Twitter feeds of industry influencers lit up about ZhongAn’s recent $1.5 billion stock offering. There was a feeling in the air that the P&C insurance industry had finally turned a corner, reaching for direct-to-consumer distribution with open arms. However, customer satisfaction studies from J.D. Power indicate that U.S. insurers aren’t quite there yet. While more consumers shopping for auto coverage use D2C channels for quoting, only 10% of those quotes turn into new business. Consumers have high expectations when purchasing products through digital channels, so insurers need to provide more than a pleasant experience. They need to provide a wow moment. We recently conducted a survey of P&C insurers. What we found is that the “wow” experience is eluding many. While 68% say they view digital distribution as the most important aspect of their future growth, fewer than 25% are fully happy with their efforts to date. The elusive “wow” factor is holding many insurers back from realizing the benefits of going direct-to-consumer. What are they missing? Raising Acquisition Rates in P&C Insurance Insurers that aren’t online are missing the chance to engage with nearly 70% of the market. That’s the number of consumers who prefer to use online channels to research coverage. Turning a casual observer into a customer depends on the strength of your D2C capabilities. Some websites are off-putting. They speak primarily about the insurer, provide a complicated quoting process and fail to advise customers on coverage gaps. In this digital environment, the customer feels like a pawn, being moved through a complex series of maneuvers to determine product pricing or to purchase insurance coverage. If we turn this scenario around to one where the website speaks to the customer, provides easy quoting of insurance products and advises the customer on coverage gaps, we see a more personalized shopping experience emerge. See also: 3 Ways AI Improves P&C Economics   In case you’re wondering how open consumers are to this type of digital advisorship, Accenture has an answer. It recently polled more than 32,000 consumers and found that 74% are open to advice about insurance from digital sources, and many find that it’s faster, offers greater convenience and delivers more impartial guidance. A comprehensive direct-to-consumer strategy plays a strong role in acquisition rates. A leading D2C insurer expanded its digital capabilities and saw new business increase 8% in the quarter the enhancements were made. Supporting Customers in their D2C Experience While consumers are keen to embrace digital, what happens when they have a question that can’t be answered online? They are going to need an agent, but after experiencing the top-tier digital bliss of your D2C channel they aren’t going to be inclined to purchase if the agent is slow or less personal. Industry influencer John Cusano said that to complement digital distribution channels, and remain relevant to their customers, insurance advisers need to use an array of digital tools to efficiently manage routine tasks as well as to service increasingly demanding and knowledgeable customers. That means uniting siloed systems and giving agents a single view of the customer across products. When insurers get this right, it plays a big role in generating new business, as is evidenced by a prominent insurer in the D2C space. This insurer recently enhanced the digital experience for its consumers and internal agency. As a result, conversion rates rose to 35%, and sales doubled year-over-year. Customer Loyalty Is Possible in P&C Insurance Bain’s recent survey of 172,000 insurance customers confirmed what many in the know have been indicating for a few years now. Frequent interactions generate loyalty. Historically, insurance has been a low-touch business. Insurers send out renewal papers with a request for payment every six months to a year and, beyond that, only engage with customers if there is a claim. Consumer demand for high-quality touch points goes back to digital pioneers like Amazon. They’ve constructed a business out of putting customer needs at the forefront and generating a “wow” experience from the first interaction. As customers make their way across a site, they are guided by product recommendations and pricing comparisons. Each of these touchpoints make customers feel central to the buying experience, and they come back for more. This is where D2C comes in for insurers. Digitizing customer information makes for more efficient data retrieval and better application of consumer analytics. The insights derived can pinpoint interaction opportunities, including cross-selling moments, all in real time. According to Bain, the more touchpoints the better, as insurers that master the art see net promoter scores that are 15 points higher than other insurers. D2C Adds up to Stronger Acquisition, Retention and Loyalty In our survey, 77% of insurers are seeing demands for direct-to-consumer channels of engagement. That’s because consumers have grown accustomed to interacting through the channel that is most convenient in the moment, and they like the simplicity of purchasing online. Insurers with strong D2C channels send a clear message to consumers. It says they are in touch and ready to put their customers at the center of their business strategy. Customers deliver loyalty in return, driving up retention rates and buying more products. See also: P&C Insurers: Come Out of the Dark Ages   To better serve customers and encourage retention, a top customer-experience leader recently improved its direct-to-consumer offering. Despite increasing its advertising budget, the insurer reduced its expense ratio and increased conversions 4% in a single quarter. Are you still searching for a digital identity? If so, what are the main impediments you’re facing?

I honestly did not know what to expect, yet I was somewhat shocked by the results. And it is making me rethink much about our current educational strategies. I've had the tremendous fortune over the last few years to present at numerous conferences and seminars about various areas of workers' compensation. Many of those presentations mentioned the “grand bargain,” yet, it wasn't until last week that the thought ever came to me. We spend a great deal of time talking about the tenets of the grand bargain, or the “great compromise”; but how many workers' compensation professionals even know what it is? I spoke at the Texas DWC Educational Conference in Dallas recently. My scheduled topic was titled “Opting Out of Opting In – The Cost of Non-Subscription.” I did not simply wish to focus on the accounting aspects of employer liability within the Texas non-subscriber world. I wanted to talk about the real cost to the employer, worker and society of not protecting our most valuable assets - our human workforce. Part of this presentation mentioned the basic doctrines of workers' compensation, both the grand bargain and exclusive remedy. Shortly before the presentation began, however, I had a thought. I wondered, how many people, embedded in the day-to-day minutiae of workers' comp, even know what the grand bargain is? I decided to ask, for the first time ever, that question of this audience. See also: Taking a New Look at the ‘Grand Bargain’   My session was the last one of the conference, the mightily feared “closing session.” A number of attendees had already departed, so I would estimate that there were only about 100 people in the room. As I began my presentation, I told them that I would like to ask what was likely a stupid question. I said, “By a show of hands, how many of you have ever heard of the grand bargain?” Probably just a dozen or so hands went up. I claimed at the time that I was not too surprised by that, but I was truly taken aback. The grand bargain, the covenant that created basic protections for injured workers in exchange for limited liability protections for their employer, is the underlying foundation that created and has guided our industry for more than 100 years; yet 90% of the workers' compensation professionals in the room had never heard of it. How could we let that happen? It is often said that, to understand where you are going, you must have a clear vision of where you have been. People working in workers' compensation today may have a clear understanding of process, but they may be fuzzy on why we exist in the first place. I've often said that one of the problems of the workers' comp industry is that it has been essentially commoditized over the last 100 years. It is not clearly understood by the people it serves, and those who experienced the confusion and tumult that brought the industry to life have long since departed this earth. Today, workers' comp is viewed by many employers as a pain-in-the-butt mandatory expense that they would be better off without. They do not appreciate the benefits and protections that workers' comp can provide them. They don't know about the grand bargain. And, apparently, many in our industry are not prepared to educate them. That must change. This shouldn't be difficult. The grand bargain can literally be explained in minutes. It should be required curriculum at all conferences and within workers' compensation training programs. People must understand the “why” in addition to the “what” and the “how.” In fact, the “why” is probably the most important part, as it can motivate and guide the way our processes and procedures are performed. See also: ‘Opt Out’ Will Return; Pay Attention   This was not the fault of the people in that room in Texas. It is the failure of an industry to embrace and understand its heritage. It is the result of a relentless focus on process versus one of purpose and recovery. We need to teach our professionals about the grand bargain. It is part of understanding our history; and, as we all know, a failure to understand history means we may be doomed to repeat it.

Will policy administration systems cease to exist as we know them? Insurance core systems have evolved from monolithic policy, billing and claims suites that were primarily for accounting functions to fully functional service offerings. Configuration capabilities were added next, reducing the size of the code base. Solution providers are now aggressively working to offer headless (no user interface) core offerings with microservices and integration layers to address the legacy nature of the core systems. As a service-oriented architecture, microservices consist of independent, modular services that each run a unique process and communicate via a lightweight protocol. Microservices-based architectures allow for continuous delivery and deployment, and these offerings meet carriers’ needs for competitive differentiation of customer experiences, faster deployment of changes, integration with new analytics capabilities and deeper digitalization of processes. What’s next? We see leading solution providers modernizing their systems by segmenting and extracting functionality from the remaining core components to create standalone services that can be hosted in the cloud and accessed directly from any platform. They will continue to dismantle these components and build microservices to enable more continuous change and flexibility. These services will leverage cloud capabilities and expand on demand to meet spikes in workload, then shrink to more appropriate deployment levels. See also: Policy Administration: Ripe for Modernizing   Orchestration of microservices for online interactions will eventually be controlled by the UI layer. Batch jobs have been modernized to background functions to increase availability. Will policy administration systems shrink into just the orchestration layer for bulk processes? Will they disappear entirely like a house built out of Lego blocks that has been dismantled? Will current solution providers adapt quickly enough, or will insurtech disrupt this market with core services built on more adapted architectural frameworks? One thing is for sure: Carriers will need more sophisticated tools to monitor performance and manage microservices. By implementing the modern core systems of today, carriers can not only avoid needing to transform their existing systems, but can also focus on differentiation while outsourcing evolution to their solution providers. The key is to remember that the point of buying a system isn’t just for benefits today, it’s also for the value that comes tomorrow.

In last summer’s blog series, I looked at the impact of digital on the insurance industry’s barriers to entry. Now I’ll change the perspective and ask, in response to digital and other pressures, “What will the Insurer of the Future look like?” Auto/Motor Insurance The Insurer of the Future will do very little business in the auto/motor market. Insurers that remain focused on this segment (whether personal or commercial lines) will either shrink dramatically or fail. See also: When Will the Driverless Car Arrive?   As I said last year, once fully driverless cars become the norm, then:

1. Accident rates will be diminished dramatically.
2. There will no longer be drivers to insure.
3. But it’s actually even worse than that for insurers: Thefts will be minimized, too, as vehicles can be disabled remotely.
4. Fire and malicious damage cover will no longer be needed, as personal and business vehicle ownership is increasingly replaced by manufacturers supplying "vehicles as a service";
5. With the majority of vehicles still being owned by manufacturers, those manufacturers will increasingly self-insure – at best taking some reinsurance cover from the industry for catastrophic software failures.

All of the above won’t happened overnight – but the trends are already there. See also: 7 Steps for Inventing the Future   Part 2 will focus on underwriting and pricing. 

For me, one of the great moments in innovation history came in the mid-1990s as General Motors was considering rolling out OnStar across its product line. The CEO, Rick Wagoner, was understandly nervous about installing the electronics for the novel communications system in the factory. As an after-market choice for customers at far-higher cost, OnStar would have little chance of achieving critical mass, but Wagoner dreaded the thought of increasing the base price of vehicles, even for those who wouldn't want OnStar. He asked his senior VP of strategy, Vince Barabba, what sort of return to expect from OnStar subscriptions and related services. Barabba replied, "I could give you a model, but we both know I'd be making up the numbers, right?"

How perfect. 

Of course, he'd be making up the numbers. You can't quantify with any precision something as novel as OnStar was. Yet companies routinely insist on such models and pretend they mean something. As a result, companies kill innovations whose mythical numbers don't clear a hurdle (one that is often set by traditional parts of a business, which are threatened by the innovators). 

To Wagoner's credit, he merely grumbled about the lack of specificity and asked how quickly Barabba and his colleague Nick Pudar could tell him whether OnStar was badly off-track. Told that he could know within months, Wagoner authorized the $100 million bet on OnStar (which Barabba had artfully pitched to him as about the cost of changing a fender on a line of cars). OnStar soon became a major success. Six years ago, with the S&P 500 about half of what it is now, Fortune estimated that OnStar would command at least a $7 billion valuation if spun off as a standalone business.

The OnStar story springs to mind because Barabba, who has been a friend and colleague for going on 20 years, just published a book called "Wise Decision Making" that explores the many valuable lessons about innovation that he earned in a long and distinguished career. Those lessons run the gamut from OnStar's multibillion-dollar success to an iconic failure: Kodak.

Barabba was the director of market research there when the topic of digital photography first surfaced, in the early 1980s. He did a study that said Kodak was safe for a time but that warned about milestones that digital photography would reach (cost, resolution, printability, etc.) and that would usher it into the mainstream. The study was remarkably accurate, but Barabba could only watch as Kodak's top executives heard the "safe" part of his message and buried the rest in a file drawer.

Along the way, Barabba was twice director of the U.S. Census Bureau, where he was the defendant in a landmark case (Seymour vs. Barabba) that reached the Supreme Court in 1977 and settled a key issue about the role of the bureau. Barabba argued that the Census Bureau should just count; anyone who wanted to try to extrapolate to find missing people or otherwise adjust the count could do so on their own. Barabba won.

It's hard to summarize "Wise Decision Making," but here are two lessons that strike me as important now that innovation is finally coming to insurance and risk management:

• Don't try to model everything. You're just making up numbers. Instead, think about buying an option on an innovation. Make an investment, as GM did with OnStar, that is as small as possible but that gives you a real option on a big payday. Then decide as quickly as possible whether to exercise that option or to let it lapse.

• Keep "decision records." These lay out all the assumptions that go into a major decision—about competitors, technology, the economy, etc. If you track the assumptions, you will be able to learn your fate far sooner than if you wait to see the effects on revenue and profits. Kodak would have saved itself years of misspending to support its traditional business if it had noticed that its assumptions on digital photography's limitations were being rapidly invalidated. GM benefited from decision records because it saw the original assumption about OnStar go away—that GM would have to install cell towers across the entire country. Once OnStar could use existing satellites, the initial "no" became a "yes."  

There is much more, but I should leave that to the book. I hope you'll pick up a copy and will get as much out of it as I have from sitting at Vince's elbow for many years now.

Cheers,

Paul Carroll,
Editor-in-Chief

“I think the guiding principle for government should be to protect and enable/retrain the worker, not protect the job. Policy makers and educators should focus on making sure that workers are as equipped as possible to transition to new opportunities…” —Peter Robinson

A recent OECD report finds that low- and middle-income earners have seen their wages stagnate and that the income share of middle-skilled jobs has fallen. Rising inequality has led to concerns that top earners are getting a disproportionate share of the gains from global “openness and interconnection.” This summer, the OECD Employment Outlook 2017 revealed that job polarization has been “driven by pervasive and skill-biased technological changes.” Founded in 1945, the U.S. Council for International Business (USCIB) builds awareness among business executives, educators and policy makers around issues related to employment, workforce training and skills enhancement. CMRubinWorld spoke with USCIB president and CEO Peter M. Robinson, who serves as a co-chair of the B20 Employment and Education Task Force, through which he helped develop recommendations to the G20 leaders on training for the jobs of the future. Robinson also serves on the board of the International Organization of Employers, which represents the views of the business community in the International Labor Organization. Peter, welcome. How severe do you believe jobsolescence will be over the next 20 years? How big will the challenge be to offset it and maintain a growing workforce? I really don’t think the overall effect will be as dramatic as some people fear — at least for the medium term, as far as we can tell. There is an over-hype factor at play, but the consequences still deserve serious attention. For one thing, so many of the jobs in the U.S. and other advanced economies are in the service sector and involve interacting with other people. Despite all the advances in AI, we are still a long way off from robotic nurses or home health aides. Overall, history tells us that at least as many new jobs are created as are displaced by technological innovation, even though transitions can be difficult in some sectors and localities, and as long as upskilling takes place.

“The biggest threat is that our educational institutions won’t be able to keep pace with new skills demands.” —Peter Robinson

What do you think are the biggest obstacles facing college grads today trying to enter the workforce? I actually think the greatest obstacles are faced by those who don’t make it to college or some form of higher education beyond high school (a four-year degree is not the right path for everyone). A 2014 Pew survey found that among workers age 25 to 32, median annual earnings of those with a college degree were $17,500 greater than for those with high school diplomas only. Obviously, everyone at whatever educational level needs to keep their skills sharp, and governments should join with employers and educators to instill better life-long learning. But there are far fewer established paths toward long-term employment at a middle-class level of income for those who don’t graduate from college. A greater emphasis on vocational education and apprenticeships would help. We strongly support the work being done by Secretary of Labor Acosta to promote apprenticeships. See also: The Sad State of Continuing Education   Given that machines are in the process of stripping white collar workers from their jobs, what kind of skills are key manufacturing and service industries going to need from new employees? I think the premise of your question is overstated. We’re all being told that our jobs are doomed by robots and automation. But the OECD estimates that only 9% of jobs across the 35 OECD nations are at high risk of being automated — although, of course, even 9% can be generative of social difficulties. But there is an established track record across history of new technologies creating at least as many new jobs as they displace. Usually these new jobs demand higher skills and provide higher pay. The biggest threat is that our educational institutions won’t be able to keep pace with new skills demands.

“It is becoming clear that versatility matters in a constantly changing world, so Jim Spohrer’s IBM model of a “T-shaped” person holds true: broad and deep individuals capable of adapting and going where the demand lies.” —Peter Robinson

In an economy with a significant on-demand labor force, what competencies will these workers need to compete? There are two types of competencies that will be needed: “technical” — or, in other words, related to deep knowledge of a specific domain, whether welding or optogenetics; and “transversal,” which applies to all occupations. Those are described by the Center for Curriculum Redesign as skills (creativity, critical thinking, communication, collaboration), character (mindfulness, curiosity, courage, resilience, ethics, leadership) and meta-learning (growth mindset, metacognition). How will managerial skill requirements change as a result of major structural changes that are likely, including human replacement by machines and growth of the on-demand economy? OECD’s BIAC surveys of 50 employer organizations worldwide has shown that employers value not just skills as described above but also character qualities, as well. Further, it is becoming clear that versatility matters in a constantly changing world, so Jim Spohrer’s IBM model of a “T-shaped” person holds true: broad and deep individuals capable of adapting and going where the demand lies.

“We often hear about the need for more STEM education. But I think there is an equal need for a greater emphasis on the humanities and the arts, for their intrinsic value, as well as for developing skills and character qualities.” —Peter Robinson

What central changes in school curricula do you envision, both at the secondary school and college levels? We often hear about the need for more STEM education. But I think there is an equal need for a greater emphasis on the humanities and the arts for their intrinsic value, as well as for developing skills and character qualities as described above. As David Barnes of IBM wrote recently, these skills are more durable and are also a very good indicator of long-term success in employment. See also: Innovation Maturing Into Major Impacts   How can the evolving changes in competencies required for employment be effectively translated into school curricula? Where are the main opportunities to enable this? Assessment systems? Business/education collaboration? Curriculum change? I’d go back to something else David Barnes said: We need much stronger connections between education and the job market, in the form of more partnerships among employers, governments and education institutions. Everyone needs to step up and create true partnerships. No one sector of society can address this alone. OECD’s BIAC has also documented employers’ wishes for deep curricular reforms to modernize content and embed competencies to meet today’s market needs. What role should government play in ensuring citizens receive a quality and relevant education given the challenges that lie ahead? I think the guiding principle for government should be to protect and enable/retrain the worker, not protect the job. Policy makers and educators should focus on making sure that workers are as equipped as possible to transition to new opportunities as these develop, and on ensuring that businesses have the freedom to pivot and adopt new technologies and business processes. The article was originally published on CMRubinWorld under the headline, "The Global Search for Education: Jobsolescence – A Conversation with USCIB President and CEO Peter Robinson." 

Insurtech is one of the hottest topics of conversation in the insurance industry with executives and professionals of all types joining in. The insurtech startup movement began in earnest about three years ago and is still trending up in terms of startups, funding and activity. Early insurer participants were primarily the large Tier 1 insurers, but a new wave of activity is reaching companies in the middle and smaller tiers. SMA tracks insurtechs globally (almost 1,200 now); mentors and advises insurtech firms; and assists insurers with insurtech strategies. Our research and analyses include assessments by line of business and business area.

SMA’s recently released research report, "Insurtech and Personal Lines: Examples, Use Cases, and Implications,"analyzes the current state of the insurtech world for P&C personal lines insurers. There are over 600 startups that SMA has identified as relevant for this industry sector. Despite all the activity and investment in insurtech, the debate continues about its implications. Should insurers view insurtech as a threat or as an opportunity? Will insurtech disrupt the industry, or will the movement fizzle out?

See also: 3 Forces Disrupting Personal Lines  

SMA’s opinion is this: Insurtech is important. It is not going away. It will play a major role in industry transformation, and insurers of every size must have an active strategy (even if it is just a defensive one). Distribution is a hot area for insurtechs in personal lines and is already having an important impact. New capabilities for underwriting, claims and other areas of the business are widespread and have great potential to improve operations, the customer experience, products and the management of risks. It is true that many partnerships and activities are in the early stages, and the impact on business results is minimal in the context of the huge insurance industry. But insurtech has been a major trigger for new insurer strategies and will be an important part of the transformation of insurance over the next five to 10 years.

Regarding demographics, about 65% of the startups are tech companies with solutions for insurers or agents/brokers. The remaining 35% are organized as insurance entities: either insurers, agents/brokers or MGAs. About one in five are focused on distribution, either providing new tech-based capabilities for agents/brokers or as digital agents. The MGA model is increasingly popular among this crowd. Many more insurtechs are built around data, especially the real-time data being generated by connected things.

Perhaps more important than the demographics are the partnerships, investments and projects that are underway. Insurer-insurtech partnerships now number in the hundreds, and the direct investment by insurers is in the billions. The positive business results from projects are encouraging, but the full impact will come in increasing measure over the next few years. Ultimately, we expect the personal lines insurance industry to look quite different in 10 years than they do today, and insurtech will be one of the change agents. From an insurer perspective, insurtech partnerships represent a great opportunity to be leaders in the new era of insurance.

See also: Insurtech Takes Aim at Personal Lines  

Note: This personal lines research report is a companion to a recently released report, Insurtech and Commercial Lines: A Surge of New Activity.

The EU General Data Protection Regulation is set to bring far-reaching changes to Europe’s data protection and privacy rules. The GDPR, which will take effect in May 2018, establishes requirements governing how organizations around the world manage and protect personal data while doing business in the EU. The regulations are strict, and the potential penalties are high — fines up to 20 million euros ($23.5 million) or 4% of global turnover, whichever is greater. But new rules can also inspire positive change. Such is the case with the GDPR, which has prompted many companies to evaluate and improve on how they manage their overall cyber risk. With the GDPR deadline fast-approaching, some companies appear to be further ahead than others in compliance planning, according to a global survey regarding corporate cyber-risk perception conducted by Marsh. Marsh’s independent analysis of the survey’s findings highlight three key points: 1. Cyber risk is a top priority at organizations that report they are also preparing for GDPR. The regulation comes at a time when cyber risk is — or should be — on every company’s radar, a fact underscored by survey respondents. In an age of technology-driven disruption, the threat of evolving cyber risks is real. The WannaCry and Petya ransomware attacks in 2017 had an impact on the share prices of several global companies and did significant damage to a number of smaller firms. They served as one in a string of reminders that any company that is connected to the internet, that uses technology or that stores customer or employee data is at risk — a list that excludes almost no one. 2. GDPR compliance efforts are encouraging broader cyber-risk management practices. Organizations preparing for the GDPR are doing more to address cyber risk overall than those that have yet to start planning, according to survey respondents. And this is happening despite the fact that the GDPR does not showcase a “prescriptive” set of regulations with a defined checklist of compliance activities. Instead, GDPR preparedness appears to be both a cause and consequence of overall cyber-risk management. See also: Cyber Crimes Outpace Innovation   Survey respondents who said their organizations were actively working toward GDPR compliance — or felt that they were already compliant — were three times more likely to adopt overall cybersecurity measures and four times more likely to adopt cyber resiliency measures than those who had not started planning for GDPR. [caption id="attachment_28248" align="alignnone" width="570"] Source: 2017 Marsh Global Cyber Risk Perception Survey[/caption] Practices such as cyber-incident planning and cyber insurance are not explicitly required by the GDPR, but those respondents who said their organizations had high levels of GDPR readiness had also adopted these measures. This works both ways — organizations that have adopted a cybersecurity measure such as encryption also have a jumpstart on GDPR compliance because encryption is strongly encouraged. And, while cyber-incident planning and cyber insurance are not explicitly required, they still enable firms to quickly marshal the resources to meet the GDPR’s 72-hour data breach notification requirement. 3. Even organizations with a higher degree of GDPR readiness may not be fully prepared for a cyber incident. Consider third-party vulnerabilities. For years now we have known that weaknesses in suppliers, vendors and other third parties are prime entry points into a system for threat actors. The good news is that most organizations now realize this, as indicated by the 67% of respondents who said they assess the cyber risk of vendors and suppliers. However, digging into what such assessments entail shows a somewhat alarming lack of detail. For example, only 17% of respondents said they have assessed the financial strength of their suppliers/vendors, something that is at the heart of the ability to pay compensation in the event of a loss. With GDPR implementation just months away, among organizations subject to the GDPR, 8% said they were fully compliant, 57% were developing a compliance plan and 11% had yet to start. Given the effort needed to comply, this suggests many organizations will face challenges meeting all requirements by the time GDPR takes effect in May 2018. See also: 4 Steps to Achieving Cyber Resilience   Those who are ahead recognize the GDPR compliance process as a game-changing opportunity. Preparation has effectively focused executive attention on broader data protection and privacy issues, prompting related investments and commitment. In preparing for the new rules, organizations are strengthening their overall cyber-risk management posture and turning what is often viewed as a constraint into a competitive advantage.

Most observers would agree that the U.S. economy is largely composed of free market transactions. This generally means that prices for goods and services are determined by supply and demand with little interference from government forces. The U.S. is certainly not a pure free market or capitalist system, as various regulations at the state and federal levels influence the operation of various markets. The arena of healthcare presents some unique challenges for policymakers. Constructing and tailoring an economic system that reaps the rewards of free market systems (innovation, aligned incentives, continuous improvement) while recognizing the emotional and ethical nature of healthcare delivery requires striking a delicate balance. This challenge is aggravated by influential stakeholders who largely disagree on both desired priorities and the impact of various healthcare policies and who often have financial stakes or other biases shaping their views. Recently, the dialogue has become openly rancorous, with bold accusations implying nefarious motives of other stakeholders. The focus of this paper is to discuss the uniqueness of healthcare delivery in a free market environment, highlight various perspectives and provide some principles and insights regarding solutions to accumulated problems and current challenges. Healthcare in the marketplace: Different than other goods and services In a civil and empathetic society that values human life above all else, it is impossible to properly value a life-saving treatment. Ethical and financial considerations conflict when decisions are required to choose performance of heroic, untested and expensive procedures. In these scenarios, who should be granted decision-making authority? Who should be obligated to pay for these services? Should the payer determine which services should be performed? What role should the government play, if any? As this article is being written, a high-profile story of a dying British infant is circulating around the world and generating significant debate. His parents are advocating an experimental treatment in the U.S.; they have found a doctor willing to perform it, and have offered to pay for it themselves (partially through raised donations). It’s hard to argue, absent obvious cruelty, that parents do not have the best interests of their children in mind or that they should not have the freedom to purchase unconventional services and explore different healthcare solutions. Would anyone deny them the right to this experiment when there is no other life-saving alternative? Should the same choice then be made available for families that are not well-financed? If lines are not drawn, at some point we eventually run out of “other people’s money.” These ethical/financial dilemmas that exist today will become even more prominent in the U.S. as the population ages and new, expensive technologies rapidly increase our ability to prolong life. The ability of healthcare delivery to improve life and save lives in some circumstances places healthcare in a different category than other goods and services. There are constant reminders that healthcare is different and that it is perhaps inhumane to view healthcare through a market-oriented lens. At the same time, many of the advances in healthcare have spurred from free market innovation. This innovation has benefited the world — even economies without free markets. New cures and progress from experimental treatments are difficult to attain in government financed systems with strict protocols, prescribed procedures and limited budgets. See also: What Makes U.S. Healthcare Different?   The U.S. leads the world in medical and pharmaceutical breakthroughs, and Americans are the first to benefit from new treatments. Unfortunately, we also pay significantly higher prices. High prices are combined with overutilization of services because of improper incentives in the health system, resulting in the primary recognized and discussed problem of today: the high cost of health insurance. As most of the healthcare delivery in the U.S. is financed through various types of insurance mechanisms, the remainder of this article focuses on the free market challenges related to health insurance and the unintended consequences of insurance regulation. Health insurance overview: Different than other insurance products Insurance, in general, is a financial services product that allows individuals, groups of individuals or corporate entities to exchange some known amount of money (i.e., insurance premiums) for the guarantee of compensation for some future unknown loss (i.e., insurance claims). The specific dynamics of different types of insurance can vary greatly, however. For example, automobile insurance and health insurance share some of the same basic operating principles, but there are very important differences between the two that create unique challenges for each industry to be able to effectively regulate and price the products in a fair and equitable way. Automobile insurance products provide the insured with financial coverage in the case that their car is damaged in a collision or by some other means (i.e., collision coverage) or that their car causes harm to themselves, another person(s) or other property (i.e., liability coverage). Most states require automobile owners to purchase minimum levels of liability coverage (or prove that they are able to finance the risk themselves), but none require the purchase of collision coverage. There are many different levels of coverage and cost-sharing for the different types of automobile insurance products, which a car owner can then select based on their own financial situation and risk-averseness (i.e., no one plans to have a car accident, but some would rather pay a higher-known price upfront than risk a larger payment if an accident were to happen). These policies have clear maximum limits to what is covered in various situations. If a car accident occurs, the insurance company assesses the damage and identifies responsible parties. Then the insurance policy covering the responsible party will pay according to the limits and cost sharing the party purchased. If an uninsured car causes an accident, the owner of that car must pay for any repairs or liability out of their own pocket. Premiums for automobile insurance are, in simple terms, based on average expected costs over a population of people who have insurance. The frequency of car accidents has not changed significantly over time, nor has the cost of cars increased at significant rates, which has led to relatively stable average premium increases on car insurance over time. There is some differentiation in premiums based on age and other factors that have been correlated with higher frequency of accidents; ratable factors vary based on state regulation. Competitive pressures have led to a very competitive market in the automobile insurance industry. Health insurance is a slightly more complicated coverage with some important nuances. First of all, the individual who is covered under a health insurance policy is not always the one who selected or purchased that policy. In the U.S., many citizens get their insurance through their employer. The employer reviews various benefit options and insurance products and selects one on behalf of all of their employees. Insured employees are often not clear on the benefits they have or on what limits there are to their coverage. Even when an individual is the one selecting and purchasing benefits, the details of a health insurance policy are quite complex, and it is often unclear what is/isn’t covered for the many different types of medical services. Additionally, there is an element of known future costs in healthcare. Some of us know that we will incur costs in the future, whether because we take a medication regularly, have a chronic condition that requires regular care or are expecting a baby. Insurers do not have all of the information the insureds do as to known future claims — they must rely on looking at historical averages. Also, in health insurance there is no assessment of “fault” when it comes to treatment. In auto insurance, if an accident is not considered to be your fault, you typically do not have to pay (unless the at-fault party is uninsured). With healthcare, there is no assessment one way or the other as to why a condition came about, only that it needs to be treated and whether or not you have coverage for that treatment. Another important difference is the handling of the uninsured population. In automobile insurance, most states require a minimum amount of liability coverage, to make sure that if “un-ignorable” costs arise from an accident (for example, significant public property damage or personal injury), there is some coverage in place to pay for those costs. In health insurance, if someone without insurance coverage requires medical attention, they receive medical attention. If they cannot pay for their care, the costs fall to the system itself to absorb (which ends up being pushed back onto consumers as increased provider prices, which then result in higher premiums).

High costs create some questions around what should be covered under a health insurance policy and what should be left for a consumer to pay for themselves.

Finally, healthcare is very expensive, and many Americans would have difficulty paying for even moderate courses of treatment without insurance. These high costs create some questions around what should be covered under a health insurance policy and what should be left for a consumer to pay for themselves. Some argue that health insurance should be used for catastrophic coverage only, but often even basic services (such as having a baby) can be too costly for families to afford. On top of those concerns, some use of the healthcare system (e.g., diagnostic and preventive care) should be encouraged to potentially reduce the probability or cost of future health events. With catastrophic coverage only, many individuals would forgo the beneficial usage of the system. This high cost and broad coverage of healthcare directly necessitate high health insurance premiums. And because of the nature of health — that getting sick is often out of our control — there is a lot of sensitivity around what’s “fair” in terms of who pays what premium. Is it fair for healthy individuals to pay very low premiums and sick individuals to pay very high premiums? What if the sick individuals were born with expensive genetic conditions (i.e., are sick through no fault of their own)? What about the individual making poor lifestyle choices that result in higher-than-average healthcare costs? These questions are often the focal point of what healthcare legislation tries to influence. Impact of insurers on free market dynamics A downside of using insurance to fund virtually all medical costs (absent cost-sharing) is that it ultimately raises costs by insulating consumers from medicine’s real prices. Elisabeth Rosenthal, MD, editor-in-chief of Kaiser Health News cites “the very idea of health insurance” as being partially culpable for the high cost of healthcare, acting as a middleman that blinds the true healthcare consumer from the costs of the services they are consuming. Consumer insulation from prices creates more demand for healthcare services (because they feel cheap to the patient), at times wastefully, which leads to price increases. Rosenthal also argues that regulation of insurer profits can actually produce the opposite of the intended effect. Minimum Loss Ratio rules, which essentially limit the amount of profit and non-claim expenses an insurer can have relative to the premiums they charge, were enacted with the idea that reducing profit percentages would then reduce insurance premiums. Instead, the regulation created an incentive for insurers to “increase the size of the pie.” In other words, if an insurer was previously able to make 10% on a $100 premium ($10), after regulation limited their profits to 5%, they could make up the difference by charging a $200 premium instead (numbers are hypothetical for illustration only). And while insurers cannot easily double their prices, they are a critical party in negotiating prices with hospitals and physician offices. This incentive to increase premiums potentially conflicts, then, with the desire to negotiate lower prices (and, thus, lower cost). This view is not widely held in the insurance industry, but it does highlight potential unintended consequences of insurance market regulation. Additionally, it is interesting to note the price changes over time of medical services that are not generally covered by insurance (i.e., services that do not have price insulation). Consumers have much more “skin in the game” and shop wisely for services such as Lasik eye surgery and cosmetic medicine. Not only have prices dropped for these services over the past 10-15 years, but customer service generally receives higher marks as providers are focused on demonstrating value for the purchased services. Although Lasik eye surgery might not be considered an “essential” health service to the average individual, this example shows that increased price consciousness might create a similar outcome for other services. Not all health services will benefit from this transparency (emergency services where there is no time to shop around, or some of the more “invaluable” services such as cancer treatment), but price insulation absolutely dilutes cost as a consideration for patients/consumers in choosing their care. Federal health insurance regulation: A look back The challenge of effectively addressing the high cost of healthcare has been highlighted by the federal legislative responses over the past decade. The originally enacted federal solution, the Patient Protection and Affordable Care Act (ACA) reflects the first significant federal attempt to regulate the commercial market. While the legislation was comprehensive and had an impact on all markets, it primarily attempted to reduce the number of uninsured individuals by offering new and expanded federal funding to the individual and Medicaid markets. Essentially, the ACA provided various levels of financial support depending on age, income and geographic-specific premium levels for individuals to purchase their own insurance policies. At the same time, the ACA removed or altered some of the rating variables in the insurance system. Under ACA, insurance companies could no longer:

• Charge gender-specific premiums (based on cost curves, women were historically charged more than men at younger ages and less than men at older ages);
• Charge as much as was needed to be profitable for older members (highest vs. lowest age adjustment could only vary by a factor of three, whereas costs are typically five to seven times different);
• Adjust premiums based on health status (there are extreme differences in costs for healthy individuals vs. those with chronic conditions); and
• Deny coverage because of pre-existing conditions.

From an insurance company’s perspective, these regulations limited its ability to appropriately match up revenue to costs for its insured population, creating new challenges in the marketplace. These newly mismatched insurance prices disrupted normal market forces around the purchase of insurance. Young and healthy individuals were now being charged prices much higher than they felt they should be, based upon their personal use of the system — the insurance product then became one of low value for them. Alternatively, older and/or sicker individuals were paying much less than they were costing — the insurance product was of extreme value to them.

One of the key assumptions the ACA legislation made to operate successfully was that everyone must be insured.

The moral and political appropriateness of insurance premium subsidization can be debated, but it is difficult to disagree that the result of this regulation created a dynamic where lower-cost individuals saw less value in the insurance product than they did before, causing many of them opt out of purchasing it altogether, largely independent of their income. One of the key assumptions the ACA legislation made to operate successfully was that enrollment would reflect a reasonable demographic balance. Specifically, the architects of the ACA legislation projected that the age 18-34 population would need to represent 40% of the market for the market to function effectively. However, because of the loss of value described above and a too-weak mandate for coverage, the 18-34 proportion has hovered around 26-28%. See also: How to Move Into the On-Demand Economy   Federal health insurance regulation: A look forward The results of the 2016 elections put Republicans in full control of the White House and both houses of Congress, albeit without a filibuster proof majority in the Senate. This change allowed for a serious but measured response to repeal the ACA and replace it with a more flexible, market-oriented alternative. Several pre-election proposals have been compared to the ACA, focused on the impacts on rate changes by age and income levels. One of these proposals, authored by former representative Tom Price, now the Secretary of Health and Human Services, was closely modeled on the American Healthcare Act (AHCA) passed by the House of Representatives on May 4, 2017. The legislation provided age-based tax credits to most enrollees in the individual market as opposed to the ACA’s income-based credits, meaning that the financial assistance individuals receive in purchasing health insurance is fixed based on their age (which is correlated to their cost) and not scaled based on income or geographic premium levels. Interestingly and surprisingly, the early versions of the Better Care Reconciliation Act (BCRA) in the Senate did not follow the AHCA direction and largely maintained the ACA framework and its income-based subsidies. Notwithstanding the larger changes in the structure and amounts of Medicaid federal funding, the primary BCRA reforms to the ACA are in the form of:

• Rating age bands more aligned with actual costs (i.e., giving insurers back the ability to charge premiums by age that more appropriately match to average costs); and
• State waiver flexibility expanding the bounds of Section 1332 (essentially giving states the ability to waive some of the rules imposed by the ACA under certain conditions and develop their own more state-specific healthcare solutions).

In effect, many of the challenges in ACA markets would remain if the BCRA is passed in its current form. The Republicans in the House and the Senate have been criticized for not having a solution ready while seemingly having years to prepare for this opportunity. The nature of the legislation suggests that the technical characteristics of individual market behavior is challenging to grasp. The complications suggest the need for expert review of how regulatory changes to health insurance markets elicit free market responses. Conclusion Healthcare delivery and the associated financing is complex, involving human well-being and, potentially, human life. It simply cannot be viewed through a purely free-market lens. The role of the insurer as a middleman between the consumer and the provider of healthcare services stifles some of the free market impacts, both because consumers are often unaware of (and thus unmotivated by) the actual price of care and because insurance companies are profit-driven corporations that will find ways to maximize their revenue in any regulatory environment. Legislation crafted with a blindness of free market principles and the role of the insurer often will generate results that were not in line with the initial intent — for example, Minimum Loss Ratio laws. At a minimum, policymakers should consult with unbiased market experts to understand the implications of their various proposals. Will they truly accomplish what they are intended to accomplish? Unbiased reviews of this type would be valuable for all healthcare stakeholders to understand — without this expert assessment, the complexity of the healthcare system lends itself to a potential situation where we move forward with broad-reaching popular provisions without a solid understanding of what the aftermath would be for our health insurance system and our country.

The first step to managing risk is understanding it. That simple sentence gets to the heart of the opportunities and challenges of risk management. The concept of risk is pretty simple. The ISO 31000 definition of risk couldn't be much more straightforward: "the effect of uncertainty on objectives." But anyone who's been tasked with managing an organization's risk knows that identifying and managing business risks is complex. How organizations tackle risk varies from company to company based on their particular risk appetite. One business may be ready to push the envelope and look for competitive advantages through bigger gambles, while a more conservative firm may rely on established trends and avoid risk to the extent possible. For risk managers tasked with interpreting an organization's risk appetite and recommending a course of action, risk is something of a moving target. The risks themselves are constantly changing, and even within a single organization, the approach to risk may vary by department or individual. See also: Easier Approach to Risk Profiling   And risk managers' jobs are only getting more difficult. In fact, more than 70 percent of executives say that risks have gotten more numerous and more complex over the last five years, according to a recent report from the Enterprise Risk Management (ERM) Initiative at North Carolina State University and the American Institute of Certified Public Accountants. The report, "The State of Risk Oversight: An Overview of Enterprise Risk Management Practices," surveyed CFOs and other executives at organizations of varying sizes across a broad range of industries. While these executives said that risks were getting more complicated, only a quarter said that they have a "mature" or "robust" risk management process to address these escalating risks. Understanding risk at the enterprise level Those organizations that lack effective risk management processes have limited ability to assess emerging strategic, financial or operational risks and opportunities. Only a quarter of those surveyed considered their organization's risk management process to be an important strategic tool. The holistic approach of ERM, which seeks to actively manage all of an organization's risks instead of taking the traditional silo approach, has several benefits. It helps leaders establish an enterprise-wide appetite for risk and prioritize individual risks based on what's likely to have the most significant impact on the organization. Perhaps most importantly, it identifies the interplay of specific risks--circumstances that could originate in one area but have major implications for another. If flooding is likely to delay a delivery to a manufacturer, a robust ERM program would analyze that risk's effect on not just shipping and receiving but also sales, facilities, customer service and any other area that could be affected. As organizations take an enterprise-wide view of their risks, the skills risk managers need to be successful will shift as well. In one 2017 PwC survey, 63 percent of corporate officers said that giving frontline employees more risk management responsibilities enables their companies to better foresee and respond to risk, and about half will further this shift in the next three years. It's clear that organizations are increasingly relying on risk managers who can effectively communicate risk elements and strategy to both executives and employees. Understanding emerging risks Understanding your organization's risk appetite and addressing current risks is only part of risk management. New risks crop up all the time, and risk managers need to stay vigilant. Cyber risk, with its ever-increasing sources and severity, gets a lot of media coverage and is a top priority for most organizations, but even traditional types of risk are constantly shifting and evolving. Risks stemming from government action and regulations have been particularly difficult to predict of late, and organization-specific issues like employee malfeasance, reputational harm and operational risks continue to pose serious threats. More and more risk managers are turning to data analytics to quantify these risks, but many organizations still struggle to effectively use the data at their disposal. In fact, another PwC survey asked U.S. executives, "Which areas of risk represent the largest capability gaps for your company today?" The leading response: fragmented risk data and analysis. Risk managers have so much data at their fingertips, much of it unstructured, that they can't effectively use it to make risk-based decisions. Complexity scientist Francesco Corea points out that more information should lead to more accurate results, but it can also make things more complicated. See also: New Approach to Risk and Infrastructure?   Understanding what your risk managers need As organizations work to establish an ERM program and grapple with overwhelming amounts of data, let's take a closer look at three factors that will make risk managers and their departments more effective.

• Risk managers need education. A solid foundation in risk management principles and practices, as well as an understanding of the methods used to deploy ERM across an organization, is essential. The Institutes' Associate in Risk Management (ARM™) program provides that comprehensive overview, but ongoing education to keep up with evolving risks is just as important.
• Risk managers need access. Risk managers need to be able to secure buy-in from many individuals: executive decision makers, data scientists, frontline employees and more. Risk managers therefore need access to these collaborators, as well as training on the soft skills needed to be effective in their role.
• Risk managers need allies. An organization shouldn't rely on just one or two risk experts to deal with risk. If risk is to truly become a key strategic tool, individuals at every level of the company need to develop basic risk knowledge and a risk mindset.

This piece is based on one of several Institutisms, mottos to inspire risk management and insurance professionals to success through lifelong learning and continuous education. Knowledge is the path to managing your clients' risks. And in the world of risk management and insurance, The Institutes are the ultimate knowledge resource for professionals--at every level and in any discipline. From designations and continuing education to networking and research that informs public policy, our name is all you need to know. Learn more about the ARM designation.