Porthole

Analysis

2018 Insurance Regulatory Outlook

Forging ahead amid uncertainty

Gain insight into key regulations that insurance companies should be monitoring and addressing in 2018.

Embracing complexity: 2018 trends in insurance regulations

Most insurers are moving ahead deliberately with their risk and compliance initiatives, even as certain areas pose regulatory uncertainty that will likely remain a significant and ongoing challenge. Even if lawmakers and regulators make certain definitive changes, insurance companies must continue to drive the effectiveness and efficiency of their risk and compliance programs so they meet applicable laws, regulations, and supervisory expectations.

Many of the new state regulatory requirements are clear. But in other areas, such as the Department of Labor’s (DOL) Fiduciary Rule (the Rule), companies don’t have the time or luxury of waiting to see how things will shake out. Therefore, they’re planning implementation based on available guidance.

Overall, many of the changes organizations are making to achieve insurance regulatory compliance are useful improvements that are worth doing from a risk and business perspective.

Read on to learn more about the insurance regulations we’re tracking for 2018.

Cyber regulation

The insurance industry has seen a shift as the regulatory environment has driven organizations to take a serious yet fresh look at the state of their cybersecurity risk management programs. Institutions at both the state and federal levels remain committed to protecting insurance organizations from the influx of cyber threats and to raising the bar on cyber risk management and reporting.

Numerous regulatory agencies at the federal level, as well as the National Association of Insurance Commissioners (NAIC), have moved or are moving to establish regulations governing the conduct of insurers with respect to this significant operational risk.

In an era where cyber criminals could be state-sponsored, part of a political cooperative, or just after the money, how can boards and senior executives assess the soundness of their cybersecurity programs? The Society of Worldwide Interbank Financial Telecommunication (SWIFT) network articulated three overarching objectives:

  • "Secure your environment”
  • “Know and limit access”
  • “Detect and respond”

Back to top

Best-interest standards

The DOL’s Fiduciary Rule has already significantly shifted the financial services industry to operate more in the best interest of the customer, specifically retirement account investors and policyholders. It has also prompted other regulatory agencies to develop or propose new regulations that are likely to be enacted during 2018, thus creating a new patchwork of state and federal regulations that might not be completely aligned.

The Rule continues to serve as a catalyst for change across the financial services industry. Although implementation efforts to achieve compliance have slowed, the industry continues to migrate toward a fiduciary (or at least a “best interest”) model for delivering advice to both retirement and non-retirement clients.

This trend will likely accelerate in 2018 under a number of emerging scenarios, such as the DOL’s Rule progression, the SEC drafting of a rule, individual state legislation, and adoption of the NAIC model regulation by individual states.

Back to top

Big data: Big issues, big potential rewards

The potential benefits of analytics are undeniable. In fact, one can reasonably argue that as the use of analytics rises—and as the analysis becomes increasingly precise and personal—insurers will be able to offer more effective, customized products to consumers with greater efficiency. The counterargument is that the increasing availability of data—and the increasingly sophisticated ability to analyze and manage it—could enable insurers to micro-segment the market to a point where it undermines the fundamental concept of risk pooling.

In our current environment, the ability to use data and predictive analytics to accelerate underwriting and reduce market friction could be both a competitive advantage and market expander. The question regulators—and the industry—face is where to draw the line. For example, the value and validity of genetic information is indisputable, but should it be usable?

Regulators worldwide are moving to address the issue. The NAIC has created the Big Data Working Group to “review current regulatory frameworks used to oversee insurers’ use of consumer and non-insurance data.”

Back to top

Enterprise risk management and Own Risk Solvency Assessment (ORSA)

With the passing of the Risk Management Own Risk and Solvency Assessment Model Act #505, the NAIC paved the way for the formal requirement for insurance companies to have a risk management program and framework within their organizations. The ORSA requirement specifies a filing at least annually that sets out:

  • The company’s risk management framework
  • A stress testing requirement for the risks the company faces
  • A forward-looking projection of solvency

Although insurance companies are naturally in the business of managing risk, these new requirements have taken time and effort to formally adopt. And they will continue to do so for some time.

Back to top

 

Corporate governance disclosure

Corporate governance disclosure may have been a quiet issue lately, but it’s one that most insurers will need to begin addressing soon.

The NAIC’s Corporate Governance Annual Disclosure (CGAD) Model Act and Regulation were adopted in 2014 to provide regulators with more details on insurers’ corporate governance practices. All insurers, no matter their size, will be required to file an annual CGAD. The CGAD must contain discussions of the following:

  • The insurers’ corporate governance framework and structure
  • The policies and practices of its board of directors and significant committees, including information regarding board member qualifications and independence
  • The policies and practices directing senior management, including information regarding significant compensation programs
  • The processes by which the board of directors, its committees, and senior management ensure an appropriate level of oversight of the critical risk areas impacting the insurers’ business activities

With such high visibility for the CGAD, it might be better for company management to err on the side of over—rather than under—compliance.

Back to top

Market conduct

The NAIC and state Departments of Insurance (DOIs) continue to focus considerable resources on market conduct exams and analysis. While many of the areas of focus aren’t new, some are more recent and gaining more attention.

In addition, many insurers are experiencing more frequent examinations, driven in part by heavier reliance on market analysis data and greater activity on the part of state regulators as the federal government has limited authority and inclination to increase its presence.

With continuing data breaches that impact customer personally identifiable information (PII), the NAIC and states are continuing to focus on appropriate measures and the controls insurers should have in place to protect sensitive policyholder information. Likewise, as carriers get more sophisticated in their use of big data, the states find themselves trying to determine what safeguards are required to protect against unfair and/or discriminatory behavior.

Back to top

International regulatory change

Regulatory change continues to pervade the insurance industry, and international regulatory change is no exception. The international regulatory environment is significant even for US-only industry participants because of the direct and trickle-down impacts of globally accepted changes.

Local country-based change is also creating uncertainty, with socio-economic and political change driving significant regulatory adjustments within individual countries. Brexit is just one example of such a change currently taking place.

Against this backdrop, both US and international insurers would be well-advised to stay on top of global regulatory developments and continuously assess the potential impact on their business models.

Back to top

Taking decisive action in uncertain times

Learn more about these key trends in insurance regulations and how embracing complexity can help you accelerate performance, stay ahead of change, and successfully navigate the insurance industry.

To read the full report, download Navigating the year ahead: 2018 insurance regulatory outlook.

Look again

In today’s rapidly evolving marketplace environment, key business issues are converging with impacts felt across multiple industry sectors. What are the key trends, challenges, and opportunities that may affect your business and influence your strategy? Look for more perspectives and insights from some of Deloitte’s forward thinkers.

Discover more Industry Outlooks.

Back to top

Did you find this useful?