Doreen Evans Associates assisted in documenting business processes and integrating risks and controls into documentation for Sarbanes-Oxley compliance and training.
A Fortune 500 financial services firm which operates two primary businesses: asset accumulation and risk management. Within the risk management business, the principal line of business is property and casualty insurance with over $2 billion in written premiums. Asset accumulation is a closed block of business consisting primarily of variable annuities and life insurance, with $14 billion in assets. The company employs over 7,000 worldwide.
The Life Insurance and Annuity lines of business at this company are closed books of business. However, the company management team needed to conserve the current business, keep staff motivated, retain institutional knowledge of subject matter experts, update business process documentation, and create training materials to ensure they would not be dependent on specific key staff.
In addition to documenting processes, the Business Operations group needed to document internal controls for financial reporting for compliance with Sarbanes-Oxley. A large spreadsheet was created, which included items such as function, risk, mitigating control, control objective, control frequency, performer of the control, etc. However, there was no way to identify where the risks existed in the business processes and the mitigating controls for these risks.
The project objectives were to document current processes for training purposes, create detailed documentation to support Sarbanes-Oxley Act compliance reporting, identify common processes between Claims and Inforce personnel, and document opportunities for improvement. The project encompassed Life Insurance Death Claims, Annuity Death Claims and Annuitization functional business areas.
DEA worked with the client to document the key processes and process components. The Process Flow Maps included the business events which started the process, the process steps performed, the roles which performed the process, the decisions made while performing the process steps, delays incurred in the process, system interfaces and the result(s) of the process. System Architect, a repository based modeling tool, was utilized to manage and store the process information. Customizations made by DEA to the tool allowed the team to annotate the process maps with opportunities for improvement and to show where financial risks existed, along with the controls that were put in place to mitigate the risks. The documentation ensured the company would meet Sarbanes-Oxley compliance regulations.
| © Doreen Evans Associates, Inc. 31 St. James Avenue, Suite 210 Boston, MA 02116 |
(617) 482-4444 |