Following the financial crisis, the NAIC undertook a solvency modernization initiative (SMI) to update insurance regulators on insurance companies' regulatory frameworks. One part of the SMI, meant to keep regulators informed on insurers' financial conditions, involves the insurance companies' corporate governance and risk management.
The NAIC defines corporate governance "as structures, policies and processes through which an organization or entity is managed and controlled." The NAIC passed model acts first requiring insurers to file annually an enterprise risk management (ERM) report and an own risk and solvency assessment (ORSA) report. However, those model acts deal more with the insurer's exposure to risks from external factors. So, the NAIC, which was determined to never face the financial issues banks faced in 2008, enacted the Corporate Governance Annual Disclosure Model Act (CGAD) and supporting model regulation, both of which took effect January 1, 2016.
Information required in a CGAD report includes the rationale for the board size and structure; the duties of the board and its significant committees; how the insurer is governed (e.g., bylaws or a charter); board leadership structure; and the defined roles and responsibilities of the chairman of the board and CEO. The CGAD is intended to give insurance regulators a way to assess the filing insurer's governance structure as well as provide a report on the insurer's practices and policies regarding governance. Unlike the ERM and ORSA filings, the CGAD has no exemption based on size. Both small companies and fraternal insurers are subject to the CGAD filing requirements. The CGAD must be filed annually by June 1.
So far, 19 states have enacted the model act or something very close. However, since the CGAD will likely be included in the NAIC financial standards accreditation program effective January 1, 2020, all states will have to enact the CGAD and the supporting regulation or a similar version before 2020.
The information in the reports required by the model act is to be kept confidential and may be made at the ultimate controlling parent level, an intermediate holding company level, or the individual legal entity level according to the insurer's governance framework. Moreover, no specific form or format need be used to provide the required information.
So far, reporting insurers have had no major complaints. However, that could change quickly if enacting states don't maintain confidential treatment of the information or if some states start dictating the format reports must take.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
