The many roads to successful IFRS 17 implementation

By Jason Contant | November 18, 2019 | Last updated on October 30, 2024
3 min read

When trying to implement an IFRS 17 solution in your insurance company, should you start fresh with a new solution, integrate into your existing systems, enlist the aid of a third-party provider or some or all of the above?

The risks for your company will vary depending on the path you choose. Insurers will need to consider integration from an enterprise risk management (ERM) perspective, as the implementation affects a variety of business functions ranging from actuarial, risk, finance and IT. The decision will require collaboration between these business departments.

“From my perspective, an IT perspective, the best way to implement this is to put in a new solution. Start fresh, that’s the way I chose,” said James Knott, manager of risk advisory services at BDO Canada, and one of the speakers at the Canadian Insurance Accountants Association’s Fall Technology Seminar in Toronto last week. “But from a business perspective, the accountants may say, ‘Wait a second, we can’t do that. The cost is exorbitant, we can’t afford that. I’d rather have this solution.’”

A complete system replacement is inherently a risk in itself, Knott warned. “It’s probably one of the largest, riskiest [things] a company can do. Not just on the replacement… but the analysis of how you are going to connect with IFRS 17.”

An insurer may decide to implement a cloud-based solution. If they go down this route, the security and risk posture of the company will need to be re-evaluated and addressed within the ERM. The benefit is the insurer will instantly have the expertise, controls and reporting structure of that cloud provider. But they will also need to ensure that data is transmitted securely and the cloud is consistently available.

“Is that provider up all the time, especially during the reporting periods, or are they down?” Knott asked during the seminar, presented by BDO and Moody’s Analytics. “All these risks need to be identified and managed.”

Transfer of data between systems is another consideration, as data between systems aren’t always compatible. “You may have to export data, transform data, protect data, upload data,” he said. “The complexities vary depending on what type of product or solution you are choosing. Is it in-house or are you relying on a third party that has the knowledge? It’s something you need to consider from a risk perspective, management perspective and training perspective.”

There are so many facets of risk that need to be identified, evaluated, managed, monitored and reported on, Knott said. “It’s not a simple implementation; it’s important that it’s planned out in an upfront manner.

“So, start early,” he said. “Otherwise, you might be forced down a path that may not be the solution.”

Some questions to ask yourself:

  • Who owns the data from source to destination, including when it’s in flight?
  • How are you going to plan for the extra efforts and requirements required to analyze and execute the IFRS 17 implementation? “People have a day job,” Knott noted. “This is multi-year. It’s not just dollars, it’s people.”
  • How will you manage the reporting aspects of the standard? For example, it might be through third party tools; it might be training staff to make sure they are up-to-date on the most recent legislation
  • If a risk affecting stock price or reputation, for example, occurs, what would be the likelihood you couldn’t report under IFRS 17? How would the risk be managed (through products, use of consultants, putting in reporting systems, etc.)?
  • If the implementation is outsourced, how will this provider manage the data? Are they going to back it up? Is it encrypted?

Jason Contant