1.       Re-use, buy or build - When taking sales to the digital marketplace, the decision is often made to try to build the sales channel from the front end backwards. Technology teams & vendors will often see this as their opportunity to play with the newest toys. Certainly companies should not fear technology but adoption should be managed within a considered re-use, buy or build strategy.

Firstly, investigate if you can re-use components of existing technology. If you’ve already got it within the organisation, you can maximise utilisation while reducing risk.

If you can’t re-use, then look to see if someone else has already built it. Other buyers will have already taken the teething pain for you.

If you can’t re-use and nobody has already built it, then invest in a work program that keeps the business expectation & technology teams aligned.

2.       Back-end & Front-end alignment - Many back-end systems still used by the Insurance industry can be likened to the British Monarchy, gamely trying but struggling to adapt to the world changing around them. Whatever online technology & features you use, they should be kept in line with technology debt you have already invested in your back-end systems. In short, don’t let the front-end online technology write cheques the back end can’t handle.

3.       Strategic regularity - Technology moves quickly, a technology you chose 3 years ago may be superseded in no time at all. Therefore it’s important that you evaluate your technology strategy regularly. That’s not to say you should jump on the bandwagon of every new technological development but cherry pick the breakthroughs which fit your long-term goals.

Make sure it’s user friendly for you & your customers

1.       Triage before you sell - Face to face selling utilises the skills of the broker to identify the right products for the customer through asking the right questions, listening & experience. This ability to evaluate is diminished when brokering on-line. Many sites lay out products for the customer, asking them to use their own skills to identify the right product for them. Try to replicate the broker experience in an automated Q&A triage before asking the customer to complete risk assessment forms.

2.       Don’t speak Martian - Insurance professionals suffer with terminology which isn’t always easy to follow for the on-line buyer. This trait is magnified when written down. If you use language which customers find confusing, then they are likely to feel they are being deliberately bamboozled. Asking customers to comprehend a 20 page product disclosure statement as their only source of truth is foreboding . Wherever possible, keep the language simple to understand & offer advice routes where possible.

3.       Keep all lines open - Give some thought to integrating Internet video conferencing capability like Skype, with your on-line site to ensure instant advice is always available to customer. This can help remove the waiting for call centres to re-route & provides immediate face-to-face interaction for customers. Users can choose from a list of specialist advisors, who’s availability is exposed to the user via a graphical interface.  Multiple advisors can be brought in & out of conference depending on the need whilst documents may be passed between the parties speeding up dialogue.

4.       Get your game face on - The online world is populated by gamers and ‘Gamification’ is the use of game mechanics in a non game context to engage users. It’s a simple concept of competition, recognition & reward.  UK telematics  auto insurer ‘Insure the Box’ is a great example where customers are rewarded for safe driving miles & retail interaction. On-line users like nothing better than to ‘level up’, especially if they are rewarded for it.

Go beyond the web-site

1.       Be mobile - It goes without saying that your on-line site needs to be mobile ready, but don’t stop there when considering on-line sales tools. At the recent ‘FST Technology Innovation – Future of Insurance’ conference it was stated that 51% of mobile phone users never go more than 1 hour without using their mobile device. Also, 70% are never more than 1 meter away from their smartphone at any-time. Add this to fact, on average Australians have downloaded 28 apps on their mobile device (Our mobile planet: Australia – understanding the mobile consumer’ report) & we can see why mobile apps are so useful for brand awareness & marketing tools.  NRMA’s Insurance car park challenge app is a great example of a mobile application which became popular & promoted sensible driving standards whilst increasing NRMA’s brand awareness.

2.       Facing up to your customers - The insurance industry’s use of social media sites such as facebook & twitter is improving but some insurance companies are still struggling to comprehend its true benefits. Many make the mistake of assuming these sites are a public announcement system. However, what these sites are proving to be is an opportunity to address public relations both positive and negative. It’s been said that it is 5 times harder to win a new customer than retain an old one, but a negative customer experience can cost you both existing & future clients. Manage it poorly and it could become viral.

One of the most important concepts when defining business requirements is making sure the requirement is unambiguous, this will ensure that 2 of the 4 “C” are met – Clear and Complete. Ambiguity in requirements leads to many problems. how can an accurate cost by provided to deliver that requirement, how can the technical staff deliver a solution that meets the requirement, how can testing know whether or not the test case they have created is correct and relevant.

Take the requirement below:

“The screen shall capture Customer data” – as a developer/tester or even a stakeholder you know that this requirement is incomplete and ambiguous.

So let’s break it down into its problems.

1) “The Screen” – what screen? If you have done the work to identify that Customer data is required, clearly you know what screen it is required on. Even if it is a new system grouping screens may assist in the design.

2) “Capture” – what is capture? Is a user going to enter this data, will it populated from another source?

3) “Customer data” – again what is Customer data – do I need to include medical data, or just name and date of birth?

As you can see a simple one line requirement can be read and hence delivered incorrectly against the true business requirement.

Now think of the current world we live in, and try to deliver projects in. If a developer with little to no understanding of the business gets hold of ambiguous requirements, you could end up with anything. I love overhearing, “That’s not what I meant”, “Or they don’t understand how it works”. If you are working in one of these situations the business requirements need to be detailed and clear enough to overcome this problem.

One of the smartest tactics you can use to check off your requirements is provide them to a tester to review. If a tester can’t understand your requirements, how will anyone else? If you leave the ambiguity in your requirements, the punishment will only be felt later on. In the analysis phase the cost of clearing up a requirement is only that of performing more analysis, as the project moves later and later into delivery the cost of ambiguous requirements grows exponentially. Usually it isn’t until the end user sees the outcome that the inevitable “That’s not what I asked for” comment will arise.

The audience of the requirements is always important when drafting requirements, think not just of the people you want sign off from, think of the developer and technical team who may need to deliver the solution, think of the test team who will be required to develop test cases and scenarios based on the document and think of yourself – all you are doing is delaying the inevitable. It will still likely be your responsibility later on to create the complete business requirement, and as we are all aware as projects progress through the phases time gets tighter and decisions get worse. If you draft clear and complete requirements the argument about quality and time should not come into play.

Below are a list of the 5 words and phrases that should be avoided (whilst there are many more, this is a good start to set you on the path for delivering high quality requirements)

“Sometimes” – In what scenario will this sometimes happen? In what scenario would this sometimes not happen?

“All” – All is just a BA being lazy – if you have done your analysis properly “All” should be more descriptive. It’s funny how many times “all” is not actually correct.

“Optimise” – Project Buzz word – just like “Enhance” and “Improve” – requirements using these terms are difficult to quantify. What is an improvement? This improvement can be quantified in the performance section in the Non-Functional Requirements.

“Daily” – Does this include Saturday and Sunday – what about holidays?

“The field” – what field? The field has a name or at least its function should be quantifiable. Is it a field that the user enters the Customer’s date of birth?

To counteract this we designed a simple MS Word macro that looks through the requirements looking for these type of words. It’s not perfect but it does give a good indication on how clear and concise your requirements are.

Removing ambiguity may mean your analysis phase takes a little longer, it may mean that your requirements documents are longer but the project as a whole will receive the benefits of quality and the time spent in analysis will be paid back in development and the future phases.

In 2004 Visa, MasterCard and American Express did just this by creating the Payment Card Industry Data Security Standards (PCI-DSS), this requires companies meet a minimum set of standards when storing, processing or transmitting Credit Card details. That minimum set of standards is currently 211 questions, all of which you have to say yes too. That’s right just like all compliance its 100% compliant or failure. Compliance is achieved when a Qualified Security Assessor (QSA) deems you to be compliant.

We have recently seen a number of high profile attacks where personal details were compromised. The best case is the Sony attack in 2011 where 77 million users were affected.

There are penalties for companies who are non-compliant ranging from monetary fines to the loss of the ability to transact Credit Card payments not to mention the reputational impact.

PCI-DSS initiative is driven by through the banks in Australia, so the next time you meet with your client services manager expect them to bring this up.

Below will detail one method that 3CA successfully used recently at a large Australian insurer to become PCI-DSS compliant. This method is about outsourcing the risk.

Firstly 3CA had to identify all channels where a Credit Card entered, exited or traversed through the business. As you could imagine there were Credit Cards in files, emails, faxes, mail, even on pieces of paper written down by the Call Centre agents. All of these processes required remediation. But the first question had to be what to do with the Credit Cards since our goal was to eliminate the storage of Credit Cards in the business whilst also still accepting payments using Credit Cards.

The business was initially sceptical and resistant to the idea that they would not be able to see the full Credit Card number. After proof the processes identified could still remain without the need for the Credit Card number the business began to buy in and the talk of “I can’t do my job without the Credit Card” dissipated.

The tokenisation approach was adopted. This is a process where the Credit Card is passed to a tokenisation provider who stores the Credit Card for you and passes you back a token which is basically a reference to the Credit Card. So this number doesn’t mean anything to anyone in the outside world. The existing tokenisation providers offer a number of ways to transform the Credit Card into tokens, through webservices, bulk file uploads and tokenisation websites hosted by them. Each of these techniques were used as part of the project.

The next problem faced was what to do with Credit Card numbers entering the business. The benefit for the Insurer was they had already outsourced the mail sorting process to a 3^rd party who were working towards their own PCI-DSS compliance. This meant that the Insurer could use the technology on offer from the tokenisation providers for them to tokenise the Credit Card on all paper material. The mail house also offered a redaction service which was used to mask the Credit Card PAN. This meant all mail was now remediated.  Faxes were re-directed to the mail house at the phone exchange layer to prevent any faxed Credit Card numbers enter the business. The mail house followed the same process as the mail in terms of tokenisation and redaction.

This left us with 3 areas of concern:

Email – Part of the problem with email is unless the entire email is re-directed to the mail house, there would be need to build some level of email rules. This is a service most email filtering providers such as Websense offer but the capabilities are somewhat limited as these only recognised typed text. Keep this in mind when you look at email re-direction.

Call Recording – There were a number of options on the table, using an IVR, stopping the recording of calls and Pausing calls when the Credit Card number was mentioned. The option taken as it was seen as less impact to the Customer and hence a better Customer experience was to use the pausing of the recordings when the Credit Card number is being mentioned. This option does have its limitations in that it is reliant on the Call Centre agents the ability to control the conversation to know when the Credit Card number will be mentioned was difficult to say the least. Think of a person ringing up with a complaint “I have a charged on my Credit Card 5353…….”.

The final hurdle which was the most difficult is the changes to behaviour. All the technological solutions in the world can’t stop the person from writing the Credit Card number on a piece of paper. This is why PCI-DSS should not be considered a technology project alone. The impacts on the business can be higher and a failure to manage the changes in behaviour will lead you to fail PCI-DSS compliance. Strong controls were required to be documented and implemented in the scenario where a Credit Card number entered the business.

There are of course a number of other ways to achieve PCI-DSS compliance.  This is just one way that was considered successful by both the business and the QSA.

Separate insurance contracts (i.e. insurance policies not bundled with loans or other kinds of contracts) were invented in Genoa in the 14th century. The first such contract dating from 1347 is a form of marine insurance indicating a clear risk evaluation approach taking into account cargo values, routes and voyage dates. This was the primitive start of modern underwriting.

Underwriting was to become more sophisticated but not until post-renaissance times. It was toward the end of the 17th century and London’s growing importance as a centre for trade increased demand for marine insurance when underwriting took a firm grip of insurance practice.  In the late 1680s, Mr. Edward Lloyd opened a coffee house that became a popular haunt of ship owners, merchants, and ships’ captains, and thereby a reliable source of the latest shipping news. It became the meeting place for parties wishing to insure cargoes and ships, and those willing to underwrite such ventures. Today, Lloyd’s of London remains the leading market (note that it is not an insurance company) for marine and other specialist types of insurance.

At this stage much of the insurance market revolved around marine insurance but all that was about to change. It was London again which caused this evolution but this time in rather deadly circumstances. 1666 the ‘Great fire of London’ devoured 13,200 houses & the homes of 70,000 of London’s 80,000 inhabitants. This disaster caused Nicholas Barbon to establish the first Home & Contents insurance company paying benefits in case such a tragedy happened again. This company was named the Fire Office. Part of the paid for service was to offer the extinguishing of fires to insured homes. The company went on to be the foundation of today’s public funded UK Fire Brigade.

By 1693, the first mortality table was created using Pascal’s triangle and modern life insurance soon followed. European insurers thrived in the ensuing market but it was the colonies and their associated risks to living in them that matured the market to its present standing. Join us next time when we discover how the impact of colonial religion, slave trading & the invention of the motor car brought a modernisation to insurance.

The ancient world was a risky place.  Especially if you were a merchant and you were transporting goods. So risky in fact that one of the world’s biggest financing concepts was initiated to combat it. In 1750 BC the Babylonians developed a system which was recorded in the famous Code of Hammurabi and practiced by early Mediterranean merchants. If they received a loan to fund a shipment, the merchant would pay the lender an additional sum in exchange for the lender’s guarantee to cancel the loan should the shipment be stolen.

It was sometime later and in different empire altogether that the idea of personal insurance started to form.  Beginning around 550 BC at the time of the First Persian Empire, an insurance tradition was performed at the beginning of the Iranian New Year. The people presented gifts to the monarch. The presents were assessed by the confidants of the court. If a gift was deemed worth more than 10,000 Derrik (Persian gold coins) it would be registered in a special office. The purpose of registering was that whenever the person who presented the gift registered by the court was in trouble, the monarch and the court would help him. An ancient Persian scribe recorded at the time ‘Whenever the owner of the present is in trouble or wants to construct a building, set up a feast, have his children married, etc. the one in charge of this in the court would check the registration. If the registered amount exceeded 10,000 Derrik, he or she would receive an amount of twice as much.’

Of course, no historical piece could ever be written without mention of the Greeks and Romans. It was they who introduced the origins of health and life insurance when they created guilds called “benevolent societies” which cared for the families of deceased members, as well as paying funeral expenses of members.

Next time we will look at how the Great Fire of London led to a modernisation of insurance practice & how a coffee shop owner gave birth to the unique skill of underwriting.

Here at 3CA, we of course left no stone unturned in investigating the following insurance related statistics.  Our teams worked diligently into the night, pawing over page after page of historical records to ensure each fact stood up to the rigours of our scrutiny. We traced back each case, personally visiting many of the claimants. Verification was sought with medical centres, governmental authorities, the world health organisation, APRA, ASIC and the girl from the AAMI advert, just so you can be sure these stats can be relied on …ok, we looked on the internet for a while.

It’s said that most accidents happen at home, so let’s start with claims made in relation to accidents with household items. In Australia, last year alone, 8 people were injured by placemats, 13 sustained sauce bottle injuries, 5 were wounded by dustpans, 8 suffered as a result of a breadbin accident, 5 were hurt by sieves, 14 fell afoul of a serving trolley, 17 were treated for injuries caused by a draught excluder, 476 people were injured while on the toilet and 11 people were hurt putting their underwear on. The statistics around how many claimants were drunk and how many were engaging in ‘adult’ experimentation is as yet unknown.

How about some life insurance statistics? For the more nervous amongst you, here are some mortal odds to ponder on.  1 in 30 million people have a chance of dying by being murdered. The risk of choking to death is 1 in 120 million, and the risk of dying by tea cosy is 1 in 20 billion. There is, however, a 1 in 257,000 chance of you dying today, while reading this blog. For some perspective, you’re fifty times more likely to die in the next 10 minutes than you are to win the lottery.

Where oh where can I find statistics on toilet related injuries I hear you ask? You didn’t? Well here they are anyway. Roughly 43000 injuries caused by toilets were reported in the US last year. The total of deaths caused by toilets since records began? 2200, roughly the same as the amount of people killed by sharks.

Ok, a less dark topic?  Nearly, what’s the most dangerous sporting activity for women? Well it’s probably Russian roulette, but we’ll stay in the realm on legal sporting activities for now. Athletics? Female boxing? Judo? Rock climbing? Actually no, it is high school cheerleading that has accounted for 65.1 percent of all catastrophic sports injuries among high school females over the past 25 years, according to an annual report released Monday by the National Centre for Catastrophic Sports Injury Research. It’s seen a rise in insurers offering specialised products covering this unique activity. So constant reader, take a look at the following clips of some cheerleading related fails & please let us know of any strange claims you’ve come across…names should be changed to protect the stupid.

http://www.youtube.com/watch?v=oFCA2gIbe6E&feature=related

It might be argued that in some industries, documented methodology structure alone is enough to keep a project on the straight and narrow, but industries with a large cast of actors need significantly more attention to detail in the requirement gathering phase to ensure critical impacts are not left unnoticed.

There can be no doubt that within the multi-faceted world of both life and general insurance, the cast of roles can often run into hundreds. From customers to brokers, contact centres to claim handlers, financial accounting to data analysts, IT support staff to mail houses, underwriters to customer retention teams, the number and complexity of processes and relationships that make up a typical insurance company can feel nigh on impossible to keep on top of. Without tight requirements, scope-creep and change requests, the very real enemies of project delivery, are only a budget breaking discussion away.

Some methodologies such as Agile & Scrum, accept that change is inevitable and use strategies to anticipate their consequences. They attempt to mitigate risk by delivering working software frequently through a reliance on face-to-face communication, closely working with customers, and keeping designs simple. Such methodologies work best when customers have dedicated project resource and the size of the team is small. However, even then, more value is placed on the planning process than on documentation. In many cases analysts never complete requirements documentation and changes are made on verbal agreements.

More standard SDLC’s such as waterfall have less adaptability to change. They require robust requirement gathering workshops and are often based upon isolated departmental views. Although documentation is more thorough, the experience can be draining on clients as they interview, review, change & have little manoeuvre for unforseen issues.

That is not to say that such methodologies are of no use to insurance projects. What they require is solid practice and technique’s tailored to the specific industry they are being deployed for.
The practice methodology needs to check many boxes to truly be the definable difference between a success and failure. It should:
• Be adaptable to any type of project execution methodology, be it the Waterfall, Agile, Scrum, XP, Crystal, Lean Development, ADS or company specific project execution frameworks.
• Deploy an error free mechanism to ensure no business unit impact is left undiscovered
• Supply traceable requirements that can be identified through all phases of the project
• Define clear business ownership
• Reduce and make optimum use of business time
• Provide the business an insight to the effects of their requirements on other departments
• Nurture an democratic solution choice based on project criteria
• Provide a sustainable picture of processes to be used for future projects

All this requires an in depth knowledge of the typical insurance business teams and practices. It must have insurance specific requirement gathering tools that are simple for the business team to use and understand. And it requires a simple, step by step, repeatable process so that the quality of the requirements never falters.

The team at 3CA have developed a set of practices and techniques designed to do all of the above. It’s simply called 3CAP. Every 3CA consultant is trained in it and what is even better is they are willing to share it with you. Whether you’ve engaged 3CA to deliver your whole project, just the requirements, or need one or two additional experts to supplement your existing team, they will share the practice with you. So yes, methodologies really can work for insurance projects, providing you’ve got the know-how, and that’s exactly what you get with 3CAP.

Make sure you keep an eye out for our next insight, which will be an irreverent look into the world of insurance claims and why you have a better chance of injuring yourself putting on your pants, than you do bungee jumping!

We will stay on top of the ever evolving technical & business practice changes taking place in all aspects of the insurance market and give you some of the benefit of our experience and research. The blog will also be a great source for the latest and best insurance related white papers, software product reviews and setting the benchmark as an insurance knowledge portal.

Written by 3CA’s very own principal consultants, whose expertise in insurance projects scans three decades. We will bring you insights based on our transformation practice in all manner of insurance business lines from life to pet insurance, travel to motor insurance, home & contents to consumer credit insurance, marine to health insurance….in fact I’m not sure we’ve found a line of business one of our consultants hasn’t encountered over the years.

3CA technical experts will keep you abreast of the technical revolution that’s taking place across the market, with ideas on E-commerce trends, the digital customer experience and how to make social media work for your insurance brand and products.

Our project governance guru’s will show you some new ideas on how to ensure your project dollar goes further and stays safe. They will provide a detailed look at traditional & radical project execution framework’s and outline how to determine whether they are right for your insurance project needs. By the way if you haven’t already, you really should check out 3CAP, the insurance specific methodology practice which works with any project execution framework. It’s already making quite a difference to the way successful insurance transformation projects are being run.

Please let us know if there are any subjects you’d like to know more about or would like us to feature. We always want to make sure we cover every angle for you.

And we promise you this, by following us we will make you look at the insurance industry in a whole new way.