Growing Local Regulatory Compliance in Asia-Pacific

Tags: asia/pacific, big data, cloud, compliance, datacenter, financial services, it governance, security, strategy

Security threats are evolving rapidly and the solutions that organizations implement to thwart such threats, play a major role in the success or failure of the organization's overall security strategy. The loss of data, threats to national security and protection for the same are receiving significant attention in Asia-Pacific (excluding Japan) (APEJ) countries.

As we mentioned in our security predictions earlier this year, the local regulatory compliance is receiving significant attention in APEJ. Many APEJ governments and enforcement institutions have initiated and are now regulating information flow and ownership issues by enacting laws and regulations or modifying to existing laws. These changes mandate the protection of data and industry-led cyber security standards. Our research shows that increased attention to sound IT-governance policies and compliance with regulatory requirements are driving overall IT security.

A few of these laws which have been implemented or proposed in various countries of APEJ are listed below (note - this is not a comprehensive list):

• Korea: Personal Information Protection Act (PIPA)
• Taiwan: Personal Data Protection Act which was just implemented from 1 October 2012
• India:

 Information Technology Act (ITA) 2000. The government of India made major amendments to ITA-2000 in form of the IT Amendment Act, 2008 and 2011.        
 Data Protection Act 2008
 RBI's 2-Factor Authentication

• Hong Kong: amendment to Personal Data Privacy Act
• Singapore: Personal Data Protection Act (PDPA) 2012
• Philippines: Data Privacy Act  
• China:

        Chinese information security laws and regulations
        The Regulations of PRC on Safety Protection of Computer Information Systems
        Regulations for the Protection of Information Network Transmission Right
        Regulations on the Commercial Passwords

• Malaysia:

 Communications and Multimedia Act (CMA) 1998
 The Personal Data Protection Act 2010 (PDPA)

The new law forces a number of organizations to make assessments, to take security seriously, and to make some positive changes in their security posture. It is certain that the security-solution providers, service providers, and end-users among others, will be engaged in the tedious job of interpreting regulatory compliance requirements. At the same time the sheer number of laws and regulations, conflicting requirements, cross-border applicability issues, unexpected additional regulations and the challenge of determining which compliances are applicable are tough decisions that organizations must make.

IDC believes that the starting point for any compliance exercise is to carry out a risk assessment to understand what information the business holds what its vulnerabilities are and what elements of the IT systems can be locked down.

As specified in a previous article on risk assessment, it is an aspect of security management that organizations can take up as a cost-effective security measure. This allows organizations to estimate potential damages and set a budget to fix these loopholes and avoid any major catastrophes in future. This process is advantageous because once these security loopholes are identified, companies can proactively determine and allocate necessary budget toward fixing the issues related to security. They can also realign their security policies to meet the required security goals. This approach also gives an organization sufficient time to educate its employees on the changes in its existing policies. In other words, it helps minimize the risks and maximizes return on investments. Further, the compliance mandate is now moving out from government agencies to large corporations. Many industries have their own codes of practice or other sets of rules. Organizations that have their security organized are demanding that those they do business with also comply or no longer willing to do business with those organizations that don't meet the standards.

As cyber-criminal activities continue to thrive and rise, the need for stricter compliance and regulatory acts will continue to grow. Many Asian countries seek to enact new laws or amendments, which supplement the Personal Data Privacy with specific focus on technological advancements and greater penalties for breaches. However, organizations need to realize that having a policy or being compliant is not enough to make an organization secure. It just means that they are following certain best practices while trying to be one step ahead of those who seek to attack them. It is important to carry out regular risk-assessment exercises and seek continuous improvements on their position on security.

Great success at the 5th Annual Asian Insurance Congress 2012

Tags: asia/pacific, insurance

IDC Financial Insights kicked off its 5th Asian Insurance Congress (AIC) 2012 on the 28th August 2012, held in Singapore. Themed as the “The Insurer’s New World Order: Adapting to Changing Times”, the regional Insurance event attracts close to 200 delegates across the region, providing an excellent platform for practitioners to discuss and debate on some of the challenging issues facing the industry.

Besides receiving overwhelming registration, AIC also featured one of the best speakers’ line-up – we had the honor of hosting 18 visionary industry leaders in 1 event, sharing with us their thoughts, insights and experience on how the insurance sector should move ahead in the times of uncertainties.

Here are just a summary of some of the main themes discussed during the Congress:

• Global force: With global economic slowdown and euro zone crisis, insurers (especially players with huge customer pools on life insurance policies) are pressured to deliver the guaranteed return rates with the prolong low interest rates. How then do they tackle this conundrum?
• Regulatory intervention: Government bodies from developing markets will be adopting some of the best-practices from developed markets, tightening the rules around customer protection, distribution, risk management and reporting standards. Insurers have to be prepared to invest additional time and resources to ensure compliance.
• Connecting with new generation of consumers: The influx of social media has affected some of the purchasing behaviors of consumers who are social networking savvy. This new generation of consumers is comfortable with doing product research online as well as vocal about receiving poor services in their online networks. Insurers thus need to ensure that they are 'connecting' and appeasing this segment group.
• Distribution & partnership: Agency would still be the main force is distribution, but the model is changing to a multi-distribution by leveraging on technology and partners - herein, bancassurance is especially gaining more prominence. However, the challenges such as the availability and commitment of banking partners will hamper the growth rate the bank-insurer partnership.
• Technology transform: Two main issues were discussed at the Congress – regulations pertaining to technology risk assessment putting huge cost pressure on the insurers, and needing to deal  with legacy core systems to ensure competitiveness and lowering of TCO.
• Customer Centricity: With an increased in the amount of information available and a growth in big data, the corresponding maturity in technologies for data analytics has provided the tools for insurers to better understand their customers. Besides tools, integrated process and the internal culture are key ingredients to increases customer satisfaction and improve retention, cross-sell and referrals.
  

As the project manager for the AIC 2012, I am thankful to receive support from our partners & industry associations, pleased with the overwhelming registration from the industry, and humbled to be able to host some of the best speakers and leaders in this sector. For those who have joined us at the Congress, I hope it was a fruitful day for you – catching up with your friends as well as making new contacts. We look forward to meeting you again in 2013. 

Picture: Scott Ryrie, Guy Carpenter (left), Simon Machell, Aviva (centre), Owen Young, Stan Chart Bank (right)

Distribution of Insurance in the Disruptive Era

Tags: asia/pacific, bancassurance, distribution, financial services, insurance, online aggregator

A very cliché statement “Insurance is to be sold, not bought” highlights the eminent role of distribution channels in the growth strategy of insurance firms. The ability to utilize these channels to reach the firms’ target audience is often the key differentiator in a competitive landscape.

However, as new disruptive forces such as evolving customer preferences, maturation of modern technologies, changing regulatory standards and unpredictable global economic conditions become the new norm, the distribution channels of insurance firms must keep up to take on new challenges.

Bancassurance: From Alternative to Mainstream
With lower revenue expected from interest-based activities, banks will be keen to further explore this alternative revenue stream to derive a stable flow of commission income from distributing their insurance partners’ complementing financial solutions.

Supporting this statement, figures from Life Insurance Association (LIA) in Singapore indicate that the popularity of insurance solutions distributed through bank channels is rising. Between January to March 2012, tied agents contributed 42% of weighted new business sales, while the bancassurance channel was almost on par, accounting for 41% of all new sales. [Source: LIA Singapore press release, dated 7 May 2012, http://www.lia.org.sg/node/313]

With most banks entering into exclusive partnerships with insurance firms, bancassurance has matured and progressed as a mainstream distribution channel. However, the challenge would be to ensure a cohesive working relationship between the carrier and the bank. Aside from having a superior range of products, working out the commission structure, embarking on joint marketing promotion and providing dedicated middle office support, insurers need to be bold and creative in using technologies as a leverage to provide a more efficient support to their banking partners.

Similarly, the partnering banks need to be open to new communication links from their insurance partners – this will serve as the service differentiator which fits into the current customer-centricity movement.

Proliferation of Electronic Channels and Consumer’s New Buying Preferences
The changing customer demographic and proliferation in Internet connectivity have led to a shift in customer engagement models, affecting how information is being consumed. The next generation of customer is perfectly comfortable in scouring the Internet, forums and their social networks for advice on insurance solutions, hence leading to the rise of an emerging channel – the online aggregator.

The role of the aggregator fulfills the requirements of the customer, namely pricing transparency, ease of comparison between multiple providers and self-service transactions. While the aggregator provides another channel for insurers to distribute their solutions, it does pose other challenges such as impacting carriers’ branding, and potentially cannibalizing existing distribution channels (an example is the firm’s own e-commerce portal). Both parties - the insurer and the aggregator - also need to work on efficiently integrating data between their IT systems in order to provide real time, updated quotations on the aggregator site.

Striking the Right Balance and Mix
The advent of alterative channels such as the online aggregator is increasingly used to supplement traditional channels such as tied agents, bancassurance, financial advisors and international brokers. Hence, there really is no one-size-fits-all distribution strategy for carriers to address the disruptive conditions; they will need to adapt and harmonize the various distribution channels in order to ensure profitability.

For more insights on how insurance distribution is evolving in the current market environment, join us at the IDC Financial Insights’ Asian Insurance Congress 2012 on the 28th of August in Singapore as we hear from the industry’s leading thought leaders on this topic. Some of the speakers include:
Dr. Owen Young, Group Head, Insurance, Standard Chartered Bank

• Jeffrey Manuel, Head of Asia Bancassurance & Partnership Development, Manulife
• Calvin Foo, Asia Regional Head, Financial Advisory & High Net Worth Development, Manulife
• Douglas Hudson, Chief Partnership Distribution Officer, AIA
• Angie Tay, Operations Director, CompareXpress
  

For more information on the Asian Insurance Congress 2012, please visit our official website at http://to.idc.asia/aic2012

Microsoft Surface, Asia Awaits

Tags: asia/pacific, consumerization, devices, google, microsoft, mobility, virtualization, windows 8, windows rt

On June 18th in Los Angeles, Microsoft introduced the Surface tablet family of products. This is the first time Microsoft has ventured into making its own tablet, which will run its upcoming Windows 8 and Windows RT operating systems.

There will be two versions: an ARM-based tablet (Surface for Windows RT) that will run Windows RT and an x86-based tablet (Surface for Windows 8 Pro) that will run Windows 8. The ARM version of the Surface, which utilizes an unnamed Nvidia processor (likely Tegra 3) will become available at the time of Windows 8/RT release around October. The x86 version (Surface Pro) will arrive about three months after the initial Windows 8 release. There was no mention of an Asia/Pacific release date, but given Microsoft's record of releasing Windows 7 as a worldwide product, it could be likely that Surface for Windows RT (Surface RT) will be available in English-based Asian markets with Windows RT's worldwide release, assuming that it has worked out its channel plans.

Effectively two different products, Surface RT and Surface Pro share very similar physical dimensions, as well as the selection of ports. The design of the device is understatedly elegant, functional, and actually quite thin (about 0.1mm thinner than the new iPad). It's obvious that Microsoft wanted to create an integrated experience for the users, starting with the operating system, then the device, and hopefully the ecosystem.

General Observations

Being the latecomer to the party has its advantages: Microsoft had two years to observe Apple and Google battling it out for the tablet space. Microsoft has learned a valuable, free lesson that Google has paid for dearly: a seamless user experience could be more difficult to achieve if an OS vendor relied on OEM partners to make the device. To that end, Microsoft is actually in the lead compared to Google in that Microsoft has taken the first step to announce Microsoft-branded Windows 8/RT tablets while Google has yet to publicly announce its not-so-secretive Nexus tablet.

Although initial impressions of the Surface tablets are good, Microsoft purposefully withheld additional information for the Surface tablets. Specifics on the pricing, battery life, and in-depth hardware configuration were not disclosed. IDC believes that this is a calculated move on Microsoft's part to incite excitement as well as provoke questions to keep interest alive. There is no doubt that Microsoft is all-in on Windows 8/RT and Surface, as shown by the amount of design and innovation that went in to the Surface tablets.

IDC believes that the Surface tablets will stand a good chance of success in the mature Asia/Pacific markets. Despite the lack of transparency on the hardware specs and pricing, what the Surface tablets offer is a true do-it-all device. The Surface could potentially offer an integrated user experience with the function of a full operating system in a compact package for users to not only consume content, but also effectively create content from anywhere. This particular use case, combined with a relatively warm reception towards Windows 8, could persuade early adopters and particularly business users (think: executives that brought iPads to work but couldn't have full access to Office, etc.) to give Surface tablets a try in markets, especially in English-speaking markets like Singapore, Hong Kong, and Australia. Other developing markets may be more price-sensitive. IDC believes that the Surface tablets may not immediately find mass market appeal, especially if it is priced at iPad-levels in these markets.

Surface for Windows RT

Microsoft's strategy of having two Surface tablets is clear; Surface RT is for the consumer market, Surface Pro is for the commercial market. In reality, this strategy won't matter as much. Given the fact that Surface RT will be available first, early adopters will get on the Windows RT bandwagon. Looking back at the iPad, where many early adopters were business users, IDC believes a similar trend might happen here.

Since Windows RT will have the Office suite built-in, as well as a myriad of business apps at launch, the Surface RT is essentially a very powerful business tool from the start. Although the Surface RT isn't compatible with traditional x86-based programs or system management, there are ways around these limitations. Solutions like client virtualization can deliver fully managed corporate Windows XP/7/8 desktop to the Surface RT, which ensures compatibility and security. In a sense, the Surface RT could be the perfect poster child for BYOD, where an employee's personal life resides local with the devices, and his/her professional life exists virtually in the corporate datacenter.

In Asia, addressing BYOD is one of the top priorities of many organizations. In many cases, the extent of BYOD begins and ends with smartphones, but personal tablet usage in the enterprise is on the rise in many developed markets. Organizations are usually wary of supporting personal devices, which could change with Surface RT and its business prowess. If Microsoft does implement a Trusted Platform Module (TPM) in Surface RT, then the device's position in the enterprise is much stronger.

The pure consumer market could be tougher to crack for Surface RT though. The Asia/Pacific tablet market is full of cheap Android devices on the low end and iPads on the high end. This market dynamic leaves Microsoft with little room to maneuver. Microsoft's Windows RT operating system will garner some attention from knowledgeable consumers, but the key to many Asian consumer hearts is through their wallets. Microsoft believes that consumers may be willing to pay a bit more to get a device that runs a full OS, but the truth is that Windows RT is not yet a proven product. If Microsoft wants to establish a beachhead of consumer users in Asia, it will need to focus on key developed markets like Australia, Korea, Hong Kong and Singapore (perhaps even leveraging local music/media acts, etc.), as well as price the Surface RT competitively with the market leader.

Surface for Windows 8 Pro

For Surface Pro, the path to success seems to be less treacherous. It will be one of the best-looking, compact PC/Tablet hybrids.  Microsoft will have more time to position and price it accordingly and it will exist in a space which Microsoft dominated for over 20 years.

As discussed in a previous IDC LINK, Windows 7 adoption across Asia/Pacific has been relatively low compared to other regions. This particular trend may pave the way for Windows 8 Pro, or at least Windows 8 Pro on Surface Pro.  While Surface Pro looks like a great fit for the enterprise on paper, the reality of enterprises buying into Surface Pro is less certain. For one, there isn't nearly enough accessories available for the Surface Pro to be full featured enterprise workhorse (like a docking station). Additionally, the pricing guideline Microsoft announced was that Surface Pro will be priced "in-line" with existing ultrabooks. This means a price range of USD 800 - 1,000 for the device, which may be out of the budget range of many organizations.

Yet, the enterprise centric features of the Surface Pro cannot be denied. The Surface Pro will be one of very few tablet form factor devices that are fully compatible with existing enterprise desktop infrastructure. The manageability, security, and compatibility aspects of the device might be reasons enough for organizations to buy into the device, or at least for the management level employees in efforts to displace the iPads, which can be a nightmare to secure and support.

At the same time, Surface Pro might actually find fans within the consumer market in Asia/Pacific. With much of the population utilizing more public transport and walk more than other regions. This means even a typical 2kg laptop becomes a burden to carry. The Surface Pro, with its relatively light weight and compact design, can serve as a multi-purpose device where consumers may use it as a computer at work, tablet on the bus, and an entertainment device at home.

Partners

Microsoft is taking a big risk with a self-branded tablet. It's clear that Microsoft doesn't want to suffer the same fate as Google's Android, having its operating system become so fragmented there is no way to guarantee the user experience. At the same time, Microsoft is heavily dependent on its hardware partners to ensure the success of Windows 8/RT, and this announcement has surely touched more than a few nerves of its partners like Acer, Asus, Dell, HP, etc. Microsoft insisted that all of its partners are aware of Microsoft's intentions, but IDC believes there will be concerns from the partners, from both the tablet and PC side about Microsoft's latest announcement.

The biggest concerns from the partners will be Microsoft's (unfair?) competitive advantage by having full control of the OS, app store and the hardware. Even if Microsoft prices the Surface in-line with other Windows 8/RT devices on the market, it will also collect licensing fees from its partners. Additionally, it will be hard for Microsoft to remain neutral when it comes to software and device updates. As Microsoft will have real time feedback from the customers, it will be able to update/fix issues for the Surface much quicker than partner's devices.

Nevertheless, having Microsoft in the tablet/PC space isn't all bad news its partners. With Microsoft wholeheartedly devoted in the success of Windows 8/RT and the Surface, it's guaranteed that Microsoft is going to invest heavily in marketing Windows 8/RT. The result may be a much bigger interest from the app developers, ecosystem vendors, and therefore consumers. At the end of the day, it will be in Microsoft's best interest to ensure its partners' Windows 8/RT endeavors flourish and the Windows 8/RT platform becomes a major player in the tablet market. Microsoft's involvement in the tablet/PC hardware space will be in effect the rising tide that lifts all boats, including those of Microsoft's partners.

In Asia/Pacific, the Microsoft's channel strategy remains unclear. Unlike the US, there are no Microsoft-owned retail stores in place in the region. While Microsoft may rely on its enterprise sales force to push Surface tablets in the commercial sector, there is no consumer market support at this time. IDC expects Microsoft may start to build other distribution channels for the Surface in Asia as the release date gets near, as well as partner with local and region retailers to sell the Tablets.

With less than six months before Windows 8/RT hits the stores, IDC expects that Microsoft will become more engaging in sharing more information on the Surface tablets. This latest announcement is just another sign that Microsoft has once again becoming an innovative company. Of course, the there are risks associated with innovations, but Microsoft is facing a do-or-die situation, where this may be the last chance it has to claim a piece of the tablet market. And Microsoft has already overcome its biggest challenge: not trying.

To learn more about IDC Asia/PAcific's analysis on Windows 8, please leave comment below, if there are enough interest, IDC will make it available.

Australian Healthcare: Integration of Business and Technology

Tags: asia/pacific, australia, healthcare

Collaboration and Security: A Critical Balance

Tags: asia/pacific, health, security

Singapore's Healthcare Revolution

Tags: asia/pacific, health, healthcare reforms

If you are living in Singapore it would be hard to avoid the buzz around healthcare reforms. The rising costs of healthcare due to a fast ageing population and the change in disease burden are issues being faced by many developed nations in the world.   The Singapore government seems to be tackling it through a many-pronged approach.

Singapore has clearly envisaged this as a business and clinical transformation project, and not merely an ICT project. If you wish to learn more about Singapore's healthcare revolution, please contact me on smukherjee@idc.com 

21st Century Education in the Emerging Markets

Tags: asia/pacific, government

'Broad Spectrum' Mobile Health

Tags: asia/pacific, ehr, health, mobility, patient centricity

Big Data: A Banking Perspective

Tags: , asia/pacific, banks