The use of accelerated underwriting processes has come a long way in the last five years. Although it was an innovative idea not long ago, most insurers now engage in accelerated underwriting to some degree and are increasingly looking for novel ways to remove inconvenience, delay and cost from the new business process. However, as impressive as its uptake has been, the industry has yet to begin tapping the true – and transformative – potential of accelerated underwriting. This is because most of the time it has lacked the automation component. Automation has the potential to benefit insurers across their entire business, but this is especially true of accelerated underwriting, which at its heart is about streamlining and speeding policy issuance for simpler, lower-risk cases. It’s here that automation can really shine. Take for instance a case where an accelerated underwriting process removes the need for an in-person examination. Without automation, that review by an underwriter will still take 24-48 hours to be completed, even though the relevant information is instantly available in seconds. With automation, the entire application and underwriting process can be reduced to a matter of minutes. This is precisely what new technology platforms are enabling. Advances in AI and machine-learning have come to the point whereby technology can consistently and efficiently underwrite a large proportion of cases. Technology can respond intelligently to input, in real-time, determining what additional information is needed, and then make an underwriting decision and issue insurance coverage. What’s more, when appropriately linked with and integrated into the rest of the business, it can feed information back for better risk modelling in the future. See also: 3 Ways to Optimize Predictive Analytics   When you add in a layer of predictive analytics to the automation, things start to get really interesting. Predictive analytics can add value to the risk selection process and our understanding of the risk in a number of ways. The first, mentioned above, is a ‘bottom-up’ benefit – i.e. cases where the analytics engine can spot relationships in the underlying data that are then brought to the attention of underwriters, who can then investigate whether and how that pattern relates to real-world factors. Another way predictive analytics can add value runs in the other direction - top-down. It means business managers and underwriters have access to a vast pool of analyzable data that they can use to help answer questions and test hypotheses or ideas. Having this ability can remove a lot of unnecessary trial-and-error, and can give all levels of the business a better view of information that is vital to long-term success. A third and very significant value-add from predictive analytics is that it can help with the systemic stratification of ‘grey areas’ within the underwriting process– that is, the cases in the middle that aren’t either extremely healthy, or obviously high-risk. Segmenting this grey area and formulating better approaches to these cases is crucial for any insurer looking to reduce “RTUs” (Refer to Underwriter) and gain a market edge, and a sophisticated analytics engine can make the process a lot more efficient and smarter. It is these elements – automation combined with predictive analytics – that could turn accelerated underwriting from a useful cost and time saver into something that could truly revolutionize the insurance business model as a whole. So far, insurers have predominantly used accelerated underwriting to target the same customers they’ve historically targeted. What automated underwriting and predictive analytics can unlock is the ability to actually grow the pie – to target new or previously untapped markets, and create a wider variety of more specialized products focused on particular customer niches. The time and cost savings associated with using this technology could enable different business models for distribution and make it more attractive to target markets that were previously viewed as uneconomical. This process is particularly well-suited to digital distribution, and to making headway into the underserved middle market. Connected to this – and under-utilized at present – is the way in which automated systems are able to integrate new data sets quickly and holistically. Data has always been, in one way or another, the lifeblood of insurance. But in the modern digital age with its corresponding explosion in the amount of data available, a lot of potentially relevant data sets go untapped by the industry. The ability to access this data and integrate it into risk selection processes will be a big determiner of success for insurers in the near future – those that don’t succeed could get left behind. Of course, opportunity and challenge are two sides of the same coin. The addition of automation and analytics to accelerated underwriting holds tremendous potential, but also poses a big challenge. Insurance isn’t renowned for being a particularly tech-savvy industry. Yet, to make full use of these new capabilities, firms are going to have to embrace technology and data science. Most companies will need to work with partners to help the transition. Not just a software vendor to access the technology itself, but there will be a need to find the necessary expertise in both the technology and the insurance sector as whole in order to facilitate a business process revamp. Collaboration will be key in supporting the integration effort needed to fully realize new technology’s potential within a business. But automation does not mean a total overhaul of existing business structures and processes – because this too is likely to incur more risk than opportunity. Firms should take a modular and flexible approach, using systems that can sit within a variety of existing infrastructures with minimal disruption. See also: How Underwriting Is Being Transformed   The shift to automation and analytics is coming fast. And when it does, the implications for insurance business models – what’s possible and what’s not – could be just as profound as e-commerce was for the retail sector. For those that get ahead, the rewards could be just as great.

Back in the days when Johnny Carson was host of "The Tonight Show," he joked about what he saw as the four seasons in southern California: earthquake, wildfire, rain and mudslide. Now that the first big rain of the season is set to hit California over the next few days, I found myself thinking about what may come next—and into the breach stepped my friend and frequent co-author Chunka Mui with a challenging column both on the fundamental problems that climate change poses and on how insurance needs to step up to the challenge. (That's where you all come in.)

The core issue is timing, as Chunka explains in his Forbes column. Even in areas such as in Florida where rising sea levels are a known problem, 30-year contracts are being written for municipal bonds and mortgages, based on historical data. But past isn't prologue where climate change is concerned, and a timing disconnect arises because insurance on those 30-year contracts is arranged annually.

What happens in 15 years if sea levels rise so fast that a property that can, today, be insured for a modest amount is seen as being at far greater risk? In 20 or 25 years, could many municipal projects and considerable real estate carry such high insurance premiums that they lose enormous value or even become worthless, while municipalities and property owners must continue to meet their payment commitments?

The Florida economy depends on its real estate values, and we don't have to go far into the past to find perilous analogies, where banks made long-term commitments based on short-term borrowing, only to see short-term rates soar. 

The answer would seem to be two-fold. First, those making the commitments to repay the bonds and mortgages will want insurance innovators to set premiums that bridge the one-year versus 30-year disparity, ideally offering a 30-year insurance contract. Easier said than done, right? So, second, innovators will need to become far, far better at predicting climate change so that rates can be based on projections, not irrelevant historical data, and so that municipalities, builders and prospective property owners can get economic signals about projects they should avoid.

In reality, the best result, at least initially, will probably be a hybrid. Longer-term insurance contracts (or commitments in capital markets) may be offered based on sharper projections, but with some ability to raise premiums if sea levels rise much faster than expected.

A look at our Innovator's Edge database on insurtechs finds that there are plenty of companies on the case. Nearly 90 identify themselves as focused on climate change, and we'd say that a portfolio of about a dozen have good prospects for making a dent, on issues ranging from analytics and artificial intelligence to sensors and smart homes.

Chunka has seeded a lively discussion on the topic at LinkedIn, and I'd encourage you to join in if you have any interest. Comments would also obviously be welcome here. How to price climate change risk is a hard, hard problem—one that deserves the full attention of the insurance community and that I'm sure we can tackle, if not solve outright.

Have a great Thanksgiving.

Paul Carroll
Editor-in-Chief

Companies have increasingly turned to the cloud for their email solution. Cybercriminals or attackers have watched this trend and are finding ways to access email hosted in the cloud, which is known in the security community as a Business Email Compromise (BEC). Unfortunately, many companies are implementing cloud-based email without an understanding of how attackers are getting in and what safeguards help prevent an attack. The vectors for compromised email attacks are the same as many other types of system or network occurrences. The most common attack vectors are phishing or spear phishing emails, which contain an attachment containing malware or a malicious link that brings the user to a legitimate-looking website and prompts the user for credentials. When the email recipient clicks on the link and provides credentials or opens the attachment from a phishing email, the attacker is able to get a foot in the “door” of the company, so to speak. The security community refers to this as gaining a foothold, and this is the first step in a cyberattack. Credential stuffing is another attack vector often used, which involves using stolen credentials, typically obtained from successful data breaches, to access the cloud-based email environment. Attackers find that credential stuffing works well because many people use the same username and passwords for multiple accounts across the internet. Credential stuffing involves the automated entry of stolen credentials into online accounts in an attempt to gain access to accounts or systems. Sites such as haveibeenpwned.com allows users to determine if their email address account has been compromised from discoverable past breaches. Once an attacker has access to the cloud-based email environment, it is easy to view email within the account to identify any information of value. Additionally, the attacker may try to gain access to other systems in the environment or launch other phishing attacks using the compromised account to make the phishing emails look legitimate. If the attacker has or gains administrative access to cloud-based email environment, the attacker may even modify rules within the system to forward emails to an external email account or even create her/his own email account on the system. The goal of the attacker is typically monetary gain. There are several methods, many of which are often very creative and are used to obtain money from the company. The first involves fraudulent wire transfers where the attackers attempt to impersonate an executive in the office via email instructing someone in finance to wire money to a particular account, usually for the alleged reason of paying an invoice. The second method often used (if sufficient anti-fraud procedures are in place to prevent the wire transfer) is to obtain and modify invoices that have not been issued with payment instructions redirecting the funds to an account the cybercriminal has set up. The attacker then issues the modified invoice to a client of the company from the company’s cloud-based email, thus making the invoice look legitimate. Here, the attacker relies on the client paying the invoice without verifying the modified bank information. See also: How Can Insurers Leverage the Cloud?   Unfortunately, these attacks are often successful despite security practices in place to prevent them. For example, most users do not have administrative rights to the cloud-based email environment. Restricting rights is one of the basic components of security, called the principle of least privilege (POLP). But attackers have ways of escalating privileges by searching for cached credentials, using key loggers that track users’ keystrokes, and a variety of other means. Once the administrative credentials are located, the attacker can escalate their compromised accounts to higher levels and set rules that are not obvious to the average user. This allows the attacker to move throughout the email environment without being noticed and helps the attacker to cover her/his trail. Now that the attacker has the proverbial “keys to the kingdom,” the attacker will typically modify rules so that she/he can monitor the organization’s email content and traffic. Oftentimes, this includes having email of key personnel, such as the CEO, CFO or HR personnel, forwarded to the attacker. At present, most attacks involve locating banking credentials and information to help attempt wire fraud, but as companies get better at prevention, attackers will likely morph their methods for other financial gain. For example, email communications may provide attackers with information to attempt to extort an organization or an employee. Most organizations discover an attacker’s presence only after the attacker has executed some fraudulent activity; however, there are times when perceptive IT personnel may see evidence of the attack such as modified rules or the addition of email accounts. Once an attack is detected, the company should start an investigation. While investigating, it is important to make sure the attacker is no longer in the environment; then the focus can turn to what information may have been compromised. As a first step, the company should change passwords and enable two-factor authentication. Additionally, the settings, including whether any forwarding rules are in place, should be reviewed. Unfortunately, even if the attacker was unsuccessful in achieving financial gain, the company’s information, potentially including personally identifiable information (PII), or protected health information (PHI) may have been exposed. Reporting requirements for exposed PII vary among states. In some, access to PII may be reportable even if there is no evidence the information was acquired. So, it is important to involve outside counsel to examine if there are reporting requirements. Use of forensic experts can also prove beneficial in understanding how the attacker got in, whether the attacker is still in the environment and what information was accessed or acquired while the attacker was there. As Ben Franklin said, “An ounce of prevention is worth a pound of cure.” This holds true when it comes to cyber security. It is difficult to build a house that is impenetrable, because people need to get in and out and commerce needs to continue. However, there are some actions that should be considered by IT security, including:

1. Using dual-factor or two-factor authentication (2FA);
2. Reviewing email security settings to ensure adequate controls;
3. Monitoring traffic for unusual activity – consider using an email gateway to help monitor traffic;
4. Keeping email authentication and trace logs for as long as possible;
5. Training employees to recognize phishing attacks.

See also: Cloud Apps Routinely Expose Sensitive Data   As companies continue to migrate to the cloud, cybercriminals will continue to target the cloud as a gateway to commit crimes. Prior to migration, companies should consider these risks and make sure the security measures in place are as strong as possible. Doing so will help make the cloud a less lucrative target and can help reduce the volume of attacks. Until then, the Rolling Stones song “Get Off of My Cloud” seems to be a fitting warning to cybercriminals: “Hey, you, get off of my cloud.”

We are living in the accumulated aftermath of the countless cyber breaches that, since the turn of the century, have cost the global economy over $2 trillion. We are in the untenable situation where insurers find it nearly impossible to provide security for their insureds while safeguarding their own profitability. However, the destruction and loss of the past need not be the fate of the future. If cyber liability and technology E&O insurers learn from the recent past, then insurers can help give rise to a future cyber realm that is free from the doubt and fear that are prevalent now. Over the past two decades, insurers have not worked with members across the private spectrum to put into place unified laws governing the cyber realm, so there are now laws across the world that have been enacted or about to be enacted that are making it more difficult to provide cyber liability insurance. What may be even worse is that, for the past four years or so, different governments have argued against end-to-end encryption (E2EE), and insurers have not responded swiftly to that threat, either. If a country, especially one like the U.S, were to pass a law making E2EE unlawful, then providing cyber liability insurance to anyone would be made more difficult than it already is. Thus far, insurers rarely speak to each other regarding their most prominent common adversary: hackers. Perhaps the only time that insurers might broach the subject of that adversary is when they are at a NetDiligence or PLUS Cyber Symposium conference, and even then hackers are treated as more of an appetizer than as a main course. If a hacker or hacking group causes five different insurers a combined loss of $50 million, then clearly such attacks represent a inconsequential loss. However, because insurers do not talk to each other, not only do they not know the common methods of attacks on their insureds, along with the collective loss they suffered, but they also have no way to focus efforts on removing that hacking threat. There is also no way to know that a hacker or hacking group is targeting a specific sector of the private sphere, because the only way to know that is through shared intelligence. Every day, threat actors from nation states or hacking groups or standalone hackers are using the advances in cyber breach techniques learned from each other to create the next unstoppable attack. It is time for insurers to pool their own resources so that they and their insureds can begin to level the playing field with respect to the main adversary so that laws passed are to the benefit of insureds and insurers alike. Insurers also need to look at the complete picture to be responsible netizens and help craft a safer cyber future. When semiconductor technology in the form of computers began to integrate with the personal and professional realms in the 1980s and into the 1990s, at least in the U.S, it was a very tortured process. Almost as soon as businesses had upgraded to 33Mhz processors, 66Mhz processors came out. Similarly, the original floppy disk drives quickly gave way to 3.5-inch disks, which gave way to Zip drives, CD-Roms and so forth. In software, things were no better. After finally using computers and learning DOS, businesses were introduced to Windows 3.1 and thereafter were upgraded to Windows 95, 98, 98SE and beyond. Every part of binary technology over the past 40 years has seen a relentless drive toward cutting-edge technology, and that pursuit thrust upon the people of this world a technological reality that very few understand. Today, most people are unable to say what SoC (System on Chip) drives their smartphones, what a GPU stands for, what the differences are between 4G and 5G wireless technologies and what many other basic technological concepts are. Even among insurance professionals, there are still many people who hunt and peck and are unable to achieve a typing speed of 45 words per minute. Worldwide, almost all schools lack a structured curriculum for the K-12 system that not only teaches binary fundamentals to the young but also helps them to understand computing history and the potential future of computing and networking technology. Consequently, despite the significant numbers of people using social media and smartphones, and the rise of IoT, most people do not know the fundamentals of our present binary world. Perhaps more damaging is what the future holds. If most people barely understand current technology, then quantum computing, carbon nano tubes and neurotropic technology will be ever more unnerving for even more people. This disparity between the few who understand it, and the tremendous numbers who access the binary world without comprehension, creates a dangerous situation in multiple ways. Yet, this is the situation in which cyber liability and technology E&O insurers are trying to insure a binary usage world. See also: Future of Insurance to Address Cyber Perils   With the whole picture in mind, it is time for insurers to start implementing, soonest, solutions that will prevent the future from being like the past two decades. Insurers and insurance brokers alike need to start to act in accordance with what being part of a community means. In its most basic form, a community is a group of people or organizations that exist in the same area or share a common purpose, and the most successful communities are the ones that come together and put the good of the community ahead of any individual member. Insurers would do well to start to establish a series of townhalls in physical communities to talk about not only what cyber liability and technology E&O are but also go over every aspect of what cybersecurity is, from anti-virus software to which CPUs and GPUs are the least vulnerable, to cyberattacks. It would be especially helpful if some of these townhall seminars were dedicated to people 65 and older, because many organizations are wanting to “help” seniors without providing them with reasonably secure cyber products. To date, seniors do not seem to have borne the brunt of cyberattacks. However, it is only a matter of time before cyber criminals begin to realize the monetary value of focusing cyberattacks on seniors. Many insurance professionals are eager to point out that small and medium-sized businesses are extremely vulnerable to cyberattacks, but warnings from a distance are not an acceptable substitute, on such an urgent issue, for face-to-face human interaction. There is a reason that property and auto insurers in the 20th century, used a phrase such as “like a good neighbor, State Farm is there.” A neighbor is a community member who is invested in the success and challenges of others. With the 2020 U.S census coming up, there still has not been a unified community outreach effort on the part of insurers to help the census begin and end in a secure form at the community level. The most efficient way insurers can help with the census is to provide public libraries and community centers with new computers and networking equipment and lending IT staff. Insurers also need to work with the cybersecurity community and with K-12 schools around the world so that students understand how to be responsible netizens. There needs to be encouragement in education, from letting the young follow what is popular technologically, to what is actually effective and useful. If insurers do not work with the cybersecurity community, then how can educators and parents ever really know what responsible netizen activity looks like? Insurers can either work with others to start reducing that deficit, which will also reduce the frequency of breaches, or insurers can repeat their mistakes and forever put their profitability and the safety of their insureds in doubt. In terms of effective global communication, we who are living now are standing where once stood those who coped with the changes in communication wrought by the printing press and its transformation of the world. However, modern global correspondence faces challenges that require insurers to start putting solutions into place now that will have benefits that last in terms of decades and centuries. With that in mind, it is time for insurers to bring to life an international competition that will encourage students in the seventh to 12th grades to create educational websites or advanced robots or allow for a structured and interactive way for them to point out zero-day exploits and other vulnerabilities that would have a $500 million or larger impact on the world economy if the exploit were to be used against the netizen community. Insurers also need to start to rate every piece of technology with an independent testing lab. The lab needs to be built with the authority and autonomy to ensure that its ratings are as impartial and accurate as possible so that insurers can work with information that is as close to factual as possible. Insurers also need to tackle higher education and work with an organization like IEEE to finally bring the training of software developers/engineers into the 21st century. It is time for software engineers to have to meet requirements that are on par with structural engineers and attorneys. Not only will this enable a minimum higher level of coding competency, but it will prevent the non-certified engineers from being allowed to put pieces of inept software code into programs upon which this world depends. Helping the brilliant young become useful and positive contributors to the cyber community, creating an independent testing lab and working with other members of the netizen community to produce certified software engineers can only enable a netizen community that appropriately values and pursues safety, the common good and the future success of the cyber realm. All of this would be to the great benefit of cyber liability and technology E&O insurers and their insureds. See also: Surveying Wreckage of Cybersecurity   People often cite the increasingly sophisticated breach techniques of hackers or the hyper evolving technological innovations of technology companies as reasons why dark knight cybersecurity specialists have managed to become so formidable. However, the reality for the rise of hackers is the inaction of implementing long-term solutions by insurers. Cyber liability and technology E&O insurers perhaps have the best vantage point of any other part of the private sector, because they get to watch in real time everything that happens before, during and after a breach. It is those insurers, especially cyber liability insurers, who say they can help and protect insureds, and who are actively offering their services on the world’s stage. Unfortunately, insurers have thus far acted as if they need only sprint to the finish line to help their insureds. This is not, though, a sprint. It is in fact a very long journey that insurers must undertake. However, if insurers pace themselves, unite with each other to overcome shared challenges and reach out to other members of the netizen community, then they will be able to leave the winter of desolation behind and step into a future spring that is lively, safe, profitable and enduring.

For insurers that underwrite commercial properties, crime risk data can often be overlooked or under-prioritized in comparison with other hazard data. In the P&C industry, we’re often quick to note the insured or economic losses associated with catastrophes. But did you know that crime costs billions each year? The FBI reported nearly 7.2 million property crimes in the U.S. in 2018, with an estimated $16.4 billion in property crime losses, not including arson. Although crime data can be spatially expressed just like flood, hurricane, hail and other perils, it is commonly an overlooked piece of the property risk puzzle, and therefore not often supported by underwriting guidelines. One of the factors contributing to the underuse of crime data is that it has generally lagged behind other hazard data in research and development. Now, however, leading data companies are creating models that account for the location where the crime actually occurred, allowing crime risk to be geographically represented. Traditionally, crime data has not been detailed or accurate enough for underwriters to gain a comprehensive understanding of the true risk related to a property or portfolio. That’s because there is a lack of crimes reported at the geographic level versus the law enforcement agency level. Data from Location Inc. and Pitney Bowes, however, can be applied at the point of underwriting or portfolio management to help insurers assess the likelihood of violent crime, theft, vandalism and even behavior-based fire risk at the street level. See also: Using High-Resolution Data for Flood Risk Here are a few examples of how P&C insurers can apply crime risk data within a solution like SpatialKey for more informed underwriting and property risk assessment: Use Case 1: Violent Crime & Property Crime The below image shows a top tier college campus with a moderate crime score according to Location, Inc.’s SecurityGauge crime data. A moderate score is the national average for crime; however, the area around this college's location has an above-average crime rating. As you can see, there is a clear delineation between the school’s campus (near average risk relative to the nation, shown in yellow) and the surrounding city (in orange/red), which has an elevated crime score. So while the school itself is at or below the national average for crime risk, knowing that there is some high crime nearby could raise a flag to ensure proper coverages and adequate premiums are in place when underwriting this risk. Use Case 2: Arson When underwriting property risk outside the U.S. and Canada, for example in the U.K., Pitney Bowes crime data, for England, Wales, Scotland, and Northern Ireland, can be used within SpatialKey to understand factors driving overall risk, as shown below. The location has a very high score (borderline extreme, in fact) for arson. When looking at this map, you can see that there is a bus depot across the street from the location in question. This information should factor into your risk assessment due to the flammable nature of the bus depot. These use cases demonstrate how using expert crime risk data wcan help insurers:

• Gain a more comprehensive view and reduce adverse selection by determining the overall crime rate for an area at the street level.
• Adequately or more accurately price for the associated risk — For example, setting a higher theft deductible if the crime data shows increased crime in the area, or lower premium if the property has security measures on-premise such as cameras, lobby security, etc.
• Determine which coverages to limit or even exclude based on the characteristics of a particular neighborhood/community (e.g. for an apartment complex, review the crime data to determine the level of property and violent crime in the area and limit/exclude coverages accordingly).
• Evaluate concentrations of exposure in particular for a schedule of risks, as crime codes can vary greatly within the boundaries of a single city.

See also: Fighting Fraud With Data Analytics Check out this article for more information about how to use expert crime data within SpatialKey to inform your underwriting.

Insurance fraud has been around since, well, the beginning of insurance. The ancient Greeks created a form of maritime insurance to indemnify against potential losses incurred with the sinking of a commercial ship in transit. It became a common scheme for the boat owner to hide the boat in a foreign port and collect the insurance money. Even in those early times, special investigators were hired to determine if the boat had indeed sunk. Fast-forward to the present, and, for the last few decades, the industry has been using increasingly sophisticated technology to address fraud. Now, several technologies can change the game for detection. For example, machine learning, social media and aerial imagery can all contribute. All generate and rely on massive amounts of data, including many new data sources. Whether we are talking about opportunistic fraud or organized crime rings – these technology areas provide terrific opportunities to combat fraud. Of course, fraud may occur during the underwriting OR the claims process. When a person or business is applying for insurance, there is always the potential to purposely supply incorrect information to get a lower rate. On the claims side, fraud may occur at many points during the lifecycle. In the case of staged accidents, it is occurring even before the accident occurs. So how is the advance of technology aiding in fraud detection today? First, let’s look at new data sources. Rate evasion can be more easily spotted today due to the wide variety of new data sources that can provide checks on the information provided by a customer or agent. For example, for auto, it is easier to spot true garaging locations or identify if a vehicle has been in a flood. For property, there is a wealth of data about the current characteristics of the property. See also: Identifying Fraud in Workers’ Comp   When it comes to machine learning, big data approaches with massive computing power and huge data sets can spot patterns and anomalies that it would be impossible for humans to spot – and do so with a lower rate of false positives. Social media has become a central tool for investigators and law enforcement, especially for workers’ comp fraud. We’ve all heard stories about individuals claiming disabling injuries then show up in Instagram pictures skiing or skydiving. The social media universe also yields a lot of information about connections between various individuals and businesses that can be mapped to identify fraud rings. Using aerial imagery, it becomes easier to compare before and after pictures of a property to determine if damage was caused by a particular weather event. One of the biggest benefits of all this new capability is that technology allows fraud to be detected significantly earlier in a claim and with greater accuracy, so that Special Investigative Units (SIUs) and claims processes are more effective (compared with before, when SIUs or management found out about a fraud three to four weeks or longer after FNOL, by which point it was too late). There is still much work to be done to find the right solution partners, integrate new solutions with existing systems and determine the optimum balance of technology and human expertise. But there is now greater potential to finally make significant headway in reducing fraud, especially the potential for earlier identification and more accurate outcomes. That’s what’s new and encouraging in this long-running battle!

With my wife, Mary Ann, away for two weeks, I’m always looking to score some good food. I live in a small town, where the Super Walmart is the local cultural and epicurean haute cuisine epicenter, so I normally must travel to another town to find something decent to eat. I’m not trying to be a food snob, but that’s just the way it is here in central Florida, where the three basic food groups are defined as Bar-B-Q. While Popeye’s Louisiana Kitchen is certainly not anywhere near any Michelin stars, I like their spicy fried chicken. Forgive me, Julia Child, but I like the flavor and texture. So last Sunday I made my way to the closest Popeye’s drive-thru line. My wife had suggested that I order enough chicken for multiple meals, instead of just for lunch, and I was happy to follow this advice. So, when I got to the menu, instead of ordering a three-piece, I decided that the eight-piece family meal was the right choice. I mean, my wife made the suggestion. As I pulled up to the microphone, I heard a friendly Popeye’s employee ask for my order, or so I assumed. The sound quality was very poor. I said I wanted the eight-piece family meal, spicy. What happened next is where the unlikely alliance starts. The Popeye’s employee started to speak, but the sound was so garbled and filled with static that I could not make heads or tails of it. I did recognize the number nine, but that was about all I understood. Because there was a line of cars behind me that was wrapping around the block, I didn’t want to do anything that would slow the process, so I repeated that I wanted the eight-piece family meal, spicy, and I was able to make out an “OK” over the speaker. As I got up to the window to pay the happy and friendly Popeye’s employee, I mentioned that I heard something about the number nine but couldn’t understand what the person was saying. It turns out that Popeye’s was running a promotional deal. The standard, eight-piece family meal is $13.29, but there was a nine-piece meal available for $12. 99. I cocked my head to one side and said, “So, I can get an extra piece of chicken and save money at the same time? What a deal! Please change my order from eight to nine pieces. And please be sure to make it spicy.” They changed the order; I got an extra piece of chicken while saving 30 cents, and I was happy. That extra piece of chicken seemed to be especially tasty. See also: Using Technology to Enhance Your Agency   My satisfaction as a customer had been blocked because I could not understand the information or my options. My customer experience was later elevated when I got the correct data and options, making it possible to make an informed decision. The data was there all the time, but faulty technology made it difficult, if not impossible, for me to understand my options. I began to wonder: When was the last time that an employee pulled up to the drive-thru and tried to order something like a normal, everyday person? What about the shift manager? The store manager? The franchise owner? Harper Lee was right when she wrote those immortal words in "To Kill a Mockingbird" for Atticus Finch to share with his children, “You never really understand a person until you consider things from his point of view...until you climb into his skin and walk around in it.” While I’m not a betting man, I would gladly wager all the money in my pockets and my checking accounts that no one in management has ever gone through the drive-thru. If they had, I feel confident that my technology experience would have been radically better. Is it the same? Whoever you are, you are reading this because you are interested in the insurance industry. And you are thinking one of two things;

• Yes, ordering chicken and insurance ARE the same. Chicken is chicken, and insurance is insurance. Both are commodities. Or,
• No, ordering chicken and insurance ARE NOT the same. While chicken may be chicken, all insurance is not created equal and is not a commodity.

Irrespective of your perspective, selling and servicing insurance depends on clear communication with prospects, customers and authorized third parties. If the data and communications are not clear, then cost and frustrations go up while satisfaction and utilization go down. It is paramount that selling and servicing insurance be based on information, communication and transparency. If you are responsible for systems that collect or share insurance data, when was the last time that you personally examined the system from an outsider’s standpoint? Brought someone alongside who’s not directly involved with the insurance space and walked the person through your data collection and exchange solutions? Collected direct feedback for your users? Made changes in response to user feedback? Moving forward From a technology standpoint, there is much that can be done to enhance communication with prospects, clients and third parties while mitigating miscommunication. Here are six areas to consider; User eXperiences:

• Don’ts – pave the historical cow path of ACORD/company forms, internal screens or database layouts.
• Do’s – reimagine the experience based on the user’s perspective alone. Make it easy to follow and use, be sensitive to screen real estate size or constraints.

Start and Stop:

• Don’ts – force users to gather and complete data entry based on what’s convenient for your system or organization.
• Do’s – allow users to start, suspend, restart and change the basic intent of the transaction, even allowing them to reorder the screen and field flows.

Big Data:

• Don’ts – assume that third-party data is valid, clean or up to date.
• Do’s – tell users what third-party data you are going to access before you retrieve it, show the data to them and ask for feedback.

Artificial Intelligence:

• Don’ts – hide the AI process, results or how it hurt their eligibility or rate.
• Do’s – practice complete transparency about your use of AI, explain what it is, what data you are using, sharing both intermediate and final results.

Risk:

• Don’ts – camouflage what are the favorable risk factors that you are looking for.
• Do’s – be transparent on both favorable and unfavorable risk factors and what the user can do to reduce their risk.

Reading:

• Don’ts – use arcane, overly complex and statutory-sounding insurance jargon and terms.
• Do’s – as the March Hare said, “say what you mean” as simply and straightforwardly as possible for all text on screens, definitions and forms.

See also: Emerging Technology in Personal Lines   If you are looking for some instant, quick fix, low-hanging fruit or some other consult-speak buzzword solution, you need to read a different article by a different author. Improving clarity, understanding and transparency are long-term tasks requiring refinement over time. But we need to start somewhere, and where we are is as good a place to start as any.

Risk management is integral to insurance, but it’s traditionally been an inexact science. Thanks to recent technological advances, however, risk management is about to get a long overdue upgrade. If an eyebrow is raised, it is likely because the insurance industry has been slow to adopt technology, but artificial intelligence (AI) and machine learning are making headway. The appeal in using data to predict outcomes, drive efficiency and reduce costs has sparked intrigue and curiosity. Tack on the ability to make jobs easier and facilitate claims faster, and even the biggest skeptics, those most resistant to change, are curious about how AI can be applied. Despite the aversion to tech or potentially costly, time-consuming operational overhauls, AI systems already have been put to work in some of the world’s largest insurance organizations, where they are used to address highly specific issues that have plagued different sectors for years. Now, the time has come to consider how AI can help with risk management. New Data, New Insights Much of the information that risk managers value in making assessments is not readily accessible to them today. Data in claim notes, documents, images, even injured worker sentiment requires someone manually poring through files because this type of information can’t be entered or sorted in conventional systems easily. But new, AI-based systems can incorporate and analyze these forms of unstructured data. They make it much simpler for employees — even the least tech-savvy employees — to find and interpret the elements that will be the most crucial to their decisions. See also: How Machine Learning Transforms Insurance   Additionally, the more that AI-based systems “read,” the faster and better they learn and understand. Models that leverage unstructured data yield more accurate and detailed analysis, and, by enabling adjusters to make more informed decisions based on data, organizations can reduce the severity and frequency of claims. This makes everyone happy. The industry can move light years forward by delivering this kind of data and analysis to risk managers’ fingertips whenever they need it. Group Analysis Another way in which new AI-based systems can help risk managers is by analyzing data across groups. It’s far more efficient to grasp what is happening across a portfolio or set of claims when a machine generates a report vs. reading file after file to formulate an opinion. With new tools, risk managers easily can look across very large datasets to see what’s happening collectively. They can determine the macro impact instead of relying on an isolated view of a single claim. In addition to the time and resource advantages, AI-based software spots trends and outliers that cost money unnecessarily. Collective View Vs. Limited Project Basis AI models also are able to draw on a wealth of historical information — information that is constantly updated. This stands in contrast to the way the world of risk works today, where most analysis is conducted on a project basis. The project ends; so does data collection. Important information is often lost in the lapse between projects. Modern AI systems solve the issue by persistently refreshing to ensure updated reports can be ready on demand. The result is a much richer and more realistic picture of what is happening in an organization’s claims. Power of Prediction The gold for risk management, however, lies in AI-based solutions’ ability to predict outcomes. AI applies science to risk management based on an incredible number of data points that should be considered in helping teams prepare for the future. Modern systems show risk managers the behaviors that need to change, assumptions that are incorrect and what things will look like if they continue to follow the present course. This information is so important because every customer or risk manager has observed different behaviors, which shape their views and how they conduct their jobs. AI systems parse all of this behavior to give a far more comprehensive view. Systems then can alert users to adverse trends that are developing so that teams can adjust accordingly. This not only decreases the lifespan of claims but potentially can save millions of dollars. To gain the best predictions, however, it is necessary to use a platform solution that lets users easily gather insights and create models that learn from the entire industry, not just their own data. They then apply that information to a specific customer’s data. The more data a system can analyze, the more patterns come up, yielding more precise and valuable predictions. See also: Key Challenges on AI, Machine Learning   Armed with an abundance of data that is simple to access and interpret, claims managers can do their jobs faster and more easily than ever. This can make a potentially huge positive impact, not only on their own organization but also on the larger sector. As machine learning and AI-based technologies mature and are more widely adopted, the industry will become more exact. Costs will drop, and efficiency will improve, ultimately helping to transform the insurance industry. As first published in WorkCompWire.

The U.S. has enjoyed the longest economic expansion in American history. One thing’s for sure, though – it’s not going to last. Recessions are a normal part of the economic cycle. Expansions lead into contractions, which then lead into more expansions, and so on.  The next downturn is coming, even if no one can predict exactly when. It’s been a while since people had to talk about how to “recession-proof” their business. Indeed, given the length of the current expansion, there are plenty of business leaders out there who have no experience navigating a downturn. For many, the knee-jerk reaction to a slowdown is to cut expenses – curtail travel, freeze hiring, postpone investments. While that can help, it can also hurt. A lot depends on where cuts are made, and how those cuts affect the customer experience. To illustrate the degree by which customer experience can truly recession-proof a business, we pulled data from Watermark Consulting’s Customer Experience (CX) ROI Study. (The study analyzes the stock market performance of the top-rated companies in customer experience versus the bottom-rated. Follow the link for details on the study’s methodology.) See also:  Key Changes for Customer Experience   Specifically, we looked at the performance of CX Leaders and CX Laggards during the last U.S. recession, 2007-2009. (We chose that span based on the National Bureau of Economic Research’s official designation of when the last contraction began and ended.) The story the graph tells is striking. While CX Leaders weren’t immune from the recession, they clearly fared better than other companies. Whereas the broader market and the CX Laggards lost significant market value during the contraction, the CX Leaders actually notched positive returns. What does that tell us? It certainly suggests that the quality of a company’s customer experience does influence its ability to weather a recession. CX Leaders tend to be cushioned from the most severe impacts of a downturn, because they represent one of the last places people cut back (or seek less expensive alternatives), as well as one of the first places to which they return. Of course, the protection a great customer experience affords during economic slowdowns isn’t unqualified. There are many ways a company can sabotage its own success, despite offering an appealing customer experience (see this story about the 2011 bankruptcy of the top-rated company in customer experience). However, in general, companies offering a top-notch customer experience are far-better-positioned to withstand a recession than those that don’t. For business leaders, this means two things:

• First, when the economy is expanding or business is good, invest in the customer experience to further differentiate your company in the marketplace. This might sound obvious, but the fact is, when revenues are growing and the future looks bright, many organizations de-prioritize CX investments, under the premise that, if business is booming, customers must already be happy and loyal.
• Second, when the economy sours or business slows, be especially judicious when considering expense cuts that could materially affect customer experience. Such actions might yield short-term gains, but they also introduce serious long-term risks. Furthermore, don’t ignore opportunities to actually improve the customer experience while simultaneously lowering expenses (read more about that approach here).

See also: Customer Experience Gets a Major Facelift   Famed investor (and CEO of Berkshire Hathaway) Warren Buffett once commented that “You only find out who is swimming naked when the tide goes out.” His point? Every business leader looks smart during economic booms; it’s only when adversity strikes that you see who the real geniuses are. With an economic slowdown looming, the tide will soon go out. What will it reveal about your business?

When Catalyst for Payment Reform hosted a webinar that provided a glimpse into Walmart’s healthcare strategy and management plans, Lisa Woods, senior director of U.S. benefits, talked about a new program to simplify and improve healthcare, particularly primary care, for Walmart’s million-plus associates and their families. She alluded to Walmart’s well established and continuously expanding Centers of Excellence (COE) programs, as well as two new programs. First is a personal healthcare Assistant, powered by healthcare navigation firm Grand Rounds, that helps Walmart associates with billing and appointment issues, finding a quality provider, understanding a diagnosis, coordinating transportation, arranging child care during appointments and addressing other important patient needs. Walmart has also broadened its telehealth offerings, including for preventive health, chronic care management, urgent care and behavioral health. All video visits have a $4 copay, and associates can book an appointment with a primary care physician within one hour and a behavioral health visit within one week, making services highly accessible. Partners for this program are Doctors on Demand, Grand Rounds, and Healthscope Benefits. Daniel Stein and Matthew Resnick, from physician profiler partner Embold Health, described how their data collection/analytics approach identifies physicians with histories of providing the most appropriate care. In three markets – Northwest Arkansas, Tampa/Orlando and Dallas/Ft. Worth – Walmart’s “Featured Provider” program will connect patients to the high-performing providers that Embold has identified in eight specialties: primary care, cardiology, gastroenterology, endocrinology, obstetrics, oncology, orthopedics and pulmonology. Walmart has been a key partner in the development of Embold Health – Stein, the CEO, Stein is a former Walmart medical director – and its efforts to accurately profile the quality of healthcare delivery at the individual physician level. The health outcomes improvements and savings associated with only using high-performing physicians should be profound. See also: 11 Ways Amazon Could Transform Care   The changes that Walmart has announced reflect a laser focus on solving specific problems, like overtreatment and patient difficulty with navigating the system, that plague all primary care programs. The company has been tinkering with and testing different primary care models for a decade or more. As with its COE program, the goals of Walmart’s new healthcare programs are a more refined, disciplined and methodical set of innovations focused on driving better care, a better patient experience and lower cost and that, for the most part, are not yet available to most primary care patients elsewhere in U.S. healthcare. As a side note, it’s worth recognizing that, in an ideal world, the major health plans – e.g., United, CIGNA, Aetna, Anthem – with many millions of lives covered, would have pioneered these approaches to manage healthcare risk, to improve health outcomes and to reduce cost. The fact that payers haven’t been motivated along these lines is a reflection of the perverse incentives that have driven the U.S. health system for decades, that all patients and purchasers are up against and that have facilitated the kinds of innovations discussed here. Walmart attacked these problems because it is at risk for its population and its costs. Few employers have the resolve and the resources available to develop key innovations that can move an industry like healthcare forward. Not surprisingly, Walmart appears to see an opportunity here and has larger plans. Walmart almost certainly believes its healthcare efforts are applicable beyond its own population, and, like Haven, Kroger and Costco, has staked out a healthcare business strategy. Primary care are logical services to begin with, and Walmart has announced that its pricing will be 30% to 50% below conventional primary care prices. Walmart’s focus on improving experience, health outcomes and cost, combined with its national footprint and deep resource base, could immediately catapult it to the first rank of competitors in this space. No doubt, Walmart has its eye on providing primary care services to groups as well as individuals. Relationships with health plans would allow the company to share in the savings it generates through the primary care platform and associated programs. Think about the territory covered here. Walmart intends to:

• Develop highly price competitive primary care clinics across the country.
• Offer very low-cost telemedicine that can be a convenient pathway to primary care and other care, streamlining care processes.
• Implement a personal healthcare assistant that can simplify navigating the healthcare system and expedite a much enhanced patient experience.
• Connect to the highest-performing local physicians and regional COEs in each specialty, driving appropriate and disrupting inappropriate care and cost, in strong contrast to the inappropriate care and cost patterns that have come to dominate U.S. healthcare.
• Develop some tie to health plans that would allow the company to benefit from the health outcomes improvements and savings that its management approaches create.

A vigorous primary care campaign by Walmart would undoubtedly threaten traditional primary care models and spur competitive innovation among progressive primary care organizations, especially if the company publicly conveyed a dedicated focus on transparent management of full continuum health outcomes and cost. This would powerfully differentiate Walmart’s primary care efforts from those of competitors like Walgreens and CVS, whose convenience care primary care models are mainly dedicated to maintaining the status quo. See also: Avoiding Data Breaches in Healthcare   Walmart’s activities in this space are one signal that the old paradigm in health care is waning and that a new, value-based healthcare market is emerging. It can’t happen soon enough.