Axon Implementation: Ensuring regulatory success from the start

Auteur: Bianca Duiverman – Projectmanager at Keylane

One of the most enjoyable aspects of my job as a Project Manager for Keylane is in working with our clients to implement our Axon platform. The enthusiasm from clients when realizing the myriad options available for defining their business processes, creating new user dialogs, and generating reports can be infectious. Coupled with the potential integration of technologies like AI, it’s safe to say these are genuinely exciting times to be working within the insurance industry.

But it’s also a time of growing regulatory pressure for insurers, which is evident to me in the increasing number of questions I receive regarding compliance. Government regulations, such as EU/DORA and GDPR, are generating valid client concerns which must be addressed by an implementation project team.

And given insurers’ eagerness to drive new solutions to market, shorten time to value, and simultaneously account for a growing number of regulatory requirements, I wanted to share some simple but critical actions that can be taken to nurture a successful project initiation.

Knowledge transfer & shared objectives

It may sound obvious, but it’s essential that everyone on the project team understands what’s required in terms of today’s regulations and security requirements. This is especially important when implementing a new core system (such as Axon). Two leading questions to ask here: which requirements are absolutely critical, and what is the best way we can meet them?

In my experience, a series of initial workshops is a very effective way to kick off core implementation projects. Invite all team members, along with compliance and security officers and other business stakeholders, into one room (I find that physical meetings are more effective than virtual sessions). This way knowledge transfers are better articulated and understood, as regulatory needs are discussed within the context of a real project. The main objective here is to share and discuss overarching goals, carefully examine sensitive areas of the project, and define the project’s documentation requirements.

These workshops also help to cement close, professional relationships within the team, encouraging shared responsibility and accountability, while allowing all members to view both the business objectives and needs of regulatory compliance from all perspectives.

Long-term enablement & project governance

For any implementation project, it’s crucial to secure the necessary resources and skills for as long as they may be required. While compliance officers may not need to attend every project update meeting, it’s important to keep them in the loop so they can be quickly brought into conversations when needed. This point really underscores the importance of a collaboration agreement—and not only within the project, but also for compliance officers to proactively share regulatory updates, policy changes, and best practices.

Another aspect to be aware of – human resources are not the only potential project bottleneck. Access to office locations and IT systems for individual team members may require screenings and explicit sign-offs. My advice here is to never underestimate these needs. Project team members must have access to production systems and development and test environments. But, as these environments hold sensitive data, access levels, credentials, and authorisation methods must be established for each individual contributor. A forward-looking project manager should address these requirements as quickly as possible, and collect all project requirements upfront.

As a project progresses, it’s important to continuously challenge business analysis, functional requirements, design decisions, and set or adjust priorities from a regulatory and security perspective first. In practice, this means the implementation team needs to work closely with test managers to not only ensure secure coding practices, but to also verify that the quality of unit, system, and integration tests meet necessary standards and is thoroughly documented.

At Keylane, we incorporate audits, reviews, and security and risk assessments into our project templates, ensuring that the project can effortlessly report on how critical regulatory requirements have been implemented, and which areas still need attention.

Read more about Keylane here.