Appendix D: Law and Regulation Reference

You will spend your whole career inside a legal frame you did not build and cannot change. The policy is a contract before it is anything else; the price is a filed document; the data on your screen is governed by statutes that say what you may read and what you must ignore. None of this is optional, and a regulator, a plaintiff's attorney, or your own compliance officer will not accept "I didn't know" as a defense. This appendix is the field reference for that frame — the doctrines, the statutes, the regulators, and the rules that decide what an underwriting decision is allowed to be.

It is a reference, not a treatise, and emphatically not legal advice. The law of insurance is state-by-state, line-by-line, and constantly moving; when a real decision turns on a fine point, you ask your compliance and legal teams, you read the actual statute and the actual filing, and you document what you relied on. What follows is the map that lets you ask the right question. The doctrines are developed in Chapter 4; the data-use rules in Chapter 8; the line-specific applications in Chapters 17 and 18 (life and health); and the hardest territory — the line between risk-based pricing and unfair discrimination — in Chapter 35. Cross-references point you back to where each idea is taught in full.

⚖️ Compliance Corner Two honesty conventions govern this appendix. First, every statute, regulator, case, and institution named here is real, named as such, and described qualitatively — we cite the existence and the purpose of a law, never an invented section number, effective date we are unsure of, or a holding we cannot stand behind. Where a precise figure (a fee, a rate cap, a benefit amount) would matter to a real decision, we keep it qualitative and send you to the actual source. Second, anything that looks like a dollar figure or a percentage in a worked example is a constructed teaching number, labeled as such. Accuracy is the only thing a reference is for.

D.1 The core doctrines: the contract law underneath every policy

Insurance is a creature of contract law, but a peculiar one. Six doctrines do most of the work, and an underwriter should be able to state each one cold, because each one is the reason a question is on the application or a clause is in the form (see §4.1–4.4).

Utmost good faith (uberrimae fidei). Both parties to an insurance contract owe each other a higher duty of honesty and disclosure than parties to an ordinary arm's-length bargain. The buyer knows the risk; the insurer largely does not, and must rely on what the buyer tells it. The doctrine is the legal backstop behind every question on an application — it is why a material non-disclosure can unwind a policy. The principle is conventionally traced in the common law to Carter v. Boehm (1766), Lord Mansfield's English decision rooting the duty of disclosure in insurance. (We paraphrase the case as a teaching restatement, not a verbatim quotation.) The modern duty runs both ways: the insurer owes good faith too, which is the root of bad-faith liability when a carrier handles a claim or a rescission unfairly.

Insurable interest. The insured must stand to suffer a genuine financial loss if the insured event occurs. This is what separates insurance from a wager — you may not insure your neighbor's house and profit when it burns — and it removes the worst form of moral hazard. The timing rule differs by line: in property insurance the interest must exist at the time of loss; in life insurance it must exist at inception. Insurable interest answers who may insure; it is distinct from indemnity, which answers how much they may recover.

Indemnity. Insurance restores the insured to the financial position occupied just before the loss — no worse, but no better. The principle keeps insurance from becoming a profit engine and is enforced through deductibles, salvage, the coinsurance and other-insurance clauses, contribution among insurers, and subrogation. (Some contracts depart from strict indemnity by design — valued policies and agreed-value property forms pay a stated amount; life insurance is not an indemnity contract at all, because a life has no market value — but indemnity is the default and the reason recovery is capped at the loss.)

Subrogation. After paying a covered loss, the insurer may step into the insured's legal shoes and pursue the third party who caused the loss. Subrogation prevents double recovery (the insured cannot collect from both the insurer and the wrongdoer) and keeps the ultimate cost of loss on the party at fault, which is why the conditions section obligates the insured not to impair the insurer's recovery rights.

Representation vs. warranty. A representation is a statement that induces the contract — it is tested for materiality and substantial truth, and a material misstatement may support rescission. A warranty is a statement made part of the contract itself; at strict common law it had to be literally and exactly true (or exactly performed), and any breach — material or not — could void coverage. That harsh common-law rule has been softened in most states by statute, so that a warranty breach often must be material or must increase the risk before it forfeits coverage. The distinction still matters: phrasing something as a warranty raises the stakes for the insured, which is why courts read warranty language narrowly and why you do not casually label an application answer a "warranty."

Concealment. The silent withholding of a material fact the applicant knows and the insurer does not, in breach of the duty of disclosure. Where the fact is material and (in most modern lines) was concealed knowingly and with intent to deceive, it may permit rescission — the undoing of the contract from inception. Concealment is misrepresentation's quieter sibling: misrepresentation is a false statement; concealment is a guilty silence. (Rescission and its limits — materiality, intent, incontestability — are developed on the fraud side in Chapter 33.)

📋 At the Desk These six are not academic. Read them as the reason the file exists. The application is the record of the insured's representations (utmost good faith). The signed statement of values supports the insurable interest and the indemnity measure. The "any other insurance" question protects indemnity through contribution. The subrogation-cooperation condition preserves the carrier's subrogation right. When a claim later goes bad, the first thing anyone pulls is the application — and the doctrines decide whether what the insured said, or didn't say, lets the carrier off the risk.

D.2 Why the states regulate insurance: McCarran-Ferguson and the structure

Insurance in the United States is regulated primarily by the fifty states, not the federal government — unlike banking and securities, which are largely federal. This strikes newcomers as strange, and it has a specific legal history every certification exam tests (see §4.5).

For most of American history, insurance was assumed not to be "interstate commerce" and therefore beyond federal reach — a view associated with the 19th-century decision Paul v. Virginia. Then, in 1944, the Supreme Court decided United States v. South-Eastern Underwriters Association, holding that insurance conducted across state lines was interstate commerce and therefore was subject to federal antitrust law. At a stroke the decision threw the entire system of state regulation into doubt and exposed common industry practices — sharing loss data, using cooperatively developed rates — to federal antitrust attack. Congress responded the next year with the McCarran-Ferguson Act (1945), the federal statute that returns regulation and taxation of the "business of insurance" to the states and exempts it from most federal law (including, with exceptions, the antitrust laws) to the extent the business is regulated by state law. In plain terms: as long as the states actively regulate insurance, federal law generally steps back. This is why data-sharing and advisory-rate organizations (ISO/Verisk, NCCI) can function as they do, and why the answer to "who regulates my company?" is almost always "your state."

The system this produces has a few load-bearing parts:

THE U.S. INSURANCE REGULATORY STRUCTURE                      [schematic — not to scale]

   McCarran-Ferguson Act (1945)
        returns "business of insurance" to the states
                     │
        ┌────────────┴────────────┐
        ▼                         ▼
   50 STATE INSURANCE          NAIC  (National Association
   DEPARTMENTS                 of Insurance Commissioners)
   each headed by a            • NO direct legal authority
   COMMISSIONER                • writes MODEL laws/regulations
   (elected or appointed)      • runs RBC + financial-exam
        │                        coordination
        ├─ license carriers & producers
        ├─ review/approve forms & rates
        ├─ examine solvency (RBC, reserves)
        ├─ enforce market conduct
        └─ run the state GUARANTY FUND (backstops insolvent admitted insurers)

The state insurance department (or division), headed by a commissioner, licenses carriers and producers, reviews and approves policy forms and rates, examines insurers' financial solvency, and enforces market-conduct rules. Because there are fifty departments there are, in effect, fifty rulebooks: a rating factor legal in one state may be banned in the next.

The National Association of Insurance Commissioners (NAIC) is the standard-setting body made up of the chief insurance regulators of all the states and territories. It has no direct legal authority of its own — it cannot make law. What it does is develop model laws and regulations — templates on rate filing, unfair trade practices, financial solvency, and much else — which individual states then adopt, adapt, or ignore. The NAIC also maintains the risk-based capital (RBC) framework (Chapter 28) and coordinates financial examinations. This is why the fifty rulebooks rhyme — they share NAIC DNA — while never being perfectly uniform. The harmonization is the reason compliance is possible; the gaps are the reason it is a real job.

State regulation has two missions that sometimes pull against each other. Solvency regulation makes sure the carrier can pay the claims it promised — capital requirements (RBC), reserve review, financial exams, and the state guaranty funds that backstop policyholders if an admitted insurer fails anyway. Market-conduct regulation makes sure insurers treat policyholders fairly — rates not excessive, classification not unfairly discriminatory, claims handled in good faith. The underwriter lives at the intersection: you must price adequately (solvency — the combined ratio must work) and fairly (market conduct — the price must reflect risk, not prejudice).

D.3 Rate regulation: the four systems

Of all the ways the state touches the underwriter, the one you feel most directly is rate regulation — the law governing how an insurer sets, files, and gets permission to use its prices (see §4.6). The governing standard, written into rate law in nearly every state and drawn from NAIC models, is a three-part test. A rate must not be:

  • Excessive — unreasonably high relative to the risk and expected costs (the consumer-protection side).
  • Inadequate — unreasonably low, threatening solvency or amounting to predatory under-pricing (the solvency side — note that the same law that stops gouging also forbids the under-pricing that destroys the combined ratio).
  • Unfairly discriminatory — drawing distinctions in price not justified by a real difference in expected loss (the fairness side; see D.5).

Within that standard, states grant different amounts of freedom to set the price. The four principal systems form a spectrum from most regulatory control to least:

System What it requires Regulatory grip Typical use
Prior approval File the rate; you may not use it until the regulator affirmatively approves Tightest Politically sensitive lines (e.g., personal auto, homeowners, health in many states)
File-and-use File the rate; you may use it after filing (often after a waiting period), subject to later disapproval Moderate Common across commercial lines
Use-and-use (use-and-file) Use the rate first, then file it within a set window Looser States favoring competition
Flex / open competition Market sets prices; the regulator intervenes only at the edges (a "flex band" may cap how far a rate can move without filing) Loosest Competitive commercial markets 
RATE-REGULATION SPECTRUM                              [schematic]

  MORE regulatory control ◄─────────────────────────────► LESS

  Prior approval ── File-and-use ── Use-and-file ── Flex / Open competition
  "approve first"   "file, then use"  "use, then file"  "market decides"

A few practitioner notes. Prior approval is where rate change goes to die slowly — in a hardening market, the lag between filing an indicated increase and being allowed to charge it can leave you writing business at inadequate rates for months, and the losses arrive on schedule. Flex and open competition do not mean "no rules" — the excessive/inadequate/unfairly-discriminatory standard still binds, the rate still has to be supportable, and the regulator can still call the filing in. And which system applies is line-specific and state-specific: the same carrier may be in prior approval for auto and file-and-use for commercial property in the very same state. The most famous prior-approval regime, California's Proposition 103 (1988), established prior approval, an elected commissioner, and a mandated ordering of certain auto-rating factors — a real, public illustration of how far a state can go in constraining the rate (developed in Chapter 14).

⚠️ Underwriting Trap The rate you want to charge and the rate you are allowed to charge are not always the same number. A filed rate is the ceiling and the floor of what you can do — you cannot quietly add a load the filing does not support, and you cannot discount below the filed rate to win an account except through filed credits (schedule rating, experience rating) applied within their filed ranges. "We'll just price it where it needs to be" is, in a regulated line, sometimes illegal. Pricing discipline lives inside the filing.

D.4 Admitted vs. surplus lines: the two markets

Not every risk can be written in the standard, state-licensed market, and the law provides a pressure valve (see §4.7 and §3.7).

An admitted (licensed) carrier is one the state has licensed to do business there. Its rates and forms are filed with and generally accepted by the department, and — critically — its policyholders are protected by the state guaranty fund if the carrier becomes insolvent. The trade-off for that protection is constraint: an admitted carrier writes filed forms at filed rates and must stay inside the state's rules.

A surplus lines (non-admitted, or "excess and surplus" / E&S) carrier is not licensed in the state but is permitted to write risks the admitted market will not — on freedom-of-rate-and-form terms (it can manuscript the coverage and price it as the risk demands). The trade-offs are real and run the other way: surplus-lines policies are generally not backed by the guaranty fund, the placement must go through a licensed surplus-lines broker, and the broker must usually document a diligent search of the admitted market (often a required number of admitted declinations) showing the risk could not be placed there. Surplus lines is where the hard, novel, catastrophe-exposed, and high-hazard risks go — and where a great deal of cyber, large catastrophe property, and emerging-risk business lives.

ADMITTED vs. SURPLUS LINES                                   [schematic]

  ADMITTED (licensed)                    SURPLUS LINES (non-admitted / E&S)
  ─────────────────────                  ──────────────────────────────────
  • filed rates & forms                  • freedom of rate and form
  • guaranty-fund backed                 • NOT guaranty-fund backed (generally)
  • standard, well-understood risks      • hard, novel, high-hazard, cat-exposed risks
  • retail broker → carrier              • retail broker → WHOLESALE broker → E&S carrier
                                         • diligent-search / declinations required

For Harbor Steel — the catastrophe-exposed Gulf Coast fabrication account that runs through the book — this distinction is not abstract. A non-renewal driven by named-storm exposure and loss history is exactly the kind of risk that can fall out of the admitted market and into surplus lines for some or all of its coverage. Whether the account lands admitted or E&S changes the price, the form, the guaranty-fund protection, and the broker channel — which is why the admitted/surplus question is one of the first an underwriter asks.

⚖️ Compliance Corner Surplus-lines business carries its own tax and compliance machinery: a surplus-lines premium tax the broker must collect and remit, affidavits documenting the diligent search, and stamping-office requirements in some states. The exact tax rate and filing mechanics are state-specific — keep them qualitative and confirm with the surplus-lines broker and your compliance team for the state at issue.

D.5 Fair vs. unfair discrimination and protected classes

Here is the paradox at the center of the whole business: insurance must discriminate by risk to function. Charging a teenage driver and a fifty-year-old with a clean record the same price would be unfair to the safe driver and would invite the adverse selection that destroys a pool. Sorting risks into groups of similar expected loss — risk classification — is the underwriter's core cure for adverse selection. The law does not forbid this; it requires the price to reflect risk. What the law forbids is unfair discrimination (see §4.7 and all of Chapter 35).

Fair (lawful) discrimination distinguishes among risks on the basis of a real, demonstrable difference in expected loss. Unfair discrimination is the use of a classification not justified by a real difference in expected loss — treating same-risk insureds differently, or pricing on a protected characteristic rather than on risk. The standard prohibited classes, at the core, are race, religion, and national origin; these are off-limits as rating or underwriting factors essentially everywhere and in essentially every line. Beyond that core the picture is a patchwork: gender, credit-based scores, age, ZIP code / territory, marital status, occupation, and education are permitted in some states and lines and restricted or banned in others. The only safe rule is that what you may use is state-specific and line-specific, and you confirm it for the jurisdiction and line in front of you.

Three concepts sharpen the line, all developed in Chapter 35:

  • Proxy discrimination — using a facially neutral, legally permitted factor that functions as a stand-in for a prohibited one, so the forbidden sorting happens through a permitted variable (the classic worry: a geographic factor standing in for race). The factor's legality does not cure the effect.
  • Disparate impact — a discriminatory effect on a protected group produced by a facially neutral practice, regardless of intent, measured by comparing outcomes across groups rather than by reading the rule. A growing number of states are regulating on this effect-based theory.
  • Redlining — the historical practice of denying or pricing up coverage for entire neighborhoods based on racial or ethnic composition (named for the red lines on the federal HOLC "residential security" maps of the 1930s). It is the source of geography's permanently contested status as a rating dimension.

The genuine tension here is between actuarial fairness (a price is fair when it accurately reflects expected cost) and social fairness (a price is fair when it does not deny essential protection or deepen inequality). These conflict precisely when accurate risk pricing prices a vulnerable group out of the market. The book does not resolve this glibly in either direction, and neither should you — but you must know which factors the law has already taken off the table, and you must be able to show that your price tracks risk and not a protected proxy.

⚖️ Compliance Corner Two recent, real statutes show where effect-based regulation is heading. Colorado's SB21-169 (2021) requires insurers to test their external consumer data, algorithms, and predictive models for unfairly discriminatory outcomes against protected classes — a leading example of regulating the effect of a model, not just its stated inputs. Several other states and the NAIC have advanced model-governance and AI bulletins in the same spirit. The lesson for the modern underwriter: "the algorithm did it" is not a defense, and a model that is accurate on average can still be unlawful in its impact.

D.6 The federal statutes that reach into underwriting

McCarran-Ferguson keeps most federal law at bay, but several federal statutes reach directly into the underwriting decision — chiefly by governing what data you may use and what you may not charge for. These are the ones an underwriter meets by name.

The Fair Credit Reporting Act (FCRA). The federal statute governing the use of consumer-report information — including the credit-based insurance score and shared-claims databases such as CLUE and the MVR-style reports pulled in personal lines (see §8.3, §8.6, §14.3). FCRA does two things that bind the underwriter directly. First, it permits the use of consumer reports for the permissible purpose of underwriting insurance. Second — and this is the one that generates daily compliance work — when information in a consumer report results in an adverse action (a decline, a higher rate, or less favorable terms), the insurer must send the applicant an adverse-action notice identifying the reporting agency and informing the consumer of the right to obtain the report and dispute its contents. A credit-based insurance score is built specifically to predict insurance loss (not lending creditworthiness), is statistically correlated with loss across populations, and is permitted in most states for personal auto and home — but it is restricted or banned in several states and is the single most regulated and contested data source in personal lines. (The Federal Trade Commission's public study of these scores found them predictive of insurance loss; we cite the finding and do not attach a fabricated effect size.)

The Genetic Information Nondiscrimination Act (GINA), 2008. The federal statute restricting the use of genetic information. Its scope is the part underwriters most need to get right: GINA's protections are strongest in health insurance and in employment, and are limited at the federal level for life, disability, and long-term-care underwriting — the so-called "genetics gap." In life underwriting, family history (which is not the same thing as a genetic test result) has long been a legitimate mortality factor, and the treatment of actual genetic test results is an active, state-varying, ethically fraught frontier (see §17.7 and the David Okafor thread in Chapter 35). State law may go further than GINA. Cite the statute and its scope; do not invent provisions.

The Affordable Care Act (ACA), 2010. The federal law whose 2014 market reforms removed the carrier's ability to select and price by health in the individual and small-group markets. Through guaranteed issue (an insurer must offer coverage to any eligible applicant regardless of health, with no health-based declines and no pre-existing-condition exclusions) plus adjusted community rating (premiums may vary only on a short enumerated list — age within a capped ratio, tobacco within a capped surcharge, geographic area, family tier, and plan/metal tier — and not on health status, claims history, or gender), the ACA replaced most individual medical underwriting with risk adjustment, a medical-loss-ratio rule, enrollment controls, and subsidies. It is the clearest large-scale social-fairness override of actuarial pricing in American insurance. Underwriting did not vanish, though — it moved to large groups, self-funding, and stop-loss (see Chapter 18), where the adverse-selection math still rules.

Anti-rebating and unfair-trade-practices laws. These are technically state laws (built from NAIC model acts), but they belong in any statute reference because they constrain the underwriter and producer at the point of sale. Anti-rebating laws prohibit giving the insured anything of value not specified in the policy as an inducement to buy — a kickback of part of the commission, a free gift above a nominal value — on the theory that price competition should happen in the filed rate, not in side payments that can be steered to favored buyers and used to discriminate among same-risk insureds. The broader Unfair Trade Practices Act (again, an NAIC model adopted state by state) prohibits a list of practices including misrepresentation of policy terms, unfair discrimination between insureds of the same class and hazard, false advertising, and improper claims handling. (Some states have modernized or narrowed their anti-rebating rules in recent years to permit certain value-added services; the details are state-specific — keep them qualitative.)

Statute Level What it governs for the underwriter Taught in
FCRA Federal Consumer-report use (credit-based insurance scores, CLUE, MVRs); adverse-action notice §8.3, §8.6; §14.3
GINA Federal Genetic information; strong in health/employment, limited for life/DI/LTC §17.7; Ch.35
ACA Federal Guaranteed issue + community rating in individual/small-group health Ch.18
McCarran-Ferguson Federal Returns insurance regulation to the states §4.5
Unfair Trade Practices / anti-rebating State (NAIC model) Misrepresentation, unfair discrimination, rebating, claims conduct §4.7

🤖 Model vs. Judgment Every one of these statutes lands on the modern underwriting stack, not just on the human. A predictive model is fed features; FCRA governs the consumer-report features, GINA forbids genetic features in the lines it covers, the unfair-discrimination standard forbids protected-class features and their proxies, and the effect-based statutes (D.5) demand the output be tested for disparate impact. The underwriter who overrides a model still owns the decision under all of these laws — which is exactly why the override has to be documented with a risk-based reason. The compliance burden is one more argument for the book's central claim: the algorithm proposes, the accountable human disposes.

D.7 The regulators and institutions: who is who

A quick directory of the bodies whose rules and ratings you will navigate. The first two are regulators (they have, or channel, legal authority); the rest are private institutions whose work is woven into the regulated system.

  • State insurance departments / commissioners. The actual regulators. Each state's department, headed by a commissioner (elected in some states, appointed in most), licenses carriers and producers, reviews and approves rates and forms, examines solvency, enforces market conduct, and runs the guaranty fund. This is where the legal authority lives. Fifty of them; fifty rulebooks.

  • The NAIC (National Association of Insurance Commissioners). The coordinating body of all the state commissioners. No direct legal authority — it writes model laws and regulations that states adopt or adapt, maintains the RBC formula and financial-examination coordination, and increasingly issues guidance and bulletins (including on AI and model governance). The NAIC is why the fifty rulebooks rhyme.

  • State guaranty funds. State-created mechanisms that pay covered claims of an admitted insurer that becomes insolvent, funded by assessments on the other admitted carriers. They are the reason "admitted" protection is worth the constraint that comes with it — and the reason a surplus-lines placement (generally outside the fund) carries a different risk for the insured.

  • Advisory / rating organizations (ISO/Verisk, NCCI, independent state bureaus). Private organizations that develop standardized forms and advisory loss costs that carriers file off of — ISO/Verisk across most property-casualty lines, the NCCI (and independent bureaus such as California's WCIRB and New York's NYCIRB) for workers' compensation. Their cooperative data-sharing and advisory-rate work is precisely what McCarran-Ferguson's antitrust posture permits.

  • Financial-strength rating agencies (AM Best and others). Private firms — not regulators — that assess and publish a carrier's claims-paying ability. AM Best is the agency specializing in insurance; its ratings often gate which business a carrier can write and which reinsurers a cedent will trust. The rating agencies sit alongside the legal framework as a parallel, market-enforced discipline.

WHO HAS AUTHORITY OVER WHAT                                  [schematic]

  LEGAL AUTHORITY            ───►  State departments / commissioners (the regulators)
  COORDINATION (no law)      ───►  NAIC (model laws, RBC, bulletins)
  POLICYHOLDER BACKSTOP      ───►  State guaranty funds (admitted insurers only)
  FORMS & ADVISORY RATES     ───►  ISO/Verisk, NCCI, state bureaus (private)
  CLAIMS-PAYING-ABILITY      ───►  AM Best & other rating agencies (private)

D.8 How the frame shows up at the desk — the underwriter's compliance checklist

Pull the abstractions together into the questions a disciplined underwriter actually runs on a live submission. None of these is exotic; all of them are how the law becomes daily practice.

  1. Is the risk in the admitted market or does it belong in surplus lines? (D.4) — this decides the price freedom, the form freedom, the guaranty-fund protection, and the broker channel.
  2. What is the rate-regulation system for this line in this state? (D.3) — prior-approval lag, filed-rate discipline, and whether your credits/debits are inside their filed ranges.
  3. Am I allowed to use each factor I'm relying on? (D.5) — confirm, for this state and line, that no factor is a prohibited class or a proxy for one, and that the price tracks risk.
  4. Did a consumer report drive an adverse action? (D.6, FCRA) — if a decline or rate-up rests on a credit-based score, CLUE, or MVR, the adverse-action notice is mandatory, not optional.
  5. Is genetic or health information in play, and in which line? (D.6, GINA/ACA) — different rules for health, life, and disability; the genetics gap is real and state law may go further.
  6. Have I honored the doctrines? (D.1) — the application captures the insured's representations (utmost good faith); the values support insurable interest and indemnity; the subrogation condition is intact.
  7. Is the file documented well enough to defend the decision? — every adverse action and every override needs a risk-based reason on the record, because the defense of an underwriting decision is the documentation of it.

⚠️ Underwriting Trap The most common compliance failure is not a dramatic act of discrimination — it is a missing adverse-action notice or a decline with no documented risk-based reason. Both are quiet, both are routine, and both are exactly what an examiner samples for in a market-conduct exam. The fix is equally routine: build the notice into the workflow, and never let a decline leave your desk without a sentence saying why, in terms of the risk.

D.9 Constructed illustration: tracing one account through the frame

To make the references concrete, here is a single submission walked through the legal frame. Every figure below is a constructed teaching example — do not treat any number, rate, or threshold as real.

FIGURE D.1 — "One account through the legal frame"        [constructed teaching example]
  THE SUBMISSION   Harbor Steel & Fabrication: a Gulf Coast metal-fabrication account, new business after a
                   catastrophe-driven non-renewal; commercial package (property, GL, WC, auto, umbrella).
  THE CONTEXT      Named-storm-exposed county; two fire losses in five years; one pending products claim;
                   strong broker (Meridian); the question is whether and how the legal frame lets us write it.
  WHAT IT SHOWS    • Doctrines (D.1): the application is the record of representations under utmost good faith;
                     a material non-disclosure of a loss's cause could later support rescission.
                   • Market (D.4): catastrophe exposure may push some coverage to SURPLUS LINES (freedom of
                     rate/form, but no guaranty-fund backstop, wholesale broker, diligent-search documentation).
                   • Rate reg (D.3): commercial property may be file-and-use here; WC loss costs come off the
                     NCCI/state bureau; credits/debits must sit inside their filed ranges.
                   • Discrimination (D.5): the price must track RISK (cat exposure, loss history, controls) —
                     never a protected-class proxy; geography here is a genuine cat factor, not a redlining one.
                   • Federal statutes (D.6): FCRA is mostly a PERSONAL-lines concern, but if the owner's personal
                     auto/umbrella is account-rounded in, an adverse action there triggers the FCRA notice.
  WHAT IT DOESN'T  It does not tell us the exact surplus-lines tax, the precise filed rate, or this state's full
                   banned-factor list — those are looked up for the actual jurisdiction, not assumed.
  THE DECISION     Writable within the frame: confirm admitted-vs-E&S per coverage, price inside the filed
                   ranges on risk-based factors only, document every adverse action and every override.
  THE LESSON       The legal frame does not tell you whether to write the risk — it tells you what a lawful
                   "yes" or "no" is allowed to look like, and what you must be able to prove afterward.

D.10 Quick-reference card

LAW & REGULATION — ONE-PAGE CARD                          [reference]

  SIX DOCTRINES (D.1, Ch.4)
   • Utmost good faith  — higher duty of disclosure both ways (Carter v. Boehm)
   • Insurable interest — must stand to lose (property: at loss; life: at inception)
   • Indemnity          — restore, no better; capped at the loss
   • Subrogation        — insurer steps into insured's shoes; no double recovery
   • Rep vs. warranty   — rep tested for materiality; warranty stricter (softened by statute)
   • Concealment        — guilty silence on a material fact → possible rescission

  STATE SYSTEM (D.2, §4.5)
   • McCarran-Ferguson (1945): insurance regulated by the STATES
   • Trigger: U.S. v. South-Eastern Underwriters (1944); prior view: Paul v. Virginia
   • 50 departments/commissioners (legal authority) + NAIC (models, RBC; no authority)

  RATE SYSTEMS (D.3, §4.6)   standard: not excessive / not inadequate / not unfairly discriminatory
   • Prior approval ► File-and-use ► Use-and-file ► Flex/Open competition  (tight → loose)

  ADMITTED vs. SURPLUS LINES (D.4, §4.7)
   • Admitted: filed rates/forms, guaranty-fund backed, standard risks
   • Surplus: freedom of rate/form, NOT fund-backed, wholesale broker + diligent search

  FAIR vs. UNFAIR DISCRIMINATION (D.5, Ch.35)
   • Lawful: price tracks expected loss   • Unlawful: protected class or its proxy
   • Core protected: race, religion, national origin (gender/credit/etc. = patchwork)
   • Watch: proxy discrimination · disparate impact · redlining

  FEDERAL STATUTES (D.6)
   • FCRA   — consumer reports; ADVERSE-ACTION NOTICE required (Ch.8, §14.3)
   • GINA   — genetics; strong health/employment, weak life/DI/LTC (§17.7)
   • ACA    — guaranteed issue + community rating in indiv/small-group health (Ch.18)
   • Anti-rebating / Unfair Trade Practices — state NAIC models (§4.7)

  THE RULE BEHIND ALL OF IT
   Document a RISK-BASED REASON for every adverse action and every override.
   "The algorithm did it" / "I didn't know the rule" are not defenses.

This appendix is a map, not the territory. The statutes move, the states differ, the model laws get adopted unevenly, and the AI-fairness rules are being written as you read this. When a real decision turns on any of it, go to the source — the actual statute, the actual filing, your compliance and legal teams — and put what you relied on in the file. The doctrines in Chapter 4, the data rules in Chapter 8, the life and health applications in Chapters 17 and 18, and the fairness arguments in Chapter 35 are where each of these lives in full. What the underwriter owes the frame is not memorization of every section number — it is the discipline to know which question to ask, to price on risk and not on prejudice, and to leave a record that defends the decision.