(a) Contents.--The CGAD must contain the material information necessary to permit the department to gain an understanding of the insurer's or insurance group's corporate governance structure, policies and practices. The commissioner shall consider premium volume, licensing status in other states and corporate complexity and scale when evaluating the comprehensiveness of a company's CGAD.
(b) Discretion.--The insurer or insurance group shall have discretion over the contents of the CGAD if the CGAD includes all of the following information:
(1) A description of the insurer's or insurance group's corporate governance framework, including all of the following:
(i) The board and committees of the board that are ultimately responsible for oversight of the filing entity.
(ii) The level or levels at which board or committee oversight occurs, such as the ultimate controlling parent level, an intermediate holding company level or the individual legal entity level or some combination of these levels.
(iii) The rationale for the current board size and structure.
(iv) The duties of the board and each of its significant committees.
(v) The method of board and committee governance, such as bylaws, charters or informal mandates.
(vi) The structure of the board's leadership.
(vii) A discussion of the roles of the chief executive officer and chairman of the board or their functional counterparts within the organization.
(2) Policies and practices of the board of directors or the most senior governing entity and significant committees of the board or entity, including a discussion of the following factors:
(i) The way in which the qualifications, expertise and experience of each board member meet the needs of the filing entity.
(ii) The method for maintaining an appropriate amount of independence on the board and its significant committees.
(iii) The number of meetings held by the board and its significant committees over the past year as well as information on board member attendance.
(iv) The way in which the filing entity identifies, nominates and elects members to the board and its committees. Factors discussed may include whether a nominating committee exists, whether term limits are placed on directors, how the election and reelection processes function and whether a board diversity policy is in place and, if so, how it functions.
(v) The processes in place for the board to evaluate its performance and the performance of its committees, as well as any recent measures taken to improve performance, including any board or committee training programs.
(3) Policies and practices for directing senior management, including a description of any processes, practices or suitability standards used to determine whether officers and key persons in control functions have the appropriate background, experience and integrity to fulfill their prospective roles. The description shall identify:
(i) The following:
(A) The specific positions for which suitability standards have been developed and a description of the standards employed.
(B) Procedures in place to monitor any changes in an officer's or key person's suitability, as outlined by the filing entity's standards and procedures to monitor and evaluate such changes.
(ii) The filing entity's code of business conduct and ethics, including a discussion of compliance with laws, rules and regulations, and proactive reporting of any illegal or unethical behavior.
(iii) The filing entity's plans for senior management succession.
(iv) The filing entity's processes for performance evaluation, compensation and corrective action to ensure effective senior management throughout the organization, including a description of the general objectives of significant compensation programs and what the programs are designed to reward. The description shall include sufficient detail to allow the department to understand how the organization ensures that compensation programs neither encourage nor reward excessive risk-taking. Elements to be discussed may include any of the following:
(A) The board's role in overseeing management compensation programs and practices.
(B) The various elements of compensation awarded in the filing entity's compensation programs.
(C) The method by which the filing entity determines and calculates the amount of each element of compensation paid.
(D) The way in which compensation programs are related to both company and individual performance over time.
(E) Whether compensation programs include risk adjustments and, if so, how those adjustments are incorporated into the programs for employees at different levels.
(F) Any clawback provisions built into the programs to recover awards or payments if the performance measures upon which they are based are restated or otherwise adjusted.
(G) Any other factors relevant in understanding how the filing entity monitors its compensation policies to determine whether its risk management objectives are met by incentivizing its employees.
(4) A description of the processes by which the board, its committees and senior management ensure an appropriate amount of oversight over critical risk areas impacting the insurer or insurance group's business activities, including a discussion of the following:
(i) The way in which oversight and management responsibilities are delegated among the board, its committees and senior management.
(ii) The way in which the board remains informed of the filing entity's strategic plans, the associated risks and steps that senior management is taking to monitor and manage those risks.
(iii) The way in which reporting responsibilities are organized for each critical risk area. The description should allow the department to understand the frequency at which information on each critical risk area is reported to and reviewed by senior management and the board. This description may include the following critical risk areas of the insurer:
(A) Risk management processes.
(B) Actuarial function.
(C) Investment decision-making processes.
(D) Reinsurance decision-making processes.
(E) Business strategy.
(F) Finance decision-making processes.
(G) Compliance function.
(H) Financial reporting.
(I) Internal auditing.
(J) Market conduct decision-making processes.
(5) Any other information as specified by regulation.
(c) Additional information.--The department may request additional information regarding the items provided under subsection (b) that are material and necessary to provide a clear understanding of the corporate governance policies, the reporting or information system or the controls implementing those policies. An insurer or insurance group shall maintain and make available supporting information upon examination or upon the request of the department.
(d) Permissible levels of reporting.--
(1) For purposes of completing the CGAD, the insurer or insurance group may provide information regarding corporate governance at the ultimate controlling parent level, an intermediate holding company level or the individual legal entity level, or some combination thereof, depending upon how the insurer or insurance group has structured its system of corporate governance. When determining which level to choose, the insurer or insurance group shall consider the level at which any of the following occurs:
(i) The insurer's or insurance group's risk appetite is determined.
(ii) Earnings, capital, liquidity, operations and reputation of the insurer or insurance group are overseen collectively and at which the supervision of those factors are coordinated and exercised.
(iii) Legal liability for failure of general corporate governance duties would be placed.
(2) An insurer or insurance group that determines the level of reporting based on any of the criteria under paragraph (1) shall indicate which of the criteria was used to determine the level of reporting and explain any subsequent changes in level of reporting.
(e) Attestation.--The CGAD must include a signature of the insurer or insurance group's chief executive officer or corporate secretary attesting to the best of that individual's belief and knowledge that the insurer or insurance group has implemented the corporate governance practices and that a copy of the disclosure has been provided to the insurer or insurance group's board of directors or the appropriate committee of the board.