Recent regulatory focus on retail insurance sales practices1 should be the catalyst for financial services companies offering retail insurance and insurance-based investment products to take important steps to ensure compliance. The following framework can guide companies in this work:
- Regulatory Inventory: Develop a comprehensive inventory of applicable laws, regulations, and guidance governing the various products the company sells;
- Compliance Check: Link the inventory to the policies, procedures, processes, and internal controls used to facilitate compliance with each of the requirements;
- Practice Review: Conduct a careful risk-focused independent review of the firm’s sales practices to determine alignment with applicable regulatory requirements and test controls designed to detect and prevent potential inappropriate sales practices; and
- Incentive Compensation Review: Perform an independent evaluation of incentive compensation arrangements to determine whether the plan design and implementation align with the firm’s risk appetite, values, and business strategies, while incenting desired behaviors.
Allegations of inappropriate practices can stem from the sale of nearly all retail insurance products and insurance-based investment products, including:
- Sales of unnecessary or unsuitable policies (such as selling more expensive whole life policies to individuals better suited to term life insurance);
- Inappropriate replacement of policies to generate additional premiums;
- Front-loading of premium payments or introductory “teaser” premiums that are quickly increased after the policy is purchased;
- Leading consumers to believe that they must purchase a policy as a condition for receiving a loan or other product;
- Undisclosed coverage exclusions; or
- Failure to disclose other key terms, conditions, and pricing of a contract.
In addition to focusing on these and other potential exposures, companies offering retail insurance products and insurance-based investment products should adopt a consumer attributes-based approach when developing a plan for a risk-focused independent review of sales practices. A consumer attributes-based approach is designed to risk- focus the review on particular types of consumers that may be the target of inappropriate sales practices, such as low-and moderate-income individuals, the elderly, high-risk insurance customers, or military personnel, especially those stationed or assigned abroad. A focus on different classes of consumers can target attention on potential situations where sales of unsuitable products could pose very significant reputational risks to the company.
Insurance Company Compliance Framework
Regulatory Inventory: A fundamental building block of an effective compliance and risk management program is a comprehensive inventory of applicable laws, regulations, and guidance linked to the policies, procedures, and processes used to facilitate compliance with each of the requirements. Firms selling insurance products or insurance-related investment products need to comply with state consumer protection laws in each state in which they offer their products. Banking organizations with insurance affiliates also need to consider compliance with applicable regulations, including Part 343 of the Federal Deposit Insurance Corporation’s (FDIC’s) regulations on consumer protection in sales of insurance, and the federal banking regulators’ interagency policy statement on retail sales of nondeposit investment products.
Compliance Check: The inventory should be linked to the policies, procedures, processes, and internal controls used to facilitate compliance with each of the requirements. This linkage can be very useful in identifying gaps, which can be remediated as part of the review process.
Practice Review: In designing a risk-focused independent review of insurance-related sales practices, consideration should be given to the range of insurance products and insurance-based investment products offered by the firm, the potential inappropriate conduct that could arise in connection with sales of each type of product, and the customer base for each type of product. The design of the review is of critical importance and starts with the development of (or review of existing) comprehensive risk descriptions. These risk descriptions serve as the basis for a careful assessment of the inherent and residual risks of a firm’s insurance and insurance-based investment sales practices. The risk assessment categorizes the risk descriptions by risk category (e.g., legal risk) and by risk “owner” (i.e., the division or department of the insurance company responsible for identifying, managing, and mitigating the risk). Inherent risk is scored based on a combination of likelihood and severity scores, utilizing a severity risk taxonomy that takes into consideration a variety of impacts on the company. Control effectiveness is assessed and a control effectiveness score is assigned, taking into account a variety of factors including the control type (e.g., preventive or detective), the control method (e.g., to what extent the control is automated), the maturity of the control and its validation, and whether control deficiencies have been identified. Residual risk is calculated based on a matrix of inherent risk and related control strength.
Incentive Compensation Review: A critical component of a sales practices review is an independent evaluation of the company’s compensation and incentive arrangements for personnel responsible for retail sales and their managers.2 The performance measures used in those arrangements and plan performance to date should be assessed to determine whether the plan structure aligns with the firm’s values and business strategies, to judge whether the plan as a whole as well as particular design elements incent behavior that supports those values and strategies, and to identify any hidden risks. Incentive plans should be objective, measurable, attainable, and transparent. They should also contain both short- and longer-term goals and a mix of immediate and deferred payout structures.3 Objective, measurable, attainable, and transparent arrangements promote a corporate culture of fairness and openness, which should translate to the treatment of customers. Longer-term goals and deferred payout structures facilitate the sustainability of good practices in support of the company’s values and business strategies. Compensation and incentive arrangements also should be reviewed in light of applicable laws, regulations, regulatory expectations, and guidance.
Final Analysis
Of paramount importance is the independence of the review process. While self-assessments by management are a useful exercise, they can result in the failure to identify key risks and the development of under-inclusive risk descriptions. Management self-assessments are also prone to the underestimation of inherent risk and the overestimation of control effectiveness. An independent review can also help to identify situations in which the “owner” of a risk is not clearly identified and one department believes that another is responsible for managing and mitigating the risk.
Allegations related to inappropriate sales practices can result in serious legal, regulatory, and reputational risk that can take years (and millions of dollars) to resolve. A proactive approach through a risk-focused independent review of the company’s sales practices can alert senior management and the board to deficiencies in the practices and shortcomings in policies, procedures, processes, and internal controls designed to detect and prevent sales of unsuitable products.
1 In recent months, the New York Attorney General has subpoenaed information from a financial services company amid whistleblower allegations of inappropriate sales practices related to retirement products; a major U.S. bank has been faced with litigation related to its alleged sales of unneeded auto insurance in connection with its automobile lending portfolio; and outside of the United States, European Commission consumer protection conduct of business, governance, and disclosure requirements are scheduled to enter into force later this year, partly in response to inappropriate payment protection insurance sales practices. Most recently, the New York Department of Financial Services has called for the extension of fiduciary responsibilities to life insurers. ↩
2 In addition to identifying arrangements that may give rise to inappropriate sales practices, this review can also help detect other practices that are not in the firm’s best interest, such as pushing or pulling sales from one quarter to another to hit quotas or maximize incentive payments. ↩
3 Consideration should also be given to the need for claw-back provisions. ↩