Gears with trackers


Extended enterprise risk management for insurance companies

COVID-19’s impact on the third-party service provider landscape

As COVID-19 continues to affect business operations, what extended enterprise risks are emerging in the insurance industry? Explore steps to help insurance companies manage expanding third-party risks, enhance performance, and reduce costs.

Responding to COVID-19 today to build an improved extended enterprise

The COVID-19 pandemic has had an unprecedented impact on organizations. Business operations in the insurance sector have needed to adapt to changes in the workforce, use new tools and technologies, and find new ways of interacting with their extended enterprise. Insurance organizations are dependent on a variety of critical service providers to operate successfully. And while the need for understanding and managing the risks of outsourcing critical services isn’t new, operating in the COVID-19 environment has amplified these risks, presenting new challenges in achieving resiliency.

More specifically, COVID-19 has heightened existing or, in some cases, introduced new emerging risks in the insurance industry across domains (such as business continuity and resiliency, financial health, and cybersecurity), which can lead to increased exposures within the extended enterprise. For instance, many firms have rapidly adapted their operations and business continuity plans to cope with a new way of working and, in certain situations, an overwhelming volume of issues.

This evolution in the third-party ecosystem requires a refreshed approach to enterprise risk management for insurance companies, including oversight techniques to effectively and efficiently 1) manage risk, 2) enhance performance, and 3) reduce costs.

Insurers face array of emerging third-party risks

Read related article

Prioritizing types of risk in the insurance industry

Organizations should focus on evolving risks within the extended enterprise (such as third-party service provider risks) that have been amplified as a result of the COVID-19 pandemic and the dynamic fluidity of the current environment.

  • Resiliency – Depleted and disconnected resources adjusting to a more distributed working environment, potentially leading to greater difficulty in maintaining operational resiliency and opportunities for control compromises and undetected fraud
  • Financial health – Market volatility, difficulty collecting payments, and cash flow challenges may affect operational stability
  • Technology – Hastily implemented technologies and increased use of new or unmanaged tools may lack sufficient performance capabilities and security controls to protect data
  • Regulatory – Shifts in operating models to address the changing environment may affect the ability to meet service obligations and related regulatory compliance requirements
  • Fourth-party or subcontractor – Service providers’ increased dependency on their own third parties elevates vulnerability due to lack of transparency

In order to identify the most important risks to the organization, start by understanding the top issues associated with each of your critical third-party service providers. Then, utilize a detailed action plan targeted at addressing these specific challenges in your extended enterprise in order to move from responding to recovering, to ultimately thriving in this disruptive environment.

Impact on third-party service providers

Prior to taking any immediate actions, it is imperative to understand how COVID-19 has affected your most critical third-party service providers and, ultimately, how their business operations could—in turn—affect your business.

Get ready: A checklist to start taking action and address COVID-19 immediately

Begin to thrive: Innovative techniques designed to help identify and manage risk in the insurance industry

Get in touch

For more information, please contact:

Jordan Kuperschmid
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 973 602 5040
Jonathan Rizzo
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 212 436 3709
Kevin Gallagher
Managing Director
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 212 436 6072
Suzanne Denton
Managing Director
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 212 436 7601

Fullwidth SCC. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

Insert Custom CSS fragment. Do not delete! This box/component contains code needed on this page. This message will not be visible when page is activated.

Did you find this useful?