Why is breach reporting a big issue and how should you do it?

Why is breach reporting a big issue and how should you do it?

Why is breach reporting a big issue and how should you do it? | Insurance Business Australia

Insurance News

Why is breach reporting a big issue and how should you do it?

“Change the mindset,” says brokerage leader

Insurance News

By
Daniel Wood

Breach reporting is a key issue for brokers. There are at least three sides to this challenge. The Insurance Brokers Code Compliance Committee (IBCCC) says only about 63% of brokers report breaches. That number is worse than it looks because, says the IBCCC, “many brokers continue to submit incomplete, inaccurate, or inconsistent compliance data.”

For those firms that are reporting breaches, there’s another problem. The oversight body’s September report shows an alarming rise in the number of breaches related to remuneration disclosures.

This trifecta of challenges comes at a time when broker transparency, fees and commissions are, once again, under a spotlight. In recent months, government inquiries, regulators and an ABC-TV Four Corners investigation have all taken their turn raising issues.

Many industry stakeholders, including brokers, seem to agree that greater transparency, including breach reporting, will help solve bigger issues around customer service and community trust.

The fact that under the current Insurance Brokers Code of Practice, brokers are only obliged to disclose their fees to a limited number of retail clients, could be playing into this breach reporting issue.

The Code is currently under review and fee disclosure obligations to clients are a key sticking point.

“We have been vocal about our desire to see the Code strengthened in this area, and we hope that the upcoming review will address this critical issue,” said Oscar Shub, the IBCCC’s independent chair.

NIBA wants more breach reporting

At the recent National Insurance Brokers (NIBA) Convention in Adelaide, NIBA’s president Gary Okely said the peak body will “really put the shoulder to the wheel on tough issues.”

See also  Inver Re swoops for big name from rival

“We want more breach reporting to come through to the IBCCC,” he said. “I think it’s really important that we learn from what we do.”

Okely said this approach would “help make sure we are in that self-regulatory mode.”

Pride and Prejudice?

Insurance Business asked brokers at the Convention why such a large number of firms are failing to report any breaches?

“I think there’s sometimes an element of being a little bit proud about the work that we do,” said one broker. “Some may see something that is slightly off but think that it’s actually not that bad commercially and doesn’t constitute a breach.”

This broker was an authorised representative (AR) which means any breaches his firm might report would go to the AFSL license holder, who would be responsible for reporting them to the IBCCC.

This extra link in the reporting chain could be another factor in the under reporting.

Changing the mindset

Brett Piggott (main picture, left) and Alex Rowland (main picture, right) are executive directors of Willis Temby Insurance Brokers.

“Sometimes it’s just this wrong mentality that brokers may think they’re protecting the organization by not notifying a breach,” said Piggott. “But it’s actually positive to realise it’s a tool to grow and establish the business and develop it into a more professional, transparent organization.”

The Perth-based broker said brokerages who aren’t reporting “just need to change the mindset around it.”

Rowland suggested that brokerages worried by breaches and reporting them should be more pragmatic.

“If you are churning out the number of transactions that we do with the number of compliance obligations that we have, there’s just got to be a degree of pragmatism that this will occur,” he said. “So let’s just make sure that we catch it and we train for it and deal with it.”

See also  Allstate reports $1.7bn Q3 catastrophe losses, $630m from hurricane Helene

Both brokers agreed that workplace culture is important.

“It is a culture piece,” said Piggott. “It’s about promoting within the organization that a breach isn’t a nasty word, it’s a part of doing business.”

Rowland suggested that a toxic, competitive work culture could have issues effectively breach reporting.

“Most people have good intentions – there’s no point in threatening or reprimanding or shaming,” said Rowland.

Piggott said firms that aren’t reporting breaches, or who say they don’t make any breaches, “probably don’t have good internal auditing.”

How should a brokerage report breaches?

So how can a brokerage effectively breach report?

Piggot said it’s important for a brokerage to decide to take compliance seriously and then dedicate sufficient time to do it property.

“It’s a learning piece,” he said. “We’ve actually found, as an organization, that it’s been a really important part of a team member’s growth to go through a compliance breach.”

He said each month they meet as a team and talk about the breaches.

“We’re very proactive with breaches management,” said Piggott. “We audit on a monthly basis a minimum of 50 files and then report on that breaching.”

IB suggested that this must be a big time investment?

“It’s not a huge amount of investment if you have your procedures set up correctly in the first place,” said Piggott.

He said they set tight time frames. The firm’s policies all come up for renewal on the last day of each month.

“On the 20th of every month we do an audit of randomly selected files and establish if a breach has occurred,” said Piggott.

“If there’s a breach that’s been identified, we immediately communicate with the client and do rectification or remediation before the expiry of the policy.”

See also  IAG reports mixed results for half year financials

He said this is educational for the brokerage team.

“It’s a learning process for the team to understand where that breach came from and how did it develop? Was it because of a procedure that’s not correctly aligned to the task?” Piggott said. “Or was it somebody who went rogue off that task or compliance piece.”

Are you breach reporting? Please tell us how you do it below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!