The U.S. Securities and Exchange Commission issued a concept release focusing on internal control reporting requirements under the Sarbanes-Oxley Act of 2002. According to one trade group representative, the release could conceivably be used to make a case against adopting amended financial reporting changes adopted by the National Association of Insurance Commissioners.

The SEC concept release (No. 34-54122) was issued on July 11 to see if there is support from the public for additional guidance regarding compliance with SOX, in particular, Section 404 internal control reporting requirements.

The decision to issue the concept release was in part due to earlier comment from smaller companies requesting more guidance to meet these requirements cost effectively. The SEC noted the concept release did not necessarily mean there was dissatisfaction with the current requirements but rather reflected a commitment to make requirements “scalable” for companies of all sizes.

At its summer meeting last month, the NAIC adopted amendments to the Model Regulation Requiring Annual Audited Financial Reports, commonly known as the Model Audit Rule.

The revisions reflected changes made after insurers complained that the cost of complying with these changes would have an undue effect on smaller insurers. Publicly traded insurers already have to comply with SOX. The new model, if adopted by states, will extend requirements such as internal control requirements to mutual insurance companies, as well.

Consequently, insurers with $500 million or more in direct and assumed premium would have to file a report with their state insurance department regarding their assessment of internal control over financial reporting, effective Jan. 1, 2010. The internal reporting requirement reflects Section 404 requirements in SOX.