May 17, 2016

Anatomy of a Regulatory Change – Pt.3:
Compliance Best Practices

By: Holli Bratt

As Leslie mentioned in the previous post, there are several existing resources and groups that can help you monitor change. However, once you're aware of a potential change or know that a law, statute, rule, or regulation will require change in your business processes, then it is time to act/react. In being responsive, there are three stages including pre, during, and post-change that may have several steps and action items that you should be ready for. Let's get started with some of those best practices.

Before the Change is Approved and Final

Some of this section was covered in our previous post, but for the purpose of providing you a complete, easy to access to-do list, let's run through a few of them again.

Educate yourself

It is very important to be aware of current regulatory news in this industry because chances are, if the change doesn't affect you, it may affect your business. By following some of those groups and resources mentioned in the last post, you can stay ahead of this change? again, being proactive is important. By being involved in the industry groups, you're directly involved in discussions on how these changes will help you stay informed and help you determine how to take action.

Coordinate discussion with compliance, IT, operations, and sales

A successful process includes not only staying informed and educated, but making sure your team is aware of how it will impact your agents/advisors and your day-to-day operations. Collaborate with compliance, IT, operations, and sales to identify and communicate changes on your business, systems, operations, and especially on customers. So, as you're analyzing a change these are 5 main questions you should address:

1. How will this impact your business policies?
2. What, if any, operational changes are needed?
3. What are the data and system impacts?
4. What could go wrong and how will you handle issues?
5. How can you leverage this change for competitive or operational benefit?

What should you be looking for when answering those questions? Here are some examples of specific things to consider:

• Will there be additional education or training to complete and how long do agents/advisors have to complete it?
• Is there a new license expiration date to consider?
• How may this impact your supervisory procedures? What do our have to do to monitor agents/advisors?
• Some regulatory changes will result in the need for a process change or a completely new process to be implemented. For example, a new education or training requirement can add a step to overall compliance tracking or there may be a new way to report completions.
• Who has to review / approve items and when do they have to review / approve them?
• If a state makes a change to a license type, license line of authority, appointment line of authority, how will that affect your sales authorization processes.
• Certainly issues can occur, sometimes due to a lack of a solid understanding of the change, timing of the change, poor process implementation can lead to inefficiencies, non-compliance, and rework.

By answering these questions prior to the change passing, you're putting yourself in a solid position to be prepared for the change. Regardless of the nature of the change, finding the most efficient way to adapt and leverage that change will help you keep your competitive edge. You will not be blindsided by the change, you may instead be able to capitalize on it.

During

If you're proactive and following changes prior to final legislative or regulatory approval, you run a slight risk of being ahead of the curve. Because when the final version of the change comes out it can be different from prior versions. By being proactive, however, you can quickly adjust your planned approached as opposed to starting from scratch. It's always easier to adjust a plan than create one when the compliance clock is ticking.

If the change isn't approved / finalized

Your time hasn't been wasted! Adopting agile methods will help your organization get better and better at adapting to regulatory change. Also, some changes have a tendency of resurfacing?potentially with some minor changes?so make sure to document and archive your information

If the change is approved / finalized

As the change is winding through reviews and its final passage / approval, make sure all relevant departments in your company are notified. It is almost not possible to over communicate regulator changes. This includes a full explanation of operational changes and how each employee is involved including process changes. If this plan was created in advance of the change being approved, it's a matter of informing employees that the change has been approved and a reminder of their action items. This will help your IT department understand what system and operational changes are needed by their business partners, as well as help your carrier or distribution partners understand what must be done differently. Timing is critical. It is imperative to know when the change is effective and how long agents/advisors have to comply.

After the Change is Approved / Finalized

After the change has been approved and all affected teams have been made aware of their action items, think about ways to capitalize on a change. This means whether you can leverage the change to differentiate your organization competitively, whether through efficiency of adapting to the change, being easier to do business with, or simply being first to address the change.

For example, data impacts are one of the most significant and important things to monitor and keep up to date post-change. When a regulatory update happens, your data needs to be updated simultaneously. For example, a state decides to make a change to separate their "Property & Casualty" appointment line of authority into separate "Property" and "Casualty" appointment lines of authority. In this example, it is imperative that your producer records accurately reflect the correct appointment lines of authority. Vertafore's regulatory team ensures the proper appointment lines of authority are made available in Producer Manager and its automated PDB syncing capability to ensure that the updated PDB information is reflected on producer records. Besides the data impacts, though, there are changes to rules that may also affect the status of your producers' authorization to sell various product lines. Stay tuned for the next post for more information on how you can keep your data up to date.

In the securities industry, where registration information is more uniform and stable than in insurance, policies and procedures are more likely areas that your business should expect change as opposed to data. For example, the new consolidated FINRA Rule 3310(e). A regulation like this drives changes to supervisory procedures in order to comply. Interestingly enough, the rule requires firms to validate the accuracy of advisor's Form U4 data.

How does Sircon do it?

Here in the Sircon solutions team at Vertafore, our Regulatory Compliance Services (RCS) specialists monitor upcoming legislative actions and rule changes, as well as operational and technology changes. To ensure that our customers stay compliant, we follow the same steps we just showed you! However, RCS also works with our business partners like the NIPR and the state regulators who use our regulatory solutions to implement changes. Our twelve dedicated specialists focus solely on these changes. The RCS team monitors changes and works with the Sircon product teams to implement any change necessary in our products as well as sends notifications to customers regarding the change. We also provide helpful information about the change by breaking it down to a more digestible read and include some helpful information on how to notify your teams and properly adjust to the change. In this case, we do the proactive monitoring, process planning, change, and follow-up for you.

Here's a quick overview of our relationships and teams that help us monitor change:

• e-PAL: Our e-PAL regulatory analysts monitor states, FINRA and other sources of regulatory changes. As legislation, rules, system and operation changes are approved, they make changes to e-PAL content and send e-mail notifications to e-PAL subscribers to keep them up to date. When the e-PAL team spots a change, the RCS team then analyzes and applies those changes to products to ensure customers comply with the changes. The changes are carefully planned to implement them in the most efficient way.
• State team: That brings us to our next group of specialists who work directly with the states. Sircon for States is used by 22 states, so we consult directly with those states to determine how to best implement a regulatory change.
• Industry team: This group of specialists implement regulatory changes in our products used by industry customers including agencies, carriers, securities firms, education providers, and individual agents, advisors, adjusters, etc.
• NIPR relationship: Vertafore is an Authorized Business Partner (ABP) of the NIPR. As an ABP, we work in conjunction with the NIPR to make sure transactions flow successfully. We are the only ABP that works with the NIPR on both the state and industry sides to implement regulatory changes.
• SILA relationship: We work closely with SILA to deliver updated content each month for the SILA Digest so that their members can get updated regulatory information in an easy to use digest format.
• FINRA relationship: We attend FINRA update meetings and monitor rule changes on behalf of our customers to ensure we understand and manage both regulatory/rule changes and operational/technical.

Our regulatory expertise, dedicated staff, relationships and processes have helped us complete over 150,000,000 regulatory transactions over the last 15 years, and over 25,000,000 transactions annually to help our customers comply. Over that period we have implemented thousands of regulatory changes, over 250 just last year. Stay tuned for our next post, where Vertafore Sr. Product Manager, Patrick Masi, will show you how to use best practices to leverage the NIPR and PDB to make sure you are prepared and compliant.

---