INTERNAL AUDIT FUNCTION H.B. 5243 (H-3):
SUMMARY OF HOUSE-PASSED BILL
IN COMMITTEE
House Bill 5243 (Substitute H-3 as passed by the House)
Sponsor: Representative Brad Paquette
Ways and Means
Senate Committee: Insurance and Banking
CONTENT
The bill would amend Chapter 10 (Annual Audited Financial Reports) of the Insurance Code to require certain insurers or groups of insurers to establish an internal audit function.
Internal Audit Function
Under the bill, an insurer would be exempt from the bill's requirements if it had annual direct written and unaffiliated assumed premium, including international direct and assumed premium, but excluding premiums reinsured with the Federal Crop Insurance Corporation and National Flood Insurance Program, less than $500.0 million and if the insurer were a member of a group of insurers that had annual direct written and unaffiliated assumed premium, including international direct and assumed premium, but excluding premiums reinsured with the Federal Crop Insurance Corporation and National Flood Insurance Program, less than $1.0 billion.
An insurer or group of insurers not exempt from the bill's requirements would have to establish an internal audit function providing independent, objective, and reasonable assurance to the audit committee and management regarding the insurer's governance, risk management, and internal controls. This assurance would have to be provided by performing general and specific audits, reviews and tests, and by employing other techniques considered necessary to protect assets, evaluate control effectiveness and efficiency, and evaluate compliance with policies and regulations.
The Code defines "audit committee" as a committee or equivalent body established by the board of directors of an entity to oversee the accounting and financial reporting processes and audits of the financial statements of an insurer or group of insurers. Instead, under the bill, the term would mean a committee or equivalent body established by the board of directors of an entity to oversee the accounting and financial reporting processes of an insurer or group of insurers, the internal audit function of an insurer or group of insurers, if applicable, and the external audits of the financial statements of an insurer or group of insurers.
"Internal audit function" would mean a person or people that provide independent, objective, and reasonable assurance designed to add value and improve an organization's operations and accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance process.
General and specific audits performed as described above would not be considered an insurance compliance self-evaluative audit. Documents prepared or produced as a result of or in connection with audits performed to provide assurance (described above) would have to be disclosed to the Director of the Department of Insurance and Financial Services (DIFS) on written request. Except as otherwise provided, the Director would have to withhold from public inspection all information and documents submitted to DIFS and these items would be confidential, would not be subject to subpoena, would not be subject to the Freedom of Information Act, and could not be divulged to any person. However, the Director could divulge the information and documents to a relevant State or Federal agency, or to the National Association of Insurance Commissioners, if the Director received assurances that the information and documents would be kept confidential. The Director could not use the information and documents to form the sole basis for an examination under Section 222.
(Section 222 allows the Director, in person or by any of his or her authorized deputies or examiners, to examine any or all of the books, records, documents, and papers of an insurer at any time after its articles of incorporation have been executed and filed, or after it has been authorized to do business in this state.)
To ensure that internal auditors remained objective, the internal audit function would have to be organizationally independent. Specifically, the internal audit function could not defer ultimate judgment on audit matters to others, and would have to appoint an individual to head the internal audit function who would have direct and unrestricted access to the board of directors. Organizational independence would not preclude dual-reporting relationships.
The head of internal audit function would have to report to the audit committee regularly, but at least annually, on the period audit plan, factors that could have an adverse impact on the internal audit function's independence or effectiveness, material findings from completed audits, and the appropriateness of corrective actions implemented by management as a result of audit functions.
If an insurer were a member of an insurance holding company system or included in a group of insurers, the insurer could satisfy the internal audit function requirements at the ultimate controlling parent level, an intermediate holding company level, or the individual legal entity level.
An insurer that met the premium thresholds described above would have to have an internal audit function and would have to have it in place by no later than January 1, 2021. If an insurer or group of insurers that was exempt no longer qualified for the exemption, it would have one year after the year the threshold was exceeded to comply with the requirement.
Internal Audit Function Oversight
Under the bill, the audit committee of an insurer or group of insurers would be responsible for overseeing the insurer's internal audit function and granting the person and people performing the function suitable authority and resources to fulfill their responsibilities if required under the bill.
Independent Audit Committee Members
Under the Code, all insurers are encouraged to structure their audit committees with at least a supermajority of independent committee members. An insurers with $300,000,000.01 or less of direct written and assumed premiums in the previous calendar year is not required to have independent audit committee members.
An insurer with over $300.0 million, but $500.0 million or less of direct written and assumed premiums in the previous calendar year must have 50% or more of its audit committee members be independent. Instead, under the bill, an insurer with over $300,000,000.01, but less than $500.0 million of direct written and assumed premiums in the previous calendar year would have to have 50% of more of its audit committee members be independent.
MCL 500.1001 et al. Legislative Analyst: Stephen Jackson
FISCAL IMPACT
The bill would have no fiscal impact on State or local government.
Fiscal Analyst: Elizabeth Raczkowski
This analysis was prepared by nonpartisan Senate staff for use by the Senate in its deliberations and does not constitute an official statement of legislative intent.