Ohio Admin. Code 3901-3-19

Current through all regulations passed and filed through October 28, 2024
Section 3901-3-19 - Corporate governance annual disclosure
(A) Purpose

The purpose of this rule is to establish the procedures for filing, and the required content of, the corporate governance annual disclosure, deemed necessary by the superintendent pursuant to sections 3901.072 to 3901.078 of the Revised Code.

(B) Authority

This rule is promulgated pursuant to the authority vested in the superintendent under sections 3901.041 and 3901.077 of the Revised Code.

(C) Definitions
(1) "Board" means board of directors of an insurer or an insurance group.
(2) "CGAD" means a corporate governance annual disclosure.
(3) "Insurance Group" has the same meaning as defined in division (B)(2) of section 3901.072 of the Revised Code.
(4) "Insurer" has the same meaning as defined in division (B)(3) of section 3901.072 of the Revised Code.
(5) "NAIC" means the national association of insurance commissioners.
(6) "SEC" means the United States securities and exchange commission.
(7) "Senior Management" means any corporate officer responsible for reporting information to the board at regular intervals or providing this information to shareholders or regulators, and shall include, for example and without limitation, the chief executive officer (CEO), chief financial officer, chief operations officer, chief procurement officer, chief legal officer, chief information officer, chief technology officer, chief revenue officer, chief visionary officer, or any other "C" level executive.
(D) Filing procedure
(1) An insurer, or the insurance group of which the insurer is a member, required to file a CGAD by section 3901.073 of the Revised Code, shall, no later than June first of each calendar year, submit to the superintendent a CGAD that contains the information described in paragraph (E) of this rule.
(2) The CGAD must include a signature of the insurer's or insurance group's chief executive officer or corporate secretary attesting to the best of that individual's belief and knowledge that the insurer or insurance group has implemented the corporate governance practices and that a copy of the CGAD has been provided to the insurer's or insurance groups board or the appropriate committee thereof.
(3) The insurer or insurance group shall have the discretion regarding the appropriate format for providing the information required by these regulations and is permitted to customize the CGAD to provide the most relevant information necessary to permit the superintendent to gain an understanding of the corporate governance structure, policies and practices utilized by the insurer or the insurance group.
(4) For purposes of completing the CGAD, the insurer or insurance group may choose to provide information on governance activities that occur at the ultimate controlling parent level, an intermediate holding company level, and/or the individual legal entity level, depending upon how the insurer or insurance group has structured its system of corporate governance. The insurer or insurance group is encouraged to make the CGAD disclosures at the level at which the insurer's or insurance group's risk appetite is determined, or at which the earnings, capital, liquidity, operations, and reputation of the insurer are overseen collectively and at which the supervision of those factors are coordinated and exercised, or the level at which legal liability for failure of general corporate governance duties would be placed. If the insurer or insurance group determines the level of reporting based on these criteria, it shall indicate which of the three criteria was used to determine the level of reporting and explain any subsequent changes in level of reporting.
(5) Notwithstanding paragraph (D)(1) of this rule, and as outlined in section 3901.073 of the Revised Code, if the CGAD is completed at the insurance group level, then it must be filed with the lead state of the group as determined by the procedures outlined in the most recent financial analysis handbook adopted by the NAIC. In these instances, a copy of the CGAD must also be provided, upon request, to the chief regulatory official of any state in which the insurance group has a domestic insurer.
(6) An insurer or insurance group may comply with this section by referencing other existing documents, such as an own risk and solvency assessment (ORSA) summary report, holding company form B or form F filings, securities and exchange commission proxy statements, foreign regulatory reporting requirements, etc., if the documents provide information that is comparable to the information described in paragraph (E) of this rule. The insurer or insurance group shall clearly reference the location of the relevant information with the CGAD and attach the referenced document if it is not already filed with the department.
(7) Each year following the initial filing of the CGAD, the insurer or insurance group shall file an amended version of the previously filed CGAD, indicating revisions made, or a copy of the prior year filing with a dated statement indicating that no changes have been made in the information or activities reported in the previous year CGAD.
(E) Contents of corporate governance annual disclosure
(1) The insurer or insurance group shall be as descriptive as possible in completing the CGAD, with inclusion of attachments or example documents that are used in the governance process, since these may provide a means to demonstrate the strengths of their governance framework and practices.
(2) The CGAD shall describe the insurer's or insurance group's corporate governance framework and structure including consideration of the following:
(a) The board and various committees thereof ultimately responsible for overseeing the insurer or insurance group and the level(s) at which that oversight occurs, such as ultimate control level, intermediate holding company, legal entity, etc. The insurer or insurance group shall describe and discuss the rationale for the current board size and structure; and
(b) The duties of the board and each of its significant committees and how they are governed, such as bylaws, charters, informal mandates, etc., as well as how the board's leadership is structured, including a discussion of the roles of chief executive officer and chairman of the board within the organization.
(3) The insurer, or insurance group, shall describe the policies and practices of the most senior governing entity and significant committees thereof, including a discussion of the following factors:
(a) How the qualifications, expertise and experience of each board member meet the needs of the insurer or insurance group;
(b) How an appropriate amount of independence is maintained on the board and its significant committees;
(c) The number of meetings held by the board and its significant committees over the past year as well as information on director attendance;
(d) How the insurer or insurance group identifies, nominates and elects members to the board and its committees. The discussion should include, for example:
(i) Whether a nomination committee is in place to identify and select individuals for consideration;
(ii) Whether term limits are placed on directors;
(iii) How the election and re-election processes function; and
(iv) Whether a board diversity policy is in place and if so, how it functions.
(e) The processes in place for the board to evaluate its performance and the performance of its committees, as well as any recent measures taken to improve performance, including any board or committee training programs that have been put in place.
(4) The insurer or insurance group shall describe the policies and practices for directing senior management, including a description of the following factors:
(a) Any process or practices, such as suitability standards, to determine whether officers and key persons in control functions have the appropriate background, experience and integrity to fulfill their prospective roles, including:
(i) Identification of the specific positions for which suitability standards have been developed and a description of the standards employed; and
(ii) Any changes in an officer's or key person's suitability as outlined by the insurer's or insurance group's standards and procedures to monitor and evaluate.
(b) The insurer's or insurance group's code of business conduct and ethic, the discussion of which considers, for example:
(i) Compliance with laws, rules, and regulations; and
(ii) Proactive reporting of any illegal or unethical behavior.
(c) The insurer's or insurance group's processes for performance evaluation, compensation and corrective action to ensure effective senior management throughout the organization, including a description of the general objectives of significant compensation programs and what the programs are designed to reward. The description shall include sufficient detail to allow the superintendent to understand how the organization ensures that compensation programs do not encourage and/or reward excessive risk taking. Elements to be discussed may include, for example:
(i) The board's role in overseeing management compensation programs and practices;
(ii) The various elements of compensation awarded in the insurer's or insurance group's compensation programs and how the insurer or insurance group determines and calculates the amount of each element of compensation paid;
(iii) How compensation programs are related to both company and individual performance over time;
(iv) Whether compensation programs include risk adjustments and how those adjustments are incorporated into the programs for employees at different levels;
(v) Any claw-back provisions built into the programs to recover awards or payments if the performance measures upon which they are based are restated or otherwise adjusted; and
(vi) Any other factors relevant in understanding how the insurer or insurance group monitors its compensation policies to determine whether its risk management objectives are met by incentivizing its employees.
(d) The insurer's or insurance group's plans for CEO and senior management succession.
(5) The insurer or insurance group shall describe the processes by which the board, its committees and senior management ensure an appropriate amount of oversight to the critical risk areas impacting the insurer's business activities including a discussion of:
(a) How oversight and management responsibilities are delegated between the board, its committees, and senior management;
(b) How the board is kept informed of the insurer's strategic plans, the associated risks, and steps that senior management is taking to monitor and manage those risks;
(c) How reporting responsibilities are organized for each critical risk area. The description should allow the superintendent to understand the frequency at which information on each critical risk area is reported to and reviewed by senior management and the board. This description may include, for example, the following critical risk areas of the insurer:
(i) Risk management processes. An insurer, or the insurance group of which the insurer is a member, that files an ORSA summary report with the superintendent pursuant to section 3901.375 of the Revised Code may refer to its ORSA summary report;
(ii) Actuarial function;
(iii) Investment decision-making processes;
(iv) Reinsurance decision-making processes;
(v) Business strategy/finance decision-making processes;
(vi) Compliance function;
(vii) Financial reporting/internal auditing; and
(viii) Market conduct decision-making processes.
(F) Severability

If any paragraph, term or provision of this rule is adjudged invalid for any reason, the judgment shall not affect, impair or invalidate any other paragraph, term or provision of this rule, but the remaining paragraphs, terms and provisions shall be and continue in full force and effect.

Ohio Admin. Code 3901-3-19

Effective: 2/14/2022
Five Year Review (FYR) Dates: 11/30/2021 and 08/31/2026
Promulgated Under: 119.03
Statutory Authority: 3901.77, 3901.041
Rule Amplifies: 3901.074
Prior Effective Dates: 04/20/2017