Model Audit Rule
By taking steps to prepare, improve or enhance your model audit rule (MAR) program, you will be able to increase its overall efficiency and effectiveness, subsequently benefiting your organization in By taking steps to implement or enhance a strong model audit rule (MAR) program, including strengthening internal controls over financial reporting (ICFR), optimizing governance frameworks and ensuring regulatory compliance, you will increase its overall efficiency and effectiveness and benefit your organization in the long term.
Model Audit Rule
Climb to new heights
The National Association of Insurance Commissioners’ (NAIC) Annual Financial Reporting Model Regulation 205, commonly known as the Model Audit Rule (MAR), requires that life and annuity, property and casualty, title, health plans and other insurance organizations that exceed certain thresholds of direct and assumed written premiums adopt auditor independence, corporate governance and internal control over financial reporting standards. For many insurers, handling a MAR program can be a daunting task.
Even if your organization has not yet met the $500 million in direct written and assumed premiums threshold, understanding the controls and identifying potential weaknesses that may arise is crucial to ensure you are prepared for when the time comes to implement MAR. For insurers that have already met the threshold, you must remain compliant by reviewing your process annually to identify inefficiencies, improve overall effectiveness and revamp a stale program to ensure that key risks are addressed and the program is cost effective.
Explore our solutions
MAR can be a significant undertaking. In order to effectively take action, you have to identify the key material risks plaguing your organization, understand the controls to mitigate those risks and identify weaknesses — all while striving to remain compliant and ensure your program is effective and efficient. Our insurance and regulatory specialists are dedicated to the development, successful implementation, ongoing testing and maintenance of your MAR program. Our approach can be done on a stand-alone basis or integrated with a comprehensive internal audit strategy. We seek to ensure your program is up-to-date based on current regulatory requirements, efficient and cost-effective — allowing you to focus on the big picture and the road ahead.
Your business is our business — explore ways to address challenges related to MAR
Prepare for compliance
Your challenge:
You’ve determined that your organization needs to be MAR compliant in the future and you need to have a plan and cost-efficient approach in place to meet regulatory requirements.
Our solution:
- Develop a plan that will increase governance, organizational unity and confidence in your controls.
- Align risks for compliance by identifying the relevant MAR risks from a regulator’s perspective, then incorporate risks of value to your organization, if not aligned
- Apply standard risk and control templates and reports that allow for efficient implementation
- Develop a road map to identify materiality and processes in scope, and conduct a gap analysis with project management milestones to meet the MAR internal control reporting requirements
- Implement effective project management including, but not limited to, a MAR calendar of kickoff meetings, testing timeline and deliverables and making all relevant parties aware
Implement for value
Your challenge:
You’ve identified your organization needs to be MAR compliant in the future and you want to maximize the value from your efforts to improve your processes and internal controls.
Our solution:
The steps outlined under the “prepare for compliance” tab plus:
- Assess your current state by reviewing and understanding and understanding time commitment, definitions of success and challenges to address
- Assist to define your focus on the appropriate controls by taking a top-down approach and following a systematic filtering process with control rationalization
- Assist your team in implementing a MAR steering committee to ensure significant financial reporting areas are addressed
- Define an internal MAR champion/point person for each functional area
- Customize and integrate approach with your internal audit plan, enterprise risk management and compliance functions
- Partner with governance risk and compliance (GRC) software providers to streamline processes and required reporting
Optimize to innovate
Your challenge:
Now that you have a solid MAR program, you want to optimize your approach to be innovative for efficiency and value.
Our solution:
- Conduct a materiality and control rationalization exercise as many established MAR programs may not be efficient and the “same old way” is viewed as good enough
- Conduct a cost analysis of MAR compliance including opportunity costs
- Review business stakeholder involvement and inefficiencies by identifying bottlenecks and cost drivers
- Replace detail control testing with automation and computer assisted audit techniques (CAAT)
- If you have a current GRC partner, conduct enhancement exercises for additional functionality and/or compare to other competitors and partners
Transition for growth
Your challenge:
Your organization is going public or private and you need assistance with the transition to or from Sarbanes-Oxley (SOX) compliance.
Our solution for organizations transitioning from private to public:
- Establish tone at the top as the CEO and CFO must provide leadership to gain organizational buy-in of the additional effort
- Educate control owners on what an initial public offering (IPO) means for SOX 404(a) or SOX 404(b) compliance and what is needed
- If not already utilizing a control framework, ensure that an established control framework such as COSO is implemented
- Conduct an analysis of changes to materiality, processes, systems and control owners and optimize documentation requirements such as narratives, matrices and flow charts
- Engage with your external auditors to ensure alignment with materiality, control and testing expectations
- Tailor the approach and SOX compliance road map to your organizations culture, people, processes and technology
Our solution for organizations transitioning from public to private:
- Revisit materiality and control rationalization to ensure controls in scope are proper and account for controls that may have been out of scope for SOX purposes
- Conduct education sessions with existing and new stakeholders to requirements under MAR and what stays the same, changed or new and is no longer required
Explore what’s possible
Internal Audit
Leverage industry-specialized internal audit services for organizational success.
Insurance
Navigating an evolving industry while also meeting compliance requirements, managing cybersecurity threats and data privacy and mitigating regulatory/financial risks can be overwhelming. Our specialists can help you reach your financial and operational goals while proactively embracing new technology and staying on top of policy shifts and economic challenges.
Organizational Readiness
How your business gets from where it is today to where it needs to be tomorrow depends on your most valuable asset - your people. We help you prepare your business to transform through a dedicated focus on the people within your organization that will lead your digital transformation.
Insurance Regulators
We leverage our extensive regulatory expertise, unwavering integrity and commitment to continuous improvement and innovation – enabling us to pass accreditation reviews successfully and serve state insurance departments and regulators.
Data Solutions
Capturing, understanding and leveraging the data that matters most and bringing it into focus is no trivial matter. Rely on our experience to drive your business forward.
IPO Readiness
Helping organizations plan their path — whether it be through an initial public offering (IPO) or other path to going public — we help you navigate the risks and maximize the rewards in your journey.
Sarbanes-Oxley (SOX) Compliance
Strengthening controls. Enhancing confidence. Ensuring compliance.
Read our latest insights
