Heading Toward a Data Disaster

New catastrophe threats are emerging, to non-physical assets. The modeling tools of the last couple of decades are no longer sufficient.

On July 6, 1988, the Piper Alpha oil platform exploded. 167 people died. Much of the insurance was with what became known as the London Market Excess of Loss (LMX) Spiral, a tightly knit and badly managed web of insurance policies. Losses cascaded up and around the market. The same insurers were hit again and again. After 14 years, all claims had finally been settled. The cost exceeded $16 billion, more than 10 times the initial estimate. The late 1980s were a bad time to be in insurance. Piper Alpha added to losses hitting the market from asbestos, storms in Europe and an earthquake in San Francisco. During this time, over 34,000 underwriters and Lloyd’s names paid out between £100,000 and £5 million. Many were ruined. Never the same again In the last 30 years, regulation has tightened, and analytics have improved significantly. Since 1970, 19 of the largest 20 catastrophes were caused by natural hazards. Only one, the World Trade Center attack in 2001, was man-made. No insurance companies failed as a result of any of these events. Earnings may have been depressed and capital taken a hit, but reinsurance protections behaved as expected. But this recent ability to absorb the losses from physically destructive events doesn’t mean that catastrophes will never again be potentially fatal for insurers. New threats are emerging. The modeling tools of the last couple of decades are no longer sufficient. Lumpy losses Insurance losses are not evenly distributed across the market. Every year, one or more companies still suffer losses out of all proportion to their market share. They experience a “private catastrophe.” The company may survive, but the leaders of the business frequently experience unexpected and unwanted career changes. See also: Data Prefill: Now You See It, Now You Don’t   In the 1980s, companies suffered massive losses because the insurance market failed to appreciate the increasing connectivity of its own exposures and lacked the data and the tools to track this growing risk. Today, all companies have the ability to control their exposures to loss from the physical assets they insure. Managing the impact of losses to intangible assets is much harder. A new class of modelers The ability to analyze and manage natural catastrophe risk led to the emergence of a handful of successful natural catastrophe modeling companies over the last 20 years. A similar opportunity now exists for a new class of companies to emerge that can build the models to assess the new “man-made” risks. Risk exposure is increasingly moving toward the intangible values. According to CB Insights, only 20% of the value of the S&P 500 companies today is made up of physical assets. It was 80% 40 years ago. The non-physical assets are more ephemeral, such as reputation, supply networks, IP and cyber. Major improvements in safety procedures, risk assessment and the awareness of the destructive potential of insurance spirals makes a repeat of the type of loss seen after Piper Alpha extremely unlikely. The next major catastrophic losses for the insurance market are unlikely to be physical. They will occur because of a lack of understanding of the full reach, and contagion, of intangible losses. The most successful new analytic companies of the next two decades will include those that are key to helping insurers measure and manage their own exposures to these new classes of risk. The big data deception Vast amounts of data are becoming available to insurers. Both free open data and tightly held, transactional data. Smart use of data is expected to radically change how insurers operate and create opportunities for new entrants into the market. Thousands of companies have already emerged in the last few years offering products to help insurers make better decisions about risk selection, price more accurately, service clients better, settle claims faster and reduce fraud. But too much data, poorly managed, blurs critical signals. It increases the risk of loss. In less than 20 years, the industry has moved from being blinded by lack of data to being dazzled by the glare of too much. The introduction of data governance processes and compliance officers became widespread in banks after the 2008 credit crunch. Most major insurance companies have risk committees and all are required to maintain a risk register. Yet ensuring that data management processes are of the highest quality is not always a board-level priority. Looking at the new companies attracting attention and funding, very few appear to be offering solutions to help insurers solve this problem. Some, such as CyberCube, offer specific solutions to manage exposure to cyber risk across a portfolio. Others, such as Atticus DQPro, are quietly deploying tools across London and the U.S. to help insurers keep on top of their own evolving risks. Providing excellent data compliance and management solutions may not be as attention-grabbing as artificial intelligence or blockchain, but they offer a higher probability of being successful with innovations in an otherwise crowded space. Past performance is no guide to the future, but, as Mark Twain noted, even if history doesn’t repeat itself, it often rhymes. Piper Alpha wasn’t the only nasty surprise in the last 30 years. Many events had a disproportional impact on one or more companies. The signs of impending disaster may have been blurred, but not invisible. Some companies suffered more than others. Jobs were lost. Each event spawned new regulation. But these events also created opportunities to build companies and products to prevent a future repeat. Looking for a problem to solve? Read on. 1. Enron Collapse (2001) Enron, one of the most powerful and largest companies in the world, collapsed once shareholders realized the company's success had been dramatically (and fraudulently) overstated. Insurers lost $3.5 billion from collapsed securities and insurance claims. Chubb and Swiss Re each reported losses of over $700 million. Jeff Skilling, CEO, spent 14 years in prison. One of the reasons for poor internal controls was that bonuses for the risk management team were influenced by appraisals from the people they were meant to be policing. 2. Hurricane Katrina and the Floating Casinos (2005) At $83 billion, Hurricane Katrina is still the largest insured loss ever. No one anticipated the scale of the storm surge, the failure of the levies and the subsequent flooding. There were a lot of surprises. One of the large contributors to loss, from property damage and business interruption, were the floating casinos, ripped from their moorings and torn apart. Many underwriters had assumed the casinos were land-based, unaware that Mississippi's 1990 law legalizing casinos had required all gambling to take place offshore. 3. Thai Flood Losses (2011) After heavy rainfall lasting from June to October 2011, seven major industrial zones in Thailand were flooded to depths of up to 3 meters. The resulting insurance loss is the 13th-largest global insured loss ever ($16 billion in today’s value). Before 2011, many insurers didn’t record exposures in Thailand because the country was never considered a catastrophe-prone area. Data on the location and value of the large facilities of global manufacturers wasn’t offered or requested. The first time insurers realized that so many of their clients had facilities so close together was when the claims started coming in. French reinsurer CCR, set up primarily to reinsure French insurers, was hit with 10% of the total losses. Munich Re, along with Swiss Re, paid claims in excess of $500 million and called the floods a “wake-up call." See also: The Problems With Blockchain, Big Data   4. Tianjin Explosion (2015) With an insured loss of $3.5 billion, the explosions at the Tianjin port in China are the largest man-made insurance loss in Asia. The property, infrastructure, marine, motor vehicle and injury claims hit many insurers. Zurich alone suffered close to $300 million in losses, well in excess of its market share. The company admitted later that the accumulation was not detected because different information systems did not pick up exposures that crossed multiple lines of business. Martin Senn, the CEO, left shortly afterward. 5. Financial Conduct Authority Fines (2017 and onward) Insurers now also face the risk of being fined by regulators and not just from GDPR-related issues. FCA, the U.K. regulator, levied fines of £230 million in 2017. Liberty Mutual Insurance was charged £5 million (failure in claims handling by a third party) and broker Blue Fin £4 million (not reporting a conflict of interest). Deutsche Bank received the largest fine of £163 million for failing to impose adequate anti-money laundering processes in the U.K., topped up later by a further fine of $425 million from the New York Department of Financial Services. Looking ahead “We’re more fooled by noise than ever before,” Nicholas Taleb writes in his book Antifragile. We will see more data disasters and career-limiting catastrophes in the next 20 years. Figuring out how to keep insurers one step ahead looks like a great opportunity for anyone looking to stand out from the crowd in 2019.

Read More