Passing the Spitzer Test

The New York Attorney General's deep probe into the insurance industry will result in greater-than-ever demands for transparency in carrier-distributor relationships. But few carriers have the enterprise reporting and compliance capabilities needed to conform.

Despite an unprecedented string of hurricanes this fall, the biggest disaster experienced by the property-and-casualty insurance industry was of the man-made variety. New York State Attorney General Eliot Spitzer's Oct. 14 suit against broker Marsh & McLennan - built upon a voluminous collection of damning e-mail communications - targeted not only bid-rigging between Marsh and its insurance partners, but also the contingent commission agreements whereby carriers reward brokers for the volume and profitability of the business they submit. The resulting impression - of brokers and carriers united in protecting each other's interests to the detriment of their customers - is likely to drive permanent change in the way insurance companies manage their distribution channels.

As the defendant in Spitzer's complaint, Marsh has been faced with the most severe immediate consequences. But the suit is a message to other brokers involved in shady compensation schemes - and to the insurance carriers that collaborate with them. At press time, several insurance executives had already entered guilty pleas to bid-rigging-related charges, and uncertainty remains as to the status of contingent commission compensation arrangements. Those arrangements are being defended by insurance industry spokespersons and analysts as time-honored and totally legal practices. But whatever their ultimate status, it is clear that regulators - and prosecutors - are going to demand greater transparency in the insurance distribution process. That will require not only a procedural response by insurance companies, but a technological one, too.

Distribution Transformation

"It seems regulators may trigger insurance industry distribution transformation where the Internet revolution failed," speculates Chuck Johnston, director, insurance industry marketing for enterprise incentive management (EIM) solution provider Callidus Software (San Jose, Calif.). As distribution practices continually evolve within a competitive market, there has been a blurring of the intermediary's role as consultant and salesperson, according to Johnston. "Carriers and brokers have encouraged that blurring; the confluence of compensation plans, consulting fees, fees for service and other 'market incentives' have made it difficult to draw clear lines of responsibility and incentive for insurers, consumers and intermediaries," he says.

Regulators could introduce a great deal of focus by simply banning contingent commissions altogether, on the grounds that they focus brokers on financial rewards rather than on clients' interests. That's not likely to happen, according to Brian Casey, an attorney with Lord, Bissell & Brook (Atlanta). "The majority of regulators seem to be favoring disclosure [of contingent commission arrangements] as opposed to prohibition," he says.

Much of the responsibility for disclosure will fall on brokers, but to the extent that brokers' proposals tie into carriers' systems, the latter will have to make sure that those systems are retooled and upgraded to allow for appropriate disclosure. "Carriers may want to go a step further and stick something in for good measure to make sure that they have delivered the disclosure, in case the broker hasn't done it," Casey recommends.

Carriers will also need to make sure their systems record with which brokers and agents they have contingent agreements. "Presumably, they know which ones have them, since they're paying them," Casey observes. "But from a Sarbanes-Oxley-type internal control and reporting perspective, they will need to revise their systems so that [such arrangements] are being reported all the way up the management chain."

The problem, according to Callidus' Johnston, is that "old, siloed compensation technologies hinder efforts to create a holistic view of broker incentives, and therefore of relationships."

Cynthia Saccocia, a senior analyst with Needham, Mass.-based TowerGroup, agrees, saying that the status quo of managing incentive compensation functionality within policy administration systems is inadequate. "Policy admin systems are just not designed for the hierarchies that characterize payment today," she argues. "Rather than an approach isolated to particular businesses, it's more of an enterprise initiative."

In addition to Callidus, carriers have a rich menu of EIM vendors to choose from, including DSPA (Mississauga, Ontario), Centive (Bedford, Mass.), Trilogy (Austin, Texas) and Siebel Systems' (San Mateo, Calif.) Incentive Compensation Management solution, which is sold as both a stand-alone solution and an add-on module for Siebel customers.

Slow Adoption

Unfortunately, insurers have been slow to adopt enterprise commission systems, owing to a "good enough" attitude toward the status quo of managing incentive compensation functionality within policy admin systems. "The attitude is not going to cut it, when we think about possible changes in regulation or drives for transparency," Saccocia comments. "There aren't enough means by which companies can roll-up and effectively consolidate all the information that comes from those sources."

Enterprise incentive management systems allow for more accurate tracking and reporting by virtue of providing a single application through which all such relationships are channeled, according to Saccocia. "These systems can directly tie to the financials so that you have a record of every kind of payment that's made to any particular entity," she says.

EIM solutions can also dovetail with a larger partner relationship management (PRM) functionality that can provide deeper transparency into carrier/producer interactions. PRM, according to Saccocia, is similar to CRM, but with more focus on strategic rather than tactical interactions, tracking concerns such as production levels, incentive program status and compliance with marketing initiatives. "It allows the insurance company to establish a portal for the executive leadership to have a view into the state of the business," Saccocia says.

That view accords executives not only greater access to production data, but potentially also to transactions that previously might have been accomplished through handshakes and verbal agreements between brokers and their insurance company counterparts. A well-implemented PRM solution, Saccocia observes, "demonstrates who knows what at any given time, because it exposes everything about the relationship, for everyone to see."

For all the value that such solutions can bring, insurers appear to be withholding consideration of investing in them while they wait to see which way the wind is blowing, according to Saccocia. "They're not yet sure whether they're going to have to respond to some compliance or regulatory change," she says. That attitude reflects not prudence, but rather, poor alignment among carriers' compliance organizations and IT and operations, Saccocia believes. "We're finding that many of these conversations are not making it into the CIO's office," she says.

What senior management ought to be doing is sitting down with the CIO to consider possible scenarios and consider the economics of acting versus waiting, Saccocia suggests. Rather than putting off investing, she says, "If there were ever an inkling of doing a commission project, now is the time to raise it." In fact, given the current climate, CIOs who foresaw the value of such projects in the past can now argue more forceably for undertaking them. They can argue that "We've already started down this path; here's another reason to continue," according to Saccocia. "The important thing is they must not shy away from making these enterprise initiatives."

Central Repository

Those who balk at investing in technology now will still have to come up with some kind of solution, Saccocia insists. "Even if it's a three-ring binder, insurance companies need clear and consistent documentation of selling agreements and commissions by amount, product and product line in a central repository."

UICI ($1.8 billion in annual operating revenue) applies the concept of a central repository in its approach to all enterprise compliance concerns. The North Richland Hills, Texas-based carrier has also adopted a proactive technological approach to compliance, according to Brett Curran, chief compliance officer. "In the past, each of our 11 business units handled compliance, based on their lines of products and the corresponding regulations that applied to those," he says. "Taking a piecemeal approach [to compliance] just doesn't work anymore."

In response to the demands of HIPAA, UICI took what Curran calls a "portfolio," or enterprise, approach, which was designed to anticipate future demands. The idea was to put in processes and organizations through which the company could address HIPAA, while recognizing that the regulation was the first of many.

"We looked at it as an opportunity for building a compliance receptacle, if you will, with which we could take other rules and regulations and operating practices, plug them in and have it just become the way you work," Curran recounts.

Curran was a 13-year veteran of UICI who had gone on to other ventures when he was called back to create an enterprise compliance program at the carrier in 2000. "One of my foundational principles was that any tools we would use in the course of implementing that program would be selected unanimously for use throughout the company," he relates.

About three years ago, the carrier made a foundational investment for its new approach with Axentis' (Cleveland) enterprise compliance and governance tool, which guides carriers to establish a consistent compliance vocabulary, develop clear accountabilities and establish a core operational approach that can be leveraged for all future compliance demands. "I had searched for some knowledge functionality and some sort of process control engine but couldn't find anything out there," Curran says. "Then, after exploring a shared vision, I sat down with [Axentis CEO] Ted Frank and partners in PricewaterhouseCoopers' Global Risk Advisory Services [New York] and formed a partnership where Axentis provided the technical expertise, PwC contributed the industry compliance perspective and we provided a usability perspective related to deployment and administration of Axentis."

Above this foundation, Curran has added such tools as TFP's (Skokie, Ill.) iFACS and iCIF Web-based interdiction tools for OFAC (Office of Foreign Assets) compliance; Gryphon Networks' (Norwood, Mass.) Do Not Call solution; and NwTech's (Encintas, Calif.) MailMarshall application for e-mail interrogation and screening.

Curran is looking to improve further UICI's ability to store e-mail efficiently, as well as more precisely secure and control its content. Tight control of e-mail is important in addressing a host of document-retention and other compliance requirements, but it can also help detect potential wrongdoing by company personnel before such behavior attracts the attention of the likes of Eliot Spitzer, Curran acknowledges. "For example, you can use a tool to catch e-mails containing protected and privileged information before they are sent, allowing an appropriate person to review them and query whether [the content] is against policies and procedures, whether it's compliant with our practices, and whether it could jeopardize the business or any of the customer information that we manage."

Anthony O'Donnell has covered technology in the insurance industry since 2000, when he joined the editorial staff of Insurance & Technology. As an editor and reporter for I&T and the InformationWeek Financial Services of TechWeb he has written on all areas of information ... View Full Bio