A new era for Whistleblowers in Australia
Amendments to the laws have passed both Commonwealth Houses of Parliament.
In this article we have asked some of our partners across the firm for their views on the big issues that will affect the insurance industry in their region over the next few months.
Insurers, reinsurers and market intermediaries in the Canadian market face stringent compliance statutory requirements regarding solvency, disclosure and implementation of equitable consumer protection measures including the protection of personal information. As a result, regulatory compliance is a growing sector of interest in Canada. Insurers will need to implement risk management processes and to increase control functions within their firms.
In a fast evolving technological environment, Canadian Property and Casualty insurers are going to need to review their operations. For instance, the changes in other digitally enabled industries are prompting customers to demand more personalized services from insurers. Customers are asking insurers to provide them with greater opportunities for comparison shopping on the web. Greater use of digital technologies will redefine the insurance market in a very competitive environment. Insurers will need to act fast to keep ahead of market shifts.
Slow global economic growth, the decline in the Canadian dollar and the weakness of the oil and gas industry are also major downside risks for insurers. Liability claims from oil and gas development and transportation as well as “fracking” may have an impact throughout the supply chain.
Cyber insurance and data management risks will obviously continue to be an area of growth in Canada. Businesses are becoming increasingly alert to risks associated with greater reliance on information technologies, data theft and political activism. Privacy breaches give rise to concurrent reputational and legal risk. The emergence of class actions for the tort of “intrusion on seclusion”, coupled with stringent privacy protections required in Quebec, make privacy a particular focus for concern for insurers in the Canadian market.
Environmental risks linked to climate change are becoming important issues for insurers who need to consider their response to related risks and climate related losses whether arising from weather related events such as floods and storms or liability risks from third party claims, for instance, under professional liability or directors’ and officers’ insurance contracts.
In Germany, there is currently a debate regarding the effect of automated driving on the law relating to road traffic accidents and vehicle insurance. The debate surrounds the appropriate allocation of liability between driver, owner and manufacturer (and their respective insurers) – in particular, automation is likely to lead to a greater shift towards the manufacturer or software provider carrying the liability for road accidents.
It is easy to imagine that disputes will increase between the vehicle owner’s insurer and the manufacturer’s insurer as to who should pay a claim. A change to the law regarding autonomous driving will raise a number of questions in relation to who needs to be covered under the policy and the type of coverage. For example, will the policy be one of product liability or is the risk really a cyber insurance issue (if an accident is caused by hacking)? Does the manufacturer of the vehicle need to be covered under the policy, or the driver?
In light of the changing road environment, the German Federal Ministry of Traffic and Digital Infrastructure has amended the German Road Traffic Act, revised by the Federal Ministry of Justice and Consumer Protection (BMJV), to provide for automated driving functions and autonomous parking. The amended Act contains a duty for drivers to take control of motor vehicles in certain circumstances when using automated vehicles.
Another consideration for insurers is how autonomous driving will affect claims and premiums. Driverless cars are expected to increase the safety of vehicles. However, connected driving and interaction with other technology, components and people will raise new challenges. The frequency of loss may decrease due to an increase in safety, yet in some cases there may be larger claims due to the costs of replacing damaged technology. This has been reflected in the revised draft bill for automated driving; the maximum amount of statutory liability has generally been increased by 100 percent, which will likely affect insurance premiums.
The trend for corporate sellers or buyers to take out warranty and indemnity insurance (W&I insurance) for M&A transactions has continued into 2017. In the past this product has been used by both sellers and buyers; however now it is predominantly used by buyers. While the product has mainly been used by private equity buyers, it is also increasingly used in acquisitions by strategic buyers or family owned businesses. W&I insurance provides opportunities for clear exits by private equity funds, distressed M&A transactions and transactions with multiple sellers. W&I insurance is also increasingly used in structured auction processes, where it has a potential to make bids more comparable and competitive.
It is expected that W&I insurance cover will be provided for new types of transactions. Currently W&I insurance cover relates to targets in M&A transactions in a wide range of industries (e.g. automotive, life sciences and health care, technology and innovation, real estate and many more). More recently W&I insurance cover has been provided for renewables and different types of infrastructure projects. A recent innovative example is the W&I insurance cover of an offshore wind farm, which was still in the phase of obtaining a permit, i.e. prior to construction. Innovative use of W&I insurance is also expected for other types of transactions, particularly in relation to cyber risks.
The Dutch Central Bank (De Nederlandsche Bank, DNB) recently announced that in 2017 it will invite a number of insurers to discuss the opportunities and challenges that technological innovation brings to the Dutch insurance sector. DNB believes that technological innovation in the financial sector (FinTech) will greatly impact the insurance sector in the coming years. Therefore, DNB will be contacting insurers to obtain feedback on the expected impact on the market structure, value chain, strategies and operational as well as business risks. DNB is interested to learn which technological innovations are relevant to insurers and what actions are taken in respect of such developments. FinTech has been in the centre of DNB’s attention for over a year now and it is expected that DNB will continue to closely monitor financial undertakings, in particular insurers, to see how they deal with technological developments.
At the end of last year, the DNB published a report titled “Vision for the future of the Dutch insurance sector” (the Report) containing an analysis of the impact that various developments will have on the Dutch insurance sector over the next five to ten years, taking into account technological and economic developments, trends in society, shifting customer behavior and changes in laws and regulations. In the Report, DNB notes that insurers will need to make fundamental choices (e.g. cutting costs, investing in innovation, going international, vertical or horizontal integration) in order to safeguard a financially solid insurance sector due to the low interest rate environment, competition in the insurance market and innovative technologies.
Life insurers are particularly vulnerable to the low interest rate environment due to their long-term commitments, while non-life insurers are facing increasing competitiveness in the market and a reduction of profit margins. DNB recommends that life insurers should limit their capacity and secure the long-term interest of their policyholders by adopting their operations to the shrinking portfolio, as well as by making realistic cost assumptions in their technical provisions and subject these assumptions to stress tests. In case of negative results, insurers should investigate opportunities to consolidate, going into run-off or transfer portfolios to specialised third parties. We expect that the DNB will be closely monitoring insurers in the Netherlands to ensure that they are taking sufficient measures to safeguard their stability (and that of the financial markets as a whole).
Over the last four years, the DNB has investigated the compliance of insurers (both life and non-life) with the Dutch sanctions rules and regulations. DNB has published its findings stating that during this period improvements were made, but that there is still a lack of awareness among insurers of the risks that they face in the sanctions domain. The continuous attention that DNB is giving to compliance with the Dutch sanctions rules and regulations by insurers shows the importance of having robust policies and procedures in place in order to assess whether a certain transaction is in breach of those rules and regulations.
The French regulator and supervisor of the financial sector (ACPR) issued a recommendation on advertising financial products on social media. ACPR has observed that financial institutions, including insurers and intermediaries, have now integrated social media into their communication strategies. ACPR reminds firms that:
ACPR recommends firms adopt a number of measures as best practice from the October 1, 2017. These include: ensuring that corporate accounts are created, separate to personal accounts – for example the accounts of employees or directors, for social media activities; ensuring that account makes clear the commercial nature of its online activity; ensuring that messages on social media (even if merely “shares”) are fair and clear. In this respect, the advertising nature of the message should be explicitly indicated (if this is not clear from the message itself) and its content must remain balanced, including with respect to the terms and conditions of a service or a product. Firms should adopt internal procedures and controls over social media activities and should adopt monitoring measures to ensure compliance with internal procedures. Archiving of all social media activities must be developed in order to allow monitoring and control of the messages circulated.
The Sapin II Act has introduced new anti-corruption measures in France. The measures will apply to chairmen and managers of companies, the (consolidated) turnover of which is higher than €100 million and which employ a minimum of 500 employees; or, form part of a group of companies employing a minimum of 500 employees the parent company of which has its headquarters located in France.
Sapin II introduces the offence of the corruption or influence by a French citizen (or by a person ordinarily resident or carrying out its business activity in France) of a foreign official.
The new law also creates a requirement to have measures in place to prevent corruption, including a whistleblowing policy, a Code of Conduct, risk-mapping of exposure to corruption, systems for the management of third-parties and training and accounting procedures.
Significantly, Sapin II creates a new French Anti-Corruption Agency and more importantly, its Sanction Commission. The Anti-Corruption Agency may direct a company and its executives to adapt their compliance procedures and may impose financial penalties (of up to €200,000 in the case of individuals and up to €1 million in the case of legal entities) and to require the company to submit to monitoring of a compliance program by the Agency (for a maximum five-year period).
Lastly, Sapin II introduces the convention judiciaire d’intérêt public – similar to deferred prosecution agreements – to deal with violations of anti-corruption regulations.
In the UK, the most prominent issue that will affect the insurance market over the course of the coming year is, of course, Brexit. Following the triggering of Article 50 in March 2017, the UK has entered a period of uncertainty. Following the recent election and the conservative minority government, the proposals for a “hard” Brexit have been thrown into doubt.
In her Brexit speech on January 17, 2017, Prime Minister Theresa May stated that the UK will work to negotiate a bespoke Free Trade Agreement (FTA) with the EU, emphasizing that the FTA should be concluded by the end of the two year period contained in Article 50. Such a deadline is unprecedented in trade negotiations and meeting it will be challenging to say the least; any FTA will need to be agreed by all of the European Parliament and possibly by all Member States, not all of whom will have aligned interests.
Moreover, the Prime Minister also stated that her proposals for Brexit “cannot mean membership of the single market” which would mean that the UK could not use the EU “passport” to allow financial services companies to continue to sell their services throughout the bloc. An alternative option would be to establish a regulatory equivalence framework; however this would require further negotiation followed by a legal act by the European Commission and equivalence is not necessarily always available – it is limited under Solvency II and non-existent under the Insurance Distribution Directive (IDD).
In addition the UK will need to negotiate FTAs with non-European countries. To do this, the UK would need to retake its full membership in the World Trade Organisation (WTO) and present its own schedule of tariffs and commitments. This might by itself bring specific challenges should any other WTO members raise any concerns.
The Prime Minister has said that countries such as China, Brazil and the Gulf States have already expressed interest in negotiating FTAs with the UK, and that the UK has already started conversations with Australia, New Zealand and India. Nevertheless, concluding FTA negotiations with these states would likely still prove to be challenging as those countries would have to wait for the conclusion of a UK-EU agreement before agreeing to any bilateral deal. Moreover, there are political and legal constraints on the UK negotiating those agreements before exiting the EU.
The Prime Minister’s planned approach – a clean exit from the Single Market and Customs Union – looks far less likely to be the outcome of Brexit after the recent elections with public support for “hard” Brexit limited.
The UK government’s plans to promote London as an insurance linked securities (ILS) hub will continue to be an area of growth in 2017. The outcomes of a number of consultations are anticipated over the course of the year. Once a fit-for-purpose framework has been created, the UK can participate in the growing market for ILS or alternative reinsurance capital which currently stands at around US$70 billion. It is estimated that the ILS market could grow to US$87 billion by 2019.
London, with its global insurance and capital market expertise, would be well placed to contribute to the continued growth and development of ILS business. However, the UK is not alone in seeking to capture ILS business; jurisdictions such as the Cayman Islands, Gibraltar, Guernsey and Bermuda all have established, competitive regimes. Coupled with the current uncertainty surrounding Brexit, it is important that whatever final rules are produced create the necessary incentives to attract investors and provide the robust regulatory framework to place London as the market leader for alternative risk transfer.
The EU’s General Data Protection Regulation (GDPR) comes into effect in May 2018, replacing the current legislative framework which dates back to 1995. The GDPR contains some new ambitious, far-reaching and strict rules on the use of personal data. The European Commission has confirmed that these rules will need to be complied with from day one.
Insurance companies doing business in the EU will need to start implementing GDPR rules as soon as possible in order to realize compliance by May 2018. The most significant change compared to the current framework is that the new rules require businesses to take a pro-active instead of reactive approach in data protection compliance: data protection will be taken into account during product development (known as “privacy by design”). The rules also demand that businesses clearly document and keep track of how they achieve data protection compliance.
A lot of material rules will remain unchanged, such as restrictions on data exportation or the obligation to implement appropriate security and operational measures to secure personal data. However, the sanctions for non-compliance will be increased significantly and will be comparable with the sanctions for breaching competition law. Data protection is clearly high on the agendas of EU and national legislators requiring data sensitive businesses, such as insurance companies, to take timely action towards compliance.
Following the implementation of Solvency II, EU member states have turned their attention towards the IDD. The IDD will require all “distributors” of insurance products, both insurance and reinsurance undertakings selling directly and insurance and reinsurance distributors to meet requirements for registration, operating across EU borders, professional qualifications, information to customers, and product governance. Importantly, the IDD requires distributors of insurance products (but not reinsurance products) to act honestly, fairly and professionally in accordance with “the best interests of customers” – an overarching requirement that will require customers’ interests to be taken into account in all distribution arrangements, including in incentive and remuneration arrangements. Importantly, acting in customers’ best interests will mean making sure that insurance products offer value for the customer, not just at point of sale but throughout the life of the product.
In terms of national markets, the implementation of the IDD raises a number of concerns. There are concerns in European markets about the increased regulation brought in by the IDD which has increased requirements for professional qualifications and ongoing training and requires both manufacturers of insurance products (usually insurers) and distributors to have in place agreements that more clearly delineate responsibility for mis-selling and other obligations between the parties.
The South African government has proposed regulations to cap binding authority (binder) fees, prohibit binder arrangements for commercial lines policies and include administrative services within the definition of intermediary services so that no additional outsourcing fees can be charged for services such as issuing policies. These new remuneration restrictions on intermediaries may limit the activities of intermediaries and bar new entrants to the market. As a result, many policyholders who have a trusted relationship with their brokers will no longer be able to obtain the broker services they have become accustomed to. As the proposed regulations have been published without any proper study as to their impact on the market, it is possible that they could cause detriment to consumers and the wider market, should they be implemented in their current form.
“Treating Customers Fairly” (TCF) principles were introduced into the South African market as an outcomesbased method of regulating insurers and intermediaries following a similar approach to that taken by the Financial Services Authority and its successor in the UK. Insurance companies are expected to build the TCF principles into their culture and ensure that at every level of the company the interests of policyholders are recognized and enhanced. The outcomes-based approach was said to be an improvement on rule-based regulation which is difficult to police. The problem with TCF principles is that the outcome is achieved or not achieved in the mind of whoever is looking at it.
The TCF approach has led to the publication of policyholder protection rules for the protection of personal lines policyholders. The draft regulations seek to control claims handling, complaints handling, advertising by insurers and policyholder protection in general. Problematically, the proposed regulations are written in such vague terms that insurers may not be able to clearly understand what should be done to avoid bad regulatory consequences. Although a breach of the rules can be a criminal offence, insurers must meet obligations to “act with due skill, care and diligence” when dealing with policyholders and to achieve an outcome where “policyholders are confident they are dealing with an insurer where the fair treatment of the policyholder is central to the insurer’s culture”. Without greater clarity as to how to meet these obligations and with criminal sanctions available for breach some insurers may struggle to understand their obligations under the new outcomesbased approach. It remains to be seen whether the policyholder protection rules will be finally published in the form of the draft that has been issued. If they are, the regulation of insurance in South Africa is going to be entering unchartered waters.
Demarcation regulations which govern medical gap cover, hospital cash plans and primary healthcare policies came into effect in April. The regulations, which have been under consultation for the past 15 years, draw a line between what insurers can do under accident and health policies and what medical aid schemes can do to bear the cost of medical expenses for their members. The Treasury has described the regulations as an attempt to curb market abuses and protect consumers. It is concerned that because many South Africans cannot afford expensive medical scheme memberships, they are looking to health insurance policies as an alternative without necessarily understanding policy limitations. Under the regulations, gap cover will be limited to 250,000 Rand for each insured a year and hospital cash plan pay-outs will be limited to 3,000 Rand a day but with an annual cap of 20,000 Rand a year, irrespective of the number of days spent in hospital. However, critics suggest that the regulations are a threat to low-income earners, particularly those who cannot afford medical scheme membership but can afford health insurance. People with long term and/or serious illnesses could also be negatively affected by the regulations.
Under the proposals put forward by the Financial Services Board (FSB), foreign reinsurers will be allowed to register branches in South Africa, provided they are authorised and supervised in an “equivalent” jurisdiction. It is anticipated that equivalent jurisdictions will be those with riskbased solvency requirements, such as the UK and other EU countries. Additionally, credit ratings for foreign reinsurers will be adjusted to reflect the reduced supervisory powers that the regulator has over them, whereas locally registered reinsurers’ credit ratings will be adjusted for the purposes of the local direct insurer’s solvency calculations, to avoid the effect of the sovereign cap on the locally registered reinsurer. Foreign reinsurers will be prohibited from soliciting business in South Africa on a cross-border basis. Furthermore, the FSB proposes a prohibition on fronting by placing a 75 per cent limit on cession to an unrelated counter party and an 85 per cent limit on cession if ceding to an entity within the same group. Underwriters at Lloyd’s will be permitted to conduct insurance and reinsurance business in South Africa as in the past, subject to certain additional regulatory conditions.
In the longer term, a major revision of South African insurance laws is envisaged. A new Insurance Bill has been published which will deal with the prudential requirements of insurers far more strictly than is the case at present. There is a regulatory overreaction to the current financial crisis so that the cost of running an insurance company and the cost of compliance is ever increasing. The new Insurance Act which deals with these prudential issues will be running in parallel with the proposed Conduct of Financial Institutions Act (COFI) which will deal with market conduct. That COFI Act is a long way off. In the meantime insurers are going to struggle to get on top of the two existing insurance acts (for life and non-life), the parallel new Insurance Act and the umbrella financial legislation. At the same time there is rollout of the Retail Distribution Review which will steadily introduce more laws regarding the marketing and distribution of insurance and other financial products.
At the beginning of the year, the chairman of the Australian Securities and Investments Commission (ASIC), Greg Medcraft, delivered a speech to the Insurance Council of Australia Forum on the current insurance environment and ASIC’s priorities for the coming year, with a focus on the insurance industry.
Mr Medcraft acknowledged that 2016 had been an eventful year for the insurance industry, due to the increased public, media and government focus, as well as continued progress on law reforms in the industry. Mr Medcraft noted that technology and social media has impacted the insurance industry as it now means that customers are more empowered than they were before. Consumers are now able to provide their feedback concerning businesses and their engagement with them through social media.
As a result of this consumer feedback, ASIC will continue its investigation into life insurance (commenced during 2016) and that its focus on regulatory investigation will continue with a Senate Committee Inquiry into general insurance later in the year. ASIC will also review whether the unfair contract terms protection in the Australian Consumer Law should extend to insurance contracts.
As a result of findings made following an industry review of life insurance claims handling practices released in October 2016, ASIC has been focusing its attention on claims management in 2017.
Another key area of review for the year will be in relation to the introduction of a new product design and distribution framework for financial products, and a product intervention power which will enable ASIC to take direct action to deal with any shortcomings in products or conduct, that results in consumer detriment. This will include a review of “add-on insurance”, such as add-ons sold through car dealerships.
ASIC considers that issuers of financial products (including general insurers) should be obliged to:
In light of this, ASIC is considering whether to implement a product intervention power which would enable it to take action on product features, the types of consumers who can access a product, and the circumstances in which they can do so.
Similarly, as part of the Government’s review of ASIC’s enforcement handling, it will be considered whether there will be more significant penalties for misconduct relating to insurance claims handling. ASIC considers that this will strengthen the regulatory framework for claims handling.
Given ASIC’s funding increase and its clear commitment to increasing enforcement, we anticipate that there will be a rise in regulatory investigations and scrutiny of insurers. ASIC has recommended that insurers carefully review the operation and disclosures of their products and claims handling processes in light of the regulator’s priorities for the coming year. We will continue to watch this space for any developments.
There will be a considerable number of challenges facing the insurance industry in Hong Kong over the coming year, as the responsibility for the supervision of insurance is transferred from the Insurance Authority of the Office of the Commissioner of Insurance (OCI), to the new Independent Insurance Authority (IIA). Other major developments anticipated in 2017 include the introduction of a statutory licensing regime and new conduct standards for intermediaries; the establishment of a policyholders’ protection fund; and the introduction of a risk-based capital regime which is intended to come into effect in 2018. In particular, Hong Kong’s first risk based capital quantitative impact study is planned for 2017. The aim of these developments is to bring Hong Kong in line with existing international supervisory standards and global regulatory trends; however it is anticipated that the cost of regulation for insurers will increase as Hong Kong moves from self-regulation to a statutory mode of regulation.
Last year in May 2016, the Hong Kong Monetary Authority (HKMA) announced its Cybersecurity Fortification Initiative (CFI). The CFI establishes a framework for assessing vulnerability to cyber risks, creates a programme for building cybersecurity expertise in the region and also provides a platform for industry sharing of cyber intelligence.
The CFI is expected to lead to clearer standards for managing these risks which may emerge over the course of the year.
Preparations for Singapore’s new Risk Based Capital regime (RBC2), which is expected to come into effect by 2019, will continue in 2017. In July 2016 the Monetary Authority of Singapore (MAS) published its third consultation paper on RBC2, setting out revised proposals and detailed technical specifications for insurers to conduct the second full scope Quantitative Impact Study (QIS 2). The objective of RBC2 is not to raise the industry’s regulatory capital requirements, but to ensure that the framework for assessing capital adequacy is aligned to insurers’ business activities and risk profiles.
RBC2 review will also bring Singapore’s framework in line with international standards and best practices.
Cyber insurance gained greater traction in 2016 and this growth in demand is expected to continue into 2017. Businesses are increasingly aware that data leaks not only result in financial losses by way of compensation pay-outs, but also cause long-term reputational damage and loss of consumer confidence. Well publicized hacking events, such as the cyber-attacks on Singaporean telecom operator StarHub in October 2016, have also emphasized the need for cyber insurance.
2017 is expected to be a continuation of 2016 with rates continuing their downward trend. However, that sixty percent of premiums in the market are controlled by the top ten insurers may see an increase in M&A activity to gain market share and strengthen market position. In addition, last year saw Thailand’s regulator, the Office of Insurance Commission (OIC) increase death benefits attached to compulsory motor vehicle insurance to 300,000 Baht. Although this will mean higher pay-outs in 2017, it is unlikely that insurers will be greatly affected as approximately 5000 new motor vehicles are registered in Thailand every day; thus the higher pay-outs are offset by the increase in premium volume.
Historically, Indonesia’s domestic reinsurance needs have always been met by foreign insurers, which has sparked concern from the Ministry of Finance and the Indonesian financial services authority Otoritas Jasa Keuangan (OJK). To address these concerns, in 2015 Indonesia’s Ministry of State Owned Enterprises announced that it was merging three Indonesian reinsurance companies to create IndoRe. While the impact of IndoRe on existing reinsurers is not currently known, it is anticipated that compulsory cession to IndoRe will be mandated and it is assumed that property and auto primary lines will see a requirement of 100 per cent local retention for nearly all risks. Thus 2017 will see much of the groundwork in achieving such goals, particularly as Officials have said their aim is to boost IndoRe’s market share to 50 per cent by 2019.
Amendments to the laws have passed both Commonwealth Houses of Parliament.
Canadian National Railway Company v BNSF Railway Company adds to recent case law that has seen the Federal Court refuse to issue routine protective orders.