McKinsey recently published a paper titled IT Modernization in insurance: Three paths to transformation, in which the report authors say: “Insurers too often treat systems transformations as IT projects rather than acknowledging them for what they are: overall business transformations.” For insurance, the transformation at hand is moving from a disconnected, product-centric sale to a hyper-connected, consumer-centric buying experience.

The challenges are well-known and include analog processes, siloed data and a distribution strategy -- consumer-adviser-insurer -- that has traditionally left carriers one step removed from their own customers. As McKinsey said, overcoming these challenges takes more than an IT project or two. Insurers need a framework for evaluating opportunities to modernize, and the best place to start is by taking a deep dive into the market drivers: customer acquisition and retention, as well as operational effectiveness and cost reduction.

Consumers Are the Key

This observation comes as a surprise to no one, yet a survey of insurance customers by Accenture found that declining loyalty and poor customer service has resulted in $470 billion in insurance premiums “up for grabs.” Clearly, our ability to meet modern consumer expectations is a business imperative.

There are two sets of consumers to keep top of mind as the insurance industry takes steps to modernize: the customers you already have and the consumers you are trying to convert. Both types are online (90% of adults in the U.S. use the internet, according to The Pew Research Center), so leveraging digital channels in our efforts to acquire and retain customers is a classic no-brainer.

Customer acquisition in the digital age presents an unprecedented opportunity to deliver an online, consumer-centric buying experience no matter what channel the sale converts through. In fact, agents continue to have a very important role to play in the insurance buying journey, so the more we can arm them with consumer data, collected from online interactions, the better. Moreover, by tracking client behavior and measuring conversion, companies are also learning about what works, and what doesn’t, which is increasingly imperative to maintaining competitiveness. Likewise, digital channels and data are critical to retaining customers and building brand relationships.

For example, car insurance companies track driver behavior, and health insurance companies are providing fitness trackers BECAUSE THEY WANT THE DATA to help manage and reduce risk. At the same time, these trackers are also enhancing customer relationships with the brand and potentially benefiting the customer by reducing rates based on behavior - a classic win win.

See also: Thinking Big for True Transformation  

When it comes to acquiring and retaining customers in the digital age, building relationships is critical, and data is how it’s done. Today’s consumers have different expectations, and there are typically many more touch points, resulting in more data that can be put to work in service of these relationships.

Operations: Managing Risk and Reducing Costs

Cost reduction and operational effectiveness are, for many businesses, the main driver for modernization, and the insurance industry is no different. When evaluating opportunities to modernize operations, consider where you are likely to get the biggest return. Insurance professionals are in the business of reducing risk, so it stands to reason that risk management is an integral part of the business of insurance as well as a great example of where modern technology can deliver meaningful ROI.

Data analytics makes it easier to identify riskier populations and customers, improve product development, targeting and underwriting and ultimately share risk more effectively. Data that isn’t available and actionable slows the pace of business, increases the chance of human error and limits the ability to make data-driven decisions.

Other opportunities to modernize and deliver savings include tackling distribution challenges, specifically reducing the cost of customer acquisition and improving agent efficiency. Another McKinsey report noted that the individual insurance companies that will outperform competitors over the next decade will do so, in part, by “using analytics to build competitive advantages in distribution.” Superior distribution networks enable insurers to reach new customers while keeping costs low to ensure profitability.

Next Steps

Perhaps you are on one (or more) of the three paths McKinsey describes: modernizing the legacy platform, building a proprietary platform or buying a standard software package. When the question is build vs. buy, conducting a thorough build-vs.-buy analysis is a great way to compare costs, timing, flexibility and user experience. It’s an effort, but worth it when you consider the cost of missed opportunities.

For example, insurtech disruptor Lemonade wrote $57 million in premiums in 2018 thanks to its consumer-centric buying experience -- a $57 million missed opportunities for carriers that sell renters and homeowners insurance. Another much larger example is the middle market opportunity, which Accenture estimates to be around $12 trillion in missing coverage potential and $12 billion in revenue to be gained by serving it.

See also: How to Evolve the Business Model  

For some companies, the build-vs.-buy choice is easy. Partnering with an insurtech to address critical opportunities is typically much faster and less risky than other approaches. Regardless of the modernization path you choose, start with your top business challenges and identify opportunities for quick wins. Remember, modernization isn’t an IT project. Meeting modern consumer expectations is a business imperative; exceeding them is how insurers can stay relevant and competitive.

As we close out the year (you have better things to do than hear from me on Christmas Eve and New Year's Eve, so we won't publish Six Things again until January), I found two recurring themes in this year's newsletters that I thought were worth highlighting as we start to turn our attention to 2020. 

One theme we kept coming back to concerned the growing number of natural disasters, as well as the need to work far harder on preventing losses, rather than just treating them as inevitable and reimbursing clients after they occur. 

As you might imagine, PG&E continued to be a four-letter word (three letters and a symbol?), especially for those of us who live in California. In November, in An Answer for California's Power Shutdowns, I highlighted the need to write policies that are updated to cover today's exigencies and to at least warn customers sooner of impending blackouts so they can avoid having food spoil, having weddings canceled at the last second, etc. That piece followed three earlier in the year on PG&E's travails: What PG&E Bankruptcy Means for the Rest of Us, PG&E: We're Not Gonna Take It Any More and Catastrophe Insurers Have a 'Pinto' Moment.

We sounded similar concerns back in June, in Bracing for Hurricanes, talking about how better tools can now help identify vulnerable properties and about how properties can be hardened more than they are currently  In April, our CEO, Wayne Allen, wrote a more optimistic piece, based on technologies and new thinking he'd seen at a conference (Some Hope in the Face of the Wildfire Threat), and I guess there was something in the water at ITL that month because I, too, wrote a less-than-dour piece about the prospects for having the pricing of flood risk start to head in the direction of reality (Flood Insurance: Are the Storm Clouds Finally Lifting?) In July, I also suggested ways for us to band together to tackle some of the biggest issues that disasters present: A Grand Challenge for the Insurance Industry.

Climate change suggests that the catastrophes will grow worse, not ease, so I suspect I'll be writing plenty about disasters in 2020, too, but I hope the industry is at least heading toward two key changes. First, we need to use our growing set of tools and data sources to price risks much better, so those in harm's way will get signals from the market and protect themselves much more effectively than in the past. Second, we need to focus on helping people during the catastrophes, such as by giving them enough warning to evacuate, rather than just swooping and handing out checks after the damage is done.

The second theme that surfaced repeatedly was the obvious one: the industry's two-steps-forward-one-step-back approach to innovation. The newsletters on the topic are too numerous to cite all of them here, but I'd highlight two. On the two-steps-forward side is: Maybe the Innovation Glass Is Half Full. On the one-step-back side is: The Hurdles Facing Innovators. 

Perhaps the most sobering reading comes if you compare two pieces. Toward the end of 2019, Wayne wrote one of our more popular pieces: 10 Tips That Your Innovation Program Is Failing. Leading into the year, I wrote a Six Things commentary last December (10 Signs You're Headed for Trouble in 2019) that, I'm sorry to say, had a list remarkable similar to Wayne's.

Here's hoping that, in 2020, we get past the old mistakes and find new ones to commit.

In the meantime, I hope you all enjoy the holiday season with friends and family and come back refreshed for what will surely be a fascinating New Year.

Cheers,

Paul Carroll
Editor-in-Chief

In the fast-moving world of insurtech, new technologies such as robotic process automation (RPA), intelligent automation, artificial intelligence (AI) and machine learning are making it easy for insurers to dream about transforming processes. However, too often they get lost on how to put those innovative technologies into use. For a risk-averse industry, we’re seeing more insurers open to using these modern technologies to improve processes and ultimately better serve their insured – the way they expect to be. Many insurers are building on proven and integral technology platforms, including content services and core insurance platforms, to include more modern solutions that will help them further streamline operations. By combining capture, workflow, integrations and RPA, insurers can take some of the tedious tasks out of their employees’ workload and automate those processes, leveraging a "digital worker" to replicate redundant and manual tasks. For example, take a loss-run request process – which one of our customers completely transformed using capture, workflow and RPA. Capture Intake processes are often tedious because there are too many manual steps. Without standardization around the process, it is inefficient and doesn’t provide reliable metrics. To continue to move critical information forward, data needs to quickly and accurately get to the right people – where and when they need it. Many content services applications offer multiple ways to capture data and instantly digitize documents, including emails, PDFs and Office documents, and connect them to key processes. This ensures data is digital from the beginning and throughout the lifecycle. Once imported and classified, insurers can create a standard way to kick off processes, drive additional efficiencies, enable performance metrics to identify trends and better assess internal resources. For loss run requests, once the request is made – whether by email or through the insurer’s portal – integrations with the content services platform can capture the request to officially initiate the process. See also: The 5 Top Trends in AI and RPA   Workflow A workflow automation tool is an excellent way to help keep processes digital by electronically routing information to the appropriate person at the right step in the process. Additionally, because information is electronic, it is easier to monitor the status of items by incorporating real-time notifications. Within the loss-run request process, employees can use electronic workflows to take captured information and run that data through the applicable channels to get the claims history reports needed to make an informed underwriting decision. After the insurer receives those claims history reports, they can analyze how many claims were made, what types of claims were made and the financial impact of those claims. RPA RPA, intelligent automation, AI and machine learning are making it easier to take advantage of digital workers to further streamline processes and achieve greater efficiency. For the loss-run request process, once information is digitally captured, indexed and put through a workflow queue, the workflow can tell the digital worker to take indexed keywords and run them through third-party websites to gather any hits for the loss-run history. Once those are available, the digital worker can open the reports, download them from the website and upload them into the content services platform. There, the workflow process is finalized and the requestor, or agent, can access the report and make a decision. It took a digital worker three to five minutes to complete each item, saving more than 20 hours per day on run-loss automation requests, according to a customer using a combination of content services and RPA technology. The entire loss-run request process was simplified down to nine steps:

1. Index data for transaction type, market and policy number in content services platform
2. Navigate to market web portal based on market keyword
3. Log into market portal
4. Navigate to “Request Loss Run”
5. Enter policy number and select submit
6. Retrieve loss run report
7. Save loss run report
8. Import loss run report to content services platform
9. Send report through final workflow steps

Building innovative solutions on proven technologies, like content services platforms, allows insurers to continue to evolve and modernize, as well as keep pace with the expectations of their clients. With any new solution, an organization needs to evaluate the best way to implement the technology into is business processes to ensure it helps them achieve greater efficiency and improve customer service. For RPA and intelligent automation it’s often easiest to incorporate and leverage these solutions in processes that:

• Have a minimum number of steps
• Are highly repetitive
• Aren’t super complex
• Have a quantifiable value

See also: 3 Ways RPA Enables Growth   Understanding the ins and outs of each of your processes is the first essential step to know where new technologies like RPA, intelligent automation, AI and machine learning will best benefit. Once implemented, employees become more productive and can focus on higher-value tasks to deliver faster and better service to their prospects and customers.

Of all the shiny new tools piquing insurers’ interest, blockchain is among the shiniest: 46 percent of insurers plan to use blockchain within two years, and 84 percent say it’s reinventing the way they engage with new partners, according to research by Accenture. But while blockchain presents enormous potential to revamp claims and contract management, detect fraud in real time and more, most insurers aren’t ready to adopt blockchain. Why? Because they struggle to leverage less shiny digital technologies to create a more seamless claim processing experience, a fundamental aspect of policyholder satisfaction. Focusing on a technical evolution rather than holding out for a complete revolution, with claim processing at the center, will position insurers to make deep gains in performance now that can continue seamlessly into the future. It’s an approach that offers strong potential to increase not only policyholder satisfaction, but also profit. How can insurance companies make the right technology plays for an elevated claim processing experience? Here are three strategies to consider. Expand self-service options via a mobile app—and ensure staff support an all-digital experience. Mobile apps are an easy and fairly inexpensive digital innovation with high return: 42 percent of auto insurance policyholders use mobile apps to upload photos or videos of vehicle damage directly to their insurers, a J.D. Power survey found. And when insurers use these images, policyholder satisfaction surges. The problem is, insurers only use these images about half the time they are received. When this happens, the delight policyholders gained from self-directing the claim experience diminishes, and satisfaction plummets, the survey found. See also: 3 Techs to Personalize Claims Processing   Bringing customer service representatives and claim adjusters on board with an all-digital claim processing experience ensures policyholders get the seamless experience they crave. Make sure staff understand the importance of using the information policyholders provide—including images of damage incurred to their vehicle or property. Seek to limit duplicative inquiries, and continually look for ways to raise the bar around the digital experience. One survey points to five factors that distinguish outstanding mobile apps for insurance from those that are just so-so:

• Ease of navigation
• Appearance
• Availability of key information
• Range of services
• Clarity of information

Also critical: digital tools that offer timely, highly personalized guidance and support real-time customer interactions. Leverage data intelligence to speed claim processing. A McKinsey study found insurers could reduce claims expenses by 25 to 30 percent by automating claim processing—an approach that also boosts accuracy. Three opportunities for insurers to explore include:

• Intelligent case management. Machine learning automatically determines the next step in the policyholder’s claim processing journey, such as the need to schedule a repair appointment. Then, data-driven tools enable policyholders to perform these tasks digitally.
• Digitizing complex tasks. Using data analytics can simplify and standardize tasks such as estimating the value of a loss. When these tasks are performed annually, amounts can vary by claim adjustor—a major dissatisfier for policyholders.
• Automating front-end and back-office processes. Digital frontrunners use automated tools to send estimates for damage, verify repair invoices, and reimburse policyholders or service providers according to their preferred method of payment.

Make the move to electronic claim payment. Claim payment is the final step in claim processing and adjudication, and it’s the single aspect of the claim experience policyholders remember most. But insurers overwhelmingly default to paper-based payment, even as check-based payments in other industries continue to decline. The positive impressions gained from digital touchpoints at other points in the claim journey are erased when policyholders must:

• Wait days for a paper check to arrive in the mail
• Physically transport paper checks to a service provider or bank for payment or reimbursement

Making the move toward electronic payment—which is 10 times cheaper than paper checks—speeds processing time and payment receipt How can insurers build the right digital claim payment strategy—one tailored to the needs of individual policyholders and service providers? The right solution should include more than one payment option for policyholders, such as ACH, push-to-debit or check. For service providers, payment options may include ACH, virtual card payments, or checks. See also: Transformation of Roof Claim Processing   Some insurers have the expertise to build an electronic payment approach internally. Others purchase digital payment technologies or partner with banks and/or fintechs to provide this service. Determining the right approach involves careful consideration of cost, time to market (speed is critical), options for expanding services as new payment modalities are introduced, and the ability to protect sensitive policyholder data and comply with financial regulations. A Tried-and-True Model for Innovation As policyholders demand a standout digital experience, there is a temptation among insurers to build out their blockchain strategy. Blockchain generates a lot of hype for its potential to unlock significant value by simplifying complex, highly manual processes. However, there are challenges to blockchain adoption, including around scalability and deployment. Instead of waiting on blockchain, putting claim processing at the forefront of a company’s innovation agenda now empowers insurers to transform key capabilities today, setting the stage for more advanced technology adoption in the future.

During the past decade, SMA has conducted a survey to learn how insurers are viewing emerging technology. This year’s technology survey reflects industry changes, because, in the grand scheme of things, some of the featured technologies are no longer emerging. And because the strategic value of the technologies to insurers is maturing, there is a shift in how the research looks at transformational technology. At the end of the day, technology should be about transforming the business and driving better outcomes. The survey results reveal the degree to which strategies are being generated. Are there pilots in the works? What percentage of the activities are implementations? Where do commercial insurers believe impact is at a business-area level? And, probably everyone’s favorite, are insurers investing? This year’s recently published survey showed some predictable results – AI is the insurance industry darling, and commercial lines is no exception. But there were also some surprises – IoT activity fell off from 2018. But why? The reasons highlighted in the report are important – it isn’t lack of value. SMA analysis and experience reveals that there are seven technologies that are supporting commercial lines transformational activity to one degree or another:

1. AI/Machine Learning
2. Robotic Process Automation (RPA)
3. New User Interaction (UI)
4. Internet of Things
5. Virtual Payments
6. Wearable Devices
7. Blockchain

To be very clear, not every insurer and every product line places the same value on each of the transformational technologies. Commercial lines are complex, and insurers are adopting where business outcomes are improved and the technology is within the parameters of strategic plans. The trick for many commercial lines insurers will be to pay close attention to shifts in business outcomes and respond quickly. Unlike past technology cycles, competitive advantage tied to technology adoption is emerging quickly. See also: Winning in Small Commercial Lines   For the skeptics about commercial lines adopting transformative technology, I hope you are a bit more positive. For those curious, or even downright happy, I hope learning curves went up, and you are challenged to understand how the seven transformative technologies can drive better outcomes within your own company. For more information, check out SMA’s research report, Transformational Technologies in P&C Commercial Lines: Insurer Progress, Plans, and Projections.

Internet of Medical Things is no longer a thing of the future; it can be rightly called a thing of today. Worldwide, a plethora of hospitals, health facilities and labs have adopted IoMT systems of iconnected devices and big data, which allows them to render error-free, personalized and overall superior healthcare services to their patients. On top of that, the demand for digitalized healthcare is growing, especially among younger generations, who are more likely to opt for medical providers offering digital capabilities. Such a system, however, can actually become a source of security and privacy threats to a medical facility and its patients. This vulnerability is a downside of the rapid emergence of healthcare IoT, which neither the equipment makers nor medical practitioners were prepared for. For now, healthcare institutions and legislative bodies are working hard to catch up and impose medical security practices, yet many facilities remain drastically behind the curve. In the light of grave consequences for human health and life, as well as possible financial and reputational harm to a medical facility, being ill-prepared for IoMT security violations is off-limits for healthcare executives. It’s high time you homed in on making your healthcare IoT impregnable, and this article will serve as a guide on this journey. Read on and learn about the most common security threats that an average Internet of Medical Things is susceptible to and, most importantly, the ways to shield your connected healthcare environment against conceivable cybersecurity risks. What Makes IoMT Vulnerable? Put into practice, the Internet of Medical Things is a vast and miscellaneous entity, often amounting to thousands of connected devices. On average, between 15 and 20 medical devices for monitoring and treatment are implemented in a single ward in the U.S. This number is only predicted to grow: According to a study by Frost & Sullivan, by 2020 the number of operating appliances – from insulin pumps to pacemakers, from imaging systems to MRI scanners – will reach up to 30 billion globally. So, on the face of it, detecting vulnerabilities in such a system is similar to looking for a needle in a haystack. In fact, there is a definite pattern of security flaws that most healthcare IoTs are susceptible to, and being aware of them is a stepping stone to rendering the system invincible. See also: Why Medical Records Are Easy to Hack   Let’s go over the most common weak spots of an average IoMT infrastructure. Legacy Systems IoMT emerged surprisingly swiftly and in a sense caught medical authorities off guard. Healthcare facilities were unable to build designated environments from scratch due to monetary or time constraints, so the majority established their medical IoT on their legacy systems. These systems were flawed and outdated more often than not, lacked crucial cybersecurity controls or all of the above. With time, a small share of organizations revamped their legacy systems, while the majority, according to a Forescout report, still operate on the Windows versions that are to expire by 2020, which would leave them unsupported and highly vulnerable to cybersecurity breaches. Outdated Medical Devices Medical devices used to be designed with no or few security considerations, and this used to suffice, as they were standalone, and threats were close to zero. Now, healthcare IoT requires medical devices to be connected within a single network, making outdated hardware a potential source of critical data exfiltration. Apart from this, a fair share of older medical devices are not in line with the cybersecurity guidelines of the Food and Drug Administration (FDA), require manually implemented patches or are beyond repair, which makes them exposed to all kinds of internal and external security threats. System Sprawl The undeniably positive trend toward increasing the number of connected medical devices has a downside: It expands the attack surface. The vaster the medical network becomes, the more foothold cybercriminals gain for infiltration. Besides, the devices commonly come from a variety of vendors, which complicates compatibility between the tools and hinders unified security measures. Best Practices to Mitigate IoMT Security Risks Network Segmentation When you have a vast IoMT legacy system that you do not plan to shift away from anytime soon, limit the potential attack surface by segmenting your medical IoT. The segmentation principle rests on individual needs and priorities: You can separate vulnerable devices only from the main network or segregate them based on their function or user types. Also, the FDA guidelines insist on separating unpatchable devices from the rest of the network and minimizing the traffic to them. Applying this unsophisticated measure, one can successfully isolate potentially vulnerable tools from sensitive data and more secure devices, and prevent a possible malware infection from spreading across the network. Segmentation also facilitates supervision of the disparate IoMT environment. Regular Updating and Patching Thorough updating and security patching can become an effective preemptive measure against data breaches. However, because the medical IoT system consists of software and hardware from miscellaneous vendors, expect patch and update releases to be numerous and irregular. This can be managed in two ways: by appointing a dedicated team to implement new versions and bug fixes as soon as they come out or automatically streamlining this process, which will require elaborate development. Another challenge of updates in medical facilities, especially in intensive care wards and such, is that a great many life-sustaining devices cannot become inoperative even for several seconds. Data Encryption Protected health information (PHI) is a coveted prize for cybercriminals who target healthcare facilities, and, in a medical IoT environment, data is more ubiquitous than ever. There is a constant flow of patients’ information within the network of devices, and a fair amount of critical information is stored on servers and devices – all an easy target unless protected. Encryption is a baseline measure for securing the integrity of PHI. The encryption process involves using a specific algorithm to render data incomprehensible, decipherable only with a confidential key. Encryption keys should also be properly secured, and access to them should be limited to select people. Therefore, in the worst-case scenario when PHI does get stolen, a threat actor could hardly access the data or assign any meaning to it. See also: Insurance and the Internet of Things   Machine Learning Machine learning (ML) can help diminish security concerns related to the Internet of Medical Things. It can serve as an extra-sensitive risk detector, recognizing suspicious activities across all the network’s devices and endpoints in real time. Beyond that, ML can monitor data exchange within the facility as well as with external entities and detect anomalies in the data flow. The technology can also be leveraged for predicting system vulnerabilities, analyzing the facility’s big data and recommending corresponding security measures. Still, for the time being, machine learning is too young as a technology to be left to its own devices, so considerable human supervision and correction is still required. With IoMT, It’s Better Safe Than Sorry Internet of Things has proven to be a disruptive technology for healthcare, used to diagnose more accurately, monitor treatment progression closely and perform sophisticated procedures, to name but a few applications. At the same time, the IoMT environment is very complex, demands financial investment and upkeep and, among all things, can be the loophole for a security breach or a data loss. Still, it is better to prevent than to treat problems, and health professionals know this like nobody else. Do not wait for the worst to happen – instead, be aggressive and implement relevant security measures to keep your facility and patients from harm. After all, with so much at stake – money, reputation, health and even lives – inaction is inexcusable.

If your customers go to your website to pay, and you use a third-party vendor to process the payment, whom are they paying: You or the vendor? The answer to this deceptively simple question can determine whether your business handles online payments smoothly or runs afoul of state laws, landing you in legal hot water. It turns out that, at least in some states, the answer is far from straightforward. In fact, it may even depend on how you ask the question. As the head of a company that helps other businesses process online payments easily, I saw this up close in New York state as we navigated the complicated legal guidance on behalf of our partners. It’s an instructive story for businesses that may be thinking of adding online payment to their websites, because it illustrates the pitfalls you could face if you hire the wrong people. It all began on June 19, 2007, when I received an advisory opinion that had been published by the New York Insurance Department responding to a question I had asked: “May an entity that provides a service to insurance companies that permits policyholders to pay their insurance premiums by credit card charge those policyholders an additional fee to cover credit card and other service expenses?” The answer? No. The department said that vendors such as my current company, Simply Easier Payments, may not charge policyholders paying insurance premiums with a credit card an additional fee. The document ends with this statement: “Because an insurer may not impose a credit card surcharge on a policyholder, anyone acting on an insurer’s behalf, such as the company, is similarly prohibited from imposing a surcharge on the policyholder.” I then asked a slightly different question and received a very different answer just a few months later. See if you can spot the difference in the second question: “May an entity that provides a service to insurance policyholders that enables them to pay their insurance premiums electronically by credit card charge those policyholders a fee to cover credit card and other service expenses”? The answer? Yes. In a Feb. 25, 2008, response, the department said that nothing in New York insurance law and regulations bars a vendor that “provides a service to insurance policyholders that enables them to pay their insurance premiums electronically” from charging a fee. If you find that confusing, you’re not alone. But it turns out there’s a world of difference between the two questions. See also: 7 Questions on Taking Online Payments   Who are your customers paying? The regulators in New York were kind enough to meet with me for a discussion about our business model before they reached the second opinion. They were very clear in our meeting about the difference between the two answers. In the first question, we were considered to be a legal representative of the insurance company. We were acting on the company's behalf. As such, we were subject to all the same laws and regulations as the company was. Imagine you regularly eat at a hot dog stand, and the city has a rule that the stand can’t charge you extra for condiments. The owner can’t just hire a lawyer to stand nearby and demand payment instead; it’s all the same hot dog stand. But in the second question, we were not representing the insurance company, we were helping the policyholder. That meant we had a separate business relationship. In this example, you’re not going to a hot dog stand. You’re giving money to a friend who’s going to bring you back a hot dog and maybe run some other errands for you. If he demands an extra dollar for the trouble of getting mustard and relish, there’s nothing stopping him. Define your pre-existing business relationship. The department used three criteria for determining if an existing business relationship existed between us as a vendor and the insurance carrier or agency.

1. Is there a written contract between us and the merchant receiving the payment?
2. Does the merchant receiving the payment pay us any amount for any service?
3. Do we pay the merchant any other amount?

If the answer to any of these was yes, then the department would consider us to be the representative of the carrier or agency and therefore subject to all the same laws and regulations. In addition, one other criterion was noted in the permission granted on Feb. 25, 2008: “The payment system does not at any time hold the premium payment on behalf of the customer or any insurance company.” The conclusion reads: “Thus, an insurer (or anyone acting on the insurer’s behalf) may not impose a credit card surcharge on a policyholder. Your client, by contrast, is not selling insurance and is not acting on any insurer’s behalf. Rather, it is providing (and charging for) a distinct service, i.e. the making of secure payment via electronic means.” What does this mean for your business? The moral of the story is not what you should do if you’re running an insurance agency – or even a hot dog stand – in New York. It’s that you need to be aware of the complexity of these laws before you hire any company to help process payments for your business. The wrong decision could prove costly. The laws on credit card surcharges vary from state to state, and not all of them are as tricky as the scenario we ran into in New York. But in general, states now agree on those criteria for establishing a separate business relationship. See also: 3 Reasons to Use Online Marketplaces   As a result of that back-and-forth in New York, we at Simply Easier Payments stripped our business model down as much as possible to avoid any legal complications. We do not have a contract with merchants. We do not charge merchants for any service, e.g. no monthly fees, no charge-back fees, no integration fees, etc. We do not pay merchants. And we never hold the premium payment in any way. This helps us avoid any situation in which we might be considered a legal representative of the businesses we work with. The goal, as our name says, is to make things easier.

Several years ago, property and casualty insurance executives were looking over their shoulders anxiously at a growing number of internet startups. Who were these scruffy people wearing black turtlenecks? Could they really “disintermediate” legacy providers that had been around for a century or more? Since then, we’ve all evolved. By now, most brands know they have inherent strengths that are hard to dislodge. The startups have matured, too, and they clearly have something to offer the market. We’re now working with companies in both camps, helping them navigate this new normal, where collaboration, acquisition and competition are all plausible options. Some insurers may think they’ve dodged a bullet. But insurtech’s threat is more stealthy, and no less powerful. Insurtech: the new, new thing? At this fall’s InsureTech Connect trade show, literally thousands of people descended on Las Vegas to show and examine the latest offerings, from core systems, predictive analytics tools and anything-as-a-service to pitches addressing distribution, pursuing unserved niche markets, offering comparative pricing and broker services and more. In our recent report on the state of insurtech, we cautioned insurers to look beyond the many truly interesting offerings now coming to market. As impressive as these tools are, we urged decision makers to stay focused on the capabilities that make their companies unique. See also: Has a New Insurtech Theme Emerged?   What do insurers really do? So, what are those capabilities? At holiday dinner tables, you may find yourself talking to a relative about what insurance is, and why it’s important. You may say something like, “We create products that help manage risk by sharing the possibility of individual loss with a larger pool of users.” This explanation held true for a long time, but, with the rise of insurtech, it may not be the best way to look at your business. That’s because many insurtech companies have emerged to manage the firehose of data that now shapes our world: the Internet of Things (IoT), wearable health devices, connected cars, artificial intelligence and more. Of course, there’s still a role for insurers when someone else captures and gets the insight from that data. But it’s a commodity role, driven by who is willing to write a policy to offset the risk at the lowest rate. There won’t be many winners, and the margins won’t be attractive. Some insurers see their business as settling claims and handing out checks. But when someone else is using telematics to assess driving habits, or social media to understand lifestyle risks, who will be able to monetize this data? Increasingly, underwriting depends on getting deep into the data-driven weeds. If you’re not there, recognize that someone else will be. The rise of outside money There’s another factor shaping insurance today: the amount of private equity (PE) and venture capital (VC) money flooding into the industry. An industry as highly capitalized as insurance was bound to have external investors come knocking eventually. Now, they have. To be blunt, many insurance systems are too costly and too slow. PE and VC firms have seen this, and they’ve said to themselves, “I don’t have to be perfect, and I know I can be more efficient than this. Even if I’m only a little bit better than the legacy players, I can make a very healthy profit.” It’s a form of arbitrage, and competition could soon get a lot tougher. With the acceleration of insurtech and related technologies such as cloud and artificial intelligence, PE and VC firms have found a way in that doesn’t require them to show a century of stability. They can do very well developing an insurtech play for very specific aspects of the P&C value chain. Many traditional companies are finding themselves in a commoditized business, without the structure of a commodity manufacturer. Finding your way to play Some of the most exciting developments in technology are now reshaping the insurance industry. That spells new opportunities and new risks. With the rise of PE and VC funding, we now see competition emerging from companies with significant resources—and they’re privately held so they can be more patient investors. See also: Advice for Aspiring Leaders in Insurtech   Legacy insurance companies still have enormous advantages, and many opportunities to win. But most won’t be able to do it alone, and there are many examples of insurers that wasted time (and money) on the wrong insurtech acquisition or partnership. As the cycles of innovation and capital movement accelerate, you’ll need to be more focused than ever on the capabilities that make your company great. Insurtech is a game-changer.  Make sure you’re playing the right game.

The range of risks facing company executives or directors and officers (D&Os) – as well as resulting insurance claims scenarios – has increased significantly in recent years. With corporate management under the spotlight like never before, Allianz Global Corporate & Specialty has identified, in its latest risk report, Directors and Officers Insurance Insights 2020, five mega trends that will have significant risk implications for senior management in 2020 and beyond. 1. More litigation is coming from “bad news” events Allianz continues to see more D&O claims emanating from “bad news” not necessarily related to financial results, including product problems, man-made disasters, environmental disasters, corruption and cyber-attacks – “event-driven litigation” cases that often result in significant securities or derivative claims from shareholders after a share price fall or regulatory investigation related to the “bad news” event. Plaintiffs seek to relate the “event” to prior company or board statements of reassurance to shareholders and regulators of no known issues. Of the top 100 US securities fraud settlements ever, 59% are event-driven. One of the most prevalent types of these events is cyber incidents. Allianz has seen a number of securities class actions, derivative actions and regulatory investigations and fines, including from the E.U.’s General Data Protection Regulation (GDPR), in the last year, and expects an acceleration in 2020. Companies and boards increasingly will be held responsible for data breaches and network security issues that cause loss of personal information or significant impairment to the company’s performance and reputation. Companies suffering major cyber or security breaches increasingly are targeted by shareholders in derivative litigations alleging failure to institute timely protective measures for the company and its customers. The Marriott case – where the hotel chain announced that one of its reservation systems had been compromised, with hundreds of millions of customer records left exposed - is a recent example of a cyber breach resulting in D&O claims – one $12.5 billion lawsuit among several filings alleges that a “digital infestation” of the company, unnoticed by management, caused customer personal data to be compromised for over four years. 2. ESG and climate change litigation on the rise Environmental, social and governance (ESG) failings can cause brand values to plummet. And investors, regulators, governments and customers increasingly expect companies and boards to focus on ESG issues, such as climate change, for example. Climate change litigation cases have been brought in at least 28 countries to date (three-quarters in the U.S.). In the U.S., there are an increasing number of cases alleging that companies have failed to adjust business practices in line with changing climate conditions. Human exploitation in the supply chain is another disrupter and illustrates how ethical topics can cause D&O claims. Such topics can also be a major focus for activist investors whose campaigns continue to increase year-on-year. Appropriate company culture can be a strong defense risk-mechanism. Many studies show board diversity helps reduce and foresee risk. Regulators are keen to investigate and punish individual officers rather than the entity, forcing directors into increased personal scrutiny to provide assurance that they did due diligence to prevent such cases from occurring. See also: How to Deliver Tough Message on D&O   3. Growth of securities class actions globally Securities class actions, most prevalent in the U.S., Canada and Australia, are growing globally as legal environments evolve and in response to growing receptivity of governments to collective redress and class actions. Significantly, the E.U. has proposed enacting a collective redress model to allow for class actions, while states, such as Germany, the Netherlands and the U.K., have established collective redress procedures. The pace of U.S. filing activity in 2019 has been only marginally slower than record highs of 2017 and 2018, when there were over 400 filings, almost double the average number of the preceding two decades. Shareholder activism has increased. Approximately 82% of public company merger transactions valued over $100 million gave rise to litigation by shareholders of the target company threatening that the target company’s board will have breached its duties by underpricing the company, should the merger succeed. 4. Bankruptcies and political challenges With most experts predicting a slowdown in economic growth, Allianz expects to see increased insolvencies, which may potentially translate into D&O claims. Business insolvencies rose in 2018 by more than 10% year-on-year, owing to a surge of over 60% in China, according to Euler Hermes. In 2019, business failures are set to rise for the third consecutive year by more than 6% year-on-year, with two out of three countries poised to post higher numbers of insolvencies than in 2018. Political challenges, including significant elections, Brexit and trade wars, could create the need for risk planning for boards, including revisiting currency strategy, merger and acquisition (M&A) planning and supply chain and sourcing decisions based on tariffs. Poor decision- making may also result in claims from stakeholders. 5. Litigation funding is now a global investment class These mega trends are further fueled by litigation funding now becoming a global investment class, attracting investors hurt by years of low interest rates searching for higher returns. Litigation finance reduces many of the entrance cost barriers for individuals wanting to seek compensation, although there is much debate around the remuneration model of this business. Recently, many of the largest litigation funders have set up in Europe. Although the U.S. accounts for roughly 40% of the market, followed by Australia and the U.K., other areas are opening up, such as recent authorizations for litigation funding for arbitration cases in Singapore and Hong Kong. Next hotspots are predicted to be India and parts of the Middle East. Estimates are that the litigation funding industry has grown to around $10 billion globally, although some put the figure much higher, in the $50 billion to $100 billion range, based on billings of the largest law firms. The state of the market Although around $15 billion of D&O insurance premiums are collected annually, the sector’s profitability is challenged due to increased competition, growth in the number of lawsuits and rising claims frequency and severity. Loss ratios have been variously estimated to be in excess of 100% in numerous markets, including the U.K., U.S. and Germany in recent years due to drivers such as event-driven litigation, collective redress developments, regulatory investigations, pollution, higher defense costs and a general cultural shift, even in civil law countries, to bring more D&O claims both against individuals and the company in relation to securities. The increased claims activity, combined with many years of new capital and soft pricing in the D&O market has resulted in some reductions in capacity. In addition, there has also been an increase in the tail of claims. Hence, there is a double impact of prior-year claims being more severe than anticipated and a higher frequency of notifications in recent years. As for claims severity, marketplace data suggests that the aggregate amount of alleged investor losses underlying U.S. securities class action claims filed last year was a multiple of any year preceding it. See also: Why Private Firms Should Buy D&O   Despite rising claim frequency and severity, the industry has labored under a persistent and deepening soft market for well over a decade before seeing some recent hardening. Publicly disclosed data suggests D&O market pricing turned modestly positive in 2018 for the first time since 2003. However, D&O rates per million of limit covered were up by around 17% in Q2 2019, compared with the same period in 2018, with the overall price change for primary policies renewing with the same limit and deductible up almost 7%. From an insurance-purchasing perspective, Allianz sees customers unable to purchase the same limits at expiration also looking to purchase additional Side A-only limits and also to use captives or alternative risk transfer (ART) solutions for the entity portion of D&O Insurance (Side C). Higher retentions, co-insurance and captive-use indicate a clear trend of customers considering retaining more risk in current conditions.

It’s been more than four years since the term "insurtech" was coined. Back then, a surge in interest in deploying new technology, data and analytics to improve all parts of the insurance buying process held the potential for radical change. Disruption in financial services saw the emergence of challenger banks. Today, costs have been reduced, and customer experience has improved. If even banking could be fun, surely insurance would be next? The message has got through – few in the insurance industry would claim that better data, analytics and technology are not a critical part of their future success. Blueprint One by Lloyd’s of London identifies how it will deliver on the Future of Lloyd’s manifesto. It provides an excellent vision for any insurance organization about how the world should look a few years hence. But don’t mistake a clear view for a short distance. Just because we know what the future looks like doesn’t mean it’s going to be easy to get there; nor does it mean it will happen fast. Insurance is a grudge purchase. Other than the risk-obsessed or the highly analytical, few people, or companies, want to spend money on it. The future of insurance is not going to be about making buying insurance fun; it will be about making insurance disappear. Most of us are terrible at assessing the true risks around us. We overestimate the true risk of what has happened most recently, the things that have affected us personally and what we can’t control. We underestimate the impact of events that happen infrequently, that have happened to other people and that we think we control. People are often more scared of flying than driving to the airport, yet there is a far greater likelihood of having a fatal accident in a car journey than in a flight of the same duration. Some of the innovations in insurance in recent years have failed because they assumed people wanted more options about how to insure their possessions or insure against bad things happening. The reality is that we don’t want to have to make more decisions about insurance. It’s painful thinking about potential losses, and we see no immediate benefit from spending money on insurance. We tend to ignore it if we can. See also: 5 Emerging Trends for Insurance in 2020   Most of us buy insurance because it’s a required condition of something else, such as car insurance to drive, household insurance to get a mortgage or liability insurance to run a business. We’ll accept insurance if we get it for little or no cost (health insurance as an employment benefit, for example). It’s often painful to buy insurance – and even more so to make a claim. We can spend hours providing information online or by phone to get cover that reflects our needs. Or we can buy on an app on our phone and risk purchasing something that doesn’t match our needs. Either way, we rarely properly understand what we are actually covered for and suspect (often correctly) that we are duplicating our cover between different insurance policies in some areas, and have glaring holes in others. Traditionally, it was the role of the broker to ensure that we had adequate cover across all areas of our lives and businesses. That worked fine when most of our risk came from physical assets (houses), or lives, where a loss was generally beyond doubt (your house burns down or you die) and the risk could be assessed by actuaries and understood by the policy holder. Today, much of our value lies in the intangibles of our digital lives. It’s much harder to know what our exposure to cyber-risk is, or reputation, or liability is. At the same time, the old broking advisory business model is proving expensive and unable to deliver the depth of advice to keep up. Individuals and small businesses are being encouraged to go directly to the insurer, and corporations are looking beyond their brokers for advice. Unless we have to buy the insurance, people (and companies) often ignore it or defer the decision. Human nature isn’t going to change any time soon, so insurance needs to. The core fundamentals of insurance aren’t going away, but they will look very different. At some point, the concept of buying insurance as a separate protection will vanish. Insurance will become embedded into our purchases and corporate spending. Regulation will ensure the protection for loss still exists, but the onus will be on the provider of the services not the buyer. The easiest way to do something is not to do it all. We will not have to grapple with understanding our various insurance policies, because they won’t exist. If we lose, burn, break, flood, crash or hurt things, they will be put right, sometimes before we even realized we had a problem. See also: Future of Claims Intake for Insurance?   It’s not going to happen soon, but, in the meantime, look out for the insurers, innovators and technologists that are making insurance easier and clearer. A few might succeed in making it fun, but the best will be making it invisible. They are the future of insurance. You can find the article originally published here.