ABC News in North Carolina reports that a driver in the state looked up and saw a bird carrying a huge fish.
“It was one of those slow-motion moments in life. I saw the fish and I saw him drop it,” said Rhesa Walston of Beaufort, North Carolina.
The catfish smashed straight into her windshield.
It happened so quickly she didn’t have time to react.
“There was glass all over my front seat…glass on my lap,” Walston told ABC News.
After making sure her daughter in the back seat was safe, Walston contacted her family and her insurance company. Family members tracked down the fish (apparently, catfish dropped from high altitudes bounce) and took pictures to corroborate her catch.
Walston told ABC News she will have to pay the $250 deductible on her comprehensive auto policy — not a huge price for a story the family will be telling for years to come. Animal damage is covered if you have optional comprehensive coverage. If you only have collision coverage, then you’re not covered.
It’s getting harder for California homeowners in fire-prone areas to buy and keep insurance.
Homeowners insurance non-renewals were on many listeners’ minds during last week’s Insurance Information Institute (I.I.I.) radio satellite media tour (SMT) on the aftermath of the 2017-18 California wildfires.
With 20 media outlets throughout the state participating, I.I.I. CEO Sean Kevelighan, Head of Media and Public Affairs Michael Barry, and Director of Strategic Communications Janet Ruiz were on hand to answer questions from journalists.
As the frequency and cost of California wildfires increase, it’s getting harder for homeowners in fire-prone areas to buy and keep insurance. In August 2019, the California Department of Insurance released data showing insurers are non-renewing an increasing number of residents in areas with high wildfire risk.
The guidance the I.I.I. provided to Californians faced with this dilemma included:
If your insurer says they won’t renew your policy, ask them to reconsider. Your situation may involve factors they don’t know about.
Try another insurer. The insurance market is competitive, and insurers don’t profit from not writing business. Risk appetites and underwriting vary.
When all else fails, California’s Fair Access to Insurance Requirements (FAIR) plan is available as an insurer of last resort, after “a diligent effort to obtain coverage in the voluntary market has been made.”
The I.I.I.’s speakers also emphasized during the SMT that property owners can make their homes more resilient to wildfires by mitigating their own risks; how California’s insurers disbursed nearly $25 billion to their customers to help them recover financially from the 2017-18 wildfires; and how state regulators are working with insurers to price accurately the risks of covering homes in wildfire-prone communities.
Within hours of I.I.I.’s SMT, California Insurance Commissioner Ricardo Lara announced mandatory protections from insurance non-renewals extending into new areas of Northern and Southern California. The one-year moratorium covers residential policies in ZIP codes adjacent to recent wildfire disasters. The law cited by Commissioner Lara (Senate Bill 824) protects homeowners adjacent to a declared wildfire emergency who didn’t suffer a total loss — recognizing the disruption non-renewals cause in communities after wildfire disasters.
Below is a list of the participating radio stations and podcasters who taped the I.I.I. conversations for either broadcast or streaming in January 2020:
KCAA 1050-AM/KRLA 870-AM/KSPA 1510-AM Los Angeles/KDIA 1640-AM/KFAX 1100-AM Radio San Francisco-Oakland-San Jose “Bill Martinez Live”
Business Radio X-IND Podcast National, “The Mark Bishop Podcast”
KOCI 101.5-FM Los Angeles/Liberty Express Radio Network-AM/FM Radio Syndicated “School for Startups”
KSZL 1230-AM Radio Los Angeles “America Tonight with Kate Delaney”
KMET 1490-AM Los Angeles – KEST 1450-AM Radio San Francisco-Oakland-San Jose, “Talk! With Audrey”
Transformation Talk Radio-Online Podcast National, “The Dr. Pat Show”
KVTA 1590-AM Radio Los Angeles, “The Kim Pagano Show”
KSTE 650-AM Radio Sacramento-Stockton-Modesto, “The Chad Benson Show”
On Tuesday, December 17, the House approved a package of bills that includes a seven-year reauthorization of the Terrorism Risk Insurance Act (TRIA) and funding for the National Flood Insurance Program until September 30, 2020.
Numerous insurance industry groups applauded the extension of TRIA. The act has been an important support in the effort to supply terrorism insurance through the private market. Since it was enacted, the percentage of companies purchasing terrorism insurance has risen to 80 percent, and the price of coverage has fallen more than 80 percent.
The $1.4 trillion spending package also includes:
Federal funding ($25 million) for gun violence research for the first time in 20 years.
A repeal of Obamacare taxes, including a 2.3 percent excise tax on medical devices, a health insurance industry fee that would have taken effect in 2020, and the 40 percent “Cadillac” excise tax on the most expensive health-insurance plans.
The Setting Every Community Up for Retirement Enhancement (SECURE) Act of 2019, which features provisions that make it easier for smaller employers to join open multiple-employer plans, ease non-discrimination rules for frozen defined benefit plans, and add a safe harbor for selecting lifetime income providers in defined contribution plans.
The bill is expected to pass the Senate and be signed by President Trump before government funding expires on December 20.
The most primal ones – those associated with wind, fire, and water – often travel in pairs. Modern, more complicated risks – supply chain, business interruption, cyber, political, and financial – are like tapestries so tightly woven that any effort to address this or that hazard can threaten to unravel much of what you’re trying to protect.
A new report from Verisk looks at complex emerging risks and why they matter to insurers and risk managers.
Between 1990 and 2008, natural hazards were the cause of 16,600 hazardous material releases.
“Accidents in the industrial sector can be catastrophic, and up to five percent of all accidents in this sector are caused by natural events,” writes Alastair Clarke of Verisk’s AIR Worldwide in an article titled “Where Climate Change and Natech Risk Meet.”
Between 1990 and 2008, Clarke reports, natural hazards were the cause of 16,600 reported hazardous releases.
“In each case,” he writes, “a natural event triggered a technological malfunction that led to the release of hazardous material.”
That’s a natech, and the insurance implications are significant.
Many examples exist of catastrophic casualty claims from natechs. The report cites the 2010 collapse of a dam at the Ajka alumina plant in Hungary. The dam broke after days of heavy rain, releasing toxic sludge and causing 10 deaths and 150 injuries, along with the contamination.
In 2005, Hurricane Katrina triggered 200 hazmat releases. When storm surge ruptured a storage tank at a Louisiana oil refinery, Clarke writes, “the release of 25,000 barrels of crude oil affected 1,800 homes and resulted in a $330 million settlement.”
“Natechs show how liability can arise from natural events that can be traced back to the suppliers of a faulty service,” Clarke writes. “With climate change, the threads are deeply tangled. ”
IoT unites us, for better and worse
Globalization has connected the world through commerce and culture as never before, and the Internet of Things (IoT) aims to finish the job. But supply-chain risks – already subject to the vagaries of weather, politics, and global finance – only become more complex as machines whisper among themselves.
Utilities alone are expected to deploy more than 800 million connected IoT devices by the end of 2019. Each one is a potential cyberattack portal.
In “Cyber Risks Loom Large in an Interconnected World,” Tim Campbell of Verisk Maplecroft and Kamban Parasuraman of AIR report that a survey of more than 1,000 U.K. and U.S. risk professionals indicated the average company shares confidential information with about 583 third parties. Of those surveyed, 59 percent experienced a data breach linked to a vendor or other third party in 2018.
“Just as companies need to be aware of the cyber risks introduced by third parties in their supply chains,” Campbell and Parasuraman write, “insurers may need to consider how the insureds within its own book of business are interconnected. In fact, the lack of full visibility into each insured’s interdependencies may create risks that are unidentifiable from an underwriting standpoint.”
Utilities alone are expected to deploy more than 800 million connected IoT devices by the end of 2019, reports Ben Kellison of Verisk’s Wood Mackenzie in “Power Utilities Face Emerging Cyber Threats.”
Each one is a potential cyberattack portal.
“The power grid is also becoming more decentralized,” Kellison writes. “Tens of millions of small generators and loads are being integrated into more power markets and local power systems that may or may not be owned or operated by the utility.”
The risks go on
The Verisk report, produced by the data and analytics provider’s ISO Emerging Issues team, examines these and other risk areas. As I reflect on these articles in the context of many hours spent reading about, discussing, and listening to others discuss risk and insurance, it becomes clear – from a resilience perspective – that a more holistic, epidemiological approach to risk management is needed.
Your building can be designed and built well above code; if your neighbors’ buildings aren’t, you’re at risk when a tornado turns their HVAC units into projectiles. This reality becomes more insidious when your billing system is threatened by malware introduced through a customer’s “smart” lightbulb.
There’s a road in my town that’s widely regarded as a speed trap. We all know drivers who say they were unfairly stopped and ticketed on it. I’ve never been and, come to think of it, neither has anyone I talk to about it. Maybe it’s because we live in town and “everyone knows” about the trap.
Cyber is a relatively new, evolving risk. Insurers manage their exposures, in part, by setting coverage limits and excluding events they don’t want to insure.
Sure, people get ticketed. The road is straight and wide, and I guess some feel they should be able to drive faster than the clearly posted speed limit. Or maybe they think the “real” limit is somewhat north of the number posted.
Is that really a “speed trap”?
I think of this road when I hear people say they don’t buy cyber insurance because “everyone knows” cyber claims don’t get paid.
Poster child for “cyber” denial
The example on everyone’s lips when this topic comes up is Mondelez International, the food and beverage giant hit by the NotPetya ransomware attack in 2017. Mondelez incurred losses exceeding $100 million, and its insurer denied coverage based on a war exclusion.
The irony? The policy in question covered property, not cyber. One can argue – as Mondelez does in a lawsuit – that the war exclusion is being unfairly applied, but businesses aren’t ceasing to buy property insurance on account of it!
Cyber claims data are hard to come by, but for nine years NetDiligence has published a Cyber Claims Study analyzing paid claims. The 2019 study looks at more than 2,000 such claims aggregated in over 20 ways, including types and amounts of losses, incident causes, data types exposed, business sectors affected, revenue size of claimants, and financial impact.
Verisk, whose cyber products help insurers write coverage based on their policyholders’ risk characteristics, doesn’t publish claims data but aggregates and incorporates them into its analytics.
NetDiligence publishes an annual Cyber Claims Study. Verisk aggregates and incorporates claims data into its analytics. Why do so many believe cyber claims don’t get paid?
Why the perception/reality gap?
Cyber is a relatively new, evolving risk. Insurers manage their exposures, in part, by setting coverage limits and excluding events they don’t want to insure. Indeed, in a recent survey by J.D. Power and the Insurance Information Institute, small-business owners named “too many exclusions” among the top reasons they don’t buy cyber coverage.
Claims are often denied because of exclusions policyholders might not have known about or understood. Some insurers, for example, include “failure to follow” exclusions for claims arising from inadequate security standards.
Everyone’s responsibility
If insurers want businesses to buy cyber policies and not be hit with unpleasant surprises at claims time, they need to be aggressively transparent about what’s included and excluded. Relegating this to fine print is not a good strategy.
Brokers and agents need to educate themselves about their clients’ needs and be fastidious in aligning coverage recommendations with those needs.
And insurance buyers – those with most at stake – need to understand cyber perils and insurance. For example, insurers require a cyber hygiene self-assessment from applicants. If, after an incident, that assessment proves inaccurate – say, if encryption practices were misrepresented – coverage can be denied.
Insurance isn’t a replacement for cyber diligence. But it can complement it as part of a well-planned risk management program.
A couple of articles crossed our desk recently that discussed the benefits and pitfalls of algorithms and artificial intelligence (AI). Neither discussed insurance, but they offered important lessons for the industry.
Algorithms and AI can work quickly, but they aren’t perfect.
An algorithm is a simple set of instructions for a computer. Artificial intelligence is a group of algorithms that can modify and create new algorithms as it processes data. Broadly, these smart technologies can drive untold change for the industry.
As the Financial Times wrote earlier this year, “Insurance claims are, by their nature, painful processes. They happen only when something has gone wrong and they can take months to resolve.”
Chinese insurer Ping An uses AI to accelerate decision making, and New York-based insurance start-up Lemonade employs algorithms and AI to help pay clients more quickly. Other insurers use smart technologies for fraud detection, risk management, marketing, and other functions.
What could go wrong?
Algorithms and AI can work quickly, but they aren’t perfect. A recent article by Osonde A. Osoba, an information scientist and professor with the RAND Corporation, details what data scientists call an “algorithm audit.” An algorithm audit detects biases or blind spots that skew results, making it necessary to review and test the underlying data.
In the case Osoba discusses, Apple Pay was assailed on Twitter by tech executive David Heinemeier Hansson for giving him a credit limit 20 times larger than his wife’s, despite their sharing all assets, among other factors. Hansson concluded that the algorithm was sexist – causing a furor on the social media platform among both those who vehemently agreed and disagreed with him.
Apple Pay said it doesn’t have information about applicants’ gender or marital status. Yet no one from Apple could answer why Hansson received a significantly higher credit limit. They responded: “Credit limits are determined by an algorithm.”
Still, these algorithms and AI are informed by something – perhaps the implicit biases of the programmers. For example, systems using facial recognition software have yielded decisions that appear biased against darker-skinned women.
Are algorithms easier to fix than people?
An article in The New York Times by Sendhil Mullainathan, a professor of behavioral and computational science at the University of Chicago, discusses human and algorithmic biases. He cites a study in which he and his co-authors examined an algorithm that is commonly used to determine who requires extra levels of health care services. This algorithm has affected approximately 100 million people in the U.S. In this case, black patients were routinely rated to be at lower risk. However, the algorithm was inherently flawed: it used data on who receives the highest amount of health care expenditures.
Black patients already spend less money on health care than white patients with the same chronic conditions, so the algorithm only served to reinforce this bias. Indeed, without the algorithmic bias, the study estimated that the number of black patients receiving extra care would more than double. Yet Mullainathan believes that the algorithm can be fixed fairly easily.
Contrast this to a 2004 study Mullainathan conducted. He and his co-author responded to job listings with fabricated resumes: half the time they sent resumes with distinctively black names; the other half with distinctively white names. Resumes with black names received far fewer responses than those with white names.
This bias was verifiably human and, therefore, much harder to define.
“Humans are inscrutable in a way that algorithms are not,” Mullainathan says. “Our explanations for our behavior are shifting and constructed after the fact.”
Don’t write algorithms off
As RAND’s Osoba writes, algorithms and AI “help speed up complex decisions, enable wider access to services, and in many cases make better decisions than humans.” It’s the last point that one must be particularly mindful of; while algorithms can reproduce and intensify biases of their programmers, they don’t possess inherent prejudices, as people do.
As Mullainathan puts it, “Changing algorithms is easier than changing people: software on computers can be updated; the ‘wetware’ in our brains has so far proven much less pliable.”
Perhaps it’s a symptom of buzzword fatigue that everyone in the insurance industry seems to use the word “insurtech” without agreeing on – or maybe even really thinking about – what it means.
Some use it as a noun, suggesting a type of company – typically a startup – that applies cutting-edge technology to insurance-related challenges. Others use it as an adjective to describe the technologies and applications themselves. Still others seem to take the position of U.S. Supreme Court Justice Potter Stewart, writing on a very different topic: “I know it when I see it.”
Whatever it is, insurtech is a rapidly growing feature of the insurance landscape, and many traditional insurers and venture capitalists are investing in it.
Insurtech doesn’t just mean offering products more quickly online. It means transforming the offerings and the customer experience.
Modernizing the value chain
Insurtech emerged around 2010 as an offshoot of a similar movement in banking, known as “fintech.” With providers of just about every other product and service embracing “Amazonation,” consumers have come to expect absolutely seamless service – wherever and whenever. Like those industries, insurers need to satisfy their customers while growing profitably and managing operational costs.
But insurtech doesn’t just mean offering products more quickly online. It means transforming the offerings and the customer experience.
Insurtech most consistently refers to the use of apps, wearables, big data, machine learning, and other technologies to automate and improve processes across the insurance value chain – from marketing and policy origination through underwriting, services, and claims.
Some applications focus on reducing friction in transactions; the time required to fill out an application and receive a quote is a classic example. Others seek to streamline and enhance back-end functions, such as risk assessment, pricing, loss control, and settling claims.
Claims: Ripe for insurtech
The claims process is particularly well suited for transformation. Insurers typically hire adjusters to determine the extent of their liability for a loss, damage, or injury and come up with a settlement. This can be time consuming, expensive, error prone, and, in some cases, dangerous.
Drivers can submit photos to their insurers via app immediately after an accident. Some insurers use machine learning and publicly available data to detect fraud.
Today, new approaches aid the claims process.
For example, drivers can submit photos to their insurers via app immediately after an accident. Some insurers also use machine learning and publicly available datasets to detect and flag potentially fraudulent claims.
As technology helps improve underwriting, policy administration and claims, new products are being developed and traditional ones can be handled differently.
One emerging approach – enabled by the intersection of telecommunications and big data known as “telematics” – is usage-based insurance (UBI), priced according to drivers’ own voluntarily provided behavioral data. A more recent stage in UBI’s evolution is pay-as-you-drive insurance, with monthly billing that varies based on mileage driven.
A similar trend involves using data from smart-home technology, such as water-monitoring systems that can anticipate and prevent leaks that might otherwise lead to claims. Advances in telematics and the Internet of Things are increasing the quantity and range of the data insurers will have at their disposal.
Obstacles remain
Insurtech offers tremendous opportunities for innovation, but – as one of the most heavily regulated and publicly scrutinized industries – it faces obstacles. Many technologists driving the movement come from outside insurance. Few have navigated the legal, regulatory, and cultural minefields surrounding personal privacy and security.
Unlike many other industries, in which maximizing speed and satisfaction has become the prime directive, insurers are required by law to protect customers from privacy breaches and bias. Perusing social media for insights to help optimize user experience or using machine learning to anticipate and address changes in users’ buying behavior may be acceptable if you’re selling cars or cosmetics – but for insurers, their clients, and regulators it raises a host of red flags that have to be addressed.
By Loretta Worters, Vice President – Media Relations
The credit crisis of 2007-2008 was a severe worldwide economic crisis considered by many economists to have been the most serious financial crisis since the Great Depression of the 1930s, to which it is often compared. “Everyone was impacted, not just those working in banks. Because the price of debt, the ability to get financing changed, a lot of things happened. So, everyone is impacted by credit every day, whether they know it or not,” said Tamika Tyson, senior manager, credit with Noble Energy, in this video interview.
Tyson, who is also a non-resident scholar with the Insurance Information Institute, said what she is most concerned about is debt repayments that are coming due. “If a global recession happens, as economists are predicting, and it happens in conjunction within an election, it can be difficult for companies to refinance any mature debentures they have coming in 2020,” she said. “Leadership needs to be thinking about the risks in their company. Not just the credit risks, but all risks related to their business.”
What leads to credit risk and how can companies protect themselves?
The main microeconomic factors that lead to credit risk include limited institutional capacity, inappropriate credit policies, volatile interest rates, poor management, inappropriate laws, low capital and liquidity levels, direct lending, massive licensing of banks, poor loan underwriting, laxity in credit assessment, poor lending practices, government interference and inadequate supervision by the central bank.
Doing a comprehensive risk assessment is a great idea for everyone within an organization, noted Tyson. “Once an assessment is made as to how much risk they are exposed to, then they can develop a strategy to help protect the company. If there’s more risk in the system than a company is willing to take, then they should consider obtaining credit risk insurance,” she said.
What is Credit Risk Insurance?
Credit risk insurance is a tool to support lending and portfolio management. It protects a company against the failure of its customers to pay trade credit debts owed to them. These debts can arise following a customer becoming insolvent or failing to pay within the agreed terms and conditions.
What can impact credit risk?
The factors that affect credit risk range from borrower-specific criteria, such as debt ratios, to market-wide considerations such as economic growth. Political upheaval in a country can have an impact, too.
For example, political decisions by governmental leaders about taxes, currency valuation, trade tariffs or barriers, investment, wage levels, labor laws, environmental regulations and development priorities, can affect the business conditions and profitability.
“At the end of the day, political risks have the ability to impact credit risks. Credit risks rarely impact political risks,” she said. “We have a lot of different views right now on the political spectrum so until we know how that’s going to work out, it’s going to create risk in the system, and we’ll see how different companies react to that,” Tyson said.
“We all talk about biases. Everyone thinks they’re better off and it’s always someone else that has the issue. It’s the same when looking at a risk assessment or reviewing someone’s financials; everyone thinks they’re doing fine, but then they discount what’s going on with other people. That’s why it is imperative companies self-evaluate as they evaluate those they transact business with.”
“Know your portfolio, know your customers and understand your risk tolerance,” said Tyson. “Know, too, there are a lot of tools available to help you mitigate against those risks.”
Hotels and motels are routinely used for sex trafficking. Two recent lawsuits highlight the complexity of determining who bears legal costs associated with trafficking.
Human trafficking is a crime with enormous individual and societal impacts, and it relies on legitimate businesses to sustain it. Motels, for example – and, arguably, insurers.
“Hotels and motels are routinely used for sex trafficking,” reports the Polaris Project, a nonprofit that aims to “eradicate modern slavery.” Two recent lawsuits involving insurers of motels used by traffickers highlight the complexity of determining who bears legal costs associated with such activities.
Duty to defend
Both cases revolve around “duty to defend” — an insurer’s obligation to provide a legal defense for claims made under a liability policy. Before proceeding, let me say: I’m not a lawyer. Everything that follows is based on published reporting, and no one should act on anything I write without first consulting an attorney.
In the first case, a woman sued motel operators for letting her be trafficked at their motels when she was a minor. The Insurance and Reinsurance Disputes Blog says, “The allegations of physical harm, threats, being held at gun point, and failure to intervene were wrapped up into claims ranging from negligence per se to intentional infliction of emotional harm.”
One of the motels sought defense from its insurer, Nautilus Insurance Co. Nautilus argued it was not obligated to defend based on a policy exclusion for claims arising out of assault or battery. The court agreed, and an appellate court affirmed.
In other words, the motel owners were on the hook for their own legal costs.
In the second case, a court found the insurer – Peerless Indemnity Insurance Co. – must defend its client in a suit brought by a woman claiming she was imprisoned by a man grooming her for prostitution while the owners turned a blind eye. A lower court had dismissed the case, finding insufficient evidence the motel was engaged in trafficking. An appeals court overturned that decision.
“The relevant question,” the judge said, is whether the victim’s injuries constitute personal injury. This is because the definition of personal injury under the policy included injuries arising from false imprisonment.
Because her injuries, at least in part, arose from false imprisonment, the judge said, “the answer to that question is ‘Yes’.”
So, the court said, Peerless must pay to defend the motel.
Trafficking is a $32 billion-a-year industry. Insurers might want to review their policy language to avoid funding defenses of criminals and businesses that enable them.
Language matters
The differences between these rulings seem to have more to do with nuances in policy language than trafficking facts.
In the Nautilus case, the appeals court found the exclusion – stating Nautilus “will have no duty to defend or indemnify any insured in any action or proceeding alleging damages arising out of any assault or battery” – unambiguous. It declared: “Nautilus had no duty to defend and indemnify” because the claims “arose from facts alleging negligent failure to prevent an assault or battery.”
The Peerless case involved two policies – a general liability and an umbrella – both of which contained exclusions for “‘personal and advertising injury’ arising out of a criminal act committed by or at the direction of the insured.”
The “personal” in “personal and advertising injury” includes false imprisonment.
To a non-lawyer like me, this seems as unambiguous as the Nautilus case: the Peerless policies excluded personal injury “arising out of one or more” of a variety of offenses, including false imprisonment.
The U.S. District Court for the District of Massachusetts disagrees. Its analysis goes into semantic tall grass, parsing phrases like “arising out of” and “but for” and is peppered with case law citations like:
“Ambiguities are to be construed against the insurer and in favor of the insured” and
“The insurer bears the burden of demonstrating that an exclusion exists that precludes coverage.”
It would exceed the bounds of my non-existent legal training – and the length of a blog post – to critique the court’s analysis. I recommend reading the decision.
But it doesn’t take a lawyer to see insurers have a stake in reviewing and possibly tightening their policy language to avoid having to fund defenses of criminals and businesses that enable them.
Trafficking is a $32 billion-a-year (and growing) industry, according to the Polaris Project. With that kind of money involved, cases like these won’t just go away.
