Buying a new risk management system is a difficult task. Faced with hundreds
of different applications and alternatives, how does a purchaser know what to
look at, let alone what to buy? Understanding the types of systems available
in the marketplace is the first step in the buying process. Then, knowing what
your organization's needs are, you can choose which application(s) should be
considered.
What Types of Systems Are Available in the Marketplace?
Systems are generally grouped into four categories:
- A Risk Management Information System (RMIS) focuses on activities relating to the collection and analysis of exposure-related
information and generation of user defined reports. The term "RMIS" is also
sometimes used, although wrongly, to refer to systems that can administer
claims.
- A Claims Management Information System (CMIS) typically includes all of the RMIS's functionality but also includes capabilities
designed to adjudicate claims, including monitoring litigation, tracking
allocated expense, making payments and a multitude of other types of activities
relating to the claims adjustment function.
- An Integrated (or Comprehensive) Information
System (IIS) contains all of the functionality of an RMIS and CMIS,
but will also support the organization's underwriting, loss control, accounting,
statutory, administrative, or financial reporting needs.
- An Enterprise Resource Planning Solution (ERPS) is an organization-wide operational system, including financial, manufacturing,
sales, distribution, accounting, and, in some cases, risk management functions.
How do you know which type of system will meet your needs now and into the
future, should the organization's needs change? Understanding the functionality
of each system and its related costs can help you navigate the landscape.
How Does the Functionality Vary Between Different Applications?
Each application has a targeted audience. The functionality and cost increases
exponentially as capabilities increase to meet a broader need. However, most
can be purchased on a modular basis, allowing an organization to purchase the
types of functionality required to meet immediate needs, while providing scalability
for future expansion.
Some system's capabilities do overlap. The question that needs to be answered
is whether the majority of the systems' capabilities are needed now or in the
near future. An understanding of the organization's future goals is needed to
guard against over or under buying on system capabilities.
Some systems are designed to meet the specific needs of only selected types
of organizations, such as insurance companies, pools, captive, and third-party
administrators. ERPSs, in particular, have targeted industries, such as manufacturing
or service, which drive the system's design.
Generally, you will find the following capabilities in each of the systems:
- RMIS—
- Data collection and consolidation
- Data analysis
- Data reporting
- Report circulation (possibly Web-enabled)
- Remote access by outside users
- Cost allocation
- CMIS—
- Above RMIS capabilities
- Claims administration
- Financial, statutory, and accounting reporting
- Tracking case-related allocated claims costs
- Litigation oversight
- Diary
- Supervision and claim oversight
- Case-related notes
- Loss control
- Medical management
- Fee schedule application
- Utilization review
- Payments
- Enhanced security
- IIS
- Above RMIS and CMIS capabilities
- Agency management
- Time and expense tracking for billing purposes
- Submissions and quoting
- Invoicing
- Receivables, disbursements, and collection
- Policy and endorsement issuance
- Renewals, cancellations and reinstatements
- Premium audit
- Reinsurance
- Generally accepted accounting principles (GAAP) and other statutory
reporting
- Actuarial "black boxes," including incurred but not reported (IBNR)
calculations, loss sensitive program tracking
- Data warehousing
- Imaging and electronic workflows
- ERPS—
- Workflow tools
- Data mining tools
- Operational applications, including planning
- Accounts receivable
- General ledger
- Asset management
- Product management (engineering/design through production)
- Manufacturing, sales
- Distribution and supply
- Value chain analysis
- Customer relationship management
- Statutory reporting
- Human resources enrollment and program administration
- Risk management (data analysis and reporting)
- Application integration and collaboration
- E-business
Although an ERPS may have some risk management functionality, typically it
is based on data collected from an interfaced RMIS or CMIS, or from financial
information manually entered into the application. Typically, an ERPS is purchased
as a function of decisions made by the organization, rather then a single function
(such as risk management or finance) within the organization. From a true risk
management standpoint, an ERPS is not typically considered within the selection
process.
If, an RMIS, CMIS, and IIS are the alternatives, how do you choose the right
application without "buying too much" (or too little)?
What Do You Need Now? What Will You Use Later?
Before any purchase, a comprehensive needs assessment is required. Understanding
current organizational and system requirements may be insufficient. Future planning
and defining what potential needs might be required, up to 5 years into the
future is essential. Why 5 years? Obsolescence.
Most applications have a 5-year lifespan, if they are not modified or upgraded.
Purchasing upgrades for systems, particularly those that have been customized
by an organization, can be extremely expensive and require substantial effort
to identify integration and functionality issues and to conduct environmental
testing. Understanding the organization's current and future needs before you
buy will help to identify applications that may have modules which can be added
to the existing application to expand functionality without purchasing a new
application or a complete upgrade.
Which Buyers Choose Which System?
As the organization defines its current and future needs, the decision on
how to meet these requirements can vary. It is not as simple as, "corporations
always choose RMIS, and TPAs always choose CMIS." A corporation that does not
administer its own claims may still choose a CMIS if its insurer or TPA can
interface or download claim-specific information. In this type of arrangement,
the downloaded data would populate claim records within the CMIS, allowing the
corporation or risk manager to see claim detail, adjuster notes, claims payments
etc., all within the CMIS data fields.
Corporations may also choose a CMIS if their intent is to administer claims
internally at some point in the future. If this is the reasoning, a system with
the ability to "turn on" claims administration functionality (e.g., claims payments,
fee schedule application etc.) at a later date, would be a good choice, assuming
the cost for the additional functionality is deferred until or if the claims
module is added.
TPAs may choose a CMIS or an IIS, depending on whether they also provide
program management services. If a TPA were supporting a pool's underwriting,
accounting, loss control, and marketing functions, an IIS would be the only
reasonable choice.
As general rule of thumb, corporations, insured public entities, and other
insured entities would use an RMIS. CMISs are typically selected by TPAs, self-administered
public entities, corporations with large retentions to administer, and pools
that administer members' claims but do not underwrite the business.
IISs are typically found at TPAs that provide program management, including
underwriting, policy issuance, loss control, etc. Managing general agents, insurers,
large pools, and captives also will need the capabilities found in this type
of system.
What Are the Typical Price Ranges for These Systems?
Prices vary widely between the systems and are affected by the amount of
customization required. "Off-the-shelf" systems only really exist in the realm
of an RMIS, and even these applications are frequently customized by the buyer.
Most buyers are misled by initial prices quoted for the various applications
because they do not understand licensing arrangements and the need for customization
or additional services. The need for adaptations to the application to accommodate
specific business needs can considerably add to the delivered cost.
Other additional costs might include user licenses (versus the site license
cost), middleware (providing connectivity to databases and drivers for hardware),
telephony and other hardware and infrastructure upgrades, as well as service
fees that might include implementation support and training.
Site licenses for the three risk management related applications typically
range in the following areas:
- RMIS $75,000-$150,000+
- CMIS $250,000-$500,000+
- IIS $750,000-$2,500,000+
ERPSs range substantially higher and typically include implementation and
customizations costs in the site license. They are rarely if ever offered on
an "off-the-shelf" basis.
Conclusion
Planning is everything. Buying the application that meets immediate needs
but lacks scalability or the capability for future expansion can be a costly
mistake. Which application best meets your needs may be a function of flexibility
and cost, rather then immediate needs.