New York State now requires that insurers match their policy data to the Social Security Administration’s Death Master File (SSA DMF). This emergency rule, which became effective June 14, 2012, “applies to (1) every policy issued by a domestic insurer and any account established under or as a result of such policy and; (2) every policy delivered or issued for delivery in New York by an authorized foreign insurer and any account established under or as a result of such policy.”
This rule requires no less frequent than quarterly matching to the SSA DMF using fuzzy logic, specifically stating that “Every insurer shall implement reasonable procedures to account for common variations in data that would otherwise preclude an exact match with the death index, including (i) nicknames, initials used in lieu of a first or middle name, use of a middle name, compound first and middle names, and interchanged first and middle names; (ii) compound last names, and blank spaces or apostrophes in last name; (iii) incomplete date of birth data, and transposition of the “month” and “date” portions of the date of birth; (iv) incomplete social security number; and (v) common data entry errors in name, date of birth and social security data. The requirements set an extremely high bar for insurers and the grace period for compliance has come and gone.
The following challenges associated with these regulations can be used to guide your decision making process on the best way to move forward for your company:
Weekly DMF Updates & Full File Reviews Require Strong Data Management Resources
Section 226.4.b.1 calls for insurers to use the latest version of the Social SSA DMF to match every policy. Since the NTIS releases weekly updates, this provision will not be practical for many insurers who wish to process internally as it requires significant resources to download transactions and update ~100 million records followed by a comprehensive books and records review – all within a short window. Because older policy data seldom changes and considering the lengthy beneficiary outreach process and traditional dormancy timelines, some view this requirement as excessive and argue that less frequent updates and reviews should be sufficient. As it stands, this regulation means that many insurers choose to rely on 3rd party data management experts who are accustomed to handling this volume of data efficiently.
Vague Fuzzy Matching Logic Leaves Room for Costly Misinterpretation
Section 226.4.f.1 outlines generic fuzzy matching guidelines which leave room for misinterpretation. It seems clear that the Regulatory Settlement Agreements (RSA) were modeled on the more detailed Global Resolution Agreements (GRA), as they use similar language and examples. The NCOIL Model Unclaimed Property Act and state-specific legislation were modeled from the broader RSAs, but lack similar details on matching logic and tolerances. The good intention behind the lack of specifics may be to provide insurers with greater latitude on approach; however, this has its risks. While the goal of these regulations is to determine which individuals are deceased, the lack of clear direction can lead to inadvertently failing to identify many legitimate decedents. Conversely, the “SSN-only” matching rules can result in a significant proportion of false positives, over 10% in many cases. The net result can be a big investment in post process research to verify each determination in order to eliminate costly false positive matches. High error rates raise concern that insurers may not be applying rules correctly. This ambiguity can leave an insurance company unable to define their true level of exposure. One recommendation is to apply the standards that have been modeled on formal settlement agreements already approved by the states. Meeting these standards can reduce the cost of compliance as one consistent approach can satisfy a wide range of state-specific requirements.
Proven Tactics Cannot be Employed if Not Applied to Both Annuities as well as Life Policies
Section 226.4.c states that if an insurer uses an alternate deceased source to terminate benefits, it must do the same for the life insurance policies as well. Insurers can often establish a positive ROI even when adding the expense of external data sources and additional research to detect fraud. However, if these same insurers now need to screen using costly research options on large volumes of life insurance policies, any positive ROI will quickly diminish. As a result, many may opt to reduce the intensity of their fraud detection efforts on their annuity and long term care business lines to reduce the hard costs that they would incur on the life side. The result will be that no one wins but the criminals. Similarly, section 226.4.d applies to frequency of processing whereby if an insurer conducts death matching more frequently to terminate benefits, then they also have to do it more frequently on life insurance policies. This can be an even larger concern for some insurers.
Linking Decedents across Business Lines Requires Niche Expertise
Insurance providers are obligated to link confirmed death matches to all other policies and insurers in its holding company. This presents a major challenge for many insurance companies who are seeking to perform these services in-house. Householding techniques are best performed by data management experts who are accustom to dealing with disparate data sources across business lines with varying field formats and other anomalies which add complexity to what seems like a basic task. This is especially important in those scenarios where a reliable social security number is missing and other elements must be relied upon for creating a matching mechanism.
Section 226.4.2 allowed insurers a 150 day grace period to comply with this new emergency rule… and the time is up. New York has made its intentions clear and those insurers that have not yet implemented a formal solution are currently at risk. If you lack the internal resources to accomplish these objectives, it is time to research 3rd party alternatives that you can trust.
