What Is the Model Audit Rule?

The Model Audit Rule (MAR) serves as the cornerstone for monitoring, regulation and governance over the insurance industry. Officially known as the Annual Financial Reporting Model Regulation, the Model Audit Rule “requires nonpublic insurers to comply with stringent regulatory provisions, increase transparency and improve corporate governance,” per Risk Management.

Essentially, the Model Audit Rule is the insurance industry’s regulatory counterpart to the Sarbanes-Oxley Act of 2002 (SOX) for private insurers. Just like banking and healthcare, it is critical that private insurers are subject corporate governance and financial accountability for the welfare and benefit of policyholders and prospective claimants. Borrowing extensively from SOX, The Model Act Rule was developed in cooperation with the American Institute of Certified Public Accountants (AICPA) and the National Association of Insurance Commissioners (NAIC).

Model Audit Rule Requirements

What Is the Purpose and Scope of the Model Audit Rule?

The purpose of the Model Audit Rule is to provide guidelines, rules and necessary allowances that make it possible for each state’s insurance department to properly and thoroughly monitor the health of each private insurer’s financial condition. Similar to businesses outside of the insurance industry that require the SOX act for accountability, private insurers are held to the same scrutiny and accountability, thanks to the introduction of the MAR by the NAIC.

With the MAR, policyholders and claimants may still ultimately receive any monies due to them, even if an insurer’s business fails and goes into liquidation. The National Organization of Life & Health Guaranty Associations (NOLHGA) notes that, if an insurer’s period of rehabilitation, the insurance company goes into receivership, overseeing the company’s accounting matters until the liquidator can turn any available assets into cash that is eventually made payable to policyholders, claimants and vendors.

All licensed insurers within a state are subject to the surveillance, governance, scrutiny and, if necessary, receivership set forth by the MAR. Each state does, however, have the freedom to decide whether or not it wants to participate.

A Brief History of the Model Audit Rule

Officially issued by the NAIC on June 11, 2006 after a vote to approve amendments to the already existing Annual Financial Reporting Model Regulation (#205) to specifically address improving the ability of each state to properly and thoroughly surveil the financial condition of insurers within their respective state.

The NAIC, AICPA and SOX worked together for three years leading up to the 2006 enactment, after continuous research and discussions about how to avoid catastrophic failures for each state’s insurance companies. The MAR serves to prevent leaving insurance claimants, policyholders and vendors unpaid and unserved by their insurance company, and by extension, their state governing and regulatory bodies.

Like most governing bodies in other industries, the original 2006 MAR had more possibilities to do more to help serve the public. In January 2010, the NAIC issued an amendment to the Model Audit Rule with revisions that addressed three key factors:

  • Independence of auditors
  • Corporate governance
  • Internal control over financial reporting

The revision took effect January 1, 2010, or at the time when a state chose to adopt the Model Audit Rule and its amendments.

Compliance questions? Get answers!

Book a free 30-minute consultation with a specialist to find your path to compliance. Secure your spot today.


What Are the Model Audit Rule Requirements?

After catastrophic fraudulent corporate scandals like Enron and WorldCom sparked the creation of the Sarbanes-Oxley Act of 2002, it made sense to extend governance and stewardship to the insurance industry. Operating on such a large scale, and accountable to so many parties, the NAIC, SOX §404 and the AICPA continue to strive to find ways to provide financial transparency to help avoid insurance company failures that provide no accountability to policyholders, claimants and vendors.

The January 1, 2010 MAR revision incorporated several notable requirements, enacted to not only serve those may eventually be due funds from an insurer, but to help state regulators monitor accounting practices and financials in hopes of preventing insurance company failures. Following are some of the amendments to help improve the processes involved in regulating private insurers in participating states:

Auditor Independence Requirements

The revision prohibits outside auditing firms from performing duties that include bookkeeping, financial information systems design and enactment, actuarial tasks, internal audit oursourcing services, expert services unrelated to the audit, and management or human resources services. The MAR 2010 amendment also directs insurers to rotate the external auditing firm every five years then waiting an additional five years before engaging that same firm again.

Audit Committee Oversight Requirements

Each insurer is required to file an annual Audited financial report and must designate a group of individuals to comprise its Audit committee. The main controlling person in the Audit committee must submit written notice for the reason for the selection of the committee members. The group is then charged with specific oversight responsibilities. According to the NAIC Guide, “Audit committees for insurers with prior calendar year direct written and assumed premiums between $300 million and $500 million shall have a minimum of 50 percent of its members qualify as independent” while “Audit committees for insurers with prior calendar year direct written and assumed premiums greater than $500 million shall have a minimum of 75 percent of its members qualify as independent.”

Scope of Audit and Independent External Audit Report

Each report must be conducted in accordance with Generally Accepted Auditing Standards (GAAP) while gaining insight into the insurer’s internal control. The scope for audits includes the requirement to file a report on internal controls to accompany the financial statements.

Communication and Reporting of Internal Control Matters

At the end of each audit, the insurer must provide their respective state’s insurance commissioner with a report of any internal control weaknesses uncovered by the independent auditor.

Audit Report Filing Deadlines

Each insurer must file an Audited financial report before June 1 with 90-days of advanced notice.

Clarifying the Model Audit Requirements to Make Sure Your Insurance Company Is In Compliance

I.S. Partners, LLC. helps insurance companies understand all of the finer points of the Model Audit Requirements each day to ensure full compliance. Whether you need a free quote for a reliable independent auditing team to perform your audit, or you simply have some basic questions, representatives look forward to responding via telephone call or a chat session.

About The Author

Get started

Get a quote today!

Fill out the form to schedule a free, 30-minute consultation with a senior-level compliance expert today!

Analysis of your compliance needs
Timeline, cost, and pricing breakdown
A strategy to keep pace with evolving regulations

Great companies think alike.

Join hundreds of other companies that trust I.S. Partners for their compliance, attestation and security needs.

Scroll to Top