Inflation remains the greatest challenge for middle-market companies, according to recent research from Chubb. While the companies Chubb surveyed performed well last year, they are looking at 2024 with trepidation, with rising wages expected to continue fueling inflation. Inflation has also been affected by the Middle East conflicts, which have altered trade routes.
As a result, nearly three-quarters of companies said they would consider increasing their insurance coverage in response to rising replacement costs of their assets due to inflation.
“For companies that experienced operational disruptions, nearly a third acknowledged that they could have been covered if they had purchased available insurance,” the report says. “In addition to potentially being underinsured for inflated property and equipment values, companies often underestimate the time it will take to get back up and running after an insured loss, which points to the need for adequate business interruption coverage and more thorough and realistic business continuity plans.”
Middle-market companies have struggled with inflation since the coronavirus pandemic, partially due to changing employee dynamics. Recession and talent shortage/employee retention were also considered major risks, with 10 percent of those surveyed ranking one of these as the top concern for their companies in the coming year.
The study notes that:
More than two-thirds of companies have raised worker pay in the past year, with an average increase of 5.5 percent.
To retain talented employees, nearly half of companies have offered incentive compensation or retention bonuses and plan to continue that in the future.
Fewer than half the respondents felt they have enough cyber insurance coverage.
Nearly 40 percent of companies surveyed by Chubb expect to raise the prices of their products and services because of these factors.
Other significant findings include respondents stating that small companies are less prepared for business disruptions than mid-size and large ones. This, the study says, opens an opportunity for risk-management strategies that could reduce the need for increased coverage.
Cyber incidents reported to the FBI’s Internet Crime Complaint Center (IC3) in 2023 totaled 880,418. These attacks caused a five-year high of $12.5 billion in losses, with investment scams making up $4.57 billion, the most for any cybercrime tracked. Phishing, with 298,878 incidents tracked (down from its five-year high in 2021 of 323,972), continues to reign as the top reported method of cybercrime.
The 2023 Data Breach Report from Identity Theft Resource Center (ITRC) reveals that last year delivered a bumper crop of cybersecurity failures – 3,205 publicly reported data compromises, impacting an estimated 353,027,892 individuals. Meanwhile, supply-chain attacks increased, and weak notification frameworks further increased cyber risk for all stakeholders.
Email compromise, cryptocurrency fraud, and ransomware increase
In addition to record-high financial losses from cybercrimes overall in 2023, the report revealed trends across crime methodology and targets. Investment fraud was the costliest of all incidents tracked. Within this category, cryptocurrency involvement rose 53 percent, from $2.57 billion in 2022 to $3.94 billion. Victims 30 to 49 years old were the most likely group to report losses.
Ransomware rose 18%, and about 42 percent of 2,825 reported ransomware attacks targeted 14 of 16 critical infrastructure sectors. The top five targeted sectors made up nearly three-quarters of the critical infrastructure complaints: healthcare and public health (249), critical manufacturing (218), government facilities (156), information technology (137), and financial services (122).
Adjusted losses for 21,489 business email compromise (BEC) incidents climbed to over 2.9 billion. The IC3 noted a shift from dominant methods in the past (i.e., fraudulent requests for W-2 information, large gift cards, etc.). Now scammers are “increasingly using custodial accounts held at financial institutions for cryptocurrency exchanges or third-party payment processors, or having targeted individuals send funds directly to these platforms where funds are quickly dispersed.”
The report disclosed a $50,000,000 loss from a BEC incident In March of 2023, targeting “a critical infrastructure construction project entity located in the New York, New York area.”
The IC3 says it receives about 2,412 complaints daily, but many more cybercrimes likely go unreported for various reasons. Complaints tracked over the past five years have impacted at least 8 million people. The FBI’s recommendations for solutions to minimize risk and impact include:
Ramping up cybersecurity protocols such as two-factor authentication.
More robust payment verification practices.
Avoiding engagement with unsolicited texts and emails.
The scale of 2023 data compromises is “overwhelming.”
According to the ITRC, the surge in breaches during 2023 is 72 percent over the previous record set in 2021 and 78 percent over 2022. To add more perspective, the ITRC notes that “the increase from the past record high to 2023’s number is larger than the annual number of events from 2005 until 2020, except for 2017.”
Meanwhile, as the report highlights, two other outsized trends converged: increasing complexity and risk. The number of organizations and victims impacted by supply-chain attacks skyrocketed. The notification framework conspicuously weakened, too. Since some laws assign liability for notification to organizations owning the leaked data, the notification chain would stop there, leaving downstream stakeholders unaware. For example, a software company servicing nonprofits might duly notify its direct B2B customers but not the individuals served by the nonprofit organization.
The ITRC has been reviewing publicly reported data breaches since 2005, and it now has a database of more than “18.8K tracked data compromises, impacting over 12B victims and exposing 19.8B records.” This ninth report forecasts a bleak outlook for the coming year. Specifically, “an unprecedented number of data breaches in 2023 by financially motivated and Nation/State threat actors will drive new levels of identity crimes in 2024, especially impersonation and synthetic identity fraud.”
The faster a breach is identified and reported, the faster all potentially affected parties can take measures to minimize impact. However, reporting regulations can vary across jurisdictions and businesses, and their supply chain partners may hesitate to disclose breaches for fear of impacting revenue and brand reputation. ITRC outlines its forthcoming uniform breach notification service designed to enable due diligence, emphasizing swift action and coordination with business and regulatory authorities. The service will be offered for a fee to companies looking to better handle cyber risk in their supply chains and regulatory requirements. Other recommendations include the increased use of digital credentials, facial identification/comparison technology, and enhancing vendor due diligence.
The increased risk and rising financial losses from cyber risk likely drive growth for the cyber insurance market, which tripled in volume in the last five years. Gross direct written premiums climbed to USD 13 billion in 2022. For a quick rundown of how cyber insurance coverage supports risk management for organizations of all sizes, take a look at our cyber risk knowledge hub. To learn more about the fastest-growing segment of property/casualty, look at our recent Issues Brief.
Lightning is a more complex peril than it is often given credit for being, according to Tim Harger, executive director of the Lightning Protection Institute (LPI). In a recent interview with Triple-I CEO Sean Kevelighan, Harger discussed the importance of preparing for and preventing damage from this risk, which is second only to flooding when it comes to costly weather events.
People typically think about fire damage when they think about lightning. But Harger said, “Beyond the fire is the destruction of electrical wires and infrastructure that supports everything we do to communicate and to conduct business.”
If lighting strikes any of these structures, he said, “Activity is stopped.”
Harger cited the case of an East Coast furniture manufacturer that was struck.
“That one lightning strike cost them just over a million dollars in damage,” he said. “Yes, there was the typical fire that caused structural damage, but what was impacted on the ‘inside’ was even more costly. They had damaged inventory, production downtime, and loss of revenue during the repairs.”
Investment in a lightning protection system could have saved this business owner – and his insurer – the million dollars lost and prevented business interruption. Nearly $1 billion in lightning claims was paid out in 2018 to almost 78,000 policy holders, according to LPI.
“Lightning strikes about a 100 times every second,” Harger said. “When installed properly, lightning protection systems are scientifically proven to mitigate the risks of a lightning strike.”
A lightning protection system consists of six parts:
Strike termination device,
Conductors,
Grounding,
Surge protection,
Potential equalization, and
Inspection.
Architects and engineers play an important role in specifying and designing these systems, and installation is completed by certified lightning protection contractors. When properly installed lightning is intercepted by the strike termination device and energy is routed through the conductors and into the grounding system, preventing impact to the structure or electrical infrastructure.
“Businesses already install fire alarms and sprinkler systems to mitigate greater risks of fires,” Harger said. “Lightning protection systems prevent a lightning strike from causing any damage. So the investment in a lightning protection system prevents personal injury and the costly impact of even one strike.”
Several insurers offer premium discounts for policyholders who invest in lightning protection systems. LPI invites insurance providers who are interested in sharing their customer incentives to contact them at lpi@lightning.org.
Today’s inflationary conditions may increase interest for group captives – insurance companies owned by the organizations they insure – according to a new Triple-I Executive Brief.
Group captives recruit safety-conscious companies with better-than-average loss experience, with each member’s premium based on its own most recent five-year loss history. Additionally, the increased focus on pre-loss risk management and post-loss claims management can drive members’ premiums down even further by the second and third year of membership.
“Each owner makes a modest initial capital contribution,” states the paper, Group Captives: An Opportunity to Lower Cost of Risk. “The lines of coverage written typically are those with more predictable losses, such as workers compensation, general liability, and automobile liability and physical damage.”
With these benefits, the group captive model can help to control spiraling litigation costs. This is particularly important as attorney involvement in commercial auto claims – notably in the trucking industry – drives expensive litigation and settlement delays that inflate companies’ expenses.
Indeed, a 2020 report from the American Transportation Research Institute found that average verdicts in the U.S. trucking industry grew from approximately $2.3 million to almost $22.3 million between 2010 and 2018 – a 967 percent increase, with the potential for even higher verdicts looming.
Group captives can improve control over these costs through careful claims monitoring and review, often through providing additional layers of support that improves claims adjusting effectiveness and efficiency.
“Given that members’ premiums are derived from their own loss history, this is yet another way that they are able to lower their premiums, proactively managing and controlling the losses that do occur,” the Triple-I report mentions. “Group captives can provide a viable way to protect companies across several lines of casualty insurance. Their prominence is likely to grow as economic and litigation trends continue to increase costs.”
Most companies that join group captives are safety-conscious, despite often being entrepreneurial risk takers. “While they embrace the risk-reward trade-off, they’re not gamblers,” said Sandra Springer, SVP of Marketing for Captive Resources (CRI), a leading consultant to member-owned group captive insurance companies.
“They are successful, financially stable, well-run companies that have confidence in their own abilities and dedication to controlling and managing risk,” Springer added. “They believe they will outperform actuarial projections, and a large percentage of them do.”
PFAS, which have existed since the 1930s, are creating concern because of how ubiquitous they are, as well as their potential to harm people’s lives. They are used in everything from Teflon coatings to food packaging to firefighting foam, due to their capacity to resist oil and moisture. These qualities are also potentially damaging because they often stay in the human body, never entirely breaking down.
Though studies surrounding PFAS are not conclusive, they have been connected to cancer, pregnancy-induced hypertension, and thyroid disease. Their pervasiveness means everyone likely has some amount of PFAS in their blood stream. There is fear about their presence in water supplies, as well.
“PFAS are water soluble and dissolve readily in soil,” said Cindy Wilk, Global Environmental Liability Expert, Allianz Risk Consulting at AGCS. “An industrial accident or firefighting incident can result in their release into water sources, making local communities vulnerable, but PFAS can also migrate quickly through groundwater pathways to contaminate areas far from their original source.”
PFAS litigation continues to rise
PFAS litigation has seen tremendous growth over the past 20 years, beginning with a lawsuit filed against DuPont, the company that makes Teflon. DuPont was accused of contaminating water from a plant in West Virginia—resulting in a settlement to provide up to $235 million for medical monitoring of over 70,000 people. Several similar lawsuits have followed.
As of 2021, more than 5,000 PFAS-related complaints have been filed in 40 courts, with 193 defendants in 82 industries.
Additionally, in 2021, the PFAS Action Act passed the House and set the Environmental Protection Agency (EPA) on the recent course toward developing new PFAS standards. The act does not include a liability exception for water-wastewater utilities, despite the fact that these entities are not the source of PFAS, thus causing concern that they will be the target of civil litigation
How can insurers respond?
Although the Insurance Services Office (ISO) has not produced a PFAS-specific exclusion for commercial liability policies, work is being done on a draft exclusion, which could be published in late 2022. With that process still underway, several PFAS-related exclusions are circulating, some as a modification to the Total Pollution Exclusion or by establishing a stand-alone PFAS exclusion. Still, insurers must be wary of the potential liabilities, as the Biden Administration’s regulatory focus on PFAS could lead to increased litigation.
Reinsurer Gen Re recommends that insurers:
Take inventory of previously underwritten risks;
Carefully consider new risks at submissions; and
Keep abreast of PFAS, both as to scientific developments and the litigation that it spawns.
Setting insurance prices based on the risk being assumed seems a straightforward concept. If insurers had to come up with a single price for coverage without considering specific risk factors – including likelihood of having to submit a claim – insurance would be inordinately expensive for everyone, with the lowest-risk policyholders subsidizing the riskiest.
Risk-based pricing allows insurers to offer the lowest possible premiums to policyholders with the most favorable risk factors, enabling them to underwrite a wider range of coverages, thus improving both availability and affordability of protection.
Complications arise when actuarially sound rating factors intersect with other attributes in ways that can be perceived as unfairly discriminatory. For example, concerns have been raised about the use of credit-based insurance scores, geography, home ownership, and motor vehicle records in setting home and car insurance premium rates. Critics say this can lead to “proxy discrimination,” with people of color in urban neighborhoods sometimes charged more than their suburban neighbors for the same coverage. Concerns also have been expressed about using gender as a rating factor.
Triple-I has published a new Issues Brief that concisely explains how risk-based pricing works, the predictive value of rating factors, and their importance in keeping insurance affordable while enabling insurers to maintain the funds needed to keep their promises to policyholders. Integral to fair pricing and reserving are the teams of actuaries and data scientists who insurers hire to quantify and differentiate among a range of risk variables while avoiding unfair discrimination.
“There is no place in today’s insurance market for unfair discrimination,” the brief says. “In addition to being illegal, discrimination based on any factor that doesn’t directly affect the insured risk would be bad business in today’s diverse society.”
Maritime piracy in the first half of 2022 is at its lowest level since 1994, the International Maritime Bureau (IMB) says, with 58 incidents, down from 68 for the same period last year. Nevertheless, the organization cautions against complacency.
For the full year 2020, IMB listed 195 actual and attempted attacks, up from 162 in 2019. The COVID-19 pandemic may have played a role in that rise in pirate activity – as it is tied to underlying social, political, and economic problems – and 2022 may represent the start of a return of a downward trend.
Source: International Chamber of Commerce/International Maritime Bureau (IMB)
Many people outside the maritime and insurance industries don’t realize that piracy remains a costly peril in the 21st century. Global insurer Zurich estimates the annual cost of piracy to the global economy at $12 billion a year. In its 2022 Safety and Shipping Review, global insurer Allianz reports that piracy comes behind machinery damage or failure, collision, and contact, in terms of number of loss-causing incidents globally – and that total losses have fallen 57 percent over the past decade.
However, the shipping industry is vulnerable to disruptions and, as Allianz points out, has been affected on multiple fronts by Russia’s invasion of Ukraine: from loss of life and vessels in the Black Sea and disrupted trade to challenges to day-to-day operations that affect crews, cost and availability of fuel, and the growing for cyber risk.
“To date, the biggest impact has been on vessels operating in the Black Sea and/or trading with Russia,” Allianz says. “At the start of the conflict, approximately 2,000 seafarers were stranded aboard vessels in Ukranian ports. Trapped crews faced the constant threat of attacks, with little access to food or medical supplies, and a number have been killed.”
According to a recent industry survey, Allianz says, 44 percent of maritime professionals reported that their organization has been the subject of a cyber-attack in the last three years. Accumulations of cargo exposures at mega ports have been rising – and, with ports increasingly reliant on technology, an outage or cyber-attack could effectively close a port.
In February 2022, India’s busiest container port was hit by a ransomware attack, following incidents at U.S. and South African ports in recent years.
A third of organizations surveyed by Allianz said they don’t conduct regular cyber security training or have a cyber-response plan.
By Loretta Worters, Vice President, Media Relations, Triple-I
Maritime Day is a time-honored tradition that recognizes one of the United States’ most important industries. It is observed on May 22, the date in 1819 that the American steamship Savannah set sail from Savannah, Ga., on the first ever transoceanic voyage under steam power.
“National Maritime Day was created by an Act of Congress in 1933 to celebrate our nation’s mariners – the Merchant Marine,” John A. Miklus, president of the American Institute of Marine Underwriters (AIMU), the trade association representing the U.S. ocean marine insurance industry. “Today, it has expanded to include the entire maritime industry and domestic water-borne commerce, of which marine insurance is a very important part.”
John Miklus, president, American Institute of Marine Underwriters
Marine insurance covers the loss or damage of ships, cargo, terminals, and any transport by which the property is transferred, acquired, or held between the points of origin and the destination. Cargo insurance is the sub-branch of marine insurance, though marine insurance also includes onshore and offshore exposed property, (container terminals, ports, oil platforms, pipelines), hull, marine casualty, and marine liability.
“The U.S. ocean marine insurance industry covers every imaginable kind of vessel and cargo, whether it’s a small pleasure craft or yacht, on up to the largest cruise ship or container ship calling on a major port here in the United States,” said Miklus, a former marine insurance underwriter with extensive marine insurance and reinsurance experience.
“Marine insurance and marine commerce are often thought of as an invisible industry,” he said. “People see an Amazon truck arrive but have no idea how that package found its way to their front doorstep.”
Insurance is designed to manage risks in the event of unfortunate incidents like cargo losses, damage to expensive ships, environmental disasters due to oil pollution, piracy and recently supply chain issues.
Miklus is passionate about the marine insurance business and is proud of the work of AIMU and the industry it serves.
“Today, in modern commerce, 90 percent of the goods found in our homes probably arrived on a container ship,” Miklus said. “As vital parts of commerce, these goods all need to be insured, and our member companies of AIMU insure those goods.”
The coronavirus pandemic and the financial challenges it presents have fueled growth in captive insurance – a form of self-insurance in which one or more entities establish their own insurance company. They also may insure the risks of organizations other than their major owners.
“Wholly owned” captives are set up by large corporations to finance or administer their risk financing needs. If such a captive insures only the risks of its parent or subsidiaries, it is called a “pure” captive. Multiple companies may also form a “group captive.”
Captive formations nearly doubled in 2020, according to a recent survey by Marsh. The global insurance broker and risk advisor’s survey of more than 1,300 captives also shows that gross written premiums in this area grew from $54 billion in 2019 to nearly $61 billion in 2020.
In January 2022, the National Collegiate Athletic Association (NCAA) board of governors unanimously approved a $175 million fund to create a captive for event cancellation. With insurers unable to cover risks related to the coronavirus pandemic – which falls under the umbrella of communicable diseases policies – because of the potential for unsustainable costs, the captive structure has become a more popular method to protect from losses.
The NCAA formed its captive after the 2020 NCAA basketball tournament was cancelled due to COVID-19, resulting in a $270 million payout – or about 40 percent of what the 1,200 participating schools would have earned for the tournament. In 2021, the NCAA limited the number of fans at the tournament, with the organization’s coverage allowing it to pay the total $613 million to members last year. However, their coverage for 2022 had expired, and communicable disease coverage was now difficult to find.
“When the NCAA looked to renew coverage for the 2022 tournament, a lot of it was going to look similar,” said John Beam, a broker for Willis Towers Watson, “but there is not coverage for communicable disease right now.”
The sports and entertainment industry experienced losses between $6 billion and $10 billion as the coronavirus pandemic raged on, with premiums in event insurance increasing between 25 percent and 50 percent. For many organizations, captive insurance provides a viable alternative for these risks.
Workers’ comp and captives
The coronavirus pandemic has also affected captive owners in the workers’ compensation field. Indeed, the pandemic, alongside the ensuing “Great Resignation,” during which employers have struggled to retain staff, has made many captive owners potentially more willing to pay workers’ comp claims, according to a panel at the recently held Captive Insurance Companies Association international conference.
Amy O’Brien, vice president of third-party administer sales at Gallagher Bassett Services Inc., a claims service provider, said the initial phases of the pandemic saw many insurers denying COVID-19-related claims. Claims asserting exposure at work were difficult to prove, and many captives questioned if the claims were associated with claimants’ work. Additionally, there were possible regulatory changes that these captives were concerned about.
“With medical costs continuing to rise, the most significant dynamic in terms of any company controlling their workers’ compensation costs and claims is ensuring that there are adequate tools in place to help mitigate medical costs for claimants under their workers’ compensation,” said Dustin Partlow, senior vice president at Caitlin Morgan Insurance Services and an expert in captive insurance solutions.
“But with omicron and the Great Resignation, we’re seeing a change where employers are saying, ‘What can I do to get this person back to work sooner?’” Gallagher’s O’Brien said.
Approximately 90,000 claims were processed by Gallagher Bassett that covered a COVID-19 issue, with over 60 percent of cases closed without payment, frequently due to the fact that there were no related medical expenses, O’Brien said. But the 40 percent that did result in a payment averaged $4,000 per case.
“The employee is more valuable now – so they are being treated right. The employer is saying: ‘What can I do to keep this person?’,” O’Brien added.
Cyber incidents are the top threat to businesses, according to the latest Allianz Risk Barometer survey, up from third place in 2021. This result follows several significant data breaches and hacks last year, including the Colonial Pipeline ransomware attack, which caused a six-day shutdown and cost the company $4.4 million to regain access to its systems.
Business interruption fell to the second most important concern in a year marked by the continued presence of the coronavirus pandemic, cyberattacks, and natural catastrophes. Still, the report notes that the pandemic “has exposed the fragility and complexity of modern supply chains and how multiple events can come together to cause problems, raising awareness of the need for greater resilience and transparency.”
Natural catastrophe risk ranks third on the list – a jump from sixth in 2021. Global insured catastrophe losses increased to $112 billion in 2021, the fourth highest on record, according to Swiss Re.
While cyber is ranked as a more immediate threat to business than climate change, the report says these two perils are “linked by the fact that two of the most significant impacts expected from changes in legislation and regulation (the fifth top risk) in 2022 will be around big tech and sustainability.”
Pandemic outbreak fell to fourth place for 2022, with many companies comfortable that they are now better prepared for the consequences of these occurrences. According to the report, 80 percent of respondents believe they are “adequately” or “well” prepared.
The 11th annual report was developed from a late 2021 survey of 2,650 risk management experts from 89 countries and territories, including Allianz customers, brokers, industry trade organizations, risk consultants, and underwriters, with a focus on large- and small to mid-size companies.
