Using data and analytics to shift the discussion from risk ......Oct 10, 2018 · Expertise:...
Transcript of Using data and analytics to shift the discussion from risk ......Oct 10, 2018 · Expertise:...
ServiceNow® GRC at MLC Life Insurance
Using data and analytics to shift the discussion from risk to control
Manager, Risk Systems and Data Analytics,
MLC Life Insurance
Greg Dominish
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Who we are and who we work for.
What’s interesting:
• Our 130 year old company is in “start-up
mode” as we become a standalone Australian
Life Insurer
• Opportunity to build risk and compliance
systems and capability …from scratch
• 80% owned by, Nippon Life – opportunity to
benefit from their experience as the world’s 8th
largest life insurer.
Agenda Know the Context
Set Outcomes and Goals
Use Data and Analytics
Work towards automation
Build maturity as you go
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Name: Greg Dominish
Title: Manager, Risk Systems and Data Analytics
Function: Line 2 Risk
Company: MLC Life Insurance
Speaker Introduction
Experience/Expertise: 4 years in Risk and Compliance systems, prior to that 20 years as a SAP consultant
with Accenture, IBM, Open Text and independent consultant across multiple industries.
Expertise: ServiceNow Administrator, Performance Analytics, GRC
Achievements: Implemented risk systems at National Australia Bank and MLC Life. Increased risk event
management compliance at MLC Life Insurance from 20% to 80%.
Current Projects: Driving process efficiencies, implementing data analytics, upgrade to Kingston.
Company Bio: Managed Risk Systems since Day 1 of MLC Life Insurance.
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
The MLC Life Insurance business provides the following products to it’s customers via:
• Advisers, and
• Group Insurance providers, such as employers or superannuation companies:
MLC Life Insurance
Complex product offering = complex risk/ compliance profiles
• Life Cover
• Income Protection
• Total and Permanent
Disability TPD
• Child Critical Illness
• Business Expenses
• Debt Protection
• Accidental Death
• Occupationally Acquired Infection
• Critical Illness
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Digital Transformation. Cloud Focus. Customer focus.
• MLC Life Insurance is undertaking Digital Transformation – including big data and cloud technology.
• This significant overhaul of our technology provides better, more tailored solutions for our customers. Examples include:
• “Best Doctors” network of worldwide medical
specialists
• Wearable technology options linked to our
products.
• Digital underwriting platform delivers speed
and certainty for customers & advisers
Technology Transformation
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
• Do something new: deliver the same or better GRC capability as the more
established GRC providers
• Make risk management more effective:
move away from traditional approaches to risk management,
monitoring and reporting
• Transition to transformation: keep it
simple, build don’t assume maturity, be ready for transformational opportunities
Our Challenges
Likelihood = Risk x Consequence
Risk Profile Heat Map
A New Approach Needed
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
The key outcomes wetargeted were:
• Integration of risk and compliance into operational management, using…
• Controls management as an integral part of operations, to create…
• A risk and compliance culture
Agenda Know the Context
Set Outcomes and Goals
Use Data and Analytics
Work towards automation
Build maturity as you go
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Key outcomes: to integrate risk and compliance into operational management … using controls.
Goals to achieve this: ServiceNow provided us with the ability to:
Outcomes and goals
Enable data-driven decisions
Build a user-friendly system
Provide a clear pathway to automation
Outcome: Integration of risk into operations management
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
System Usability
Technology
Language
Partner engagement
KEEPIT
SIMPLE
Build a user-
friendly system
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
A single platform
Technology
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Phased approach
Technology
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
System Usability
Partner Engagement
Old EMS
36 fields required to
be completed when
raising an event
New EMS
10 fields required to
raise an event
Time to complete event form
40 minutes down to
3 minutes
Technology
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Clear system/business outcomes
Partner EngagementTechnology
Outcome Before After
Single point of entry
• Mult iple platforms
• Dispersed and silo based report ing
• Single platform, single sign on
• Transparency and accountability -
what gets measured gets managed
Self-service • Data on personal drives
• Manual report ing service (takes
hours)
• Data often 3 weeks old by the
t ime it gets to Board
• Cloud
• Self-service, tailored automated
report ing (takes seconds)
• Resources redirected to more value-
added activit ies
Accessibility • Upon request only
• Desktop access
• Onerous audit reviews
• Up to the minute data
• Mobile app
• Independent audit reviews
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
“MLC Life” friendly language
Language
• Aligned to our ambition of being Australia’s biggest and most trusted
Life Insurer – effective risk management protects our customers, our
reputation, each other and our business.
• The language of risk and compliance is often over-complicated
• ServiceNow allowed us to translate the out-of-the-box language into
MLC Life Compliance English, for example:
“Creating central
libraries for risk,
compliance and
control was key”
Service Now GRC MLC Life
Authority document Obligation source
Citation Obligation library
Policy statement Obligation
Profile type Business unit
Profile Cost Centre/ Business unit relationship
Policy (N/A)
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Choosing a partner
Partner Engagement
ServiceNow Consulting Services
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Enable data-
driven decisions
Having established the system, we
now needed to capture the data…
…and report on it
ServiceNow Performance Analytics provided a simple way of delivering
data to our key stakeholders
Agenda Know the Context
Set Outcomes and Goals
Use Data and Analytics
Work towards automation
Build maturity as you go
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Data cleansing
Prior to the implementation of the GRC system – spread-sheet chaos!
• Data stored in multiple locations and in multiple formats
• Inconsistent use of labels and terminology
• No single view of the organisation, no ability to collate information
Post implementation of the GRC
Single source of truth
Consistency of language
Data rationalisation
Connectivity & alignment
Obligations
6600 1900
Risks
700 63
Controls
4000 103
Enable data-
driven decisions
Demo
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Performance analytics
Live demonstration from system
• The Monthly Events Report is sent to out each month
• Historical monthly events reports can be accessed via the Governance,
Risk & Compliance (GRC) Knowledge Page
• Real-time events information can be accessed via the Risk Events
Dashboard, and are sent out weekly via an automated email
• Tailored Dashboard have been setup for Executive and Nippon
• Risk and controls libraries
Enable data-
driven decisions
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
This is what cultural change looks like...
…and the Executive started
calling individuals who had
overdue actions…
Events process
compliance
…events raised on time,
actioned on time
20%
80% Other key figures:
• Events closure rate
• Number of events open > 1 year
• Time taken to report events to regulator
Events users
…improved operational
transparency
281
514
Enable data-
driven decisions
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Provide a clear
pathway to automation
• Automation isn’t just sending
workflow notifications
• It’s also about using the simplicity
of the system to make it
“automatic for the people”
• What gets measured gets done –
establish key metrics
Agenda Know the Context
Set Outcomes and Goals
Use Data and Analytics
Work towards automation
Build maturity as you go
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Working towards automation
Simplified Forms and
data libraries
Pre-population of
compliance fields
Automated reporting
Data correlation
analysis
Workflow
notifications
Risk and Control test
notifications
Automated data
integration
Enterprise risk
reporting
Provide a clear
pathway to automation
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Business benefits of automation
Better Insights
• Focus where the risk and rewards are high
• Risk now being engaged more often and
earlier
Resource Efficiencies
• ~160 hours of work time saved through
reduced administration. This is equivalent
to four FTE
Move away from rigid review cycles and reports
• Real time reporting direct from the system
• 7 paper based reports removed from
circulation
Refocus FTE
• Risk resources now focused on more value
added activities such as critical control
integrity reviews, risk deep-dives and
enterprise change initiatives
Provide a clear
pathway to automation
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
This is just the beginning…
Agenda Know the Context
Set Outcomes and Goals
Use Data and Analytics
Work towards automation
Build maturity as you go
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Building risk maturity
Do I have to do this? Let’s do this! / Just do it!
- Trusted business advisor
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Building risk maturity – with Agility
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
Building maturity
Outcome: Risk management, by definition, is the exercise of control
Understand the risk
and compliance
environment
Analyse the
effectiveness of
controls
Take Action!
Most systems stop here!
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
What maturity means for us
• The Automate administrative tasks
• Align to core business processes
• Simple, effective, rapid screening of risks
• Allows refocus of expert resources onto value-added activities
• Positive assurance
• Shift from reviewing risk to pricing of controls
• Genuine management of high risk exposures
© 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
How to build maturity
Agree terminology upfront
The system is a tool. It augments
existing expertise
Leverage your internal business
experience
Involve key stakeholders early
& often
Questions?
Thank you