NAIC Adopts ORSA Model Act

Insurance Update

On September 12, 2012, the NAIC adopted the Risk Management and Own Risk and Solvency Assessment (“ORSA”) Model Act, which requires insurers to maintain a framework for identifying, assessing, monitoring, managing and reporting on the “material and relevant risks” associated with the insurer’s (or insurance group’s) current business plans. ORSA is part of the NAIC’s overall Solvency Modernization Initiative (“SMI”), in particular its post-2008 focus on group supervision and enterprise risk management. Prior to adopting the ORSA Model Act, the NAIC adopted an ORSA Guidance Manual (“ORSA Manual”) in March 2012, detailing the specific procedures involved in preparing an ORSA. While the ORSA Model Act provides for an effective date of January 1, 2015, a state that is delayed in adopting the ORSA Model Act could provide for a later effective date.

Overview Overall, regulators view the ORSA initiatives as providing a new method to evaluate solvency, beyond risk-based capital measures. In addition, it is also expected that having ORSA (and SMI more generally) in place will increase the chances of the U.S. insurance regulatory system being viewed as “equivalent” for purposes of Solvency II.

Under the ORSA Model Act, an insurer must undertake an internal risk management review no less often than annually (but also at any time when there are significant changes to the risk profile of the insurer or its insurance group) in accordance with the ORSA Manual, and prepare a summary report (“ORSA Report”) assessing the adequacy of the insurer’s risk management and capital in light of its current and future business plans. Copies of the ORSA Report must be provided to the insurer’s board of directors or an appropriate board committee. For insurers that are part of an insurer group (i.e., a holding company system), risk assessments can be done at the group level, and ORSA Reports would be filed by the insurer group with its lead regulator, addressing each insurer in the group. Group reports can also be broken down by category (e.g., one report filed for property-casualty insurers in the group and a separate report for life insurers in the group), to the extent the insurers operate under different enterprise risk management frameworks. The domiciliary regulators of other insurers within the group may also request a copy of the ORSA Report.

One of the key issues during the ORSA Model Act development process involved coordination of regulators reviewing ORSA Reports, especially where reports are submitted by insurance groups that have insurers domiciled in many jurisdictions. Industry, and eventually regulators, agreed that requiring review coordination through a lead state would prevent potentially conflicting and duplicative responses to multiple requests for information. The final version of the ORSA Model Act incorporates this lead regulator approach.

Contents of ORSA Reports In terms of content, ORSA Reports should be a high-level summary of the insurer’s ORSA. ORSA Reports will be expected to include information in three key areas:

• A description of the insurer’s risk management framework
• An assessment of risk exposure
• An assessment of the group’s capital to support its risks and a prospective solvency assessment

An ORSA Report can consist of materials that have been compiled for another purpose, provided they contain the information described in the ORSA Manual; the ORSA Report may also be a “substantially similar” document provided to a regulator in a foreign jurisdiction.

Exemptions Insurers may be exempt from the ORSA Model Act, including preparing an ORSA and filing an ORSA Report, if they are small in size (generally insurers with less than $500 million in annual premiums, which are part of an insurer group with less than $1 billion in annual premiums). Notwithstanding the premium tests, state regulators may nevertheless require ORSA Reports in certain circumstances, such as an insurer’s risk-based capital falling below the “company action level”, or if requested by federal agencies or international insurance supervisors.

Confidentiality Much of the delay in passing the ORSA Model Act involved concerns over confidentiality of ORSA Reports and supporting materials, due to their unique and sensitive nature. By way of comparison, the “Form F” disclosures in Enterprise Risk Reports (filed with insurers’ annual holding company act registration (Form B) statements) focus upon recent and current developments that could affect an insurer’s RBC status or financial condition, whereas ORSA evaluates current and future risk management issues, future solvency positions and strategic plans. Further, Form F information will often be available in SEC filings and other publicly available documents, whereas ORSA Reports will based largely upon sensitive, internal company documents.

Overall, the NAIC agreed that confidentiality is paramount, and, in addition to including specific confidentiality provisions in the ORSA Model Act, discussed below, an introductory declaration was included specifying legislative intent that the ORSA Report be confidential. The extensive confidentiality sections of the ORSA Model Act provide that all materials, including the ORSA Report, provided to a state insurance department pursuant to the ORSA Model Act are proprietary and contain trade secrets and are considered confidential, privileged and not subject to state freedom of information/sunshine acts. They also are not subject to subpoenas or discovery or admissible in evidence in any private civil action (except to further a regulatory or legal action brought as part of the state insurance commissioner’s official duties). Furthermore, the material may not be made public without the prior written consent of the insurer. A state insurance commissioner may share ORSA materials with other state, federal and international financial regulatory agencies, including members of any supervisory college, the NAIC and any third-party consultants designated by the commissioner, if the recipient agrees in writing to maintain the confidentiality and privileged status of the ORSA-related materials and verifies in writing the legal authority to maintain confidentiality.

Finally, in addition to preparing ORSA Reports, insurers will need to ensure they create an appropriate system for documenting the information that is included in their risk assessment processes, because such documentation, and all information that supports the subject assessments, must be maintained and made available during the examination process or upon the request of the state insurance commissioner.

The Insurance and Financial Services Practice of Sidley Austin LLP Sidley is one of only a few internationally recognized law firms to have a substantial, multidisciplinary practice devoted to the insurance and financial services industry. We have approximately 85 lawyers devoted exclusively to providing both transactional and dispute resolution services to the industry, throughout the world. Our Insurance and Financial Services Group has an intimate knowledge of and appreciation for the industry and its unique issues and challenges. Regular clients include many of the largest insurance and reinsurance companies, brokers, banks, investment banking firms and regulatory agencies, for which we provide regulatory, corporate, securities, mergers and acquisitions, securitization, derivatives, tax, reinsurance dispute, class action defense and other transactional and litigation services.

To receive Sidley updates via email, please click here.

This Sidley Update has been prepared by Sidley Austin LLP for informational purposes only and does not constitute legal advice. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. Readers should not act upon this without seeking advice from professional advisers.

Attorney Advertising - For purposes of compliance with New York State Bar rules, our headquarters are Sidley Austin LLP, 787 Seventh Avenue, New York, NY 10019, 212.839.5300 and One South Dearborn, Chicago, IL 60603, 312.853.7000. Prior results described herein do not guarantee a similar outcome.