For insurance companies, risk comes in all shapes and sizes. It may stem from a wide variety of sources, including financial uncertainty, legal liabilities, strategic management errors, accidents, and natural disasters. In addition to forecasting financial risks and identifying procedures to avoid or minimize their impact, companies face challenges related to compliance with traditional corporate laws that govern how organizations are structured and managed. Corporate board members are also subject to fiduciary standards that require, among other things, that board members act reasonably and in the best interest of the insurance company and its investors. Insurers must further comply with state insurance codes, which mandate specific requirements for starting, financing, operating, and winding down insurance operations. Importantly, state insurance laws further impose consumer protection standards, which broaden the scope of liability that insurance companies face under traditional legal principles. Companies must further protect themselves from risks associated with common law causes of action, such as those brought by policyholders for alleged violations of the duty of good faith and fair dealing, which automatically exists by operation of law in every insurance contract.
This article will focus on governance in the context of litigation and risk management. We begin by emphasizing the importance of adopting a governance framework that underscores compliance with statutory and regulatory reporting requirements. Next, we discuss the benefits of adopting a broad approach to corporate governance that emphasizes the flow of information from the operating level of the organization to the decision-makers at the higher-levels of the corporate ladder.
The adoption by the National Association of Insurance Commissioner (NAIC) of the Corporate Governance Annual Disclosure (CGAD) Model Act and Model Regulation, which sets forth corporate governance requirements insurers will need to implement and disclose, has increased the focus on risk and risk management in corporate reporting. Both the Model Act and Model Regulation provide that the insurer or insurance group is encouraged to make the CGAD disclosure at the level at which the insurer’s or insurance group’s risk appetite is determined. The new reporting requirements imposed by the CGAD Model Act and Model Regulation will become more significant as more states begin to adopt the Models. As of Nov. 27, 2017, 18 states (California, Connecticut, Delaware, Florida, Idaho, Indiana, Kansas, Louisiana, Maine, Montana, Nebraska, Nevada, New Hampshire, Ohio, Oregon, Rhode Island, Vermont, and Virginia) have adopted the CGAD Model Act and 11 states (California, Connecticut, Florida, Iowa, Indiana, Louisiana, Nebraska, Ohio, Rhode Island, Vermont, and Virginia) have adopted the CGAD Model Regulation. Regardless of whether an insurer does business in a state that has adopted the CGAD Models, the board should analyze its own governance framework and consider whether the company will be ready to comply with the Models’ reporting requirements once they are adopted in other states.