The NAIC recently adopted the Corporate Governance Annual Disclosure Model Act and corresponding Model Regulations (CGAD). Although the initial disclosures are not likely due until 2016 at the earliest, carriers should take Benjamin Franklin’s advice: “Don’t put off until tomorrow what you can do today.” In 2015, insurers should take a hard look at their corporate governance structure and practices, realizing that regulators will likely be doing the same in the not so distant future.

CGAD is one of the many regulatory changes resulting from NAIC’s Solvency Modernization Initiative. It seeks to address the perceived lack of effective corporate governance practices and oversight of critical risk areas. One key difference between CGAD and some other NAIC initiatives is that there are no exemptions from the reporting requirement. CGAD applies to all insurers, even small insurers, fraternals and standalone mutuals.

The good news is that the disclosure and any additional information requested by regulators under CGAD are given confidential treatment and are not subject to subpoena or discovery in any private civil action.

The model law is intended to provide information to state insurance regulators on the corporate governance structure, policies and practices of an insurer or an insurer group. Many regulators have already been focusing on corporate governance as part of their risk-focused financial exams. CGAD now implements mandatory disclosures in this area. While it is not intended to impose governance standards and internal procedures beyond those already required by state law, the required information goes far beyond a mere disclosure of governance structure and documentation.

Each insurer or insurer group will be required to file a disclosure annually by June 1 of each calendar year after the effective date of the law. The NAIC model indicates an expected effective date for the law of Jan. 1, 2016. However, a carrier’s initial due date for disclosure will depend on when CGAD is adopted by the carrier’s state of domicile. Information provided in the disclosure is to be based on where the governance activities occur for the member insurers in a group (e.g., ultimate controlling parent, intermediate holding company and/or individual insurer). This determination is made based on the level at which decisions are made, oversight is provided and governance accountability is assessed.

The disclosure need not duplicate, and may cross-reference to, information set forth in other documents filed with regulatory bodies. The annual disclosure must be signed by the CEO or corporate secretary of the filing insurer or group and attest that (1) to the best of that individual’s belief, the insurer or group has implemented the corporate governance practices set forth in the CGAD and (2) a copy of the CGAD has been provided to the board or the appropriate committee thereof.

The insurer has discretion regarding the appropriate format for providing the information and is permitted to customize the communication to provide the most relevant information necessary to permit the regulator to gain an understanding of the corporate governance structure, policies and practices utilized by the insurer. However, at a minimum, the initial disclosure must include a detailed narrative and documentation on four key areas:

• Governance framework and structure (including rationale for board size and structure and discussion of roles of the CEO and board chairman).
• Policies and practices of the board and board committees (including discussion of how the qualifications, expertise and experience of board members meet the needs of the insurer/insurer group, how an appropriate amount of independence is maintained, number of and attendance at meetings, and processes to evaluate and improve performance).
• Policies and practices for directing senior management (including a description of suitability standards and processes for performance evaluation and corrective action as well as elements of compensation programs).
• Oversight of critical risk areas (including a description of processes to ensure effective oversight and reporting).

The disclosure requirements for each of these areas is extensive and not fully detailed above.

Although June 2016 may seem far away, carriers need to prepare now to meet CGAD’s requirements. Some of the disclosures could require changes that could take extensive time to implement. For example, one critical area of reporting in the CGAD involves the compensation of senior management.

CGAD requires that a carrier provide sufficient detail to allow regulators to understand how the organization ensures that compensation programs do not encourage and/or reward excessive risk-taking. This can include a discussion of the board’s role in overseeing management compensation programs; the elements of compensation awarded and how the insurer/group calculates the amount of each element of compensation; how compensation programs are related to both company and individual performance over time; whether compensation programs include risk adjustments and how those adjustments are incorporated into programs for employees at different levels; if there are any clawback provisions to recover payments if the performance measures are restated or adjusted; and other factors relevant to understanding how the insurer/group monitors compensation policies to determine whether its risk management objectives are met by incentivizing its employees. This disclosure requires extensive thought, and changes addressing these areas cannot be made overnight.

While the analysis of corporate governance structure and practices will assist in preparing for CGAD, it will also allow for implementation of procedures that are more closely aligned to best practices principles and standards identified by the NAIC. For example, one of the best practices principals analyzed by the NAIC is that insurers establish and maintain a sound corporate governance framework that adequately recognizes and protects the interests of policyholders. When evaluating the current governance framework, board members should consider whether their framework meets these goals, and if not, what changes could be made.

So what is next? Carriers should watch for legislation adopting CGAD over the next year. The NAIC has proposed that CGAD become a state accreditation standard. If the proposal is accepted, each state must adopt the model law in substantially similar form in order to maintain accreditation. Boards and management also need to implement a plan to ensure that they can timely and fully comply with CGAD. To the extent an insurer or insurer group has not recently analyzed the appropriateness and effectiveness of its corporate governance structure and practices, the time to do so is now—and not when the filing deadline is imminent.