On June 27, 2024, the Canadian Council of Insurance Regulators (CCIR) released a new report titled Governance and Business Culture in terms of Fair Treatment of Customers: Consolidated Observations, Recommendations and Good Practices Report (the Report). The Report provides consolidated insight into, along with recommendations and good practices concerning the governance and business culture of insurers conducting life, health or property and casualty business in Canada, with a specific focus on the fair treatment of customers (FTC). CCIR produced the Report using information from reviews of 40 insurers in Canada conducted by certain provincial insurance regulators – these reviews include an insurance industry review of 26 insurers completed in October 2023, along with other reviews of individual insurers conducted since 2017.

In releasing the Report, CCIR stated that the above-noted reviews allowed it to develop a picture of governance and business culture in relation to FTC within the Canadian insurance industry, including the identification of good practices and areas for improvement. CCIR also noted that most insurers with the “largest market shares” have already implemented elements identified in the Report’s recommendations.

Although many insurers noted in their respective Annual Statement on Market Conduct to have FTC-related governance and culture at an “advanced stage” of maturity, reviews conducted by insurance regulators in Canada found only a small percentage of such insurers could demonstrate that their respective board of directors and senior management integrated and promoted elements of FTC culture or that such FTC culture was present at all levels of the organization.

The Report highlights observations and recommendations of CCIR related to the following matters:

  • FTC-related roles and responsibilities of insurers’ respective boards of directors and senior management;
  • Insurers’ respective codes of ethics or conduct, fair treatment of customers policies and objectives;
  • Risk management and commercial practices that could adversely affect FTC; and
  • Information related to FTC reported to insurers’ respective senior management and board of directors.

It is also important to note that the observations and recommendations stated in the Report apply equally to insurers conducting life, health or property and casualty business.

This article provides a summary of the observations and recommendations set out in the Report and discusses key implications for insurers conducting business in Canada.

  1. Roles and responsibilities of the board of directors and senior management

The Report notes that an insurer’s board of directors (including its board committees), senior management and key persons in supervisory functions are the pillars that should underpin the insurer’s FTC governance framework.

  1. Observations

CCIR found that insurers did not always assign directors or a committee of directors responsibility for overseeing adherence to sound commercial practices, monitoring changes in business culture and monitoring the risks of inappropriate practices that could impact FTC. In addition, some insurers had not defined and documented FTC-related roles and responsibilities for their respective board of directors. For example, insurers assigning responsibility for “compliance with legal and regulatory requirements” (with no reference to more specific FTC-related responsibilities) is, according to the CCIR, insufficient for the purposes of complying with the requirement to define FTC roles and responsibilities within an insurer.

The FTC roles and responsibilities of senior officers of insurers were not always defined or documented. In addition, certain FTC roles and responsibilities were assigned to a specific person within an insurer’s organization rather than to a specific senior officer position, which may create continuity issues should the individual originally assigned the FTC roles and responsibilities depart the organization.

  • Recommendations

CCIR recommends that insurers assign to members of their respective board of directors (or one of the board committees) responsibility for ensuring adherence to sound commercial practices and for monitoring changes in business culture and risks of practices that could adversely affect FTC. The Report provides certain examples of such roles and responsibilities that may be assigned, including FTC culture within each insurer, the monitoring of FTC risk, policies and codes of ethics and conduct and governance structures in relation to FTC.

The Report also recommends that insurers define and document in writing any FTC-related roles and responsibilities assigned to senior management. The Report notes that examples of such roles and responsibilities may include FTC-related accountability, compliance with laws and regulations and conformance to regulator expectations, employee training and communication of FTC related expectations and management of FTC risk (including risks arising from outsourcing and relationships between insurers and third parties).

  1. Codes of ethics or conduct, FTC policies and objectives

The Report states that “business culture” refers to the common values and standards that characterize a business and influence the mindset and actions of its entire staff. Insurers’ respective boards of directors are responsible for ensuring their respective organizations’ codes of ethics strengthens and preserves business culture and promotes adherence to high standards of ethics and integrity.

Senior management are responsible for promoting an FTC-centric business culture and sound commercial practices, including (i) the development of objectives, strategies, policies, processes and procedures that are consistent with the organization’s values and enable the achievement of FTC outcomes; and (ii) implementing controls to ensure the conduct of an insurer’s staff is consistent with its FTC-related values.

It is important to note that insurers’ respective policies governing business operations (including underwriting, product design, pricing, distribution, claims processing) should also include FTC-related objectives.

  1. Observations

CCIR noted the following with respect to insurers that were subject to the reviews considered in the Report,

  • Although all insurers had a code of ethics or conduct, in only about 50% of cases were insurers’ respective external distributors also subject to the applicable insurer’s code of conduct;
  • Approximately 73% of insurers established one or more FTC-related policies;
  • In some cases, insurers’ respective FTC policies or code of ethics or conduct were not approved by the respective board of directors of such insurers or certain insurers had no evidence of such approval; and
  • Some insurers did not review or update their respective internal policies on a regular basis or such policies were not updated at the frequency required by certain insurers’ respective internal guidelines.

Insurers that CCIR found to be further ahead in operationalizing FTC-related principles had incorporated FTC into their respective policies to ensure that a culture of FTC was present at all stages of the life cycle of respective products and services of such insurers.

  • Recommendations

To address the above-noted observations, CCIR recommends that insurers, if not already done, proceed with certain actions, including the following:

  • Adopt a code of ethics or conduct;
  • Develop an FTC policy and communicate the same to insurers’ respective stakeholders;
  • Ensure FTC policies and code of ethics or conduct are approved by the board of directors; and
  • regularly review and update FTC policies and codes of ethics or conduct.
  1. Risk management and commercial practices

The Report also notes that an insurer’s senior management should ensure that controls are established to produce information for its board of directors to track the organization’s performance (including necessary improvements) with respect to FTC. An insurer must also take action, where applicable, to correct certain practices of its staff that are contrary to FTC.

  1. Observations

CCIR found that only 9% of insurers included reference to specific FTC-related risks in their respective risk management frameworks and related policies. In addition, some insurers incorporated certain elements of FTC risk into other risk categories, such as regulatory or operational risk. CCIR takes the position that such structuring of FTC risk within insurers’ respective risk management policies and procedures does not allow the board of directors or senior management to properly assess or react to risks related to FTC. The Report notes that insurers’ controls were sometimes insufficient to enable proper reporting to the board of directors and to implement a continuous improvement process for FTC.

  • Recommendations

CCIR recommends that insurers (i) integrate specific commercial practice risks that could impact FTC into their respective integrated risk management framework; and (ii) implement or strengthen the controls for generating information for the board of directors that supports monitoring and measuring insurers’ respective FTC-related performance and improvements.

  1. FTC reporting to the board of directors and senior management

Insurers’ respective boards of directors are responsible for reviewing their respective organization’s performance related to FTC and, where applicable, ensuring that appropriate corrective measures addressing FTC are undertaken. However, all levels within an insurer’s organization, including but not limited to the board of directors, must understand the importance of internal reporting related to FTC.

  1. Observations

CCIR found that some insurers did not always define FTC objectives in their respective strategic plans or where such objectives were defined, the wording used was very high level and reflected the wording taken from applicable regulatory frameworks and accordingly was not customized for the particular insurer’s business. Insurers’ respective stated FTC objectives did not include indicators for measuring success in achieving such objectives. In particular, the Report found that indicators developed and tracked by insurers focused mainly on sales-related performance metrics. The main FTC performance indicators identified by the Report relate to claim or call processing times, complaints and consumer satisfaction rates. However, CCIR found such indicators to be insufficient to properly measure an insurer’s FTC performance.

The implementation of reports regarding FTC for senior management and boards of directors was found in certain insurers to have not occurred or be implemented in a sub-optimal manner. Some insurers did not have a formal process in place for reviewing their respective FTC-related objectives and performance indicators.

  • Recommendations

The Report provides that insurers should undertake the following actions, as applicable, in order to address any gaps related to FTC reporting:

  • Document FTC objectives, communicate such objectives to all applicable stakeholders and implement the same within the insurers’ respective businesses;
  • Build on existing FTC performance indicators and develop new ones (the Report includes a helpful listing of examples of such objectives and indicators utilized by certain insurers);
  • Implement tools to analyze FTC indicators to identify issues and undertake appropriate corrective action; and
  • Further develop reporting of information to senior management and boards of directors to provide a holistic view of FTC to both provide assurance that FTC-related objectives are met and to assess insurers’ performance regarding the same.
  • Next steps for insurers conducting business in Canada

The Report acknowledges that certain insurers are farther along than others when implementing practices, policies and objectives related to FTC. Accordingly, the observations and recommendations in the Report may not be applicable to all insurers with robust FTC compliance regimes. However, the Report should still be consulted by all insurers conducting business in Canada to understand where, if applicable, their respective compliance with respect to FTC falls below regulators’ expectations. This self assessment should be conducted by senior management, properly documented and finally presented to and reviewed by the board of directors or Chief Agent.

FTC compliance should become a regular topic for board and senior management discussions. All aspects of the operations must have an FTC mindset, from product development, algorithm creation for underwriting purposes and finally to claims handling. FTC compliance must become integrated into the operationalization of an insurer’s strategy and implementation of its business plan. Resources must be allocated to those charged with roles and responsibilities of ensuring compliance with FTC. Finally, documentation is key. Policies and procedures must clearly indicate that FTC considerations are formally integrated.

All insurers conducting business in Canada (including those operating on a branch basis) should include the Report as a resource to review as part of their normal course internal regulatory compliance process. When conducting such a review, insurers should consider what contractual obligations are owed by key distributors (including MGAs, brokers and agents) to such insurer and whether the applicable contractual obligations include compliance with the FTC principles and objectives set out in the Report. This may include the requirement that distributors comply with the insurer’s code of conduct, which expressly incorporates certain FTC obligations.

We recommend that insurers pay particular attention to whether their respective audit rights under the particular contractual arrangement are sufficient to allow the insurer to effectively monitor distributors’ compliance with any FTC-related obligations imposed by the insurer under the terms of any applicable agreement. More importantly, insurers should exercise the audit rights on a regular basis and provide written reports to its counterparties. Measurement of improvement or rectification must be monitored and documented. In addition, a review by an insurer of its contractual arrangements with distributors against the guidance set out in the Report should also concurrently consider (where applicable) such arrangement’s compliance with Guideline B-10 (Third-Party Risk Management Guideline) (Guideline B-10) published by the Office of the Superintendent of Financial Institutions (Canada) (OSFI). Such guideline was last updated by OSFI in April 2023 and sets out OSFI’s expectations with respect to insurers’ management of risks associated with contractual arrangements with third-parties.

Dentons Canada’s corporate and regulatory Insurance group is available to discuss how insurers may incorporate Guideline B-10 and the FTC requirements from the Report into existing compliance-related policies and procedures and contractual arrangements with distributors.

For more information on this topic, please contact the authors, Laurie LaPalme, Derek Levinsky, Marisa Coggin or Jesse Collins-Swartz.

Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Laurie LaPalme

About Laurie LaPalme

Laurie LaPalme leads Dentons Canada’s National Corporate and Regulatory Insurance practice and is Co-Lead of the National Insurance sector group. With more than 20 years of experience advising domestic and foreign life and general insurance companies, insurance agents and brokers, reinsurance companies on corporate and regulatory matters, transactions, corporate reorganizations, and governance issues, clients note that Laurie is “absolutely an expert and that comes across clearly in the work,” taken from a Chambers Canada client interview.

Full bio

Derek Levinsky

About Derek Levinsky

Derek Levinsky (He/Him/His) is a partner in Dentons’ Corporate group and Insurance sector practice. Based in Toronto, Derek provides legal services to a wide range of clients in the insurance market, including brokers, agents, and other actors in the insurance space.

Full bio

Marisa Coggin

About Marisa Coggin

Marisa Coggin is a partner in the Corporate and Insurance groups at Dentons. Marisa’s practice focuses on corporate and commercial law with an emphasis on corporate and regulatory insurance. Marisa also offers experience in, and regularly assists clients with corporate reorganizations, mergers & acquisitions and financing.

Full bio

Jesse Collins-Swartz

About Jesse Collins-Swartz

Jesse Collins-Swartz is an associate in the Corporate group and Insurance sector practice at Dentons Canada LLP. Jesse’s work focuses on corporate and regulatory matters and commercial transactions, including M&A, joint ventures, corporate finance, and reinsurance.

Full bio

RELATED POSTS