Related Items
  FREE Insurancenetworking.com Site Registration!
Sign up today and access the leading source of Insurance I.T. information on the Web.

Your FREE site registration entitles you to

FREE Insurance Networking eNewsletters

Search more than 7 years worth of archived data

White Papers and Industry Research that provide valuable insights on a variety of technologies and implementation issues

Access our Web Seminar series

   

Compliance: Benefits of SOX Debated As Cost to Carriers Dips

Carrie Burns April 2007

Insurance industry experts will argue for a long time about exactly how much the Sarbanes-Oxley Act (SOX) has cost the insurance industry. They probably can agree, however, that those costs are significant.

Carriers incur the costs making sure they comply with the act, which aims to make corporate executives responsible for the accuracy of their financial statements and for the internal controls that minimize errors and reduce fraud.

Most industry experts say carriers experienced their highest SOX costs during the 2004 and 2005 deadlines. "These were critical years in terms of SOX compliance IT spend, where the focus was on personnel, auditing, consulting and internal process documentation," says Amit Shah, an analyst in financial services technology at Datamonitor PLC, a London-based business information and analysis firm.

The compliance deadline snuck up on insurers, and costs might have been a bit lower had they been given more of a lead time, says Donald Light, a senior analyst in Boston-based Celent LLC's insurance group. "But it would not have had the political impact, which was its purpose."

Indianapolis-based Conseco Services LLC experienced just that. "We were expecting deferrals, and thought we had more time [to comply] and didn't understand the magnitude of [the compliance requirements]," says Jackie Byers, vice president and SOX compliance officer at Conseco. "The majority of our pain was from a testing perspective and just really assessing the controls from June 2004 all the way up to the wire."

And this was when Conseco made its most significant investments for SOX compliance, says Byers. "In order to enhance our change management process within IT there was a pretty significant investment in some hardware and software-something we use as a repository to manage all of our requests to changes to the IT systems and as an audit trail to track the approval process."

Light agrees the SOX-related initiatives that required insurers' immediate attention cost them quite a bit. But he says those initiatives also "crowded out other projects that may have a business purpose rather than a compliance purpose."

Fortunately, those projects that were initially pushed aside may see action now, as the SOX compliance costs don't have as big of a presence in IT budgets as they did in 2004, according to Light. "In terms of total IT budgets, if there has been an expansion or extra cost I'd say it's probably been pretty modest-5%, maybe 10%, maybe for a year or two," he says.

Other experts say to expect even more of a lull in SOX costs as years go on. "IT spend was expected to slow down from 2006 onwards, however, the remaining spend will be more focused toward investing in technologies to integrate controls into insurers daily operations," says Shah.

TODAY'S COSTS

A present expense insurers face with SOX compliance is the cost of additional staff. Conseco did add staff and reallocate duties within its IT department. "Because of the segregation of duties now, we probably aren't as thin as we could be or would like to be," says Byers, noting that this may be due to backup requirements. "The backup for things alone created increased resources."

Light attributes the need for additional staff to the intensive documentation and processes requirements. "Essentially, that's all Sarbanes-Oxley is: You have to have proper processes in place that are documented and auditable. Companies have to divert a lot of their own staff to those tasks [to allow] major accounting firms to come in and review the review."

External audit fees contribute to insurers' SOX compliance costs. The insurance industry and other industries affected by SOX raise concern about external auditors' outdated processes and technologies and high costs.

Conseco tries to control those costs by focusing on internal auditing processes. "I have a team of about 10 people and we do the same level of testing that our external auditors do; we probably do more than they do because they rely on our work in certain cases," says Byers. "The [external auditing] firms are trying to do more of an integrated audit, so they don't necessarily have good data on SOX vs. what's on their substantive audit of the financial statement so we continue to see big numbers there but hope that recent guidance from the PCAOB (Public Company Accounting Oversight Board) will really help drive down some of the audit costs."

For more information on related topics, visit the following channels:


Agent Network

Compliance

Insurance Network

Risk Management

Spotlights