{{item.videoDuration}}
{{item.title}}
{{item.text}}
{{item.videoDuration}}
{{item.text}}
Meeting MAR expectations: A strategic outlook for insurers
Insurers and providers offering payer plans that are implementing or currently live on Workday are uniquely positioned to leverage the technology to streamline Model Audit Rule (MAR) compliance, established by the National Association of Insurance Commissioners (NAIC). As regulations, governance, and financial reporting expectations rise, many insurers are under increasing pressure to treat MAR not just as a compliance requirement, but as a foundation for enterprise-wide oversight. This presents an opportunity for many organizations to leverage Workday capabilities to strengthen their control environment.
MAR aims to improve the precision and transparency of an insurer’s financial statements by reinforcing internal controls over financial reporting (ICFR), audit committee independence, and the disclosure of material weaknesses. Becoming MAR compliant reflects a transition from basic regulatory compliance to proactive and strategic governance. To support this transition, insurers should embed stronger risk and control frameworks into their core systems to help ensure financial reporting is precise, auditable, and resilient. This is often true when running or implementing Workday the platform integrates financial management, internal controls, audit readiness, and data transparency — allowing insurers to embed compliance directly into their core operations.
Navigating compliance: Challenges for insurers
Insurance companies operate in a complex and highly regulated environment — subject to the full range of MAR compliance requirements, while simultaneously managing operational challenges, cost control and business growth. Regardless of size, insurers must navigate a distinct set of regulatory and strategic demands, with varying degrees of scale, resources, and internal capabilities shaping how they respond to these pressures.
- Manual legacy controls: Manual workflows and disparate tools can create challenges for internal auditors tasked with keeping risk and control documentation current and aligned with MAR standards.
- Maturing culture of compliance: As external auditors become more familiar with cloud-based enterprise resource planning (ERP) systems, they are applying greater scrutiny to automated controls and IT General Controls (ITGCs). They are especially focused on areas such as configuration change management, segregation of duties, and user access reviews — key elements of MAR compliance that require maturity in both process and documentation.
To help overcome these operational hurdles, insurers should have a platform that not only supports compliance but transforms it into a strategic advantage — this is where Workday can provide significant value.
Driving compliance: Leveraging Workday for MAR success
Many insurers that plan to have Workday as their ERP have a unique opportunity to embed MAR compliance seamlessly into their day-to-day operations. Workday’s built-in features help streamline financial processes and strengthen governance, making it a powerful tool for insurers looking to meet MAR requirements more efficiently:
- Integrated system: Workday consolidates HR, payroll, finance, and operational data into a single system, improving data integrity and reducing the risks associated with manual reconciliation.
- Automated configurable controls: Workday’s business process framework enables companies to embed approvals, validations, condition rules and segregation of duties (SoD) directly into workflows, consistently enforcing operational controls.
- Holistic Audit Reporting: Detailed audit trails within Workday automatically record changes to transactions, configurations and user security access, which support effective monitoring and control evidence collection. Given the sheer volume of audit data, custom reports, and dashboards can be developed to help alleviate reviewers’ time spent on configuration change monitoring and user access reviews.
By leveraging Workday, insurers can strengthen their control environment, simplify compliance efforts, and reduce audit-related risks.
Operationalize compliance with PwC’s Workday accelerators
MAR compliance is no longer just about checking boxes — it’s about building a foundation of operational resilience, real-time visibility, and sustainable controls. At PwC, we can help insurers increase the capabilities of Workday by embedding standardized risk and control practices into the platform, so you can accelerate your path to compliance while positioning your organization for long-term success.
Standardized risk and controls inventory
Our prebuilt insurance-specific risk and controls inventory can help you quickly align with MAR expectations. Leveraging our deep industry experience, we can identify key financial and IT risks — tailored to your specific needs. From integration risks (e.g., Guidewire and other insurance admin systems) to ITGC considerations, we conduct risk assessments based on a proven framework that confirms imperative information is not overlooked.
Prebuilt automated controls
Our library of configurable controls accelerates implementation by pinpointing where controls should be embedded across your key Workday business processes. Whether you are addressing a security gap or controls gap or integrating controls during a Workday deployment, our approach streamlines compliance activities — reducing manual effort while enhancing audit readiness.
Sensitive access and segregation of duties (SoD) accelerator
MAR places heightened focus on IT General Controls, especially around access and segregation of duties. Our proprietary tool, Enterprise Control, in conjunction with our services helps provide insight into sensitive access and SoD conflicts across financial and HCM/Payroll domains. Whether used for a point-in-time risk assessment or ongoing compliance monitoring, this accelerator enables proactive remediation and supports sustainable ITGC compliance during and after your Workday transformation.
Custom audit reports and dashboards
Workday’s strong audit data offers powerful insights when you have the necessary tools to harness it. Our custom reports and dashboards simplify configuration change monitoring and user access reviews, so that your teams can focus on what matters. These solutions are tailored to your Workday setup and align directly with MAR audit requirements — reducing review time while helping improve control effectiveness.
Let’s transform compliance into confidence
Connect with our team to explore how PwC’s Workday-enabled accelerators can help your organization simplify MAR compliance and support long-term growth.
Security and controls for your Workday journey
{{filterContent.facetedTitle}}
{{contentList.loadingText}}
{{contentList.loadingText}}
Follow us
