Conduct and culture have become a key focus of insurance regulators and governing bodies in recent years. The International Association of Insurance Supervisors (IAIS), a voluntary membership organisation of insurance supervisors and regulators, has highlighted these key areas as part of its 2020 – 2024 Strategic Plan. As part of its plan, the IAIS calls for a more comprehensive approach to conduct risk to be adopted by insurer supervisors; noting that conduct and culture issues within the insurance industry have the potential to lead to financial soundness and stability concerns. Therefore, both conduct and culture should be of utmost importance to insurers. 

Consequently, the IAIS recently released a report on the use of key indicators by its members in assessing insurer conduct. The report is based on a survey of IAIS members conducted between December 2020 and February 2021. It examines members’ current approaches to insurance supervision and challenges faced by members in relation to the use of key indicators when assessing insurer conduct. Key findings from the report are summarised as follows: 

  • Significant challenges for supervisors in assessing insurer conduct risk including: 
    • poor prioritisation of conduct related issues; and 
    • an inability to provide good quality conduct risk data. 
  • Supervisors are introducing new measures as a result of the COVID-19 pandemic addressing: 
    • data collection and conduct reporting processes; and 
    • new governance requirements. 

Following the release of this report the IAIS is developing practical guidance for its members on key indicators used in assessing insurer conduct, which it expects to publish in Q1 2023. This guidance will give supervisors the necessary tools to proactively monitor conduct risks and enable responses to emerging conduct trends and risks in a more timely manner. Therefore, insurers will need to anticipate the guidance, and take the necessary steps to address the supervisors’ concerns as conduct risk comes under increased focus by the regulators. 


The IAIS surveyed approximately 24% of its members (51 authorities) across both developed jurisdictions, and emerging markets and developing economies (EMDE). The IAIS found that the majority of supervisors surveyed have formalised powers and frameworks in place to collect conduct data from both insurers and third parties (such as industry associations, intermediaries, ombudsmen etc.), with most supervisors using a combination of quantitative and qualitative data analysis methodologies.  

Supervisors surveyed also indicated that they collect conduct risk data for a variety of purposes, including: 

  • reactive supervision (e.g. identifying potential misconduct); 
  • preventative supervision (e.g. issuing regulatory guidance and education to insurers); and 
  • proactive supervision (e.g. thematic reviews for early identification of conduct issues). Most supervisors use a combination of these reactive, preventative, and proactive measures when monitoring conduct risk. 

The key findings of the IAIS report are as follows:

  1. Prioritisation of conduct risk: Poor prioritisation of conduct related issues by insurers was identified as the top challenge encountered by supervisors;
  2. Availability and quality of conduct risk data: Insufficient infrastructure leading to insurers’ inability to provide requested data, and poor quality of data received, along with varying interpretations of data requested were all identified as challenges faced by supervisors when interpreting conduct data collected from insurers and third parties;  
  3. Use of data for intervention, education and enforcement: A significant number of supervisors surveyed use conduct data to inform product interventions and consumer education initiatives, in addition to identifying potential misconduct and supporting formal enforcement measures;
  4. The importance of claims and complaints data: Claims and complaints data are key sources of information used by supervisors when assessing insurer conduct risk and outcomes (such as customer experience, quality of service, and quality of advice amongst others), reflecting the maturity and prevalence of these topics within the insurance industry; and 
  5. Use of supervisory technologies: The uptake of supervisory technologies used in conduct supervision is still in a relatively early stage in most jurisdictions.

New measures

The IAIS also collected information relating to conduct data specifically arising from the COVID-19 pandemic. A significant number of supervisors surveyed indicated that they either have no intention to change their approach to conduct supervision, or that they were not yet in a position to determine if such changes are required, as a result of the pandemic. However, a number of supervisors indicated they will be introducing measures as a result of the pandemic, including: 

  • The acceleration of streamlining and digitising of conduct reporting processes; 
  • The introduction of regular collection of financial inclusion data from insurers; and 
  • The introduction of new product governance requirements.

These new measures will help alleviate challenges which supervisors faced during the pandemic, and assist supervisors in maintaining effective oversight of insurer conduct risk. 

Overall, the IAIS report highlights the need for insurers to give due consideration to conduct risk and is indicative of what lies ahead for the insurance industry. Insurers will be expected to invest in their infrastructures, cooperate with supervisors, and embed conduct risk as a key part of their culture to ensure the safeguarding of customers. This is to ensure both that regulatory expectations are met, as well as ensuring the stability and financial soundness of insurers. 

Next steps

In order to assist supervisors proactively monitor conduct risk and enable more timely responses to emerging conduct trends and risks, the IAIS is developing practical guidance for its members on key indicators used in assessing insurer conduct. The IAIS expects to publish this guidance for members in Q1 2023. 

Insurers should prepare for this by asking the following questions of their business: 

  • Is conduct risk and its implications, both regulatory and reputational, given sufficient priority within the business agenda? 
  • Is the required infrastructure to collect and monitor conduct risk data established? 
  • Is the data required to assess conduct risk of sufficient quality? Does it address the right conduct risk metrics and is it collected adequately? 
  • Are the regulators’ requests for information and data relating to conduct risk adequately addressed and sufficiently managed? 

How KPMG can help

With extensive experience in conduct risk, and regulatory support across the financial services sector, including the insurance industry, KPMG is uniquely placed to assist you in the following areas: 

  • Implementation of a Conduct Risk Framework that ensure risks are adequately controlled and recorded; 
  • Guidance on regulatory expectations and industry practice in terms of conduct risk; 
  • Application of our specially designed data-led Risk Assessment Framework to assist in managing conduct risk using quantitative data overlaid with qualitative key performance indicators;
  • Guidance on the most up to date culture practices combining the expertise of our People and Change and Risk Consulting Practices, as well as our culture Subject Matter Experts across our KPMG global network; and
  • Implementation of KPMG’s tried and tested methodologies including KPMG’s Behaviour and Culture toolkit, and four phase approach that have been successfully integrated across multiple organisations and adopted by the Dutch National Bank (DNB).

Get in touch

The pace of change is challenging leaders like never before. To find out more about how KPMG perspectives and fresh thinking can help you focus on what’s next for your business or organisation, please get in touch with our team below. We’d be delighted to hear from you. 

Contact our team

More in Risk