Security risk

Carriers have been addressing Internet security ever since they realized the public network exposed them to denial of service attacks and theft of policyholder information. Firewalls, intrusion detection, encryption, virus scanning, access management-all these tools are staples in carriers' IT operations.But what about insurance agencies? Carriers exchange customer data with agencies via the Internet daily, and agents regularly access policyholder data within carrier systems.

What are the most important IT considerations for complying with Section 404 of the Sarbanes-Oxley Act of 2002? By July 15, all U.S. companies under $75 million in annual revenue must demonstrate they know the answer to that question, because that's the deadline for complying with Section 404.However, due to the lack of specific directives and knowledge, many companies are struggling with how to reach compliance by that date-let alone wondering how they will afford continued compliance year after year.

New York - Helping members better analyze and report their returns on standards investments, ACORD released a return on investment (ROI) analysis toolset at the 2005 ACORD LOMA Insurance Systems Forum, held in Orlando on May 22-24.

Andover, Mass. - State National Companies, Fort Worth, Texas, has chosen CGI Group Inc., an independent information technology and business process services company, to provide full regulatory and statistical reporting services for their property and casualty book of business. Privately held, State National Companies includes three affiliates: State National Insurance Company, National Specialty Insurance Company and Texas-based State and County Mutual Fire Insurance Company.

St. Paul, Minn. - Through aggressive health care fraud investigations and coordination among other states' Blue Cross plans, the Special Investigations Unit (SIU) of Blue Cross and Blue Shield of Minnesota stopped payment on more than $3 million of suspect claims last year, reducing the impact of fraud on premiums in that state. By comparison, Blue Cross stopped $8.7 million in claims in 2003, most of which was due to the rent-a-patient scams now being investigated and prosecuted in Southern California."We saved millions of dollars of our members' premium dollars, because we were able to identify the scam early and stop payment on fraudulent claims," says Dave Bohnenstingel, SIU manager. "In fact, Blue Cross and Blue Shield of Minnesota was integral in bringing the scam to light and the perpetrators to justice," he added.

Kansas City, Mo. - The National Association of Insurance Commissioners (NAIC) met last week to discuss steps to amend disclosure requirements for insurers that utilize reinsurance with limited risk transfer features, also known as finite reinsurance.

Cleveland - The Compliance Consortium, an international membership organization formed in June 2004 to promote effective governance, risk and compliance management (GRC), has published its operational approach for managing GRC requirements within the enterprise. Applicable to both public and private companies, the framework is designed to assist senior management and boards of directors in setting objectives for managing a wide range of compliance-related activities and instituting the programs needed to attain those objectives. This initial version is a "public draft" and is intended to invite constructive criticism and ultimately to build a broad consensus within the hundreds of companies that have registered as part of The Compliance Consortium community over the past year. Leveraging the guidelines set forth by the U.S. Sentencing Commission, the Consortium has defined seven operational concerns to serve as a framework for organizing and managing GRC operations. These range from clearly assigning responsibilities at all levels of the organization to establishing incentives and discipline to promote compliance The Consortium has developed a list of 12 questions that board members and senior management should ask to help ensure organizations are on track with their GRC objectives."Unquestionably, the passage of the Sarbanes-Oxley Act has increased the focus for public companies on the areas of corporate governance, risk management and compliance," says Ted Frank, chairman of the Compliance Consortium advisory committee and president of Axentis. "It's important to remember that, for many companies, Sarbanes-Oxley is just one of hundreds of mandates from the SEC, FDA and other regulatory bodies that they must manage. Our goal with the creation of this framework is to help all organizations define, execute and ultimately profit from low risk and efficient governance, risk and compliance management, regardless of the specific regulation or statute."

Kansas City, Mo. - The National Association of Insurance Commissioners (NAIC) is taking steps to amend disclosure requirements for insurers that use reinsurance with limited risk transfer features, also known as finite reinsurance. The use of so-called finite reinsurance has received considerable attention over the past several months, because of its misuse by some high-profile insurers. State insurance regulators, working in a coordinated fashion through the NAIC, have been evaluating existing relevant statutory financial reporting since last fall. The latest proposed disclosures would require an insurer to report to state insurance regulators any agreement that has the effect of altering policyholders' surplus by more than 3%, or representing more than 3% of premium or losses. The new disclosure is also designed to identify any reinsurance contract that has been accounted for differently under statutory accounting principles compared to general financial statement purposes. Additional reporting requirements regarding contract terms and management's intention in entering the contract have been included to improve transparency. The provisions include that there are no separate agreements between the insurer and the reinsurer that could serve to modify the actual or potential losses under the contract, and that the insurer complies with all requirements of NAIC's statement of statutory accounting principle (SSAP) No. 62, "Property and Casualty Reinsurance."Source: NAIC

The National Association of Insurance Commissioners (NAIC) May 2 launched pilot project with five states to store electronic fingerprints of licensed insurance producers.

Quincy, Mass.--eStudentInsurance.com, a service of the Edvisors Network announced this month a new partnership with Worldwide Insurance Services. The Edvisors Network, a multi-national education services company, teamed up with Worldwide Insurance Services, a global leader in travel insurance, to create a new insurance policy for students traveling anywhere in the world. Global Student Health plans from eStudentInsurance.com are designed specifically to benefit international and domestic students by offering optimal affordable coverage, anywhere in the world.

As director of MetLife Auto & Home's special investigations unit, John Sargent knows that eliminating fraud is an unachievable goal. But that hasn't stopped his company or other industry leaders from trying."Our goal is to pay what we owe, and not a penny more or a penny less," Sargent says. "The more efficient we are at identifying and preventing fraud, the better we can be at writing business at a more competitive rate."

In some ways, insurers' fraud-fighting efforts are similar to this nation's so-called war on drugs: Both endeavors require the right mix of people, technology and information to identify the criminals. Also, public awareness campaigns are part of the effort to change consumer behavior, whether it's to prevent drug use or prevent policyholders from filing bogus claims. And both involve elements of organized crime that use sophisticated tactics and technology to perpetrate their crimes.However, despite all of the resources that have been dedicated over the past decade to fighting drugs and fraud, we're no closer today to eliminating either problem. There have been many high-profile successes for each campaign, whether it's the seizure of a ton of cocaine on a ship at sea, or the combined work of insurance fraud investigators and law enforcement officials to uncover a multi-state, staged-accident fraud ring. But the fact remains that insurance fraud continues to cost the insurance industry $30 billion a year-and that's just counting fraud perpetrated against property/casualty insurers.

In the aftermath of the terrorist attacks in 2001, many property/casualty insurers are now reassessing risk assessment strategies in metropolitan areas. As they do, the process involves looking deeper beneath the surface-literally.For example, how does an underground parking garage in Midtown Manhattan impact an insurer's risk position? Years ago, insurers that write commercial automobile insurance might have considered an underground parking facility to be a safe haven because autos were assumed to be better protected beneath street level.

Newark, Calif.--As Florida's annual hurricane deductible law goes into effect on May 1 for the state's residential policyholders, Risk Management Solutions (RMS), the world's leading provider of products and services for the management of catastrophe risk, released the results of an analysis exploring the insurance industry impact of using the new deductible instead of a single event hurricane deductible.

Global 360 (formerly eiStream), a Dallas-based provider of business process management (BPM) and analysis solutions, announced that UICI has chosen to leverage its existing Global 360 Enterprise BPM solution to meet Sarbanes Oxley and HIPAA compliance. UICI-Oklahoma City, a division of MEGA Life & Health Insurance Co., North Richland Hills, Texas, provides health, life and related insurance products targeted at the small business and self-employed markets.

COLUMBUS, Ohio--Nationwide Insurance and Washington D.C.-based ID Theft Assist are joining forces to offer ground-breaking identity theft protection and recovery service that surpasses IDtheft policies currently on the market.

PHILADELPHIA--Regardless of whether or not the U.S. Federal Government authorizes an extension to TRIA (Terrorism Risk Insurance Act) beyond the end of this year, terrorism remains a very real threat and should not be ignored.

STAMFORD, Conn.--The Tillinghast business of Towers Perrin recently unveiled two new software applications to help insurers prepare for impending capital standards for variable annuity products.

The relationship between regulatory requirements and data standards is the subject of a new report from ACORD, N.Y.-based insurance industry data standards association. "ACORD Strategic Analysis: The Impact of Standards on the U.S. Regulatory Landscape," available through ACORD's Web site, www.acord.org

Internet security is a major concern for independent agents, with 80% saying they're most worried about viruses and worms, and 42% saying it's their second-biggest worry. That's according to a new survey released by IVANS Inc., Old Greenwich, Conn.