Terrorism Risk Insurance Program 2022 Data Call

AGENCY:

Departmental Offices, U.S. Department of the Treasury.

ACTION:

Request for comments.

SUMMARY:

Pursuant to the Terrorism Risk Insurance Act of 2002 (TRIA), the Federal Insurance Office (FIO) requests public feedback on the proposed revisions to the data collection forms for use in the 2022 data call. Copies of these forms and associated instructions (which identify changes to the reporting templates and instructions as previously used by Treasury) are available for electronic review on the Treasury website at https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-program/annual-data-collection. State insurance regulators, through the National Association of Insurance Commissioners (NAIC), will also be separately seeking comment from stakeholders on the proposal.

DATES:

Submit comments on or before January 18, 2022.

ADDRESSES:

Submit comments electronically through the Federal eRulemaking Portal: http://www.regulations.gov,, or by mail to the Federal Insurance Office, Attn: Richard Ifft, Room 1410 MT, Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220. Because postal mail may be subject to processing delays, it is recommended that comments be submitted electronically. If submitting comments by mail, please submit an original version with two copies. Comments concerning the proposed data collection forms and collection process should be captioned with “2022 TRIP Data Collection Comments.” Please include your name, group affiliation, address, email address, and telephone number(s) in your comment. Where appropriate, a comment should include a short Executive Summary (no more than five single-spaced pages).

FOR FURTHER INFORMATION CONTACT:

Richard Ifft, Senior Insurance Regulatory Policy Analyst, Federal Insurance Office, Room 1410 MT, Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220, at (202) 622-2922 (not a toll-free number), or Sherry Rowlett, Program Analyst, Federal Insurance Office, at (202) 622-1890. Persons who have difficulty hearing or speaking may access these numbers via TTY by calling the toll-free Federal Relay Service at (800) 877-8339.

SUPPLEMENTARY INFORMATION:

I. Background

TRIA created the Terrorism Risk Insurance Program (Program) within the U.S. Department of the Treasury (Treasury) to address disruptions in the market for terrorism risk insurance, to help ensure the continued availability and affordability of commercial property and casualty insurance for terrorism risk, and to allow for the private markets to stabilize and build insurance capacity to absorb any future losses for terrorism events. TRIA requires the Secretary of the Treasury (Secretary) to perform periodic analyses of certain matters concerning the Program. In order to assist the Secretary with this process, TRIA also requires insurers to submit on an annual basis certain insurance data and information regarding their participation in the Program. FIO is authorized to assist the Secretary in the administration of the Program.

Treasury began collecting data from insurers in 2016 on a voluntary basis, and on a mandatory basis in 2017. Treasury also arranged in 2017 for workers' compensation rating bureaus to provide most of the workers' compensation insurance data elements. Beginning in 2018, Treasury and state insurance regulators have conducted a consolidated data call, in which participating insurers can, for the most part, submit the same reporting forms to Treasury and state regulators to satisfy the respective objectives of both Treasury and state insurance regulators.

Program regulation 31 CFR 50.51(a) requires insurers to submit the specified data no later than May 15 of each calendar year. Treasury, through an insurance statistical aggregator, uses a web portal through which insurers must submit the requested data; state regulators collect the same data through a portal operated by New York State. All information submitted via the Treasury web portal operated by its insurance statistical aggregator is subject to the confidentiality and data protection provisions of applicable federal law.

Insurers subject to the consolidated data call report on a group basis, if part of a group, and otherwise report on an individual company basis.

II. General Reporting Issues and Proposed Changes to Data Collection Templates

Pursuant to TRIA, Treasury has coordinated with publicly available sources to collect information for the 2022 data call. Information relating to workers' compensation exposures continues to be available from the workers' compensation rating bureaus, and those entities have again agreed to provide that information on behalf of participating insurers. Treasury has determined, however, that all other data components remain unavailable from other sources. Accordingly, Treasury will continue to request this remaining data and information directly from insurers.

Treasury again proposes to use four different data collection templates (see 31 CFR 50.51(c)), depending upon the type of insurer involved. Insurers will fill out the template identified “Insurer (Non-Small) Groups or Companies,” unless the insurer meets the definition of a small insurer, captive insurer, or alien surplus lines insurer as set forth in 31 CFR 50.4. Such small insurers, captive insurers, and alien surplus lines insurers are required to complete separate tailored templates. Each template to be completed by each category of insurer contains multiple worksheets and is accompanied by separate instructions providing guidance on each data element requested in each worksheet.

There are two general categories of material changes to the proposed reporting templates for 2022—one that applies solely to captive insurers, and the second that applies to the Cyber worksheet, which is contained in all templates and is to be completed by all participating insurers that write cyber insurance.

In the upcoming data call, Treasury plans to obtain more detailed information on the terrorism risk insurance issued by the captive insurers. First, Treasury is now seeking information that will allow FIO to determine whether the insurance coverage provided by the captive insurer to a policyholder encompasses the reimbursement of such policyholder's deductible that must be satisfied under a policy issued by another insurer. In prior data calls, Treasury has only requested separate information on the deductible reimbursement coverage for workers' compensation insurance (where it forms a significant percentage of all workers' compensation insurance issued by captive insurers). For other lines of insurance, Treasury has previously instructed captive insurers to combine the deductible reimbursement insurance to policyholders with other insurance written by the captive in the same line of insurance. The proposed changes request that the information be broken out by each TRIP-eligible line of insurance, which results in changes to both the Premium and Exposure Bases worksheets, where information is collected on a line-by-line basis. Second, in order to obtain a more complete view of the scope of the captive's operations, FIO is proposing two additional changes. The first proposed change will require captive insurers to provide the total amount of all other non-TRIP eligible direct earned premium of the captive insurer on the Premium worksheet. The second proposed change, on the Exposure Bases worksheet, requests information on whether coverage is being issued by the captive insurer that only provides coverage for nuclear, biological, chemical, and radiological (NBCR) exposures, in light of prior findings by FIO (and others) that the ability to obtain NBCR coverage in the conventional market is limited.

The second area of material changes relates to the Cyber worksheet, which is completed by all participating insurers that write cyber insurance. In 2016, Treasury issued guidance confirming that cyber insurance written in a TRIP-eligible line of insurance is subject to the Program. In 2018, Treasury began to collect cyber insurance information in the TRIP data call for the first time. In 2021, Treasury finalized a rule change codifying its prior guidance that cyber insurance written in a TRIP-eligible line of insurance is subject to the Program. The cyber insurance market continues to grow and evolve, and cyber-related losses (particularly with regard to ransomware) have increased significantly over the past few years. In view of recent market developments and the important role of cyber insurance in the Program, Treasury would like to obtain more detailed information relating to the availability and affordability of such coverage in the market.

Interested parties should review the proposed Cyber worksheet contained within each proposed reporting template, along with the revised Instructions for that worksheet, for further details on the proposed changes.

The following paragraphs summarize the changes to the overall format of the worksheet:

(1) As Treasury recognized in its 2016 Cyber Guidance and in its final rule in 2021, not all cyber insurance is written in TRIP-eligible lines of insurance that would be subject to the Program. In order to assess the amount of cyber insurance that is not subject to the Program, and the potential implications for the Program, Treasury is now requesting premium and limits information for cyber coverages written in non-TRIP-eligible lines of insurance.

(2) For cyber insurance written in both TRIP and Non-TRIP eligible lines, Treasury is now also requesting premium and policy count information broken out by size of policyholder. This information is separated into large, medium and small categories, as measured by the number of employees of the policyholder. This new data will assist Treasury in assessing the availability, affordability, and take up of cyber insurance for businesses in different size categories.

(3) Cyber extortion coverage (which may or may not extend coverage for ransomware payments) also can be an element of cyber insurance coverage. Ransomware has emerged as a significant risk exposure for United States businesses and for cyber insurers providing coverage for those exposures. In order to better understand the scope of insurance coverage being provided for this risk and its potential implications for the Program, Treasury is now requesting more specific information on the cyber extortion coverages provided under cyber insurance policies.

(4) Given the significant increase in ransomware activity and reported substantial claims payments by insurers providing cyber insurance, Treasury is also requesting loss information regarding these ransomware exposures.

For the 2022 data call (requesting insurer data for calendar year 2021), an insurer will qualify as a small insurer if it had both 2020 policyholder surplus and 2020 direct earned premium in the TRIP-eligible lines of insurance of less than $1 billion. Small insurers that had TRIP-eligible direct earned premium of less than $10 million in 2021 will be exempt from the 2022 consolidated TRIP data call. Neither captive insurers nor alien surplus lines insurers are eligible for this reporting exemption. The only changes to the small insurer template are in connection with the global changes for cyber insurance identified above.

The non-small insurer template should be completed by insurance groups (or individual insurers not affiliated with a group) that had either a 2020 policyholder surplus or 2020 direct earned premium in the TRIP-eligible lines of insurance equal to or greater than $1 billion and are not otherwise subject to reporting as captive insurers or alien surplus lines insurers. The reporting template for non-small insurers does not contain changes, other than the global changes relating to cyber insurance described above.

Captive insurers are defined in 31 CFR 50.4(g) as insurers licensed under the captive insurance laws or regulations of any state. As in prior years, captive insurers that write policies in TRIP-eligible lines of insurance are required to report unless they do not provide their insureds with any terrorism risk insurance that is subject to the Program. As noted above, the captive insurer reporting template contains changes on the Premium and Exposure Bases worksheets, as well as the global changes relating to cyber insurance described above.

Alien surplus lines insurers are defined in 31 CFR 50.4(o)(1)(i)(B) as insurers not licensed or admitted to engage in the business of providing primary or excess insurance in any state, but that are eligible surplus line insurers listed on the NAIC Quarterly Listing of Alien Insurers. Alien surplus lines insurers that are part of a larger group classified as a non-small insurer or as a small insurer should report as part of the group, using the appropriate template. Therefore, the alien surplus lines insurer template should only be used by an alien surplus lines insurer that is not part of a group that is subject to reporting on a different template. The reporting template for alien surplus lines insurers does not contain changes, other than the global changes relating to cyber insurance described above.

As in past consolidated data calls, state insurance regulators will provide their own guidance regarding the submission of reporting templates to the New York Portal, as well as in connection with any additional data that may be required for the state data call.

III. Submission of Data

Following registration with the data aggregator, all insurers will be provided with the appropriate reporting templates for completion. Reporting insurers that wish to report in .csv format can obtain information from the data aggregator on how to do so. Insurers will be required to submit the completed reporting templates through a secure web portal provided by the data aggregator. Submission of reports to the New York Portal does not satisfy the obligation to report to Treasury in the TRIP data call. All data must be provided no later than May 15, 2022, which will also be the reporting deadline for state insurance regulators. Treasury intends to provide training and additional resources throughout the data collection period to facilitate the proper completion of reporting templates.

Reporting under the 2022 data call will be mandatory for all commercial property and casualty insurers writing insurance in lines subject to TRIA, unless the insurer falls within the exceptions for certain small insurers and captive insurers described above.

IV. Request for Comments

To ensure efficient and accurate completion of the forms, Treasury is requesting public feedback on the content of the 2022 data call reporting templates outlined in this Request for Comments and on associated matters. In particular, Treasury requests comments on the following issues:

(1) Please comment upon the proposed material changes to the existing data collection forms as respects captive insurers and cyber insurance.

(2) Are there other publicly available information sources that bear upon the identified issues concerning captive insurers and insurers writing cyber coverage that Treasury should consider in connection with the information identified in this Request for Comments?

(3) Is there any additional information that Treasury should collect given the proposed changes regarding captive insurers, in light of the matters identified in this Request for Comments?

(4) Is there any additional information that Treasury should collect given the proposed changes regarding insurers writing cyber coverage, in light of the matters identified in this Request for Comments?

The proposed forms are available for review at https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-program/annual-data-collection.

V. Procedural Requirements

Paperwork Reduction Act. The collection of information contained in this Request for Comments will be submitted to the Office of Management and Budget (OMB) for review as a revision to OMB Control Number 1505-0257 under the requirements of the Paperwork Reduction Act, 44 U.S.C. 3507(d). Comments should be sent to Treasury in the form discussed in the ADDRESSES section of this Request for Comments. Comments on the collection of information should be received by January 18, 2022.

Comments are being sought with respect to the collection of information in the proposed Terrorism Risk Insurance Program 2022 data call. Treasury specifically invites comments on: (a) Whether the proposed collection is responsive to the statutory requirement; (b) the accuracy of the estimate of the burden of the collections of information ( see below ); (c) ways to enhance the quality, utility, and clarity of the information collection; (d) ways to use automated collection techniques or other forms of information technology; and (e) estimates of capital or start-up costs and costs of operation, maintenance, and purchase of services to maintain the information.

Treasury previously analyzed the potential burdens associated with the 2021 data call. See 85 FR 41676, 41677-78 (July 10, 2020). The information sought by Treasury comprises data elements that insurers currently collect or generate, although not necessarily grouped together the way in which insurers currently collect and evaluate the data. Based upon insurer submissions in the 2021 data call, Treasury estimates that for purposes of the 2022 data call, approximately 100 Program participants will be required to submit the “Insurer (Non-Small) Groups or Companies” data collection form, 225 Program participants will be required to submit the “Small Insurer” form, 575 Program participants will be required to submit the “Captive Insurer” form, and 100 Program participants will be required to submit the “Alien Surplus Lines Insurers” form.

Each set of reporting templates is expected to incur a different level of burden. At the time of the 2020 estimate, the average burden estimate for Non-Small Insurers was 82 hours; for Small Insurers, 28 hours; for Captive Insurers, 51 hours, and for Alien Surplus Lines Insurers, 51 hours. When Treasury added a Cyber worksheet to the reporting templates in 2018, it did not estimate any additional material burden at that time associated with incremental addition of requiring some limited cyber insurance reporting.

The changes to the proposed data reporting elements in 2022 are not anticipated to have a significant impact on Treasury's prior burden estimates with respect to the additional requested information specific to captive insurers, as the additional information is largely the same information that has been previously collected, with the additional requirement that such information be divided between deductible reimbursement policies versus other policies in the same line of insurance. Given the relatively small number of policies issued by captive insurers, the additional effort to make this separation (assuming the captive insurer issues policies in both categories) should not be significant. Treasury does anticipate that the additional information collection concerning cyber insurance (which is sought from each category of participating insurer) will have an impact upon the existing burden estimates.

Although the amount of information requested concerning cyber insurance is more than has been requested in the past, it is in generally in the same format, with the exception that some information is now requested to be provided by size of policyholder. FIO anticipates that this will require some further manipulation of the data by participating insurers than in prior years. In addition, the templates now request claims-related information. Accordingly, for those insurers required to respond to the Cyber (Nationwide) worksheet, Treasury anticipates an additional 10 hours of burden, based upon its own evaluation and engagement with its data aggregator. That estimate, however, should be reduced by the percentage of insurers in each respective category that complete the Cyber worksheet. Based upon the results of the 2021 data call, 80 percent of Non-Small Insurers, 33 percent of Small Insurers, 10 percent of Captive Insurers, and 60 percent of Alien Surplus Lines Insurers provided information in connection with this worksheet. Accordingly, Treasury estimates the incremental additional burden for each group as 8 hours for Non-Small Insurers, for 90 hours total; 4 hours for Small Insurers, or 32 hours total; 1 hour for Captive Insurers, or 52 hours total; and 6 hours for Alien Surplus Lines Insurers, or 57 hours total.

Assuming this breakdown, and when applied to the number of reporting insurers anticipated in light of the experience of the 2021 data call, the estimated annual burden would be 51,800 hours ((100 insurers × 90 hours) + (225 insurers × 32 hours) + (575 insurers × 52 hours) + (100 insurers × 57 hours)). At a blended, fully loaded hourly rate of $52.25, the anticipated labor cost would be $2,706,550 across the industry as a whole, or $4,703 per Non-Small Insurer, $1,672 per small insurer, $2,717 per Captive Insurer, and $2,978 per Alien Surplus Lines Insurer.