Simple but functional risk management system used for compliance
Established in 1868, National Friendly is a mutual Friendly Society. Originally named the Surrey County Deposit Benefit Club, the Society is dedicated to looking after their members’ health and welfare needs and has been doing so for the past 145 years. As a benefit club its aim was initially to help people pay for their health care needs. The Deposit System (the original idea of the Hon. and Rev. Samuel Best) was employed by the Society from the outset, with members contributing each month an amount equal to what they would receive daily during sickness. Part of the contribution went to the member’s personal savings deposit account and part to the common fund for sickness. Claims were then paid in part from the common fund and in part from the deposit account. This principle is still in place today in their Healthcare Deposit Account.
As a Financial Services organisation, regulated by the FSA & PRA, and needing to comply with Solvency II, National Friendly need robust forms of governance to protect the business and it’s customers. One such area that was identified as needing improvement was that of risk management and subsequent reporting. Previously, like many other organisations, the mechanisms for collecting and assessing risk were disparate and therefore difficult to analyse and report. Excel, as the major repository, also had its limitations in terms of data accuracy and auditability.
In 2009 National Friendly held a system review with key stakeholders and determined that a professional risk management technology was required in order to tighten up and fully embed the Society’s risk management processes. The key reasons for the investment in a specific risk & compliance management system were;
- To better demonstrate compliance under internal and external scrutiny
- To change the perception of risk management by engendering greater participation
- To drive strategic thinking by better understanding risks to the business whilst also maximising opportunities.
- To more efficiently bring risk and internal controls together to support the audit process With senior management firmly behind them, Marytn and his team looked at a number of risk management software providers before inviting four to tender.
After reviewing each system in detail, (and in conjunction with the key stakeholders), Martyn recommended that the Board choose to implement JCAD’s Risk Management software. “The decision to work with JCAD was straight forward. The software offered the vast majority of what we needed and was simple to use. Equally important as the functionality, I also recognised in them a partner that would work with us to improve the system as our risk management needs evolved.” In early 2011, JCAD started work with Martyn to configure the risk system to the National Friendly framework. As with all past and future implementations this is a pivotal part of what JCAD provides as it ensures a speedy roll out because users already recognise the language and processes involved. The system also needed to incorporate not only the capture and assessment of operational and strategic risk but also emerging risks and loss events. This had been a key part of the tender and it was at this stage that JCAD demonstrated its ability to quickly respond to client requirements. National Friendly was able to input into the design of how loss events and issues were collected and from this JCAD developed the relevant functionality. “It was important to us that we established a good working relationship with whichever software provider we chose. The JCAD team were honest about what could be delivered out of the box and what would need development.”
JCAD RISK has enabled National Friendly to provide visibility and easy access to risks at all levels of the organisation. This has helped to facilitate accountability by the manual and automated delegation of tasks to departments or individuals.
The board and senior management are now actively engaged with the system and requests for greater analysis are becoming common place. Furthermore, risk management now forms part of everyday dialogue.
“Throughout the business staff are realising that Risk Management doesn’t need to be ‘feared’ but can be embraced as a powerful process in identifying otherwise unrealised opportunities.” Another bonus has been the ability to provide access to the system to third parties. For example, during annual audits the external and internal auditors can be given access whilst on site to the entire risk and compliance register, reducing the need to question the business. This has shortened the audit process by many days. The JCAD system will now also be used to contribute to production of the ORSA (Own Risk & Solvency Assessment) report. This is a key component of Solvency II and the aim is to facilitate the automatic generation of this component.
The demands on the industry continue to mean that compliance and risk management practices need to evolve. Because of this, National Friendly has recently upgraded its Risk Management software to JCAD CORE. The CORE suite of applications, which include CORE RISK & CORE AUDIT, now provide greater flexibility, improved functionality and enables both these disciplines to be managed from within the single system. Other benefits include the ability to link records together. For instance, audit recommendations can now be linked to controls which in turn are linked to a risk. The ability to also link Key Risk and Key Control Indicators to any risk, control or business unit also adds significant benefit when measuring success. “We are now able to link audit and controls to specific risks to provide reassurance to the board that the business controls we have in place are correct and working” Martyn plans to work closely with JCAD in 2014 to develop more specific reports that will provide even deeper insight into the business and better decision making.”