Unique challenges to the insurance industry
Among the challenges facing traditional insurance companies is the reality that the industry is heavily dominated by aging IT investments. Shared responsibilities across all insurance sectors include maintaining policy data, claims data and older data, while meeting requirements for both compliance and financial metrics and tracking. A persistent challenge is that this data resides on aging mainframes and other legacy systems, but the industry is not yet at the point where the cost of transformation can justify IT modernisation.
In addition, downward pressures on revenue and profitability during the global COVID-19 pandemic have further sharpened the focus on efficiency, flexibility and cost reduction. The pandemic situation has also had a disproportionate effect on specific geographies, forcing companies to be more flexible so they could address regionalisation. This has been especially true for conforming to government regulations that are unique to the insurance industry. For example, when a lockdown occurred in Italy, government regulations prevented companies from moving their data to another location outside the country for processing. The situation underscored the need for greater flexibility in data use and distribution by the insurance industry, including open platforms to facilitate information sharing within Italy. The pandemic also prompted a stronger need for flexibility to quickly introduce microinsurance offerings and other new products to help financially challenged customers.
Cybersecurity also became a critical consideration in 2020 – 2021, in the face of a record number of high-profile data breaches. As tens of millions of people moved to remote working, hackers and nation-state actors became more opportunistic, sophisticated and better organised.
In this “new normal,” a growing demand for new digital services and the need for an open platform are pressuring insurance companies to take an innovative approach to IT modernisation.
Digital mastery: Moving beyond the traditional approach
How should the insurance industry go about IT modernisation? The traditional approach is a left-to-right modernisation: taking mainframes and COBOL off premises and introducing open-source frameworks, outsourcing, APIs, transformational software, or other tools and partners. But this traditional approach is time consuming, particularly in the insurance industry, and companies can’t afford to wait. They need to continue to introduce new products quickly to seize market opportunities. Nevertheless, the left-to-right approach will continue and has accelerated, largely because the resulting cost reduction frees funds that enterprises can use to address this approach: thereby, becoming more digital (Figure 1).
In other words, this traditional left-to-right approach creates the funding mechanism to transform and modernise while maintaining legacy systems. Some of the savings go to the bottom line, while the rest funds more transformation.
Instead of the term “digital transformation,” the preferable phrase is “digital mastery.” Today, insurance customers expect modern digital services, making it incumbent on insurance carriers and their customers to have mastery over the digital systems and applications that drive the business.
For the IT modernisation conversation, the term “hybrid” also needs to be redefined. Hybrid typically refers to “hybrid cloud,” a solution that combines a private cloud with one or more public cloud services. But the definition of hybrid needs to include existing investments in enterprise infrastructures and include how an organisation is managing the three elements — public cloud, private cloud and existing investments — as it begins to move forward.
The challenge, then, is to transform not just incrementally, but exponentially, because many of the new and modern tools are not designed to support COBOL or Assembler development. While a hybrid enterprise can engage in development to create consistent DevOps environments, a hybrid environment ultimately does not support deployment, testing and other very important elements of application modernisation. To achieve digital mastery and become truly hybrid, an organisation needs the ability to not only manage the hybrid cloud across private and public elements, but also deal with existing investments in enterprise infrastructures and applications as they are being modernised.
Bear in mind that IT modernisation is a journey from existing platforms and processes to a modern IT estate and new operating model. Modernisation activities follow a natural sequence, but insurance companies can work on all four simultaneously (Figure 2):
1. Align IT with the business.
The first crucial step toward modernisation is the alignment of IT and business strategies within the organisation — determining which improvements fit with the overall business strategy, finding opportunities to align with that vision and developing a well-thought-out plan. Business and IT must reevaluate plans regularly, particularly when business conditions are uncertain.
2. Simplify and optimise IT.
To optimise for costs, insurers can implement a technology refresh that includes lean processes and automation, improving workload placement, and eliminating unused or underused systems, services and data. Organisations can also continuously optimise the IT environment with automated workload management tools and implement software-defined networks. Reliable, optimised, secure mission-critical systems provide a way forward for customers to modernise their IT, including moving portions of their IT estates to the cloud, to drive innovation and additional savings.
3. Modernise applications and data.
Before moving applications to the cloud, enterprises should identify and implement a workload placement strategy. After the business priorities have been established, the organisation can assess and rationalise the application (leading to cost savings), modernise or transform the application (enabling speed, agility and further savings) or deploy a cloud-based operating model.
4. Operate and secure hybrid at scale.
This new hybrid IT estate needs a new operating model that ensures the business can respond to market changes and continue to secure a much broader ecosystem as cloud resources grow. This requires organisations to develop new strategies for working in harmony with resources on premises, in data centres or the cloud. The new operating model ensures integrated operations and the ability to auto detect, self-diagnose and ultimately self-heal across the enterprise technology stack, resulting in highly efficient and resilient operations.
Changing the IT operating model: Why culture means so much
Like IT systems, the IT operating model in the insurance industry today is very much siloed. A company has application development teams and testers, and although these teams have moved closer together in recent years, many of them are still separated. In addition, traditional IT runs the data centres, networks and infrastructure, and work needs to be provisioned through the IT function. When a new operating model is on the table, how willing might business leaders be to let the businesses provision themselves?
This is where the importance of company culture comes into play. First, organisations need to ask if they are ready to implement a true self-service model. In the old model, when paying for a device, companies would tend to overprovision and build big, because they didn’t want to have to make additional requisitions. Today’s as-a-service models reduce that risk. If a company overprovisions, they will know 30 days from now and can quickly reduce compute, storage and costs.
Secondly, the culture needs to accept that IT modernisation should not be secular, i.e., that the enterprise has become more democratised. The overall business, application development team and IT operations all need to work together as a singular entity. To this end, the concept of infrastructure as code, for example, is being more widely adopted. By automating the management and provisioning of data centres, infrastructure as code provides visibility that helps teams across the enterprise work quickly and more efficiently — and move toward a DevOps culture where development and operations work together. Culturally, then, the question is: How fast can enterprises begin to adopt more advanced approaches like DevSecOps, which embeds security assurance into the process?
In fact, with more data in the cloud and in offsite data centres, and more employees working from home using their own devices, organisations must create a more cyber-resilient culture. It’s no longer a matter of defending against all attacks, but a matter of how well the organisation can respond when systems are compromised. Does the enterprise have a plan in place to quickly recover and continue to function? Many organisations are increasingly embracing a Zero Trust architecture, a model that assumes everything around a network is hostile. Zero Trust requires continual verification and permits access based only on certain policies and within the right context.
Key decisions about security and tools need to be made holistically. With new software development environments and open-source applications, no one needs to ask the IT or development organisations to adopt them — the corporation as a whole has to adopt them. That is a very different approach, and the change required is not subtle at all. The faster corporations adjust to that model and bring themselves together, the faster they will experience the positive impact of IT modernisation.
The key is to know how quickly the organisation can be brought together to think singularly as it consumes and builds products, serves the customer base and supports business growth. Then a company needs to ask: Is what is being modernised truly important to the business? The answer is “yes” if products can be developed faster, at a more effective cost and with greater flexibility. The answer is also “yes” if a company has to be in the position to quickly adapt to and change for new compliance requirements in play, with possibly different considerations by region.
Key considerations for IT modernisation
Primarily, IT modernisation helps companies in the insurance industry develop new products faster. By becoming more digital, everything can benefit from modernisation. It is imperative, however, to first install a digital integration interface between the legacy and modern environments. Once that is in place, companies can begin making substantive changes in areas such as claims, fraud detection and underwriting, where analytics, AI and machine learning become more important.
A company can grow its product base as it begins making technical changes. But it all starts with the business: how it best serves customers, how well it fosters cross- selling, and how efficiently and effectively it grows.
When a company takes steps toward modernisation, it should also examine key technical considerations. For example, do you have a public cloud destination and choice? Is your cloud going to be Amazon Web Services, Microsoft Azure, Google Cloud or another option? A comprehensive understanding of the organisation’s existing footprint and direction eases the process.
Application migration decisions are dictated and refined around the digital end state. Once an enterprise has decided on a migration path, there’s no one single strategy. Migration becomes an application-by-application decision and, because the variables are so significant, there are many complexities to navigate.
But the fundamental decision is: Does the organisation want to own the migration, or do they want to own the functionality that makes the business successful? Forward-looking CIOs don’t want to have to worry about the infrastructure, but they will have to worry about meeting the needs of the various lines of business, performance factors and how to grow the business. There are better ways to achieve a company’s business goals than trying to determine what server to be running on.
Resistance is futile
When considering IT modernisation in the insurance industry, business leaders need to know: Resistance is futile. Enterprises need to break down resistance to transformation and modernisation of applications, because the simple reality is that digital change is now a matter of doing business. Conversely, if an enterprise embraces IT modernisation and becoming more digital, that enterprise is going to speed up success and see a greater cost impact sooner. The pressures for change are imminent, and enterprises need to modernise in a fashion that contends with those changes when they occur, and in some cases, even beforehand.
The insurance industry has been evolving quickly, and unprecedented changes in 2020 – 2021 have created a need for more and faster change. The good news for insurance companies is that these issues can be addressed, and they impact everybody, clearly exposing some corporate and industry dependencies.
The importance of modernisation lies in its positioning your organisation for growth and moving it from technology-centric to business-centric decisions. Drive your solutions, drive your products and leverage what technology can give you. But when undertaking IT modernisation, the key to growth is worrying less about the technology you choose and more about how the company uses the technology. In short, it’s not about which cloud provider you choose, but how you culturally adapt to that choice and how well you adopt and consume it.
How DXC enables modernisation
DXC Technology has closely examined the best ways for companies in the insurance industry to take on the many challenges of IT modernisation. As the leading provider of core insurance systems, DXC has a long history of innovation in the industry.
For example: DXC recognised that at insurance companies — typically burdened by siloed, dependent systems — implementations and changes took too long and costs were too high. DXC began by designing a platform from the bottom up to help insurance companies achieve digital success in the changing marketplace. The approach was to build an ecosystem combined with a cloud-based, as-a-service model. The result? The DXC Assure Digital Platform.
The DXC Assure Digital Platform and related DXC Assure insurance offerings are a highly connected ecosystem of digital services that enhance a company’s relationships with customers, agents/brokers, banks and others. Before adding policy, claims and product development capabilities, DXC built a standards-based, cloud-based, as-a-service product. In rolling out DXC Assure, the focus was on helping companies move from CAPEX to OPEX, providing on-demand capabilities and supporting what was emerging as the standard way to build a corporation. Benefits achieved with DXC Assure mirror the many advantages derived from IT modernisation.
Learn more about DXC in Insurance.