OGC Opinion No. 09-10-02

The Office of General Counsel issued the following opinion on October 15, 2009, representing the position of the New York Insurance Department.

RE: Proposed Services Agreement Providing Identity Protection and Credit Repair Services

Question Presented:

Does the proposed Services Agreement, which provides purchasers with certain identity protection and credit repair services, constitute an insurance contract in New York?


No, the proposed Services Agreement, which provides purchasers with certain identity protection and credit repair services, does not constitute an insurance contract in New York.


The inquirer reports that his client, the “Company,” wishes to provide administrative services to persons pursuant to an agreement (the “Services Agreement”) in exchange for a flat fee paid at the beginning of each term of the Services Agreement. The Company proposes to market and issue the Services Agreement to consumers in New York State, and thereby undertake to provide the Members with certain identity protection and credit repair services. The Company is a New York not-for-profit corporation that currently provides credit counseling services but does not renegotiate loans. It is not authorized as an insurer in this state.

The inquirer reports that the proposed Services Agreement would provide administrative and related services, in the nature of identity protection and credit repair, to individual consumers who purchase it and thereby become Members. The Services Agreement is designed to “assist members by providing identity protection services, including placing fraud alerts on the member’s file, removing the member from mailing lists, ordering the member’s credit reports, and enrolling the member in a payment reminder service. In addition, the member will receive credit repair services, including credit consultation, development of a utilization ration plan, and assistance with correcting errors in the member’s credit report through the provision of standard letters. These services are provided to the member regardless of any event during the term of the membership, and will continue to be provided to the member if an unauthorized use of the member’s personal identifying information is detected.” The inquirer sent the Department a copy of the application and the Services Agreement along with his inquiry.

A. Identity Protection Services

For adults, the Company proposes to:

Request fraud alerts from the three leading consumer credit reporting agencies;
Renew fraud alerts to keep them active;
Request that the member’s name be removed from mailing lists for pre-approved offers for credit cards or insurance;
Order annual credit reports from the consumer credit reporting agencies; and
Provide enrollment in an on-line payment reminder service.

For a minor child of a Member, the Company proposes to:

Request fraud alerts on the child’s consumer report;
If a consumer report is found for the child, renew the fraud requests to keep them active; and
Order annual credit reports on the first day of the term and annually thereafter.

The Company would place the fraud alerts immediately upon a new Member’s purchase of a Services Agreement, irrespective of whether or not the Member is in fact the subject of an identity theft incident.

In addition, the Company will provide an on-line payment reminder service under which the Member creates an account used to pay bills for recurring payments, such as loan payments and electric bills. The on-line payment reminder service sends the Member e-mail reminders of the due dates of payments.

B. Credit Repair Services

The Company proposes to:

Assign to the Member a credit consultant who is to:

Provide a credit consultation to the Member, during which there is an analysis of the credit reports and addressing questions to the credit reporting agencies regarding all accounts, whether derogatory or not;
Provide a Utilization Ratio Plan to the Member;
Call Members on a regular basis to review the status of correction requests;

Prepare and mail initial letters to persons who reported adverse events to any of the Credit Reporting Agencies that the Member identifies as being erroneous during the consultation;
Prepare and mail second and third follow-up letters if an error is not timely corrected;

In addition, the Member would establish an account on the Company’s website with a personal login and password so that the Member can monitor the progress of credit repair activity.


N.Y. Ins. Law §§ 1101 and 1102 (McKinney 2006) are relevant to the inquiry. Insurance Law §1101 provides in pertinent part:

(a)(1) "Insurance contract" means any agreement or other transaction whereby one party, the "insurer", is obligated to confer benefit of pecuniary value upon another party, the "insured" or "beneficiary", dependent upon the happening of a fortuitous event in which the insured or beneficiary has, or is expected to have at the time of such happening, a material interest which will be adversely affected by the happening of such event.

(2) "Fortuitous event" means any occurrence or failure to occur which is, or is assumed by the parties to be, to a substantial extent beyond the control of either party.

(b) (1) Except as provided in paragraph two, three or three-a of this subsection, any of the following acts in this state, effected by mail from outside this state or otherwise, by any person, firm, association, corporation or joint-stock company shall constitute doing an insurance business in this state and shall constitute doing business in the state within the meaning of section three hundred two of the civil practice law and rules:

(A) making, or proposing to make, as insurer, any insurance contract, including either issuance or delivery of a policy or contract of insurance to a resident of this state or to any firm, association, or corporation authorized to do business herein, or solicitation of applications for any such policies or contracts;

Insurance Law § 1102(a) sets forth the requirement that a license is required in order to do an insurance business in New York:

No person, firm, association, corporation or joint-stock company shall do an insurance business in this state unless authorized by a license in force pursuant to the provisions of this chapter, or exempted by the provisions of this chapter from such requirement.

A. Identity Protection Services

The proposed identity protection services under the Services Agreement - making requests for the placement of fraud alerts with the three major credit agencies, requesting removal of names from mailing lists for credit cards and insurance, and enrollment in the on-line payment reminder service – provide benefits that are not dependent upon the happening of a fortuitous event within the measuring of Insurance Law § 1101. The Company would provide the services immediately upon the sale of a Services Agreement to a Member, irrespective of whether or not the Member was the subject of an identity theft incident. Therefore, the proposed identity theft services do not constitute insurance under the Insurance Law definition.

Credit Repair Services

The proposed credit repair services are supposed to help Members improve their credit ratings. The services enumerated fall into two categories. The first category involves credit consultations and related services. These services would be provided by the Company to a Member upon the Member’s enrollment, and therefore are not provided dependent upon the happening of a fortuitous event within the meaning of Insurance Law § 1101. The second category involves requests for the correction of erroneous credit reports that have been made by others and appear upon a Member’s Credit Reporting Agency account. These include initial requests for correction, follow-ups, and the setting-up of a Member website account so that the Member can monitor the progress of credit repair. While the second category of credit repair services are triggered by the filing of an erroneous credit report, these services are notification benefits that are similar to other notification benefits related to identity thefts that the Department has previously concluded do not constitute insurance under Insurance Law § 1101. See Office of General Counsel Opinion 07-08-14 (August 31, 2007) (providing credit reports and credit monitoring services); OGC Opinion dated September 13, 1989 (notification to credit card issuers when cards have been lost or stolen). As such, under Insurance Law § 1101, the Company may lawfully provide the services without a duly-issued license from this Department.

Please be advised that this opinion is limited to the New York Insurance Law alone, and does not address other laws, such as the federal Fair Claims Reporting Act, which might also be applicable to the proposed Services Agreement.

For further information, you may contact Principal Attorney Barbara A. Kluger at the New York City office.