Each month we summarize the latest research relevant to the insurance industry. Highlights from the November issue include:
And much more…..
By Max Dorfman, Research Writer, Insurance Information Institute
Brexit and Lloyd’s of London
The latest (but perhaps not the last) Brexit deadline is set for January 31, 2020. Yet the insurers most affected by the U.K.’s divorce from the European Union (EU) have plans in place to continue business with minimal disruption. Indeed, U.K. businesses have been operating in the EU’s Single Market for so long, many are questioning how these entities will adapt to increased regulations. One entity where these questions are particularly relevant is Lloyd’s of London.
What is Lloyd’s?
Lloyd’s is not an insurance company, but a marketplace where capital and underwriting converge on a global platform operated by the Corporation of Lloyd’s. Lloyd’s includes five key stakeholders: syndicates, which function as underwriting entities, assuming risks and paying claims; managing agents, who capitalize and operate the syndicates; brokers, who are intermediaries between policyholders and syndicates; coverholders, which are local MGA’s that underwrite risks on behalf of a syndicate/managing agent (and which also enables the Lloyd’s market to operate globally without establishing local offices); and insurance buyers, many of whom buy insurance through Lloyd’s for complex, emerging or otherwise unique risks. Syndicates specialize in different types of insurance and reinsurance, often participating with each other on a subscription basis (meaning they only take on a part of the risk and pay part of the claim).
The consequences
With gross global premiums written at almost $45 billion in 2018, 13 percent of that generated by the post-Brexit European Union, there were legitimate concerns about how Brexit would affect Lloyd’s role in the EU marketplace. Due to Brexit, “non-admitted” U.K. insurers will no longer be able to conduct insurance business in some EU countries, meaning that nonauthorized insurers cannot conduct business in regulated insurance industries in a different market (which is currently the case in France, Italy, and under certain circumstances, in Germany).
However, Lloyd’s quickly pivoted to ensure that it will continue to provide non-life insurance throughout the European market, regardless of Brexit’s outcome. Although it is anticipated that most of the European Economic Area (EEA) reinsurance will still be written through London on a cross-border basis, in case of a hard Brexit non-life insurance could be covered by Lloyd’s Brussels, which opened in 2018.
Still, non-EU coverholders for Lloyd’s of London—who could previously conduct business throughout the EU without physical offices and permissions from member states—will have to seek proper authorization from the EEA under a “Coverholder Appointment Agreement” (CAA) with Lloyd’s Brussels. This may affect where managing agents raise capital.
Will these new regulations be felt in the US?
A very substantial portion of Lloyd’s international business—over 40 percent of global premiums as of 2018 —is generated in the U.S., with significant exposure on the U.S. insurance lines. While the new regulations will not directly affect business between the U.S. and U.K., the primary concern will be the volume of business in the EEA, which could potentially decrease. But if Lloyd’s pivots some of its business away from Europe, the U.S. could get more attention. In fact, John Neal, Lloyd’s chief executive, stated in an interview with the Financial Times that “If you’re in insurance or investment banking or banking, one dollar in two dollars of everything you do is still U.S. derived, so it’s very important that you maintain your connection and your relevance with the U.S. market.”
By Janet Ruiz, Director of Strategic Communications, Insurance Information Institute
On October 30 the National Weather Service issued its first-ever extreme red flag warning for Southern California and expects hurricane-force winds to continue until the first weekend in November. On October 31, 19 million people remained under red-flag warnings in the area. Thom Porter, head of Cal Fire, said that at least 20 separate wildfires broke out in Southern California on October 30.
In Northern California the Kincade Fire is 60 percent contained after burning for a week. Evacuees are now returning home. I watched the Kincade Fire from the northern side on Mt St. Helena. Airplanes and helicopters made their way in and out of the fire non-stop and firefighters were able to keep the fire out of the towns of Windsor and Healdsburg.
Here’s a photo from my back yard:
According to the LA Times, an intense surge in pre-deployed firefighting resources prevented the fire from destroying homes so far. Officials say the preparations for the winds have given them a fighting chance that they didn’t have last year, when the Woolsey fire — one of California’s most destructive on record — burned more than 1,000 homes and resulted in three deaths. Officials have said the battle against that fire was hampered by a lack of resources.
Legislation passed in Sacramento, first signed by Gov. Jerry Brown and then made permanent under Gov. Gavin Newsom, has allocated millions of dollars to pre-position firefighting resources during severe fire weather.
When you return home it is important to start the claim process right away.
Contact your agent or company to find out:
Write down your questions and be sure to get them all answered. The claims adjusters are your financial first responders and are here to help you recover and rebuild!
By Sean M. Kevelighan, CEO, Insurance Information Institute
“What does the future of insurance look like?” It’s the question that’s launched a thousand publications and panel discussions. And it’s an essential one that covers a lot of ground. In my case, literally.
The Insurance Information Institute (I.I.I.) partnered recently with InsureTech Connect (ITC) and Gamma Iota Sigma (GIS) at the two organizations’ flagship events, InsureTech Connect 2019 in Las Vegas, and Gamma Iota Sigma’s 48th annual International Conference in Dallas. What we came away with from these back-to-back events were two distinct but nevertheless complimentary visions of how things are now and what’s to come.
Briefly put, the future of insurance will be largely to make good on past promises. And this is not because we’ve been remiss in our duties but because people now are able to build and implement the right tools for the job. Speaking before thousands of InsureTech Connect 2019 attendees, Glenn Shapiro, president of Allstate Personal Lines, was blunt.
He noted making policyholders wait several days for an auto repair estimate that takes only a few hours to complete is: “[N]ot a service experience that you would accept in any other part of your life!” Embracing Insurtech and the power of innovation enables insurers like Allstate to automate processes and replace outmoded legacy systems to make insurance a truly customer-driven business. Insurers are now able to provide security and empowerment to their customers.
Which brings us to … resilience.
Early in 2019, ITC selected the I.I.I. to co-host its Resiliency Innovation Challenge, a four-month-long competition for Insurtech start-ups whose businesses are focused on catastrophe resilience. Fast forward to the final day of InsureTech Connect 2019, and an impressive field of 22 Insurtechs was pared down to three outstanding finalists: WeatherCheck, True Flood Risk and Cowbell Cyber, whose CEOs presented their products and businesses to a panel of experts. The group included Susan Holliday, senior adviser to the International Finance Corporation in Washington, D.C.; Arlene Kern, a strategic innovation scout at Munich Reinsurance Co.; Lee Ng, vice president, Innovation, at Travelers Cos. Inc.; and Kevin Pray, vice president, Innovation, at The Hanover Insurance Group.
The finalists come at the problem of catastrophe risk from markedly different angles—preparedness, risk assessment, and risk management, respectively. The beauty of this diversity of thought was that we had disparate applications of data coalescing around the power of resilience. Congratulations to Demetrius Gray, CEO of WeatherCheck, who walked away with the first-place trophy, as well as to all the competitors who made the inaugural Resiliency Innovation Challenge a huge success.
One of the key takeaways from the Challenge was how resilience is benefiting and inspiring people in ways other functions of our industry cannot. Innovation and, more important, awareness of new solutions to manage risk makes the goal of creating safer homes, businesses and communities an attainable one. Young men and women embrace this philosophy.
We saw this first-hand in students who’ve chosen to study risk management and insurance at the Gamma Iota Sigma International Conference in Dallas, TX. There, I was honored to moderate a panel discussion titled, “Plan. Respond. Recover: The Power of Resilience,” with Dr. Nidia Martinez, director of Climate Risk Analytics/Capital, Science & Policy Practice at Willis Towers Watson; Dr. Roger Grenier, senior vice president, Global Resilience, at Verisk’s AIR Worldwide, and Alessa Quane, executive vice president, Chief Risk Officer at AIG.
The panelists shared their perspectives on topics ranging from the value of public/private partnerships in closing insurance coverage gaps; the sometimes overlooked but nevertheless consequential challenges posed to insurers by climate change (e.g., the need to guide energy businesses through “transition risk” while they retool to meet rising market demand for renewable resources); and how insurers are succeeding in building resilience.
Suffice it to say, putting two intensely forward-thinking and forward-looking events like ITC 2019 and GIS’s International Conference into perspective is a tall order. Given the dizzying array of people, places and presentations that blew past us in a single week, it was reassuring to be reminded again of a few key facts. The Insurance Information Institute represents an industry that’s going all-in on reinventing itself to serve customers and make our communities safer and more prosperous. And that many are eager to join the insurance industry in bringing this vision to life. Or to borrow the words of Jay Weintraub, co-founder of InsureTech Connect: “People really care about insurance.”
Sean Kevelighan is chief executive officer of the Insurance Information Institute, a non-profit research, education and communications organization dedicated to improving public understanding of insurance — what it does and how it works.
An awkward moment during Advisen’s Cyber Risk Insights 2019 conference last week:
Panelists recalled how, in the early days of cyber, insurers often sought more information to write policies than clients could (or wanted to) provide. So, they started asking for less.
Most attendees remembered the “old days.” Many nodded. They understood.
The awkwardness came when one audience member observed that insurers “still chase market share” despite lacking complete policyholder risk information. “That sounds a lot like mortgage-backed securities before the financial crisis!”
Are cyber insurers falling down on the job, as many say lenders, regulators, rating agencies, and investors did before the 2008 financial crisis and subsequent recession?
The analogy may sound fair, but it falls apart on examination.
Mortgages and the financial crisis
In the early 2000s, it was easy to get a mortgage. Lenders would bundle loans to be sold as mortgage-backed securities. The theory: Few people would stop making payments and risk losing their homes. The rest would pay, and the security would deliver a fair return.
This made sense when lenders did their job. But too many abandoned their standards. Because they could sell them, lenders had no stake in whether the mortgages were paid.
Regulators and rating agencies, it has been argued, didn’t ask enough questions about the securities the loans supported. This gave investors more confidence than the investments warranted. When loans that should never have been made in the first place defaulted, the resulting dislocation of the homebuying and financial markets ushered in the Great Recession.
Where the analogy breaks down
Cyber insurers understand the risks they’re taking and price their policies accordingly. In fact, a recent I.I.I./J.D. Power survey found two of the top four reasons small companies choose not to buy cyber coverage are that it costs too much and contains too many exclusions.
Unlike the lenders and borrowers and investment banks in the early oughts, insurers have skin in the game. If they write bad business, they can’t simply pass it along to some naïve investor.
They also have a stake in customer relationships. They aren’t pushing policies, pricing them to sell, and hoping for the best. They’re working with clients to understand and address the clients’ vulnerabilities.
Cyber insurers understand the risks they’re taking and price their policies accordingly…. They also have a stake in customer relationships.
Seventy percent of small companies that bought cyber said their insurer helps with risk mitigation (up from 65 percent last year), according to the I.I.I./J.D. Power survey. At the Advisen event, I heard insurers and policyholders discussing how they can address these perils. Policyholders clearly wanted insurers to do more than write policies and pay claims, and the insurers were listening.
Conversations like these, and the spirit of transparency and shared responsibility they reflect and promote, are essential to staving off and mitigating the impact of cyberattacks. Insurers and insureds, together, are visibly seeking solutions to a real and growing problem.
The people behind the financial crisis quietly created problems in pursuit of opportunities, studiously unmindful of the collateral damage they were generating.
It’s no wonder that Boise, Idaho is one of the nation’s fastest growing cities: It boasts a thriving job market, breathtaking natural vistas and a buzzing brewery scene. Boise can also claim to have the nation’s safest drivers. According to Allstate’s America’s Best Drivers Report, released earlier this year, the average driver in the U.S. will experience a collision every 10.7 years, compared to every 13.7 years in Boise.
Allstate standardizes their rankings to level the playing field between drivers in densely populated areas and those in smaller cities. Allstate also determines safe cities to drive in by how weather affects road conditions, utilizing data to standardize average annual precipitation. However, many factors contribute to car crashes, including the number of cars on the road.
“Things like the layout of a city, its transportation network, traffic signs and lights, and law enforcement can all impact driving safety,” said Saat Alety, Allstate’s Director of Federal Legislative and Regulatory Affairs. “Different levels and types of traffic, noise, activity and varying road conditions and rules can make big-city driving different than driving in smaller or more suburban areas.”
The cities that landed on the bottom of the list are Los Angeles, Glendale, Worcester, Boston, Washington D.C. and Baltimore. In cities that rank lowest in safest drivers, there are roads that have been identified in the reports as particularly treacherous.
“America’s infrastructure is in dire need of an overhaul,” Alety said.
Allstate is offering $150,000 in grants that can be used for safety improvement projects on the 15 “Risky Roads.” The company is working with local safety experts to determine which projects will have a positive effect for motorists driving on these crash-prone streets.
“When you consider the impact a daily commute has on a person, it’s not hard to imagine how one small traffic improvement can be a positive change for many,” Alety added. “Our grants signal Allstate’s commitment to reduce risky conditions on America’s roads in communities across the country, but it’s just one piece of the puzzle. We need Congress to pass comprehensive infrastructure reform so we can rebuild a transportation network that ensures a safer future on the roads for everyone.”
Smaller businesses seem to be getting the message that cyber risk isn’t just something for big companies to worry about; nevertheless, many still balk at buying cyber insurance, according to a new survey from the Insurance Information Institute (I.I.I.) and J.D. Power.
The 2019 Small-Business Cyber Insurance and Security Spotlight found that 12 percent of survey respondents experienced at least one cyber incident in the past year, up from 10 percent in 2018. Nearly 71 percent said they are “very concerned” about cyber incidents, up from 59 percent, and 75% said they believe the risk of being attacked is growing at an alarming rate, up from 70 percent last year.
Two of the top four reasons cited for not buying cyber coverage are within insurers’ control.
Respondents with cyber insurance increased this year, to 35 percent from 31 percent; but of the 44 percent who said they don’t have cyber coverage and the 21 percent who didn’t know if they do, 64 percent said they don’t plan to buy it in the next 12 months.
Why are many smaller firms so reluctant to insure against a threat they recognize to be real and growing?
The top two reasons given were: cost (42 percent) and the belief that the companies’ risk profiles don’t warrant coverage (35 percent). Twenty-seven percent said they believe they handle cyber risk sufficiently well internally, and 17 percent cited “too many exclusions” as a reason for not buying coverage. For the non-insurers in the audience, “exclusions” are provisions in an insurance agreement that limit the scope of coverage.
So, in other words, two of the top four reasons cited by insureds for not buying cyber coverage – cost and exclusions – are within insurers’ control.
As David Pieffer, head of J.D. Power’s property and casualty insurance practice, put it:
“Given small companies’ growing awareness and concerns about cyberrisk, insurers and agents and brokers might be able to increase their overall support of this market by addressing the issues of affordability and coverage limitations that seem to be an obstacle to purchasing.”
Closely related to cost is the question of value. What do insureds get for their premium dollar?
Among the respondents with cyber coverage, 70 percent said their insurer helps with cyberrisk mitigation, up from 65 percent in 2018. Fifty-one percent said their insurer offers contingency planning for data breaches, up from 40 percent, and 53 percent said their insurer will assess their vulnerability to data breaches, up from 51 percent.
“We’re seeing more insurers work with commercial customers to mitigate risks – in particular, with small and mid-size businesses,” said Sean Kevelighan, I.I.I. president and CEO. “We know many of the large cyber incidents can be sourced back to a smaller business or vendor, and, thus, it’s increasingly critical to assist in loss prevention measures that can make the customer more resilient, while also reducing claims and damages.”
It’s hard to say based on the data, but perhaps such insurer involvement plays as significant a role in small companies’ increased adoption of cyber insurance as does their growing anxiety about cyber perils. As companies increasingly see cyber insurers as trusted risk-management partners – not just writers of policies and payers of claims – perhaps take up rates will accelerate.
Two wildfires in California are spreading today (Oct. 27), fanned by high winds overnight, forcing tens of thousands to evacuate.
If you are forced to evacuate, here is a list of what to take, culled from a III article on evacuation planning:
From the same article, here is a list of key documents:
Unfortunately, though, if you are told to evacuate it will be too late to search the house for all this stuff. When authorities tell you to leave you must leave immediately. The fire could be on you in moments.
Underwriting cyberrisk is beyond difficult. It’s a newer peril, and the nature of the threat is constantly changing – one day, the biggest worry is identity theft or compromise of personal data. Then, suddenly it seems, everyone is concerned about ransomware bringing their businesses to a standstill.
Now it’s cryptojacking and voice hacking – and all I feel confident saying about the next new risk is that it will be scarier in its own way than everything that has come before.
This is because, unlike most insured risks, these threats are designed. They’re intentional, unconstrained by geography or cost. They’re opportunistic and indiscriminate, exploiting random system flaws and lapses in human judgment. Cheap to develop and deploy, they adapt quickly to our efforts to defend ourselves.
“The nature of cyberwarfare is that it is asymmetric,” wrote Tarah Wheeler last year in a chillingly titled Foreign Policy article, In Cyber Wars, There Are No Rules. “Single combatants can find and exploit small holes in the massive defenses of countries and country-sized companies. It won’t be cutting-edge cyberattacks that cause the much-feared cyber-Pearl Harbor in the United States or elsewhere. Instead, it will likely be mundane strikes against industrial control systems, transportation networks, and health care providers — because their infrastructure is out of date, poorly maintained, ill-understood, and often unpatchable.”
This is the world the cyber underwriter inhabits – the rare business case in which a military analogy isn’t hyperbole.
In an asymmetric scenario – where the enemy could as easily be a government operative as a teenager in his parents’ basement – the primary challenge is to have enough data of sufficiently high quality to understand the threat you face. Catastrophe-modeling firm AIR aptly described the problem cyber insurers face in a 2017 paper that still rings true:
“Before a contract is signed, there is a delicate balance between collecting enough appropriate information on the potential insured’s risk profile and requesting too much information about cyber vulnerabilities that the insured is unwilling or unable to divulge…. Unlike property risk, there is still no standard set of exposure data that is collected at the point of underwriting.”
Everyone wants more, better data; no one wants to be the first to share it.
As a result, the AIR paper continues, “cyber underwriting and pricing today tend to be more art than science, relying on many subjective measures to differentiate risk.”
To help bridge this data gap, Verisk – parent of both AIR and insurance data and analytics provider ISO – yesterday announced the launch of Verisk Cyber Data Exchange. Participating insurers contribute their data to the exchange, which ISO manages – aggregating, summarizing, and developing business intelligence that it provides to those companies via interactive dashboards.
Anonymity is designed into the exchange, Verisk says, with all data aggregated so it can’t be traced back to a specific insurer. The hope is that, by creating an incentive for cyber insurers to share data, Verisk can provide insights that will help them quantify this evolving risk for strategic, model calibration, and underwriting purposes.
I had the pleasure last week of attending “Data in the New: Transforming Insurance” – the third annual insurtech-related thought leadership event held by St. John’s University’s Tobin Center for Executive Education and School of Risk Management.
To distill the insights I collected would take far more than one blog post. Speakers, panelists, and attendees spanned the insurance “ecosystem” (a word that came up a lot!) – from CEOs, consultants, and data scientists to academics, actuaries, and even a regulator or two to keep things real. I’m sure the presentations and conversations I participated in will feed several posts in weeks to come.
Keynote speaker James Bramblet, Accenture’s North American insurance practice lead, “set the table” by discussing where the industry has been and where some of the greatest opportunities for success lie. He described an evolution from functional silos (data hiding in different formats and databases) through the emergence of function-specific platforms (more efficient, better organized silos) to today’s environment, characterized by “business intelligence and reporting overload”.
“Investment in big data is just getting started,” Jim said, adding that he expects the next wave of competitive advantage to be “at the intersection of customization and real time” – facilitating service delivery in the manner and with the speed customers have come to expect from other industries.
Jim pointed to several areas in which insurers are making progress and flagged one – workforce effectiveness – that he considers a “largely untapped” area of opportunity. Panelists and audience members seemed to agree that, while insurers are getting better at aggregating and analyzing vast amounts of data, their operations still look much as they have forever: paper based and labor intensive. While technology and process improvement methodologies that could address this exist, several attendees said they found organizational culture to be the biggest obstacle, with one citing Peter Drucker’s observation that “culture eats strategy for breakfast.”
Paul Bailo, global head of digital strategy and innovation for Infosys Digital, threw some shade on big data and the currently popular idea of “data lakes” stocked with raw, unstructured data. Paul said he prefers “to fish in data ponds, where I have some idea what I can catch.”
Data lakes, he said, lack the context to deliver real business insights. Data ponds, by contrast, “contain critical data points that drive 80-90 percent of decisions.”
Stephen Mildenhall, assistant professor of risk management and insurance and director of insurance data analytics at the School of Risk Management, went as far as to say the term “raw data” is flawed.
“Deciding to collect a piece of data is part of a structuring process,” he said, adding that, to be useful, “all data should be thoroughly cooked.”
Practical advice was available in abundance for the 80-plus attendees, as was recognition of technical and regulatory challenges to implementation. James Regalbuto, deputy superintendent for insurance with the New York State Department of Financial Services, explained – thoroughly and with good humor – that regulators really aren’t out to stifle innovation. He provided several examples of privacy and bias concerns inherent in some solutions intended to streamline underwriting and other functions.
Perhaps the most broadly applicable advice came from Accenture’s Jim Bramblet, who cautioned against overthinking the features and attributes of the many solutions available to insurers.
“Pick your platform and go,” Jim said. “Create a runway for your business and ‘use case’ your way to greatness.”