Tag Archives: dodd-frank

What Should Future of Regulation Be?

It is of course much easier to look back and second-guess regulatory actions. It is far more difficult to propose a way forward and to do so in light of the emerging hot-button issues, including data and the digitization of the industry, insurtech (and regtech), emerging and growing risks, cyber, the Internet of Things (IoT), natural catastrophes, longevity and growing protectionism. The way forward requires consideration of the primary goals of insurance regulation and raises critical questions regarding how regulators prioritize their work and how they interact with one another, with the global industry and with consumers.

We offer below some thoughts and suggestions on these important questions and on how regulation might best move forward over the next 10 years.

Establish a reasonable construct for regulatory relationships.

Relationships matter, and it is imperative for there to be careful consideration of how regulators organize their interactions and reliance on each other. We have some examples in the form of the Solvency II equivalence assessment process, the NAIC’s Qualified Jurisdiction assessment process (under the U.S. credit for reinsurance laws), the NAIC’s accreditation process for the states of the U.S., the U.S.-E.U. Covered Agreement, ComFrame, the IAIS and NAIC’s memorandum of ynderstanding and the IMF financial sector assessment program (FSAP). Each of these provide varying degrees of assessment and regulatory cooperation/reliance.

These processes and protocols, however, have largely emerged on an ad hoc, unilateral basis and in some cases have had a whiff of imperial judgment about them that may not be justified – and certainly is off-putting to counterparties. We would urge regulators to give careful consideration to the goals, guiding principles and the process for achieving greater levels of cooperation and reliance among global regulators.

We hope these efforts would include an appreciation that different approaches/systems can achieve similar results that no jurisdiction has a monopoly on good solvency regulation. There must also be respect for and recognition of local laws and a recognition that regulatory cooperation and accommodation will benefit regulators, the industry and consumers. Most importantly, regulators need to work together to develop confidence and trust in one another.

The IAIS first coined the phrase “supervisory recognition” in 2009. In March of that year, the IAIS released an “issues paper on group-wide solvency assessment and supervision.” That paper stated that:

“To the extent there is not convergence of supervisory standards and practices, supervisors can pursue processes of ‘supervisory recognition’ in an effort to enhance the effectiveness and efficiency of supervision. Supervisory recognition refers to supervisors choosing to recognize and rely on the work of other supervisors, based on an assessment of the counterpart jurisdiction’s regulatory regime.”

See also: Global Trend Map No. 14: Regulation  

The paper noted the tremendous benefits that can flow from choosing such a path:

“An effective system of supervisory recognition could reduce duplication of effort by the supervisors involved, thereby reducing compliance costs for the insurance industry and enhancing market efficiency. It would also facilitate information sharing and cooperation among those supervisors.”

This is powerful. We urge global insurance regulators to take a step back and consider how they can enhance regulatory effectiveness and efficiency by taking reasonable and prudential steps to recognize effective regulatory regimens − even where these systems are based on different (perhaps significantly different) rules and principles, but which have a demonstrated track record of effectiveness.

As noted above, we have seen some efforts at supervisory recognition. These include Solvency II’s equivalence assessment process, the NAIC’s accreditation process for other U.S. states, the NAIC “Qualified Jurisdictions” provisions for identifying jurisdictions that U.S. regulators will rely on for purposes of lowering collateral requirements on foreign reinsurers, the E.U.-U.S. Covered Agreement and the IAIS’s Memorandum on Mutual Understanding. Some of these processes are more prescriptive than others and have the danger of demanding that regulatory standards be virtually identical to be recognized. This should be avoided.

One size for all is not the way to go.

The alternative approach to recognition of different, but equally effective systems is the pursuit of a harmonized, single set of regulatory standards for global insurers. This approach is much in vogue among some regulators, who assert the “need for a common language” or for “a level playing field” or to avoid “regulatory arbitrage.” Some regulators also argue that common standards will lead to regulatory nirvana, where one set of rules will apply to all global insurers, which will then be able to trade seamlessly throughout all markets.

There are, however, a variety of solvency and capital systems that have proven their effectiveness. These systems are not identical, and indeed they have some profoundly different regulatory structures, accounting rules and other standards such as the systems deployed in the E.U. (even pre-Solvency II), the U.S., Canada, Japan, Bermuda, Australia, Switzerland and others. Attempting to assert a signal system or standard ignores commercial, regulatory, legal, cultural and political realities.

Moreover, we question some of the rationale for pursuing uniform standards, including the need for a common language. We suggest that what is really needed is for regulators to continue to work together, to discuss their respective regulatory regimes and to develop a deep, sophisticated knowledge of how their regimes work. From this, trust will develop, and from that a more effective and efficient system of regulation is possible. The engagement and trust building can happen within supervisory colleges. We have seen it emerge in the context of the E.U.-U.S. regulatory dialogue. We saw it in the context of the E.U.-U.S. Covered Agreement. No one, however, has made a compelling case for why one regulatory language is necessary to establish a close, effective working relationship among regulators.

Similarly, the call for a level playing field sounds good, but it is an amorphous, ambiguous term that is rarely, if ever, defined. Does the “playing field” include just regulatory capital requirements? If so, how about tax, employment rules, social charges? How about 50 subnational regulators versus one national regulator? Guarantee funds? Seeking a level playing field can also be code for, “My system of regulation is heavier, more expensive than yours, so I need to put a regulatory thumb on the scales to make sure you have equally burdensome regulations.” This argument was made for decades in the debate surrounding the U.S. reinsurance collateral rules. We hear it now regarding the burdens of Solvency II. It must be asked, however, whether it is the responsibility of prudential regulators to be leveling playing fields, or should their focus be solely on prudent regulatory standards for their markets.

Finally, the dark specter of regulatory arbitrage is often asserted as a reason to pursue a single regulatory standard, such as the development of the ICS by the IAIS. But one must ask if there is really a danger of regulatory arbitrage today among global, internationally active insures? Yes, a vigilant eye needs to kept for a weak link in the regulatory system, something the IMF FSAP system has sought to do, supervisory colleges can do and the IAIS is well-equipped to do. But using regulatory arbitrage as an argument to drive the establishment of the same standards for all insurers does not seem compelling.

Proportionality is required.

Often, regulators roll out new regulatory initiatives with the phrase that the new rules will be “proportionate” to the targeted insurers. Too often, it seems there is just lip service to this principle. Rarely is it defined – but it is tossed out in an attempt to say, “Do not worry, the new rules will not be excessive.” Greater debate and greater commitment to this principle is needed. Clearly a key component of it must be a careful cost/benefit analysis of any proposed new standard, with a clear articulation of the perceived danger to be addressed – including the likelihoods and severity of impact and then a credible calculation of the attendant costs – economic and otherwise to industry and to regulators. In October 2017, the U.K. Treasury Select Committee published a report criticizing the PRA for its excessively strict interpretation of Solvency II and its negative effect on the competitiveness of U.K. insurers. The report concluded that the PRA had enhanced policyholder protection at the expense of increasing the cost of capital for U.K. insurers, which hurt their ability to provide long-term investments and annuities. Although the PRA emphasized its mandate of prudential regulation and policy holder protection, the Treasury Committee reiterated its concern with how the PRA interpreted the principle of proportionality.

Simplicity rather than complexity.

Over the past 10 years, there has been a staggering increase in proposed and enacted regulatory requirements, many of which are catalogued above. There is a danger, however, that increasingly complex regulatory tools can create their own regulatory blind spots and that overly complex regulations can create a regulatory “fog of war.”

Andrew Haldane, executive director at the Bank of England, in August 2012 delivered a paper at a Federal Reserve Bank of Kansas City’s economic policy symposium, titled “The Dog and the Frisbee.” He graphically laid out when less is really more by talking about two ways of catching a Frisbee: One can “weigh a complex array of physical and atmospheric factors, among them wind speed and Frisbee rotation” − or one can simply catch the Frisbee, the way a dog does. Complex rules, Haldane said, may cause people to manage to the rules for fear of falling in conflict with them. The complexity of the rules may induce people to act defensively and focus on the small print at the expense of the bigger picture.

Focusing on the complexity of the banking world, Haldane compared the 20 pages of the Glass-Steagall Act to the 848 pages of Dodd-Frank together with its 30,000 pages of rulemaking, and compared the 18 pages of Basel 1 to the more than 1,000 pages of Basel III. The fundamental question is whether that additional detail and complexity really adds greater safety to the financial system or has just the opposite effect and significantly increases the cost. Haldane’s analysis provides compelling evidence that increasing the complexity of financial regulation is a recipe for continuing crisis. Accordingly, Haldane calls for a different direction for supervisors with “…fewer (perhaps far fewer), and more (ideally much more) experienced supervisors, operating to a smaller, less detailed rule book.”

Although Haldane’s analysis and discussion focuses on the banking system, his assessment and recommendations should be considered carefully by global insurance regulators. The sheer volume and complexity of rules, models and reports that flood into regulatory bodies raise the real question of who reviews this information, who really understands it and, worst of all, does a mountain of detailed information create a false confidence that regulators have good visibility into the risks – particular the emerging risks – that insurers are facing? A real danger exists of not seeing the forest for the trees.

See also: To Predict the Future, Try Creating It  

Regulation should promote competitiveness rather than protectionism.

At a time when competition has been growing not only from within the established companies but also more importantly from outside the traditional companies, protectionism will only inhibit growth and stifle better understanding of risk in a rapidly changing business environment. The goal must be to make the industry more competitive and to encourage transfer of innovation and create better ways to address risk, distribution of products and climate changes. Protectionism will only limit the potential of growth of the industry and is both short-sighted and self-defeating.

Recognition of the importance of positive disruption through insurtech, fintech and innovation.

The consensus is that the insurance industry is ripe for disruption because it has been slow (but is now working hard) to modernize in view of an array of innovative and technological advancements. Equally, regulators are trying to catch up with the rapid changes and are trying to understand the impacts through sandbox experiments and running separate regulatory models. The pace is fast and presents challenges for the regulators. Solvency and policyholder protection remain paramount, but cybersecurity, data protection, artificial intelligence and the digital revolution make advancements every day. Where this will lead is not clear. But changes are happening and regulators must work to understand the impact and need to calibrate regulatory rules to keep up with the industry and encourage innovation.

Regulation must be transparent.

Too often, regulation is drafted in times of crisis or behind closed doors by regulators believing they know better how to protect policy holders and how to prevent abuse of the system. As we have said, getting it right matters. A strong and healthy industry is the best way to protect consumers and policy holders. Industry engagement is essential and acknowledging and actually incorporating industry’s views is critical. This is particularly true given the dramatic changes in the insurance sector and the need to adopt regulation to new economics, business practices and consumer needs and expectations

This is an excerpt from a report, the full text of which is available here.

DOL Fiduciary Rule: What It Means

In April 2016, the U.S. Department of Labor (DOL) released a regulatory package that established a new standard for fiduciary investment advice. Under the Fiduciary Rule, investment recommendation given to an employee benefit plan or an individual retirement account (IRA) is considered fiduciary investment advice and therefore must be in the “best interest” of the investor.

As a result, financial advisers who provide investment advice under the new standard now face limits on receiving commission-based compensation. Considering that 50% of U.S. financial assets is held in retirement accounts, the impact of the rule is significantly affecting insurers, broker dealers and investment managers.

The DOL has long been concerned that people rolling over assets from an employer-sponsored pension plan to an IRA are not being well-advised and, as a result, are investing in products that are not most suitable for their needs or are unnecessarily expensive. Central to the DOL concern is what it perceives to be a lack of transparency around the standard under which an adviser is providing advice and how he/she is compensated. This is not surprising because advisers operate under multiple standards, with a majority of asset flows falling under a “suitability” rather than fiduciary standard.

To address these concerns, the DOL expanded the definition of the term “investment advice” under ERISA, thereby imposing fiduciary status under both ERISA and the Internal Revenue Code on firms and advisers who provide investment advice under this expanded standard. A fiduciary is subject to the duties of prudence and loyalty and is prohibited from acting for his/her own interests or in a manner adverse to those of the ERISA plan or IRA. Accordingly, fiduciary status will have a fundamental impact on adviser compensation, as advisers who are fiduciaries may not use their authority to affect or increase their own compensation in connection with transactions involving an ERISA plan or IRA.

See also: Does DOL Ruling Require a Plan C?  

A catalyst of widespread organizational change

The DOL Rule is causing significant changes to the insurance industry that go well beyond compliance. While the industry needs to be prepared for the June 2017 applicability date, delayed from the original April date, the rule (even if delayed again) is also a catalyst for more meaningful change for both insurance manufacturers and distributors. In many cases, these changes have been contemplated for some time.

Compensation For starters, to mitigate any conflicts of interest resulting from distribution compensation, insurers should inventory current compensation and understand the impact of changing models to various distribution channels. The industry has been focusing on the issue of compensation for some time, anyway (e.g., moving to commissions for annuities), and the DOL rule provides further impetus for change. This change will not be easy, not least because the industry has a variety of products and uses different distribution models. To facilitate the transition to the new environment, carriers and distributors will need to understand the current hierarchy and how it might change.

  1. What is the distribution channel? Is the distributor a fiduciary? If so, what exception or exemption is the distributor using?
  2. How will changing the hierarchy affect agents’ livelihood?
  3. Do you risk losing agents to a carrier that will pay “conflicted” compensation?
  4. How do you factor in outside compensation (e.g., marketing fees and allowances, 12-B1 fees)?
  5. Depending on the product shelf, there will be different types of conflicts.
  6. Determine which transactions are prohibited. Determining “red” and “green” transactions should be relatively easy, but determining “yellow” ones will be much more difficult, especially because the rule is fairly ambiguous in this regard.
  7. Understand each other’s point of view. Distributors will create rules for types of compensation they will allow in their systems. Although they are currently uncertain about how they will have to adapt, carriers will have to change their compensation structures and communicate them to distributors.

Carriers and distributors will also need to safeguard against personal and organizational conflicts of interest.

  1. How do we pay our workforce and others?
  2. What is non-cash compensation?
  3. How do we provide incentives to agents to sell products and sell certain product classes over others?
  4. What is the difference between suitability and fiduciary?
  5. Inventory products and create a tool to identify potential conflicts. This will be a complex undertaking, but it will enable carriers to determine who and how much carriers pay and why, as well as if conflicts are permissible or need to be disclosed.
  6. Perform a compensation impact analysis; assess the performance of distribution compensation as it currently exists and what seems likely in the future. This should include an assessment of the future model’s effect on revenue, profitability, market position, channel attractiveness and overall company performance.
  7. As part of a change management strategy, ensure that there is regular, clear and informative communication – both internally and externally – on impending change.

Changes in agent training

Once the fiduciary rule is in effect, agents will need to be advisers first and sellers second. Even though many insurers, especially ones with captive sales forces, have already tightened sales practices in recent years, this does represent a genuine cultural shift and a novel convergence between compliance and sales and distribution. As a result, agents will need more training on their fiduciary role – all the way down to call center scripts – and, with rationalized product lines, most likely less product training than in the past.

Some carriers are experiencing impacts they didn’t foresee. Because of their increasing need to respond to fiduciaries’ requests, they’re having to adopt their distributors’ policies and procedures (including access data requests) and change their product portfolios, share classes and fee structures. If they don’t do this, they risk losing shelf space to insurers that do.

Product rationalization – The DOL rule is intensifying carriers’ and distributors’ focus on product rationalization. Smaller product portfolios and resulting streamlined distribution models will facilitate carrier understanding of its product suite and compliance risks when providing “best interest” advice to consumers, reduce training required for agents and help the industry reduce costs and increase scale. For example, with annuities:

  • There are many providers offering many similar products, and oftentimes riders emulate characteristics of other carriers’ products that companies can’t build themselves. The rule provides the industry further incentives to address the inherent inefficiency in this state of affairs.
  • When determining which products to sell, financial strength is going to be a key product rationalization consideration for distributors because compensation will be more normalized with fewer products. When product portfolios shrink, lower-rated carriers’ products aren’t going to receive shelf space, especially if distributors can’t clearly demonstrate their benefits to customers. As a result of portfolio rationalization and likely decreases in commissions, both carrier and distributor consolidation is likely to increase.
  • Moreover, this isn’t just a business decision but also a compliance one; distributors will have monitoring policy procedures to confirm adherence to this policy. Accordingly, distributors will have to establish a product selection methodology for each segment that accounts for appropriateness and applicability.

However, regardless of product, the challenges of rationalization also represent an opportunity for insurers to have more profitable product portfolios because they can focus on what they’re best at. They also should be able to create products that are less capital-intensive and, with a level fee/different fee structure, potentially profitable in earlier years. In addition, rationalization can help solve the challenge of a shrinking captive and independent agent workforce; fewer and more transparent products should reduce the need to replace many of the agents who are at or near retirement age. Because of the ability to inexpensively manage small accounts and automatically comply with fiduciary standards, as well as the potential to increase scale as needed, robo-advisers should become an even more popular way for insurers to sell products.

Data and technologyMoreover, the DOL rule makes capturing and maintaining new types of data a high priority for carriers and distributors. Agents will need to track, from the time contact is made with a client, how they acted in his/her best interest, and this record – which should be readily available to customers – will demonstrate that agents are being compliant (i.e., defensibility), as well as facilitate monitoring. Automating data capture, which should be especially effective via the robo-adviser channel, is the easiest way to ensure data is repeatable and transparent (again, defensible). This requires automating certain process to maintain compliance and be competitive in the future. Most of the industry has been aware of the need for technological changes, namely process automation, for some time – and many have been making them – but the DOL rule serves as yet another catalyst, especially for those companies that have been slow to act.

See also: Stepping Over Dollars to Pick Up Pennies  

Facilitating effective compliance

Distribution traditionally has had little to no involvement in regulatory compliance, and the DOL rule represents a new challenge for most organizations. We recommend that compliance should:

  1. Oversee distribution;
  2. Provide quarterly “health checks” to the board of directors in to review compliance on a quarterly basis;
  3. Maintain a traceability matrix that outlines key strategic and operational decisions related to rule requirements and thereby provides the company defensible documentation to minimize and mitigate losses.

Implications: Far beyond compliance

As a result:

  • The industry is likely to increase its already growing investments in and use of digital and online channels, including robo-advice.
  • Some insurers are divesting their broker-dealers; as a result, we expect to see consolidation among smaller insurance broker-dealers, independent broker-dealers and regional brokerages over the next three years.
  • The DOL’s move to increase transparency and eliminate conflicts of interest is helping drive convergence of regulation toward a broad fiduciary standard. Whether or not the SEC proposes to cover non-retirement accounts given the mandate for a federal uniform fiduciary standard under the Dodd-Frank Act, some fiduciary agents have already started to consider extending the DOL standard to an increased scope of accounts to avoid potentially awkward double standards for investors who hold both retirement and non-retirement accounts.

Regardless of political developments, we believe the rule’s core framework will remain intact. The industry has already made significant progress toward complying with it, and there is general recognition of the importance of removing conflicts of interest between financial advisers and retirement investors. As a result, financial advisers and firms should continue their work to meet the rule’s requirements.

Can Trump Make ‘the Cyber’ Secure?

I have to admit that when now-President Donald Trump uttered the phrase “The Cyber” during the first presidential debate, I was right there with the tech community in the eye-rolling that followed. “The Cyber” memes were born, along with real concern about the then-candidate’s grasp on cybersecurity, and, with the announcement of former New York City Mayor Rudy Giuliani as the cyber czar, those concerns multiplied.

The seeming “misunderestimation” — or possibly anti-comprehension — regarding something so crucial to national security may not on the surface seem like a consumer issue, but it is.

Our nation’s approach to cybersecurity at this juncture — beset by hostile state-sponsored attacks on our electoral process; expertise and secret information grabs from major industries and the federal government; and ransomware attacks — is a matter of the utmost urgency, and the now-president has said as much, to his credit.

But Trump’s response can’t be just a marketing move or a branding opportunity — things he gets. There must not be merely the appearance of change, with commissions talking and debating endlessly but with little to show for it. There must be actual boots-on-the-ground solutions — now.

Unfortunately, I don’t think that’s what will happen.

Consumer protection at risk

The Consumer Financial Protection Bureau specifically comes to mind if Trump does as many are predicting he will do and makes it yet another piece of President Obama’s dismantled legacy.

The CFPB was an important accomplishment of the Dodd-Frank Wall Street Reform and the Consumer Protection Act of 2010. The agency is charged with protecting consumers from the predatory financial practices that brought about the economic meltdown of 2007-08 and watching out for signs of future trouble. The CFPB has the power to ban financial products deemed “deceptive, unfair or abusive” and to impose penalties on companies that take advantage of consumers.

Barring a judicial miracle, current CFPB Director Richard Cordray is almost certainly going to receive one of Trump’s signature “you’re fired” communiqués. Worse, an anti-CFPB former Texas representative, Randy Neugebauer, appears to be the leading candidate to get the job.

See also: Election Elevates Cyber Issues for 2017  

Among other things, Neugebauer thinks that payday lenders are too roughly treated by the CFPB and that all business contracts should contain mandatory arbitration clauses (barring class action suits). He also thinks the CFPB should be headed not by a single director, but by a commission of people from both sides of the aisle. Those of us who support the CFPB believe that this would diminish the agency’s ability to go after dangerous practices that harm consumers in a timely and effective way.

The Trump transition team did not respond to a request for comment regarding its plans for the CFPB or Cordray.

This is about appointing the right people

It was reported that the cybersecurity czar role in the Trump administration will fall to the president’s close associate and campaign stalwart: Giuliani.

There is a connection here between what appears to be afoot at the CFPB and the next administration’s approach to cybersecurity. Both represent bad decisions based on a basic incomprehension of what is at stake and of what needs to happen next. The CFPB works — specifically, the single-director approach. Instead of hiring an opponent of the agency to presumably dismantle it, we should be using it as a model to create a single-director federal agency that emulates the CFPB to oversee cybersecurity.

As it stands, Giuliani will be bringing together experts working on cybersecurity solutions and business leaders who are targeted by hackers from the energy, financial and transportation sectors. The next step that is missing here is a government agency that can fine entities that do not meet the threshold for cybersecurity best practices — mandated employee education, maintaining technology and tools, hiring experts — that the agency would determine and set as a standard. (You can learn more about how to protect yourself from cyber threats like identity theft here and can monitor two of your free credit scores for signs of foul play every 14 days on Credit.com.)

In a recent interview, Giuliani said of the Trump, “He’s going to elevate this to a very large priority for the government — and I think, by doing this, he’s trying to elevate this as a priority for the private sector.”

Depending on private sector

As the Christian Science Monitor’s Passcode noted, quoting the former NYC mayor, the idea here is pretty simple: Trump will go straight to the public to “educate people on how important (cybersecurity) is, even to the point of their own personal protection.”

That is a fantastic idea that everyone should applaud. Whether the user is in the Pentagon or logging onto a free Wi-Fi network, our cybersecurity too often comes down to an individual clicking or not clicking on a malware-laden link or falling prey to some other security pratfall.

That said, any agency dedicated to cybersecurity would need to work closely with the military and intelligence communities and would also have to focus its resources on real solutions to the dangers we face, many of them extinction-level threats. The person running it would have to be at the cutting edge of cybersecurity best practices.

See also: Insurance Industry Can Solve Cyber  

When the news came down of Giuliani’s cyber czar role, experts almost immediately hit Twitter with reasons why this was a bad idea. (Trump’s team also didn’t respond to requests for comment regarding this choice. Giuliani was not readily available for comment, either.) As it happens, the cybersecurity community took a look at the website of Giuiliani’s cybersecurity company, giulianisecurity.com. They found serious problems, including expired SSL, no https and an exposed CMS login — just to name a few. You don’t need to know what these things are, but the cyber czar sure does. There can be no “oops” in his or her record.

Full disclosure: CyberScout sponsors ThirdCertainty. This story originated as an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

This article originally appeared on ThirdCertainty.

What Will Trump Mean for State Regulation?

Insurance is regulated by states, and the states’ laws are implemented and administered by state insurance commissioners. This was affirmed in 1945 by the McCarran-Ferguson Act. Under that act, states regulate the business of insurance unless the U.S. Congress decides otherwise. In the past six years, the federal government has with regularity encroached on areas previously controlled solely by state insurance commissioners, such as through the following federal actions:

  • The creation by the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) of the Federal Insurance Office (FIO)
  • Dodd-Frank’s creation of the Financial Stability Oversight Council (FSOC)
  • The Affordable Care Act (ACA)
  • The Department of Labor (DOL) fiduciary rule issued April 8, 2016

These federal encroachments have led to regulatory confusion. Although state insurance commissioners are the predominant regulator of licensed insurance carriers and producers, insurance companies that are deemed systemically important non-bank financial institutions are supervised both by the Federal Reserve and by their domestic state insurance regulators. This creates significant duplication and regulatory burden; the cost of that burden – as well as some of the confusion — is ultimately passed on to consumers. Under the ACA, for instance, state insurance regulators routinely must react to hundreds of pages of regulations that are published by the Centers for Medicare and Medicaid Services. Licensed insurance producers and carriers must overhaul their operations and distribution to comply with the 1,023-page DOL fiduciary rule.

See also: What Trump Means for Business  

As I see it, state legislatures have given state insurance regulators dual mandates: (1) to protect consumers from the moment of purchase through filing a claim and ultimately the payment or denial of that claim; and (2) to ensure companies are solvent and can meet their financial obligations to consumers. While insurance regulators at the state level can always improve, I do believe that collectively we do a commendable job. Insurance company failures are rare, and most states respond to consumer complaints in a very timely fashion.

Under a President Trump, I believe the role of state insurance regulators will grow as some federal regulations are eliminated. If Dodd-Frank is reviewed, the role of the FIO and even the FSOC could change. State regulators have argued tirelessly that the FIO is not a regulator and needs to stay in its lane as authorized under Dodd-Frank. State regulators are debating with the FIO the need for a covered agreement on reinsurance collateral and are worried about state law being preempted. I think that, under a Trump administration, state regulators may be listened to much more in this debate. State commissioners and the FSOC representatives with insurance experience have also worked to ensure that the FSOC recognize that insurance is not banking and that traditional insurance is not systemic to the global financial system. A Trump administration may agree with state insurance regulators on these issues and many more. Only time will tell, of course.

State insurance commissioners need to demonstrate through the execution of states’ dual mandates that we deserve the responsibility of supervising the insurance markets in our respective states and that we do it better than it could be done from the federal level. I believe the time for state insurance commissioners to shine is now, and I hope we all continue to deliver results as our roles as the regulators of insurance carriers and producers and as the protectors of consumers become increasingly important.

See also: What Trump Means for Workplace Wellness  

How to Improve Stress Testing

In spring 2016, PwC investigated the current state and future direction of stress testing. We surveyed 55 insurers operating in the US about their stress testing framework and the specific stresses that they test. We also engaged in more detailed dialogue with a number of insurers in the US and globally, as well as with some North American insurance regulators. Our principal conclusion is that stress testing, though well established, would benefit significantly from a modest amount of additional effort. Borrowing terminology from the Pareto principle, we think less than 20 percent more effort would yield 80 percent more value.

A brief history

Thanks to the requirements of the Dodd Frank Act of 2010, we expect that stress testing is the most widely recognized and understood risk management tool. The basic concept is relatively simple and most people in business and government readily accept the notion that if a specified future unfolded –say a repeat of the last economic crisis –it would be good to know ahead of time if banks would remain financially viable. After its initial introduction, stress testing continues to maintain a high level of attention via the ongoing publication of results from the Federal Reserve Board’s Comprehensive Capital Analysis and Review (CCAR) which the media, financial commentators, and the banks themselves eagerly anticipate.

It is easy to see how stress testing concepts in the Dodd Frank Act could apply to insurers. And, indeed the insurance industry (more specifically, its actuaries) has widely used stress testing and scenario analysis for decades.

More recently, 2013 was especially noteworthy for insurance stress testing, with publications on the subject by the North American CRO Council, the CRO Forum and the International Actuarial Association. From a regulatory perspective, the National Association of Insurance Commissioner’s (NAIC’s) Own Risk and Solvency Assessment (ORSA) calls for a prospective solvency assessment to ascertain that the insurer has the necessary available capital to meet current and projected risk capital requirements under both normal and stressed environments. In Canada, the Office of the Superintendent of Financial Institutions (OSFI) has provided clear direction on stress testing governance and methodology in its 2009 publication on Sound Business and Financial Practices (Guideline E-18). It also is noteworthy that, in Europe, despite all of the attention lavished on Solvency II and internal capital models, the European Insurance and Occupational Pensions Authority (EIOPA) launched a Europe-wide stress test for the insurance sector in May 2016.

Equally as important as the regulatory initiatives are the business applications and benefits of stress testing. As we address in more detail below, survey results show that insurers make good use of this risk management tool and are looking to expand its application even further.

A little more effort

We see three areas where only a little more effort can yield substantial benefit: 1) a clearer definition of stress testing, 2) more thoughtful stress construction, and 3) a more robust stress testing platform.

As a start, it will be useful to clarify what we mean by stress testing. As we use the term here, we mean a projection of income statements, balance sheets and –most importantly –projected available and required capital over a multiyear business planning timeframe (including new business over the planning timeframe). Typically the test is done for the entire enterprise and includes a base case and a number of stressed future states. This definition of stress testing is consistent with how both insurance (ORSA Guidance Manual) and banking (FRB CCAR) regulators use the term. It contrasts with risk-specific stress testing. Risk-specific stress testing typically looks at a single risk, often only for the part of the enterprise susceptible to that risk. And, it frequently assesses the impact over a range of stochastically determined scenarios. Distinguishing between stress testing and risk-specific stress testing needs little effort but can help companies avoid considerable confusion as they enhance and apply stress testing capabilities. Only with clear definitions can an insurer evaluate whether or not it has deployed the tool effectively. A vague notion of stress testing taking place somewhere in the organization typically means that there is unawareness of potential gaps in the enterprise risk management (ERM) framework.

See also: The Key Role for Stress Tests in ERM

Another area where we believe a little more attention would pay major benefits is the development of comprehensive stress scenarios. When describing future states, insurers have many factors to consider in order to articulate the risks that can impact their business. As an indication of the range of these factors, the section of our survey that addressed stresses had 32 questions, many with sub-parts, each covering a different risk. However, rather than starting with an effort to combine all of these risks, stress testing benefits from starting instead with a narrative that articulates a potential future and then addresses how that future would impact the insurer through various risk factors. For example, a stress narrative could be based on a prognosis of an ongoing steady decline in the price of oil and other commodities, then a postulation of the resulting impact on economic growth, interest rates, equity valuation, employment rate, etc. The narrative then could move to an analysis of the impact of these factors on the insurer’s risks, leading to a projection of how the company’s income statement, balance sheet, available and required capital would fare if this future, in fact, unfolded.

Lastly, we note that despite the considerable attention and utilization of stress testing as a management tool, it appears that, for many insurers, the infrastructure that produces results is ad hoc and likely inefficient. Our survey indicates that only 10% of respondents have built a bespoke platform for stress testing. 78% of them use spreadsheets alone or spreadsheets combined with actuarial/projection software. In terms of how long it takes to conduct stress tests, 42% of respondents indicate the process takes between one and two months. A further 35% report that it takes more than two months, and sometimes longer than three months.

While systems infrastructure updates do not normally result in major improvements from little effort, many insurers, particularly in the life sector, have already embarked on a process of modernization. As they are looking to address their risk, actuarial, and financial reporting needs in a comprehensive manner, we recommend that stress testing capabilities receive high priority. With a modest amount of extra effort, insurers should be able to incorporate significant enhancement to their stress testing platform as part of this modernization. This in turn will yield the benefit of more timely, accurate and insightful stress testing results.

A lot more value

Insurers already use their stress testing for many purposes. Survey results show that respondents currently utilize their stress testing for an average of almost five different uses. Additionally, respondents indicated they each had plans to add almost four new uses in the future. More than half of the respondents reported using their stress testing work for strategic planning, calibrating their risk tolerances and limits, assisting with dividend, share-repurchase and similar capital planning, and regulatory impact assessments. These are critical business decisions and further highlight the value of stress testing.

Furthermore, stress testing usage has had a positive impact at a significant majority of respondents’ companies. 36% reported instances where key decisions have been made very differently compared to the process prior to stress testing. An additional 29% reported that the results of stress testing has a measureable influence on decision making, though no specific decisions were cited.  

See also: New Approach to Risk and Infrastructure?

More benefits

We see a few additional areas where better articulated stress testing processes and procedures could result in significant benefits.

  • Recognize that stress testing is a separate tool in the risk manager’s tool kit–Frequently, publications and discussions on insurance stress testing describe it as something that supplements other risk management tools. We believe that relegating stress testing to supplementary status undervalues its benefits and contribution. It would be more productive to recognize stress testing for what it truly is: a separate tool with different strengths and applicability compared to VAR-based economic capital.

Some risks –for example, liquidity risk –can be addressed only via a stress test. Adding more required capital does not effectively address the problem; liquidity risk needs to be addressed by developing a preplanned course of action, including accessing prearranged liquid funds. Likewise, reputational risk –and in particular the reputational impact of a cyber event –is better addressed via the stress test tool than via the economic capital route (and the potential addition of more required capital).

Similarly, for some risks where economic capital looks like a satisfactory tool, it can give misleading information. Often pertinent risks only reveal themselves fully via stress testing. New business is a good example. Economic capital can include one or more years of new business, typically by assuming new business premium, claims, expenses, etc. are a replica of previous years’ values. But this fails to provide a platform to study how external factors could impact the insurer’s fundamental business model, leading to little or no sales of any new business that resembles prior years’ business.

Lastly, we note that most other measures, especially traditional economic capital, concern themselves primarily with very extreme, “in the tail” events. Stress testing is useful not only for high impact, low probability events. More likely events warrant attention –in fact, they may warrant more attention because they often represent more tangible and practical problems that management needs to address immediately.

  • Use stress testing to “war game” management action and prepare in advance for risk crises –In our survey, we asked insurers if stress testing incorporates management actions. In other words, as stress events unfold, presumably management would take some form of corrective action in response, and that corrective action would impact future financial results. Almost half said they do not incorporate management actions. We believe this is a significant oversight.

Stress testing provides a ready platform to prepare in advance for risk crises. Insurers can use the tool to test different responses and select the one that yields the most effective resolution. They then can put in place a contingency plan and pre-event corrections appropriate to the event.

Here again stress testing can provide a different perspective than economic capital and similar measures. Economic capital works well as a tool to quantify the impact of taking certain types of action in the present. For example, it can help determine the reduction in required capital if a particular reinsurance treaty were implemented. On the other hand, faced with a multifactor, multiyear stress event (perhaps including changes in interest rates, inflation and equity values, with increases in unemployment and deteriorating buying patterns), stress testing would be a more effective tool in judging if and when to reconfigure the asset portfolio, alter products and prices, and the cost and manner of reconfiguring staffing models.

It is worth noting that, in our discussions with regulators about the merits of including the impact of management actions, their expectations are that, yes, insurers should include them. They recognize the benefit that stress testing can provide as an opportunity for planning ahead. However, they indicated that it would be appropriate to show the stressed result both before and after the application of management action. Showing both results can help promote thoughtfully developed post-management action results, not just a broad assumption that management will take appropriate actions.

  • Take advantage of the board’s and senior management’s broad business insights to construct more insightful stress narratives –Our survey shows that most boards receive the results of the stress test either directly or via the risk committee of the board. However, only 11% report asking either the board or board risk committee to approve the stresses the company uses. We believe this represents a missed opportunity to gain board members’ insights and benefit from their engagement in the stress testing process. Not all directors will necessarily have detailed knowledge of the range of potential outcomes of all of the risks that can impact an insurer or the potential stochastic distributions of those risks, but directors typically are experienced and knowledgeable, often with a high level of business and economic acumen. Utilizing their individual and collective skills to contribute ideas on the types of stresses that merit study seems like a good fit for their role and an effective complement to managements’ efforts.
  • Stress testing represents a potential avenue for global capital consistency –As a final potential benefit, we note again that stress testing seems to have a role in all major insurance and other financial services regulatory regimes. At the same time, the global insurance industry is challenged by the task of agreeing to a capital adequacy ratio, presumably based on an economic capital VAR-like foundation. A simpler capital formulation coupled with a robust stress testing regime may hold more promise for a globally agreeable approach.

See also: Key Regulatory Issues in 2016 (Part 2)

A bright future

Based on survey results and various discussions we had with insurers and other stakeholders, stress testing is universally accepted as a useful tool. We suspect that this is a consequence of its being directly related to the common business practice of preparing a financial plan. Including a few more future states or stresses and incorporating a measure of required and available capital in the financial plan are not major steps. Accordingly, the transition from planning to stress testing should be easy to accommodate. We note how sharply this contrasts with the introduction of economic capital, especially in the US insurance industry. Though its usage is growing, economic capital is not a uniformly accepted regulatory and business tool even after two decades. On the other hand, stress testing is already actively and universally used as a management and regulatory tool. With a little more effort, we believe it can yield very substantial benefits for all.