Business Applications

Many insurers started with systems built more than 40 years ago, when the requirements consisted of accounting for products and business transactions without real-time processing. So, moving to digital has been hard. 52% of IT budgets are spent on core applications and infrastructure. From 2012 to 2017, the share of operating costs spent on IT increased 24% in P&C and 12% in Life [2].

To modernise their applications, insurers are seeking to re-platform applications, introduce SaaS applications, or to create an API environment to surround legacy applications to allow digital platforms to be introduced and remote working to be allowed. Containerisation of legacy applications will be a necessary step in the large-scale migration of workloads to public cloud and allow workloads to shift across a hybrid multi-cloud architecture.

Compute & Cloud

By their very nature digital platforms leverage hyperscale infrastructure from cloud providers in computing, data storage and security to deliver scale, reliability and customer experience. Insurers were slow to adopt cloud due to security and regulatory concerns, but adoption is now growing fast. Since 2018, the number of insurers using the cloud has increased from 70% to more than 90% [1].

There will be a major shift toward cloud as the primary venue for workloads over the next few years, with public cloud IaaS and PaaS serving as the primary environment for workloads.

Insurers are transforming their distribution layer (which cover customer engagement and servicing) to a microservices architecture working together though APIs. These reusable core services are available in multiple channels providing a simple, convenient interface to customers.

Agility tops the list of cloud adoption drivers (67%), followed by speed to market (54%), innovation (54%) and cost optimisation (40%) [2].

Multi-cloud architectures are seen as key to delivering agility, cost and performance while addressing security and compliance challenges. Eventually, container-driven application portability in a hybrid or multi-cloud IT architecture will enable the multi-directional movement of workloads to best execution venues on an ongoing basis for optimisation of cost and application performance. Unsurprisingly, 81% believe a multi-cloud strategy will become a regulatory prerequisite after several years of regulatory focus on cloud technologies in the UK and the US [3]. 

Digital Workplace

Organisations must now provide a digitally enabled, flexible and collaborative working experience to attract and retain staff. They must also move beyond the fast reactions required to achieve a lockdown, where over 70% worked from home [1], and deliver an ongoing hyrbid working environment. 

There is a 20 to 30% increase in throughput and efficiency when effectively deploying a flexible work environment, and the acceleration of process automation will further help improve margins, reduce costs, and serve clients more efficiently.

A modern collaborative digital workplace is critical to a remotely located workforce. It ranges from access to HR applications and core business applications to e-mail, instant messaging and enterprise social media tools and virtual meeting tools.  As human works shift to higher- value work this becomes even more important. Digital capabilities for the service organisation, particularly the call centre, will be critical to offering empathetic service.

Security, Compliance & Data Privacy

Security especially with data breaches is high priority issue. Consumers and businesses  expect banks to operate at a very high level of security and privacy, this includes identity management, data security, privacy management and cybersecurity.

Delivering this across a hybrid cloud and remote working environment is challenging given the ever-increasing number of attack surfaces. Most insurers will spend at least 12% of their total budget on cybersecurity [1]. A considerable portion will go to cloud security, reflecting the shift to cloud-based business models.

In 2021, 63% of financial institutions experienced an increase in destructive attacks, an increase of 17% from the previous year [2]. In 2022, Akamai Security Research observed a colossal 3.5x growth in web application and API attacks against financial services. In 2022, DDoS targets increased by 22% in the financial services industry [3]. CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million in late March to regain control of its network after a ransomware attack [4].

Whilst insurers banks need to secure their own organisation, more than 80% of Financial Services attackers target customer accounts rather than the organizations themselves [5]. Identity theft is the second most-common type of fraud in Europe, and 56% of Europeans have experienced at least one type of fraud in the last two years. The statistics show 25% of Europeans exposed to any fraud suffered financial damage, causing a total loss of around €24 billion in two years [6]. Allianz Insurance, detected a record-breaking £65.8m worth of insurance fraud in 2020 from claims farmers, rogue loss assessors and organised crime [7]. 

Security of RPA and AI systems which will have access to critical data is also a significant issue. Distributed Leger Technology (DLT) can secure the end-to-end process across the ecosystem. 

According to IBM’s Cost of a Data Breach 2022 report, data breaches against financial services, which is considered “critical infrastructure,” has an average cost of US$5.97 million, about 75% more than the similar costs for other organizations [8].