Looking Back and Looking Forward Top Compliance Challenges ...
Transcript of Looking Back and Looking Forward Top Compliance Challenges ...
December 20, 2019
CEFLI Educational Webinar
Series
Looking Back and
Looking Forward
Top Compliance Challenges
2019 and 2020
2019 Premier Partners
2019 Premier Partners
• CEFLI’s Antitrust Policy.
• Presentation.
• Q & A.
• Post-meeting Survey.
Agenda
• Mary Jo Hudson
Partner
Squire Patton Boggs
• Sue Stead
Of Counsel
Squire Patton Boggs
Webinar Faculty
• Susan Voss
General Counsel
American Enterprise
• Don Walters
President & CEO
CEFLI
• Key Compliance Challenges 2019.
– NYDFS Regulation 187 (Annuities) / SEC Regulation
Best Interest /Revised DOL Fiduciary Rule.
– Suitability.
– Privacy / Data Governance.
– Cybersecurity.
– New Product and Innovation Initiatives.
– Unclaimed Property.
Key Compliance Challenges 2019
• Key Compliance Challenges 2020.
– NYDFS Regulation 187 (Life) / SEC Regulation
Best Interest / NAIC Suitability in Annuity
Transactions Model Regulation.
– Privacy/Data Governance.
– DOL Fiduciary Rule.
– Unclaimed Property.
– Antifraud.
Key Compliance Challenges 2020.
• Industry media suggests that we can
anticipate a revised DOL Fiduciary Rule in
early 2020.
• DOL has reportedly been working closely with
the SEC to follow Regulation Best Interest.
• New DOL Secretary Scalia has received
clearance to participate in the rulemaking
process.
Revised DOL Fiduciary Rule.
• On June 5, 2019, the SEC adopted
Regulation Best Interest and Form CRS
Summary.
• The proposed regulation received some of
the highest volume of comments ever
received by the SEC.
• Regulation Best Interest impacts the
standards associated with retail sales through
broker-dealers and investment advisers.
SEC Regulation Best Interest.
• Four Obligations:
– Best Interest.
– Disclosure.
– Care.
– Compliance.
• Requires identification of conflicts of interest
and efforts to mitigate material conflicts of
interest.
SEC Regulation Best Interest.
• Regulation becomes effective June 30, 2020.
• FINRA will be the regulatory authority
conducting examinations for compliance with
Regulation Best Interest.
– FINRA will be examining before June 30, 2020 to
determine the degree of readiness to comply with
Regulation Best Interest.
• Impacted the development of revisions to the
NAIC Suitability in Annuity Transactions
Model Regulation.
SEC Regulation Best Interest.
• Amendments to NYDFS Regulation 187
became effective for annuities on August 1,
2019.
• Introduced a best interest standard into the
life insurance product marketplace.
• Companies were challenged to develop new
policies and procedures.
• Significant training and documentation
requirements for producers.
NYDFS Regulation 187 (Annuities).
• Amendments to NYDFS Regulation 187
become effective for life insurance products
on February 1, 2020.
• Companies are still evaluating their
compliance strategies.
• Examples of key issues:
– Collection of suitability information for life
insurance products.
– Where will the suitability analysis reside?
NYDFS Regulation 187 (Life).
• Future annuity sales will take place under a best
interest rather than a suitability standard.
• Follows the organizational format of Regulation
Best Interest.
– Best interest obligation.
– Care obligation.
– Disclosure obligation.
– Conflict of interest obligation.
– Documentation obligation.
NAIC Suitability in Annuity Transactions
Model Regulation.
• Broader “safe harbor” provision.
– Applicable to broker-dealer and investment
adviser transactions.
• Challenge to train producers to operate under
a best interest standard.
• Key compliance questions:
– NAIC might have a final rule by March 2020
– Effective date?
– Adoption by the states?
NAIC Suitability in Annuity Transactions
Model Regulation.
• Trend: More laws restricting use of consumer
data and giving consumers more rights.
‒ California Consumer Privacy Protection Act
(CCPA) (and regulations).
‒ General Data Protection Regulation (GDPR).
• Trend: Breach laws amended to expand
definitions of breach and personal data (e.g.
biometric info, email address, IP address),
and to increase reporting obligations.
Privacy and Data Governance.
Privacy and Data Governance.• Trend: Private causes of action provided by statute.
• Trend: Actual not necessarily required for standing to sue
– invasion of legal right may be sufficient.
• Trend: Regulators increasingly focused on security of
company systems as well as security of consumer data.
– Exam standards, enterprise risk reporting.
– NAIC Insurance Data Security Model Law (#668).
– N.Y. Cybersecurity Regulation (20 NYCRR 500).
• Trend: Insurance regulators are increasingly focused on
the nature of consumer data used in insurance and
potential for bias.
• Effective 1/1/20.
• Broad definition of PI: information that identifies,
relates to, describes, is capable being
associated with or could reasonably be linked to
a particular consumer or household.
• Includes, among other data: biometric data, online
identifier, email address, street address, IP address,
browsing history, and interactions with websites, geo
location data, and “inferences” drawn from data to
create a profile.
• Applies to employee data (2021).
• Notice at or before collection of PI from consumers.
• Use of PI limited to purposes disclosed in notice.
• Consumer rights: know what PI is held; request deletion
of PI; opt-out of sales of PI.
• Training and record retention for consumer inquiries,
opt-outs, opt-ins.
• Online privacy policy required.
• Notices for both online and offline interactions.
• Partial exemption for entities subject to GLBA.
• Challenges for insurance industry.
‒ Scope of GLBA exemption.
‒ Moving target.
‒ Identifying impacts – data and operations.
‒ Data mapping and gap assessments.
‒ Developing compliant operational changes.
‒ Coordination with state insurance privacy laws,
California Financial Information Privacy Act, and
California Online Privacy Protection Act, among
others.
‒ Limit operational changes to California?
Cybersecurity.
• Recent laws:
‒ New York regulation (23 NYCRR 500).
‒ NAIC Insurance Data Security Model Law (adopted
in AL, CT, DE, MI, MS, NH, OH, SC).
• Requirements are very similar except:
‒ New York is prescriptive while the model allows
more flexibility and discretion in determining
necessary elements of cybersecurity program.
‒ Incident reporting obligations are significantly
greater under the NAIC Insurance Data Security
Model Law.
Cybersecurity.
• Compliance Challenges
‒ Uniformity.
‒ Finding the expertise.
‒ Oversight of third-party vendors.
• Anti-inducements/anti-rebating.
• Accelerated underwriting/predictive modeling
‒ NY Circular 1.
‒ NAIC Task Forces (Big Data, Accelerated UW, AI).
• Direct to consumer distribution.
• Illustrations and narratives.
New Product and Innovation Initiatives.
• Regulators have encouraged companies to
bring innovation initiatives to them.
• Need to be careful to identify those states that
may be receptive to innovation initiatives.
New Product and Innovation Initiatives.
• Anti-inducement/rebating.
‒ States are updating statutes/regulations.
‒ Alabama (482-1-163-.03 ), Arizona (Bul. 2019-01),
Maryland (Bul. 19-21), North Dakota (26.1-04-06),
Ohio (Bul. 2019-04, 05), Washington (48.30.140),
West Virginia (Info. Ltr. 205).
‒ Value Add clarifications.
‒ Premium inducement limitations.
New Product and Innovation Initiatives
• Accelerated Underwriting.
– Significant debate & discussion at NAIC.
• NY Circular 1 – First written guidance.
– Data not related to the medical condition of
applicant; data serving as a “lifestyle indicator.”
– OK - MIB, criminal and MVR data.
– Concern for unlawful discrimination (i.e., disparate
impact) – burden on insurer.
New Product and Innovation Initiatives
• NY Circular 1.
– Concern for unfair discrimination.
o Actuarially sound.
o Meets insurance code requirements.
o Is there a valid rationale for differential treatment.
– Compliance with FCRA/state equivalents.
o Adverse underwriting decision includes inability of
applicant to use expedited or accelerated process.
– Circular 1 – Next steps?
New Product and Innovation Initiatives
• Direct to consumer distribution.
– Producer licensing.
– Disclosure delivery / signatures.
– Advertising on unlicensed partner sites.
• Illustrations and Disclosures.
– NAIC debate regarding IUL Illustrations & Life
Disclosure Models.
o No resolution.
o Discussion to continue in 2020.
New Product and Innovation Initiatives.
• Unclaimed property challenges continue.
• New RUUPA.
– “Date of death” dormancy trigger.
– Open-ended authority for auditors to conduct DMF
Searches of Life Insurers.
– Enacted: CO, IL, KY, ME, TN.
– Proposed: DC, WA, VT, SC, UT (amend).
• NCOIL Model – 35 states enacted.
– “Knowledge of death” dormancy trigger.
Unclaimed Property
Final Thoughts?
Questions and Answers.
Compliance & Ethics Forum for Life Insurers
www.cefli.org