The Risk in A.M. Best's Innovation Scoring

On March 14, insurance credit rating agency A.M. Best released its Scoring and Assessing Innovation (Draft). Per its press release, “AM Best defines innovation as a multistage process whereby an organization transforms ideas into new or significantly improved products, processes, services or business models that have a measurable positive impact over time and enable the organization to remain relevant and successful. These products, processes, services or business models can be created organically or adopted from external sources.” The rating agency further notes, “Innovation always has been important for the success of an insurance company, but, with the increased pace of change in society, climate and technology, it is becoming increasingly critical to the long-term success of all insurers.” Best begins with an assessment of the commitment of senior management to innovation. In the compliance world, this is also called the “tone at the top.” Best broadly labels this criterion “Leadership.” If there is a firm commitment, then a positive culture of innovation follows throughout the enterprise, the second component (“Culture”) of the Best scoring model. This requires sufficient resources devoted by the insurer to bring to market new products, processes, services or business models and, per Best, “…a demonstrable impact on its long-term financial strength.” This is the third component of the model (“Resources”). Finally, existing company governance structures, policies and procedures must facilitate an innovative environment and address enterprise-wide data management and compliance obligations. (“Process and Structure”) That all sounds logical. See also: Changing Nature of Definition of Risk In what could be said to be an understatement, Best next observes, “A challenge for insurers is aligning the use of customer data with varying regulatory restrictions related to consumer privacy. The rules for mining of personal data are expected to fall within the confines of governance and encompass regulatory guidance.” While this is axiomatic, it also demonstrates an inadequate treatment of the various risks posed by innovation as characterized in the draft. Consider A.M. Best’s 2013 document, Risk Management and the Rating Process for Insurance Companies, in which “Operational Risk” is defined as: “Financial exposures arising from damage to a company’s reputation or franchise value stemming from a wide variety of external and internal factors, such as: management change; business interruption; fraud; data capture; data security and integrity; claims handling; and employee retention.” Operational risk is one of the pillars of the A.M. Best Risk Management Framework. Consequently, a properly governed insurance company will take into account the full scope of regulatory compliance issues raised by innovative technology, which is more than today’s increasingly complex and fluid data security regulatory environment. Enterprise risk management (ERM) must also assess the risks associated with replacing a wide range of systems and, potentially, relationships, that may occur with innovation. While insurtech startups have captured the imagination – and capital – of insurers, these ubiquitous private firms are also third-party vendors that should be subject to the same due diligence as any other service provider. This isn’t to suggest the insurance industry and the consumers of its products should curb their enthusiasm about innovation, or to minimize the benefits that are being realized by both insurers and insureds from what insurtechs have enabled. It is to say, however, that unless we innovate all elements of insurance operations at roughly the same time, innovation will be marked with unnecessary failures, regulatory entanglements and costly litigation. It is not just consumers who are affected by innovation. The whole spectrum of service providers integral to the delivery of benefits to insureds must be on board if there is to be success in these technological initiatives or, as Best puts it, if the insurance company is to be, “relevant and successful.” This includes legal and regulatory compliance, but it also must include making certain that every entity that must adapt to innovative technology adopted by an insurance company is capable of doing so. Currently, predictive analytics driven by access to big data have already been adopted by many insurers to improve the underwriting and claims processes. New web-based distribution systems – which rely on big data, as well – make getting insurance easier in the increasingly competitive world of small business insurance. Platforms such as bi-BERK (from Berkshire Hathaway) and Pie Insurance are but two examples of how technology is making it easier for small firms to do business with large insurance companies. For personal lines of insurance, the Internet of Things (IoT) has provided new opportunities to enhance the customer experience. It is vitally important, however, for insurers to understand the relationship between innovation and their partnerships with a wide range of service providers. In other words, change management is important throughout the environment in which the insurer operates. If any one participant in that environment is told to “just do it” (with apologies to Nike), then there is a risk that innovation will fail. While third-party service provider (vendor) management should already be part of the insurer’s ERM program, onboarding these vendors when new technology solutions are implemented should be something specifically acknowledged by A.M. Best when scoring for innovation. In a recently released study, process mining company Celonis looked at how both leaders and business analysts in the U.S., U.K., Germany and the Netherlands view business transformation. The results were startling. Sixty-two percent of C-suite executives set key performance indicators (KPIs) for their transformation initiative without understanding what’s going wrong in their business first. That led the sponsors of the survey to observe, “This suggests that many businesses are undergoing disruptive transformation processes because they think they should, rather than knowing exactly why they must.” See: Celonis (2019), Why are Business Transformation Initiatives Being Launched in the Dark? See also: New Phase for Innovation in Insurance   Echoing that theme, in a report by Valen Analytics, 2019 Outlook: The Data Race Intensifies, it was noted: “Adding to the innovation challenge in insurance is a trend of long IT backlogs, with most insurers reporting a backlog of one to two years. For the 22% of respondents unable to identify how long their IT backlogs are, it may be one indicator that technology innovation is not at the center of business strategy.” Today, the risk run by the A.M. Best effort at innovation scoring is that insurers will not do the thorough risk analysis necessary before launching and implementing significant technology initiatives. Only then will the path to innovation be focused, aligned with well-defined company objectives and capable of delivering value to all who are part of the claims, distribution or underwriting environments. Without that assessment, “bright shiny objects” will continue to be embraced for no other reason than to say that they were.