top of page

CIAT and CIAB File Joint Comments on Proposed Technical Changes to the Terrorism Risk Insurance Prog

Updated: Apr 27, 2022

Download the full letter here.

January 11, 2021

U.S. Department of the Treasury Federal Insurance Office, MT 1410 1500 Pennsylvania Avenue, NW Washington, DC 20220

RE: 2020 TRIA Updated Regulations Proposed Rules Comments

To Whom It May Concern:

The Coalition to Insure Against Terrorism (“CIAT”) and The Council of Insurance Agents and Brokers (“The Council”) file these comments in response to the Notice of Proposed Rulemaking (“NPRM”) by the Federal Insurance Office (“FIO”) published in the November 10, 2020 Federal Register. 85 Fed. Reg. 71588. We file these comments jointly to emphasize that there is no daylight between the broker and policyholder communities on these important questions.


CIAT is a broad coalition of commercial insurance consumers formed immediately after 9/11 to ensure that American businesses could obtain comprehensive and affordable terrorism insurance. The diverse CIAT membership represents a wide range of businesses and organizations throughout the transportation, commercial real estate, banking, energy, construction, hotel and hospitality, manufacturing, major league sports, entertainment and retail sectors. The current list of CIAT members can be found at

CIAT is pleased to have the opportunity to comment in response to FIO’s NPRM. As the principal commercial buyers of terrorism insurance, CIAT members were instrumental in the development, enactment, and each subsequent reauthorization of the Terrorism Risk Insurance Act (“TRIA”), and remain the true consumer voice on the TRIA program. CIAT continues to believe that the TRIA program has been, and remains, extremely effective, and as a result we strongly supported the latest reauthorization legislation as it made its way through Congress in 2019.


The Council represents the largest and most successful employee benefits and property/casualty agencies and brokerage firms – many of them counting CIAT members as clients. Council member firms annually place more than $300 billion in commercial insurance business in the United States and abroad. In fact, they place 90 percent of all U.S. insurance products and services and they administer billions of dollars in employee benefits. Council members conduct business in some 30,000 locations and employ upward of 350,000 people worldwide, specializing in a wide range of insurance products and risk management services for business, industry, government, and the public.

The Council also appreciates this opportunity to provide comments on the NPRM. Like CIAT, Council members strongly support the TRIA program and have engaged with lawmakers and FIO since the program’s inception on the issues addressed below, among others, to bolster the overall effectiveness of the program.


CIAT and The Council appreciate FIO’s work in completing this NPRM. We recognize the value of using this rulemaking to solicit stakeholder input on additional issues such as certification, cyber insurance, and captive insurers’ participation in TRIA. As policyholders and brokers, CIAT and Council members are not in a position to comment on certain aspects of the NPRM that generally impact insurers only, but there are a number of issues upon which we are pleased to offer the collective views of our members.

Certification Process

We have long believed improvements can be made to the manner in which an act of terrorism is “certified” under TRIA. As became quite clear following the tragic events at the Boston Marathon in 2013, uncertainty relating to certification can have market consequences. For example, even when insured losses from an attack do not reach the TRIA program trigger, certification by the Treasury Secretary is still relevant because most commercial policies in the United States cover or exclude terrorism by reference to TRIA’s definition of “act of terrorism,” which includes the certification requirement.

Treasury is nominally required to notify the public regarding when an act is being considered for certification, but there is no timeline for doing so, and the rules provide that Treasury is not precluded from certifying or determining not to certify an act prior to the initial public notification. If Treasury does issue an initial notification, Treasury must provide an update to that notification within 30 days, and then every 60 days after that, but there is no limit to how long an event may be listed as still under review. It is also possible that Treasury could fail to give any indication one way or another concerning an event, and there is no mechanism for policyholders or insurers to request a determination that may be relevant even if the event is below the Program Trigger. This lack of clarity can be particularly relevant when the policyholder purchases terrorism coverage through a stand-alone tower of insurers, separate and apart from the primary program panel. In most stand-alone policies, the terrorism coverage may not be applicable until an act is certified. If it takes months to determine if the damages are due to a certified act of terrorism, insurers on either coverage panel may not make voluntary payments, without a Joint Loss Agreement clause in the policy. This restrictive financial response could affect rebuild obligations in real estate deals, debris removal, loss mitigation efforts, business interruption recoveries, loan covenants or other aspects of the claim recovery process.

We further believe that the current rules provide some degree of structure to the CIAT in particular has previously expressed to Treasury a desire that the rules should include a mechanism whereby policyholders and/or insurers may request a certification determination from the Treasury Secretary. We appreciate that the NPRM requests comment on this specific issue, and believe that such a mechanism could be inserted fairly easily into the existing certification regulations, whereby Treasury is simply required to begin the established review process (and accompanying public notification) upon confirmation of a valid petition for review of an event. We believe it is imperative that any party potentially impacted by a certification decision should be eligible to file such a petition. We further believe that a valid petition should include proof of impact, and sufficient evidence to demonstrate that the $5 million loss threshold is likely to be met.

Cyber Terrorism

In December 2016, Treasury issued guidance relating to whether certain standalone cyber coverage written in a TRIP-eligible line of insurance was within the scope of the TRIA program, such that insurers were obligated to adhere to the ‘‘make available’’ and disclosure requirements under TRIA for such coverage. 81 Fed. Reg. 95312. We thank FIO for codifying this previously issued guidance in the current NPRM, as greater clarity on the relationship between cyberterrorism and TRIA is always appreciated, and welcome future clarifying guidance related to cyber insurance, particularly as it relates to the certification of cyber events. We would also appreciate any specific guidance on the parameters defining what constitutes “damage” in the cyber context for purposes of meeting the statutory definition of “act of terrorism.” With respect to your question on cyber events occurring outside the United States, our members believe that it is certainly conceivable that such events could cause “damage within the United States” within the meaning of TRIA. The extent of such possibilities, however, may hinge upon how one defines “damage” in the cyber context, and again, any further clarity that can be given by Treasury on this question would be particularly helpful.

NPRM Questions Regarding Captive Insurers

Several CIAT members – with assistance from Council members – have used captive insurance companies for a variety of purposes over the years, and as such, we appreciate the opportunity to comment on some of the specific concerns posed in the NPRM regarding the participation of captives in TRIA. Captives remain an important part of many CIAT members’ overall insurance and risk management programs, and are often the best way to secure coverage not otherwise available in the marketplace.

CIAT members have used captive insurance companies as a part of their overall insurance and risk management programs for many years. While members often prefer to purchase commercial insurance if it is available, at a reasonable price, with necessary terms and limits, captives can often be used to provide enhanced coverage that is not generally available, or to decrease third party premium costs for risks that the captive owner is comfortable in retaining to a larger extent. For terrorism coverage, they have proven to be useful in enhancing the captive owner’s overall insurance program, such as by providing excess coverage when other insurance does not provide high enough limits. Captives have also been used to provide coverage that is otherwise unavailable or prohibitively expensive, such as cover for nuclear, biological, chemical, and radiological (“NBCR”) terrorism perils. Captives serve an important function in the insurance marketplace, and their design and use far pre-date the enactment of TRIA, and serve critical functions entirely distinct from access to the TRIA backstop.

Imposing stricter limits on captives’ access to the TRIA backstop could have unintended market consequences, and we do not believe that any changes regarding captives’ deductibles and loss-sharing are advisable — particularly given the fact that any concerns relating to captives are merely speculative, as there has never been a certified act of terrorism in the history of TRIA. Furthermore, due to the fact that many (if not most) captives qualify as “insurers” under TRIA by virtue of holding a state license, any changes to such a captive’s deductible calculation, co-share, or eligibility for the TRIA backstop would require revision of the TRIA statute (i.e., Congressional action) and could not, therefore, be achieved simply by administrative rule change.

We recognize that some may have concerns about the potential use of captives to manipulate the Program’s deductible/reimbursement features. On this point, we note that the use of captives by businesses, including our members, pre-dates TRIA, and such captives are used to accomplish many different objectives and often insure a much broader range of risks and perils than terrorism risk alone. Treasury should recognize that captives are typically just one piece of an overall risk-management program, and any specific rules regarding their participation in TRIA, provided such rules are consistent with Treasury’s existing authority under TRIA, should be sufficiently flexible.


In conclusion, CIAT and The Council continue to believe that TRIA has been a tremendous success, and we appreciate FIO’s efforts to maintain a strong regulatory framework for its effective operation. We appreciate the opportunity to provide our input on the proposed rules, and look forward to working with you in the future.


The Coalition to Insure Against Terrorism The Council of Insurance Agents & Brokers

14 views0 comments

Recent Posts

See All


bottom of page