Ensuring compliance with state and federal laws and regulations is a problem for insurers even in strong economic times. Set against a backdrop of possible political and economic uncertainty, 2012 will pose new and complex compliance challenges for insurers. As always, anticipating those challenges – and meeting them head-on – is the best course of action for ensuring compliance and mitigating risk.
Moving into 2012, insurers should be cognizant of compliance issues relating to social media, electronic data, U.S. trade policies, accounting standards and the modernization of the insurance industry.
1. Social Media: Determining When Regulations Are At Issue
The increasing role of social media in all aspects of daily life and business is at the forefront of nearly every industry and the insurance industry is no exception. Insurers have wisely taken advantage of the marketing and advertising benefits associated with social networking websites. The issue has been addressed by the Financial Industry Regulatory Authority (FINRA) and, more recently, the National Association of Insurance Commissioners (NAIC) issued two drafts of a whitepaper with potential guidelines for insurers.
Both FINRA and the NAIC group social media content into two general categories: static content and interactive content. Importantly, all content is subject to record keeping in accordance with existing regulatory guidelines. Insurers may be held responsible for static content – communications posted by a website owner or administrator and generally considered advertising. This content would be governed by the existing regulations that apply to all other forms of advertising.
On the other hand, insurers are not typically held responsible for interactive content – “real-time” communications attributed to third parties, which can include comments, links and other posts made to insurers’ websites. There are instances, however, when insurers can be held responsible for certain types of interactive content, such as when third-party content remains online for an extended period of time, giving the impression of an endorsement by the site owner.
The amorphous and evolving nature of social media requires that insurers monitor their website content and output to minimize regulatory, civil and reputational risk. As part of that effort, insurers should review the most recent draft white paper prepared by the NAIC’s Social Media Working Group and look for other developments in 2012.
2. Data Breaches & Security Risks
As evidenced by the rising number of class actions against companies who have experienced data breaches involving their customers’ personal information, this area is of real concern for all businesses who maintain personal information, including insurers.
Importantly, because this is a rapidly developing area, case law and the standards for both liability and damages are not always consistent from venue to venue. In addition to following the evolving legal standards, insurers and their counsel must keep up to date on all regulatory changes relating to data privacy.
For example, the SEC recently issued guidelines concerning the information companies must disclose in their public filings relating to data security risks. Moreover, the Obama administration recently proposed cyber security legislation, which would replace legislation already enacted by 46 of the 50 state legislatures. The dramatic increase in sales of data breach insurance policies highlights the importance of this issue in 2012, and we can expect even more data breach lawsuits in the coming year.
3. Heightened Scrutiny For Insurers Under OFAC
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), which administers and enforces trade sanctions policies, is monitoring insurers of global risks with closer scrutiny. OFAC’s regulations prohibit U.S. companies and individuals from engaging in transactions with “Specially Designated Nationals” – an ever-changing roster ranging from obvious state actors such as Iran to more obscure individuals and entities.
Multiple penalties were paid by insurers and reinsurers in 2011. The Treasury Department’s website details the ways in which global insurers can avoid inadvertently running afoul of OFAC’s intricate restrictions. Corporate compliance personnel should note that OFAC’s authority derives from presidential declarations and thus preempts all state insurance regulations. The best advice on this topic comes straight from the Treasury Department itself: “the best and most reliable approach for insuring global risks without violating U.S. sanctions law is to insert in global insurance policies an explicit exclusion for risks that would violate U.S. sanctions law.”
It is likely that there will be continued scrutiny from the Treasury Department in this area moving into 2012.
4. The IASB and FASB Convergence Project Moves Forward
Seemingly since the instant the International Accounting Standards Board (IASB) and the Financial Accounting Standards Board (FASB) set out to establish new accounting standards through the Convergence Project, the project has been beset by setbacks. The Convergence Project is intended to improve, simplify and converge financial reporting requirements for insurance contracts and provide investors with useful information.
Among the areas of current disagreement between the IASB and FASB are the recognition, measurement, presentation and disclosure requirements in insurance contracts. It is impossible to tell when this project will be completed, and some estimates put it as late as the second half of 2012. Insurers would be wise to follow developments in this area, as it seems likely that the IASB and FASB will bridge their differences in 2012.
5. Behavior-based Insurance Pricing
Some insurers have recently developed insurance products based on “behavior-based” insurance pricing. For example, certain automobile insurers have added technology that will track drivers’ activities, rewarding “good” drivers based on their day-to-day driving record.
It is anticipated that privacy, trademark and liability issues may arise from this new area. Insurers and compliance personnel should be on the lookout for possible new regulations governing this developing area this year.
Conclusion
As we head into 2012, social media and data privacy will continue to grab headlines. From a compliance standpoint, however, insurers should keep abreast of all of the above issues, and attempt to stay ahead of regulatory and compliance changes throughout the year.
**********
About the Authors
Kymberly Kochis is a partner in the Institutional Consulting & Litigation practice at Nelson Levine de Luca & Horst, an international law firm focused on the business of insurance. She practices in the areas of insurance and reinsurance litigation, regulation and in all aspects of corporate governance, including complex internal investigationss. Ms. Kochis has also been involved in the defense of class actions involving antitrust, ERISA, market conduct, securities and policy coverage issues. She may be reached at kkochis@nldhlaw.com.
Susan T. Stead is a partner in the firm’s Regulatory Practice Group. Her practice is devoted to insurance regulatory matters with a special emphasis on compliance and market regulation. Ms. Stead counsels insurers about federal and state regulatory requirements and compliance programs, represents insurers undergoing regulatory reviews and investigations and in obtaining approvals. She may be reached at sstead@nldhlaw.com.
Francis X. Nolan IV is an associate in the firm’s Institutional Consulting & Litigation practice where he assists clients in institutional litigation and insurance coverage issues. He has defended insurance companies in large-scale litigation and is experienced in professional liability litigation. He may be reached at fnolan@nldhlaw.com.
About the AuthorKymberly Kochis is a partner in the Institutional Consulting & Litigation practice at Nelson Levine de Luca & Horst, an international law firm focused on the business of insurance. She practices in the areas of insurance and reinsurance litigation, regulation and in all aspects of corporate governance, including complex internal investigationss. Ms. Kochis has also been involved in the defense of class actions involving antitrust, ERISA, market conduct, securities and policy coverage issues. She may be reached at kkochis@nldhlaw.com.
