Tag Archives: securities & exchange commission

It’s Time for a Consumer Bill of Rights

On April 6, 2016,  the Department of Labor (DOL) released its long-awaited fiduciary rule. It is clear that things will never be the same. While the fiduciary rule is limited in the products that it applies to, it is a clear sign that the time has arrived for the Insurance Consumer Bill of Rights.

Some complain bitterly about the rule — William Shakespeare has Queen Gertrude say in Hamlet, “The lady doth protest too much, methinks” — but there is clearly a trend, with the DOL’s fiduciary rule, the proposed rule by the SEC, new consumer protection rules for seniors and the amount of complaints to the Consumer Financial Protection Bureau. To go from Shakespeare to a more modern poet: Bob Dylan sang, “The times they are a-changing.”

It is time for the insurance industry to wake up. If the way business is conducted remains as is on products not covered by the fiduciary rule, there will be further regulations and scrutiny thrust upon the insurance world, and there will less opportunity to have a voice at the table.

Insurance Agents, Distribution Systems and Reasonable Compensation:

The traditional agent system has been fading away over the last couple of decades. There are very few companies that still have their own “captive” agents. “Captive” agents are those who primarily represent one specific insurance company such as Northwestern Mutual Life, New York Life, Mass Mutual, State Farm, Farmers, Allstate, etc. and who receive office space and other support from that company.

Most insurance is now sold by agents who represent multiple insurance companies and who try to find the optimal coverage for their clients at the most affordable premiums. Of course, there are agents who are driven by commissions, and those are the ones who are most affected by the fiduciary rule and whatever comes next.  Acting in the best interests of a client is something the majority of agents strive to do, but enough agents don’t that this type of regulatory change is warranted.

Insurance companies are rethinking their distribution strategies, as shown by MetLife and AIG. MetLife recently sold off its Premier Client Group (retail distribution entity with approximately 4,000 advisers). American International Group (AIG) sold off its broker-dealer operation. And a number of insurance companies have withdrawn from the U.S. variable annuity marketplace over the last few years: Voya (formerly ING), Genworth, SunLife and Fidelity stopped selling MetLife Annuities.

The real concern for insurance companies and agents is that they will no longer be able to sell a product that can’t be fully justified as suitable to clients. In other words, selling the annuity with the highest commission and the best incentives will no longer cut it. While the DOL rule only applies to those annuities sold in qualified plans, is it really a stretch of the imagination to consider class action lawsuits against agents who are not following the same practices outside of qualified plans?

And of course there is the issue of reasonable compensation. Reasonable compensation under the BICE is not specifically defined and is certainly open to interpretation. The DOL notes several factors in determining reasonable compensation: market pricing of services and assets, the cost and scope of monitoring and the complexity of the products. There is the interpretation that advisers who have more education (certifications, degrees, licenses, etc.) may be able to justify higher fees or commissions. This is also a good thing as this will encourage advisers to improve their skill set and be of better service to their clients. The Insurance Quality Mark is a great way for agents to show their level of expertise and professionalism.

That Ticking Sound You Hear?

The current distribution system is ineffective with the types of products sold and the accompanying incentives. Agents receive higher compensation for less competitive products, and they receive incentives for making sales targets. This is traditional for sales in any industry. However, as we’ve seen in the investment community, there are few traditional commissioned stock brokers and investment advisers, while the majority are now fee-based planners. Consumers expect more and are more financially literate. The Internet especially has changed the way financial products are sold. And insurance is part of the financial world.

The Securities Exchange Commission may finally be spurred to move forward with its own fiduciary regulation. SEC Commissioner Mary Jo White has stated that fiduciary reform is in order at the commission, and that the SEC should harmonize the rules for investment advisers and broker-dealers serving retail clients.

And will FINRA (Financial Industry Regulatory Authority),  NAIC (National Association of Insurance Commissioners), the CFPB (Consumer Financial Protection Bureau), the U.S. House of Representatives, the U.S. Senate or some other body move forward with their own set of rules and regulations?

The marketing material that I see from many firms is, “We put our customers first.” Thomas E. Perez, the secretary of labor, said in an interview: “This is no longer a marketing slogan. It’s the law.”

The pressure is on annuity companies and insurance companies to design simpler products with lower fees and increased transparency.

Everyone needs to rethink the entire sales and policy management process and follow the best practices outlined in the Insurance Consumer Bill of Rights. It requires insurance agents to place their clients’ (insurance consumers) best interests first to the best of their ability. The Insurance Consumer Bill of Rights focuses on common-sense, thorough communication and providing quality service in a way that benefits everyone. Following the Insurance Consumer Bill of Rights is a win for everyone.

The Bottom Line: 

Insurance agents, insurance brokers and insurance companies can be the leaders in providing insurance consumers with rights or can be led by follow-ups to the DOL’s fiduciary rule. The DOL’s fiduciary rule is not the end, it is only the beginning.

Again, it is good business for everyone when firms must fairly disclose fees, compensation and material conflicts of interest associated with their recommendations and not give their advisers incentives to act contrary to their clients’ interests. (It’s a sad state that such a requirement is necessary.)

The future is up to us. If we start to treat annuities and cash value life insurance as the complex financial vehicles that they are and start to better educate our clients and ourselves and carefully service them, then there will be positive outcomes. If we continue with the current approach, lack of education and disclosure, more contracts will terminate and there will be significant negative consequences for policy/contract owners and their beneficiaries, and agents may very well find themselves as defendants in litigation.

The Insurance Consumer Bill of Rights:

  1. The Right to Have Your Agent Act in Your Best Interest: to the best of her ability. Keep in mind that agents are not fiduciaries and are agents of the insurance company(ies). An agent recommendation should not be influenced by commissions, bonuses or other incentives (cash or non-cash). An agent should not collect a fee and a commission from the same client for the same work.
  2. The Right to Receive Customized Coverage Appropriate to Your Needs: An insurance agent should review your potential coverage needs per each line of coverage under consideration and take into account any existing coverage. Any new recommended coverage must fill a need (gap in coverage). Any replacement must be carefully reviewed with all pros and cons considered and presented in writing to the consumer.
  3. The Right to Free Choice: You have the right to receive multiple competitive options and to choose your company, agent and policy. Agents, brokers and companies must inform you in simple language of your coverage options when you apply for an insurance policy. Different levels of coverage are available, and you have the right to know how each option affects your premium and what your coverage would be in the event of a claim.
  4. The Right to Receive an Answer to Any Question: You’re the buyer, so you have the right to ask any question and to receive an answer. The answer should fully and completely address your question or concern in full and be understandable. If you don’t understand something, you as as the buyer have a duty to ask questions, and, if you still don’t understand, you shouldn’t buy that policy.
  5. The Right to Pay a Fair Premium: There must be full disclosure on how policy premiums are calculated and the impact of different risk factors specific to the type of coverage proposed. Also, information should be provided on factors that may reduce the premium in the future.
  6. The Right to Be Informed: You need to receive complete and accurate information in writing – anything said or promised orally must be put in writing. This includes full Information on any recommended insurance company, including name, address, phone number, website and financial strength rating(s).
  7. The Right to be Treated Fairly and Respectfully: This includes the right to not be pressured. If there is a deadline, the reason must be presented. If an offer is too good to be true, then it most likely is too good to be true. Insurance agents and companies should keep information private and confidential.
  8. The Right to Full Disclosure and Updates: You must receive notice of any changes in the coverage in easy-to-understand language and any relevant changes in the marketplace. All relevant information and disclosure requirements (required or not) on an insurance product must be presented to the client. You must receive in writing a summary of all surrender charges, length of surrender period and any additional costs for early termination. In any replacement situation, all pros and cons must be submitted in writing.
  9. The Right to Quality Service – You must be able to have your coverage needs reviewed at any time upon request, whenever a major event would affect coverage and at least annually. The agent must determine if changes have occurred with the client or in the marketplace that would dictate changes to the insurance coverage. This includes prompt assistance on any claims.
  10. The Right to Change or Cancel Your Coverage: This right must come without any restrictions or hassles.

View the Department of Labor conflict of interest final rule by clicking ere.

Support the Insurance Consumer Bill of Rights by signing the petition and sharing this post.

How Data Breaches Affect More Than Cyberliability

You’ve probably seen the recent headlines about the Target retail chain being hacked, resulting in approximately 40 million customer credit and debit card numbers being stolen by hackers. It would be easy to write another article about the importance of cyberliability insurance, but we’d like to go a step further. While it is true that a breach of this magnitude will be incredibly expensive and could strain the total limit capacity available in the cyber insurance marketplace, other insurance products that could possibly be triggered shouldn’t be ignored.

On October 13, 2011, the Securities and Exchange Commission’s (SEC) Division of Corporate Finance published the Cybersecurity Disclosure Guidance. Among other recommendations, the guide contained the SEC’s views on the type and extent of cyberliability risks and exposures that public companies should consider disclosing to investors. The guidance was issued to help investors understand the nature of a company’s cybersecurity risks. In quarterly and annual filings with the SEC, companies disclose risk factors that can have a material impact on their operations. When investors sue a corporation for actions that have harmed the company, and in turn their investments, that is a claim typically addressed by a Directors and Officers (D&O) Liability policy. In certain instances, they also might be covered by a dedicated cyber insurance policy or a Side-A excess policy (or both), to the extent the company has purchased such products, which are separate and distinct from a D&O form.

Like other public companies, Target has sought to abide by the SEC’s cybersecurity disclosure recommendations, most recently including cyber risk as one of 17 risk factors in the MD&A section of its February 2013 10-K:

If our efforts to protect the security of personal information about our guests and team members are unsuccessful, we could be subject to costly government enforcement actions and private litigation and our reputation could suffer.

The nature of our business involves the receipt and storage of personal information about our guests and team members. We have a program in place to detect and respond to data security incidents. To date, all incidents we have experienced have been insignificant. If we experience a significant data security breach or fail to detect and appropriately respond to a significant data security breach, we could be exposed to government enforcement actions and private litigation. In addition, our guests could lose confidence in our ability to protect their personal information, which could cause them to discontinue usage of REDcards, decline to use our pharmacy services, or stop shopping with us altogether. The loss of confidence from a significant data security breach involving team members could hurt our reputation, cause team member recruiting and retention challenges, increase our labor costs and affect how we operate our business.

State attorneys general have already initiated demands for information and protection for state residents. The Connecticut attorney general is asking for two years of credit monitoring and identity theft protection for state residents, along with more details on the breach and security protocols. Not surprisingly, there have been threats of consumer class actions against Target. It will also be interesting to see if shareholders, or more importantly the plaintiffs bar, think that the disclosure of the risk was adequate. Given the size of the breach, it would not be surprising to see any number of such suits filed against Target.

In the meantime, certain banks are advising consumers that the consumer will not be held responsible for fraudulent charges on their credit cards.

If we look back at the 2007 breach at TJ Maxx (TJX), which affected more than 90 million credit cards, we could gain insight into how MasterCard and Visa might respond to the Target breach. They sued TJX and collectively recovered over $60 million. Other banks, such as Fifth Third Bancorp, Amerifirst Bank, Eagle Bank and SaugusBank, also made claims against TJX. Media reports indicate that TJX paid in excess of $250 million to resolve the myriad claims against it as a result of the 2007 breach. We would expect that number includes crisis management expenses, such the costs of forensic analyses, public relations expenses, notification expenses and other remedial costs. It also likely accounts for regulatory fines and penalties from the government, PCI fines paid to credit card companies, damages paid to both credit card companies and banks, cash and merchandise vouchers for harmed customers, and probably even credit monitoring. It would be challenging to quantify the lost revenue from jilted customers who chose to shop elsewhere following the breach, but we suspect it was meaningful.

Impact on Investors

A key question is, can investors still sue if the stock doesn’t have a precipitous drop? The answer is probably yes. Typical allegations in a securities claim allege that: 1) the management misled investors; 2) the truth came out; 3) the stock dropped as a result; and 4) the investors suffered financial loss. The damage valuation might be determined by comparing the price of the stock prior to the date the “truth” came out and the price after it had been disclosed. That’s an oversimplification of a securities claim, but still reflects the typical pattern.  For something like the Target breach, shareholders could argue that Target failed to fully disclose the potential cyber-related problems, lost business opportunities which kept the stock from rising and therefore caused the loss of future gains, mismanaged and failed to properly oversee its cybersecurity protection program, and other assorted alleged improprieties.

Other Claims

Apart from securities-related disclosure lawsuits, a company like Target also will likely be subject to consumer class actions and regulatory actions. Such lawsuits could lead to sizeable settlements, which could have an impact on the stock price and raise investor concerns. Target’s earnings similarly could be impacted by the costs of breach remediation and associated expenses. It also stands to lose significant opportunity costs, to the extent its management and staff becomes distracted by the post-breach activities. Whatever surfaces will require a lot of money spent in legal and forensic bills.

It is well-known that litigation naming a company’s directors and officers can arise from a variety of alleged misdeeds. Like other entrepreneurs, the plaintiffs are always exploring new legal theories to establish liability and recover damages in order to collect higher fees. When that happens, you can bet those defendants will quickly be looking to their D&O policy for assistance. For every cyberliability underwriter expressing relief that they aren’t insuring Target for this breach, there are likely two D&O underwriters concerned about their policy limit – assuming, of course, that Target has a sizeable D&O insurance tower in place.

Companies like Target likely employ a robust cybersecurity program to protect consumers’ personal and financial information.  But breaches aren’t limited to large multinational operations. According to cyberlaw expert Richard J. Bortnick of Christie Pabarue and Young, and publisher of the blog Cyberinquirer.com, small- and medium-sized public companies are just as much at risk, perhaps even more at risk, than companies like Target. “Every company of every size is at risk,” Bortnick said. “And if you think of it logically, small- and medium-sized companies are likely more at risk, and subject to greater residual financial harm, than the bigger firms. And in the cyber realm, that means small- and medium-sized companies that almost certainly have not invested the resources necessary for proper cybersecurity.” According to Bortnick, “regrettably, oftentimes clients call me in after a breach, not before. And on each occasion, I tell them that the cost to remediate a breach can be multiples of what it would have cost if I had been brought in before the breach and been able to work with the company to plan and implement a cost-effective, best practices cybersecurity regime. Not only does this approach discourage or even prevent hackers, it provides a company with a ‘best practices’ defense to a privacy suit and, potentially, to a shareholder lawsuit.”

As mentioned in the introduction of this advisory, the risks facing your clients following a data breach go beyond the obvious cyberliability insurance policy. How a company has prepared for a breach, what steps have been taken to prevent a breach and what plans are in place to deal with a breach are all executive-level decisions. Regardless of the size of the company, a data breach can be a significant threat to the survival of a company. Companies should buy a cyberliability policy to help respond to a data breach and a D&O policy to protect the management and board for their plans and decisions.