FCA has published the findings from its review into outsourcing in the life insurance sector. The review stemmed from FCA’s awareness that the sector relies heavily on outsourcing and third party providers, and there is a heavy reliance on a limited number of providers. This leads to significant risk for customers if the provider fails, especially given that the functions typically outsourced include annuities payroll administration, claims processing and resolving customer queries.
FCA focused on the regulated firms and looked at their systems and controls, specifically at exist planning (both planned and unplanned exits), BCP and governance, systems and controls.
Its findings were:
- on the whole, life insurers have extensive governance, systems and controls over outsourced activities, but some were not identifying and managing operational risks throughout the lifespan of the outsourcing;
- most life insurers had in place provisions allowing them to exit if their OSP fails or is in material breach, and requiring co-operation of the OSP in transition to a new provider. Most had exit plans, but some lacked detail;
- on BCP, the most common model is for OSP’s to use their own IT, rather than the insurers’, and therefore they carry out the BCP testing. FCA found the level of information firms get from the testing results varies;
- governance committees tended to be better briefed on operational performance rather than customer outcomes. Most firms were able to provide customer-centric MI on request but did not routinely provide it to governance committees.
FCA concluded there are no concerns of widespread failure to manage customer risks arising from outsourcing in the sector, but there are several areas in which firms could improve. The report include some examples of good and poor practices, and FCA is following up some points with individual firms. However, it is not proposing any rules, guidance or sector-wide further action.