The Model Audit Rule: best practices and recommendations to improve your organization’s program

The National Association of Insurance Commissioners' (NAIC) Annual Financial Reporting Model Regulation #205, commonly known as the Model Audit Rule (MAR), requires that insurance companies that exceed certain thresholds of direct and assumed written premiums adopt auditor independence, corporate governance and internal control over financial reporting standards.

MAR was enacted for three primary purposes:

1. To provide regulators with greater confidence that their domiciled insurance entities have effective controls in place to mitigate the risk of publishing inaccurate annual statements
2. To increase efficiency of the risk-focused examinations by allowing the examination teams to rely on the control testing performed by the insurer regarding their financial reporting risks
3. To enhance corporate governance by increasing management’s confidence in their internal controls environment

It is important to note that although a majority of states have adopted MAR in its entirety based on the NAIC’s recommendations, some have chosen to adopt or modify specific sections. In 2021, the NAIC published a guide to assist MAR compliance by state.

Effective threshold: $500 million in direct and assumed written premium

Section 17 Management’s Report of Internal Control over Financial Reporting – Annual Attestation on Internal Control mandates that every insurer having annual, direct-written and assumed premiums of $500 million or more (i.e., the act provides a calculation for life and health entities) shall prepare a report, for the prior calendar year’s year-end, attesting to the insurer’s, or the group of insurer’s, internal controls over financial reporting.