(1) The insurer or insurance group must be as descriptive as possible in completing the CGAD, with inclusion of attachments or example documents that are used in the governance process, since these may provide a means to demonstrate the strengths of their governance framework and practices.
(2) The CGAD must describe the insurer's or insurance group's corporate governance framework and structure including consideration of the following:
(a) The board and various committees thereof ultimately responsible for overseeing the insurer or insurance group and the level(s) at which that oversight occurs (e.g., ultimate control level, intermediate holding company, legal entity, etc.). The insurer or insurance group must describe and discuss the rationale for the current board size and structure; and
(b) The duties of the board and each of its significant committees and how they are governed (e.g., bylaws, charters, informal mandates, etc.), as well as how the board's leadership is structured, including a discussion of the roles of chief executive officer (CEO) and chairman of the board within the organization.
(3) The insurer or insurance group must describe the policies and practices of the most senior governing entity and significant committees thereof, including a discussion of the following factors:
(a) How the qualifications, expertise and experience of each board member meet the needs of the insurer or insurance group;
(b) How an appropriate amount of independence is maintained on the board and its significant committees;
(c) The number of meetings held by the board and its significant committees over the past year as well as information on director attendance;
(d) How the insurer or insurance group identifies, nominates and elects members to the board and its committees. The discussion must include, for example:
(i) Whether a nomination committee is in place to identify and select individuals for consideration;
(ii) Whether term limits are placed on directors;
(iii) How the election and reelection process function; and
(iv) Whether a board diversity policy is in place and if so, how it functions.
(e) The processes in place for the board to evaluate its performance and the performance of its committees, as well as any recent measures taken to improve performance (including any board or committee training programs that have been put into place).
(4) The insurer or insurance group must describe the policies and practices for directing senior management, including a description of the following factors:
(a) Any processes or practices (i.e., suitability standards) to determine whether officers and key persons in control functions have the appropriate background, experience and integrity to fulfill their respective roles, including:
(i) Identification of the specific positions for which suitability standards have been developed and a description of the standards employed; and
(ii) Any changes in an officer's or key person's suitability as outlined by the insurer's or insurance group's standards and procedures to monitor and evaluate such changes.
(b) The insurer's or insurance group's code of business conduct and ethics, the discussion of which considers, for example:
(i) Compliance with laws, rules, and regulations; and
(ii) Proactive reporting of any illegal or unethical behavior.
(c) The insurer's or insurance group's processes for performance evaluation, compensation and corrective action to ensure effective senior management throughout the organization, including a description of the general objectives of significant compensation programs and what the programs are designed to reward. The description must include sufficient detail to allow the commissioner to understand how the organization ensures that compensation programs do not either encourage or reward, or both, excessive risk taking. Elements to be discussed may include, for example:
(i) The board's role in overseeing management compensation programs and practices;
(ii) The various elements of compensation awarded in the insurer's or insurance group's compensation programs and how the insurer or insurance group determines and calculates the amount of each element of compensation paid;
(iii) How compensation programs are related to both company and individual performance over time;
(iv) Whether compensation programs include risk adjustments and how those adjustments are incorporated into the programs for employees at different levels;
(v) Any clawback provisions built into the programs to recover awards or payments if the performance measures upon which they are based are restated or otherwise adjusted; and
(vi) Any other factors relevant in understanding how the insurer or insurance group monitors its compensation policies to determine its risk management objectives are met by incentivizing its employees.
(d) The insurer's or insurance group's plans for CEO and senior management succession.
(5) The insurer or insurance group must describe the processes by which the board, its committees and senior management ensure an appropriate amount of oversight to the critical risk areas impacting the insurer's business activities, including discussion of:
(a) How oversight and management responsibilities are delegated between the board, its committees and senior management;
(b) How the board is kept informed of the insurer's strategic plans, the associated risks, and steps senior management is taking to monitor and manage those risks;
(c) How reporting responsibilities are organized for each critical area. The description must allow the commissioner to understand the frequency at which information on each critical risk area is reported to and reviewed by senior management and the board. This description may include, for example, the follow critical risk areas of the insurer:
(i) Risk management processes (an ORSA summary report filer may refer to its ORSA summary report pursuant to the Risk Management and Own Risk and Solvency Assessment Act, chapter 48.05A
(ii) Actuarial function;
(iii) Investment decision-making processes;
(iv) Reinsurance decision-making processes;
(v) Business strategy/finance decision-making processes;
(vi) Compliance function;
(vii) Financial reporting/internal auditing; and
(viii) Market conduct decision-making processes.