Tag Archives: regulator

Transparent Reinsurance for Health

Transparent reinsurance programs could emerge as significant opportunities for healthcare providers, issuers, reinsurers, technology innovators and regulators to address health insurance.

The message is clear. Having to factor in higher costs associated with new entrants to the healthcare system gives insurance firms license to charge higher rates. If these new people were put into a reinsurance pot for three to five years with costs spread over all insurers, no one insurer would be unnecessarily burdened. After this period, costs for these entrants could be reexamined and a decision could be made on how to proceed with them, depending upon the deviation from the remaining population.

Several factors are coming into play. 

United Health Group indicates it will be leaving all but a few of the 34 states where it is offering health insurance under Obamacare.

A fresh Blue Cross Blue Shield study finds recent Obamacare entrants have higher rates of specific illnesses and used more medical services than early entrants. “Medical costs of care for the new individual market members were, on average, 19% higher than employer-based group members in 2014 and 22% higher in 2015. For example, the average monthly medical spending per member was $559 for individual enrollees versus $457 for group members in 2015,” the study found.

What emerges in conversations with economists, regulators and healthcare actuaries is a sense that properly designed, fair and transparent reinsurance could—and would—advance industry and public policy goals to continue insurance for all at affordable prices. This approach would represent tangible improvements over inefficient, incumbent systems. Information would be used by insurers and reinsurers, providers and regulators and, crucially, insureds to establish best performances for healthcare outcomes and expenses. Virtually everyone knows that state or regional reinsurance would have to be mandated, as voluntary systems could be gamed.

“The implementation of new policies, the availability of research funding, payment reform and consumer- and patient-led efforts to improve healthcare together have created an environment suitable for the successful implementation of patient-reported outcome measures in clinical practice,” fresh research in Health Affairs also indicates.

Risk analysis technologies could help issuers, reinsurers, healthcare institutions and citizens rein in the healthcare system’s enormous costs. Earlier this year, the Congressional Budget Office and Joint Committee on Taxation projected that, “in 2016, the federal subsidies, taxes and penalties associated with health insurance coverage will result in a net subsidy from the federal government of $660 billion, or 3.6% of gross domestic product (GDP). That amount is projected to rise at an average annual rate of 5.4%, reaching $1.1 trillion (or 4.1% of GDP) in 2026. For the entire 2017–2026 period, the projected net subsidy is $8.9 trillion.”

CBO/JCT published this stunning projection amid consensus that $750 billion to $1 trillion of wasted spending occurs in healthcare in the U.S. “Approximately one in three health care dollars is waste,” Consumer Reports says.

Key metrics should focus on estimates of risk using demographics and diagnoses; risk model descriptions; calculation of plan average actuarial risk; user-specified risk revealing and detailing information; drill-down capabilities clarifying research; monitoring and control; and calculation and comparison measures to address reinsurance validation.

Several major refinements yielding and relying upon granular, risk-revealing data and metrics would support more efficient reinsurance. All would, and could, update reinsurance information and address customer experience, trust and privacy concerns.

As the industry has noted, ledger technologies could play fundamental roles as blockchains. Indeed, blockchain technologies are just now being introduced in the U.K. to confirm counter party obligations for homeowners’ insurance.

“Advanced analytics are the key,” remarked John Wisniewski, associate vice president of actuary services at UPMC Health Plan. “Predictive capability that looks at the likelihood a patient admission may be coming is the information that we can give to doctors to deal with the matter. … Whoever develops algorithms for people who will be at risk—so providers can develop plans to mitigate risk—will create value for issuers, providers and members alike.”

Available technologies support the connecting of risk assessments with incentives for risk information.

Michael Erlanger, the founder and managing principal of Marketcore, said, “We cannot know what we cannot see. We cannot see what we cannot measure. These available technologies provide clarity for more efficient health insurance and reinsurance.”

Context: Three Rs: Reinsurance, Risk Corridors and Risk Adjustment

When Congress enacted the ACA, the legislation created reinsurance and risk corridors through 2016 and established risk adjustment transfer as a permanent element of health insurance. These three Rs—reinsurance, risk corridors and risk adjustment—were designed to moderate insurance industry risks, making the transition to ACA coverage and responsibilities. The Centers for Medicare and Medicaid Services (CMS) within the Department of Health and Human Services (HHS) administers the programs. All address adverse selection—that is, instances when insurers experience higher probabilities of losses due to risks not factored in at the times policies are issued. All also address risk selection, or industry preferences to insure healthier individuals and to avoid less healthy ones.

With the expiration of ACA reinsurance and risk corridors, along with mandatory reporting requirements this December, healthcare providers, issuers, reinsurers, technology innovators and regulators can now evaluate their futures, separate from CMS reporting.

Virtually all sources commend reinsurance and risk adjustment transfer as consistently as they deride risk corridors. Reinsurance has paid out well, while risk corridors have not. Risk adjustment transfer remains squarely with CMS. 

ACA numbers

While House Republican initiatives try and fail to repeal the ACA, and some news programs and pundits say it is unsustainable, approximately 20 million subscribers are enrolled in Obamacare: with 12.7 million as marketplace insureds, with others through Medicaid and as young adults on parent plans. President Obama, in March, remarked: “Last summer we learned that, for the first time ever, America’s uninsured rate has fallen below 10%. This is the lowest rate of uninsured that we’ve seen since we started keeping these records.” Subscription ratios are off the charts. Premium increases have been modest, approximately 6% for 2016, experts find. “I see no risk to the fundamental stability of the exchanges,” MIT economist Jonathan Gruber observed, noting “a big enough market for many insurers to remain in the fold.”

Transitional Reinsurance 2014-16: Vehicle for Innovation 

One of the great benefits of the ACA is eliminating pre-existing conditions and premium or coverage variables based on individual underwriting across the board. Citizens are no longer excluded from receiving adequate healthcare, whether directly or indirectly through high premiums. Prices for various plan designs go up as coverage benefits increase and as co-pays and deductibles decrease, but the relative prices of the various plans are calculated to be actuarially equivalent.

To help issuers make the transition from an era when they prided themselves on reducing or eliminating less healthy lives from the insureds they covered, to an era where all insureds are offered similar ratings, the ACA introduced reinsurance and risk corridors to cover the first three years (2014 through 2016), in addition to risk adjustment transfer, which will remain in force.

The concept is relatively simple: Require all issuers to charge a flat per-dollar, per-month, per-“qualified” insured and create a pot of money with these “reinsurance premiums” that reimburses issuers for excess claims on unhealthy lives. Issuers would be reimbursed based on established terms outlined in the ACA.

Reinsurance reimburses issuers for individual claims in excess of the attachment point, up to a limit where existing reinsurance coverage would kick in. Individuals involved with these large claims may or may not be identified in advance as high-risk. The reimbursed claim may be an acute (non-chronic) condition or an accident. The individual may otherwise be low-risk.

The important aspect is that all health insurance issuers and self-insured plans contribute. By spreading the cost over a large number of individuals, the cost per individual of this reinsurance program is small to negligible. Non-grandfathered individual market plans are eligible for payments. A state can operate a reinsurance program, or CMS does on its behalf through this year.

As a backstop, the federal government put some money in the pot through 2016—just in case the pot proved inadequate to provide full reimbursement to the issuers. In a worst-case scenario, the sum of the reinsurance premiums and the federal contribution could still be inadequate, in which case the coinsurance refund rate would be set at less than 100%.

As it turned out, 2014 reinsurance premiums proved to be more than adequate, so the refund rate was 100%, and the excess funds in the pot after reimbursement were set aside and added to the pot for 2015, just in case that proves inadequate.

Reinsurance functions on this timetable through this year:

Screen Shot 2016-04-11 at 1.41.01 PM

CMS transferred approximately $7.9 billion among 437 issuers—or 100% of filed claims for 2014, as claims were lower than expected— and it has yet to release 2015 payments. The results for 2015 are coming this summer.

From the outset, states could, and would, elect to continue reinsurance, the CMS contemplated. In 2012, the CMS indicated that “states are not prohibited from continuing a reinsurance program but may not use reinsurance contribution funds collected under the reinsurance program in calendar years 2014 through 2016 to fund the program in years after 2018.”

Subsequent clarification in 2013 did not disturb state discretion. Current regulation specifies that “a state must ensure that the applicable reinsurance entity completes all reinsurance-related activities for benefit years 2014 through 2016 and any activities required to be undertaken in subsequent periods.”

One course of action going forward from 2017 and varying from state-to-state could be mandatory reinsurance enacted through state laws. Healthcare providers, issuers, reinsurers, regulators and legislators could define the health reinsurance best suited to each state’s citizens.

Reinsurers could design and manage administration of these programs possibly at a percentage of premium cost that is less than what is charged by the federal government today. While these reinsurance programs would be mandated, they could include a component of private reinsurance. For example, reinsurers could guarantee the adequacy of per-month reinsurance premiums with provisos that if these actuarially calculated rates turned out to be inadequate in any given year or month, there will be an adjustment to account for the loss in the following year. Conversely, if those rates turn out to be too high, 90% or more is set aside in an account for use in the following year. This way, reinsurers could participate by providing a private sourced solution to adverse claims.

Risk Corridors

Risk corridors apply to issuers with Qualified Health Plans (exchange certified plans) and facilitate transfer payments. The CMS noted: “Issuers whose premiums exceed claims and other costs by more than a certain amount pay into the program, and insurers whose claims exceed premiums by a certain amount receive payments for their shortfall.” Technically, “risk corridors mean any payment adjustment system based on the ratio of allowable costs of a plan to the plan’s target amount,” as the CMS designated.

Issuer claims of $2.87 billion exceeded contributions, so the CMS transferred $362 million among issuers; that is, a 12.6% proration or a $2.5 billion shortfall in 2014.

Risk corridors are politically contentious. Sen. Marco Rubio (R-Florida) likened risk corridors to bailouts. The HHS acknowledged it will “explore other sources of funding for risk corridors payments, subject to the availability of appropriations… includ[ing] working with Congress on the necessary funding for outstanding risk corridors payments.” And, a knowledgeable analyst, Dr. David Blumenthal, noted that risk corridors are not bailouts.

Going forward, evaluations of risk corridors will demand due diligence. Several health exchanges failed from any number of factors—from too little capital for growth experienced, inadequate pricing, mismanagement or risk corridor payments.

Whether innovation can yield effective risk corridors or whether risk corridors will simply fade out as transitional 2014-2016 regulation will depend on institutional and industry participants. Risk corridors did not score unalloyed approbation among sources.

Risk Adjustment: Permanent Element of ACA

Risk adjustment remains in force and impels issuers with healthier enrollees to offset some costs of issuers with sicker ones in specific states and markets and of markets as a means toward promoting affordable health care choices by discouraging cherry picking healthier enrollees.

The HHS transferred approximately $4.6 billion for risk adjustment among issuers for 2014.

At first blush, one might postulate that risk adjustment does the job and that reinsurance and risk corridors could just as reasonably fade out. There is some logic to that argument.

On the other hand, state or regional level reinsurance could make up for risk adjustment shortfalls. In some instances, risk adjustment seems to be less friendly to issuers that take on higher-risk individuals, rather than rewarding high tech issuers and providers with back office capabilities coding claims in such a way as to tactically game risk adjustment.

Evaluating and cultivating these opportunities are timely amid the uncertainties of the presidential and congressional elections that may yield executive and legislative lawmakers intent on undoing ACA provisions, starting with risk corridors. Such legislation could produce losses for issuers and reinsurers.

Nelson A. Rockefeller Precedent

In 1954, then-Undersecretary of Health Education and Welfare Nelson A. Rockefeller proposed reinsurance as an incentive for insurers to offer more health insurance. S 3114, A Bill to Improve the Public Health by Encouraging More Extensive Use of the Voluntary Prepayment Method in the Provision of Personal Health Services, emerged in the first Eisenhower administration to enact a federally funded health reinsurance pool. Rockefeller intended the reinsurance as a means toward an end, what would eventually be dubbed a “third way” among proponents of national health insurance. President Truman and organized labor championed the approach into the mid-’50s. So did the Chamber of Commerce and congressional Republican adversaries of the New Deal and Fair Deal, who were chaffing to undo Social Security as quickly as they could. The American Medical Association also supported this third way because it opposed federal healthcare reinsurance as an opening wedge for socialized medicine. Despite limiting risk and offering new products, insurers demurred because of comfort zones with state regulators and trepidation about a federal role.

pic1

Nelson A. Rockefeller, then-undersecretary of the Department of Health, Education and Welfare, presenting a federally funded health reinsurance plan, 1954.
Source: Department of Health Education and Welfare—now Health and Human Services

Rockefeller’s health reinsurance plan would “achieve a better understanding of the nation’s medical care problem, of the techniques for meeting it through voluntary means, and of the actuarial risks involved,” HEW Secretary Oveta Culp Hobby testified to a Senate subcommittee in 1954.

Rockefeller’s health reinsurance plan did not make it through the House. Organized labor decried it as too little, the AMA said it was too intrusive. Upon hearing news of the House vote, a frustrated Dwight Eisenhower blistered to reporters, “The people that voted against this bill just don’t understand what are the facts of American life,” according to Cary Reich in The Life of Nelson A. Rockefeller 1908-1958. “Ingenuity was no match for inertia,” Rockefeller biographer Richard Norton Smith remarked of industry and labor interests in those hard-wired, central-switched, mainframe times.

pic2

“’It’s déjà vu all over again’ like Yogi Berra,” said one insurance commissioner immersed in the ACA on hearing Ike’s quote.

Source: Yogi Berra Museum & Learning Center

The idea of national health insurance went nowhere despite initiatives by Sen. Edward M. Kennedy (D-Massachusetts) in the late ’70s and President Bill and First Lady Hillary Clinton roughly 20 years ago, until Congress legislated Obamacare.

Innovative, Transparent Technologies Can Deliver Results

Nowadays, more than 60 years after Rockefeller’s attempt, innovative information technologies can get beyond these legislative and regulatory hurdles. Much of the data and networking is at hand. Enrollee actuarial risks, coverage actuarial values, utilization, local area costs of business and cost-sharing impacts on utilization are knowable in current systems. Broadband deployment and information technology innovations drive customer acquisition and information management costs ever lower each succeeding day. Long-term efficiencies for reinsurers, insurers, carriers, regulators, technology innovators and state regulators await evaluation and development.

Reinsurance Going Forward From 2017

So, if state reinsurance programs can provide benefits, what should they look like, and how should they be delivered?

For technology innovators—such as GoogleMicrosoftOverstockZebra or CoverHound—these opportunities with reinsurance would apply their expertise in search, processing and matching technologies to crucial billion-dollar markets and functions. The innovators hope to achieve successes more readily than has occurred through retail beachheads in motor vehicle and travel insurance and credit cards and mortgages. One observer noted that some of those retail initiatives faltered due to customer experience shortfalls and trust and privacy concerns. Another points out that insurers view Amazon, Apple and Netflix as setting new standards for customer experiences and expectations that insurers will increasingly have to match or supersede. A news report indicated that Nationwide already pairs customer management data with predictive analytics to enhance retention.

Reinsurers including Berkshire Hathaway, Munich Reinsurance Company, Swiss Reinsurance Company Limited and Maiden Holdings could rationalize risks and boost earnings while providing a wealth of risk management information, perhaps on a proprietary basis.

For issuers, state-of-the-art transparent solutions improve the current system by enabling issuers to offer more products and services and becalm more ferocious industry adversaries while lowering risks and extending markets. Smaller, nimbler issuers may provide more innovative solutions and gain market share by providing the dual objectives of better health outcomes with lower costs.

For regulators, innovative, timely information sustains the indispensability of state regulators ensuring financial soundness and legal compliance—while allowing innovators to upgrade marketplace and regulatory systems, key regulatory goals that Iowa’s insurance commissioner, Nick Gerhart, pointed out recently. Commissioner Gerhart envisions regulators as orchestra conductors, acknowledging that most insurance regulatory entities are woefully understaffed to design or operate such reinsurance programs themselves, but they will, and they can lead if the participants can provide turnkey capabilities.

Think of health insurance and reinsurance as generational opportunities for significant innovation rather like the Internet and email. When the Department of Defense permitted the Internet and email to evolve to civilian markets from military capabilities in the 1980s, the DOD initially approached the U.S. Postal Service. Senior Post Office management said it welcomed the opportunity to support email: All users need do is email correspondence to recipients’ local post offices by nine p.m. for printing, enveloping, sorting and letter-carrier delivery the following day.

Similarly, considerable opportunities chart innovative pathways for state and regional health reinsurance for 2017 and beyond.

One path, emulating the post office in the ’80s, keeps on coding and bemoans a zero sum; it would allow the existing programs to fade away and will respond to whatever the president and Congress might do.

Another path lumps issuer health reinsurance as an incumbent reinsurer service without addressing the sustainability of state health exchanges or, indeed, any private health insurers in the absences of risk spreading with readily available information technologies.

The approach suggested here—mandated state health reinsurance—innovates to build sustainable futures. Enabling technologies empower all stakeholders to advance private and public interests through industry solutions advancing affordable healthcare.

How Bureaucracy Drives WC Costs

Workers’ compensation is one of the most highly regulated lines of insurance. Every form filed and every payment transaction is an opportunity for a penalty. Claims can stay open for 30 years or longer, leading to thousands of transactions on a single claim. Each state presents different sets of compliance rules for payers to follow. This bureaucracy is adding significant cost to the workers’ compensation system, but is it improving the delivery of benefits to injured workers?

Lack of Uniformity

Workers’ compensation is regulated at the state level, which means every state has its own set of laws and rules governing the delivery of indemnity and medical benefits to injured workers. This state-by-state variation also exists in the behind-the-scenes reporting of data. Most states now require some level of electronic data interchange (EDI) from the payers (carriers or self-insured employers). There is no common template between the states; therefore carriers must set up separate data feeds for each state. This is made even more complex when you factor in the multiple sources from which payers must gather this data for their EDI reporting. Data sources include employers, bill review and utilization review vendors. The data from all these vendors must be combined into a single data feed to the states. If states change the data reporting fields, each of the vendors in the chain must also make changes to their feeds.

Variation also exists in the forms that must be filed and notices that must be posted in the workplaces. This means that payers must constantly monitor and update the various state requirements to ensure they stay in full compliance with the regulations.

Unnecessary Burden

Much of the workers’ compensation compliance efforts focus on the collection of data, which is ultimately transmitted to the states. The states want this information to monitor the system and ensure it is operating correctly, but is all this data necessary? Some states provide significant analytical reports on their workers’ compensation systems, but many do little with the data that they collect. In a world concerned about cyber risk, collecting and transmitting claims data creates a significant risk of a breach. If the data is not being used by the states, the risk associated with collecting and transmitting it seems unnecessary.

Another complication is that there are multiple regulators involved in the system for oversight in each jurisdiction. Too often, this means payers have to provide the same information to multiple parties because information sent to the state Department of Insurance is not shared with the state Division of Workers’ Compensation and vice versa.

Some regulation is also outdated based on current technology. Certain states require the physical claims files to be handled within that state. However, with many payers now going paperless, there are no physical claims files to provide. Other states require checks to be issued from a bank within those states. Electronic banking makes this requirement obsolete.

How Is This Driving Costs?

All payers have a significant amount of staffing and other resources devoted to compliance efforts. From designing systems to gathering and entering data, this is a very labor-intensive process. There have not been any studies on the actual costs to the system from these compliance efforts, but they easily equate to millions of dollars each year.

States also impose penalties for a variety of things, including late filing of forms and late and improper payment of benefits. The EDI process makes it possible for these penalties to be automated, but that issue raises the question of the purpose of the penalties altogether. These penalties are issued on a strict liability basis. In other words, either the form was filed in a timely manner or it was not. A payer could be 99% compliant on one million records, but they would be automatically penalized for the 1% of records that were incorrect. In this scenario, are the penalties encouraging compliance, or are they simply a source of revenue for the state? A fairer system would acknowledge where compliance efforts are being made. Rather than penalize every payer for every error, use the penalties for those that fall below certain compliance thresholds (say, 80% or 90% compliance).

The laws themselves can be vague and open to interpretation, which leads to unnecessary litigation expenses. Terms such as “reasonable” and “usual and customary” are intentionally vague, and often states will not provide further definition of these terms.

How Can We Improve?

One of the goals of workers’ compensation regulations is to ensure that injured workers are paid benefits in a timely manner at the correct rate and that they have access to appropriate medical treatment. There was a time when payers had offices located in most states, with adjusters handling only that state. Now, with most payers utilizing multi-state adjusters, payers must be constantly training and educating their adjusters to ensure that they understand all of the nuisances of the different states that they handle.

The ability to give input to regulators is also invaluable, and payers should seek opportunities to engage with organizations to create positive change. Groups such as the International Association of Industrial Accident Boards and Commissions (IAIABC) and the Southern Association of Workers’ Compensation Administrators (SAWCA) provide the opportunity for workers’ compensation stakeholders to interact with regulators on important issues and also provides the opportunity to seek uniformity where it makes sense (EDI, for example).

There needs to be better transparency and communication between all parties in the rule-making process so that regulators have a better understanding of the impact these rules have on payers and the effort required to achieve compliance.

Developing standards in technology would be helpful for both the payers and the states. If your systems cannot effectively communicate with the other systems, you cannot be efficient. Upgrading technology across the industry, particularly on the regulatory side, has to become a priority.

Finally, we need to give any statutory reforms time to make an impact before changing them again because the constant change adds to confusion and drives costs. In the last 10 years, there have been more than 9,000 bills introduced in various jurisdictions related to workers’ compensation. Of those, about 1,000 have actually been turned into law. People expect that these reforms will produce the desired results immediately, when in reality these things often take time to reach their full impact.

These issues were discussed in depth during an “Out Front Ideas With Kimberly and Mark” webinar on Feb. 9, 2016. View the archived webinar at http://www.outfrontideas.com/archives/.

Zenefits’ Troubles Don’t Let Brokers Off

Zenefits is in trouble. Serious, existential trouble. Some community-based benefit brokers are watching the calamity at Zenefits unfold with a mixture of schadenfreude and relief. Given the scorn and ridicule Zenefits heaped on these brokers, taking pleasure from its misfortune is hard to resist. Feeling relief, however, misreads the situation and is dangerous to one’s career.

Zenefits’ Troubles 

Zenefits could go out of business, and several of its employees could be jailed as a result of the business practices reported by William Alden of BuzzFeed News and other journalists. While unlikely, this is a possibility because:

  • Zenefits created software enabling some California employees to lie to regulators concerning the time they spent on pre-licensing training. California law requires those applying for an insurance license to devote 52 hours to this curriculum. Zenefits employees signed a form, under penalty of perjury, that they had done so. Some may not have. Perjury is a felony in California, and conviction can result in as much as four years’ imprisonment. If Zenefits cheated in qualifying agents to sell in California, other regulators are no doubt looking into whether the company did this in their states, too.
  • If found guilty of violating consumer protection laws, state regulators could revoke Zenefits’ insurance licenses. Without the license, Zenefits could no longer sell new policies, and insurance companies would likely terminate, for cause, their Zenefits contracts. The insurers would then stop paying commissions to Zenefits even on previously sold policies. License revocation in one state could result in losing their licenses elsewhere. A cascade across the country of revoked licenses and terminated contracts could cost Zenefits tens of millions of dollars.
  • If Zenefits loses its licenses, commissions on current policies and ability to sell new ones, then some of its more recent investors may demand their money back. (Let me be clear: I am not accusing anyone at Zenefits of committing fraud or any other crimes. What follows is totally and only hypothetical and speculative.) In May 2015, Zenefits raised $500 million in a capital round led by Fidelity Investments and private equity firm TPG. If Zenefits management knowingly hid legal problems from them (and I’m not accusing anyone of doing so), then Fidelity and TPG could claim inducement by fraud, seek to rescind their contract and demand Zenefits return their investment. I’m not saying this happened or that investors were misled in any way. Nonetheless, I’d be surprised if Fidelity and TPG lawyers are not also speculating about this.

Zenefits’ worst case scenario, then, is that the company pays millions of dollars in fines, loses many millions more in revenue, sees employees jailed, can no longer sell insurance, irreparably damages its brand and must repay some investors.

Maintain Perspective

That’s a pretty scary worst-case scenario. Based on we know today, it is also highly unlikely to happen. No regulator has found Zenefits in violation of anything. Regulators are unlikely to impose the most severe penalties available to them if their investigations do not reveal consumer harm. The steps David Sacks, Zenefits’ new CEO, is taking will likely mitigate any penalties imposed on the company. Several employees, including former CEO Parker Conrad and sales VP Sam Blond have already left the company, and more may follow. Zenefits now has its first compliance officer. Mr. Sacks also seeks to change Zenefits values.

I’m skeptical, however, that Zenefits can or will quickly change its culture and core values. I respect Mr. Sacks’ intentions, experience and abilities. He deserves a chance to make his turnaround work. Yet changing a company’s culture usually takes considerable time, and Zenefits’ culture is deeply infused with the Silicon Valley ethos of speed, innovation, disruption and risk taking. To transform Zenefits requires a different world view. Yet in announcing Mr. Parker’s resignation, the company added three board members—all current investors with no domain expertise.

In fact, no current Zenefits board members or executives listed on the site appear to have any experience in running a human resources firm, payroll company or insurance agency—the services Zenefits delivers. What they share is deep experience in well-known tech companies. Zenefits may be a technology company, but that tech is supposed to accomplish something. Only in places like Silicon Valley would lack at the top of the company of this domain expertise be celebrated. Zenefits seems to exist in a Valley-sized bubble, and it’s tough to change what’s in a bubble from the inside.

The Real Lesson of Zenefits

Yet Zenefits is likely to survive. It reportedly has enough cash on hand and no need to seek more. The most probable outcome from the various investigations is that, absent findings of intentional and substantial criminal malfeasance, Zenefits will keep its licenses, carriers will continue paying commissions and investors will keep their money in the company.

We don’t yet know how Zenefits’ saga plays out. What we do know are some lessons this scandal teaches, especially to brokers:

Lesson one: Consumer protection laws matter. Violate them, and there’s a huge price to pay; as there should be.

Lesson two: Arrogance is unbecoming and unhealthy. Zenefits is a company whose leaders proclaimed that community-based brokers were dead meat, promised to drink brokers’ milkshakes, claimed brokers barely knew how to use email, described their profession as a dead beast lying in the desert and, well, you get the idea. The danger is that arrogance of this magnitude easily morphs into hubris. Zenefits’ hubris was the apparent belief that it could ignore rules if they get in the way of achieving the growth promised investors.

Lesson three: Even broken companies get some things right. Zenefits identified a latent customer demand. Clients want more from brokers than help with benefit plans. They want to focus on their businesses and not be distracted by HR and benefit administration. Zenefits success makes clear there’s a disadvantage to only selling and servicing insurance plans. Clients want more from their brokers. Even in the unlikely event Zenefits goes away, this client need will not.

Lesson four: There’s more where they came from. Zenefits’ demise would not mean the end of well-funded tech companies challenging community-based benefit brokers. If Zenefits falls to the wayside, others are ready to take its place using the same tactic of giving away software to employers in exchange for being named the employers’ broker of record on benefit policies.

Seeing a bully humbled is always fun, and there’s no harm in brokers enjoying the sight of Zenefits in disarray. Those brokers who believe Zenefits predicament means they no longer need to step up the services and value they deliver their clients, however, are making a costly mistake.

cyber

Cyber Threats and the Impact to M&A

As investment bankers and their lawyers pore over the details of a potential corporate merger, a new and troubling issue has emerged that could affect the terms of the deal, or even derail it. Cyber risk is now a top agenda item, not only for deal makers but for shareholders, regulators and insurance companies.

While assumption of risk is nothing new when acquiring a company, assuming cyber risk raises a whole new set of concerns that must be addressed early in the M&A process. Specific industries, such as healthcare, financial services and retail might require detailed attention to data risk as it applies to HIPAA (Health Insurance Portability and Accountability Act) standards, financial regulation and PCI (payment card industry) compliance. A thorough analysis of the target company’s network systems needs to be part of the due diligence process and may require the services of a network assessment vendor. Insufficient cyber security and the need for significant remediation of these networks could lead to unforeseen expense and may be a consideration in final negotiations of the target price.

Understanding the evolving face of hackers should also be a consideration. Hackers have traditionally been motivated solely by financial gain. However, as evidenced by recent cyber attacks against Sony, Ashley Madison and the Office of Personnel Management, hackers may be driven by political agendas or moral outrage or may be part of state-sponsored cyber espionage. If the acquired company comes with intellectual property or produces controversial products or services, it could be at higher risk of attack.

Regulatory Issues Affecting M&A

Increased regulatory risk for the acquiring company should also be of concern. Regulators in the U.S. and around the world have had a laser focus on privacy matters and have made their authority known in two recent court decisions.

  • On Aug. 24, 2015, a decision was made that will have profound impact on how the CIO, compliance officers, cyber security officials and others view what is an acceptable level of cyber security. In Federal Trade Commission v. Wyndham Worldwide Corp. et al. No. 14-3514, slip op. at 47 (3rd Cir. Aug. 24, 2015), the FTC alleged Wyndham failed to secure customers’ sensitive data in three separate incidents. As a result, 619,000 customer records were exposed, leading to $10.6 million in fraudulent charges. The Third Circuit Appeals Court affirmed the FTC’s authority to regulate cyber security standards under the “unfair practices” of the Federal Trade Commission Act. Therefore, key stakeholders in the acquiring and target companies need to come to terms regarding acceptable levels of cyber security before the deal is closed.
  • On Oct. 5, 2015, the European Union’s Court of Justice declared the U.S. and E.U. Safe Harbor framework invalid. The ruling abolishes an agreement that once allowed U.S. companies to move E.U. residents’ digital data from the E.U. to the U.S., and it will affect approximately 4,000 companies. For some companies, the ruling could drastically alter their business models. Therefore, an acquisition of any of these companies will require careful consideration as to how the company collects and uses the online information of the residents in the 28 countries that make up the E.U. An acquiring company could face regulatory scrutiny and costly litigation for noncompliance of their newly acquired entity.

Transferring Your Cyber Risk

One method to provide protection for the acquiring company would be to enter into a cyber security indemnity agreement with the targeted company. The agreement can exist for a period after closing, but there should be an expectation that—after a specified length of time long enough to remediate and integrate the target company’s IT networks—the agreement will expire. The liability protections should be as broad as possible and should include all directors and officers, who are often named in derivative lawsuits in the aftermath of a data breach. The agreement should address the many different actions that might be required after an unauthorized network intrusion of the target company. Costs related to defense attorneys, IT forensics firms, credit monitoring vendors, call centers, public relations companies and settlements should be anticipated. The firms to be hired, the rates they will charge and the terms of reimbursement to the acquiring company should be outlined in the agreement.

Many businesses have also turned to cyber insurance as a means to transfer cyber risk. In fact, the cyber insurance industry has grown to $2 billion in written premiums, with some expecting it to double by 2020. Cyber policies typically cover a named insured and any subsidiaries at the time of policy inception. Parties in a merger should be aware that M&A activity will likely have an impact on existing cyber insurance policies and often require engagement with insurance companies. When an insured makes an acquisition during the policy term, the insurance carrier often requires notification of the transaction pursuant to policy terms specifically outlined in the policy. Because cyber insurance policies are written on manuscript forms, there is no one standard notification requirement, and compliance terms will vary from insurance company to insurance company. If the target company has revenue or assets over a certain threshold, the named insured may be required to:

  • ƒProvide written notice to the insurance carrier before closing;
  • Include detailed information of the newly acquired entity;
  • Obtain the insurer’s written consent for coverage under the policy;
  • Agree to pay additional premium;
  • Be subject to additional policy terms.

Cyber risk can have a huge impact on any M&A activity. Legal liability and the means to transfer it should be a top priority during the transaction. There likely will be a big impact on existing insurance coverage. All parties need to focus on their rights and responsibilities and must engage the right experts to maximize protections in the process.

economy

3 Questions About On-Demand Economy

Last year, as Airbnb’s $25.5 billion valuation surpassed Hilton Hotels’ and Uber became the world’s most valuable privately owned company, it became clear the on-demand economy is no passing fad but is, in fact, a force to be reckoned with.

The on-demand marketplace is growing at a dizzying pace as new companies emerge daily, helping connect a diverse workforce of tradespeople, licensed professionals and unskilled laborers to a market of willing buyers through the company’s platforms. Intuit projects the population of U.S. on-demand workers will more than double by 2020, which means that, if you can’t already summon a doctor, lawyer, babysitter or dog walker right now via an on-demand app, then sit tight—they’re coming soon to a smartphone near you.

But the scale and speed of the on-demand economy’s growth also means policymakers, regulators, insurers and on-demand companies will have to huddle quickly to resolve the issues that arise with this expanding marketplace and its workforce. Here are the three key questions we need to address immediately:

  1. When the safeguards of the traditional corporation no longer exist, how do we protect the on-demand workforce?

Uber is currently appealing a case it lost against the California Labor Commissioner last summer regarding whether a driver is an independent contractor or an employee. While establishing this distinction is a critical issue, we still need to address some big questions about the vast self-employed workforce in the on-demand economy.

A good primer question: How do we get the information we need to make informed policy decisions? Independent contractors in the on-demand economy are classified as part of a larger pool of temporary, seasonal, part-time and freelance workforce called “contingent” workers. A 2015 U.S. Government Accountability Office report cites this workforce as somewhere between less than 5% and more than one-third of the country’s overall labor pool. The big gap in this measurement is because it depends on how jobs are defined and on the data source; the broad definitions and lack of clear data on this workforce makes on-demand independent contractors and their needs tough to track and evaluate. How much of this workforce depends on this income for supplementary purposes as opposed to relying on this income as a full-time living?

According to Intuit’s study, contingent workers will make up 40% of the U.S. workforce by 2020. That’s a lot of people working without the safeguards provided by the traditional corporation—guaranteed minimum wage, steady income, unemployment insurance, healthcare, workers’ compensation and disability insurance. What kind of safety nets do we need to put in place to protect this workforce? And what does this growing workforce mean in terms of policy development? How does the social contract change?

  1. How should we regulate hybrid commercial/consumer activities?

A sticky issue surrounding the on-demand economy is how to regulate commercial activities that are conducted by individuals rather than by traditional businesses.

While some argue that an Airbnb property should be as heavily regulated as a hotel if a host is accepting payment for lodgings, drawing an apples-to-apples comparison between the two is a challenge. For example, treehouses, yurts, igloos and lighthouses were among the top-10 most desirable vacation destinations on Airbnb shopper’s wish lists last year, some fetching upward of $350 a night. Who exactly should you call about making sure the igloo is up to code before guests arrive?

Some of the services and products offered by the individual through on-demand platforms have never been available through traditional enterprises; they’re unique, intimate experiences and, before on-demand platforms made them accessible, were difficult to find. We’re entering a new frontier where many tourists covet a culinary experience they can book at a local’s house via apps such as Feastly or Kitchensurfing rather than a fine dining restaurant, or they prefer offbeat accommodations booked through Airbnb to a 5-star hotel. We can’t assess how to best regulate these individual commercial activities until we have more data and understand the risks. How do we collect that data? How do we ensure the safety and protection of the individuals operating and participating in these activities until we have the information necessary to adequately regulate them?

  1. How can a square peg workforce function in a round hole system?

Mortgages, loans, credit cards, leases … these are just a few of life’s niceties (or necessities) that are challenging for an on-demand independent contractor to secure. Our current financial services, systems and policies were built to work for employees who collect a regular paycheck as well as freelancers who have reliable cash flow through long-term contracts and monthly retainers. Independent contractors working through on-demand platforms tend to rely on short-term gigs often generated through multiple sources, and they have difficulty predicting their day-to-day income, never mind their annual net or gross.

This isn’t a niche workforce. If independent contractors represent 40% of the U.S. working population in 2020, they’re significant drivers of the economy. They generate income and pay taxes; they need homes, cars, work equipment and all the other stuff that keeps their businesses running and makes their lives worth living. We can’t dismiss their needs, because we are measuring their 21st century income with a 20th century yardstick. How do we retrofit our round-hole systems to include this square peg workforce?

If we want a thriving economy in which people enjoy the benefits of the on-demand economy, and doctors, lawyers, drivers, plumbers and everyone else serving the on-demand marketplace have equal opportunity to succeed, then the time to talk about these questions and issues is now.