5.3 Federal Regulation

State Primacy: McCarran-Ferguson

The McCarran-Ferguson Act of 1945 is the cornerstone of insurance regulation. It declares that regulating insurance is the business of the states and that federal law does not preempt state insurance law unless a federal statute specifically targets insurance. Federal antitrust laws (Sherman, Clayton) apply only to the extent insurance is not regulated by state law. Result: there is no single federal insurance regulator; each state department licenses producers and approves products.

A practical note: in 2010 Congress created the Federal Insurance Office (FIO) inside the Treasury to monitor the industry, but the FIO has no licensing or rate authority — it does not override state primacy. McCarran-Ferguson still controls.

The NAIC

The National Association of Insurance Commissioners (NAIC) is a coordinating body of the state commissioners. It drafts model laws and model regulations to promote uniformity, but it has no direct authority — a model has legal force only when a state legislature adopts it. Exam tip: the NAIC recommends; the states enact and enforce.

The NAIC also operates shared tools such as the producer database and accreditation standards, but it cannot license a producer or fine an insurer — only a state department of insurance can. This is why the same product can be approved in one state and rejected in another even though both follow NAIC guidance.

Privacy & Consumer-Report Laws

• Fair Credit Reporting Act (FCRA): governs consumer and investigative consumer reports used in underwriting. The applicant must be notified that a report may be requested, may learn its nature and scope, and — if adverse action is taken — must receive the name and address of the reporting agency.

An investigative consumer report digs deeper through personal interviews with neighbors, employers, or associates about character and lifestyle; because it is more intrusive, FCRA requires advance written notice to the applicant, who may then request a complete disclosure of the report's nature and scope.

• Gramm-Leach-Bliley Act (GLBA): the financial-privacy law. Insurers must deliver a privacy notice at the start of the relationship and annually, and must give an opt-out before disclosing nonpublic personal information (NPI) to nonaffiliated third parties. The Safeguards Rule requires protecting customer data.

These two laws separate how data is gathered (FCRA) from how data is shared (GLBA). FCRA is the underwriting-input law; GLBA is the data-sharing law — a common exam distractor swaps the two.

Marketing Laws: Do-Not-Call & CAN-SPAM

• Telephone Consumer Protection Act / Do-Not-Call Registry: producers must scrub call lists against the National Do-Not-Call Registry, honor consumer requests, restrict calls to 8 a.m.-9 p.m. local time, and identify themselves. An established business relationship allows limited contact.
• CAN-SPAM Act: governs commercial email. Messages must have accurate header/subject lines, identify the message as an ad, include a valid physical postal address, and provide a working opt-out that is honored promptly.

USA PATRIOT Act & Anti-Money-Laundering

Insurers issuing cash-value life and annuity products must maintain an AML program: customer identification, employee/producer training, and filing Suspicious Activity Reports (SARs) for transactions that may involve money laundering (e.g., large cash premiums, early surrenders, third-party funding). Producers are part of the insurer's AML compliance chain.

ERISA Basics

The Employee Retirement Income Security Act (ERISA) is the federal law governing private employer-sponsored retirement and welfare benefit plans, including group life. It sets standards for fiduciary conduct, reporting and disclosure (Summary Plan Description), participation, and vesting, and is enforced by the Department of Labor. ERISA does not apply to individual policies or to government/church plans.

Insurance Fraud: 18 U.S.C. 1033 & 1034

The federal Fraud and False Statements statutes are heavily tested:

• 18 U.S.C. 1033 makes it a federal crime to engage in deceptive acts or false statements affecting interstate insurance commerce, and prohibits anyone convicted of a felony involving dishonesty or breach of trust from working in insurance without written 1033 consent (a waiver) from the state insurance commissioner.
• 18 U.S.C. 1034 gives the U.S. Attorney General civil enforcement authority to seek injunctions and penalties against those who violate 1033.

Violations carry fines and up to 10 years (or life if a death results) imprisonment.

Why Federal Rules Still Matter for a State License

Even though insurance is state-regulated, the exam asks about these federal layers because they apply on top of state law:

A producer who violates a federal rule can also lose the state license, because state law generally treats a federal-law violation as independent grounds for suspension or revocation of the producer's license.