Tag Archives: financial stability oversight council

What Will Trump Mean for State Regulation?

Insurance is regulated by states, and the states’ laws are implemented and administered by state insurance commissioners. This was affirmed in 1945 by the McCarran-Ferguson Act. Under that act, states regulate the business of insurance unless the U.S. Congress decides otherwise. In the past six years, the federal government has with regularity encroached on areas previously controlled solely by state insurance commissioners, such as through the following federal actions:

  • The creation by the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) of the Federal Insurance Office (FIO)
  • Dodd-Frank’s creation of the Financial Stability Oversight Council (FSOC)
  • The Affordable Care Act (ACA)
  • The Department of Labor (DOL) fiduciary rule issued April 8, 2016

These federal encroachments have led to regulatory confusion. Although state insurance commissioners are the predominant regulator of licensed insurance carriers and producers, insurance companies that are deemed systemically important non-bank financial institutions are supervised both by the Federal Reserve and by their domestic state insurance regulators. This creates significant duplication and regulatory burden; the cost of that burden – as well as some of the confusion — is ultimately passed on to consumers. Under the ACA, for instance, state insurance regulators routinely must react to hundreds of pages of regulations that are published by the Centers for Medicare and Medicaid Services. Licensed insurance producers and carriers must overhaul their operations and distribution to comply with the 1,023-page DOL fiduciary rule.

See also: What Trump Means for Business  

As I see it, state legislatures have given state insurance regulators dual mandates: (1) to protect consumers from the moment of purchase through filing a claim and ultimately the payment or denial of that claim; and (2) to ensure companies are solvent and can meet their financial obligations to consumers. While insurance regulators at the state level can always improve, I do believe that collectively we do a commendable job. Insurance company failures are rare, and most states respond to consumer complaints in a very timely fashion.

Under a President Trump, I believe the role of state insurance regulators will grow as some federal regulations are eliminated. If Dodd-Frank is reviewed, the role of the FIO and even the FSOC could change. State regulators have argued tirelessly that the FIO is not a regulator and needs to stay in its lane as authorized under Dodd-Frank. State regulators are debating with the FIO the need for a covered agreement on reinsurance collateral and are worried about state law being preempted. I think that, under a Trump administration, state regulators may be listened to much more in this debate. State commissioners and the FSOC representatives with insurance experience have also worked to ensure that the FSOC recognize that insurance is not banking and that traditional insurance is not systemic to the global financial system. A Trump administration may agree with state insurance regulators on these issues and many more. Only time will tell, of course.

State insurance commissioners need to demonstrate through the execution of states’ dual mandates that we deserve the responsibility of supervising the insurance markets in our respective states and that we do it better than it could be done from the federal level. I believe the time for state insurance commissioners to shine is now, and I hope we all continue to deliver results as our roles as the regulators of insurance carriers and producers and as the protectors of consumers become increasingly important.

See also: What Trump Means for Workplace Wellness  

Key Regulatory Issues in 2016 (Part 2)

The complexities of the current regulatory environment undoubtedly pose significant challenges for the broad spectrum of financial services companies, as regulators continue to expect management to demonstrate robust oversight, compliance and risk management standards. These challenges are generated at multiple, and sometimes competing, levels of regulatory authority, including state and local, federal and international, and, in some cases, by regulatory entities that have been newly formed or given expanded authority. Their demands are particularly pressing for the largest, most globally active firms, though smaller institutions are also struggling to optimize business models and infrastructure to better address the growing regulatory scrutiny and new expectations.

In the first part of this two-part series, we covered the first five key regulatory issues we anticipate will have an impact on insurance companies this year. Here are the final five:

6. Transforming the Effectiveness and Sustainability of Compliance

Compliance continues to be a top concern for financial institutions and insurance companies as the pace and complexity of regulatory change, coupled with increased regulatory scrutiny and enforcement activity, have pushed concerns about reputation risk to new levels. These firms need to be able to respond to changes in their internal and external environments with flexibility and speed to limit the impact from potentially costly business shifts or compliance failures. To do so, however, can demand enhancements to the current compliance risk management program that build adaptability into the inter-relationships of the people, processes and technologies supporting compliance activities; augment monitoring and testing to self-identify compliance matters and expand root cause analysis; and integrate compliance accountability into all facets of the business. Compliance accountability starts with a strong compliance culture that is supported by the “tone from the top” and reaches across all three lines of defense, recognizing that each line plays an important role within the overall risk management governance framework. Transforming compliance in this way allows it to align on an enterprise-wide basis with the firm’s risk appetite; strategic and financial objectives; and business, operating, functional and human capital models.

7. Managing Challenges in Surveillance, Reporting, Data and Control

Driven largely by regulatory requirements and industry pressures
for increased speed and access, trade and transaction reporting has become increasingly complex. Capturing and analyzing vast amounts of data in real time remains a massive challenge for financial services firms, as regulators continue to initiate civil and criminal investigations and levy heavy fines on broker-dealers, investment banks and insurance companies based on failures to completely and accurately report required information. In addition, ensuring compliance with federal and state laws prohibiting money laundering, financial crimes, insider trading, front running and other market manipulations and misconduct remains critically important. In the coming year, it will be essential for financial institutions and insurance companies to reassess the strength and comprehensiveness of their compliance risk management programs to better manage and mitigate both known and emerging regulatory and legal risks and respond to prospective market structure reforms.

See Also: Should We Take This Risk?

8. Reforming Regulatory Reporting

The financial services industry, including the insurance sector, continues to face challenges around producing core regulatory reports and other requested financial information, as demands from both regulators and investors have increased exponentially in the wake of the financial crisis. For insurance companies, the IAIS faces a significant challenge as there is no common basis of accounting applied across jurisdictions, either for regulatory or financial reporting purposes. The need for consistent regulatory reporting has been highlighted by the efforts of the IAIS to develop an insurance capital standard for IAIGs as well as basic capital requirements (BCR) and a higher loss absorbency (HLA) for global systemically important insurers. The IAIS is moving toward a market-consistent basis of valuation for both assets and liabilities to underpin this effort. Complementing the work previously performed by the Financial Stability Oversight Council, which solicited comment on certain  aspects of the asset management industry that included requests for additional financial information that would be helpful to regulators and market participants, the SEC published rules to modernize and improve the information reported and disclosed by registered investment companies and investment advisers (Investment Company Reporting Modernization, proposal published in June 2015).

Among other areas of reform, the SEC’s rule is intended to provide enhanced information that will be used to monitor risks in the asset management industry as a whole and increase the transparency of individual fund portfolios, investment practices and investment advisers, particularly for derivatives, securities lending and counterparty exposures. Fund administrators and managers will likely need to carefully contemplate and implement new governance, operational and reporting capabilities that will be necessary to support enhanced reporting and disclosure requirements.

9. Examining Capital

Recovery and Resolution Planning and the EPS for large U.S. bank holding companies, foreign banking organizations and insurance and nonbank financial companies have brought capital planning and liquidity risk management to the forefront, as regulators have sought to restore both public and investor confidence in the aftermath of the financial crisis. Financial institutions, including nonbank SIFIs, are required to demonstrate their ability to develop internal stress testing scenarios that properly reflect and aggregate the full range of their business activities and exposures, as well as the effectiveness of their governance and internal control processes. A growing number of state regulators have adopted the Own Risk and Solvency Assessments (ORSA) requirement to support insurers’ risk management and capital adequacy.

The international development of an insurance capital standard for IAIGs continues along with BCR and HLA requirements. In the U.S., the NAIC and state regulators are working closely with the Federal Insurance Office, the Federal Reserve and industry participants to develop a group capital assessment. Insurers, however, are challenged to fit capital requirements originally designed for banks into the insurance business model along with group capital into local entity capital requirements. The potential variability and current uncertainty resulting from these and other pending requirements may limit funding flexibility and make capital planning difficult, as financial institutions will need to consider the ties between capital and liquidity in areas such as enterprise-wide governance, risk identification processes, related stress testing scenarios and interrelated contingency planning efforts.

10. Managing the Complexities of Cross-Border Regulatory Change

The largest financial institutions and insurance companies must now understand and manage regulatory mandates across more jurisdictions and services than ever before. Regulatory obligations and cross-border pressure points continue to challenge global financial firms to move past their current reactionary mode of response to tackling high-impact regulatory change. For insurers and their regulators (both international and domestic), the integration of ComFrame (Common Framework) into local entity requirements as they are adopted by individual jurisdictions will be such a challenge. Anticipating the recognition of “equivalence” or a covered agreement for certain U.S. regulations under Solvency II for U.S. insurers operating in Europe is another. However, to address these challenges, financial institutions and insurance companies will need to consider implementing a regulatory change management framework that is capable of centralizing and synthesizing current and future regulatory demands and incorporates both internally developed and externally provided governance, risk management, and compliance regulatory change tools. This framework will enable financial entities to improve coordination across their operations and gain insights that can improve overall performance, ensure risk management and compliance controls are integrated into strategic objectives, avoid redundancy and rework and better address regulatory expectations in a practical and efficient way.

This piece was co-written by Amy Matsuo, Tracey Whille, David White and Deborah Bailey.

Key Regulatory Issues in 2016 (Part 1)

The complexities of the current regulatory environment undoubtedly pose significant challenges for the broad spectrum of financial services companies, as regulators continue to expect management to demonstrate robust oversight, compliance and risk management standards. These challenges are generated at multiple (and sometimes competing) levels of regulatory authority, including local, state, federal and international, as well as, in some cases, by regulatory entities that are new or have been given expanded authority. Their demands are particularly pressing for the largest, most globally active firms, though smaller institutions are also struggling to optimize business models and infrastructures to better address the growing regulatory scrutiny and new expectations.

Across the industry, attentions are focused on improving overall financial strength and stability, guided by the recommendations of international standards-setting bodies and U.S. regulatory mandates that encompass governance, culture, risk management, capital and liquidity. Though historically under the purview of individual states, the insurance sector in the U.S. has been responding to influences at both the international and federal levels. The efforts of the International Association of Insurance Supervisors (IAIS) to develop insurance core principles (ICPs), a common framework for the supervision of internationally active insurance groups (IAIGs) and capital standards, have all laid the foundation for global regulatory change. These efforts have been further supported by new authorities given to the Federal Reserve Board, the Financial Stability Oversight Council and the Federal Insurance Office and by the designation of certain nonbank insurance companies as systemically important financial institutions (SIFIs). Following are some of the key regulatory issues we anticipate will have an impact on insurance companies this year:

1. Strengthening Governance and Culture

Despite heightened attention from regulators and organizations to strengthen governance structures and risk controls frameworks, instances of misconduct (i.e., professional misbehavior, ethical lapses and compliance failures) continue to be reported across
the financial services industry, including the insurance sector,
with troubling frequency. Boards and senior management are
now expected to define and champion the desired culture within their organizations; establish values, goals, expectations and incentives for employee behavior consistent with that culture; demonstrate that employees understand and abide by the risk management framework; and set a “tone from the top” through their own words and actions.

Line and middle managers, who are frequently responsible for implementing organizational changes and strategic initiatives, are expected to be similarly committed, ensuring the “mood in the middle” reflects the tone from the top. Regulators are also assessing an organization’s culture by looking at how organizations implement their business strategies, expecting firms to place the interests of all customers and the integrity of the markets ahead of profit maximization. They will consider business practices and associated customer costs relative to the perceived and demonstrable benefit of an individual product or service to the customer, giving attention to sales incentives and product complexities.

State and federal insurance regulators have joined the global push for enhanced governance, and, in 2016, insurers can expect heightened attention in this area through the Federal Reserve Board’s (Federal Reserve) supervision framework and its enhanced prudential standards (EPS) rule; the Financial Industry Regulatory Authority’s (FINRA) targeted review of culture among broker-dealers; and the National Association of Insurance Commissioners’ (NAIC) Corporate Governance Annual Disclosure Model Act, which became effective Jan. 1, 2016, and requires annual reporting following adoption by the individual states. Given the regulatory focus on conduct, insurers might experience some pressures to put in place governance and controls frameworks that specifically recognize and protect the interests of policy holders.

2. Improving Data Quality for Risk Data Aggregation and Risk Reporting

Financial institutions continue to struggle with improving their risk-data aggregation, systems and reporting capabilities, which means insurers, in particular, will be challenged to handle any coming changes in regulatory reporting, new accounting pronouncements, enhanced market opportunities and increasing sources of competition because of legacy actuarial and financial reporting systems. These data concerns are augmented by information demands related to emerging issues, such as regulatory interest in affiliated captives. In addition, there are expected requirements of anticipated rulemakings, such as the Department of Labor’s Fiduciary Rule, which necessitates a new methodology or perspective regarding product disclosure requirements and estimations of the viability and benefits of individual products. There is also the Federal Reserve’s single counterparty credit limit (SCCL) rule, which requires organizations, including nonbank SIFIs, to track and evaluate exposure to a single counterparty across the consolidated firm on a daily basis. Quality remains a challenge, with data integrity continually compromised by outmoded technologies, inadequate or poorly documented manual solutions, inconsistent taxonomies, inaccuracies and incompleteness.

Going forward, management will need to consider both strategic- level initiatives that facilitate better reporting, such as a regulatory change management strategic framework, and more tactical solutions, such as conducting model validation work, tightening data governance and increasing employee training. By implementing a comprehensive framework that improves governance and emphasizes higher data-quality standards, financial institutions and insurance companies should realize more robust aggregation and reporting capabilities, which, in turn, can enhance managerial decision making and ultimately improve regulatory confidence in the industry’s ability to respond in the event of a crisis.

See Also: FinTech: Epicenter of Disruption (Part 1)

3. Harmonizing Approaches to Cybersecurity and Consumer Data Privacy

Cybersecurity has become a very real regulatory risk that is distinguished by increasing volume and sophistication. Industries that house significant amounts of personal data (such as financial institutions, insurance companies, healthcare enrollees, higher education organizations and retail companies) are at great risk of large-scale data attacks that could result in serious reputational and financial damage. Financial institutions and insurance companies
in the U.S. and around the world, as well as their third- party service providers, are on alert to identify, assess and mitigate cyber risks. Failures in cybersecurity have the potential to have an impact on operations, core processes and reputations but, in the extreme, can undermine the public’s confidence in the financial services industry as a whole. Financial entities are increasingly dependent on information technology and telecommunications to deliver services to their customers (both individuals and businesses), which, as evidenced by recently publicized cyber hacking incidences, can place customer-specific information at risk of exposure.

Some firms are responding to this link between cybersecurity and privacy by harmonizing the approach to incidence response, and most have made protecting the security and confidentiality of customer information and records a business and supervisory priority this year. State insurance regulators have a significant role in monitoring insurers’ efforts to protect the data they receive from policyholders and claimants. In addition, they must monitor insurers’ sales of cybersecurity policies and risk management services, which are expected to grow dramatically in the next few years. Insurers are challenged to match capacity demands, which may lead to solvency issues, with buyers’ needs and expectations for these new and complex product offerings. The NAIC, acting through its cybersecurity task force, is collecting data to analyze the growth of cyber-liability coverage and to identify areas of concern in the marketplace. The NAIC has also adopted Principles for Effective Cybersecurity: Insurance Regulatory Guidance for insurers and regulators as well as the Cybersecurity Consumer Bill of Rights for insurance policyholders, beneficiaries and claimants. Insurance regulatory examinations regularly integrate cybersecurity reviews, and regulatory concerns remain focused on consumer protection, insurer solvency and the ability of the insurer to pay claims.

4. Recognizing the Focus on Consumer Protection

In the past few years, the Consumer Financial Protection Bureau and the Federal Trade Commission have pursued financial services firms (including nonbanks) to address instances of consumer financial harm resulting from unfair, deceptive or abusive acts or practices. The DOL Fiduciary Rule redefines a “fiduciary” under the Employee Retirement Income Security Act to include persons — brokers, registered investment advisers, insurance agents or other types of advisers — that receive compensation for providing retirement investment advice. Under the rule, such advisers are required to provide impartial advice that is in the best interest of the customer and must address conflicts of interest in providing that advice. Though intended to strengthen consumer protection for retirement investment advice, the rule is also expected to pose wide-ranging strategic, business, product, operational, technology and compliance challenges for advisers.

In addition, the Securities and Exchange Commission (SEC) has announced it will issue a rule to establish a fiduciary duty for brokers and dealers that is consistent with the standard of conduct applicable to an investment adviser under the Investment Advisers Act (Uniform Fiduciary Rule). The consistent theme between these two rules is the focus on customer/investor protection, and the rules lay out the regulators’ concern that customers are treated fairly; that they receive investment advice appropriate to their investment profile; that they are not harmed or disadvantaged by complexities in the investments markets; and that they are provided with clear descriptions of the benefits, risks and costs of recommended investments. In anticipation of these changes, advisers are encouraged to review their current practices, including product offerings, commissions structures, policies and procedures to assess compliance with the current guidance (including “suitability standards” for broker/dealers and fiduciary standards for investment advisers, as appropriate) as well as to conduct impact assessments to identify adjustments necessary to comply with the DOL Fiduciary Rule. Such a review should consider a reassessment of business line offerings, product and service strategies and adviser compensation plans.

5. Addressing Pressures From Innovators and New Market Entrants

The financial services industry, including the insurance sector, is experiencing increased activity stemming, in large part, from the availability of products and services being introduced to meet the growing demand for efficiency, access and speed. Broadly captioned as financial technology, or FinTech, innovations such as Internet-only financial service companies, virtual currencies, mobile payments, crowdfunding and peer-to-peer lending are changing traditional banking and investment management roles and practices, as well as risk exposures. The fact that many of these innovations are being brought to market outside of the regulated financial services industry — by companies unconstrained by legacy systems, brick-and- mortar infrastructures or regulatory capital and liquidity requirements — places pressures on financial institutions to compete for customers and profitability and raises regulatory concerns around the potential for heightened risk associated with consumer protection, risk management and financial stability.

For insurance companies, the DOL Fiduciary Rule will affect the composition of the retirement investment products and advice they currently offer and, as such, creates opportunity for product and service innovation as well as new market entrants. Insurers will want to pursue a reassessment of their business line offerings, product and service strategies, and technology investments to identify possible adjustments that will enhance compliance and responsiveness to market changes. Regulators will be monitoring key drivers of profit and consumer treatment in the sale of new and innovative products developed within and outside of the regulated financial services industry.

This piece was co-written by Amy Matsuo, Tracey Whille, David White and Deborah Bailey. 

US Insurers Must Contend With Federal Overseers

Since 1851, when the first state insurance regulator was established, the US insurance industry has had to comply only with the laws of a regulatory system that is state-based. However, that changed when the Dodd-Frank Wall Street Reform and Consumer Protection Act (the Dodd-Frank Act) passed into law on July 21, 2010. The Dodd-Frank Act, which is the US Federal Government’s response to the 2007-2008 financial crisis, created several entities including the Federal Insurance Office (FIO) and the Financial Stability Oversight Council (FSOC). Both of these entities are authorized to be involved in the insurance regulatory system, albeit with different degrees of authority and oversight.

Ovum’s recently published report 2013 US Insurance Regulatory Landscape discusses the strengthening presence of the federal government in US insurance regulation, four interdependent initiatives that US insurers need to implement to comply with regulations, and the expanding role that technology can play in supporting US insurers as they prepare for regulatory compliance.

Federal Presence In The US Insurance Regulatory System Has Strengthened
State-based insurance regulators can be forgiven for believing that the regulatory system they have in place, and are continually reshaping to align with market realities, has continued to prove worthy to both consumers and insurance companies. Be that as it may, the Dodd-Frank Act is now law and the FSOC and the FIO are now active participants in the US insurance regulatory system. Both entities have authority and responsibilities that could transform the US insurance system. Only time will tell whether their existence is a net positive for insurance companies domiciled in the US and international insurers conducting business in the US.

Insurers should familiarize themselves with the roles and responsibilities of the FSOC and FIO. The FSOC will identify and respond to threats to the financial stability of the US and promote market discipline. The FIO has a number of responsibilities, including: recommending to the FSOC when an insurer (and its affiliates) should be designated a “systemically important financial institution” (SIFI), thus making it subject to additional capital requirements set by the Federal Reserve; representing the US in matters relating to international insurance regulation; monitoring the extent to which traditionally underserved communities, consumers, minorities, and those of low-to-moderate income can access affordable insurance products; and assisting the Secretary of the Treasury and other officials in administering the Terrorism Risk Insurance Program.

Insurers Must Implement Four Interdependent Initiatives To Enable Readiness To Comply With State And, Potentially, Federal Regulations
Insurers should create and continue to strengthen four interdependent initiatives to ensure their readiness to comply with regulation, which encompass monitoring, management, analysis, and reporting.

  • Monitoring initiatives include monitoring and capturing: any legislative bills available for public comment; discussions from the insurance legislators in each state, the NAIC, the FIO, the FSOC, the various influencer groups, and online trade press articles and commentary concerning legislative issues impacting the insurance industry; and existing regulations and proposed and actual changes to these regulations for each state in which the company conducts and wants to conduct business.
  • Management initiatives include storing, cleaning, tagging, and otherwise preparing the primarily unstructured content captured above, for analysis and preliminary preparation of regulatory compliance initiatives.
  • Analysis initiatives include analyzing the captured content’s potential impact on existing company regulatory compliance initiatives or the resources needed to create new initiatives. The analysis is likely to encompass financial analysis and modeling if the regulatory discussion impacts the amount of capital reserves the insurance company will need, or alters the investments it can make or the mix of risks it can insure. It also includes the creation of interactive dashboards that enable insurance executives and legal, compliance, and other insurance departments to track compliance with state and, where necessary, federal regulations.
  • Reporting initiatives include creating reports for internal insurance company use, for each state insurance commissioner’s office for the states in which the company conducts business, and, where necessary, for the FIO and the FSOC.

Technology Has A Growing Role To Play In Enabling Insurers To Comply With Regulations
To remain knowledgeable about what is happening, be prepared for any changes to requirements, and comply with existing regulations, insurers should use:

  • Text data mining/semantic technology to create a tagged and searchable repository of existing and pending regulations.
  • Master data management (MDM) applications to establish, maintain, and update a repository of existing and proposed industry regulations.
  • Analytics, including predictive analytics, to measure the company’s capital adequacy and ensure it complies with state and, where necessary, FIO and FSOC requirements, and to model and project the company’s current and projected density of risk (i.e. total exposure across all insurance lines of business that the insurer is selling for all or specific geographies).
  • Data visualization to create dashboards to track the company’s alignment with regulatory deadlines and capital requirements, and its progress toward adopting insurance regulatory initiatives (e.g. uniform producer licensing).
  • Database technologies to create, store, and manage producer demographic, insurance experience, training, and licensing information for every insurance company producer (i.e. agent/broker/financial advisor) for each insurance line of business, for every state (or jurisdiction) in which the agent is legally authorized to sell insurance.
  • Collaboration and communications technologies within the insurance company, including the agent/broker/financial advisor intermediaries, to discuss progress toward regulatory compliance including concerns or problems and potential solutions if the company believes it is non-compliant on certain issues.
  • Reporting capabilities to create compliance reports and send them to internal insurance departments, to each state insurance commissioner’s office for each state in which the company conducts business, and, where necessary, to the FIO and the FSOC.