87 FR 71 pgs. 22026-22031 - 2022 Terrorism Risk Insurance Program Data Call
Type: NOTICEVolume: 87Number: 71Pages: 22026 - 22031
Pages: 22026, 22027, 22028, 22029, 22030, 22031FR document: [FR Doc. 2022-07861 Filed 4-12-22; 8:45 am]
Agency: Treasury Department
Official PDF Version: PDF Version
[top]
DEPARTMENT OF THE TREASURY
2022 Terrorism Risk Insurance Program Data Call
AGENCY:
Departmental Offices, Department of the Treasury.
ACTION:
Data collection.
SUMMARY:
[top] Pursuant to the Terrorism Risk Insurance Act of 2002, as amended (TRIA), insurers that participate in the Terrorism Risk Insurance Program (TRIP
DATES:
Participating insurers must register and submit data no later than May 16, 2022.
ADDRESSES:
Participating insurers will register through a website that has been established for this data call. After registration, insurers will receive data collection forms through a secure file transfer portal, and they will submit the requested data through the same secure portal. Participating insurers can register for the 2022 TRIP Data Call at https://tripsection111data.com. Additional information about the data call, including sample data collection forms and instructions, can be found on the TRIP website at https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-program/annual-data-collection.
FOR FURTHER INFORMATION CONTACT:
Richard Ifft, Senior Insurance Regulatory Policy Analyst, Federal Insurance Office, Room 1410, Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220, (202) 622-2922; Sherry Rowlett, Program Analyst, Federal Insurance Office, Room 1410, Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220, (202) 622-1890; Jeremy Pam, Senior Insurance Regulatory Policy Analyst, Federal Insurance Office, (202) 622-7009; or Saurav Banerjee, Senior Insurance Regulatory Policy Analyst, Federal Insurance Office, (202) 622-5330. Persons who have difficulty hearing or speaking may access these numbers via TTY by calling the toll-free Federal Relay Service at (800) 877-8339.
SUPPLEMENTARY INFORMATION:
I. Background
TRIA? 1 created the Program within the U.S. Department of the Treasury (Treasury) to address disruptions in the market for terrorism risk insurance, to help ensure the continued availability and affordability of commercial property and casualty insurance for terrorism risk, and to allow for the private market to stabilize and build insurance capacity to absorb any future losses for terrorism events. The Program has been reauthorized on a number of occasions, and was most recently extended until December 31, 2027. 2 TRIA requires the Secretary of the Treasury (Secretary) to collect certain insurance data and information from insurers on an annual basis regarding their participation in the Program. 3 TRIA also requires the Secretary to prepare a biennial report on the effectiveness of the Program (Effectiveness Report). 4 The Effectiveness Report must be submitted to Congress by June 30, 2022. The Federal Insurance Office (FIO) is authorized to assist the Secretary in the administration of the Program, 5 including conducting the annual data call and preparing reports and studies required under TRIA.
Footnotes:
1 ?Public Law 107-297, 116 Stat. 2322, codified at 15 U.S.C. 6701, note. Because the provisions of TRIA (as amended) appear in a note, instead of particular sections, of the United States Code, the provisions of TRIA are identified by the sections of the law.
2 ?Terrorism Risk Insurance Program Reauthorization Act of 2019, Public Law 116-94, 133 stat. 2534.
3 ?TRIA, sec. 104(h)(1). Treasury regulations also address the annual data collection requirement. See 31 CFR 50.51, 50.54.
4 ?TRIA, sec. 104(h)(2).
5 ?31 U.S.C. 313(c)(1)(D).
As discussed further below, there are certain changes to the data collection forms that are being used this year as compared to those that were used during the 2021 TRIP Data Call. FIO solicited public comment concerning these forms, 6 and received a number of comments concerning the proposed changes. FIO's evaluation of those comments, and the steps it has taken in response to the comments, are addressed below. The forms were then submitted for approval to the Office of Management and Budget (OMB), pursuant to the requirements of the Paperwork Reduction Act. The data collection forms have now been approved for use by OMB under Control Number 1505-0257 for a period ending March 31, 2025. 7
Footnotes:
6 ?Terrorism Risk Insurance Program 2022 Data Call, 86 FR 64600 (November 18, 2021).
7 ?Office of Information and Regulatory Affairs, Office of Management & Budget, OMB Control No. 1505-0257, https://www.reginfo.gov/public/do/PRAViewICR?ref_nbr=202202-1505-002.
II. Elements of 2022 TRIP Data Call
For purposes of the 2022 TRIP Data Call, FIO, state insurance regulators, and the National Association of Insurance Commissioners (NAIC) will again use the consolidated data call mechanism first developed for use in the 2018 TRIP Data Call. This approach relies on four joint reporting templates, to be completed by Small Insurers, Non-Small Insurers, Captive Insurers, and Alien Surplus Lines Insurers, each as defined below. The use of joint reporting templates is designed to satisfy the objectives of both Treasury and state insurance regulators, while also reducing burden on participating insurers. State insurance regulators or the NAIC will provide separate notification regarding the reporting of information into the state reporting portal, including any reporting requirements to state insurance regulators that are distinct from the Treasury requirements. Insurers subject to the consolidated data call that are part of a group will report on a group basis, while those that are not part of a group will report on an individual company basis.
A. Changes to the 2021 Reporting Templates
[top] In November 2021, Treasury proposed a number of changes to the existing data collection templates for use in the 2022 TRIP Data Call; those changes related to the information sought specifically from captive insurers, as well as from any insurers writing cyber insurance. 8 In its Notice, Treasury expressly sought comments concerning these proposed changes. In response to the Notice, Treasury received eight written comments. 9 Those comments address issues concerning the manner and subject of the data collection. The suggestions made in those comments,
Footnotes:
8 ?Terrorism Risk Insurance Program 2022 Data Call, 86 FR 64600 (November 18, 2021).
9 ?Seven comments were received in response to Treasury's November 2021 Notice, from the Centers for Better Insurance LLC (December 10, 2021) (CBI Comments), the Chaucer Group (January 18, 2022) (Chaucer Comments), Underwriters at Lloyd's, London (January 18, 2022) (Lloyd's Comments), the National Association of Mutual Insurance Companies (January 19, 2022) (NAMIC Comments), the American Property Casualty Insurance Association (January 19, 2022) (APCIA Comments), the National Risk Retention Association (January 19, 2022) (NRRA Comments), and the Vermont Captive Insurance Association, the Captive Insurance Companies Association, and the Captive Insurance Council of the District of Columbia (consolidated submission) (January 19, 2022) (VCIA/CICA/CICDC Comments). These comments are available at https://www.regulations.gov/document/TREAS-TRIP-2021-0020-0001/comment. In addition, NAMIC submitted an additional comment letter dated March 9, 2022 in response to the separate Federal Register Notice (87 FR 8941 (February 16, 2022)) published by Treasury in connection with Paperwork Reduction Act requirements. That comment is available at https://www.reginfo.gov/public/do/PRAViewICR?ref_nbr=202202-1505-002, and addresses the same issues as those identified in NAMIC's initial comment letter.
Captive Insurer Reporting Comments
One comment that addressed the proposed data collection revisions concerning captive insurers did not object to any of the captive insurer changes; rather, it suggested additional changes to require responding captive entities to specify their type of captive insurer ( e.g., pure captive, protected cell captive, etc.). 10 Because of the type of analysis Treasury performs with respect to the captive insurers in connection with the Program, such further detail would not assist in Treasury's evaluation of the exposure posed to the Program by captive insurers, and Treasury declines to make the further proposed changes. In addition, the commenter also proposed the addition of more granular questions than Treasury has proposed with regard to standalone coverage for nuclear, biological, chemical, and radiological (NBCR) terrorism risk versus conventional terrorism risk issued by captive insurers, as well as associated reinsurance. 11 Treasury believes that the level of detail originally proposed will provide sufficient information regarding the use of captives to provide NBCR coverage. Therefore, Treasury declines to make the proposed changes. To the extent further analysis of the data obtained by Treasury suggests that additional changes are warranted, Treasury can address such changes at a later time.
Footnotes:
10 ?CBI Comments at 3-4.
11 ? Id. at 4-6.
Two comments received from captive insurer trade associations indicated that they do not oppose the changed reporting requirements (both those specific to captive insurers, as well as those addressing cyber insurance). 12 However, each commenter noted the increasing burden they claim is imposed by the data collection requirements on captive insurers, cautioning that such burdens could become unsustainable for such entities. The commenters also stated that the data that will be produced by these entities in response to the data collection is highly confidential. 13 Treasury is mindful of the burden imposed by data collection requirements and will continue to seek to minimize this burden as appropriate, consistent with its stewardship of the Program and reporting requirements to Congress. To that end, Treasury confirms (as requested by the commenters) that it will continue to excuse from reporting requirements captive insurers that do not write any terrorism risk insurance subject to the Program (whether on a standalone or embedded basis), and that it will continue to collect information through an outside data aggregator that provides the information to Treasury in an anonymized, aggregated format.
Footnotes:
12 ?VCIA/CICA/CICDC Comments at 2; NRRA Comments at 1-2.
13 ? Id.
Cyber Insurance Reporting Comments
Four additional comments were received that focused upon the proposed cyber insurance reporting changes-two from insurance trade associations, 14 and two from or on behalf of companies or syndicates operating in the alien surplus lines insurance market. 15 These comments raise the following issues, which Treasury summarizes-along with its responses-as follows:
Footnotes:
14 ?NAMIC Comments; APCIA Comments.
15 ?Chaucer Comments; Lloyd's Comments.
Two of the commenters questioned whether there has been sufficient coordination with state regulators for the newly-proposed data elements. 16 Section 104(h)(4) of the Act states that Treasury shall coordinate with state regulators in advance "to determine if the information to be collected is available from, and may be obtained in a timely manner by, individually or collectively, such entities." Among other things, Treasury reviewed existing state cyber insurance data calls and coordinated with the NAIC with regard to the newly-proposed data elements. Treasury has determined that the newly-proposed data elements (information by policyholder size (Cyber Worksheet, Lines 12-17), cyber policy limits specific to cyber extortion and ransomware (Cyber Worksheet, Lines 21-24), and cyber-related loss payments specific to cyber extortion and ransomware (Cyber Worksheet, Lines 25-30)) are not currently collected by state regulators or available from publicly-available sources. Treasury coordinated as required under Section 104(h)(4) of the Act respecting these newly-proposed data elements. Additionally, Treasury issued for public comment a notice describing the proposed changes for the TRIP data collection; no commenters suggested that the information sought by Treasury was available from publicly-available sources. Also, state regulators (who have not previously requested this information) will be using the same reporting templates as Treasury is authorized to use for the 2022 data call for purposes of the parallel state terrorism risk insurance collection that state regulators have conducted on a coordinated basis with Treasury since 2018. This collaborative approach to the TRIP data collection has resulted in significant efficiencies for reporting insurers.
Footnotes:
16 ?Lloyd's Comments at 1; APCIA Comments at 1.
Two of the commenters raised questions as to whether the collection of information relating to cyber insurance written in non-Program eligible lines is within the scope of the Secretary's authority under the Act. 17 These comments, if accepted, would curtail the Secretary's ability to determine the effectiveness of the Program, which is the purpose of data collection under Section 104(h) of the Act. While Treasury has determined that cyber risk insurance is within the scope of the Act if written in Program-eligible lines of insurance (see 31 CFR 50.4(w)(1)), there is some cyber insurance that is written and reported as professional liability insurance, which is a line of business that, by statute, is not subject to the Program. Evaluating how this Program exclusion affects the Program's scope of coverage requires Treasury to understand how much cyber insurance is written outside of Program-eligible lines, which could inform Treasury and, by extension, Congress regarding the potential need to consider changes to Program regulations or the Act itself. Congress already indicated the need for evaluation of the Act's scope with regard to cyber insurance when it instructed the Government Accountability Office (GAO) in Section 502(d) of the 2019 TRIP Reauthorization Act (Pub. L. 116-94, 133 Stat. 2534) to conduct a study that addresses, among other things, "recommendations on how Congress could amend the Terrorism Risk Insurance Act of 2002 (15 U.S.C. 6701 note) to meet the next generation of cyber threats." Treasury believes that the newly-proposed data elements are within the scope of the Secretary's authority to obtain information relating to the effectiveness of the Program, which encompasses the collection and analysis of data regarding this emerging threat.
Footnotes:
17 ?Lloyds's Comments at 1; NAMIC Comments at 2; see also APCIA Comments at 1 (noting that "Treasury is now proposing to collect non-terrorism cyber insurance data for the first time").
[top] Each of the four commenters indicated that not all insurers during the insurance placement process in calendar year 2021 were electronically gathering all of the newly-proposed data elements. These commenters also stated that they therefore would be unable to report such information by May 2022, at least not without a costly manual review
Footnotes:
18 ?Lloyd's Comments at 1-2; NAMIC Comments at 2, 4-6; APCIA Comments at 1-2.
19 ?Chaucer Comments at 1.
Treasury is mindful of the expense and burden? 20 posed for participating insurers by the Act's data collection requirements and has in the past taken steps to construct the data calls for the Program in such a way as to minimize that burden, to the greatest extent practicable consistent with the goals of this statutorily-mandated data collection. At the same time, Treasury is obligated under the Act to continue to assess the effectiveness of the Program, including whether there is available and affordable insurance in the market that could respond to an act of terrorism, which includes cyber insurance. Treasury will seek to balance the potential reporting difficulties identified by commenters against its mandate to collect information regarding cyber insurance by modifying its proposed instructions for purposes of the 2022 Program data call to confirm that insurers that are unable in good faith to report the newly-proposed data elements, because such information is currently unavailable, will not be penalized for failing to do so. All insurers that provide cyber insurance should continue to respond to the general premium and limits questions that have been posed in the prior collections and which have not changed. To the extent an insurer is able to report the newly-proposed data elements, it should do so in the FY22 data call. A reporting insurer that has further questions as to how to provide the proposed information for the 2022 Data Call may also contact Treasury, so that the two parties can discuss how to most effectively achieve this balance. Treasury has modified the proposed instructions for the data call to reflect this approach.
Footnotes:
20 ?Treasury addressed in its November 2021 notice proposing changes to the data call the estimated incremental burden associated with the proposed changes. See Terrorism Risk Insurance Program 2022 Data Call, 86 FR 64600, 64603 (November 18, 2021). Treasury received one comment from a trade association indicting that "some" of its members advised that the Treasury estimate was "significantly understated," with only one of the members providing a specific estimate that up to 30 hours of additional effort (instead of the 10 estimated by Treasury) would be required to respond to the new cyber worksheet requirements. See APCIA Comments at 2. No other comments were received regarding the level of burden required. Although Treasury will not modify its burden estimate for the entire industry based upon this single comment, which may not be representative of the experience of responding insurers overall, it will monitor the issue during the 2022 Data Call and revise its estimates as necessary going forward based upon that experience. In addition, since some insurers (based upon the comments) may not be able to report such information this year, Treasury's estimates as set originally calculated in November 2021 may overstate the burden in this first year of the expanded collection.
Two commenters questioned the collection of certain data elements, namely, premium and number of policies information by policyholder size, measured by number of employees (in three specified categories) (Cyber Worksheet, Lines 12-17). 21 The commenters questioned the availability of the information of policyholder size by number of employees (at least outside workers' compensation insurance lines, not relevant here), and whether it is an appropriate metric for evaluating the risk exposure presented to insurers under cyber insurance policies. While one of the commenters identified other potential metrics that might be used instead, such as premium volume or revenue, it ultimately concludes that none of these would be an appropriate metric to assess cyber risk either, at least on a stand-alone basis, and that as a result Treasury should not collect any information. 22 However, Treasury is seeking the information by policyholder size classification not only to assess the risk exposure presented to insurers by these policies, but also to evaluate whether (or to what extent) certain categories of policyholders are taking up cyber risk insurance, and in what amounts, in order to evaluate the effectiveness of the Program. Number of employees is an accepted proxy for defining the size of entities for insurance purposes. 23 The employee number categories utilized by Treasury are also consistent with the size categories used by the NAIC in its recent data calls for business interruption losses associated with COVID-19, in order to evaluate the scope of businesses that had actually availed themselves of business interruption coverage.
Footnotes:
21 ?APCIA Comments at 2; NAMIC Comments at 4.
22 ?APCIA Comments at 2.
23 ? See GAO, Cyber Insurance: Insurers and Policyholders Face Challenges in an Evolving Market (GAO-21-477) (May 2021) at 6 n.12, https://www.gao.gov/assets/gao-21-477.pdf.
Finally, certain commenters addressed various interpretive issues concerning the questions posed by Treasury in the draft template. The newly-proposed data elements use the terminology typically used in state and NAIC data calls, such that reporting insurers should be familiar with the information Treasury is requesting. While Treasury believes that the language of the revised templates and associated instructions regarding these issues are clear, it will be available, as in past years, to respond to any interpretive questions as to specific data elements for specific insurers as the data call proceeds.
As noted above, Treasury engaged with state insurance regulators and the NAIC with regard to these issues in order to avoid duplication of effort. State regulators also intend to rely upon these proposed reporting templates, including for the newly-proposed data elements that they have not previously collected, for the majority of the information that they collect from participating insurers.
B. Reporting of Workers' Compensation Information
[top] The TRIP Data Calls request certain information relating to workers' compensation insurance. For the 2022 TRIP Data Call, Treasury will again work with the National Council on Compensation Insurance (NCCI), the California Workers' Compensation Insurance Rating Bureau (California WCIRB), and the New York Compensation Insurance Rating Board (NYCIRB) to provide workers' compensation data relating to premium and payroll information on behalf of participating insurers, either directly or through other workers' compensation rating bureaus. The data aggregator used by Treasury will provide such insurers with reporting templates that do not require them to report this workers' compensation data. Reporting insurers that write only workers' compensation policies are still required to register for the 2022 TRIP Data Call and provide
C. Reporting Templates
Except for the changes discussed above relating to Captive Insurers in particular and for cyber insurance in general, there are no other material changes to the reporting templates used in the 2021 TRIP Data Call. 24 Each category of insurer is required to complete the same worksheets that they completed in the 2021 TRIP Data Call. The same reporting exceptions apply this year as applied in the 2021 TRIP Data Call, as specified further below in the discussions for each category of insurer.
Footnotes:
24 ?There is a new modeled loss scenario identified in the Reinsurance Worksheet that will be used in connection with the modeled loss questions (which have not changed from those posed in prior data collections). The modeled loss questions must be completed by non-small insurers, alien surplus lines insurers, and captive insurers. As in prior years, small insurers complete a separate Reinsurance Worksheet that does not contain modeled loss questions.
Various worksheets used in the 2022 TRIP Data Call seek certain information relating to workers' compensation insurance. NCCI, the California WCIRB, and the NYCIRB will complete the workers' compensation elements of these worksheets on behalf of reporting insurers. Further information concerning the reporting templates for each category of insurer, and the individual worksheets contained within each, can be found in the instructions for the reporting templates for each category of insurer. The individual reporting templates and worksheets will also be addressed in the training webinars discussed below.
For the 2022 TRIP Data Call, an insurer will qualify as a Small Insurer if it had both 2020 policyholder surplus of less than $1 billion and 2020 direct earned premiums in TRIP-eligible lines of insurance of less than $1 billion. 25 Of this group, Small Insurers with TRIP-eligible direct earned premiums of less than $10 million in 2021 will be exempt from the 2022 TRIP Data Call. 26 Neither Captive Insurers nor Alien Surplus Lines Insurers are eligible for this reporting exemption. Insurers defined as Small Insurers for the 2022 TRIP Data Call will report the same information to Treasury and to state insurance regulators (in each case on a group basis), except as state insurance regulators may separately direct for purposes of the state data call.
Footnotes:
25 ?Small Insurers are defined in 31 CFR 50.4(z) as insurers (or an affiliated group of insurers) whose policyholder surplus for the immediately preceding year is less than five times the Program Trigger for the current year, and whose direct earned premiums in TRIP-eligible lines for the preceding year are also less than five times the Program Trigger for the current year. Accordingly, for the 2022 TRIP Data Call (covering the 2021 calendar year), an insurer qualifies as a Small Insurer if its 2020 policyholder surplus and 2020 direct earned premiums are less than five times the 2021 Program Trigger of $200 million.
26 ?Individual insurers with less than $10 million in direct earned premiums in TRIP-eligible lines that are part of a larger group must still report as part of the group as a whole if the group's direct earned premiums in these lines are over $10 million.
The Non-Small Insurer template will be completed by insurance groups (or individual insurers not affiliated with a group) that are not subject to reporting on the Captive Insurer or Alien Surplus Lines Insurer reporting templates, and had either a 2020 policyholder surplus of greater than $1 billion or 2020 direct earned premiums in TRIP-eligible lines of insurance equal to or greater than $1 billion. Insurers defined as Non-Small Insurers for the 2022 TRIP Data Call will report the same information to Treasury and to state insurance regulators (in each case on a group basis), except as state insurance regulators may separately direct for purposes of the state data call.
Captive Insurers are defined in 31 CFR 50.4(g) as insurers licensed under the captive insurance laws or regulations of any state. Captive Insurers that wrote policies in TRIP-eligible lines of insurance during the reporting period (January 1, 2021 to December 31, 2021) are required to register and submit data to Treasury, unless they did not provide their insureds with any terrorism risk insurance (either on standalone basis, or embedded in policies providing coverage for risks other than terrorism) subject to the Program.
Alien Surplus Lines Insurers are defined in 31 CFR 50.4(o)(1)(i)(B) as insurers not licensed or admitted to engage in the business of providing primary or excess insurance in any state, but that are eligible surplus line insurers listed on the NAIC Quarterly Listing of Alien Insurers. Alien Surplus Lines Insurers that are part of a larger group classified as a Non-Small Insurer or a Small Insurer should report to Treasury as part of the group, using the appropriate template. Therefore, the Alien Surplus Lines Insurer template should be used only by an Alien Surplus Lines Insurer that is not part of a larger group subject to the 2022 TRIP Data Call.
D. Supplemental Reference Documents
Treasury will continue to make available on the TRIP data collection website? 27 documents providing a complete ZIP code listing for areas subject to reporting on the Geographic Exposures (Nationwide) Worksheet, as well as several hypothetical policy reporting scenarios.
Footnotes:
27 ?See https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-program/annual-data-collection.
E. Training Webinars
As in prior years, Treasury will hold four separate training sessions corresponding to the four reporting templates that will be used by insurers (Small Insurers, Non-Small Insurers, Captive Insurers, and Alien Surplus Lines Insurers). The webinars will be held on April 20 and April 21, 2022 to assist reporting insurers in responding to the 2022 TRIP Data Call, with each webinar focusing on a specific reporting template. Specific times and details concerning participation in the webinars will be made available on the TRIP data collection website, and recordings of each webinar will be made available on the website following each training session.
III. 2022 TRIP Data Call
Treasury, through an insurance statistical aggregator, will accept group or insurer registration forms through https://tripsection111data.com. Registration is mandatory for all insurers participating in the 2022 TRIP Data Call. Upon registration, the aggregator will transmit individualized data collection forms (in Excel format) to the reporting group or insurer via a secure file transfer portal. The reporting group or insurer may transmit a complete data submission via the same portal using either the provided Excel forms or a .csv file. 28
Footnotes:
28 ?Specifications for submission of data using a .csv file will be provided to the insurer by the aggregator.
Copies of the instructions and data collection forms are available on Treasury's website in read-only format. Reporting insurers will obtain the fillable reporting forms directly from the data aggregator only after registering for the data collection process.
[top] Reporting insurers are required to register and submit complete data to Treasury no later than May 16, 2022. 29 Because of the statutory reporting deadline for Treasury's 2022
Footnotes:
29 ?Under 31 CFR 50.51(a), data is to be provided to Treasury no later than May 15 in each calendar year; as May 15 falls on a Sunday in 2022, the due date is May 16, 2022.
All data submitted to the aggregator is subject to the confidentiality and data protection provisions of TRIA and the Program Rules, as well as to Section 552 of title 5, United States Code, including any exceptions thereunder. In accordance with the Paperwork Reduction Act (44 U.S.C. 3501-3521), the information collected through the web portal has been approved by OMB under Control Number 1505-0257. An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a valid OMB control number.
Steven E. Seitz,
Director, Federal Insurance Office.
[FR Doc. 2022-07861 Filed 4-12-22; 8:45 am]
BILLING CODE 4810-AK-P