How to Write a Regulatory Compliance Manual for a Pet Insurance MGA
How to Write a Regulatory Compliance Manual for a Pet Insurance MGA
A well-structured compliance manual is not optional your carrier requires it, state DOIs expect it during examinations, and your team needs it as an operational reference. This guide walks through every section your manual should contain.
Why Do You Need a Compliance Manual?
A compliance manual is essential because it serves as both a regulatory requirement and an operational backbone for your MGA. Carriers demand it as a BAA condition, state DOIs review it during examinations, and your team relies on it as the single source of truth for compliance procedures.
1. Regulatory Expectation
- Carriers require documented compliance programs as a BAA condition
- State DOIs review compliance manuals during market conduct examinations
- NAIC Model Act implies written procedures for MGA operations
- Demonstrates "culture of compliance" to regulators
2. Operational Value
- Single source of truth for compliance procedures
- Training tool for new employees
- Reference during regulatory inquiries
- Evidence of good faith compliance efforts
- Reduces individual dependency on institutional knowledge
How Should You Structure the Manual?
The manual should be organized into clearly defined sections that cover every regulatory and operational area your MGA touches. A well-structured table of contents allows staff and examiners to quickly locate relevant procedures and policies.
1. Recommended Sections
| Section | Purpose |
|---|---|
| 1. Company Overview | Entity structure, regulatory status, carrier relationships |
| 2. Licensing Matrix | Active licenses by state, renewal dates, key contacts |
| 3. Authority Limits | Binding authority, claims authority, policy limits |
| 4. Underwriting Compliance | UW guidelines, prohibited practices, documentation |
| 5. Claims Handling | Claims procedures, timelines, escalation |
| 6. Complaint Management | Intake, tracking, resolution, DOI response |
| 7. Privacy & Data Security | CCPA, state privacy, data handling |
| 8. AML/OFAC | AML program, screening procedures |
| 9. Producer Management | Appointment, monitoring, termination |
| 10. Advertising Compliance | Review process, prohibited practices |
| 11. Market Conduct | Fair dealing, consumer protection |
| 12. Record Retention | Retention schedule by document type |
| 13. Audit Preparation | Carrier audit, DOI examination readiness |
| 14. Annual Review | Update schedule, version control |
What Should Each Section Cover?
Each section of the compliance manual should provide specific procedures, responsible parties, regulatory references, and actionable guidance. Below is a detailed breakdown of what to include in every major section of your manual.
1. Company Overview
Include:
- Legal entity name and structure
- State of domicile and formation date
- Federal EIN
- Carrier relationships and BAA summary
- Organizational chart
- Key personnel and their compliance responsibilities
2. Licensing Matrix
Document for each state:
- License type (resident, non-resident, surplus lines)
- License number and effective date
- Renewal date and requirements
- Lines of authority
- Appointed carrier(s)
- Key contact at state DOI
Update this section whenever licenses are added, renewed, or terminated.
3. Authority Limits
Clearly document:
- Binding authority limits (per policy, aggregate)
- Claims settlement authority limits
- Premium collection authority
- Prohibited actions (what you cannot do without carrier approval)
- Escalation procedures when limits are approached
4. Underwriting Compliance
Cover:
- Underwriting guidelines summary and location of full guidelines
- Prohibited underwriting practices (unfair discrimination, redlining)
- Required documentation for each policy type
- Exception approval process
- Rate compliance (using only filed and approved rates)
- State-specific underwriting requirements
5. Claims Handling Procedures
Detail:
- Claims intake process and acknowledgment timelines
- Investigation procedures
- State-specific prompt payment requirements
- Claims decision standards
- Denial letter requirements by state
- Appeals process
- Escalation to carrier for claims exceeding authority
- Claims workflow guidance
6. Complaint Management
Document:
- Complaint definition and categorization
- Intake procedures (phone, email, mail, DOI referral)
- Response timelines by state
- Investigation and resolution procedures
- DOI complaint response protocol
- Complaint tracking and reporting
- Root cause analysis process
- Complaint ratio monitoring
7. Privacy and Data Security
Include:
- Data inventory (what personal data you collect and store)
- Privacy policy requirements
- CCPA/CPRA compliance procedures
- State-specific privacy obligations
- Data breach response plan
- Vendor data security requirements
- Employee data handling training
- Data privacy details
8. AML/OFAC Program
Cover:
- AML risk assessment
- Customer identification procedures
- OFAC screening process
- Suspicious activity detection and reporting
- Record keeping requirements
- Training program
- Independent testing schedule
- AML program details
9. Producer Management
Document:
- Agent appointment process
- License verification procedures
- Training requirements
- Commission disclosure
- Monitoring and oversight
- Termination procedures and reporting
- Agent appointment guide
10. Advertising Compliance
Include:
- Pre-approval process for marketing materials
- Prohibited advertising practices
- State-specific filing requirements
- Social media compliance guidelines
- Testimonial and endorsement rules
- Record retention for advertising materials
11. Market Conduct Standards
Cover:
- Fair dealing principles
- Consumer protection obligations
- Disclosure requirements
- Cancellation and refund procedures
- Free-look period compliance
- Non-discrimination policies
12. Record Retention
Document retention periods:
| Record Type | Retention Period |
|---|---|
| Policy files | Life of policy + 7 years |
| Claims files | Resolution + 7 years |
| Complaints | Resolution + 5 years |
| Financial records | 7 years |
| AML records | 5 years |
| Training records | 5 years |
| Advertising materials | 3–5 years |
13. Audit Preparation
Maintain readiness for:
- Carrier annual audits
- State DOI market conduct examinations
- Financial examinations
- Targeted regulatory inquiries
Include:
- Pre-audit checklist
- Document gathering procedures
- Staff interview preparation
- Post-audit remediation process
- Market conduct exam preparation
14. Annual Review
Establish:
- Annual review date and process
- Responsible parties for each section
- Version control and change log
- Board or management approval requirement
- Distribution to staff after updates
What Are the Best Implementation Tips?
The most effective compliance manuals are practical, accessible, and supported by ongoing training and accountability structures. Implementation should focus on making the manual a living document that staff actually use rather than a shelf reference.
1. Make It Practical
- Write in plain language, not legal jargon
- Include flowcharts for complex processes
- Provide templates for common compliance tasks
- Link to detailed SOPs for each procedure
- Make it searchable (digital format)
2. Training
- Train all staff on relevant sections during onboarding
- Annual refresher training on key topics
- Role-specific training (claims staff, underwriting staff, etc.)
- Document all training completion
3. Accountability
- Assign compliance manual ownership to compliance officer
- Establish clear escalation paths
- Include consequence framework for non-compliance
- Regular compliance committee meetings
For compliance monitoring programs, see our guide to ongoing compliance oversight.
Frequently Asked Questions
Why does a pet insurance MGA need a compliance manual?
Carriers require it, state DOIs review it during examinations, and it's the operational guide for your compliance team.
What sections should a compliance manual include?
Licensing matrix, claims handling, complaint management, privacy, AML, advertising, market conduct, producer management, audit preparation, and annual review.
How often should it be updated?
At minimum annually, plus whenever there are material regulatory changes or new market entries.
Who should write it?
The compliance officer or general counsel, with input from operations, claims, IT, and marketing. External counsel should review.
What happens if an MGA lacks a compliance manual during a DOI examination?
The MGA risks examination findings, remediation orders, potential fines, and increased regulatory scrutiny. It also signals a weak compliance culture to both regulators and carriers.
How long should a compliance manual be?
Typically 50 to 150 pages depending on the number of states and complexity of operations. Prioritize clarity and usability over length.
Can a compliance manual be maintained in digital format?
Yes, and digital is preferred. A searchable, version-controlled digital format makes updates easier and distribution more efficient. Many MGAs use internal wikis or compliance platforms.
Should the manual address cybersecurity?
Yes. Include cybersecurity procedures aligned with the NAIC Insurance Data Security Model Law, covering incident response, access controls, encryption, and vendor security assessments.
External Sources
Internal Links
- Explore Services → https://insurnest.com/services/
- Explore Solutions → https://insurnest.com/solutions/
