Bankers might argue, but some industry observers believe detecting a money-laundering scheme at a bank is a little less complicated than uncovering similar activities at an insurance company. Its real easy to detect [at a bank], says Rick Delotto, senior research analyst for Gartner. Someone shows up with a suitcase full of money and a slightly confused expression on his face. Bankers have had a 30-year head start over insurers in dealing with money-laundering issues, but carriers are highly experienced in dealing with government regulators. The meat and potatoes compliance issues for insurersform filings, rates, licensing, and proceduresare longstanding concerns on the minds of carriers, while money-laundering issues and growing lists provided by the Office of Foreign Assets Control (OFAC) have grabbed a great deal of attention over the last 18 months. Since 9/11, terrorism issues have taken the forefront, but regulatory issues are still in the background, says Tom Tomlinson, directorrate development and filings, at commercial line carrier Bituminous Insurance. The NAIC has to continue to strive to meet market goals as best it can.
The USA PATRIOT Act (take a deep breath here: Uniting and Strengthening America by Providing Appro-priate Tools Required to Intercept and Obstruct Terrorism) was the federal governments reaction to the 9/11 attacks. One of the chief areas of concern for life insurers is a section dealing with efforts to stop money-laundering scams. While this area hasnt been a major concern for property/casualty in-surers (at least for now), that group has had to deal with the Treasury Departments OFAC list that requires American businesses not to conduct any business with those entities that appear on the list. Lynn Snyder, assistant vice president of compliance for Chubb Group of Insurance Companies, says the OFAC list is difficult for insurers to deal with. There are so many names, she says. You may not even know youre dealing with one of these listed persons or entities until a claim arises and you obtain more specific detail about the claimant.
There are software packages available, Snyder says, that will check on every risk an insurer faces to determine whether the insurer is dealing with some type of prohibited entity or person. Its not foolproof, she says. But its probably the best the vendors have come up with to date.
Many insurance watchers believe it is impossible to launder money through a property/casualty firm, but Delotto thinks there are opportunities out there for those willing to take a loss. Kimberly Harris, Gartners research director, doesnt believe fraud detection systems used by most insurers are capable of combating this new wave of illegal activities. Fraud practices in the P&C industry are not that wonderful, she asserts.
The challenge is there are areas of fraud that may be new to insurers. Insurers are good at what they are used to dealing with, Delotto says. Part of the Patriot Act compliance is dealing with drug traffickers and traditional mobsters. The rest of it is dealing with governments and para-state organizations. The average insurance company can catch the average mobster. Whether it can deal with a government doing a long-term scam, I dont know. Whether it can deal with a terrorist whos willing to accept a 90 percent discount on his cash, I dont think [an insurer] can do that.
Snyder knows this is new ground for U.S. companies and there arent always enough guidelines. Every claim we receive has to be checked, she says. Every risk we write has to be checked, and we dont always have the correct or complete information to compare. When we write workers compensation policies, for example, we may not get the name of every single person we are insuring. We may not find out until a claim comes in, and then it is too late. Weve already insured the person and may be subject to a penalty. Another problem is the similarity of names. Is the person we are insuring really the same as the name on the list?
She feels one advantage insurers have in this regard is they have been dealing with 52 political jurisdictions for years. There are only 11 countries on the OFAC prohibited list at this time, but the list of prohibited organizations and individuals is quite large, she says.
Delotto believes P&C insurers need to go beyond the OFAC lists and follow Section 326 of the Patriot Act: Verification of Identification Program Rules. This is more than being a good citizen, says Delotto. Its sound business. Insurers have to do OFAC anyway. All [Section 326] does is give you more information about your customer, and certainly no businessman can say that is not prudent.
While You Were Away
Traditional compliance issues dealing with the 50 states, Washington, D.C., and Puerto Rico have not gone away while the nations attention has been diverted by terrorists. With so many different regulators, insurers have become accustomed to the intermittent stops and starts, but Tomlinson feels insurers have made it known to regulators that in todays world speed to market is an important factor for all lines of insurance.
The classic example Im familiar with involved [Bituminous] coming out with a product that was of interest and need to our contracting community, says Tomlinson. To do that, we virtually have to file that product nationwide. Each state has its own set of rules we have to comply with, and every state has a different procedure in reviewing what we have submitted.
Snyder believes the states understand the wishes of the carriers to achieve some type of uniformity, but it is still a way off. They are far from it, which means that however many jurisdictions a company writes in, multiple sets of laws and criteria apply to everything we do, she says. If you dont have a systematic electronic approach to handling these issues, its very difficult. But to try to build a computer system to handle this level of complexity can have a major impact on your resources.
Doug Roller, CEO of Duck Creek Technology, agrees. Every [state] is different. Some are very progressive, and some are going to be much slower to respond, he says. There is a difficult balancing act faced by those dealing in this market. You have to make a solution that is useful to the carrier but not intrusive to the [Department of Insurances] procedures.
Getting into Shape
Programming complexity also depends on the types of insureds and coverages a company writes, as well as on the rate and form flexibility required. Snyder says the more uniformity in the state regulations regarding rates, policy forms, and procedures, the more easily insurers can program their systems to achieve compliance.
Tomlinson thinks it is bad enough there are different rules for the various states, but many of the states also make it hard for insurers to submit their plans. Every state has a different procedure in reviewing what we have submitted, says Tomlinson. Some require you to unbundle your filing if you are doing something that pertains to forms. If it has something to do with rates and rules, you submit a different plan for rates and rules. So youve got something that can potentially be going in two different directions in one insurance department.
Insurers understand red tape, but Tomlinson complains some states are not responsive to the needs of their customers, both the insurers and the insureds. Im not going to name the state, but its a common assertion in the industry today that youll be lucky to get something approved in that state within a year, he says.
Passing Out Credit
He does give the National Association of Insurance Commissioners (NAIC) credit for turning around some of its processes, in particular the adoption of System for Electronic Rate and Form Filing (SERFF), which allows insurers to deliver filings electronically to the various departments of insurance in the states. That has helped cut down the mail delays and the personal handling issuesthe shuffling of paper in the insurance departments, says Tomlinson.
Over the last two years, thanks to a push by industry lobbyists, the NAIC steadily has improved its speed to market and achieved some success. Tomlinson also believes regulators woke up when the Clinton Administration began its look at repealing the Glass-Steagall Act. State insurance departments werent too hep on that, exclaims Tomlinson. They saw themselves being put out of business.
Earlier this year, the NAIC made another step forward by agreeing to integrate SERFF into a commercial software systemInSystems Tracker, an automated electronic compliance solution. Cathy Weatherford, executive vice president and CEO of the NAIC, says the integration demonstrates the organizations commitment to increasing the efficiency of electronic filing for insurers. Our customers will benefit from another option to streamline and automate the rate and form filing process, adding tremendous business value, says Weatherford.
Virtually all of the states now are using SERFF, and Tomlinson, who also uses the Tracker system, feels the combination will work well, as Tracker creates the filing package for submission to the states. Now, being able to submit the forms and rate packages as they are being developed, rather than exporting them from one system into another, has improved the speed to market. Thats the true beauty of this arrangement, says Tomlinson.
Debbi Marquette, director of compliance solutions for InSystems, adds, In partnering with the NAIC, we are able to provide a complete compliance automation solution for our customers, addressing every phase of the compliance life cycle. Such a move was an inevitable step for the NAIC, according to Marquette. Its not like [the NAIC] had the money to build it itself, she says.
Forget-Me-Nots
The technology advantage is important in compliance efforts since the system can perform complex but repetitious functions. For insurers, that means the correct forms are used for the correct states, and all the state-required endorsements are included on the policies. What we want to do with an electronic system is to replace uncertain human behavior in certain areas. Underwriters simply cant remember every possible thing they are supposed to be doing, says Snyder. If you can set your system up to prohibit incorrect usage and to put required endorsements on the policy automatically, you just have saved yourself from potentially major compliance headaches. As a compliance manager, Snyder says there is a good feeling that comes when an audit is conducted and the correct forms and endorsements are in place.
Ray Simon, president of software developer INSTEC, believes carriers need to have a good architecture to deal with constant changes in rates and forms. Changes and software dont go together well, he says. And for most carriers, their core competency is insurance, not software.
On the rating side, Snyder says the criteria are different in virtually every state. For the most part, you have some kind of filed rating plan you have to work with, and if its not filed, you have individual risk filings that have to be sent to the state for approval, she says. Chubbs system uses rating sheets that follow an individual states filed rating plan. We save everything electronically so it feeds these documents right into our electronic customer file, according to Snyder. Once the underwriter determines the coverage and prices the risk, this information feeds automatically to quote, which feeds automatically to bind, which feeds automatically to issuance of the policy.
The Chubb system also employs pop-up reminders. One of our issues involves the use of loss-control notices on policies, she says. Which notice we use depends on which coverages have been purchased for a particular package policy. The pop-up reminder essentially says, If they bought this coverage, you use this notice. The system also could look at the coverages purchased and build the notice by selecting wording modules appropriate only to those coverages.
Whats the Issue?
Insurers are required as well to be in compliance with areas such as claims handling, policy issuance, and nonrenewal notices. Snyder points out insurers are required to give a certain number of days notice if a policy wont be renewed. De-pending on which state the insured is in, the system pulls up the right form or letter for the underwriters to use so they know the proper information to include in the notice, says Snyder. Electronic policy issuance can eliminate discrepancies between what was bound and what was issued, according to Snyder. The issuance time can be reduced to minutes instead of days.
Of course, not everything can be done electronically. Snyder points to optional endorsements as one area. If you have a large number of possible endorsements to use, finding the best endorsements to use along with the other endorsements to use can be very challenging, she says. These are things that are just not cost effective to try to program. Between the broker, the insured, and the underwriter, the policy generally receives very careful review, and any confusion will be resolved.
Tomlinson believes the NAIC is listening to insurers today, something it didnt always do in the past. It has listened and learned over the years, he says. He points to the SERFF concept as one area of improvement. It is willing to listen and value whatever input we can offer into its process, so [the solution is] ultimately seen as workable for all parties involved, Tomlinson adds.
He believes it took a push from the federal government to get the states eventually working together and with the insurance industry. If the states didnt get on board and get reciprocal arrangements set up fast enough, that would have been another feature that would have fallen into the hands of the federal government.
Final HIPAA Privacy Deadline This Month
Ready or not, HIPAA privacy guidelines take effect on April 14. Even though most health insurers are likely to be in compliance with the regulations, Don Seiden, president of the consulting firm HospITech Solutions, believes some insurers actually believed the entire issue was going to disappear.
Seiden places part of that blame on the government, which he feels hasnt been uniform in the way it has issued rules and deadlines. I think some people actually took the attitude the whole thing was going to go away, he says. But that is not going to happen. All the dates are firmed up now, he adds. Although the government could change the legislation annually.
Most of the larger insurers already are in compliance with the privacy rules, and Seiden believes their emphasis will now be to ensure employees understand the requirements. For some of the smaller insurers, I dont think they readily adapted to the compliance efforts, he says.
Seiden asserts that because the HIPAA legislation is so pervasivecovering payers, providers, and everything in betweenthe government does not have the manpower to investigate whether every health insurer is compliant. Its going to go on a complaint basis, he says. They arent going to go after anybody unless a disgruntled employee or a consumer turns them in.
Compliance has been difficult for insurers, Seiden says, warning things are going to get tougher in the coming months and years. I think the rule that will be the toughest for insurers is the one due in October of this year, which is transactions and codes, he says. That is the one that is going to affect IT as it standardizes the way payments are sent and received. That requires quite a bit of work.
The original deadline for transactions was last October, but Seiden says most insurers applied for a one-year extension. The provisions of that extension call for insurers to meet a deadline of April 16, 2003, to prove they can send and receive claims. The rest of the time [until October] will be to convert file structures, he says.
Looking off into the future, security standards need to be in place in the year 2005.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.