SB 483 - This act amends Missouri's annual financial reporting laws to correspond with the NAIC Annual Financial Reporting Model Regulation. In the act's main provisions, the legislative proposal requires insurers to be governed by an audit committee with respect to annual audit reports; prohibits certain CPA non-audit services; requires CPA audit partner rotation every 5 years; requires a "cooling off" period before CPA auditors can be hired by insurance clients; requires audit committee preapproval of all audit and nonaudit services provided by CPA firms; and institutes certain internal control requirements over financial reporting to ensure the reliability of financial statements that are reported to the Department of Insurance.
The act exempts insurers having direct premiums written in this state less than $1,000,00 in any calendar year and less than 1,000 policyholders of direct written policies nationwide at the end of the calendar year from the purview of the act. The exemption does not apply if the director makes a finding that compliance with the act is necessary to carry out statutory responsibilities. The exemption also does not apply to insurers having assumed premiums pursuant to contracts of reinsurance of $1,000,000 or more (Section 375.1028).
Foreign or alien insurers that are required to file management's reports of internal control over financial reporting in another state are exempt from filing such reports in Missouri if the other state has similar reporting requirements as Missouri and such reports are filed with their departments of insurance.
The act requires requests for extensions for filing an annual audit report to be submitted in writing not less than 10 days prior to its filing due date. The current law allows requests to be made within 20 days of the due date. The act also provides for an extension for filing a management's report of internal control over financial reporting.
Every insurer required to file an audited financial report shall also be required to have an audit committee that is directly responsible for the appointment, oversight and compensation of any accountant the auditor (Section 375.1030).
Under the act, the director shall not recognize any person or firm as a qualified independent certified public accountant if that person or firm has either directly or indirectly entered into an indemnification with respect to the audit of the insurer. The lead or coordinating audit partner having primary responsibility over an audit may not act in that capacity for more than 5 consecutive years and may not rejoin in that capacity for a period more than five years. Under current law, the requirement is 7 and 2 years respectively. Under the act, a qualified independent certified public accountant may enter into an agreement with an insurer to have disputes relating to an audit resolved by mediation or arbitration.
Under the act, the director shall not accept an annual audited financial report, prepared in whole or in part by an accountant who functions in the role of management, audits his or her own work, or serves in an advocacy role for the insurer. The act also prohibits the director from recognizing as qualified independent certified public accountants or accepting annual audited financial reports prepared by accountants who provide to insurers, contemporaneously with the audits, certain non-audit services, such as bookkeeping services, appraisal or valuation services, human resources services, internal audit outsourcing services, investment services, legal services unrelated to the audit, or other impermissible services determined by the director. Insurers with less than $100,000,000 in direct and assumed premiums may request a waiver from this requirement based on financial or organizational hardship.
A qualified independent certified public accountant who performs the audit may engage in other nonaudit services, including tax services, that do not conflict with the previously described services, only if the activity is approved in advance by the audit committee, in accordance with the act.
All auditing and nonaudit services provided to an insurer by the qualified independent certified public accountant must be preapproved by the audit committee. The preapproval requirement is waived for nonaudit services if the insurer is a SOX compliant entity or meets other requirements outlined in the act.
Partners and senior managers of the audit engagement may not serve as a member of the board of directors, president, chief executive officer, controller, chief financial officer or other similar position of the insurer if employed by the independent public accounting firm that audited the insurer during the one-year period which preceded the most current statutory opinion (Section 375.1037).
The act repeals the requirement that an accountant provide an insurer evidence that the accountant has liability insurance in the lesser amount of $1,000,000 or 10% of the insurer's admitted assets (Section 375.1040).
The act requires insurers to furnish the director with written communication as to any unremediated material weaknesses in its internal control over financial reporting noted during the audit. The act outlines the procedure the accountant must follow in preparing the written communication. The insurer must also provide with its annual audited financial report a description of the remedial actions taken or proposed to correct unremediated material weaknesses (section 375.1047).
The act requires audit committees to be directly responsible for the appointment, compensation, and oversight of the work of any accountant for the purpose of preparing or issuing the audited financial report required by the act. The act sets forth membership requirements for the audit committee and establishes certain conflict of interest and independence requirements so that the member of the audit committee may be considered independent. Under the act, based on various premium thresholds, a certain percentage of the audit committee members must be independent from the insurer. However, if domiciliary law requires board participation by otherwise non-independent members, such law shall prevail and such members may participate in the audit committee (subsection 8 of Section 375.1053). Under the act, insurers with less than $500 million in direct and assumed premiums may apply for a waiver from the audit committee requirements based on hardship (subsection 9 of Section 375.1053).
Under the terms of the act, no director or officer of an insurer shall make false or misleading statements to an accountant in connection with any audit, review or communication required under the act. In addition, no officer or director of an insurer, or any other person acting under the direction thereof, shall take any action to coerce, manipulate, mislead, or fraudulently influence any accountant engaged in the performance of an audit if that person knew or should have known that the action, if successful, could result in rendering the insurer's financial statements materially misleading (Section 375.1054).
Under the act, the management of insurance companies with $500,000,000 or more in direct or assumed annual premiums must file a report with the Department of Insurance regarding its assessment of internal control over financial reporting (known as a management's report of internal control over financial reporting). The report shall include a statement by management officials whether these controls are effective to provide reasonable assurance regarding the reliability of the statutory financial statements and disclosure of any unremediated material weaknesses in internal control over financial reporting. The act establishes what the management's report of internal control over financial reporting must include (Section 375.1055).