[Federal Register Volume 86, Number 220 (Thursday, November 18, 2021)]
[Notices]
[Pages 64600-64603]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-25181]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY


Terrorism Risk Insurance Program 2022 Data Call

AGENCY: Departmental Offices, U.S. Department of the Treasury.

ACTION: Request for comments.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the Terrorism Risk Insurance Act of 2002 (TRIA), 
the Federal Insurance Office (FIO) requests public feedback on the 
proposed revisions to the data collection forms for use in the 2022 
data call. Copies of these forms and associated instructions (which 
identify changes to the reporting templates and instructions as 
previously used by Treasury) are available for electronic review on the 
Treasury website at https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-program/annual-data-collection. State 
insurance regulators, through the National Association of Insurance 
Commissioners (NAIC), will also be separately seeking comment from 
stakeholders on the proposal.

DATES: Submit comments on or before January 18, 2022.

ADDRESSES: Submit comments electronically through the Federal 
eRulemaking Portal: http://www.regulations.gov, or by mail to the 
Federal Insurance Office, Attn: Richard Ifft, Room 1410 MT, Department 
of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220. 
Because postal mail may be subject to processing delays, it is 
recommended that comments be submitted electronically. If submitting 
comments by mail, please submit an original version with two copies. 
Comments concerning the proposed data collection forms and collection 
process should be captioned with ``2022 TRIP Data Collection 
Comments.'' Please include your name, group affiliation, address, email 
address, and telephone number(s) in your comment. Where appropriate, a 
comment should include a short Executive Summary (no more than five 
single-spaced pages).

FOR FURTHER INFORMATION CONTACT: Richard Ifft, Senior Insurance 
Regulatory Policy Analyst, Federal Insurance Office, Room 1410 MT, 
Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 
20220, at (202) 622-2922 (not a toll-free number), or Sherry Rowlett, 
Program Analyst, Federal Insurance Office, at (202) 622-1890. Persons 
who have difficulty hearing or speaking may access these numbers via 
TTY by calling the toll-free Federal Relay Service at (800) 877-8339.

SUPPLEMENTARY INFORMATION:

I. Background

    TRIA \1\ created the Terrorism Risk Insurance Program (Program) 
within the U.S. Department of the Treasury (Treasury) to address 
disruptions in the market for terrorism risk insurance, to help ensure 
the continued availability and affordability of commercial property and 
casualty insurance for terrorism risk, and to allow for the private 
markets to stabilize and build insurance capacity to absorb any future 
losses for terrorism events. TRIA requires the Secretary of the 
Treasury (Secretary) to perform periodic analyses of certain matters 
concerning the Program.\2\ In order to assist the Secretary with this 
process, TRIA also requires insurers to submit on an annual basis 
certain insurance data and information regarding their participation in 
the Program.\3\ FIO is authorized to assist the Secretary in the 
administration of the Program.\4\
---------------------------------------------------------------------------

    \1\ Public Law 107-297, 116 Stat. 2322, codified at 15 U.S.C. 
6701, note. Because the provisions of TRIA (as amended) appear in a 
note, instead of particular sections, of the United States Code, the 
provisions of TRIA are identified by the sections of the law.
    \2\ TRIA, Section 104(h)(2) (requiring, inter alia, a report on 
the effectiveness of the Program); Section 108(h) (requiring a 
report on the competitiveness of small insurers in the terrorism 
risk insurance marketplace).
    \3\ TRIA, Section 104(h)(1). The data collection requirements 
were incorporated within TRIA by Section 111 of the Terrorism Risk 
Insurance Program Reauthorization Act of 2015 (2015 Reauthorization 
Act), Public Law 114-1, 129 Stat. 2.
    \4\ 31 U.S.C. 313(c)(1)(D).
---------------------------------------------------------------------------

    Treasury began collecting data from insurers in 2016 on a voluntary 
basis,\5\ and on a mandatory basis in 2017.\6\ Treasury also arranged 
in 2017 for workers' compensation rating bureaus to provide most of the 
workers' compensation insurance data elements.\7\ Beginning in 2018, 
Treasury and state insurance regulators have conducted a consolidated 
data call, in which participating insurers can, for the most part, 
submit the same reporting forms to Treasury and state regulators to 
satisfy the respective objectives of both Treasury and state insurance 
regulators.\8\
---------------------------------------------------------------------------

    \5\ 81 FR 11649 (March 4, 2016).
    \6\ In 2016, a reporting exemption was extended to small 
insurers writing less than $10 million in TRIP-eligible lines 
premium in the reporting year. See 81 FR 95312 (December 27, 2016); 
82 FR 20420 (May 1, 2017). As noted below, that exemption continues.
    \7\ 82 FR 20420 (May 1, 2017).
    \8\ See 83 FR 14718 (April 5, 2018).
---------------------------------------------------------------------------

    Program regulation 31 CFR 50.51(a) requires insurers to submit the 
specified data no later than May 15 of each calendar year. Treasury, 
through an insurance statistical aggregator, uses a web portal through 
which insurers must submit the requested data; state regulators collect 
the same data through a portal operated by New York State. All 
information submitted via the Treasury web portal operated by its 
insurance statistical aggregator is subject to the confidentiality and 
data protection provisions of applicable federal law.

[[Page 64601]]

    Insurers subject to the consolidated data call report on a group 
basis, if part of a group, and otherwise report on an individual 
company basis.

II. General Reporting Issues and Proposed Changes to Data Collection 
Templates

    Pursuant to TRIA, Treasury has coordinated with publicly available 
sources to collect information for the 2022 data call. Information 
relating to workers' compensation exposures continues to be available 
from the workers' compensation rating bureaus, and those entities have 
again agreed to provide that information on behalf of participating 
insurers. Treasury has determined, however, that all other data 
components remain unavailable from other sources. Accordingly, Treasury 
will continue to request this remaining data and information directly 
from insurers.
    Treasury again proposes to use four different data collection 
templates (see 31 CFR 50.51(c)), depending upon the type of insurer 
involved. Insurers will fill out the template identified ``Insurer 
(Non-Small) Groups or Companies,'' unless the insurer meets the 
definition of a small insurer, captive insurer, or alien surplus lines 
insurer as set forth in 31 CFR 50.4. Such small insurers, captive 
insurers, and alien surplus lines insurers are required to complete 
separate tailored templates. Each template to be completed by each 
category of insurer contains multiple worksheets and is accompanied by 
separate instructions providing guidance on each data element requested 
in each worksheet.
    There are two general categories of material changes \9\ to the 
proposed reporting templates for 2022--one that applies solely to 
captive insurers, and the second that applies to the Cyber worksheet, 
which is contained in all templates and is to be completed by all 
participating insurers that write cyber insurance.
---------------------------------------------------------------------------

    \9\ By material changes, Treasury means changes to the data call 
that require the provision of additional types of information, or 
information arrayed in a different fashion than previously 
requested. Non-material changes that have been incorporated include 
date changes to the reporting templates to reflect the different 
reporting year, and revisions to the Reinsurance worksheet to 
contain a new modeled loss question for insurers (excepting small 
insurers that do not respond to that question), in the same format 
as prior years.
---------------------------------------------------------------------------

    In the upcoming data call, Treasury plans to obtain more detailed 
information on the terrorism risk insurance issued by the captive 
insurers. First, Treasury is now seeking information that will allow 
FIO to determine whether the insurance coverage provided by the captive 
insurer to a policyholder encompasses the reimbursement of such 
policyholder's deductible that must be satisfied under a policy issued 
by another insurer. In prior data calls, Treasury has only requested 
separate information on the deductible reimbursement coverage for 
workers' compensation insurance (where it forms a significant 
percentage of all workers' compensation insurance issued by captive 
insurers). For other lines of insurance, Treasury has previously 
instructed captive insurers to combine the deductible reimbursement 
insurance to policyholders with other insurance written by the captive 
in the same line of insurance. The proposed changes request that the 
information be broken out by each TRIP-eligible line of insurance, 
which results in changes to both the Premium and Exposure Bases 
worksheets, where information is collected on a line-by-line basis. 
Second, in order to obtain a more complete view of the scope of the 
captive's operations, FIO is proposing two additional changes. The 
first proposed change will require captive insurers to provide the 
total amount of all other non-TRIP eligible direct earned premium of 
the captive insurer on the Premium worksheet. The second proposed 
change, on the Exposure Bases worksheet, requests information on 
whether coverage is being issued by the captive insurer that only 
provides coverage for nuclear, biological, chemical, and radiological 
(NBCR) exposures, in light of prior findings by FIO (and others) that 
the ability to obtain NBCR coverage in the conventional market is 
limited.\10\
---------------------------------------------------------------------------

    \10\ See Federal Insurance Office, Report on the Effectiveness 
of the Terrorism Risk Insurance Program (June 2020), 48 (``Because 
many insurers generally exclude NBCR risks under P&C policies 
(excepting workers' compensation, as discussed below), the amount of 
direct insurance coverage for such risks may be substantially 
limited.''), https://home.treasury.gov/system/files/311/2020-TRIP-Effectiveness-Report.pdf; U.S. General Accountability Office, 
Terrorism Insurance: Status of Coverage Availability for Attacks 
Involving Nuclear, Biological, Chemical, or Radiological Weapons 
(December 2008), 13 (``Commercial property/casualty insurers and 
reinsurers generally seek to exclude coverage for NBCR risks or 
place significant restrictions on such coverage.''), https://www.gao.gov/assets/gao-09-39.pdf.
---------------------------------------------------------------------------

    The second area of material changes relates to the Cyber worksheet, 
which is completed by all participating insurers that write cyber 
insurance. In 2016, Treasury issued guidance confirming that cyber 
insurance written in a TRIP-eligible line of insurance is subject to 
the Program.\11\ In 2018, Treasury began to collect cyber insurance 
information in the TRIP data call for the first time.\12\ In 2021, 
Treasury finalized a rule change codifying its prior guidance that 
cyber insurance written in a TRIP-eligible line of insurance is subject 
to the Program.\13\ The cyber insurance market continues to grow and 
evolve, and cyber-related losses (particularly with regard to 
ransomware) have increased significantly over the past few years.\14\ 
In view of recent market developments and the important role of cyber 
insurance in the Program, Treasury would like to obtain more detailed 
information relating to the availability and affordability of such 
coverage in the market.
---------------------------------------------------------------------------

    \11\ 81 FR 95312 (Dec. 27, 2016).
    \12\ 83 FR 14718, 14720 (April 5, 2018).
    \13\ 86 FR 30537, 30538 (June 9, 2021) (amending 31 CFR 
50.4(w)(1)).
    \14\ See generally Federal Insurance Office, Annual Report on 
the Insurance Industry (September 2021), 74-80, https://home.treasury.gov/system/files/311/FIO-2021-Annual-Report-Insurance-Industry.pdf.
---------------------------------------------------------------------------

    Interested parties should review the proposed Cyber worksheet 
contained within each proposed reporting template, along with the 
revised Instructions for that worksheet, for further details on the 
proposed changes.
    The following paragraphs summarize the changes to the overall 
format of the worksheet:
    (1) As Treasury recognized in its 2016 Cyber Guidance and in its 
final rule in 2021, not all cyber insurance is written in TRIP-eligible 
lines of insurance that would be subject to the Program. In order to 
assess the amount of cyber insurance that is not subject to the 
Program, and the potential implications for the Program, Treasury is 
now requesting premium and limits information for cyber coverages 
written in non-TRIP-eligible lines of insurance.\15\
---------------------------------------------------------------------------

    \15\ As in past data calls, Treasury is not requesting insurers 
to provide information on premiums or exposures where a cyber loss 
may be found to be covered on a non-affirmative, or ``silent'' 
basis.
---------------------------------------------------------------------------

    (2) For cyber insurance written in both TRIP and Non-TRIP eligible 
lines, Treasury is now also requesting premium and policy count 
information broken out by size of policyholder. This information is 
separated into large, medium and small categories, as measured by the 
number of employees of the policyholder. This new data will assist 
Treasury in assessing the availability, affordability, and take up of 
cyber insurance for businesses in different size categories.
    (3) Cyber extortion coverage (which may or may not extend coverage 
for ransomware payments) also can be an element of cyber insurance 
coverage. Ransomware has emerged as a significant risk exposure for 
United

[[Page 64602]]

States businesses and for cyber insurers providing coverage for those 
exposures.\16\ In order to better understand the scope of insurance 
coverage being provided for this risk and its potential implications 
for the Program, Treasury is now requesting more specific information 
on the cyber extortion coverages provided under cyber insurance 
policies.
---------------------------------------------------------------------------

    \16\ See, e.g., U.S. Treasury, Financial Crimes Enforcement 
Network, Financial Trend Analysis, Ransomware Trends in Bank Secrecy 
Act Data Between January 2021 and June 2021, https://www.fincen.gov/sites/default/files/2021-10/Financial%20Trend%20Analysis_Ransomware%20508%20FINAL.pdf.
---------------------------------------------------------------------------

    (4) Given the significant increase in ransomware activity and 
reported substantial claims payments by insurers providing cyber 
insurance, Treasury is also requesting loss information regarding these 
ransomware exposures.
    For the 2022 data call (requesting insurer data for calendar year 
2021), an insurer will qualify as a small insurer if it had both 2020 
policyholder surplus and 2020 direct earned premium in the TRIP-
eligible lines of insurance of less than $1 billion.\17\ Small insurers 
that had TRIP-eligible direct earned premium of less than $10 million 
in 2021 will be exempt from the 2022 consolidated TRIP data call.\18\ 
Neither captive insurers nor alien surplus lines insurers are eligible 
for this reporting exemption. The only changes to the small insurer 
template are in connection with the global changes for cyber insurance 
identified above.
---------------------------------------------------------------------------

    \17\ Small insurers are defined in 31 CFR 50.4(z) as insurers 
(or an affiliated group of insurers) with policyholder surplus for 
the immediately preceding year less than five times the Program 
Trigger for the current year, and TRIP-eligible lines direct earned 
premium for the previous year that is also five times less than the 
Program Trigger. Accordingly, an insurer qualifies as a small 
insurer if its 2020 policyholder surplus and 2020 direct earned 
premium are less than five times the 2021 Program Trigger of $200 
million.
    \18\ To the extent an insurer with less than this level of TRIP-
eligible lines direct earned premium is part of a larger group that 
is required to report, the insurer must report as part of the group 
as a whole, even if it is under the $10,000,000 direct earned 
premium threshold on an individual basis. Individual company 
information for such entities must also be reported to state 
insurance regulators.
---------------------------------------------------------------------------

    The non-small insurer template should be completed by insurance 
groups (or individual insurers not affiliated with a group) that had 
either a 2020 policyholder surplus or 2020 direct earned premium in the 
TRIP-eligible lines of insurance equal to or greater than $1 billion 
and are not otherwise subject to reporting as captive insurers or alien 
surplus lines insurers. The reporting template for non-small insurers 
does not contain changes, other than the global changes relating to 
cyber insurance described above.
    Captive insurers are defined in 31 CFR 50.4(g) as insurers licensed 
under the captive insurance laws or regulations of any state. As in 
prior years, captive insurers that write policies in TRIP-eligible 
lines of insurance are required to report unless they do not provide 
their insureds with any terrorism risk insurance that is subject to the 
Program. As noted above, the captive insurer reporting template 
contains changes on the Premium and Exposure Bases worksheets,\19\ as 
well as the global changes relating to cyber insurance described above.
---------------------------------------------------------------------------

    \19\ In addition, on the Affiliations worksheet for captive 
insurers, there is now an additional drop-down option for Type of 
Insurer for affiliated companies, adding Alien Surplus Lines Insurer 
to the listing, based upon an inquiry received during the 2021 data 
call.
---------------------------------------------------------------------------

    Alien surplus lines insurers are defined in 31 CFR 50.4(o)(1)(i)(B) 
as insurers not licensed or admitted to engage in the business of 
providing primary or excess insurance in any state, but that are 
eligible surplus line insurers listed on the NAIC Quarterly Listing of 
Alien Insurers. Alien surplus lines insurers that are part of a larger 
group classified as a non-small insurer or as a small insurer should 
report as part of the group, using the appropriate template. Therefore, 
the alien surplus lines insurer template should only be used by an 
alien surplus lines insurer that is not part of a group that is subject 
to reporting on a different template. The reporting template for alien 
surplus lines insurers does not contain changes, other than the global 
changes relating to cyber insurance described above.
    As in past consolidated data calls, state insurance regulators will 
provide their own guidance regarding the submission of reporting 
templates to the New York Portal, as well as in connection with any 
additional data that may be required for the state data call.

III. Submission of Data

    Following registration with the data aggregator, all insurers will 
be provided with the appropriate reporting templates for completion. 
Reporting insurers that wish to report in .csv format can obtain 
information from the data aggregator on how to do so. Insurers will be 
required to submit the completed reporting templates through a secure 
web portal provided by the data aggregator. Submission of reports to 
the New York Portal does not satisfy the obligation to report to 
Treasury in the TRIP data call. All data must be provided no later than 
May 15, 2022, which will also be the reporting deadline for state 
insurance regulators. Treasury intends to provide training and 
additional resources throughout the data collection period to 
facilitate the proper completion of reporting templates.
    Reporting under the 2022 data call will be mandatory for all 
commercial property and casualty insurers writing insurance in lines 
subject to TRIA, unless the insurer falls within the exceptions for 
certain small insurers and captive insurers described above.

IV. Request for Comments

    To ensure efficient and accurate completion of the forms, Treasury 
is requesting public feedback on the content of the 2022 data call 
reporting templates outlined in this Request for Comments and on 
associated matters. In particular, Treasury requests comments on the 
following issues:
    (1) Please comment upon the proposed material changes to the 
existing data collection forms as respects captive insurers and cyber 
insurance.
    (2) Are there other publicly available information sources that 
bear upon the identified issues concerning captive insurers and 
insurers writing cyber coverage that Treasury should consider in 
connection with the information identified in this Request for 
Comments?
    (3) Is there any additional information that Treasury should 
collect given the proposed changes regarding captive insurers, in light 
of the matters identified in this Request for Comments?
    (4) Is there any additional information that Treasury should 
collect given the proposed changes regarding insurers writing cyber 
coverage, in light of the matters identified in this Request for 
Comments?
    The proposed forms are available for review at https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-program/annual-data-collection.

V. Procedural Requirements

    Paperwork Reduction Act. The collection of information contained in 
this Request for Comments will be submitted to the Office of Management 
and Budget (OMB) for review as a revision to OMB Control Number 1505-
0257 under the requirements of the Paperwork Reduction Act, 44 U.S.C. 
3507(d). Comments should be sent to Treasury in the form discussed in 
the ADDRESSES section of this Request for Comments. Comments on the 
collection of information should be received by January 18, 2022.

[[Page 64603]]

    Comments are being sought with respect to the collection of 
information in the proposed Terrorism Risk Insurance Program 2022 data 
call. Treasury specifically invites comments on: (a) Whether the 
proposed collection is responsive to the statutory requirement; (b) the 
accuracy of the estimate of the burden of the collections of 
information (see below); (c) ways to enhance the quality, utility, and 
clarity of the information collection; (d) ways to use automated 
collection techniques or other forms of information technology; and (e) 
estimates of capital or start-up costs and costs of operation, 
maintenance, and purchase of services to maintain the information.
    Treasury previously analyzed the potential burdens associated with 
the 2021 data call. See 85 FR 41676, 41677-78 (July 10, 2020). The 
information sought by Treasury comprises data elements that insurers 
currently collect or generate, although not necessarily grouped 
together the way in which insurers currently collect and evaluate the 
data. Based upon insurer submissions in the 2021 data call, Treasury 
estimates that for purposes of the 2022 data call, approximately 100 
Program participants will be required to submit the ``Insurer (Non-
Small) Groups or Companies'' data collection form, 225 Program 
participants will be required to submit the ``Small Insurer'' form, 575 
Program participants will be required to submit the ``Captive Insurer'' 
form, and 100 Program participants will be required to submit the 
``Alien Surplus Lines Insurers'' form.
    Each set of reporting templates is expected to incur a different 
level of burden. At the time of the 2020 estimate, the average burden 
estimate for Non-Small Insurers was 82 hours; for Small Insurers, 28 
hours; for Captive Insurers, 51 hours, and for Alien Surplus Lines 
Insurers, 51 hours.\20\ When Treasury added a Cyber worksheet to the 
reporting templates in 2018, it did not estimate any additional 
material burden at that time associated with incremental addition of 
requiring some limited cyber insurance reporting.\21\
---------------------------------------------------------------------------

    \20\ 85 FR 41676, 41677-78 (July 10, 2020).
    \21\ 82 FR 56328, 56331 (Nov. 28, 2017).
---------------------------------------------------------------------------

    The changes to the proposed data reporting elements in 2022 are not 
anticipated to have a significant impact on Treasury's prior burden 
estimates with respect to the additional requested information specific 
to captive insurers, as the additional information is largely the same 
information that has been previously collected, with the additional 
requirement that such information be divided between deductible 
reimbursement policies versus other policies in the same line of 
insurance. Given the relatively small number of policies issued by 
captive insurers, the additional effort to make this separation 
(assuming the captive insurer issues policies in both categories) 
should not be significant. Treasury does anticipate that the additional 
information collection concerning cyber insurance (which is sought from 
each category of participating insurer) will have an impact upon the 
existing burden estimates.
    Although the amount of information requested concerning cyber 
insurance is more than has been requested in the past, it is in 
generally in the same format, with the exception that some information 
is now requested to be provided by size of policyholder. FIO 
anticipates that this will require some further manipulation of the 
data by participating insurers than in prior years. In addition, the 
templates now request claims-related information. Accordingly, for 
those insurers required to respond to the Cyber (Nationwide) worksheet, 
Treasury anticipates an additional 10 hours of burden, based upon its 
own evaluation and engagement with its data aggregator. That estimate, 
however, should be reduced by the percentage of insurers in each 
respective category that complete the Cyber worksheet. Based upon the 
results of the 2021 data call, 80 percent of Non-Small Insurers, 33 
percent of Small Insurers, 10 percent of Captive Insurers, and 60 
percent of Alien Surplus Lines Insurers provided information in 
connection with this worksheet. Accordingly, Treasury estimates the 
incremental additional burden for each group as 8 hours for Non-Small 
Insurers, for 90 hours total; 4 hours for Small Insurers, or 32 hours 
total; 1 hour for Captive Insurers, or 52 hours total; and 6 hours for 
Alien Surplus Lines Insurers, or 57 hours total.
    Assuming this breakdown, and when applied to the number of 
reporting insurers anticipated in light of the experience of the 2021 
data call, the estimated annual burden would be 51,800 hours ((100 
insurers x 90 hours) + (225 insurers x 32 hours) + (575 insurers x 52 
hours) + (100 insurers x 57 hours)). At a blended, fully loaded hourly 
rate of $52.25,\22\ the anticipated labor cost would be $2,706,550 
across the industry as a whole, or $4,703 per Non-Small Insurer, $1,672 
per small insurer, $2,717 per Captive Insurer, and $2,978 per Alien 
Surplus Lines Insurer.
---------------------------------------------------------------------------

    \22\ Based on data from the Bureau of Labor Statistics, for 
Insurance Carriers and Related Activities, https://www.bls.gov/iag/tgs/iag524.htm. The average wage rate for all insurance employees 
was $39.02 in July 2021, and the total benefit compensation in the 
2nd Quarter of 2021 was 33.9%, which is a benefit multiplier of 
1.339. Therefore, a fully-loaded wage rate for insurance employees 
is $52.25, or $39.02 x 1.339.

    Dated: November 15, 2021.
Steven E. Seitz,
Director, Federal Insurance Office.
[FR Doc. 2021-25181 Filed 11-17-21; 8:45 am]
BILLING CODE 4810-AK-P