2014 was a challenging and uncertain year for insurance regulation. From unethical annuity sales tactics to stress tests and SIFIs to pension law to health care reform, it was a year of increased scrutiny of the industry and ongoing examinations of current regulations. 

And it seems this year is not much different. 2015 ushers in new rules and modified requirements that could significantly affect how companies operate. Deloitte’s annual “Top Regulatory Trends for 2015 in Insurance” claims that “Regulatory bodies in the U.S. and abroad have been significantly expanding their compliance, oversight and enforcement activities in recent years, and this is a trend which is expected to accelerate and add to rule-making and overlapping of regulatory roles.”

To read which regulatory trends Deloitte ranks as most important for the insurance industry, read on.

5. Focus on annuities

It may come as no surprise to some that annuities make the list of important regulatory trends this year. With the product’s complexity, the potential for misunderstanding and misrepresentation from agents and brokers increases. According to Deloitte, there is a strong possibility that interest rates will remain historically low for the foreseeable future, which could make it difficult for insurance companies to deliver the anticipated payment streams without having to hit policyholders with unexpected premium increases. “These factors are prompting regulators to increase their scrutiny of annuity products and how they are advertised, marketed and sold,” the report states.

One year ago, we ran a story about a pair of brokers, an investment advisory firm and several others involved in a variable annuities scheme to profit from the imminent deaths of terminally ill patients in nursing homes and hospice care. The individuals involved, Michael A. Horowitz and Moshe Marc Cohen, also made our annual Rogue’s Gallery list.

Insurers can look for more regulation regarding annuity sales this year.

4. Cyber security threats

The memory of the Anthem hack is still fresh in our minds: A cybercrime that exposed the personal information of 80 million current and former members, as well as Anthem employees themselves. And the news worsened for the health insurance company when it was reported just this week that the U.S. Office of Personnel Management warned Anthem in September 2013 that a “gateway for malicious virus and hacking activity that could lead to data breaches” existed. 

Insurance companies will likely continue to be a target of cyber criminals worldwide since the databases of such companies are rife with personal information of millions of individuals. Deloitte notes that “as insurers expand their footprint to mobile devices and the internet — and as the value of customer data continues to rise — it won’t be long before the insurance industry is under assault.” 

Regulators have found widespread use of antiquated security systems and underinvestment in IT throughout the insurance industry. As a response, regulators are beginning to raise the bar on cyber security in insurance. For example, the NAIC established a Cyber Security Task Force at its most recent meeting. 

3. Principle-based reserving (PBR)

Some insurers argue that the traditional formula-based approach to calculate reserves is outdated, since insurance products have increasingly grown in complexity, leading some to argue for a new method of reserve calculations. Many insurance companies — and the NAIC — agree that a principle-based approach to calculations is more reasonable and fair, especially now that companies have access to better systems and data that enable greater accuracy and personalization.

As Deloitte notes, “Given the long lifecycle for insurance products, insurers should start to think about the potential impacts of PBR. That includes creating capital plans for a range of scenarios, as well as developing new life insurance products that could potentially capitalize on modified reserve requirements.”

2. Corporate governance

In 2014, the NAIC approved a framework for corporate governance, which requires the annual collection of information about an insurer’s corporate governance practices. Currently, the framework is still being considered by the states for adoption. 

The Deloitte study notes that many major insurance companies are already used to this kind of intense scrutiny. Small and mid-sized companies, however, may need to make major investments in order to comply with the new requirements. “The good news is that the push for better governance can be a real opportunity to fundamentally improve how the company makes decisions and manages risk. It doesn’t have to be just a check-the-box exercise.”

1. Dual regulation at the state and federal level

Unfortunately for insurers, there continues to be a regulatory environment where uncertainty and inconsistency are the norm. The Federal Insurance Office (FIO) has broad responsibility for monitoring the insurance industry, though it doesn’t have actual control over insurance companies. And the Fed has a growing role in insurance regulation, not to mention the Financial Stability Oversight Council and the International Monetary Fund.

But the exact roles of state and federal regulators are still being debated. During this time, Deloitte cautions that insurers need to examine their existing tools, processes and infrastructure to ensure they are robust and flexible enough to comply with the new and emerging requirements. “As insurers scrutinize their product portfolios, some are choosing to modify or eliminate products or legal entities that might not be viable or profitable in a dual regulatory environment.”

See also:

FSOC votes to boost transparency of SIFI reviews

Too big to fail: a look at the big 5 SIFIs [infographic]