Corporate Governance Annual Disclosure: New Accreditation Requirement

More About | Insurance | Risk & Regulatory

Effective Jan. 1, 2020, the Corporate Governance Annual Disclosure (CGAD) Model Act became an accreditation requirement. U.S. insurers, or the insurance group in which the insurer is a member, must submit a CGAD to its lead state or domestic regulator on an annual basis.

KEY POINTS
  • All insurers in the U.S., regardless of size or annual written premiums, need to submit a CGAD.
  • The CGAD requires the chief executive officer (CEO) or corporate secretary to attest that the insurer has implemented corporate governance practices and provided a copy of the disclosure to the insurance company’s lead state or domestic regulator.
  • The insurer or the insurance group must file the CGAD no later than June 1 of each calendar year.
  • Insurers who fail to file the CGAD by the deadline may be subject to a penalty.
Background

The National Association of Insurance Commissioners (NAIC) adopted the CGAD Model Act (#305) and Regulation (#306) in January 2014 requiring U.S. insurers to disclose certain information on their corporate governance framework and structure. For additional information on the CGAD Model Act (#305) and Regulation (#306), refer to, Corporate Governance in the Insurance Industry.

Considerations

The Model Act requires insurers to review their governance framework and provide documentation outlining the board of directors (board), its significant committees, senior management’s definitive responsibilities for governing the insurer and the processes that ensure oversight of critical risks. Documentation must be detailed and include examples that demonstrate the strengths of the insurer’s governance framework and practices.

The insurer’s corporate governance framework and structure should describe and discuss:

  • Rationale for the current board size and structure;
  • Duties of the board and its significant committees; and,
  • How the board and its significant committees are governed (e.g., bylaws, charters, informal mandates etc.).

The policies and practices in place that provide direction to the board and its significant committees should include:

  • Qualifications and expertise of board members;
  • Processes for electing and re-electing board members, including nomination committee, term limits and policy on board diversity;
  • How an appropriate amount of independence is maintained; and,
  • Procedures for evaluating performance of the board and its significant committees.

The policies and practices in place that provide direction to senior management should include:

  • Processes to determine officers and key persons in control functions have the appropriate background and experience (e.g., suitability standards);
  • A description of the code of business conduct and ethics;
  • Details on compensation programs, including the board’s role in monitoring compensation, how compensation is calculated for each program and how compensation relates to company and individual performance;
  • Plans for CEO or senior management succession planning.

The processes by which the board, its significant committees and senior management ensure oversight of critical risk areas impacting the insurer’s business should include:

  • How oversight and management responsibilities are delegated between the board, its significant committees and senior management;
  • Reporting on strategic plans, risks, and management of those risks to the board;
  • Procedures for approving the risk profile and assuring it is followed; and,
  • Reporting on critical risk areas, which may include risk management processes, actuarial function, investment and reinsurance decision-making processes and market conduct and compliance.

If any of the policies or practices are addressed in other filings, such as the Own Risk and Solvency Assessment (ORSA), the insurer may comply by referencing those filings rather than disclosing in the CGAD.

After filing the CGAD in the initial year, insurers need to submit an amended version of the previously filed CGAD only if changes are made. If there are no updates to the policies or practices previously reported, the insurer can disclose there are no updates for the current year.

Incorporating CGAD & Enterprise Risk Management (ERM)

At a minimum, an effective ERM framework must incorporate a risk culture and governance that defines the roles and responsibilities of the board and senior leadership.

The implementation of an ERM framework gives an insurer the proper governance tools for addressing both quantitative risk (e.g., capital, investment and market) and qualitative risk (e.g., operational and reputation). Insurers need to create a governance structure that embeds risk management oversight, even if the insurer is below the threshold for filing the ORSA.

The creation of the Risk Appetite Statement (RAS) by the board and senior leadership plays an integral part in corporate governance. Those in governance roles need to explicitly understand risk appetite when defining and pursuing objectives, formulating strategy and allocating resources. The RAS incorporates oversight responsibility to the defined corporate governance structure while driving alignment throughout the organization.

For some insurers, the CGAD requires drastic structural and procedural changes that take time and resources to implement. The benefit to all insurers is a well-documented governance framework that links risk management, strategic planning and effective oversight.

For insurers above the ORSA threshold, aligning ERM, ORSA and CGAD together into one complete approach allows for a comprehensive and consistent evaluation of risk culture and governance, risk assessment and solvency testing within the same framework.

Strategic Implementation

Insurers should establish a process for the annual submission and take the following steps to prepare for CDAG compliance:

IDENTIFY
  • Identify gaps in corporate governance framework, structure and oversight policies and procedures
  • Identify key stakeholders for all CGAD requirements
ANALYZE
  • Evaluate the communication process for critical risk areas
  • Complete a gap analysis of policy, procedures and suitability documentation for the board
REVIEW
  • Review key conduct and ethics policies for thoroughness and applicability
  • Review committee charters for completeness

Insurers should consider potential validation of their corporate governance as described in the CGAD by a third party. Additionally, third parties can provide guidance and assistance in both developing and embedding an ERM framework into an insurer’s corporate governance framework. DHG’s team of risk management professionals can assist you in understanding your responsibilities for CGAD.

Related Knowledge Share