BDO Knows: Insurance Alert - September 2017

September 2017


Summer NAIC Meeting Recap: Accounting and Cyber Updates 

Download PDF Version

By Imran Makda and Peter Popo

Notable Accounting Updates

The National Association of Insurance Commissioners (NAIC) hosted its 2017 Summer Meeting from August 6-9 in Philadelphia. The Statutory Accounting Principles (E) Working Group adopted revisions to several statutory accounting principles, some of which we’ve outlined below. Although subject to final approval by the NAIC Plenary, insurers should take note of these changes and assess the impact of these revisions on their financial reporting process.

Statement of Cash Flows
An update to SSAP No. 69—Statement of Cash Flow:  The revision of SSAP No. 69, adoption of ASU 2016-18 Restricted Cash (effective Q1 2018 for publics and 12/31/2019 for all other entities) will result in the following:
a) allow insurers to early adopt,
b) remove the proposed disclosure for restrictions on cash, cash equivalents and short-term investments from SSAP No. 69,
c)  SSAP No. 1 (Accounting Policies, Risks & Uncertainties and Other Disclosures) footnote 2 will be edited to clarify that the restricted assets disclosure will also include information on restrictions involving cash, cash equivalents and short-term investments. 

New footnote 1 in SSAP 69: Amounts generally described as restricted cash or restricted cash equivalents will be included in the beginning and ending balance in the cash flow statement. Transfers between cash, cash equivalents, amounts generally described as restricted cash or restricted cash equivalents, and short-term investments are not part of the entity’s operating, investing and financing activities, and details of those transfers are not reported as cash flow activities in the statement of cash flows.

AVR & IMR in SSAP 26R Bonds:  The proposed revision to SSAP 26R intends to provide consistency between the allocation of gains and losses between the asset valuation reserve (AVR) and interest maintenance reserve (IMR), as well as information on the recognition of other-than-temporary impairment (OTTI) if the security is sold in the same reporting period in which the OTTI is first identified.  Additionally, the recognition of losses from OTTI shall be recorded entirely to AVR or IMR in accordance with the annual statement instructions.

Statement of Statutory Accounting Principles (SSAP) No. 26R Bonds: The Statutory Accounting Principles Working Group rejected ASU 2017-08: Premium Amortization on Purchased Callable Debt Securities thereby retaining the existing statutory accounting provision of “yield to worst” for callable debt securities as it provides similar results to the “earliest call date” method. ASU 2017-08 changes existing U.S. GAAP and shortens the amortization period for certain callable debt securities held at a premium. Specifically, the change requires the premiums to be amortized to the earliest call date. There are no accounting changes for how securities held at a discount are amortized. 

Statement of Statutory Accounting Principles (SSAP) No. 43R Loan Backed and Structured Securities: This SSAP was initially identified for review as part of the Investment and Classification Project. Specifically, the project focused on the definition of the investments within scope and to assess whether investments are appropriately included or excluded within this standard. It was proposed that this item be removed from the Working Groups agenda as the proposed definition and other suggested revisions could have unintended consequences. 

For additional information on this meeting and other non-substantive revisions adopted at the Statutory Accounting Principles (E) Working Group August 6 meeting can be found online.

BDO’s Take
While these changes still need to be approved by the larger NAIC Plenary, approval would result in notable changes to accounting standards and procedures. While insurers wait to see if approvals come through, they should take steps to examine how these changes could impact their systems, processes and procedures.  Being proactive will lead to smooth and timely implementation regardless of when revisions are enacted.

Insurance Data Security Model Law

The Cybersecurity (EX) Working Group also met to further deliberate on the Insurance Data Security Model Law, which was first exposed in 2016. After receiving hundreds of pages of comments, conducting exhaustive and thorough deliberations and going through a number of iterations, the Insurance Data Security Model Law was presented for adoption and passed with overwhelming support. The purpose of this law is to establish standards for data security and for the investigation and notification of a cybersecurity event to the Insurance Commissioner.

The law established minimum requirements related to the implementation of information security programs that contain administrative, technical, and physical safeguards for the protection of nonpublic information against any threats or unauthorized access. It requires designation of either employees or vendors to oversee the program and assess the sufficiency of policies, procedures, information systems and other safeguards in place, under the ultimate oversight of the Board of Directors. It also requires companies to implement information safeguards to manage the threats identified in its ongoing assessment and to review the effectiveness of the safeguards’ key controls, systems and procedures at least annually. Finally, each insurer is required to submit a written statement to the Insurance Commissioner of the domiciliary state by February 15, certifying that the insurer is in compliance with the requirements. Furthermore, it also requires companies to develop a written incident response plan designed to promptly respond to, and recover from, any cybersecurity event.

BDO’s Take
The insurance industry is no stranger to the cyber threat and it is widely known that cyber incidents can cause significant financial and reputational harm to companies that house troves of sensitive consumer, transactional and other classified data. The new law—while requiring insurance companies to meet certain minimum standards—aims to provide enough flexibility to avoid constraining industry innovation, allowing firms to design their individual programs based on their unique needs.

Imran Makda is a Partner and leader of BDO’s Insurance practice. He can be reached at [email protected].

Peter Popo is an Assurance Partner in BDOs Insurance practice. He can be reached at [email protected]


For more information on BDO USA’s service offerings to this industry, please contact one of the following regional practice leaders: