Chapter 8: Information Gathering: Applications, Inspections, Reports, and Building the Risk Picture

"In God we trust; all others must bring data." — W. Edwards Deming, the quality-management pioneer, in a line he made famous in his teaching. An underwriter would add only one clause: bring the data, yes — and then read it for the story it is trying not to tell you.

Overview

Here is the uncomfortable truth at the start of every file: you must decide a risk you cannot see. The broker's submission for Harbor Steel is a few PDFs and a cover email. Somewhere behind those pages is a real building with a real roof, a real welding floor where a real fire started in 2023, a real fleet of trucks driven by real people with real driving records, and a real set of financials that will tell you whether this company is healthy enough to keep its promises to its customers — and therefore to you. Your job in this chapter is not yet to assess, price, or decide any of that. It is to gather the right information so that when you do assess it (Chapter 9), do the math (Chapter 10), and price it (Chapter 11), you are reasoning about the real risk and not a flattering sketch of it.

This is harder than it sounds, and it is the first place adverse selection (Chapter 1) attacks. The applicant controls what goes on the application. The broker, who is paid when the deal closes, controls how the submission is framed. Both are honest, usually — but both have an interest in your yes, and the information you receive is the information that survived their judgment about what helps the case. So the underwriter cannot be a passive reader of whatever arrives. You decide what to gather, you order the independent reports that the applicant cannot edit, you verify the claims that matter most, and — this is the art — you notice what is missing, because the gap in a submission is often louder than anything in it.

A decision is only as good as the information behind it, and every method of gathering information has a cost, a turnaround time, and a limit on what it can actually prove. Part of becoming an underwriter is learning to spend your information budget well: to know when the application is enough, when you must pull loss runs and an MVR, when an inspection is worth the four-week wait, and when a number on a financial statement should make you stop and ask a question the applicant was hoping you would not ask. And running underneath all of it is a set of rules — the Fair Credit Reporting Act, a patchwork of state restrictions, and the line between fair risk classification and unfair discrimination — that govern what you are even allowed to know and use.

In this chapter, you will learn to:

• Identify the core information sources — the application, the loss run, third-party data, the inspection report, and financials — and state precisely what each can and cannot tell you.
• Read a loss run for management signal, separating a frequency story from a severity story.
• Explain the MVR, CLUE, and the credit-based insurance score — what they measure, and where each is permitted or restricted.
• Order and read an inspection as a verification tool, not a substitute for judgment.
• Apply the FCRA and state restrictions to decide what you may use and when an adverse-action notice is owed.
• Build an information order for an account, flag the gaps, and refuse to decide a risk you have not yet seen.

Learning Paths

This chapter is the front door of the whole underwriting process, so every track needs it — but the weight differs by where you work.

🏠 Personal Lines: The third-party-data and compliance sections (§8.3, §8.6) are your daily reality. The MVR, the CLUE report, and the credit-based insurance score are personal-lines underwriting for auto and home; the FCRA adverse-action notice is a letter you will be responsible for every day. Watch how much of the decision is automated — and where a human still has to look. 🏢 Commercial Lines: The application, the loss run, the inspection, and the financials (§8.1, §8.2, §8.4, §8.5) are the spine of a commercial file like Harbor Steel. The art of the question (§8.7) is the commercial underwriter's edge — the submission never volunteers the thing you most need to know. 📊 Analytics: Every section is a data source you will one day model. Note the provenance and quality problems — missing fields, self-reported values, the difference between an ordered MVR and a self-declared clean record. Garbage in, garbage out starts here, long before the model. 📜 Certification: §8.1–§8.6 map to the information-gathering and regulatory content in the AINS and CPCU underwriting modules; the FCRA and adverse-action mechanics in §8.6 are heavily tested. The key terms here recur in every line.

8.1 The application: what it tells you and what it doesn't

Every file begins with the application — also called the submission when it arrives through a broker with its attachments — the formal request for coverage in which the applicant describes the risk and answers the insurer's questions. In personal lines it is a structured form (the auto application, the homeowners application). In commercial lines it is the ACORD application (the standardized industry form set, named for the nonprofit that maintains it) plus supplemental questionnaires specific to the class — a welding-and-fabrication supplement for Harbor Steel, a restaurant supplement for a restaurant, a habitational supplement for an apartment owner. The application is your starting point, your anchor document, and — this is the part newcomers miss — a legal instrument as much as an informational one.

Start with what the application is for. It does three jobs at once. First, it describes the exposure: what is being insured, where, how big, used for what. Harbor Steel's application tells you the building is about 50,000 square feet, built in 1994, used for metal fabrication and structural-steel work, with roughly 180 employees and about \$45 million in annual revenue. Second, it asks the underwriting questions — the specific, often pointed questions the insurer has learned, through decades of losses, predict trouble in this class: prior losses, prior cancellations or non-renewals, the age of the roof and the sprinkler system, whether hot-work permits are used, whether there are any open claims. Third, and most importantly, it creates the representations on which the contract is built.

⚖️ Compliance Corner The application is where the doctrine of utmost good faith (Chapter 4 owns this term) meets the page. The applicant's answers are representations — statements the insurer relies on in deciding to issue the policy. If a material representation is false, the insurer may have grounds to void the policy from inception, a remedy called rescission (Chapter 33 develops it in full). This is why the signed, dated application matters so much and why you never quietly "fix" an answer for an applicant: the document is the legal record of what the insured told you, and it is your protection — and theirs — if a coverage dispute ever arises. A clean file starts with a complete, signed application, every material question answered, nothing left blank with a shrug.

Now the harder lesson: what the application cannot tell you. Three limits matter.

It is self-reported, which means it is filtered through the applicant's knowledge, memory, and interest. Some of what is wrong on an application is innocent — an owner genuinely does not know the roof's exact age, or forgets a small claim from four years ago. Some is shaded — the application describes the operation in its best light, emphasizes the new safety committee, and is vague about the hot-work practices that started the 2023 fire. And occasionally something is simply omitted. The application is the applicant's account of the risk, and the applicant is, however honestly, an interested party.

It is a snapshot, not a history. The application tells you the roof's age today; it does not tell you the trajectory — whether management has been deferring maintenance for a decade or just bought the building and is fixing everything. It tells you the current payroll; it does not show you the three years of growth or contraction behind it. For trajectory, you need the loss runs (§8.2) and the financials (§8.5).

It is unverified. Nearly every figure on the application is the applicant's number until you confirm it. The \$20 million building value is the applicant's estimate (or their broker's, or a number carried over from the expiring policy that no one has revisited in years); the inspection and a proper valuation (Chapter 19) will tell you whether it is right. The "no prior losses" box is the applicant's recollection until the loss runs prove or contradict it.

⚠️ Underwriting Trap The most common and most expensive application error is treating a blank or a vague answer as a no. "Number of prior losses: _____" left empty is not zero — it is a missing answer, and a missing answer on the question that predicts your loss ratio is a red flag, not a convenience. The disciplined underwriter does not infer the favorable answer; you go back to the broker and get the blank filled before you quote. Adverse selection lives in exactly these gaps: the applicant who leaves the loss question blank is, more often than the base rate would suggest, the applicant with losses to leave out.

So the application sets the agenda. Read carefully, it tells you what the risk claims to be and — by what it emphasizes, what it glosses, and what it leaves blank — it tells you what to go verify. A good underwriter reads the application twice: once for the facts, and once for the questions those facts raise. By the end of that second reading you should have a list of things you do not yet know, and that list is your information order for the rest of the chapter.

8.2 Loss runs: reading the history that predicts the future

If the application is what the risk says about itself, the loss run is what actually happened — and when the two disagree, the loss run wins. A loss run is the insurer-produced report of an account's claim history: each claim with its date, the line of business, a cause-of-loss description, the amount paid, the amount still reserved (set aside for a claim not yet closed), and the claim's status (open or closed). For a commercial account you want five years of loss runs across every line — property, general liability, workers' compensation, auto — produced by the prior carriers, not summarized by the applicant. The loss run is the single most valuable document in a commercial file, and learning to read one is a core underwriting skill.

Begin with what the loss run is for. Past losses are the best available predictor of future losses — not a perfect one, but the best one — because they are a window onto the things that actually drive loss: the physical hazards of the operation, the quality of management, the safety culture, and the attention paid to maintenance and training. A clean five-year history on a hazardous operation tells you something real. A messy one tells you more. The point is not the total dollars; it is the pattern, and patterns come in two flavors that you must learn to tell apart.

Frequency (Chapter 6 owns the term) is how often losses occur; severity is how bad each one is. A loss run dominated by frequency — many small claims — and a loss run dominated by severity — one or two large claims — tell opposite stories and call for opposite responses. High frequency is usually a management signal: a workplace that produces a steady drip of small injuries has a safety-culture problem that will, by the mathematics of it, eventually produce a big one. High severity with low frequency may be bad luck, or it may be a single catastrophic hazard that controls can address. You price and structure them differently (Chapters 11 and 12), and you cannot tell which you are looking at without separating the two.

📄 Read the Submission

text FIGURE 8.1 — "Two fires, read correctly" [the Underwriting File] THE SUBMISSION Harbor Steel's 5-year property loss run, as produced by the expiring carrier and attached by Meridian Risk Partners to the submission. THE CONTEXT 2021: electrical fire, ~$180K paid, closed. 2023: hot-work/welding fire, ~$1.2M paid, closed, no injuries. Plus (other lines) several workers'-comp claims (back injuries; one serious laceration near-miss) and two minor auto claims. WHAT IT SHOWS Property: low frequency (two fires in five years), but rising severity — the second fire was nearly seven times the first. The causes differ (electrical, then hot work), which matters: these are two distinct hazards, not one recurring defect. The WC drip (back injuries) is a frequency signal pointing at material handling and lifting. WHAT IT DOESN'T The dollars do not say whether the 2023 fire's corrective actions were taken, whether a hot-work permit program now exists, or whether the electrical issue behind 2021 was ever fully fixed. The run shows the loss, not the response. The inspection and the loss-control report (§8.4) have to close that gap. THE DECISION Not yet — but the loss run sets the questions: confirm both fires' causes and corrective actions, get the hot-work practices documented, and look hard at the WC frequency. (The decision is Chapter 13.) THE LESSON A loss run is a story about management and hazard, not a column of dollars. Read the causes and the trajectory before you read the total.

Reading a loss run well means asking a specific set of questions, in order:

1. What is the cause of each loss? The cause-of-loss field is the most important column and the one most often skimmed. Two property fires that are both "fire" tell you little; two fires that are "electrical" and "hot work" tell you there are two separate hazards in this building, each of which you must address separately. Causes that repeat are a hazard that was never fixed; causes that differ are a breadth-of-hazard problem.
2. What is the trajectory? Are losses getting more frequent, more severe, or both — or are they trailing off after a corrective action? A loss history that is bad early and clean late may be a risk that fixed itself; the reverse is a risk getting worse, and far more dangerous.
3. Are there open claims, and how are they reserved? An open claim is an unfinished story. A large reserve on an open claim is the prior carrier's estimate of what it will ultimately cost — you should weigh it as a real, if uncertain, future number. Harbor Steel has one pending products-liability claim (an allegedly failed fabricated bracket); that claim is open, and you cannot treat its eventual cost as zero just because nothing has been paid yet.
4. Is the run complete? Does it cover all five years and all lines, or are there gaps? A loss run that conveniently starts after a bad year is a gap you must close. So is a "loss-free" letter offered in place of an actual run — a summary is not a substitute for the carrier-produced detail.

📋 At the Desk Here is the workflow for ordering loss runs, because it trips up every newcomer. You pull the loss runs, and you read them before you read the application — or at least before you believe the application. In commercial lines the broker requests the runs from the expiring and prior carriers on the applicant's behalf; carriers are generally obligated to produce them. Insist on currently valued runs (valued within the last 90 days or so), because reserves on open claims move, and a run valued two years ago may show a \$200K reserve that has since developed into a \$900K paid loss. Insist on the full five years and every line. And when a broker sends you three years instead of five, or a one-page loss summary instead of the carrier runs, do not shrug it off — that missing detail is information, and the discipline to demand the complete history is part of how you avoid writing the account everyone else already declined.

The loss run has limits too, and they are worth naming. It is backward-looking: it tells you what happened under the prior owner, the prior manager, the prior safety regime. If the plant manager who tolerated loose hot-work practices left last year, the loss run is partly a story about someone who is gone — which is exactly the kind of context a model cannot see but an underwriter can verify and weigh. The loss run also suffers from small numbers: two fires in five years is a thin sample, and whether that is a credible signal of a real problem or just noise is a question of credibility theory that Chapter 10 takes up directly. The loss run tells you what happened. It does not, by itself, tell you what it means. That is your job.

8.3 Third-party data: MVRs, CLUE, and credit-based insurance scores

The application is self-reported and the loss runs cover only what the prior carriers saw. To get information the applicant cannot edit, the underwriter turns to third-party data: information about a risk obtained from an independent source rather than from the applicant. Third-party data is powerful precisely because it is independent — it is not filtered through the applicant's interest in your yes — and in personal lines it has become so central that, for auto and home, the decision is largely built on it. Three products dominate, and each measures something different.

The motor vehicle report (MVR) is the official driving record pulled from a state's department of motor vehicles: license status, violations, and at-fault accidents over a look-back period (typically three to five years). The MVR is the backbone of auto underwriting, personal and commercial, because a driver's record is a genuinely predictive signal — drivers with recent violations have, as a class, more future accidents. For Harbor Steel's twelve-truck fleet you will pull an MVR on every listed driver, and you will be reading for the pattern: not a single old speeding ticket, but a recent serious violation, a suspension, or a cluster that suggests a driver who is going to cost you. The MVR is independent and authoritative, but it has a sharp limit: it shows what was cited, not what was done. A driver with a clean MVR may simply not have been caught; a single citation may overstate a momentary lapse. And MVRs cost money and have look-back rules that vary by state, so you order them with intent.

The CLUE report — Comprehensive Loss Underwriting Exchange — is the industry's shared claims-history database: when a property or auto claim is filed, carriers report it to a central exchange, and an underwriter can pull a CLUE report to see an applicant's claims across all carriers over the past several years (typically up to seven for property). CLUE is the answer to a specific adverse-selection move: the applicant who switches carriers precisely to escape a claims history. The expiring carrier's loss run shows only its claims; CLUE shows the claims filed with everyone. For a homeowner applicant, a CLUE report showing three water-damage claims in five years tells you something the application's "no prior losses" box conveniently did not. CLUE's limits: it captures filed claims, so a paid-out-of-pocket loss never appears, and it occasionally carries errors that the consumer has a right to dispute (which is an FCRA matter — §8.6).

⚠️ Underwriting Trap A subtle CLUE trap: a claim is not the same as a loss that is the applicant's fault. A homeowner with two CLUE claims may have had a neighbor's tree fall on their roof twice — bad luck, not bad risk. Worse, in some markets a mere inquiry (asking the carrier whether something would be covered, without ever filing) historically got recorded and counted against the applicant, which regulators have pushed back on hard. Read the CLUE detail — cause, amount, fault — the same way you read a loss run. A raw claim count is a blunt instrument, and treating "number of CLUE claims" as a pure risk score punishes the unlucky alongside the genuinely high-risk. That is both bad underwriting and, in some states, a compliance problem.

The third product is the most powerful and the most controversial: the credit-based insurance score. This is a numerical score derived from elements of an applicant's credit history — payment history, outstanding debt, length of credit history, types of credit, new applications — built specifically to predict insurance loss, not creditworthiness in the lending sense. It is critical to understand what the industry actually claims here, and to state it precisely. The claim is not that poor people have more accidents or that credit causes loss. The claim is purely statistical: that credit-based insurance scores are, across large populations, correlated with future loss frequency and severity — that as a group, applicants with lower insurance scores file more and costlier claims — and that this correlation holds even after controlling for other rating factors. On that statistical basis, most states permit credit-based insurance scores as a rating and underwriting factor in personal auto and home.

📋 At the Desk Why does the industry use a factor that has nothing obviously to do with driving or fire? Because, used as one factor among many, it works as a predictor — it separates lower-loss from higher-loss applicants with enough lift to matter, and a factor that predicts loss is, to a pricing actuary, hard to ignore. But notice exactly what kind of tool this is. It is a correlation-based class factor, not a fact about the individual in front of you. It tells you that applicants who look like this person, as a group, have run higher loss ratios. It does not tell you that this applicant is careless. That distinction — between a statistically valid class signal and a judgment about a person — is the seam where the entire fairness debate lives, and §8.6 and Chapter 35 are where we work it honestly.

The credit-based insurance score is also the clearest example of a theme that runs through this whole chapter: a data source can be statistically valid and ethically contested at the same time. The correlation is real and well documented; the fairness of using it is genuinely disputed, because credit history is itself shaped by income, by historical discrimination, and by life events (a medical bankruptcy, a divorce) that have nothing to do with how someone drives. Several states restrict or ban it for exactly this reason. We are not going to resolve that tension here — the book deliberately refuses to resolve it glibly in either direction — but you must hold both facts at once: the score predicts, and its use raises a real question of social fairness that the law, state by state, answers differently.

8.4 Inspections and loss-control reports

For a commercial risk of any size, the documents only get you so far. At some point you need eyes on the actual property, and that is what the inspection report delivers: the written findings of a physical survey of the risk, performed by a trained inspector — sometimes a carrier loss-control representative, sometimes a third-party inspection vendor. For Harbor Steel, an inspection is not optional; a \$20 million fabrication plant with two fires in five years and a thirty-year-old roof gets surveyed before you bind. The inspection is your independent verification of everything the application claimed, and it is the place where the difference between reported and real finally closes.

What does an inspection actually do for you? Three things.

First, it verifies the physical facts. The application says the building is 50,000 square feet with a built-up roof and wet-pipe sprinklers; the inspection measures, confirms, and photographs. It reports the real condition of the roof (the application says "original 1994" — the inspector reports whether it is merely old or actively failing, ponding, and patched). It confirms the construction type, the sprinkler coverage, the distance to the nearest hydrant, and the fire-protection class — the COPE inputs that Chapter 9 turns into a risk grade. A surprising amount of the time, the inspection contradicts the application: the "fully sprinklered" building turns out to have an unsprinklered addition; the "50,000 square feet" is 62,000. The inspection is how you find out before the claim does.

Second, it surfaces hazards the application never mentioned — because the inspector is trained to see what the applicant has stopped noticing. The accumulation of combustible scrap near the welding bays. The extension cords standing in for permanent wiring. The blocked fire exit, the disabled sprinkler head, the propane cylinders stored indoors. These are the physical hazards (Chapter 6 owns the term) that drive loss, and an applicant who lives in the building every day often cannot see them anymore. The inspector can.

Third — and this is the part newcomers undervalue — the inspection is the beginning of loss control, not just an audit. The inspector's report typically includes recommendations: install hot-work permit procedures, replace the failing roof, clear the egress, upgrade the electrical panel. Those recommendations become the raw material for the conditions you attach to a quote (Chapter 13's subjectivities). An inspection that finds fixable hazards is not bad news; it is a roadmap for turning a marginal risk into an acceptable one.

🤖 Model vs. Judgment A model can ingest a satellite image of Harbor Steel's roof and flag its age and apparent condition — and in Chapter 31 we will see exactly that aerial imagery corroborate the manual read. That is real, and it is getting better fast. But notice what the image cannot do that the inspector can: it cannot walk the welding floor and smell the scrap, cannot open the electrical panel, cannot ask the plant manager to describe the hot-work procedure and watch his face while he answers, cannot tell whether the 2023 fire's corrective actions were actually implemented or merely promised. The overhead image sees the roof; the inspector sees the operation. For a complex hazard like a fabrication plant, the model narrows the question and the inspection answers it. Treat the imagery as a fast, cheap first pass and the on-site survey as the verification — not the other way around.

The inspection has limits you must respect. It is a snapshot of a single day: the floor that was clean for the announced inspection may not be clean on a random Tuesday, and a good inspector knows the difference between a genuinely well-run shop and one tidied up for the survey. It depends heavily on the inspector's skill — a thorough loss-control engineer and a checklist-filling vendor produce very different reports from the same building. And it costs real money and takes real time — often two to four weeks — which is why you order inspections with judgment: a small, low-hazard risk may be written on the documents alone, while a Harbor Steel always gets surveyed. The skill is matching the depth of verification to the size and hazard of the risk.

8.5 Financial statements and public records

There is a question about Harbor Steel that none of the documents so far fully answers, and it is one of the most important in commercial underwriting: is this company financially healthy enough to be a good risk? The answer lives in the financial statements and the public record, and reading them is a skill that separates a commercial underwriter from someone who only checks boxes. Financial condition is not a side issue — it is a leading indicator of loss, and ignoring it is one of the quiet ways a commercial book goes bad.

Why does an insurer care about an applicant's finances? Three reasons, each tied directly to loss.

A company in financial distress is a worse risk, across every line. The classic and sharpest case is moral hazard (Chapter 1): a business that is failing has, at the margin, more reason to see a loss as a solution — the warehouse worth more burned than sold. But the connection is broader and more common than fraud. A company under financial pressure defers the maintenance that prevents losses, cuts the safety training that prevents injuries, delays the roof replacement, stretches its equipment past its service life, and loses the experienced people who ran things safely. Financial stress shows up as physical loss with a lag, and the financial statements are where you see the stress before the loss arrives.

Financial information also tells you whether the exposure values make sense. Revenue is the exposure base for general liability in many classes; payroll is the exposure base for workers' compensation. If Harbor Steel reports \$45 million in revenue but the GL application is rated on \$30 million, the financials have just caught an exposure gap that would otherwise surface at audit as a surprise — or never surface at all, leaving the policy underpriced for the whole term.

And for certain coverages, financial strength is the direct subject of the underwriting. We will see this most starkly with surety bonds (Chapter 25), where the underwriter is essentially a credit analyst betting the company will perform — but even in property and casualty, the financial trajectory tells you whether you are insuring a healthy, growing operation or one quietly running out of road.

📋 At the Desk You do not need to be an accountant, but you must be able to read a balance sheet and an income statement for a few specific signals. Trajectory: three years of statements beats one — is revenue growing or shrinking, are margins healthy or compressing? Liquidity: does the company have the working capital to absorb a bad quarter, or is it one slow month from trouble? Leverage: how much debt, and can the cash flow service it? You are not auditing the company; you are asking, "does this look like a business that can keep its promises and afford to run safely for the next twelve months?" For a privately held company like Harbor Steel you may get only an internal or reviewed statement rather than an audited one — note the difference, because an unaudited statement is the company's own number, with all that implies.

The public record rounds out the picture, often for free. Business registration and licensing status, liens and judgments, bankruptcy filings, regulatory actions, OSHA citation history for a manufacturer, news coverage — all of it is independent information the applicant did not choose to put in front of you. An OSHA history of serious safety violations is a workers'-comp and general-liability signal that the application will never volunteer. A pattern of liens and judgments is a financial-distress signal. A news search that turns up a fire the loss runs somehow missed is exactly the kind of gap that should stop a quote. Public records are cheap, independent, and frequently the source of the one fact that changes the decision.

⚖️ Compliance Corner The same care applies to financial and public-record data as to credit: you may use it to assess risk, but the line between risk-based evaluation and unfair discrimination (Chapter 4 owns that term) does not disappear because the data is financial. A company's financial weakness is a legitimate risk factor; using financial proxies in a way that systematically disadvantages a protected class is not (Chapter 35). And when a financial or public-record report comes from a consumer-reporting agency and is used to deny, cancel, or increase the price of personal coverage, the FCRA's adverse-action obligations attach — which is exactly where we turn next.

8.6 What you may and may not use: FCRA, state restrictions, and privacy

Everything in this chapter has been about getting information. This section is about the rules that govern using it — and they are not optional, not soft, and not the same in every state. An underwriter who gathers brilliantly and uses unlawfully is a liability to the company. The single most important framework here is the Fair Credit Reporting Act (FCRA) — a real federal statute, owned as a Tier-1 reference throughout this book — and you must understand its core machinery cold.

The FCRA governs the use of consumer reports — information about an individual's creditworthiness, character, or general reputation assembled by a consumer-reporting agency (CRA) for purposes including insurance. When an insurer pulls a credit-based insurance score, a CLUE report, or an MVR through a CRA to underwrite personal insurance, that is an FCRA-governed use, and three obligations follow.

1. Permissible purpose. You may pull a consumer report only for a permissible purpose, and underwriting a policy the consumer applied for is one. You may not pull reports for curiosity, for a person who has not applied, or for a purpose outside what the law allows.
2. Adverse-action notice. This is the obligation that touches the underwriting desk most directly. If you take an adverse action — denying coverage, cancelling, non-renewing, or charging a higher premium — based in whole or in part on information in a consumer report, you must notify the consumer. The notice must tell them that an adverse action was taken, identify the CRA that supplied the report (so they can get a copy), and inform them of their right to dispute the information's accuracy and to obtain a free copy of their report. For credit-based insurance scores specifically, the notice rules also require disclosing the key factors that adversely affected the score.
3. Accuracy and dispute rights. The consumer has the right to see the information, to dispute errors, and to have the CRA reinvestigate. This is why a CLUE or credit error is the consumer's to correct — and why you should never treat a third-party report as infallible.

⚖️ Compliance Corner The adverse-action notice is the FCRA obligation underwriters most often get wrong, and the error is almost always the same: forgetting that charging more counts. Underwriters reliably remember to send a notice when they decline. They forget that pricing the policy higher because of a credit-based insurance score is also an adverse action that triggers the notice. If the consumer report moved the price up, the notice is owed. Get this wrong at scale and you have a regulatory problem affecting thousands of policies at once. The fix is procedural, not heroic: build the adverse-action notice into the workflow so it fires automatically whenever a consumer report contributes to a less-favorable outcome, and never rely on an underwriter to remember.

Beyond the FCRA sit the state restrictions, and this is where it gets genuinely complicated, because the McCarran-Ferguson Act (Chapter 4) leaves insurance regulation largely to the states — so what you may use varies by state and by line. Several states sharply restrict or prohibit the use of credit-based insurance scores in personal auto and home. States restrict or ban specific rating factors at different times for different lines — gender in auto rating in some states, certain uses of credit, certain territorial definitions that regulators view as proxies for protected classes. There is no single national rulebook; there is a patchwork, and part of an underwriter's professional competence is knowing the rules of the states they write in. What is a standard, filed rating factor in one state may be flatly prohibited next door.

And underneath the specific rules is the bright line the whole system rests on: you may classify and price by risk; you may not discriminate by protected class — race, religion, national origin, and, variably by state and line, gender, and (for credit and certain data) more. This is the distinction between fair and unfair discrimination that Chapter 4 defines and Chapter 35 takes apart in full. It matters in this chapter because information is where the line gets crossed, usually not on purpose. The danger is proxy discrimination (Chapter 35 owns the term): using a permitted factor — a ZIP code, a credit element, a data field — that happens to stand in for a protected characteristic, producing a discriminatory result through ostensibly neutral data. You do not get to plead good intentions; the result is what the law and the regulator look at.

⚠️ Underwriting Trap The trap here is assuming that "it's just data, and the data predicts loss" is a complete defense. It is not. A factor can be statistically predictive and an illegal proxy at the same time — predictive because it correlates with a protected class that the law forbids you to price on. The credit-based insurance score sits right on this edge, which is why it is the most litigated and most regulated data source in personal lines. The disciplined posture is not "use everything that predicts" and not "use nothing that might offend," but a third thing: use what is permitted in this state for this line, document why each factor is a legitimate risk signal, and treat the fair/unfair line as a live constraint on every file — not a footnote. The data being predictive is the start of the analysis, never the end of it.

Finally, privacy. The information you gather is sensitive, and the duty to protect it is both ethical and, increasingly, legal. You collect only what you need for the underwriting purpose, you use it only for that purpose, you protect it, and you respect the consumer's rights to see and correct it. The gathering of information carries an obligation that scales with its sensitivity, and the underwriter who treats a stranger's financial and personal data carelessly has failed at something more basic than compliance.

8.7 The art of the question: what the applicant doesn't say

We end with the part of information gathering that no checklist captures and no system automates: the art of noticing what is not in front of you. Every technique in this chapter is, at bottom, a way of correcting the imbalance of information between the applicant and the underwriter — the same imbalance that drives adverse selection (Chapter 1). The application, the loss runs, the third-party reports, the inspection, the financials: each closes part of the gap. But the most experienced underwriters have a further skill that the documents cannot give them. They read the silences.

A submission is a curated thing. The broker assembled it to make the case; the applicant answered the questions asked, no more. So the underwriter's sharpest question is often: what would I expect to be here that isn't? A fabrication plant's submission with no mention of a hot-work permit program — when hot work is the obvious hazard and one of its fires was a hot-work fire — is telling you something by omission. A loss run that starts in year two of a five-year request is telling you about year one. A financial statement provided for two of the three years you asked for is telling you about the missing year. A glowing description of the new safety committee with no mention of when it was formed invites the question: was it formed after the 2023 fire, in response to it, and has it actually changed anything?

📋 At the Desk Concretely, how do you "read the silence"? You build the habit of comparing the submission to your mental template of a complete file for this class, and you treat every gap as a question rather than an assumption. The move is always the same and it is not adversarial: you go back to the broker with specific, answerable questions. "I need the missing year of loss runs." "Please confirm whether a hot-work permit program is in place and provide the written procedure." "The application lists revenue at \$45M but the GL is rated on \$30M — which is correct?" A good broker (and Meridian is one of the good ones) respects this; it is how you do the job well, not how you make their life hard. The lazy underwriter quotes off the submission as received. The disciplined one closes the gaps first — and sees the risk that the gaps were hiding.

This is also where the human underwriter remains, for now, irreplaceable, and it is worth being precise about why. A model scores the data it is given. It is very good at finding patterns in the fields it receives and genuinely better than a human at weighing dozens of variables consistently. But it has no concept of the field that should be there and isn't, no instinct that the description is suspiciously smooth, no ability to hear what an answer is avoiding. It cannot ask a follow-up question, because it does not know what it is not being told. The art of the question — knowing what to gather, sensing what is missing, and going to get it — is the part of information gathering that is still, irreducibly, judgment. The data tells you what is there. The underwriter notices what is not.

That noticing is not mysticism; it is pattern recognition built from having seen many files, and it is exactly the skill this book exists to develop. You will get better at it by reading hundreds of submissions and watching which silences turned out to matter. For now, hold the discipline: gather the right information, verify what matters, and never mistake the absence of a red flag for the presence of a clean risk.

🗂️ The Underwriting File

You order the information. The Harbor Steel submission has been open on your desk since Chapter 1, and through Chapters 4 through 7 you framed it legally, mapped its coverage architecture, inventoried its exposures, and confirmed it is the kind of risk your company underwrites — pending appetite. Now, before any assessment or pricing, you do the unglamorous, essential thing: you order the information and you write down what is missing. Here is the order you send back through Meridian Risk Partners, and the gaps you flag.

The information order: - Five years of loss runs, all lines, currently valued — property, general liability, workers' compensation, and commercial auto, produced by the expiring and prior carriers, valued within the last 90 days. You already have the property runs showing the 2021 electrical fire (~\$180K) and the 2023 hot-work fire (~\$1.2M); you need the same detail for WC (the back injuries and the laceration near-miss), auto (the two minor claims), and GL (especially anything touching the pending bracket claim). - An on-site inspection / loss-control survey — a \$20M fabrication plant with two fires and a 1994 roof does not get written on documents alone. The survey will verify the roof's true condition, the sprinkler coverage, the fire-protection class, the hot-work practices, and the housekeeping near the welding bays — and will produce the loss-control recommendations that become your conditions later. - MVRs on every fleet driver — all twelve units; you are reading for the recent serious violation or the suspension, not the stale ticket. (One poor record will surface, but that is Chapter 23's beat — here you only order the reports.) - Three years of financial statements — to test the company's health, confirm the ~\$45M revenue and ~\$11M payroll that drive the GL and WC exposure bases, and watch for the distress that precedes deferred maintenance. - The statement of values (SOV) — the detailed schedule behind the \$20M building / \$8M equipment / \$10M business-income figures, so the property values can be verified rather than carried over (the SOV is built out in Chapter 19). - Public records — business registration, any OSHA citation history for the plant, liens/judgments, and a news search (does anything turn up that the loss runs missed?).

What's missing / flagged: the causes and corrective actions behind both fires (the runs show the loss, not the response); whether a hot-work permit program actually exists in writing; the trajectory behind the financials; and confirmation that the loss runs are complete (all five years, all lines, no convenient gaps). The one pending products-liability claim is open — its eventual cost is uncertain and must not be treated as zero.

Running disposition: information ordered; gaps flagged. Nothing is assessed, priced, or decided. You have built the order, not the answer. The next chapter takes the information back and turns it into a risk grade — COPE on the building and the loss-control read of those two fires.

Conclusion

Information gathering is the foundation the rest of underwriting is built on, and it is the first place the discipline of the craft shows. A decision is only as good as the information behind it, and every source has a purpose and a limit: the application describes the risk but is self-reported, a snapshot, and unverified; the loss run tells you what actually happened but is backward-looking and often a thin sample; third-party data — the MVR, CLUE, the credit-based insurance score — is independent and predictive but blunt, sometimes erroneous, and in the case of credit, statistically valid yet ethically contested; the inspection verifies the physical reality but only for a single day and only as well as the inspector; the financials reveal the health that precedes loss but may be the company's own unaudited number. The art is knowing what to gather, what each source can and cannot prove, and — through the FCRA and the state-by-state patchwork — what you are even permitted to use.

Two of the book's themes ran straight through this chapter. Adverse selection is the enemy: every technique here — the independent loss runs, the CLUE report that catches the carrier-switcher, the question that fills the blank the applicant left empty — exists to correct the information imbalance that, left alone, fills the pool with the risks the applicant knows about and you don't. And technology augments the underwriter but does not replace the judgment: the model scores the fields it is given and will only get better at it, but it cannot notice the field that should be there and isn't, cannot hear what an answer avoids, and cannot ask the follow-up question — which is why the art of the question remains the underwriter's.

You have ordered the information on Harbor Steel and flagged what is missing. You have not yet decided anything, and you should not want to — you cannot grade a risk you have not finished seeing. In the next chapter you take everything you have gathered and turn it into a risk assessment: the COPE framework on the building, the loss-control read of those two fires, and the risk grade that the pricing will be built on. The information is on its way in. Now we learn to read it.

Key Terms

• Application (submission) — the formal request for coverage in which the applicant describes the risk and answers the insurer's questions; a submission is the application plus its attachments as delivered (often by a broker). It is both an information document and the legal record of the insured's representations.
• Motor vehicle report (MVR) — the official driving record obtained from a state motor-vehicle authority, showing license status, violations, and at-fault accidents over a look-back period; the backbone of auto underwriting.
• CLUE (Comprehensive Loss Underwriting Exchange) — an industry-shared claims-history database that lets an underwriter see an applicant's filed property or auto claims across all carriers over a multi-year look-back, independent of any single carrier's loss run.
• Credit-based insurance score — a numerical score derived from elements of an applicant's credit history and built specifically to predict insurance loss; statistically correlated with loss, permitted in most states for personal auto and home, and the most regulated and contested data source in personal lines.
• Loss run — the insurer-produced report of an account's claim history (date, line, cause, paid, reserved, status), ordered across five years and all lines; the most valuable document in a commercial file, read for cause and trajectory, not just total dollars.
• Inspection report — the written findings of a physical survey of the risk by a trained inspector; verifies the application's physical claims, surfaces hazards the applicant no longer notices, and produces the loss-control recommendations that become quote conditions.
• Third-party data — information about a risk obtained from an independent source rather than from the applicant (MVR, CLUE, credit, public records); valuable precisely because it is not filtered through the applicant's interest in the insurer's yes.

Spaced Review

1. A commercial loss run shows one large workers'-comp claim and nothing else over five years, while a second account shows eight small claims and no large one. Which is more likely a management signal, and how does the frequency-versus-severity distinction change how you would respond? (§8.2; frequency × severity from §6.3)
2. An auto applicant declares a clean record on the application. What independent source confirms or contradicts that, what does that source measure that the applicant cannot edit, and what is the one thing it still cannot tell you? (§8.3)
3. You raise a personal-auto applicant's premium partly because of a credit-based insurance score. What does the FCRA require you to do, and which part of that obligation do underwriters most often forget? (§8.6)
4. Why is the applicant's non-renewal by the prior carrier (which you noted back in Chapter 1) a reason to order independent loss runs and a CLUE-style history rather than relying on the application's loss summary? Tie your answer to adverse selection. (§8.2, §8.3; adverse selection from §1.4)
5. (The recurring pricing-discipline question.) You are tempted to quote Harbor Steel quickly off the submission as received, skipping the inspection and the missing two years of loss runs to beat a competitor to the broker. Would writing the account on incomplete information help or hurt your combined ratio over the next few years, and why? (§8.1, §8.4; combined ratio from §3.5; rate adequacy from Chapter 11 preview)