Two Choices for PoPI Compliance in South Africa for Insurers
Despite the headaches that the Protection of Personal Information (PoPI) Act will undoubtedly create in South Africa, there are some potential benefits. Many insurers have a significant number of long-term policyholders who have been largely forgotten, especially considering that insurers have some of the lowest customer-touch levels across all financial services industries verticals. PoPI might be the mandatory nudge that gives insurers the opportunity to re-establish communication with these long-lost souls and start to build a meaningful customer relationship. They can also leverage their renewed connection to sell innovative services, creating new revenue opportunities and re-engaging with customers. After all, it’s a much bigger investment to gain a new customer than it is to expand a relationship with an existing one.
Insurers must comply with PoPI within the designated timescales, but the key question is how do they adapt? Compliance will require a major reworking of their existing software, systems, data management processes, and governance controls to support PoPI compliance.
They can undertake this in one of two ways:
- Adapt Existing Core Insurance Systems and Processes – insurers can make significant changes to their current in-house core software and administrative systems by ‘wrapping’ them with supplemental technologies (such as data passporting) and manual processes. However, this may not necessarily make it easier to prove compliance and will undoubtedly be labour and resource-intensive, and potentially costly. One of the key challenges in this regard will be that as data moves through an insurer’s systems and processes, the PoPI requirements will vary (at the underwriting stage, data may have to be with third parties, such as reinsurers). Understanding, documenting, and controlling the requirements as personal data “moves” through an insurer’s process will be a massive challenge without automation.
- Implement New Digital Platforms – or they can implement a new, up-to-date policy administration system (PAS) and digital customer engagement technology, with automated compliance. This approach will provide the option of full digital transformation, potentially touching every area of their business. This will include unearthing new business opportunities, providing a unique customer experience, benefiting from robo-advice, cutting operational costs through automation, reducing headcount, and more.
As previously mentioned, insurers will have to adapt their core administrative and CRM systems and processes for PoPI compliance in one of two ways. The first approach is for insurers to use in-house or outsourced IT professionals to adapt their current core and data systems for compliance. This is not necessarily a quick fix and could easily cost major insurers millions, with no guarantee of success. The second approach is preferrable for most insurers…
Read more about Sapiens’ insurance software and related Sapiens’ solutions.