ENROLLED
2016 Legislature CS for CS for SB 1422, 1st Engrossed
20161422er
1
2 An act relating to insurer regulatory reporting;
3 creating s. 628.8015, F.S.; defining terms; requiring
4 an insurer to maintain a risk management framework;
5 requiring certain insurers and insurance groups to
6 conduct an own-risk and solvency assessment; providing
7 requirements for the preparation and submission of an
8 own-risk and solvency assessment summary report;
9 providing exemptions and waivers; requiring certain
10 insurers and members of an insurance group to prepare
11 and submit a corporate governance annual disclosure;
12 requiring the initial corporate governance annual
13 disclosure to be submitted to the Office of Insurance
14 Regulation by a specified date; authorizing the office
15 to require an insurer or insurance group to provide a
16 corporate governance annual disclosure before such
17 date under certain circumstances; specifying
18 requirements for preparing and annually filing the
19 corporate governance annual disclosure; specifying
20 privilege requirements and prohibitions for certain
21 filings and related documents; authorizing the office
22 to retain third-party consultants for certain
23 purposes; providing certain requirements for the
24 National Association of Insurance Commissioners or
25 third-party consultants in an agreement; authorizing
26 the Financial Services Commission to adopt rules;
27 amending s. 628.803, F.S.; revising provisions
28 relating to penalties to conform to the act; providing
29 for contingent repeal of the act; providing a
30 contingent effective date.
31
32 Be It Enacted by the Legislature of the State of Florida:
33
34 Section 1. Section 628.8015, Florida Statutes, is created
35 to read:
36 628.8015 Own-risk and solvency assessment; corporate
37 governance annual disclosure.—
38 (1) DEFINITIONS.—As used in this section, the term:
39 (a) “Corporate governance annual disclosure” means a report
40 filed by an insurer or insurance group in accordance with this
41 section.
42 (b) “Insurance group” means insurers and affiliates
43 included within an insurance holding company system.
44 (c) “Insurer” has the same meaning as in s. 624.03.
45 However, the term does not include agencies, authorities,
46 instrumentalities, possessions, or territories of the United
47 States, the Commonwealth of Puerto Rico, or the District of
48 Columbia; or agencies, authorities, instrumentalities, or
49 political subdivisions of a state.
50 (d) “Own-risk and solvency assessment” or “ORSA” means an
51 internal assessment, appropriate to the nature, scale, and
52 complexity of an insurer or insurance group, conducted by that
53 insurer or insurance group, of the material and relevant risks
54 associated with the business plan of an insurer or insurance
55 group and the sufficiency of capital resources to support those
56 risks.
57 (e) “ORSA guidance manual” means the own-risk and solvency
58 assessment guidance manual developed and adopted by the National
59 Association of Insurance Commissioners.
60 (f) “ORSA summary report” means a high-level ORSA summary
61 of an insurer or insurance group, consisting of a single report
62 or combination of reports.
63 (g) “Senior management” means any corporate officer
64 responsible for reporting information to the board of directors
65 at regular intervals or providing information to shareholders or
66 regulators and includes, but is not limited to, the chief
67 executive officer, chief financial officer, chief operations
68 officer, chief risk officer, chief procurement officer, chief
69 legal officer, chief information officer, chief technology
70 officer, chief revenue officer, chief visionary officer, or any
71 other executive performing one or more of these functions.
72 (2) OWN-RISK AND SOLVENCY ASSESSMENT.—
73 (a) Risk management framework.—An insurer shall maintain a
74 risk management framework to assist in identifying, assessing,
75 monitoring, managing, and reporting its material and relevant
76 risks. An insurer may satisfy this requirement by being a member
77 of an insurance group with a risk management framework
78 applicable to the operations of the insurer.
79 (b) ORSA requirement.—Subject to paragraph (c), an insurer,
80 or the insurance group of which the insurer is a member, shall
81 regularly conduct an ORSA consistent with and comparable to the
82 process in the ORSA guidance manual. The ORSA must be conducted
83 at least annually and whenever there have been significant
84 changes to the risk profile of the insurer or the insurance
85 group of which the insurer is a member.
86 (c) ORSA summary report.—
87 1.a. A domestic insurer or insurer member of an insurance
88 group of which the office is the lead state, as determined by
89 the procedures in the most recent National Association of
90 Insurance Commissioners Financial Analysis Handbook, shall:
91 (I) Submit an ORSA summary report to the office once every
92 calendar year.
93 (II) Notify the office of its proposed annual submission
94 date by December 1, 2016. The initial ORSA summary report must
95 be submitted by December 31, 2017.
96 b. An insurer not required to submit an ORSA summary report
97 pursuant to sub-subparagraph a. shall:
98 (I) Submit an ORSA summary report at the request of the
99 office, but not more than once per calendar year.
100 (II) Notify the office of the proposed submission date
101 within 30 days after the request of the office.
102 2. An insurer may comply with sub-subparagraph 1.a. or sub
103 subparagraph 1.b. by providing the most recent and substantially
104 similar ORSA summary report submitted by the insurer, or another
105 member of an insurance group of which the insurer is a member,
106 to the chief insurance regulatory official of another state or
107 the supervisor or regulator of a foreign jurisdiction. For
108 purposes of this subparagraph, a “substantially similar” ORSA
109 summary report is one that contains information comparable to
110 the information described in the ORSA guidance manual as
111 determined by the commissioner of the office. If the report is
112 in a language other than English, it must be accompanied by an
113 English translation.
114 3. The chief risk officer or chief executive officer of the
115 insurer or insurance group responsible for overseeing the
116 enterprise risk management process must sign the ORSA summary
117 report attesting that, to the best of his or her knowledge and
118 belief, the insurer or insurance group applied the enterprise
119 risk management process described in the ORSA summary report and
120 provided a copy of the report to the board of directors or the
121 appropriate board committee.
122 4. The ORSA summary report must be prepared in accordance
123 with the ORSA guidance manual. Documentation and supporting
124 information must be maintained by the insurer and made available
125 upon examination pursuant to s. 624.316 or upon the request of
126 the office.
127 5. The ORSA summary report must include a brief description
128 of material changes and updates since the prior year report.
129 6. The office’s review of the ORSA summary report must be
130 conducted, and any additional requests for information must be
131 made, using procedures similar to those used in the analysis and
132 examination of multistate or global insurers and insurance
133 groups.
134 (d) Exemption.—
135 1. An insurer is exempt from the requirements of this
136 subsection if:
137 a. The insurer has annual direct written and unaffiliated
138 assumed premium, including international direct and assumed
139 premium, but excluding premiums reinsured with the Federal Crop
140 Insurance Corporation and the National Flood Insurance Program,
141 of less than $500 million; or
142 b. The insurer is a member of an insurance group and the
143 insurance group has annual direct written and unaffiliated
144 assumed premium, including international direct and assumed
145 premium, but excluding premiums reinsured with the Federal Crop
146 Insurance Corporation and the National Flood Insurance Program,
147 of less than $1 billion.
148 2. If an insurer is:
149 a. Exempt under sub-subparagraph 1.a., but the insurance
150 group of which the insurer is a member is not exempt under sub
151 subparagraph 1.b., the ORSA summary report must include every
152 insurer within the insurance group. The insurer may satisfy this
153 requirement by submitting more than one ORSA summary report for
154 any combination of insurers if any combination of reports
155 includes every insurer within the insurance group.
156 b. Not exempt under sub-subparagraph 1.a., but the
157 insurance group of which it is a member is exempt under sub
158 subparagraph 1.b., the insurer must submit to the office the
159 ORSA summary report applicable only to that insurer.
160 3. The office may require an exempt insurer to maintain a
161 risk management framework, conduct an ORSA, and file an ORSA
162 summary report:
163 a. Based on unique circumstances, including, but not
164 limited to, the type and volume of business written, ownership
165 and organizational structure, federal agency requests, and
166 international supervisor requests;
167 b. If the insurer has risk-based capital for a company
168 action level event pursuant to s. 624.4085(3), meets one or more
169 of the standards of an insurer deemed to be in hazardous
170 financial condition as defined in rules adopted by the
171 commission pursuant to s. 624.81(11), or exhibits qualities of
172 an insurer in hazardous financial condition as determined by the
173 office; or
174 c. If the office determines it is in the best interest of
175 the state.
176 4. If an exempt insurer becomes disqualified for an
177 exemption because of changes in premium as reported on the most
178 recent annual statement of the insurer or annual statements of
179 the insurers within the insurance group of which the insurer is
180 a member, the insurer must comply with the requirements of this
181 section effective 1 year after the year in which the insurer
182 exceeded the premium thresholds.
183 (e) Waiver.—An insurer that does not qualify for an
184 exemption under paragraph (d) may request a waiver from the
185 office based upon unique circumstances. If the insurer is part
186 of an insurance group with insurers domiciled in more than one
187 state, the office must coordinate with the lead state and with
188 the other domiciliary regulators in deciding whether to grant a
189 waiver. In deciding whether to grant a waiver, the office may
190 consider:
191 1. The type and volume of business written by the insurer.
192 2. The ownership and organizational structure of the
193 insurer.
194 3. Any other factor the office considers relevant to the
195 insurer or insurance group of which the insurer is a member.
196
197 A waiver granted pursuant to this paragraph is valid until
198 withdrawn by the office.
199 (3) CORPORATE GOVERNANCE ANNUAL DISCLOSURE.—
200 (a) Scope.—This section does not prescribe or impose
201 corporate governance standards and internal procedures beyond
202 those required under applicable state corporate law or limit the
203 authority of the office, or the rights or obligations of third
204 parties, under s. 624.316.
205 (b) Disclosure requirement.—
206 1.a. An insurer, or insurer member of an insurance group,
207 of which the office is the lead state regulator, as determined
208 by the procedures in the most recent National Association of
209 Insurance Commissioners Financial Analysis Handbook, shall
210 submit a corporate governance annual disclosure to the office by
211 June 1 of each calendar year. The initial corporate governance
212 annual disclosure must be submitted by December 31, 2018.
213 b. An insurer or insurance group not required to submit a
214 corporate governance annual disclosure under sub-subparagraph a.
215 shall do so at the request of the office, but not more than once
216 per calendar year. The insurer or insurance group shall notify
217 the office of the proposed submission date within 30 days after
218 the request of the office.
219 c. Before December 31, 2018, the office may require an
220 insurer or insurance group to provide a corporate governance
221 annual disclosure:
222 (I) Based on unique circumstances, including, but not
223 limited to, the type and volume of business written, the
224 ownership and organizational structure, federal agency requests,
225 and international supervisor requests;
226 (II) If the insurer has risk-based capital for a company
227 action level event pursuant to s. 624.4085(3), meets one or more
228 of the standards of an insurer deemed to be in hazardous
229 financial condition as defined in rules adopted pursuant to s.
230 624.81(11), or exhibits qualities of an insurer in hazardous
231 financial condition as determined by the office;
232 (III) If the insurer is the member of an insurer group of
233 which the office acts as the lead state regulator as determined
234 by the procedures in the most recent National Association of
235 Insurance Commissioners Financial Analysis Handbook; or
236 (IV) If the office determines that it is in the best
237 interest of the state.
238 2. The chief executive officer or corporate secretary of
239 the insurer or the insurance group must sign the corporate
240 governance annual disclosure attesting that, to the best of his
241 or her knowledge and belief, the insurer has implemented the
242 corporate governance practices and provided a copy of the
243 disclosure to the board of directors or the appropriate board
244 committee.
245 3.a. Depending on the structure of its system of corporate
246 governance, the insurer or insurance group may provide corporate
247 governance information at one of the following levels:
248 (I) The ultimate controlling parent level;
249 (II) An intermediate holding company level; or
250 (III) The individual legal entity level.
251 b. The insurer or insurance group may make the corporate
252 governance annual disclosure at:
253 (I) The level used to determine the risk appetite of the
254 insurer or insurance group;
255 (II) The level at which the earnings, capital, liquidity,
256 operations, and reputation of the insurer are collectively
257 overseen and the supervision of those factors is coordinated and
258 exercised; or
259 (III) The level at which legal liability for failure of
260 general corporate governance duties would be placed.
261
262 An insurer or insurance group must indicate the level of
263 reporting used and explain any subsequent changes in the
264 reporting level.
265 4. The review of the corporate governance annual disclosure
266 and any additional requests for information shall be made
267 through the lead state as determined by the procedures in the
268 most recent National Association of Insurance Commissioners
269 Financial Analysis Handbook.
270 5. An insurer or insurance group may comply with this
271 paragraph by cross-referencing other existing relevant and
272 applicable documents, including, but not limited to, the ORSA
273 summary report, Holding Company Form B or F filings, Securities
274 and Exchange Commission proxy statements, or foreign regulatory
275 reporting requirements, if the documents contain information
276 substantially similar to the information described in paragraph
277 (c). The insurer or insurance group shall clearly identify and
278 reference the specific location of the relevant and applicable
279 information within the corporate governance annual disclosure
280 and attach the referenced document if it has not already been
281 filed with, or made available to, the office.
282 6. Each year following the initial filing of the corporate
283 governance annual disclosure, the insurer or insurance group
284 shall file an amended version of the previously filed corporate
285 governance annual disclosure indicating changes that have been
286 made. If changes have not been made in the previously filed
287 disclosure, the insurer or insurance group should so indicate.
288 (c) Preparation of the corporate governance annual
289 disclosure.—
290 1. The corporate governance annual disclosure must be
291 prepared in a manner consistent with this subsection.
292 Documentation and supporting information must be maintained and
293 made available upon examination pursuant to s. 624.316 or upon
294 the request of the office.
295 2. The corporate governance annual disclosure must be as
296 descriptive as possible and include any attachments or example
297 documents used in the governance process.
298 3. The insurer or insurance group has discretion in
299 determining the appropriate format of the corporate governance
300 annual disclosure in communicating the required information and
301 responding to inquiries, provided that the corporate governance
302 annual disclosure includes material and relevant information
303 sufficient to enable the office to understand the corporate
304 governance structure, policies, and practices used by the
305 insurer or insurance group.
306 4. The corporate governance annual disclosure must describe
307 the:
308 a. Corporate governance framework and structure of the
309 insurer or insurance group.
310 b. Policies and practices of the most senior governing
311 entity and significant committees.
312 c. Policies and practices for directing senior management.
313 d. Processes by which the board, its committees, and senior
314 management ensure an appropriate amount of oversight to the
315 critical risk areas that have an impact on the insurer’s
316 business activities.
317 (4) CONFIDENTIALITY.—The filings and related documents
318 submitted pursuant to subsections (2) and (3) are privileged
319 such that they may not be produced in response to a subpoena or
320 other discovery directed to the office, and any such filings and
321 related documents, if obtained from the office, are not
322 admissible in evidence in any private civil action. However, the
323 department or office may use these filings and related documents
324 in the furtherance of any regulatory or legal action brought
325 against an insurer as part of the official duties of the
326 department or office. A waiver of any applicable claim of
327 privilege in these filings and related documents may not occur
328 because of a disclosure to the office under this section,
329 because of any other provision of the Insurance Code, or because
330 of sharing under s. 624.4212. The office or a person receiving
331 these filings and related documents, while acting under the
332 authority of the office, or with whom such filings and related
333 documents are shared pursuant to s. 624.4212, is not permitted
334 or required to testify in any private civil action concerning
335 any such filings or related documents.
336 (5) USE OF THIRD-PARTY CONSULTANTS.—The office may retain
337 third-party consultants at the expense of the insurer or
338 insurance group for the purpose of assisting it in the
339 performance of its regulatory responsibilities under this
340 section, including, but not limited to, the risk management
341 framework, the ORSA, the ORSA summary report, and the corporate
342 governance annual disclosure. The NAIC or a third-party
343 consultant must agree, in writing, to:
344 (a) Adhere to confidentiality standards and requirements
345 applicable to the office governing the sharing and use of such
346 filings and related documents as evidenced by specific
347 procedures and protocols for maintaining the confidentiality and
348 security of information shared with the NAIC or a third-party
349 consultant pursuant to this section.
350 (b) Verify to the office, with notice to the insurer, that
351 the consultant is free of any conflict of interest.
352 (c) Monitor compliance with applicable confidentiality and
353 conflict of interest standards pursuant to a system of internal
354 procedures.
355 (d) Not store the information shared pursuant to this
356 section in a permanent database after the underlying analysis is
357 complete.
358 (e) Provide prompt notice to the office and to the insurer
359 or insurance group regarding any subpoena, request for
360 disclosure, or request for production of the insurer’s filings
361 and related documents submitted pursuant to subsections (2) and
362 (3).
363 (f) Intervention by an insurer in any judicial or
364 administrative action in which the NAIC or a third-party
365 consultant may be required to disclose confidential information
366 about the insurer shared within the NAIC or a third-party
367 consultant pursuant to this section.
368 (6) RULE ADOPTION.—The commission may adopt rules to
369 administer this section.
370 Section 2. Subsections (1) and (4) of section 628.803,
371 Florida Statutes, are amended to read:
372 628.803 Sanctions.—
373 (1) Any company failing, without just cause, to file any
374 registration statement or certificate of exemption required to
375 be filed pursuant to commission rules relating to this part or
376 to submit an ORSA summary report or a corporate governance
377 annual disclosure required pursuant to s. 628.8015 shall, in
378 addition to other penalties prescribed under the Florida
379 Insurance Code, be subject to pay a penalty of $100 for each
380 day’s delay, not to exceed a total of $10,000.
381 (4) If the office determines that any person violated s.
382 628.461, or s. 628.801, or s. 628.8015, the violation may serve
383 as an independent basis for disapproving dividends or
384 distributions and for placing the insurer under an order of
385 supervision in accordance with part VI of chapter 624.
386 Section 3. Section 628.8015, Florida Statutes, and the
387 amendments made by this act to s. 628.803, Florida Statutes, are
388 repealed on October 2, 2021, unless, before that date, the
389 Legislature saves from repeal through reenactment the amendments
390 to s. 624.4212, Florida Statutes, made by SB 1416 or similar
391 legislation.
392 Section 4. This act shall take effect October 1, 2016, if
393 SB 1416 or similar legislation is adopted in the same
394 legislative session or an extension thereof and becomes a law.