A chalkboard with the words ISO in front (Insurance Services Office) and “Virus Exclusion Endorsement” written on the board in chalk.

The Insurance Services Office (commonly referred to as the “ISO”) is involved with virtually every person, business, association, and governmental entity in the United States. Yet most people have no idea what it is and how big of a role it plays in the background of risk, finance, and insurance.

The ISO was created in 1971 as an advisory and rating organization for the property and casualty insurance industry. It initially provided statistical and actuarial services and developed programs designed to help insurance companies meet state regulatory requirements.

During the pandemic and its aftermath, many businesses have been seeking greater transparency about ISO to find out more about the role it played in shaping the business interruption policy forms and virus exclusions which many insurers used to determine that policies didn’t afford coverage for businesses’ income losses caused by COVID-19.

In this blog we’ll examine what the ISO is, how it developed into the entity it is today, and what role it plays in shaping insurance companies’ standard practices.

Two people in an office reviewing paperwork with the scales of justice sitting on the desk

What does the Insurance Service Office do?

According to a 2013 Market Conduct Examination of the ISO, the basic function of the organization includes:

‘developing programs to help insurers define and manage insurance products and provid[ing] information to help insurers determine their own independent premium rates. Insurers use ISO offerings primarily in their product development, underwriting and rating functions.

ISO serves insurers, reinsurers, insurance producers, insurance regulators, risk managers and other participants in the property/casualty insurance marketplace.’

Some of the products and services ISO provides these organizations include:

  • Statistical and actuarial services
  • Specific language for insurance policies
  • Standardized rules for writing and rating insurance policies
  • Data to help insurers make their own pricing decisions
  • Fine-grained information about specific communities and properties
  • Tools for predictive modeling risk scoring

A November 2009 SEC filing states that the “Insurance Services Office… enable[s] risk-bearing businesses to better understand and manage their risks” by providing them with proprietary data, analytics methods, and “embedded decision support solutions.” These tools can be used to detect fraud and predict and quantify loss in a range of different industries and contexts.

The history of the Insurance Services Office

A 2013 Market Conduct Examination of the ISO provides a fairly good history of the organization. The ISO was initially formed in 1971 through the consolidation of a number of regional, state, and national rating bureaus for property and casualty insurance. Initially a non-profit unincorporated association, it became a non-profit corporation in 1983.

By the end of the 80s and into the 90s, ISO saw some significant changes in its structure. The 2013 examination indicates that:

By 1989, ISO started making advisory loss costs instead of advisory rates and transferred complete decision making authority on all rate related matters, including actuarial methodology, to ISO staff from insurer committees. By 1994, insurers relinquished control of ISO to a member board that included seven non-insurer directors. In 1997, ISO became an independent for-profit corporation. Insurers may only own stock in ISO that have very restricted voting rights, primarily limited to the election of a minority of the board of directors and matters involving a substantial change to the structure or business purposes of the corporation. In 2008, Verisk Analytics was established, which serves as the parent holding company of ISO. In 2009, Verisk completed its Initial Public Offering and became a publicly-traded company.

ISO Data, Inc. a subsidiary of ISO, applied to the states for designation as a statistical agent on July 6, 2001.’

According to a 2009 SEC filing, over the course of the last decade since Verisk’s Initial Public Offering, ISO has “broadened its data assets, entered new markets, placed a greater emphasis on analytics, and pursued strategic acquisitions.”

Who runs the Insurance Services Office?

How did the Insurance Services Office come under the control of Verisk? A November 2009 SEC filing states:

Verisk was established on May 23, 2008 to serve as the parent holding company [for the ISO] upon completion of the proposed IPO. On June 27, 2008, the Company’s stockholders approved certain corporate governance changes necessary to allow the Company to proceed with a proposed IPO. On October 6, 2009, the Company effected a corporate reorganization whereby the…common stock of the Company was exchanged by the current stockholders for the common stock of Verisk on a one-for-one basis…. On October 9, 2009, the Company completed its IPO. Upon completion of the IPO, the selling stockholders sold 97,995,750 shares of Class A common stock of Verisk, which included the 12,745,750 over-allotment option, at the IPO price of $22.00 per share. The Company did not receive any proceeds from the sales of common stock in the offering. Verisk trades on the NASDAQ Global Select Market under the ticker symbol ‘VRSK.’…

Photo of a person in a suit drawing a digital cartoon house meant to represent professional support for homeowners

Is the ISO a federal agency?

The ISO is a privately held company, not a federal agency— but its reach is so expansive that it’s not surprising people often ask the question, and, like a government entity, changes to its policy recommendations undergo multiple rounds of public review and periods for comment.

In its 2008 prospectus to potential investors, Verisk, which was really just the ISO since “Verisk” was simply a new name for the management of the organization, indicated the breath of the risk analysis it provides to insurance companies:

‘We are the leading provider of statistical, actuarial and underwriting data for the U.S. P&C insurance industry… Our largest P&C insurance database includes nearly 14 billion records, and, in each of the past three years, we updated the database with over 2 billion validated new records. We use our data, for example, to create policy language and proprietary risk classifications that are industry standard and to generate prospective loss cost estimates used to price insurance policies.

In that same prospectus, Verisk indicated that their decision analytics data set included historic natural catastrophe data for more than 50 countries, data from more than 13 million mortgage loan applications, over 300 million U.S. criminal records, and roughly 600 million property and casualty insurance claims.

Why do insurance companies use the ISO?

Insurance companies use ISO because it provides them with access to a range of standardized policy language, actuarial models, guidelines on meeting state regulatory requirements, business and property data, and tools for predicting risk.

The 2008 Verisk prospectus to potential investors indicates that:

Customers integrate our solutions into their models, formulas or underwriting criteria to predict potential loss events, ranging from hurricanes and earthquakes to unanticipated healthcare claims. We are a leading developer of catastrophe and extreme event models and offer solutions covering natural and man-made risks, including acts of terrorism. We also develop solutions that allow customers to quantify costs after loss events occur. Our fraud solutions include data on claim histories, analysis of mortgage applications to identify misinformation, analysis of claims to find emerging patterns of fraud and identification of suspicious claims in the insurance, healthcare and mortgage sectors.’

The ISO updates participating insurers on policy forms and changes through regular memos throughout ISO’s review and implementation process. A 2007 Market Conduct Examination made for New York indicated that as of the end of 2004, the ISO also had outside liaison and advisory panels that make recommendations to the ISO in their areas of expertise.

Regarding policy forms and endorsement, that 2007 Market Conduct Examination noted that:

‘ISO submits revisions to its insurance programs (policy forms and endorsements, manual rules and pricing considerations) as needed to reflect changes in New York statutes, regulations and Department circular letters as appropriate. ISO also makes changes to its programs in response to general developments in the marketplace, societal changes, competitive needs and general advancements in the property/casualty industry.

One such development during the examination period was related to terrorism coverage. Following the events of September 11, 2001, ISO began to re-examine exclusionary policy language in property and liability policies related to terrorism coverage. In response to the Terrorism Risk Insurance Act of 2002 (TRIA), ISO filed various forms related to losses from “certified acts of terrorism” for insurers to use on existing, new, and renewal policies. It also developed and filed loss costs for terrorism coverage for Commercial Property, General Liability, Commercial Auto and Businessowners policies.’

These standardized forms and changes to them are supposed to be carefully reviewed by each Department of Insurance. The National Association of Insurance Commissioner’s explains:

Policy form review ensures that high standards of quality are maintained. These include delivery of generally expected benefits to the policyholder, avoidance of contractual abuse by the filer, inclusion of mandatory provisions that are specified in law or regulation, exclusion of provisions that are prohibited by law or regulation, and assurance that the insurance contract has an acceptable appearance for its intended audience.

Regulators must give forms careful scrutiny to ensure that they contain the essential elements required by statute and/or regulation. In some states, the review of policy forms includes the review of advertising material for specified lines of business.’1

The Insurance Services Office and COVID-19

It’s no wonder that businesses that have been denied claims of lost income from COVID-19 want to see what ISO’s internal documents say about their policies being interpreted to cover for their losses and then the effect of the virus exclusions written by the ISO. The insurance companies are vigorously fighting against this ISO disclosure in the same manner tobacco companies in cigarette litigation fought against internal memos suggesting that cigarette smoking was addictive.

One business interruption lawsuit filed in 20202 directly sued the ISO claiming that it conspired with the insurance company and the American Association of Insurance Services to misrepresent to regulators the coverages caused by a virus and the impact of the virus circulars:

‘315. As alleged above, ISO and AAIS, and through them Berkshire, made misrepresentations to the NJ DOI and the Insureds regarding the Virus Exclusion, aimed at convincing the state insurance regulators that the Virus Exclusion was merely clarifying coverage, not reducing the scope of coverage.

316. Defendants made such false representations with knowledge of the truth and/or reckless and/or negligent disregard and intent that the Insureds and/or the NJ DOI and other regulators would rely upon the statements thereof.

317. The Insureds and/or NJ DOI reasonably and justifiably relied upon one or more of such representations to their detriment as evidenced by the fact that the Virus Exclusion was approved by state insurance regulators based on misrepresentations by ISO and AAIS…’

It’s been three years since COVID-19 hit the United States. Yet, the subsequent COVID business interruption litigation is pretty common to my prior insurance catastrophe litigation experiences. The insurance companies through their attorneys and publicists are saying the same things they did fifteen years ago in the Hurricane Katrina slab litigation:

  1. People and businesses are claiming too much and that the losses are not covered.
  2. Policyholder attorneys are overstepping and creating a mountain out of a molehill.
  3. There is no need for discovery of internal documents regarding coverage and of insurance company conduct.

Learn more about The Policyholder’s Advocate

One of the blessings that I’m grateful for is having met with and shared information and ideas with bright and hardworking attorneys working to help businesses similarly situated in litigation in this battle seeking coverage against their own insurance companies.

At Merlin Law Group, our attorneys fight everyday to make sure that policyholders get fair and timely compensation from insurance companies. Find out more about the work we do for our clients in our ebooks and case studies:

Why Merlin?

Fighting Against Insurer Tactics

What to Do When You Have a Denied/Underpaid Claim

Thought For The Day

The Song Remains The Same is not a great film, but there’s no point in making excuses. It’s just a reasonably honest statement of where we were at that particular time. It’s very difficult for me to watch it now, but I’d like to see it in a year’s time just to see how it stands up.
—Jimmy Page, Lead Guitar, Led Zeppelin

____________________________________
1 Product Filing Review Handbook at 65 (NAIC Aug 2016).
2 The Learning Experience v. Berkshire Hathaway Specialty Ins. Co., No 2:20-cv-14013 (D. N.J. Complaint filed Oct. 7, 2020).