

Ali Dove- Market Operations

Programme ManagerAli Dove

Project TeamJaana Rouvari- Project Manager

John Hibbert- Stakeholder ManagerLaura Fletcher- Business Analyst

Lucy Evans- PMO

© Lloyd’s

For more information

22

Control Framework

© Lloyd’s 23

Control Framework

Or controlframework@lloyds.com

© Lloyd’s

Questions?

24

Control Framework

Control Framework

Update on broker engagement

John Hibbert

Control Framework

Who have we seen?

Millers Julian Sawyer CSWH Les Doel Intergro Dan Lott Decus John Harris AJG Phil Branch Willis John Higgs Tysers David Green Aon Simon Archer/

Tony Rhoades

Endeavour Robert Campbell Towers Watson Geoff Davies Cooper Gay Rod Joyce THB Catherine Nicoll Bell & Clements Graham Lindus CSP Stephen Bryant AonBenfield Emma Syrett Lockton Ian Derry

Control Framework

Questions that were raised

Q. Why is the DA not involving this in Coverholders audits? - This is happening. New CF-specific audit questions are being introduced into

the Coverholder audit scope.

Q. Coverholders will be audited anyway over the next couple of years – is this not enough? - This covers part of it, but we need to look at the controls in place through out

the information chain.

Q. Are MAs “starting again” with third party coverholders? The distribution model is the same as with service companies- won’t the systems already be there? - Many are confident that the data is there, it is just the case of evidencing this.

Q. Have the responsibilities of leads and follows been considered? - Yes this has certainly come into the mix. However as far as the regulators are

concerned, there is no difference between them.

Q. Are TPAs part of this initiative? - Yes TPAs are considered within the CF.

Control Framework

In summary• A common issue is that Managing Agents ask

for data even though it has already been provided by the Broker. The first option has to be to look internally rather than going straight to the Broker. Lloyd’s needs to give guidance so that is a consistent approach from Managing Agents.

• It is essential for Managing Agents and Brokers to work together towards an agreed approach.

• This project should be very helpful for Brokers in that it will address data consistency.

CONSISTENCY IS THE KEY

© Lloyd’s

Q & A

29

Control Framework

© Lloyd’s 30

Control Framework

Close

Further information on Direct Reporting – sharmi.bakrania@lloyds.com

Further information on Control Framework – jaana.rouvari@lloyds.com

Next Breakfast Meeting – Tuesday 27th August 2013

Control Framework Broker Conference Event – 17th September 2013

Control Framework Phase I end of project celebration – end of September date TBC