Pennsylvania has adopted uniform annual corporate governance disclosure requirements for domestic insurers and insurance groups of which the Commonwealth is the lead state (each, an “Insurer”) in Senate Bill 1205 of 2018, now known as Act 163 (the “Act”). Those national standards were approved November 18, 2014 by the National Association of Insurance Commissioners (“NAIC”) and are required to be implemented by the Pennsylvania Insurance Department (“Department”) for the Department’s continuing certification by the NAIC. Under the Act, beginning January 1, 2020, and annually thereafter, Insurers must file with the Department written disclosures of confidential governance practices and policies, each known as a “Corporate governance annual disclosure” or “CGAD”. The effect of the Act and similar legislation to be adopted in states throughout the United States is to establish uniform standards for the monitoring of the risk decision process of insurers and insurance groups with a goal of minimizing insolvencies in the insurance industry.
The NAIC certifies the Department and other state departments of insurance through an accreditation program (“Program”) and final decision of its Financial Regulation Standards and Accreditation Committee (“Committee”). The Program developed following failure by several large insurance companies in the 1980s and Congressional hearings on those insolvencies. The NAIC adopted its Program in 1990 which requires that state insurance departments submit to peer review by other state regulators as to legal, financial and organizational standards. The review requires risk-focused financial surveillance including on-site examinations and adoption of solvency-related rules and regulations. The Program requires review every five years and annual audits of the state insurance departments. According to the NAIC, “the accreditation standards require state insurance departments to have adequate statutory and administrative authority to regulate an insurer’s corporate and financial affairs, and that they have the necessary resources to carry out that authority.” NAIC Website, Accreditation, December 7, 2018.
The Act follows language from the Corporate Governance Annual Disclosure Model Act (“Model 305”) and the Corporate Governance Annual Disclosure Model Regulation (“Model 306” and together with Model 305, collectively, the “Models”) developed by the Committee. The Models seek minimum disclosure requirements by any state that adopts them to be enforced annually through its department of insurance. They must address: (1) corporate governance structure and framework, (2) policies and practices of its board of directors and significant committees, (3) policies and practices of senior management, and (4) how the board, its committees and senior management keep adequate oversight of critical risk areas impacting the insurer’s business activities (collectively, the “Mandatory Disclosures”). Without the Models, most states require full examination of insurers’ corporate practices only every 3 to 5 years. Section 323.3 of the Insurance Department Law of 1921 (“Insurance Department Law”), 40 P.S.§ 323.3(b) authorizes full examination of Pennsylvania insurance companies not less than once every five years. The Models and the Act require disclosure annually because the NAIC has determined that solvency can deteriorate due to governance issues in fewer than three or five years. The Act is a new Chapter 39 to the Insurance Company Law of 1921, 40 Pa. C.S.A. §§3901-3911.
The Act requires Insurers to submit a CGAD annually beginning January 1, 2020. If a domestic insurer is part of an insurance group for which Pennsylvania is not the lead state, then the CGAD is to be submitted with the insurance department of the lead state with a copy to the Department on its request. The lead state is “responsible for coordination and communication among state regulators regarding oversight of an insurance group as determined by the [D]epartment in consultation with other [state] regulators of insurers in the insurance group.” 40 Pa. C.S.A §3901. In subsequent years, the filer must submit an amended version of the initially filed CGAD noting changes and, if none, with a statement that there are no changes. The Department shall include a form of CGAD on its website but the filer may submit the CGAD in the format which, in the filer’s discretion, best states the Mandatory Disclosures and related matters sought by the Department, with a focus on the corporate level where oversight of risk assessment of the filing entity occurs, how risk monitoring is effected, and whether policies for compensation of management address performance.
The Insurer may determine at what corporate level it will prepare and file the CGAD but must support its decision and later changes in the level of reporting. The corporate governance information may be provided “at the ultimate controlling parent level, an intermediate holding company level or the individual legal entity level, or some combination thereof, depending upon how the insurer or insurance group has structured its system of corporate governance.” 40 Pa. C.S.A §3904(d)(1). The Insurer must make this determination based on what level (1) the Insurer’s risk appetite is determined, (2) earnings, capital, liquidity, operations and reputation are overseen and where supervision of those factors are “coordinated and exercised” and (3) where legal liability would be placed for “failure of general corporate governance duties.” The Insurer’s chief executive officer or secretary must attest “to the best of that individual’s belief and knowledge” that the Insurer has implemented the reported practices and that a copy of the CGAD has been provided to the board or appropriate committee.
Review of a CGAD is by and through the lead state (which could be the Department) unless the Insurer is domiciled in Pennsylvania and not part of an insurance group, in which case review is by the Department. The CGAD need not duplicate but may reference other publically filed documents such as securities filings. Actual review of the CGAD may be performed with the assistance of third-party consultants such as attorneys, actuaries, accountants and other experts “reasonably necessary” for the Department to determine whether the CGAD complies with the Act (each, a “Consultant”). Any Consultant must be approved by the insurer or insurance group filing the CGAD at whose expense the Consultants review the filing. Each Consultant must verify to the Department, with a copy to the Insurer, that it (a) has no conflict of interest, (b)will comply with the confidentiality standards of the Act (“Confidentiality Standards”) and (c) has internal procedures in place to monitor its compliance with its duties under the Act.
Because CGAD filings and CGAD-related information (“Confidential Information”) can be highly confidential to the Insurer, the Act imposes duties of confidentiality. The Act identifies the first set of Confidentiality Standards for Confidential Information described as “CGAD-related information in the possession of or control of the [D]epartment that is produced by, obtained by or disclosed to the [D]epartment or any other person under [the Act]…” 40 Pa. C.S.A §3907(a) The Confidentiality Standards require that the Department, its commissioner (the “Commissioner”) and persons who lawfully such obtain Confidential Information shall not be “permitted to testify in a private civil action concerning the [Confidential information].” 40 Pa. C.S.A §3907(b). These Confidentiality Standards require further that the Department treat such Confidential Information with confidentiality and that it shall not be (1) subject to discovery or admissible in a private civil action, (2) subject to subpoena, (3) subject to the Right-to-Know Law; or (4) except for regulatory purposes discussed below, made public without the prior written consent of the Insurer.
Those disclosure exceptions as to such Confidential Information allow the Department to (a) use it in furtherance of a regulatory or legal action brought by the Department, (b) share it with the NAIC, regulatory or law enforcement officials and certain other persons, provided such recipient first demonstrates “the necessary authority and intent” to apply the Confidentiality Standards, and (c) receive it from the NAIC, regulatory or law enforcement officials and certain other persons if it is confidential in the jurisdiction from which it was received. A second set of Confidentiality Standards applies to Confidential Information received by the Department from others as mentioned in (c) above. It requires that such Confidential Information “shall be given confidential treatment, shall not be subject to subpoena and shall not be made public by the [D]epartment, the [C]ommissioner or any other person.” 40 Pa. C.S.A §3907(c)(3).
A third set of Confidentiality Standards applies to Confidential Information “in the possession or control of the NAIC or a [Consultant].” 40 Pa. C.S.A §3907(g). These Confidentiality Standards require that such Confidential Information (1) be confidential and privileged, (2) not be subject to the Right-to-Know Law, (3) not be subject to subpoena and (4) not be subject to discovery or admissible in a private civil action. This third set matches treatment of Confidential Information held by the Department under the first set but without the exception for disclosure for regulatory purposes or being made public with the consent of the Insurer.
Confidentiality provisions are so critical to the Act that its general severability provisions are delineated as follows: if any provision of the Act is invalid without application or as applied to a person or circumstance, then the rest of the act shall be given effect; but if the addition of the confidentiality provisions are held invalid without application, then the rest of the Act shall be void.
The introduction of corporate governance disclosure to Insurers is not intended to change other named law. The Act expressly states that it shall not be construed to “prescribe or impose corporate governance standards and internal procedures in addition to those required under applicable Sate corporate law.” 40 Pa. C.S.A §3910. Further, the Act shall not alter the Commissioner’s rights or the rights and obligations of third parties, including Insurers, under the examination provisions of the Insurance Department Law.
The Act began as Senate Bill 1205 of 2018, introduced by Senator Dan Laughlin (R-49) and Senator Donald C. White (R-41), Chair of the Senate Banking and Insurance Committee, on June 11, 2018 and promptly proceeded through the legislative process. It passed unanimously in the Senate on September 25, 2018, and in the House on October 17, 2018 by a vote of 182 in favor and 3 opposed. Governor Wolf approved the Act on October 24, 2018, and it took effect immediately. The Act is important because it sets a standard in Pennsylvania that will be uniform with other states as they adopt laws that embody the Models, thus creating regulatory parity for Pennsylvania Insurers. Further, as the NAIC advises, “uniform adoption across jurisdictions will assist the U.S. in meeting international standards related to corporate governance and oversight.” Memo: Recommendation for Part A Accreditation Standards and Guidelines for the Corporate Governance Annual Disclosure Model Act and the Corporate Governance Annual Disclosure Model Regulation, Commissioner Susan Donegan, Chair of Corporate Governance Working Group, NAIC, November 18, 2014. The Memo provides further that the Models embody “enhancements to strengthen corporate governance standards within the U.S. solvency system.” The Act is based on sound public policy and its implementation will soon be assessed as CGADs are filed with the Department beginning January 1, 2020.