Insurance Master Data

Premium CycleP&C

COSO
Component

Control
Activities

Cycle

Premiums

Control
Activities

Premiums

Control
Activities

Premiums

Transaction
Process

Control Objective

Billing

Premium receivable information

from the policy administration
system are recorded in the billing
system(s) completely, accurately
and in a timely basis.

C, A

Control
Objective
Category
(C/FR/O)

FR

Billing

Billings accurately reflect all

amounts due from intermediaries
and insureds according to policy
records.

A, V, R

FR

Billing

Billings are correctly issued in the

appropriate financial period.

FR

C, A, V

FR

A, V

FR

Control
Activities

Premiums

Billing

Billings performed by third party

administrators are processed
completely, accurately and in a
timely fashion.

Control
Activities

Premiums

Billing

Premium invoices are supported

by the billing file.

7/31/2016

Control
Objective
Control
Type
(CAVR)

Risk

Point of
Focus
Control
Type
(CAVR)

Point of Focus

Transactions recorded in the policy Reconciliations are performed between all sources of
administration system do not premium receivable transactions, including automated
update the billing system(s)
balancing routines for interfaces between respective
completely, accurately or in a
policy administration system(s) and policy
timely basis.
administration system(s).

C, A

Billing system calculates of premium receivable reflects

all authorized premium adjustments (e.g. return
Billings are inaccurately
premiums, cancellations, and endorsements), policy
calculated, do not accurately
charges and fees. The billing system performs edits
reflect authorized premiums
and validations on premium receivable data such as
adjustments or manual errors arise
A, V, R
verification of billing address and policy details to the
in the billing preparation process
policy administration policy file prior issuance of the
resulting in inaccurate invoice
invoice. All adjustments and manual calculations of
preparation.
premium receivables are reviewed by independent
personnel.
Bills are not processed timely or
Automated billing runs exclude prepaid premiums
duplicate bills are issued to
C
already received and are reconciled to mailing logs.
intermediaries or insureds.
Billing by intermediaries may not
Management reviews billing reports (e.g. written
be processed correctly or may
premium summary listings) to ensure timeliness and
C, A, V
result in delays in receiving and quality of premium receivable data received received
recording data from intermediaries.
from intermediaries.
Principal sources of information needed to prepare
Billing files are not effectively
premium billing are communicated to all parties
documented to support premium
A, V
involved in premium billing preparation and
receivable balances invoiced.
documented within the billing file.

Page 1 of 9

Insurance Master Data

Premium CycleP&C

COSO
Component

Control
Activities

Cycle

Premiums

Transaction
Process

Billing

Control Objective

Control
Objective
Control
Type
(CAVR)

Billing policies and procedures are

documented and communicated to C, A, V, R
all billing personnel.

Control
Objective
Category
(C/FR/O)
FR

Risk

Point of
Focus
Control
Type
(CAVR)

Point of Focus

Billing policies and procedures

Billing policies and procedures are effectively
have not been effectively
communicated and readily accessible by personnel and C, A, V, R
communicated to a premium billing
management responsible for premium billing.
personnel.
Fraudulent billing activity results in
Segregation of duties is enforced between those
invoices not being issued for valid
authorized to modify billing master file data and
R
amounts due from intermediaries
personnel issuing bills.
and insureds.
Intermediaries access to the billing system is restricted
Intermediaries process
and access levels reviewed periodically by an
R
unauthorized billing transactions
appropriate official.
Delays in receiving policy data Incomplete data submissions from intermediaries are
from intermediaries results in
isolated and rejected prior to input into the billing
C
billing delays.
system.
Reconciliation is performed over amounts invoiced
Amounts due from policyholders
between the billing, policy administration system and
C, A
are not billed.
financial ledger.
Errors in the billing run result in Automated balancing routines within batch processing
A
incomplete of inaccurate invoicing. ensures that invoices are issued for all policies in-force.

Billing

Effective segregation of duty is

maintained over the billing
function.

FR

Premiums

Billing

Programmed controls restrict third

party access to Company records.

FR

Control
Activities

Premiums

Billing

All relevant data required to issues

bills is available on a timely basis

FR

Control
Activities

Premiums

Billing

Invoices are issued for all amounts

due form policyholders.

C, A

FR

Control
Activities

Premiums

Billing

Invoices are issued for all amounts

due form policyholders.

FR

Control
Activities

Premiums

Billing

Effective segregation of duty is

maintained over the billing
function.

FR

Fraudulent data entry understates

billing activity for the purpose of
misappropriating cash receipts.

Control
Activities

Payments are completely and

Payment
accurately applied to policies in
Premiums Application and
force and recorded in the proper
Collection
period.

FR

Cash received from intermediaries

All cash receipts are logged and recorded in the cash
or insureds is not completely and
sub ledger on a timely basis and supported by
accurately applied to premium
remittance advices
receivable.

Control
Activities

Premiums

Control
Activities

7/31/2016

C, A

Segregation of duties is enforced between invoicing

and premium collection.

C, A

Page 2 of 9

Insurance Master Data

Premium CycleP&C

COSO
Component

Control
Activities

Cycle

Transaction
Process

Control Objective

Payment
Receivables listing represents a
Premiums Application and complete and accurate record of
Collection
outstanding premiums.

Control
Objective
Control
Type
(CAVR)
C, A

Control
Objective
Category
(C/FR/O)

Risk

Point of Focus

Point of
Focus
Control
Type
(CAVR)

FR

The billing system is not updated

to reflect cash receipts, resulting in
the overstatement of receivables.

The cash sub ledger is reconciled to the General

Ledger and billing system.

C, A

Control
Activities

Payment
Cash receipts are allocated
Premiums Application and
against polices on a timely basis
Collection

C, A, V

FR

Control
Activities

Payment
Credit control activities identify and
Premiums Application and
monitor delinquent accounts
Collection

FR

Control
Activities

Payment
Premiums Application and
Collection

C, A

FR

V, R

FR

FR

Control
Activities
Control
Activities

7/31/2016

Premiums paid equal amounts

billed and recorded by
intermediaries.

Payment
Management reviews nonPremiums Application and
standard cash application
Collection
transactions
Payment
Cash receipts are appropriately
Premiums Application and
safeguarded upon receipt.
Collection

Payments received cannot be

matched against premiums due Cash is matched and applied to specific invoices with
resulting in the misallocation
unallocated cash suspense accounts being cleared on
C, A, V
between cash assets and
a timely basis and the reconciliation reviewed by
receivables for financial
appropriate management.
statements disclosures.
Delinquent accounts are identified through monthly
aging analysis (by intermediary and insured) and the
Premiums due are not collectible.
V
need for monitored for bad debt allowance or
termination monitored by credit controllers.
Amounts due from intermediaries,
reflecting premiums paid and
Receipts from intermediaries are reconciled to
applied against receivables, is not
C, A
accompanying bordereaux statements.
completely and accurately passed
on to the Company.
Misappropriation of cash receipts
All adjustments to amounts due and collected are
due to fraudulent or errant
V, R
approved by independent personnel.
adjustments to receivables.
Misappropriation of cash assets.

Cash receipts are securely stored, restrively endorsed

and access restricted to authorized personnel only.

Page 3 of 9

Insurance Master Data

Premium CycleP&C

COSO
Component

Cycle

Transaction
Process

Control Objective

Control
Objective
Control
Type
(CAVR)

Control
Objective
Category
(C/FR/O)

Control
Activities

Premium
Recognition/
Written premium transactions are
Premiums Premium Audits
recorded in the proper period.
Experience
Rating

C, A

FR

Control
Activities

Premium
Premiums are recognized as
Recognition/
revenue over the period of the
Premiums Premium Audits contract in proportion to the
Experience
amount of insurance protection
Rating
provided.

FR

Control
Activities

Control
Activities

7/31/2016

Premium
Recognition/ The unearned premium reserve is
Premiums Premium Audits
adjusted for reinsurance or
Experience
premium adjustments.
Rating
Premium
Recognition/ Premium audits are performed to
Premiums Premium Audits assess the accuracy and validity of
Experience
earned premium.
Rating

A, V

A, V

Risk

Point of
Focus
Control
Type
(CAVR)

Point of Focus

Formal period end cut-off procedures are established

and communicated to underwriting/financial personnel,
and adherence monitored by an appropriate official.
Prepaid premiums relating to the current period are
Incorrect gross and net written recognised as earned, and additional prepaid amounts
premiums recorded for the period. recorded as unearned premiums. The policy/premium
administration systems calculate written premium using
the inception and expiration dates of the insurance risk
assumed rather than the date the transaction was
recorded.
Underwriters establish an earning profile for each line
of business to appropriately reflect the nature of the risk
Earned/unearned premium does
insured, and compliance with applicable local/overseas
not approximate the portion of
regulations. The policy administration system performs
written premiums relating to the
automated calculations of earned premium by line of
period of expired/unexpired risk.
business. Any manual intervention is reviewed by
independent personnel.

C, A

FR

Unearned premium calculations are performed using

Incorrect amounts of unearned
current written premium data recorded in the policy
premium recorded in the financial
administration system and premium sub ledgers, which
ledger.
incorporate retrospective and late premium adjustments

A, V

FR

Earned premiums are not

Renewal premiums are accurately calculated using
accurately recorded due to
authorized premium rates and adjusted upon
validation through a premium audit completion of premium audits as applicable for the
function.
respective line of business.

A, V

Page 4 of 9

Insurance Master Data

Premium CycleP&C

COSO
Component

Monitoring

Monitoring

Monitoring

Control
Activities

Control
Activities

7/31/2016

Cycle

Transaction
Process

Premium
Recognition/
Premiums Premium Audits
Experience
Rating
Premium
Recognition/
Premiums Premium Audits
Experience
Rating

Control Objective

Control
Objective
Control
Type
(CAVR)

Control
Objective
Category
(C/FR/O)

Risk

Point of Focus

Premium audits are performed

accurately and on a timely basis.

A, V

FR

Earned premiums are not

accurately recorded due to lack of
effective premium audit function.

Management monitors the quality and timeliness of

completion of premium audits, including the timely
processing of voluntary audits.

Management monitors and tests

C, A, V, R
the internal control environment.

FR

Premium
Management monitors and tests
Recognition/
the internal control environment
Premiums Premium Audits
C, A, V, R
operated by third party service
Experience
providers.
Rating

FR

Premiums

The Companys records reflect the

Allowance for
amount of premiums due expected
Uncollectible
to be recoverable under insurance
Premiums
contract.

Premiums

Allowance for
Uncollectible
Premiums

Consistent treatment of doubtful

debts by third party service
providers.

Point of
Focus
Control
Type
(CAVR)

Internal control weaknesses result

Internal Audit (where applicable) involvement in the
in the fraudulent, invalid,
selection, planning and execution of premium audits.
inaccurate and incomplete
C, A, V, R
Findings are formally documented and issued to senior
recording of premium activity in the
management.
Companys record.
Internal control weaknesses at
third party service providers result
Formalized review of the control environments operated
in the fraudulent, invalid,
by MGAs and TPAs. All material service providers are C, A, V, R
inaccurate and incomplete
selected at least on a rotational basis.
recording of premium activity in the
Companys record.

FR

Unidentified delinquent accounts

Overdue premiums are compared to policy terms and
exist without any allowance for
cancellation notices issued where required.
doubtful debts being established.

FR

Third party service providers do

not monitor premium collection Intermediaries are advised of delinquent accounts on a
activity and fail to identify
timely basis and initiate collection procedures in
delinquent accounts on a timely accordance with the Companys credit control policy.
basis

Page 5 of 9

Insurance Master Data

Premium CycleP&C

COSO
Component

Cycle

Transaction
Process

Allowance for Effective credit control procedures

Uncollectible mitigate the risk of uncollectible
Premiums
premiums

Control
Activities

Premiums

Control
Activities

Premiums

Control
Activities

Premiums

Control
Activities

Premiums

Control
Activities

Premiums

Control
Activities

Premiums

Transaction
Recording

Control
Activities

Premiums

Control
Activities

Premiums

7/31/2016

Control Objective

Control
Objective
Control
Type
(CAVR)

Control
Objective
Category
(C/FR/O)

FR

FR

FR

C, A

FR

FR

C, A

FR

Transaction
Only valid transactions are
Recording recorded in the underlying records.

FR

Transaction
Only valid transactions are
Recording recorded in the underlying records.

FR

Allowance for Premiums receivable are adjusted

Uncollectible to reflect allowances for delinquent
Premiums
accounts.
The company has sufficient
Fraud
resources and expertise to
Investigations
investigate fraud.
All new and renewal premiums are
Transaction
recorded in the policy
Recording
administration system and
actuarial records.
All new and renewal premiums are
Transaction accurately recorded in the policy
Recording
administration system and
actuarial records.
All transactions are recorded on a
timely basis

Risk

Point of
Focus
Control
Type
(CAVR)

Point of Focus

The Company continues to write

direct and intermediary business Credit controllers establish credit limits and payment
with persons considered to be high terms to appropriately reflect the risk of non-payment.
credit risk.
Allowances for uncollectible amounts are determined
Inadequate allowance is provided
by credit controllers and based upon the debtors credit
against doubtful debts
status and payment history.
Fraud investigations fail to resolve Fraud investigations are performed in accordance with
internal control weaknesses or pre-determined guidelines by experienced underwriting
recover losses.
and (where applicable) Internal Audit personnel.
All new policies are not considered
Written premium data is reconciled to the policy
for reinsurance, resulting in the administration system to identify all in-force direct and
retention of inappropriate levels of assumed polices prior to the calculation of reinsurance
risk.
cessions.
Rejected policy data is isolated, analysed and corrected
Inaccurate recording of policy data on a timely basis through programmed controls, batch
due to incorrect/ invalid data entry headers and suspense accounts. Management reviews
resulting exception reports.
An appropriate level of review is in place to ensure that
Processing backlogs exist and are
policy data is entered on a timely basis and any
not cleared on a timely basis.
backlogs addressed.
Incorrect amounts of gross and net Calculation of premium adjustments (including return
written premium recorded in the premiums and retrospective premium adjustments are
financial statements.
approved by an appropriate official.
Incorrect amounts of gross and net
Suspense accounts are reconciled and reviewed by an
written premium recorded in the
appropriate official for unusual or aged items.
financial statements.

C, A

C, A

Page 6 of 9

Insurance Master Data

Premium CycleP&C

Cycle

Transaction
Process

Control Objective

Control
Objective
Control
Type
(CAVR)

Premiums

Transaction
Recording

Effective segregation of duties

exists between those recording
premiums transactions and
personnel handling cash receipts.

Premiums

Transaction
Recording

Management monitors
completeness and accuracy of
data input into the Company's
administrative system

Control
Activities

Premiums

Transaction
Recording

Premium transactions are

accurately reflected and classified C, A, V
in the financial ledgers

FR

Control
Activities

Premiums

Transaction
Recording

Premiums are correctly stated in

the reporting currency.

FR

Control
Activities

Premiums

Transaction
Recording

Tax information derived from

premium activities is accurately
and promptly reported.

C, A

FR

COSO
Component

Control
Activities

Control
Activities

7/31/2016

C, A

Control
Objective
Category
(C/FR/O)

FR

FR

Risk

Point of
Focus
Control
Type
(CAVR)

Point of Focus

Fraudulent data entry understates Segregation of duties exists between those recording
premium activity for the purpose of premiums transactions and personnel handling cash
misappropriating cash receipts.
receipts.

Management reviews policy information to critically

Management is unable to identify
analyze premium activity, including current and
significant data entry problems in
historical premiums trends, new and renewal business, C, A
the recording of premium billing
premiums by lines of business, intermediary and
and cash application transactions.
insured.
Inaccurate data input results in the
misclassification of policy data and The financial sub ledgers are reconciled to the general
financial records and the
ledger. Reconciliations are reviewed and approved by C, A, V
miscalculation of ADIAL due to
financial management.
inaccurate premium data.
Misstatement of premium and
Translation of foreign currency written premiums is
related income due to inaccurate
calculated using prevailing exchange rates at the date
A
or incomplete foreign currency
of policy inception.
translation.
Documented procedures for developing, summarizing,
and reporting required tax information. Review of major
Erroneous data may be used in tax
transactions or major classes of transactions by
computations and result in
individuals who are knowledgeable about tax
C, A
overpayments or underpayments
requirements. Programmed sub ledger coding
of taxes.
facilitates the automated classification, summarization,
and retrieval of required tax information.

Page 7 of 9

Insurance Master Data

Premium CycleP&C

COSO
Component

Control
Activities

Cycle

Premiums

Control
Activities

Premiums

Control
Activities

Premiums

Transaction
Process

Transaction
Recording

Control Objective

Relevant disclosure data is

gathered completely, accurately
and on a timely basis.

Prevention or detection of incorrect

Adjustments
entries to policyholder accounts,
and Ledger
agents' balances and reinsurance
Maintenance
data.
Appropriate segregation of duties
between the entry and approval of
Adjustments
journal entries (related to
and Ledger
underwriting transactions not
Maintenance
recorded in the Company's
administrative systems).

Control
Activities

Premiums

Adjustments
and Ledger
Maintenance

Control
Activities

Premiums

Adjustments
Sub ledger journal entries
and Ledger represent valid adjustments to the
Maintenance
Companys financial records.

7/31/2016

Polices and procedures exist for

processing journal entries.

Control
Objective
Control
Type
(CAVR)

Control
Objective
Category
(C/FR/O)

Risk

Point of
Focus
Control
Type
(CAVR)

Point of Focus

FR

Recorded transactions capture and aggregate required

account disclosures including:
- gross and net written premiums
Required GAAP/ MD&A/ 10-K
- earned premium (including changes in unearned
disclosures are incomplete or
premium)
C, A, V
inaccurate for presentation in the
- allowance for bad debts
financial statements
- insurance balances receivable
- appropriate segmental and geographical analysis
- associated cash flows
- material legal proceedings

FR

Unauthorized adjustments are

made to the financial sub ledgers.

FR

Unauthorized adjustments are Appropriate segregation of duties exists between the

made to the financial sub ledgers.
entry and approval of journal entries

A, V

FR

Incorrect/ inconsistent treatment of A chart of accounts is maintained and updated on a

manual adjustments between sub timely basis, establishing procedures and account
ledgers.
mappings for processing journal entries to sub ledgers.

A, V

FR

C, A, V

Incorrect of fraudulent journal

entries are recorded.

Access to ledger journal entries is restricted to

appropriate finance personal through programmed
authority levels.

All journal vouchers are approved by management and

attached to supporting documentation.

Page 8 of 9

Insurance Master Data

Premium CycleP&C

COSO
Component

Cycle

Transaction
Process

Control Objective

Control
Objective
Control
Type
(CAVR)

Control
Activities

Premiums

Adjustments
and Ledger
Maintenance

Sub ledger journal entries are

recorded on a timely basis.

Control
Activities

Premiums

Control
Activities

Premiums

7/31/2016

Prevention or detection of incorrect

Adjustments
entries to policyholder accounts,
and Ledger
agents' balances and reinsurance
Maintenance
data.
Adjustments
Sub ledgers are reconciled to
and Ledger
policy administration, billing and
Maintenance
reinsurance systems.

Control
Objective
Category
(C/FR/O)
FR

C, A

FR

C, A

FR

Risk
Ledger maintenance activities are
not recorded in the correct
financial period.
The financial sub ledgers do not
accurately reflect current policy
data, reinsurance terms and
billings.
Unreconciled suspense accounts
exist and are not cleared on a
timely basis.

Point of Focus

Point of
Focus
Control
Type
(CAVR)

Manual adjustments are reviewed by an appropriate

official to ensure accuracy of cut-off.

The financial sub ledgers are reconciled to the

underlying policy administration, actuarial and
reinsurance systems. Reconciliations are reviewed and
approved by financial management.
Suspense accounts are reconciled and reviewed by an
appropriate official to identify and clear unusual or aged
balances.

C, A

C, A

Page 9 of 9