Better Information Sharing Among Financial Services Regulators Could Improve Protections for Consumers
Gao ID: GAO-04-882R June 29, 2004GAO has long held the position that financial regulators can benefit from improved information sharing. As regulators are faced with the challenges of overseeing a myriad of financial products, along with the individuals and organizations that develop and sell them, information sharing among regulators serves as a key defense against fraud and market abuses. However, our system of financial regulation is fragmented and, in many cases, isolated among numerous federal and state financial regulators overseeing the securities, insurance, and banking industries. While there has been a greater effort to improve communication in recent years, the routine sharing of information between the regulators of the three major financial industries--securities, insurance, and banking--continues to be a source of concern. At Congress' request, we have issued reports and testimonies in recent years discussing the benefits of improved sharing of criminal and regulatory information and the consequences of failing to adequately share such information. This report focuses on three areas where greater attention is needed to improve information-sharing capabilities among financial services regulators. First, we highlight the need for insurance regulators to have more consistent access to the Federal Bureau of Investigation (FBI) nationwide criminal history data. Second, we discuss the importance of sharing regulatory enforcement data as a tool to prevent the migration of undesirable people, or rogues, from one industry to another. Third, we present the results of new work assessing the regulatory oversight structures for certain hybrid financial products and the extent to which regulators share consumer complaint data that may be relevant to multiple regulators in a routine, systematic fashion. Finally, we highlight challenges to improving information sharing among financial regulators.
Financial regulators face challenges in accessing and sharing information relevant to their oversight responsibilities, including information related to criminal history data, regulatory enforcement actions, and consumer complaints. Specifically, we found that many state insurance regulators, unlike their counterparts in the banking, securities, and futures industries, continue to lack the legal authority to access the FBI's nationwide criminal history data. According to information obtained from state regulators and the FBI, fewer than one-third of the states have taken actions that current federal law requires for them to have such authority. Consequently, regulators in other states cannot be sure that they are protecting insurance consumers from fraud by keeping individuals previously convicted of serious criminal behavior out of the business of insurance. We also found that financial regulators generally did not have ready access to all relevant data related to regulatory enforcement actions taken against individuals or firms. Regulatory data are maintained by the various financial regulators on separate information systems and are not always readily accessible by one another, particularly by regulators across different financial industries. If the regulatory history of applicants cannot be readily accessed, financial regulators are hampered in their ability to detect and prevent an unsuitable individual, or rogue, from migrating from one financial services industry to another. Similarly, our recent work shows that many financial regulators do not share relevant consumer complaint data among themselves on certain hybrid products in a routine, systematic fashion. The different regulatory structures that are involved in the oversight of hybrid products and the array of systems used to capture complaints about them create challenges for regulators and consumers for resolving problems that can arise in the marketplace. We found that the regulatory oversight structure associated with certain hybrid financial products can vary considerably, depending on the product and where it is sold. Moreover, the regulatory structure can change over time. Often multiple regulators can have an oversight interest in a particular hybrid financial product. In such an environment, it can be difficult for consumers to determine which organization should receive a complaint. Furthermore, once a complaint is received, it may be relevant to another regulator, either because it may not have reached the most appropriate regulator or because the complaint information could be of interest to multiple regulators. However, many financial regulators do not share consumer complaint data with one another in a routine, systematic fashion. Consequently, particularly in the case of hybrid financial products, regulators may be unable to resolve individual complaints because complaints have been directed to the "wrong" regulator, or, because of a lack of complete information, an individual regulator may not be able to fully assess the magnitude of problems affecting certain companies or products. While financial regulators generally support better sharing of regulatory information, they also cited some concerns and barriers. These generally centered around protecting confidential regulatory information from public disclosure, as opposed to technological issues. Consequently, options or proposals for improving information-sharing capabilities or tools among financial regulators need to address concerns about sharing and protecting different types of regulatory data that have varying degrees of sensitivity. We encourage efforts to achieve improved information sharing, balancing a regulator's "need to know" with the appropriate protections on the information, so that financial regulators can better prevent the migration of rogues and respond more effectively to problems that may surface in the marketplace.
GAO-04-882R, Better Information Sharing Among Financial Services Regulators Could Improve Protections for Consumers
This is the accessible text file for GAO report number GAO-04-882R
entitled 'Better Information Sharing Among Financial Services
Regulators Could Improve Protections for Consumers' which was released
on July 29, 2004.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
United States General Accounting Office:
Washington, DC 20548:
June 29, 2004:
The Honorable Michael G. Oxley
Chairman
Committee on Financial Services
House of Representatives:
Subject: Better Information Sharing Among Financial Services Regulators
Could Improve Protections for Consumers:
Dear Mr. Chairman:
GAO has long held the position that financial regulators can benefit
from improved information sharing.[Footnote 1] As regulators are faced
with the challenges of overseeing a myriad of financial products, along
with the individuals and organizations that develop and sell them,
information sharing among regulators serves as a key defense against
fraud and market abuses. However, our system of financial regulation is
fragmented and, in many cases, isolated among numerous federal and
state financial regulators overseeing the securities, insurance, and
banking industries. While there has been a greater effort to improve
communication in recent years, the routine sharing of information
between the regulators of the three major financial industries--
securities, insurance, and banking--continues to be a source of
concern.
At this Committee's request, we have issued reports and testimonies in
recent years discussing the benefits of improved sharing of criminal
and regulatory information and the consequences of failing to
adequately share such information. This report focuses on three areas
where greater attention is needed to improve information-sharing
capabilities among financial services regulators. First, we highlight
the need for insurance regulators to have more consistent access to the
Federal Bureau of Investigation (FBI) nationwide criminal history data.
Second, we discuss the importance of sharing regulatory enforcement
data as a tool to prevent the migration of undesirable people, or
rogues, from one industry to another. Third, we present the results of
new work assessing the regulatory oversight structures for certain
hybrid financial products and the extent to which regulators share
consumer complaint data that may be relevant to multiple regulators in
a routine, systematic fashion.[Footnote 2] Finally, we highlight
challenges to improving information sharing among financial regulators.
We conducted our work in accordance with generally accepted government
auditing standards. For our work related to the first two objectives
concerning access to criminal and regulatory history data,
respectively, we relied primarily on previous GAO work. To address the
third objective, we conducted new work related to regulatory oversight
and information sharing associated with hybrid financial products. For
more information concerning the scope and methodology of this recent
work, please see enclosure I.
Results In Brief:
Financial regulators face challenges in accessing and sharing
information relevant to their oversight responsibilities, including
information related to criminal history data, regulatory enforcement
actions, and consumer complaints. Specifically, we found that many
state insurance regulators, unlike their counterparts in the banking,
securities, and futures industries, continue to lack the legal
authority to access the FBI's nationwide criminal history data.
According to information obtained from state regulators and the FBI,
fewer than one-third of the states have taken actions that current
federal law requires for them to have such authority. Consequently,
regulators in other states cannot be sure that they are protecting
insurance consumers from fraud by keeping individuals previously
convicted of serious criminal behavior out of the business of
insurance.
We also found that financial regulators generally did not have ready
access to all relevant data related to regulatory enforcement actions
taken against individuals or firms. Regulatory data are maintained by
the various financial regulators on separate information systems and
are not always readily accessible by one another, particularly by
regulators across different financial industries. If the regulatory
history of applicants cannot be readily accessed, financial regulators
are hampered in their ability to detect and prevent an unsuitable
individual, or rogue, from migrating from one financial services
industry to another.
Similarly, our recent work shows that many financial regulators do not
share relevant consumer complaint data among themselves on certain
hybrid products (i.e., products with features and characteristics both
of insurance and securities) in a routine, systematic fashion. The
different regulatory structures that are involved in the oversight of
hybrid products and the array of systems used to capture complaints
about them create challenges for regulators and consumers for resolving
problems that can arise in the marketplace. We found that the
regulatory oversight structure associated with certain hybrid financial
products can vary considerably, depending on the product and where it
is sold. Moreover, the regulatory structure can change over time. Often
multiple regulators can have an oversight interest in a particular
hybrid financial product. In such an environment, it can be difficult
for consumers to determine which organization should receive a
complaint. Furthermore, once a complaint is received, it may be
relevant to another regulator, either because it may not have reached
the most appropriate regulator or because the complaint information
could be of interest to multiple regulators. However, many financial
regulators do not share consumer complaint data with one another in a
routine, systematic fashion. Consequently, particularly in the case of
hybrid financial products, regulators may be unable to resolve
individual complaints because complaints have been directed to the
"wrong" regulator, or, because of a lack of complete information, an
individual regulator may not be able to fully assess the magnitude of
problems affecting certain companies or products.
While financial regulators generally support better sharing of
regulatory information, they also cited some concerns and barriers.
These generally centered around protecting confidential regulatory
information from public disclosure, as opposed to technological issues.
Consequently, options or proposals for improving information-sharing
capabilities or tools among financial regulators need to address
concerns about sharing and protecting different types of regulatory
data that have varying degrees of sensitivity. We encourage efforts to
achieve improved information sharing, balancing a regulator's "need to
know" with the appropriate protections on the information, so that
financial regulators can better prevent the migration of rogues and
respond more effectively to problems that may surface in the
marketplace.
Most State Insurance Regulators Still Cannot Access Nationwide Criminal
History Data:
Many state insurance regulators continue to lack the appropriate
authority to perform thorough criminal history checks on individuals
trying to enter the business of insurance.[Footnote 3] One of the
important functions of a financial regulator is licensing or approving
the people who apply to work in the industry. The first line of defense
against fraud is to keep known criminals and other inappropriate
individuals out of the business--particularly when that business is
handling other peoples' money. However, in previous work, we reported
that many state insurance regulators, unlike their counterparts in the
banking, securities, and futures industries, do not have the authority
to obtain FBI nationwide criminal history data.[Footnote 4] Today, the
situation remains much the same. According to officials from the FBI
and the National Association of Insurance Commissioners
(NAIC),[Footnote 5] of the 50 states and the District of Columbia, only
16 state insurance departments have the authority under current federal
law to access nationwide criminal history data maintained by the FBI.
NAIC has developed model state legislation for states to gain access to
the FBI data for purposes of conducting criminal history checks on
industry applicants. However, NAIC also maintains that the fastest way
to grant state insurance departments access to the FBI's fingerprint
database in a uniform fashion is by federal statute without the need
for subsequent state legislative action.
One mission of financial regulators is to protect the public by
ensuring that people with a history of dishonest behavior are not
allowed the opportunity to continue such behavior as representatives of
banks, securities firms, or insurance companies. In our previous
report, which described an insurance investment scam perpetrated by
Martin Frankel, who masterminded the theft of over $200 million from
several insurance companies during an 8-year period, we pointed out
that most state insurance departments lacked the regulatory tools to
access the FBI's criminal history databases. We reported that most
state insurance commissioners do not have the means to conduct
nationwide criminal history background checks on individuals to decide
whether certain convicted felons should be permitted to engage in the
business of insurance. We also recommended that the United States
Attorney General, the president of NAIC, and state insurance
commissioners work together to establish a mechanism by which state
regulators can perform criminal background checks on individuals to
facilitate enforcement of the federal insurance fraud prevention
provision, 18 U.S.C. sec. 1033.[Footnote 6]
We reiterated and amplified our discussion of this problem in
subsequent work. In testimony before two Subcommittees of this
Committee in March 2001, we noted that among all financial regulators,
only those regulating insurance lacked the ability to routinely access
national criminal history data for the purpose of screening potential
industry entrants.[Footnote 7] Then, in June 2002, in the context of
states' compliance with provisions of the Gramm-Leach-Bliley Act
(GLBA),[Footnote 8] we reported that some states' insurance regulators
do not conduct criminal history background checks as part of their
producer licensing requirements.[Footnote 9] As a result, other states
that did require applicant fingerprints and a criminal history
screening were reluctant to grant reciprocity to agents that had not
previously met these requirements. We noted that some state insurance
departments in relatively large markets were not willing to lower their
standards on certain licensing requirements, such as criminal history
checks using fingerprint identification. We concluded that in-depth
criminal background checks through fingerprinting strengthened
consumer protections and endorsed efforts to achieve uniformity among
state regulators using such requirements.
In light of our findings, we have recommended that state insurance
regulators be granted access to the nationwide criminal history data
that FBI maintains. To properly screen industry applicants who desire
to enter the insurance industry, insurance regulators need the
appropriate authority to access nationwide criminal history information
on individuals. If all state insurance regulators had the authority to
access this criminal history data, this would put them on more equal
par with other financial regulators in the banking, securities, and
futures industries.
Regulators Lack Ready Access to Each Other's Enforcement Data:
Information on regulatory enforcement activities, in addition to
criminal history data, is vital to effective oversight, but is not
always readily accessible among financial regulators across different
industries. Criminal behavior is not the only reason for a regulator to
bar an individual from participating in a regulated industry.
Regulators also take disciplinary actions against individuals who have
been found responsible for breaking rules or regulations that are in
place to protect customers. In these instances, enforcement actions can
result in individuals being banned from returning to work in the
industry or state where they broke the rules. Such enforcement history
would be critical to a regulator in a different financial services
industry or state if one of these individuals sought a license to
operate in a different industry or location. But, if regulatory
information about an individual is not widely known or made available/
distributed, little prevents a rogue from moving to a different
financial industry or state, lying on an application, and beginning
again to engage in unscrupulous activities. The only way to detect and
prevent this "rogue migration" is good regulatory information, widely
shared. Financial regulators have taken some steps to improve
information sharing among themselves and between industries, but
generally they do not have direct, ready access to each other's
regulatory information.
Each regulator faces the challenge of ensuring that individuals who
have been involved in improper activities in one state or financial
industry are unsuccessful in attempting to move to another.
Accordingly, financial services regulators generally maintain
background and disciplinary data on individuals and entities in their
particular financial industry.[Footnote 10] Within the insurance,
securities, and futures industries, where regulators have authority to
license or register individuals to sell financial products, this
information is largely centralized on an industrywide basis. Therefore,
different regulators in each of these industries can access systems and
databases that provide background information on individuals and
entities, consumer complaints, and disciplinary records within that
industry. In the banking industry, where regulators do not license or
register individuals, we found that regulators also entered and
maintained background, regulatory history, lending practice, and
complaint data on entities and some individuals. Such systems and
databases are decentralized among the separate banking regulators.
Therefore, unlike the "one-stop shopping" search capabilities available
in other financial industries, a search on an individual's regulatory
history in the banking industry could necessitate separate inquiries of
the five regulators' systems, though these queries are facilitated
through Web-based applications.[Footnote 11]
Different financial regulators have taken some steps to improve
information sharing between industries. For instance, state insurance
regulators, represented by NAIC, and state securities regulators,
represented by the North American Securities Administrators Association
(NASAA),[Footnote 12] have formed a working group to familiarize one
another with the regulatory systems and tools available in their
respective industries. In May 2004, NAIC and NASAA hosted a joint
educational seminar to facilitate this effort. We also observed
examples where state securities and insurance regulators have developed
procedures for requesting each other's regulatory information or
providing limited access to such data. Moreover, many regulators,
recognizing the need to share regulatory data with other financial
regulators, have established bilateral information-sharing agreements
to access external regulatory information.
Financial regulators collect and maintain several types of regulatory
data with varying degrees of sensitivity that merit consideration of
how such data should be shared. In previous testimony before this
Committee, we noted discussions with financial regulators and Committee
staff that have identified several types of data, aside from those
related to licensing and employment history, that could be useful to
regulators in detecting fraud and limiting its spread from one
financial industry to another. These data types include 1) completed
disciplinary or enforcement actions, 2) consumer complaints, 3) ongoing
regulatory investigations, and 4) reports of suspicious or unverified
activity that merit regulatory attention, but may not yet rise to the
level of a formal investigation. Generally, regulators are more
comfortable with sharing regulatory information on closed, adjudicated
enforcement actions and less comfortable sharing data that may be
unsubstantiated. While some of these data types may not be sufficient
by themselves to support a regulatory action, such as a
disqualification for registration or a license, if regulators were to
have the information available, it could prompt them to ask more
probing questions or conduct further checks to ensure the fitness of
industry applicants. In the Frankel case, although Frankel himself
reportedly used aliases and fronts to perpetrate an insurance
investment scam, one of the individuals who appeared to have provided
funds to purchase the first insurance company in this scam, which was
subsequently looted of its assets, had a disclosure item involving
complaints and settlements in the securities industry. If regulators
had interviewed that individual to discuss past regulatory incidents
and probed further, they may have uncovered the scam before any assets
were stolen.
While each regulator keeps data on miscreants identified in its own
regulated institutions or industry, financial regulators generally do
not have ready access to enforcement data maintained by regulators in
other financial industries. Moreover, as highlighted earlier, financial
regulators maintain their enforcement data on separate information
systems within different industries. Generally, access to regulatory
data can be accomplished on an information request basis, but direct,
ready access to regulatory data on separate information systems in
different industries is generally not available. For instance, NAIC
maintains centralized data on disciplinary actions regarding companies
and individuals that can be accessed by insurance regulators and
industry producers, but financial regulators in other industries
generally do not have direct access to this information. Some financial
regulators do provide public access to names of individuals and/or
firms that have had enforcement action(s) taken against them while
others do not. Therefore, in the absence of a means to link or search
the various financial regulators' information systems, a comprehensive
regulatory background check on an individual would require separate
queries for information on numerous systems, some publicly available
and some not. Consequently, accomplishing routine, comprehensive
regulatory background searches on individuals throughout all the
financial services industries and regulatory entities remains difficult
and impractical. At the same time, through the Sarbanes-Oxley
Act,[Footnote 13] Congress has provided more explicit authority for
financial regulators to consider and take actions based on the
regulatory history of industry applicants. However, without an
effective way of routinely checking the regulatory records of multiple
industries and agencies throughout the financial services sector, some
individuals who self report false information on licensing and
chartering applications are more likely able to avoid being detected by
regulators.
Varied Oversight Structures for Hybrid Products and Lack of Information
Sharing Hinder Consumer Protection:
The multiplicity of regulators that are often involved in the oversight
of hybrid products and the array of information systems that can
capture complaint data create challenges for regulators and consumers
to resolve market problems that may arise. In our current work on
regulatory oversight and information sharing associated with hybrid
financial products (i.e., products with features and characteristics
both of insurance and securities), we found that the regulatory
structures for such products can vary considerably. Often, multiple
financial regulators can have an oversight interest in the creation and
sale of hybrid products and the mix of regulators involved can vary
depending on the product and where it is sold. Additionally, the manner
in which consumer complaint data are collected and stored also varies
considerably among the financial regulators and industries. When a
consumer has a problem with one of these products, commonly complex and
risky by nature, he/she may find it difficult to determine where to
send the complaint. Once complaints are received, financial regulators
are hindered in their ability to fully understand the extent of known
problems with a particular financial product because they lack the
ability to access and analyze relevant data from each other's complaint
systems in a routine, systematic fashion. In an environment where
several regulators can have an oversight interest in a product, we
found numerous examples of complaints received by one regulator that
perhaps should have gone to another, or which, at the least, would have
been of interest to another regulator(s). At the same time, we also
observed that financial regulators have limited means for sharing
relevant complaint data with one another.
Oversight of Hybrid Products and the Regulatory Systems Used to Track
Complaints Vary:
The regulatory oversight of hybrid financial products can vary
considerably depending on the type of product and where it is sold. In
our review of variable annuities, equity-indexed annuities, and
viatical settlements, we found that multiple regulators from the
securities and insurance industries can have oversight responsibilities
and overlapping interests in a particular hybrid product. Moreover, the
oversight structure can differ from state to state and can change over
time, reflecting continued differences among regulators and industry
participants over how such products should be regulated.[Footnote 14]
Figure 1 highlights differences in how these three types of hybrid
products are generally regulated.
Figure 1: Regulatory Oversight of Hybrid Products Varies Depending on
the Type of Product and the State Where It Is Sold:
[See PDF for image]
Notes: Equity-indexed annuities and viatical settlements are generally
not registered as securities with SEC, though SEC can assert oversight
based on the unique facts and circumstances of a particular product.
[End of figure]
Some state insurance and securities regulators have statutory authority
to regulate viatical settlements. Additionally, in states where
securities regulators do not have explicit statutory authority on
viatical settlements, most securities regulators have taken the
position that investments in such products are investment contracts and
believe they should be treated as securities.
Different regulators bring different oversight roles and functions to
the table in the regulation of hybrid financial products--differences
that are important when a consumer needs help to resolve a problem with
a hybrid product. For example, a hybrid product that is considered to
be a security by federal securities regulators must be registered with
the SEC, which ensures that the product's literature contains the
appropriate disclosures to inform the investor of the product's
potential risks. However, SEC generally delegates its oversight of
broker-dealer firms and the sales practices of individual brokers to
several industry organizations and financial exchanges. These are known
as self-regulatory organizations (SROs) and include NASD (formerly the
National Association of Securities Dealers) and the New York Stock
Exchange (NYSE), which regulate the sales practices of their member
firms and individual sales agents. State financial regulators--banking,
insurance, and securities--also play an important role, augmenting the
oversight provided by federal regulators or national SROs.
Variable annuity products are regulated as securities by the federal
government but also fall under the authority of state insurance and
securities regulators. Variable annuities combine traditional life
insurance annuity contracts with an investment component that is
nonguaranteed and can fluctuate with market-based earnings (or
losses).[Footnote 15] At the federal level, the SEC regulates the
registration of variable annuity products. Under federal law, variable
annuity products registered by the SEC are generally exempt from
registration with state securities regulators. In addition, NASD
regulates the sale of these products by broker-dealers. At the state
level, the insurance companies that offer variable annuities generally
fall under the jurisdiction of insurance regulators, though sales of
such products can also fall under the jurisdiction of state securities
regulators, or some combination of both regulators, depending on the
state.
In contrast with variable products, equity-indexed annuities are
generally not subject to federal oversight and thus are typically
regulated by state insurance regulators. While equity-indexed annuity
products also encompass a market-based investment component, they
provide a guarantee on earnings, often in return for less participation
in market gains, to ensure that the purchaser will not incur losses on
the investment in a market downturn.[Footnote 16] Although SEC has
previously solicited comments on whether or not to regulate such
products as securities, it has generally not asserted jurisdiction over
such products.[Footnote 17] However, SEC officials explained that
oversight could be asserted based on the facts and circumstances of an
individual product. NASD does not oversee sales of equity-indexed
annuities, but does offer investor information about these products
while referring consumers to state insurance regulators for questions
concerning these products.
The regulatory structure for viatical settlements, involving the
purchase and sale of insurance policies where terminally ill
policyholders redesignate investors as beneficiaries on their policies
in return for a reduced cash benefit prior to their death, has evolved
in response to market abuses.[Footnote 18] When viatical settlements
were initially introduced in the late 1980s, financial regulators
generally did not have explicit authority to regulate them. As
widespread sales practice abuses later surfaced in connection with
sales of viatical settlements, different federal and state financial
regulators sought increased authority to address the apparent
regulatory gap by seeking explicit authority over such products. For
instance, the Federal Circuit Court for the District of Columbia has
held that viatical settlements are not securities under federal law
and, therefore, are not subject to SEC jurisdiction.[Footnote 19]
However, similar to equity-indexed annuities, while such products are
generally not registered with SEC, the SEC has told us that it may
assert oversight on a case-by-case basis depending on the facts and
circumstances of a particular product or situation. At the state level,
the oversight structure for viatical settlement products changed over
time from that of little effective regulation to that where most states
have taken some legislative or regulatory action to strengthen their
regulatory tools and oversight of such products. However, substantial
variation still exists. Information from state insurance and securities
regulators shows that states now regulate such products either through
their insurance departments, securities departments, or some
combination of both. However, a handful of states still do not
specifically address the regulation of viatical settlements. Moreover,
even in states with a regulatory structure in place, the fraudulent
sale of these products continues to harm consumers in the marketplace,
as evidenced by the recent uncovering of a widespread viatical-related
scam, where investors reportedly may have lost up to $1
billion.[Footnote 20]
A number of regulators collect consumer complaint data about securities
and insurance products, including hybrid products, but once complaints
are received, they are handled differently. Within the securities
industry, regulators at the state and federal levels collect complaints
using their own separate information systems, but not all complaint
data are shared in a systematic fashion. For example, according to
NASAA officials, state securities regulators use their own systems for
tracking complaints they receive. NASAA officials also explained that
complaint data collected by state securities regulators vary in the
level of detail, and only the number of complaints are aggregated on a
nationwide basis.[Footnote 21] Some consumer complaints that result in
settlements or arbitrations above a certain dollar threshold are
entered into the Central Registration Depository (CRD), a system with
information on broker-dealer firms and individuals, including
disciplinary data related to enforcement actions, that is jointly
maintained and operated by NASD and NASAA. Meanwhile, SROs such as NASD
and NYSE do consolidate complaint data on a nationwide basis, requiring
their member firms to enter records of consumer complaints received
into an information system maintained by the SRO.
Within the insurance industry, both state regulators and insurance
firms also record information on consumer complaints but, again, all
the available data are not shared with other regulators. State
insurance regulators receive and record consumer complaint data on
their own systems. However, in contrast with their state counterparts
in the securities industry, state insurance regulators have developed a
mechanism for consolidating records of closed consumer complaints on a
nationwide basis within NAIC's Complaints Database System (CDS). State
insurance departments periodically send data on closed consumer
complaints to NAIC, which consolidates them into CDS. However, NAIC
officials acknowledged that complaint submissions to CDS are voluntary
and that not all states that participate are consistent in reporting
their complaints information to NAIC for inclusion in CDS. Furthermore,
the complaint data in CDS is only accessible by insurance regulators
and is not shared with securities regulators in a routine, systematic
fashion.[Footnote 22] Also, insurance regulators do not have a system
for collecting and consolidating complaints made to insurance firms on
a nationwide basis, in contrast to the SROs in the securities industry.
Thus, because of the varying ways that complaint data are collected,
the available consumer complaint data is not complete, accessible, nor
shared fully, either within or between industries.
Different Regulatory Systems and the Absence of a Capability to Share
Relevant Complaint data Create Challenges for Consumers and Regulators:
The varied regulatory oversight structures associated with hybrid
products and the lack of a systematic means for sharing relevant
complaint data pose challenges for consumers and regulators as problems
in the marketplace arise. As noted earlier, the mix of regulatory
entities with an oversight interest can vary depending on the type of
product and the state. The regulatory structure may also change over
time as financial regulators differ over which regulator is best suited
for a given oversight function. Given this complexity, a consumer's
dilemma about where to send a complaint can be very challenging. For
example, a complaint regarding a fixed annuity that is sent to an NASD
member firm may not be forwarded to the appropriate regulator.
Regulators also face challenges because many do not have a capability
for consistently and routinely sharing complaints they receive that
might be relevant to the oversight interests of other regulators--
either because another regulator has authority to resolve the complaint
or because the complaint is of general interest to multiple regulators.
Regulators in the securities and insurance industries generally have
systems for ensuring that consumer complaints are received,
investigated, and, where possible, resolved. However, consumer
complaints associated with a particular type of product are collected
in various ways among different regulators and systems. We found that
many financial regulators lacked the ability to share consumer
complaints with other regulators within the insurance or securities
industries, or with other regulators between industries, in a routine,
systematic fashion. Consequently, some consumer complaints may never
reach the appropriate regulator. Similarly, those complaints received
by the appropriate regulator for resolution may also be relevant to,
but not shared with, another regulator(s) that has some oversight
responsibility. This can hamper the ability of a given regulator to see
"the big picture" and to fully understand the magnitude of a problem
associated with a given company or product. With the continued growth
of hybrid products, the likelihood increases that regulators will
receive complaints that could be of interest to other regulators.
The most appropriate regulator for a consumer who has a problem with a
hybrid product will depend on the type of product and where it was
sold. For instance, a consumer who has a problem with a variable
annuity would need to determine which regulator oversees the product
and where to send a complaint for resolution--to the regulator or to
the broker that sold them the annuity. While SEC and NASD regulate the
registration and sale, respectively, of variable annuities at the
federal level, oversight of sales practices at the state level may fall
under the jurisdiction of either the insurance department or the
securities department, depending on the state. Accordingly, consumers
would then have to decide where to go for help--SEC, NASD, the state
insurance department, the state securities department, the broker-
dealer firm itself, or perhaps some combination of these. The scenario
could be further complicated if the product were purchased in a banking
institution that also offered financial products through an affiliated
securities or insurance operation, because the consumer would then also
have the option of going to a banking regulator. Finally, other
organizations such as the states' Attorney General offices may also
receive complaints from their citizens. Figure 2 illustrates the
potential confusion facing a consumer trying to decide which regulator
or organization to contact with a complaint about some type of hybrid
product.
Figure 2: A Consumer Can Face a Dilemma over Where to Send a Complaint
for a Particular Hybrid Financial Product:
[See PDF for image]
[End of figure]
While the focus of our work was not to assess the effectiveness or the
quality of the complaints systems of the various regulators, our review
of nationwide complaint data collected in both the securities and
insurance industries identified numerous examples where complaints
received by one regulator also appeared relevant to other regulators.
For example, we reviewed data from the complaints system utilized by
NASD and its member firms, commonly referred to as NASD's 3070
system.[Footnote 23] In 2002, more than one-third of the complaints
recorded in the system were related to annuities or other insurance
products, as shown in table 1. NASD indicated that the data on the
system captured complaints on variable insurance products as well as
fixed insurance products. Oversight of variable life and annuity
insurance products falls under the jurisdiction of federal securities
regulators (SEC and SROs such as NASD and NYSE) and also typically
falls under the jurisdiction of insurance regulators at the state
level. Fixed life and annuity insurance products generally fall under
the jurisdiction of state insurance regulators. While state insurance
regulators may have an oversight interest in some of NASD's 3070
complaint data, such as understanding the nature of the complaints
originating from consumers in their states, they do not have access to
the system. NASD officials told us that data reported by member firms
under Rule 3070 is generally not shared with insurance regulators, nor
is there a requirement to do so.[Footnote 24] Consequently, complaints
on products in this system that do not fall under NASD's jurisdiction,
such as fixed annuities, are not forwarded to the appropriate
regulator.[Footnote 25] State securities regulators we spoke to also
mentioned that the 3070 system data is not regularly shared with them.
Table 1: Number of Complaints Recorded in NASD's Rule 3070 System, by
Product Type (2000-2002):
Product Type: Annuities;
2000: 2,743;
2001: 4,936;
2002: 5,579.
Product Type: Certificates of deposit;
2000: 7;
2001: 86;
2002: 53.
Product Type: Commodities/futures;
2000: 4;
2001: 6;
2002: 10.
Product Type: Commodity options;
2000: 10;
2001: 9;
2002: 2.
Product Type: Debt - asset backed;
2000: 62;
2001: 49;
2002: 61.
Product Type: Debt - corporate;
2000: 239;
2001: 276;
2002: 287.
Product Type: Debt - foreign;
2000: 10;
2001: 9;
2002: 31.
Product Type: Debt - municipal;
2000: 282;
2001: 220;
2002: 193.
Product Type: Debt - U.S;
2000: 189;
2001: 130;
2002: 139.
Product Type: Deposit notes;
2000: 0;
2001: 1;
2002: 4.
Product Type: Direct investments;
2000: 242;
2001: 230;
2002: 162.
Product Type: Employee/employer stock option plans;
2000: 12;
2001: 14;
2002: 12.
Product Type: Equity - foreign;
2000: 49;
2001: 42;
2002: 44.
Product Type: Equity - listed;
2000: 4,215;
2001: 3,027;
2002: 2,810.
Product Type: Equity - OTC;
2000: 6,149;
2001: 3,831;
2002: 2,582.
Product Type: Financial futures;
2000: 14;
2001: 2;
2002: 2.
Product Type: Index options;
2000: 55;
2001: 37;
2002: 44.
Product Type: Insurance;
2000: 6,493;
2001: 6,119;
2002: 7,946.
Product Type: Managed/wrap accounts;
2000: 17;
2001: 78;
2002: 128.
Product Type: Miscellaneous;
2000: 3,013;
2001: 3,199;
2002: 3,369.
Product Type: Money markets;
2000: 899;
2001: 381;
2002: 316.
Product Type: Mutual funds;
2000: 5,227;
2001: 5,835;
2002: 5,945.
Product Type: No product identified;
2000: 5,666;
2001: 5,721;
2002: 6,460.
Product Type: Options;
2000: 1055;
2001: 532;
2002: 429.
Product Type: REITs;
2000: 24;
2001: 43;
2002: 21.
Product Type: Unit investment trusts;
2000: 109;
2001: 97;
2002: 105.
Product Type: Warrants/rights;
2000: 25;
2001: 21;
2002: 24.
Product Type: Wrap accounts;
2000: 335;
2001: 217;
2002: 247.
Product Type: Grand count;
2000: 37,145;
2001: 35,148;
2002: 37,005.
Percent insurance-related[A];
2000: 25%;
2001: 31%;
2002: 37%.
[A] For each year, the Percent Insurance-Related is the sum of the
Annuities and Insurance categories divided by the Grand Count.
[End of table]
We also reviewed nationwide complaint data available in the insurance
industry and again found many complaints that could also be relevant to
securities regulators. During our review of the available data in CDS
maintained by NAIC, we observed examples of complaints on variable life
and annuity products that also appeared relevant to securities
regulators that have primary jurisdiction over such products. However,
because of confidentiality concerns, financial regulators other than
state insurance regulators do not have direct access to CDS, though
some aggregate data by company is publicly available, as previously
mentioned. NAIC officials indicated that the complaint data in CDS is
not shared with securities regulators in a routine, systematic fashion.
Challenges to Improve Regulatory Information Sharing Include the
Protection of Sensitive Data:
As we reported in previous work, generally speaking the concerns that
financial regulators expressed to us about sharing more regulatory
information with one another were not technological in nature; rather,
they centered around the need to protect sensitive data. In particular,
in providing comments on proposals for an information-sharing network,
regulators expressed concern over what specific regulatory information
might be appropriate to share, the types of entities that would have
access to such data, and liability issues surrounding the release of
unsubstantiated information.
Financial regulators generally did not express concern about sharing
basic regulatory history data on closed disciplinary or enforcement
actions. The majority of such information is already publicly
available, although not necessarily easily accessible. Such information
could convey whether an individual was registered in a particular
financial industry and any closed regulatory actions tied to the
individual's activities in that industry. The threshold of concern
rises as the sensitivity of the regulatory data rises, particularly
when the information has not been substantiated or pertains to an
ongoing investigation. For example, in previous work, several financial
regulators pointed out that the untimely release of information on an
open investigation could jeopardize that investigation and existing
sources of information.
Regulators were also concerned about the release of regulatory data to
entities or individuals who do not have regulatory authority. In
previous testimony, we reported that financial regulators in both the
banking and securities industry believed that NAIC's status as a
nonregulatory entity was a barrier to releasing regulatory data to it,
even though NAIC is comprised of, and operates on behalf of, state
insurance regulators. Also, some financial regulators expressed concern
over the varying degrees to which individual states are obligated to
protect regulatory information and, thus, the different degrees of
protection that could result as such information is released among
state regulators.
Additionally, regulators brought up concerns about the potential
liability associated with disclosing some of the information maintained
in their databases. Financial regulators noted that some of their
regulatory data are self-reported or otherwise unsubstantiated. Release
of unsubstantiated information, particularly with regard to customer
complaints and open investigations, raised liability concerns for some
regulators. Regulators noted that the appropriate sharing and use of
this sensitive data must be considered because of its highly
prejudicial nature and the potential detriment to the party in
question. Some regulators also questioned whether a proposed system or
mechanism for sharing each other's regulatory information would violate
the Privacy Act's prohibition against the nonconsensual disclosure of
personal information contained in records maintained by federal
agencies. While there are numerous exemptions to this prohibition,
including the "routine use" exemption,[Footnote 26] regulators
cautioned that the Privacy Act and its goal of safeguarding individual
privacy should receive due consideration.
While the extent of regulatory information that should be shared
remains an open question, the regulators we previously contacted
generally agreed that some degree of information-sharing capability
would be useful. From our past work, most generally supported an
approach whereby they would share some basic regulatory information on
individuals, such as whether or not they were registered in another
financial industry and had a disciplinary record. Previously, we
suggested that a needs assessment be conducted to determine the data
elements most useful to each of the financial regulators and the extent
to which each regulatory authority would be obligated to safeguard the
data it collects from its industry. A key issue related to such an
assessment is balancing one regulator's "need to know" with another's
need to safeguard or restrict confidential or sensitive regulatory
information. Additionally, from our previous work, financial regulators
emphasized that maintaining a centralized database containing all of
the regulatory data of each financial industry may be costly and
difficult to maintain. They pointed out that the vast majority of
applicants were not likely to be carrying a blemished regulatory
history from another financial services industry. Nevertheless, most
financial regulators appeared to support the concept of an information-
sharing approach that allows access to basic regulatory information to
flag problems disclosed by regulators in connection with an
individual's activities in other financial services industries.
Observations:
Effective regulation depends on many factors. However, one of the most
important is the extent to which regulators have access to complete and
correct information. Financial regulators face challenges in accessing
and sharing information relevant to their oversight responsibilities,
including criminal history, regulatory enforcement, and consumer
complaint data. We have previously suggested that insurance regulators
were at a considerable disadvantage relative to regulators in other
financial industries because of their lack of access to FBI criminal
history data. This disadvantage continues to be a problem today.
Similarly, in today's world of technological innovation and converging
financial markets, better information sharing of both regulatory
enforcement and consumer complaint data within and between financial
industries would improve the ability of financial regulators to protect
both individual consumers and the public at large. In particular,
regulators would be better positioned to recognize and reduce the
movement of rogues from one industry to another. Furthermore, improving
financial regulators' ability to readily access or share relevant
consumer complaints in a coordinated, systematic fashion would not only
improve their ability to resolve those complaints, but also help them
ascertain the overall magnitude of market problems with a given product
or company. Moreover, better and more consistent information sharing
may facilitate joint efforts to investigate and prosecute fraudulent
behavior in the financial services industries.
GAO has long advocated better information sharing among financial
regulators but recognizes regulators' legitimate concerns in connection
with the sharing of sensitive data. Legislative actions will be needed
to address issues related to the sharing of sensitive information.
Ultimately, the successful implementation of expanded or new
information-sharing capabilities or tools will depend on the extent to
which protections are in place to make financial regulators feel
comfortable in sharing sensitive regulatory information with one
another. Difficult issues must be addressed in order to make this a
reality, and regulators will have to overcome some level of inertia and
resistance to change. The Committee's continued endorsement and
encouragement for improvement in the interindustry sharing of criminal
and regulatory information should provide an important impetus to
succeed.
Agency Comments:
We requested comments on a draft of this correspondence from SEC, NASD,
NASAA, and NAIC. We received general comments and technical suggestions
from the Associate Director of the Division of Investment Management of
SEC, the Associate Vice President for Government Affairs of NASD, the
Director of Policy of NASAA, and the Executive Vice President and Chief
Executive Officer of NAIC. Officials from these organizations responded
that they generally concurred with the report's findings and message
and offered technical suggestions that we incorporated where
appropriate.
As agreed with your office, unless you publicly release its contents
earlier, we plan no further distribution of this correspondence until
30 days from its issuance date. At that time we will send copies to the
Ranking Minority Member of the Committee on Financial Services and to
other interested congressional members and committees. We will also
make copies available to others upon request. In addition, this report
will also be available at no charge on GAO's Web site, http://
www.gao.gov. Please contact me or Lawrence D. Cluff at (202) 512-8678
if you or your staff have any questions about this report. Major
contributors to this report were Barry Kirby, Tarek Mahmassani, Angela
Pun, Barbara Roesmann, and Paul Thompson.
Sincerely yours,
Signed by:
Richard J. Hillman
Director, Financial Markets and Community Investment:
[End of section]
Enclosure I:
In conducting our work, we reviewed the regulatory oversight structure
for different hybrid financial products and also collected and assessed
the nature of complaint data received by various financial regulators.
To understand the different regulatory entities that could have an
oversight interest in a particular hybrid product, we compared and
contrasted the regulatory oversight structures associated with three
different hybrid financial products--variable annuities, equity-
indexed annuities, and viatical settlements. To assess the extent and
nature of regulatory information sharing that occurred between
financial regulators, we reviewed how different regulators collected
and consolidated consumer complaint data, and highlighted examples
where consumer complaints appeared relevant to other regulator(s). The
focus of our review was not to assess the quality of the complaint
systems data from regulators, though we did collect some basic
information related to data quality and known reliability issues, but
rather to generally understand the manner in which such data are shared
among regulators. During our work we interviewed and collected
information or regulatory data from officials at the National
Association of Insurance Commissioners, state insurance regulators, the
Securities and Exchange Commission, NASD (formerly the National
Association of Securities Dealers), the New York Stock Exchange, the
North American Securities Administrators Association, state securities
regulators, the National Futures Association, the Federal Reserve
Board, the Office of the Comptroller of the Currency, the Office of
Thrift Supervision, and the Federal Deposit Insurance Corporation. We
conducted our work between November 2002 and May 2004 in accordance
with generally accepted government auditing standards.
FOOTNOTES
[1] In this report, financial regulators are the regulators of the
financial services industries.
[2] In this report, hybrid financial products refer to those products
having both insurance-and securities-related features.
[3] The FBI and the National Association of Insurance Commissioners
provided information on the state insurance departments authorized to
obtain FBI criminal history information.
[4] U.S. General Accounting Office, Insurance Regulation: Scandal
Highlights Need for Strengthened Regulatory Oversight, GAO/GGD-00-198
(Washington, D.C; Sept. 19, 2000); Insurance Regulation: Scandal
Highlights Need for Strengthened Regulatory Oversight, GAO/
T-GGD-00-209 (Washington, D.C; Sept. 19, 2000); U.S. General
Accounting Office, Financial Services Regulators: Better Information
Sharing Could Reduce Fraud, GAO-01-478T (Washington D.C; Mar. 6,
2001).
[5] NAIC, formed in 1871, is a voluntary organization of the chief
insurance regulatory officials of the 50 states, the District of
Columbia, and four U.S. territories. It does not have regulatory
authority over the state insurance departments. NAIC provides a forum
for the development of uniform policy when uniformity is deemed
appropriate. It assists state insurance regulators by offering
financial, actuarial, legal, computer, research, market conduct, and
economic expertise to carry out financial and consumer protection
oversight functions.
[6] Under 18 U.S.C. § 1033, a person who has been convicted of any
criminal felony involving dishonesty or a breach of trust or any
offense described in the section may engage in the business of
insurance only through the written consent of an insurance regulatory
official authorized to regulate the insurer.
[7] GAO-01-478T.
[8] Pub. L. No. 106-102 (1999). In Subtitle C of Title III, GLBA called
for a majority of states to either adopt uniform producer licensing
laws or reciprocate with other states in the licensing process by
November 2002 to avoid the establishment of a body, the National
Association of Registered Agents and Brokers, which would take over
producer licensing functions from the states. In 2002, NAIC certified
that the majority of states satisfied the provisions in GLBA by
reciprocating with other states in the licensing process. However, some
states did not reciprocate at the time because they were reluctant to
accept industry applicants who were licensed in other states that use
less stringent licensing standards.
[9] U.S. General Accounting Office, State Insurance Regulation: Efforts
to Streamline Key Licensing and Approval Processes Face Challenges,
GAO-02-842T (Washington D.C.: June 18, 2002).
[10] Regulatory background information would, among other things,
include the licensing or registration status and employment history of
an individual.
[11] For the purposes of this report, the term "federal banking
regulators" includes the Federal Reserve Board, Office of the
Comptroller of the Currency, Office of Thrift Supervision, Federal
Deposit Insurance Corporation, and National Credit Union
Administration.
[12] NASAA, organized in 1919, is a voluntary association whose
membership consists of 66 state, provincial, and territorial securities
administrators in the 50 states, the District of Columbia, Puerto Rico,
Canada, and Mexico. In the United States, NASAA represents the 50 state
securities agencies and provides information and expertise related to
capital formation and investor protection.
[13] Under section 604 of the Sarbanes-Oxley Act, Pub. L. No. 107-204
(2002), SEC may consider the regulatory history of an individual in
deciding on the individual's fitness for registration as a broker,
dealer or investment advisor. Specifically, the SEC is authorized to
limit, suspend, or revocate the registration of persons who have been
barred or subjected to sanctions by a state securities, banking, or
insurance regulator because of fraudulent, manipulative, or deceptive
conduct. See 15 U.S.C. § 78o (b)(4)(H) (2000 & 2003 Supp.).
[14] Regulatory oversight of some hybrid products could change over
time, as debates continue over which regulatory entity is best suited
for a particular product. For instance, a key debate among financial
regulators is whether or not sales of variable life and annuity
products should be regulated as insurance or securities products at the
state level. State securities regulators have argued that they have
greater securities-related expertise and more comprehensive oversight
to help ensure that sales of such products are suitable for the
investor as compared to their insurance counterparts. Securities
regulators also maintain that they have more enforcement authority and
tools to pursue cases of sales practice abuse tied to variable
products. In contrast, insurance regulators and industry
representatives maintain that oversight of variable products as
securities at the federal level coupled with oversight as insurance at
the state level is sufficient. Parties opposed to state securities
oversight of variable product sales argue that such a regulatory
framework would create "four layers" of regulatory oversight--SEC,
NASD, state insurance departments, and state securities departments--
resulting in greater costs and duplicative regulatory functions.
Recently, both securities and insurance regulators have each developed
legislative proposals to help strengthen their regulatory authority
over sales practices tied to sales of variable insurance products.
[15] Variable annuities were first introduced in the 1950s and are a
multibillion dollar business in the United States, with sales of
variable products exceeding $94 billion through the first three
quarters of 2003. Variable annuities are designed to provide tax
deferral benefits of annuities. Under an annuity contract, an insurer
agrees to make a series of payments for a specified period or for the
life of the contract holder, providing insurance against the
possibility that the contract holder will outlive his or her assets
during the period covered under the contract. The payments are either
fixed or may vary from payment to payment. The cash value of the
contract is invested in an insurer account, which offers the contract
holder a number of investment options. The contract holder's premiums
are typically allocated to mutual funds that invest in stocks, bonds,
money market instruments, or some combination thereof. The values of
the investment and the periodic payments vary, much like a securities
product, depending on the performance of the chosen investment option.
Variable annuities also have a death benefit. If a contract holder dies
before the insurer has started to make payments, a designated
beneficiary is guaranteed to receive a specified amount of money.
[16] Equity-indexed products are annuities or life insurance contracts
on which the returns from the annuities are credited to contract
holders using a fixed formula based on changes in an equity index such
as the S&P 500. Equity-indexed annuities are different from fixed
annuities because they credit interest using a formula based on changes
in the index to which the annuity is linked. However, equity-indexed
annuities are similar to fixed annuities in that they guarantee a
minimum interest rate. The annuities are designed to protect holders
against severe downturns in the market. Total sales of equity-indexed
annuities during 2002 reached approximately $13 billion.
[17] On August 20, 1997, SEC solicited comments on a Concept Release
concerning the structure of equity index insurance products, the manner
in which they are marketed, and other matters of consideration in
addressing federal securities law issues raised by equity index
insurance products (Release No. 33-7438; File No. S7-22-97).
[18] Viatical settlements are a more recent hybrid product, developed
in the late 1980s. Sales of viatical settlements have grown from $90
million in 1991 to approximately $1 billion in 2000. Viatical
settlements are contracts under which investors purchase an interest in
the life insurance policies of terminally ill individuals. When the
insured individuals die, the investors receive the benefit of the
insurance. More specifically, investors purchase policies (or parts of
policies) at prices below the value of the death benefits. Because of
uncertainties in predicting when someone will die, these investments
are extremely speculative. If the seller dies sooner than expected, an
investor may receive a higher return. But if the seller lives longer
than expected, the return will be lower. An investor can lose part of
or all of his/her principal investment if the person lives long enough
that the investor has to pay additional premiums to maintain the
policy. This element of risk is a securities feature of viatical
investments.
[19] Securities and Exchange Commission v. Life Partners, Inc., 87 F.3d
536 (D.C. Cir. 1996), reh'g denied, 102 F.3d 587 (D.C. Cir. 1996). The
SEC has taken action for fraud against enterprises that sell securities
backed by viatical settlements, however. See. SEC Litigation Rel. No.
18346 (Sept. 11, 2003).
[20] In May 2004, SEC and other federal and state regulators shut down
the operations of Mutual Benefits Corp. in Florida to halt an alleged
billion dollar fraudulent securities offering. Regulators are
attempting to recover what is left of the $1 billion on behalf of
investors in this scandal, which follows several other scandals in the
viatical industry in recent years. In February 2002, the House
Financial Services Committee held a hearing on fraudulent activities
taking place in conjunction with viatical sales in the marketplace.
[21] NASAA officials indicated that they send their members an annual
survey focusing on completed enforcement actions. In addition, from
time to time, NASAA surveys its members on a variety of specific
issues, often in response to requests for information from
congressional committees. NASAA officials also mentioned that the last
two surveys included a question designed to gather information on the
number of complaints received.
[22] NAIC has implemented the Consumer Information Source (CIS), an
application available from its Web site, with public disclosure of
aggregate complaint data by company on a state-by-state basis.
Consumers may access the following from CIS: (1) the total number of
complaints for a selected company in each state, (2) the total number
of complaints by type of coverage, (3) the reason the complaint was
filed and disposition of the complaint, (4) the ratio of a company's
market share of complaints compared to the company's market share of
premiums for a specific policy type, and (5) the total complaint counts
by year with the percent change of counts between years.
[23] NASD Rule 3070 requires that member firms record certain
information on consumer complaints received for statistical and
regulatory oversight purposes.
[24] NASD does refer insurance-related complaints to insurance
regulators that are received directly from investors.
[25] Individual sales agents are often dually registered as broker-
dealers as well as insurance agents, allowing them to engage in sales
of products regulated as securities by SEC and NASD (e.g., variable
annuities), as well as products generally regulated solely as insurance
by state insurance regulators (e.g., fixed annuities).
[26]The routine use exemption permits nonconsensual disclosure of
personal information when the internal use of the information that is
disclosed is compatible with the purpose for which it was originally
collected.
GAO's Mission:
The General Accounting Office, the audit, evaluation and investigative
arm of Congress, exists to support Congress in meeting its
constitutional responsibilities and to help improve the performance and
accountability of the federal government for the American people. GAO
examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through the Internet. GAO's Web site (www.gao.gov) contains
abstracts and full-text files of current reports and testimony and an
expanding archive of older products. The Web site features a search
engine to help you locate documents using key words and phrases. You
can print these documents in their entirety, including charts and other
graphics.
Each day, GAO issues a list of newly released reports, testimony, and
correspondence. GAO posts this list, known as "Today's Reports," on its
Web site daily. The list contains links to the full-text document
files. To have GAO e-mail this list to you every afternoon, go to
www.gao.gov and select "Subscribe to e-mail alerts" under the "Order
GAO Products" heading.
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. General Accounting Office
441 G Street NW, Room LM
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000
TDD: (202) 512-2537
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: www.gao.gov/fraudnet/fraudnet.htm
E-mail: fraudnet@gao.gov
Automated answering system: (800) 424-5454 or (202) 512-7470:
Public Affairs:
Jeff Nelligan, Managing Director,
NelliganJ@gao.gov
(202) 512-4800
U.S. General Accounting Office,
441 G Street NW, Room 7149
Washington, D.C. 20548:
