Playing Fair

Keeping Canada’s insurance industry in line and on good behaviour is a big job. Every now and again, a regulator must step in and, depending on the severity of the misstep or breach of market conduct, levy a penalty. In some jurisdictions, regulators are well equipped to deal with the spectrum of misconduct that might occur. But in others, specifically Ontario, experts from all corners of the industry insist the Financial Services Commission of Ontario (FSCO) is operating within an archaic framework that has virtually no middle ground available for a response.

If an industry member (either an individual or company) is found to have breached Ontario’s Insurance Act, FSCO is left with either an “administrative response” – which typically takes the form of a cease-and-desist letter, in conjunction with an undertaking – or it can refer the matter to a quasi-criminal court proceeding. Experts suggest there’s not much “quasi-” about the latter option. If the matter is referred to the criminal courts, punishment is severe, reputations are destroyed and the process becomes lengthy and expensive.

On the other hand, at the opposite end of the spectrum, cease-and-desist orders are seen as mere slaps on the wrist, with little or no deterrent power.

What’s needed, experts maintain, is a middle ground for regulators to exercise their authority. The regulator should be able to pursue swift penalties weighted to the severity of the breach . And these penalties should be made public. Ideally, a regulatory regime should allow a distinction between intended acts and unintended breaches, and the penalties should serve as a deterrent. Overall, such a middle ground – as exemplified by a system of administrative monetary penalties (AMPs) – would help foster a more transparent environment, with greater accountability between regulators and industry members.

Currently, the insurance sectors in British Columbia, Saskatchewan, Alberta and the federal jurisdiction under the Office of the Superintendent of Financial Institutions (OSFI) have provisions for AMPs. No system is perfect, but experts point to OSFI’s AMP regime as a shining example of where to start in the design of such a scheme. That system has clearly laid out, in tiers of severity, which offence results in which penalty and why, experts say.

Put Some Teeth into It

As noted above, British Columbia, Saskatchewan, Alberta and the federal jurisdiction currently have AMPs in their respective legislation. But a cross-section of industry groups is pushing for a similar tool to be added to other jurisdictions’ regulatory toolboxes – particularly in Ontario.

Simply stated, the AMP system is a civil penalty regime that secures compliance with legislation through the application of monetary penalties. Monetary penalties may be imposed based on the type, frequency and severity of the infraction. Most penalties are graduated and will take the compliance history of the client into consideration. The penalties do not affect companies compliant with legislation.

In 2008, while providing input on Ontario’s auto insurance review, Insurance Bureau of Canada (IBC) recommended the adoption of AMPs to address industry regulatory breaches in the absence of criminal intent.

About two years later, when the Ontario Ministry of Finance released its budget in March 2011, the province included a budget provision that suggested incorporating AMPs into the province’s Insurance Act. Scott Blodgett, a spokesman for the Ministry of Finance, said in an email to Canadian Underwriter that the The Mortgage Brokerages, Lenders and Administrators Act and the Credit Unions and Caisses Populaires Act each provide for the superintendent of financial services to impose AMPs, so the recommendation in the budget would bring the Insurance Act in line with existing legislation.

FSCO followed suit. In its June 2011 Statement of Priorities and Strategic Directions, FSCO identified the contemplation of the implementation of AMPs as a priority.

Since that time, the writ has been dropped in Ontario for an Oct. 6 election. As of the time of this writing, everything in the provincial legislative pipeline is basically stopped until the election is complete and a new government formed. However, that hasn’t prevented industry stakeholders from pushing for the adoption of AMPs.

The Insurance Brokers Association of Ontario (IBAO) sent a submission to FSCO in September 2011 calling for the immediate implementation of AMPs. In a letter to FSCO superintendent and CEO Philip Howell, IBAO’s CEO Randy Carroll said: “IBAO strongly supports the development of an AMP system in Ontario in the immediate future in order to ensure the remedial standards applied to the industry are fair, appropriate and consistent with market standards throughout North America and other progressive jurisdictions.”

Dan Danyluk, CEO of the Insurance Brokers Association of Canada (IBAC), echoed that sentiment. “AMPs give regulators a gradient of response. I think that’s really important. Across the country we have fine regulatory authorities, and this seems to be a reasonable tool for them to have so that they have an option for a reasonable escalation in terms of penalties for insurers who are in contravention of market principles.”

Brokers aren’t the only industry players voicing support. Insurance company CEOs have expressed support for an AMP system as well. George Cooke, president and CEO of The Dominion, says he would be happy to see an overhaul of the regulatory regime that would give regulators more flexibility to respond to breaches of market conduct.

“I am very much a fan of having a complete regulatory mechanism that hangs together,” Cooke says. “And these fines and penalties have to be consistent with the mandate and the authority that these regulators have been given by government. The regulators have the mandated authority. Now someone has to give them the tools to do their jobs. Otherwise it’s like calling a plumber to fix something and then telling him he can’t use a wrench. It doesn’t make any sense.”

Vivian Bercovici, a lawyer at Heenan Blaikie, says AMPs could do more than simply hold industry stakeholders accountable. If implemented properly, AMPs would cause the regulator to be held up to a higher degree of accountability and transparency.

“I think AMPs, done properly and well, bring a measure of discipline, accountability and transparency that you won’t otherwise have,” she says.

Currently very little, if any, information is made public about the different enforcement remedies resorted to by regulators in non-AMP jurisdictions. A well-designed and implemented AMP system would include disclosure requirements to ensure public knowledge and confidence in the regulatory regime. By making it clear how AMPs work, and by clarifying publicly the connection between breaches and penalties, it is hoped industry stakeholders will no longer be left guessing about what factors were taken into consideration or why a matter was referred to the criminal court. Moreover, companies or individuals experiencing glitches in their operations might now be more willing to come forward and self-disclose, since the fear of being criminally prosecuted has been removed, Bercovici says.

Ernie Gaschler, executive director of the Insurance Brokers Association of Saskatchewan, agrees. “Coupled with the monetary penalty itself, I think the publication of what happened and why this is considered appropriate is important to the brokers, insurers, and also to the public. I think the two go hand-in-glove, and I think that’s what lends strength to the monetary penalty if the regulator deems it to be the appropriate response,” he says.

IBAO’s submission notes that FSCO must clarify the manner in which a breach is deemed “material” and when it justifies a quasi-criminal prosecution. “Any objective or subjective criteria FSCO relies upon in making such an assessment are not articulated in the
act and the industry has been left to decipher these salient factors without adequate regulatory guidance.”

Two Extremes

Currently in Ontario, the only way for the province’s insurance regulator to levy monetary fines for statutory breaches is through the quasi-criminal courts. “Current remedies for statutory breaches range from the ‘slap on the wrist’ of a cease-and-desist order to the laying of a criminal charge – there is no in-between,” says Barb Sulzenko-Laurie, IBC’s vice-president of policy and senior advisor. “AMPs provide regulators with the ability to respond quickly and fairly in the event a breach arises and merits some type of penalty to serve as an individual or group deterrent. When designed and working well, AMPs enable the regulator to issue a sanction with teeth, but not to engage approaches that are exceedingly punitive given the nature of the infraction.”

For legal experts, there’s nothing “quasi-” about pursuing a matter in the quasi-criminal stream under the Provincial Offences Act (POA). “The company, and in some cases an individual officer, is charged by way of an ‘information,’ the laying of a formal criminal charge,” the IBAO submission says. “The process then followed is criminal. The case is heard by an adjudicator expert in criminal matters. The standard of proof in such a hearing is criminal: beyond a reasonable doubt. And, if the party is found guilty, the conviction is criminal.”

Jim Hall, Saskatchewan’s superintendent of insurance, says that while referring the matter to court proceedings is an extreme response, he does not believe it will result in criminal charges as suggested by IBAO. “I can see the confusion and stigma when you think someone has been charged with a criminal offence, but it isn’t a criminal offence under the Insurance Act. You do appear in court, and there is a fine or penalty that’s levied, but it’s not criminal.”

For Bercovici, the bottom line is this: “If you have a company, particularly foreign companies, and they are charged and convicted, and then that conviction is considered in their home jurisdiction, it may be for a relatively benign statutory breach that would be handled civilly anywhere else in the world. But because of the way we have structured it, it becomes a quasi-criminal conviction and it can be used as evidence of moral turpitude or other highly damaging conduct.

“These are really serious issues. Plus, I don’t think it is helpful for anyone to be in the criminal justice system. It’s so adversarial. We have a regulatory model and we want to ensure good will and collaboration. We want the parties to be able to talk and self-disclose.”

Discourse and discussion between the regulator and the parties is good, and they should be talking. “You want there to be a positive opportunity to work things out amicably, make early self-disclosure and allow the regulated entity the opportunity to work things out with the regulator and not have to worry about being charged criminally,” Bercovici says. “Charging people criminally works in a really hierarchal, rules-based environment, but not in a principles-based environment. It’s such a yesterday’s model and it doesn’t encourage the type of system we want to see.”

Hall adds that in his jurisdiction, cease-and-desist orders have been effective, so they have not had to resort to levying AMPs. A key part of that success, he says, is sitting down with the offending party and laying out the range of penalties available to the regulator and working out a solution with the company to correct its behaviour.

In addition to fostering an environment of mistrust and lack of transparency, the quasi-criminal process is long and drawn-out. This may also act as a deterrent for regulators to implement it, since the stream is intended to deal with the more serious and egregious breaches.

Cooke points to an example of misconduct that ended up in the court system. By the time the regulatory system dealt with the matter, the harm to the consumer had been irrevocable, he said.

“Many years ago, one of my competitors purchased a brokerage and proceeded to divert the business away from other markets – Dominion being one of them – to their own company. But they used my rates, not their own. That’s absolutely taboo. The regulatory mechanism took many months before anything happened. So they continued to convert all of the business. At the end of the day, they ended up in a quasi-criminal exercise. The hearing wasn’t made public, though it should have been, and the company pleaded guilty and was fined $80,000.

“But the business had already been moved. There was no remedy to turn back the clock, put things back where they ought to be. There was no remedy for consumers who ended up in a [different] place for reasons they knew nothing about and then, going forward, [felt] the impact of a rate adjustment when the proper rates were imposed.”

In this example, Cooke said, the consumer would have benefited if the system wasn’t as cumbersome; if the regulator could have stepped in quickly and asserted its authority; and if it could have issued a significant penalty without the long, drawn-out process.

Peer Review

Existing AMP structures in Canada vary from jurisdiction to jurisdiction. In Alberta, the maximum fine amount of an AMP is $10,000. British Columbia’s Financial Institutions Commission (FICOM) can levy fines of up to $50,000 for a corporation and up to $25,000 for an individual. These fines increase to a maximum of $200,000 and $100,000 when the issue is taken to the criminal courts. Saskatchewan has maximum AMP fines of $100,000. The regulator has an option to order an additional $100,000 to be spent by the insurer on public education initiatives. Quebec has granted its regulator the authority to fine up to $1 million under its AMP scheme.

Most jurisdictions report they rarely feel the need to invoke their AMP scheme. Quebec’s Autorité des marches financiers (AMF) reported in 2010 that its monetary penalties represented more than 50% of penalties imposed in Canada. A majority of these penalties were for illegal distribution of securities, but they still have a deterrent value for the financial sector at large. “In many of the actions launched in the past year, we sought penalties in excess of the minimum amounts prescribed by law for deterrent and exemplary purposes,” said Jean St-Gelais, AMF’s president and CEO, in a statement.

So far in 2011, Alberta’s Superintend-ent of Insurance has levied two AMPs under its Insurance Act. One was a $25,000 fine against the Alberta Motor Association Insurance Company for entering into a prohibited related party transaction. The other was a $130,000 penalty against RSA Canada for refusing to issue, renew or cancel private passenger automobile insurance polices. To date, these represent half of the total number of AMPs levied in Alberta in 2010. Looking back to figures since 2005, the number of fines has dwindled over the years, with activity peaking in 2006-07, when 17 AMPs were issued in Alberta.

FICOM’s Web site contains one record of an AMP being administered in 2006 to a Cost Rican insurance company that failed to pay a claim. The insurer was assessed a fine of $50,000 and each of its principals $25,000 each.

Chuck Byrne, CEO of the Insurance Brokers Association of British Columbia (IBABC), says that even though AMPs are not often invoked, brokers in B.C. still see immense value in having them. “IBABC has always been a proponent of the need for AMPs, particularly for provincial regulation,” Byrne says. “The history is that, going back 20 years, our superintendents of insurance certainly needed to see AMPs brought into being. Since they have been introduced here, I don’t know that they have been particularly aggressively exercised, which is a good thing. I can definitely tell you that we are supportive of it and are proud that our province has the ability to get to matters quickly with proper fines and the ability to dec
ide things without going to the courts.”

For Danyluk, the mere presence of AMPs is enough to condition behaviour. “If livestock is kept behind a fence that gives them an electrical charge whenever they step out of the boundaries, eventually the animal gets used to the fact that if they go outside of the boundaries, they get charged,” he says. “Even when the fence isn’t on, they don’t go outside the boundaries. Looking across the country, we’re not talking about an industry that preys on consumers or regulators who are struggling to contain wild beasts. I think it’s a responsible set of tools so regulators have more in their arsenal. It makes great sense to me.”

Drawing a Bright Line

In jurisdictions both with and without AMP schemes, one improvement would be the inclusion of a “bright lines” test that clearly establishes the criteria used to distinguish between intended breaches and unintended breaches, experts suggest. In other words, an AMP system needs to allow a regulator to adjust the severity of the punishment to reflect intent of the breach and, in more severe cases, identify the intended act as a criminal offence.

“You really want to build into the system the bright lines, making it very clear that when you’re on one side of the line, it’s criminal,” says Bercovici.

Some of the Canadian jurisdictions have come close to including a bright lines test, but no one has explicitly laid one out in insurance statutes, Bercovici says. “One of the main distinctions between criminal and civil liability in our justice system is intent,” she says. “To be found civilly liable, we look at the circumstances and we make a judgement based on the balance of probabilities. If we charge them criminally, then the standard of proof is ‘beyond a reasonable doubt.'”

[A caveat: strict and absolute liability offences can end with criminal convictions, regardless of intent to commit the act.]

“If something terrible happened in your company, and it happened because of a computer glitch, the outcome could be terrible,” Bercovici says, giving an example of the difference between breaches. “But you could be a really good CEO, running a really great shop, and sometimes these things happen.

“If you have a situation in which someone deliberately tampered with your computer, you get the same result: people were charged the wrong rate.

“But [in the deliberate tampering example] there is intent to cheat the system and in the other [the computer glitch], there is not. I think that the circumstances of those two breaches should be treated very differently and should be addressed with different enforcement remedies.”

Cooke agrees. He outlines a scenario in which the programming logic of a multinational company’s computer system is done in a different jurisdiction. A mistake is made and the rates are incorrect. “That kind of offence is a much less serious offence than if someone deliberately charges rates that are unapproved,” he says. “This kind of [AMP] scheme would allow the superintendent to have the discretion to differentiate between those two offences. At the current time, both are described as failure to charge approved rate.”

Regulators are reluctant to go down an extreme, quasi-criminal path to penalize an offence that is not extreme, Cooke says. “Or alternatively, what happens is something that’s extreme gets treated as though it’s not extreme because they still don’t go down the path,” he says. “If you’re going to give regulators the responsibility for doing these things, then you have to give them some authority to impose their regulatory will.”

Cooke adds that if someone is “frequently stupid,” that shouldn’t necessarily go on unpunished. “But your punishment system should be flexible enough that the superintendent should have some room and some discretion to be able to adjudicate those things, in my view,” he says.

IBAO’s submission to FSCO describes a recent case in which Alberta and Ontario regulators addressed the same breach by the same company. Alberta directed the case through its AMP system. “The matter was handled efficiently and fairly, allowing the parties to incorporate lessons learned and carry on business with minimal interruption,” the IBAO’s submission says.

In Ontario, although the regulator conceded there was no intent on the part of the convicted party, the matter was sent through the criminal courts. “The resulting plea bargains and very hefty fines made against this first-time offender were and continue to be viewed by the industry as having been over-zealously punitive,” IBAO’s submission says.

That’s not to say AMPs should only address non-serious matters, IBAO stresses. It means “only serious matters [that] arose because the breaching party acted intentionally warrant criminal prosecution.”

Not all intended offences should be streamed into the criminal system, the IBAO adds. These may be more appropriately dealt with by means of cease-and-desist orders or AMPs.

“Again, long-established principles of law and justice affirm this approach,” the IBAO notes. “One that recognizes an act committed with intent as being qualitatively and significantly different from one committed as a result of negligence and sloppiness or an oversight…

“In making this determination, the regulator shall adhere to criteria to be articulated with respect to the ‘bright lines’ test; such criteria supporting the notion that only the most serious, egregious and offensive cases [that] undermine and threaten the integrity of the regulatory system, and where such actions were done with intent, should be prosecuted criminally.”

Danyluk illustrates this point. “If you shoot a bird with a shotgun, there’s not going to be much bird left. Similarly, if you shoot an elephant with a pea shooter, it might not notice. This is the key thing, it’s picking the type of shot for the type of target.”

By striking the right balance, by allowing a more measured approach of hitting a party on the bottom line and publicizing it, AMPs can serve as a strong deterrent, Bercovici says. “When you fine someone and you publicize it, it works. It’s reputational harm, it’s financial harm, the offending party is going to clean up its act. They just don’t want that kind of attention. Monetary penalties are usually the best motivators. Fines tend to do the work.”