Disruptive innovation is not about technology Systems that are innovative at one time can become the “good enough” systems we need to overcome as they age and calcify. While it's inspiring to see new systems render old ones obsolete, this prescription of change creates a future where decisions about our collective future will be commercial engineering decisions and not social ones. Disruptive innovation comes at you fast. It is not about creating the best products and protecting profits. For example, with the launch of ApplePay, the whole world can do something Kenyans have done every day for more than 10 years. M-PESA, the mobile payment system offered by Safaricom, has been used by most adult Kenyans and is the model for hundreds of digital payment startups around the world today. See also: What Is the Right Innovation Process?   Kenyans don’t have bank accounts, making paper checks useless for all but the largest transactions. M-PESA was an appealing alternative to the status quo for transferring money from one city to another. Before you could transfer money through an SMS, it was common to give money to a taxi driver heading in that direction and ask him to deliver your payment for you. Safaricom, a leading mobile network provider in Kenya, captured consumers out of mainstream banking institutions and built customers — not the best technology. Disruptive innovation refers to the strategy that employs technology; the technology itself isn't disruptive, but rather the application of the technology can be disruptive or not. This depends on whether the technology is positioned with a disruptive strategy.

Big data has the opportunity to end discrimination. Everyone creates data. Whether it is your bank account information, credit card transactions or cell phone usage, data exists about anyone who is participating in society and the economy. At Root, we use data for car insurance, an industry where rating variables such as education level or occupation are used directly to price the product. For a product that is legally mandated in 50 states, the consumer’s options are limited: give up driving and likely your ability to earn a living or pay a price based on factors out of your control. Removing unfair factors such as education and occupation from pricing leaves room for variables within an individual’s control — namely: driving habits. In this way, data can level the playing field for all consumers and provide an affordable option for good drivers whom other companies are painting with a broad brush. In the lon term, everyone wins as roads become safer and driving becomes prohibitively expensive for irresponsible drivers. This is just one example where understanding the consumer’s individual situation deeply allows for more precise — and more rational — decision making. But we know that the opportunity of big data goes beyond the individual. For example, the unfair practice of naively blanketing entire countries, religions or races unfairly as “dangerous” is a major topic in the news. What happens if you apply the lens of big data to this policy? See also: Industry’s Biggest Data Blind Spot Causal Paths vs. Assumption-Based Decisions With the increased availability of data, we are able to better understand the causal paths between data generation and an event. The more direct the causal path, the better predictions of future events (based on data) will perform. Imagine having something as trivial as GPS location data from a smartphone on a suspected terrorist. Variables such as having frequent cell phone conversations with known terrorists or being located within five miles of the last 10 known terrorist attacks will allow us to move away from crude, unjust and discriminatory practices and toward a more just and rational future. Ahmad Khan Rahami, who placed bombs in New York and New Jersey, was flagged in the FBI’s Guardian system two years earlier. The agency found there weren’t grounds to pursue an investigation — a failure that may have been averted if the FBI had better data capture and analysis capabilities. Rahami purchased bomb-making materials on eBay and had linked to terrorist-related videos online before his attempted attack. Dylann Roof’s activities showed similar patterns in the months leading up to his attack on the Emanuel AME Church in Charleston, SC. The causal path between a hate-crime or terrorist attack and the actions of Dylann Roof and Ahmad Khan Rahami is much more direct than factors such as religion, race or skin color. Yet we naturally gravitate toward making blanket assumptions, particularly if we don’t understand how data provides a better, more just approach. Today, this problem is more acute than ever. Discrimination is rampant — and the Trump administration's ban on travel is unacceptable and unnecessary in the era of big data. For those unmoved by the moral argument, you should also know policies like the ban are hopelessly outdated. If we don’t begin to use data to make informed, intelligent decisions, we will not only continue to see backlash from discriminatory policies, but our decision making will be systematically compromised. The Privacy Red Herring Of course, if data falls into the wrong hands, harm could be done. However, modern techniques for analyzing and protecting data mitigate most of this risk. In our terrorism example, there is no need for a human to ever view GPS data. Instead, this data is collected, passed to a database and assessed using a machine learning algorithm. The output of the algorithm would then direct an individual’s screening process, all without the interference of a human. In this manner, we remove biased decision making from the process and the need for a “spy” to review the data. See also: Why Data Analytics Are Like Interest   This definitely provides a challenge for the U.S. intelligence community, but it is an imperative one to meet. If used responsibly, analytics can provide insights based on controllable and causal variables. The privacy risk is no longer a valid excuse to delay the implementation of technologies that can solve these problems in a manner that is consistent with our values. This world can be made a much better and safer place through data. And we don’t have to sacrifice our privacy; we can have a fair world, a safe world and a world that preserves individual liberties. Let’s not make the mistake of believing we are stuck with an outdated and unjust choice.

This week will be quick, because I'm at the AAIS Main Event in beautiful Amelia Island, FL (a rough job, but somebody has to do it), where I delivered a talk to the general session and held a breakout.

The best example I've seen of innovation thus far here came from Art Meadows, CEO of Panhandle Farmers Mutual Insurance, a little company that would hardly be expected to be on the cutting edge. Panhandle is based in Moundsville, WV, population 8,813. TripAdvisor's list of Things to Do in Moundsville puts at #1 the West Virginia Penitentiary, which closed in 1995. No. 3 is Archive of the Afterlife: The National Museum of the Paranormal. No. 8 is Foster Glass, which left town in 1986. Yet Meadows told the general session that he can now run his company entirely off his smartphone and that customers can interact with the company entirely via apps and chat, too. 

If the 60-something Meadows can be so advanced in rural West Virginia, can't the rest of us at least do somewhat better?

Two articles to call to your attention:

"An Insurtech Greenhouse: Future US-UK Regulatory and Fintech Collaboration," by our friend Paul Thanos, director of the office of finance and insurance industries at the Department of Commerce and a fellow at the Woodrow Wilson International Center for Scholars. It's a very smart piece laying the groundwork for U.S. companies beyond our shores. You'll recognize the name of the guy quoted at the top of the piece.

"Teaching Watson the Urban Dictionary Turned Out to Be a Huge Mistake." This one offers a bit of comic relief but also a lesson. The comic relief: Once Watson absorbed the dictionary, it sometimes responded to queries with an answer like "bull****." The lesson: Every innovation has unintended and unforeseen consequences.  

Cheers,

Paul Carroll,
Editor-in-Chief 

Venture capital funding in cybersecurity is cooling. And it’s show-me time for startups battling for the dwindling pool of funds. While the cybersecurity market is maturing, startups are still innovation drivers and venture capitalists are keen on finding the next big unicorns. Large enterprises’ tendency to juggle products from multiple vendors—despite their wishes for seamless, one-vendor-only solutions—leave the market perpetually fragmented. And the fact that cybersecurity threats are evergreen enables venture capitalists who specialize in the sector to operate with little regard for broader macroeconomic conditions. Still, the ample opportunities afforded by the fragmented, constantly shifting market have bred too many me-too companies and fast followers, driving some venture capitalists to pause and reflect on the next phase. “It’s definitely overfunded, massively so,” Ravi Viswanathan of New Enterprise Associates told a panel at CB Insights’ Future of Fintech Conference last year. After growing steadily since 2012, venture capital funding in cybersecurity dipped in 2016, alarming entrepreneurs. The cybersecurity market captured roughly $3.1 billion of venture funding in 2016, down from $3.8 billion a year earlier, according to research firm CB Insights.“You saw a material pause in the fourth quarter,” says Bob Ackerman, founder and managing director of Allegis Capital, which specializes in the sector. “You have too many undifferentiated companies. There’s a level of noise that develops as a result of that. … Cybersecurity is one of those areas where experience and domain knowledge matter a great deal.” See also: Quest for Reliable Cyber Security   The cybersecurity market will undergo a few years of retrenchment with a host of companies shutting down, VCs say. More judicious spending But the market is hardly mature. Money will still be spent, just more selectively. At this phase, fewer deals will be struck. But those deals will be reserved for larger companies, with proven products further along in development. “The deal size and valuation is coming down a bit,” says Sean Cunningham, managing director of Trident Capital Cybersecurity, which raised $300 million this month for a fund to invest in cybersecurity startups. “I don’t think there’s any shortage of capital for the right type of companies. But the dollars being invested are smaller.” Appthority is one of the companies that made Trident’s cut. Appthority, which develops mobile threat protection software for corporations, didn’t land its first paying customer until more than a year after it was founded in 2011. Four years later, its customer renewal rate stands at 98 percent, with about 20 percent of its revenue coming from the government sector. Heartened by solid proof of growth, venture capitalists poured in another $7 million in Series B funding last July, led by Trident Capital Cybersecurity. “You’re going to see a lot of startups out there, and good ones will rise to the top,” Cunningham says. “There’s ample supply of capital to fund them. They can get traction.” Innovation niches As seen in the early days of the internet, the cybersecurity market is recalibrating for a second wave of innovative technology that’s more comprehensive and cohesive. And that means more seamless products for large clients who are eager to cut down on the number of vendors. “Companies that can stand on their own two feet, deliver value, and have deep knowledge will do fine,” Ackerman says, citing one of the companies he’s invested in, EnVeil, which uses “homomorphic encryption” to secure data in operation. As more companies employ automation and “big data” to enhance efficiency and find new markets, data encryption products will continue to be in heavy demand. The emergence of the industrial internet—the integration of complex machines to network sensors and software—also will breed startups eager to provide cybersecurity solutions to power and water grids, refineries and pipelines. In May, Trident helped raise $6.6 million in Series A funding for Bayshore Networks, which develops cloud-based software that offers “visibility” into operational technology infrastructure, networks, machines and workers. Meanwhile, the proliferation of enterprise mobile devices will continue to see vulnerabilities and pose a ripe market for startups like Appthority, Cunningham says. Early investors haven’t gone away That VC dollars are chasing more evolved companies doesn’t mean early-stage investing is passé, Ackerman says. “That’s where the new things get started.” But cybersecurity, unlike more consumer-oriented technology sectors, is a competitive and difficult market, rife with startups struggling to recruit and market products. See also: Paradigm Shift on Cyber Security   That’s partly why Allegis funded DataTribe, a startup studio based in Fulton, Maryland. It was designed to tap into the wealth of cybersecurity-savvy technologists in the region with experience or ties to the federal government and intelligence agencies. Ackerman also anticipates more mergers and acquisitions activity from large cybersecurity companies that may find it easier to acquire smaller niche players as they seek to add new product lines. As venture capitalists squeeze their wallets, startups lucky enough to land Series A funding also will have to justify more vigorously their pursuit of Series B funding, Cunningham says. “And unicorns are in trouble,” he says, referring to startups valued at over $1 billion. The Trump factor Meanwhile, venture capitalists are hopeful that the federal government, with President Trump at the helm and promising a rollback in regulations, will cut steps in federal procurement and stay engaged in securing networks. “We think the administration understands the value of national cybersecurity,” Cunningham says. “We’re not counting on incremental increases in spending. But we’re excited about the awareness level.” This post originally appeared on ThirdCertainty. It was written by Roger Yu.

Significant social, technological, economic, environmental and political forces are reshaping the needs and expectations of insurance buyers, as well as the business environment in which insurance providers operate. Even a partial list of these forces is daunting: aging populations in developed markets; different needs and purchasing behavior of younger buyers of insurance; self-driving vehicles; telematics; artificial intelligence; the internet of things; and persistent low interest rates. With so many forces in play, it’s difficult to determine the exact landscape of the new insurance world. But it’s not too early for insurers to prepare. Regardless of exactly how they plan to address a rapidly changing and more unstable world, one capability that will remain critical to all insurers’ success is enterprise risk management. We describe below three key developments that insurers should incorporate into their ERM evolution. Insurers’ business models are changing and ERM needs to keep pace. Stress testing will join economic capital as the main risk decision tool. VAR-based economic capital measures originated in banking and asset portfolio management more than 40 years ago. Over the last couple of decades, the insurance industry has widely adopted the concept. This is particularly true for insurers’ credit and market risk taking, areas where the VAR concept is endemic. For some aspects of insurance risk, like statistical variability around a stable mean, the concept also fits well. In an insurance world where credit, market and insurance are insurers’ main risks, economic capital is effective. But what if the world changes to one where other risks join these at center stage? Life insurance in a persistent low-interest-rate environment with rapidly evolving distribution models provides a clear example of recent change and its implications for ERM. The bulk of many life insurers’ liabilities and supporting assets are composed of permanent type products they wrote when asset returns were markedly higher. These higher returns supported the stable distribution model of a sales force based on up-front commissions. In turn, this fit the products' complex features that needed such a model to explain and sell them. Delivering on these guarantees necessitated focus on the credit and market risks they created. And VAR was developed to manage these risks. See also: Minding the Gap: Investment Risk Management in a Low-Yield Environment   However, now that asset returns are much lower, supporting this distribution model will be difficult. Fortunately, other less costly models are available and probably preferable to younger buyers of insurance. This demographic group has shown a preference for a more t-to-purpose protection model that is less permanent and less complex. As a result, credit and market risks cease to be ERM’s overwhelming focus. Instead, strategic and operational challenges created by transitioning to and maintaining the new business model take center stage, as do the risk tools that can address these challenges. Among these, stress testing figures most prominently. Trends in the property and casualty sector also point to a shift in risk focus and risk management tools. Impending and actual changes in the nature of driving and vehicle ownership will radically and permanently alter the auto insurance landscape. Developing an understanding of the implications of these changes and their risks to an insurance enterprise needs a tool like stress testing. Similarly, an increased emphasis on assisting customers with mitigating and managing their own risks, rather than just insuring them, moves more of an insurer’s risk profile out of the traditional risk-taker role and into a service provider model. VAR is a good risk tool for a risk taker, but stress testing is the tool best suited to the service provider model. Lastly, we note that rapidly emerging technologies, often cited for their role in shaping customer preferences, also shape insurers’ own capabilities. Insurers have begun to modernize their back offices, and computing power continues its exponential growth. Operational challenges and resource demands to implement new and improved risk tools, like stress testing, will diminish significantly. With benefits going up and costs going down, it seems clear that stress testing is on its way to a prominent ERM role. Customer analytics decision platforms will become the key focus of model risk management efforts Model risk management (MRM) is receiving extensive ERM focus at present. Much of the original impetus may have come from European companies seeking to validate their Solvency II internal models. In the U.S. and Canada, due in part to direct or indirect regulatory encouragement, the scope goes beyond economic capital and solvency models, and most insurers seek to apply their efforts to all models. The early priority for validation has skewed toward economic capital and complex liability valuation models. Insurers with advanced MRM capabilities have begun to focus more attention outside of risk and financial reporting models. This is to be expected to some degree, as insurers model validation activities work their way through their inventory of models. In addition, as they develop a working experience of risk rating their models, many are reconsidering the irrecoverable nature of product pricing decisions and the importance of getting those models right. In other words, while small errors in financial and risk reporting models can be rectified once errors are uncovered, losses from inadequate premium charges are permanent. The impetus for higher attention to pricing and risk selection models is further amplified when insurers implement newer, non-traditional approaches. Without a long history of successful use, newer customer analytic models put a higher priority on their timely and thorough validation. Additionally, we have observed insurers further enhancing their level of attention when these models move to autonomous execution mode. In this mode, the model makes decisions in an automated fashion without manual intervention or deliberation. Deploying more models of this sort is a common feature of most visions of the near-term future of insurance. As their use expands, so too should ERM’s focus on effective risk management of these models. In an environment in which these types of customer analytics decision platforms become an insurer’s key business engine they also will need to become the key focus of MRM efforts. Small errors in financial and risk reporting models can be remedied; however, losses from inadequate premium charges are permanent. Risk diversification measurement will become the single most important element in economic capital calculations There is a continuing focus on the effectiveness of economic capital modeling, especially in connection with IAIS and regulatory efforts outside of the U.S. In the U.S. as well, insurers continue to look at how they can improve their calculations. However, one area we believe attracts insufficient attention is diversification. Not only is an effective understanding and quantification of diversification an important goal in the current insurance environment, it will likely become even more critical in the future. As the new risk profile moves away from a credit/market nexus to a more diverse insurance, business and strategic risk set, managing the interaction between and among them will be especially important. If customers move to a more holistic view of insurance and blur the distinctions between life, property and casualty and health, just quantifying the diversification across all insurance risks will be a key task on its own. See also: Developing A Safe Work Environment Through Safety Committees   Implications If they haven’t done so already, CROs should start to sketch out a few versions of what their company might look like in the future and consider what might be required of their ERM capabilities. They can adjust and clarify this high-level road map as the future becomes clearer. Considerations CROs should keep in mind while creating this roadmap include:

• On the life side in particular, credit and market risks will cease to be ERM’s overwhelming focus, but stress testing will figure more prominently in new business models.
• Assisting customers with mitigating and managing their risks instead of just insuring them will move more of an insurer’s risk profile out of the traditional risk-taker role and into a service provider model. VAR is a good risk tool for a risk taker, but stress testing — which is becoming cheaper and easier to do — is better suited to the service provider model.
• As advanced customer analytics decision platforms become an insurer’s key business engine, they will need to become the key focus of model risk management efforts.
• As insurance becomes more holistic for customers, quantifying diversification across all insurance risks will be a key task for insurers.

Though cable TV has technically been in use since 1948, broadcast television was the staple of home entertainment for decades. It offered a handful of channels, but most viewing was done on ABC, CBS, NBC and PBS — the big four. As the number of satellites grew and the number of cable providers proliferated, so did channel options. According to Nielsen, today’s average home receives 189 channels of cable programming. This has obviously detracted from the viewership of the big four. To counter, the networks and early cable channels simply added new, sometimes niche channels to their network ecosystem to reach new market segments.  NBC, now owned by Comcast, operates dozens of channels, such as CNBC, MSNBC, Syfy, USA Network, Bravo and the Weather Channel.  And now cable providers, along with the big four, are being challenged by streaming TV via Netflix, Hulu, Amazon and others, which are popular with younger generations. Is this analogous to what is happening in insurance? It could be, especially if we back up to consider how insurance is changing at its core because of a reduction in “viewership” and the changing demographics of younger generations. The term "channels" seems to be appropriate, because insurance is undergoing its own channel proliferation and change. To look at channel development more closely, I’ve drawn on many of the insights found in our Future Trends 2017 report. Complexity and relevance Insurance is often a complex product that is hard to research, buy and use, requiring a great deal of thought by customers. The problem is enormous for the insurance industry because every gap and point of complexity looks like a giant bull’s-eye for potential startup solutions. Those who can develop simplified products and make insurance easier for customers to understand and buy stand a good chance of capturing business from companies whose products and processes remain complex. See also: New Channels, New Data for Innovation   Innovators started attacking this opportunity years ago, led by online insurers like Progressive, Geico, USAA and Esurance, and aggregator and comparison sites like Compare.com. In the insurtech world, we see companies like Lemonade, Slice, Haven Life and Quilt challenging these pioneers. They recognized the tremendous opportunity offered by making the process of researching and buying auto, property or life insurance easier. They also made the product meet expectations of a new demographic. But it isn’t just complexity that can drive insureds toward new products — in many cases, it is convenience, relevance and placement. A recent example is the partnership between startup CarSaver and retail giant Walmart. In the pilot program, Walmart will put CarSaver kiosks in stores in Houston, Dallas, Phoenix and Oklahoma City that allow consumers to select a car, finance it and insure it. CarSaver lists nine well-known auto insurance brands on its website as participating companies. Insurtech startups have responded to demand by facilitating channel development. CB Insights reported that 18 of the top 20 deals in insurtech since 2015 were focused on P&C insurance distribution. These 20 deals accounted for about 82% of the $2.02 billion aggregate funding since the start of 2015. As of January 2017, Coverager listed 179 global companies classified as an “intermediary” that are an aggregator, provide online quotes, provide online purchasing or do any combination of the three. On-demand insurer Slice is currently one of the best examples of relevance meeting convenience in channel development. Slice uses homesharing sites, such as Airbnb and HomeAway to distribute temporary rental insurance. Allstate would be an example of a traditional insurer prepared to step into the same market space, now offering homesharing insurance in six states. Other innovative technology startups are occupying unique positions in the distribution space as enablers and connectors. Like selling pick axes to gold miners, their role is to simplify distribution processes for agents, brokers and carriers. AskKodiak, BoldPenguin, Indio and Insurr, for example, offer digital platforms to automate workflows and connect agents/brokers, carriers and risks in the commercial space. Others like Denim, MyNameFlow and InsuranceSocial.Media provide social and e-mail marketing platforms to insurance companies and agencies to link buyers with them. Consumer preparedness Despite all the activity in the front end of the value chain, most insurance is still ultimately sold through human interaction, either on the phone or face to face. Traditional insurers that are considering preparing their operations for additional channel use should move forward with more than just a hunch. Are consumers prepared mentally to jump insurers if presented with new channels?  Would new channels allow insurers to reach new market segments? Majesco’s consumer and SMB research showed that the answer is, “Yes.” There is significant interest in at least considering new, non-traditional ways of obtaining insurance in the next 3-5 years. Among most generations of consumers, nearly 40% indicate they would be likely to try several alternative insurance acquisition methods. As consumers gravitate beyond traditional options, they will explore and seek alternatives across a wide spectrum of choices, regardless of whether or not their insurer offers them. Insurers who remain committed to only the agent channel will likely lose out on new customers and potentially existing customers who will seek alternative channels, placing their relevance and growth strategies at risk. Stepping in With the customer in control, the need for an ecosystem of channels is established.  The remaining hurdle for some insurers is simply where to begin. Interestingly, many startup initiatives are organized as managing general agents (MGAs). The MGA structure is an ideal testing ground for new product innovations, programs and markets, because it allows the company to rely on its partners for capital, core systems and the carrying of risk while it focuses on assembling all of these components to meet the specific needs of unique markets and niches. Conning reported that the MGA market accounted for 14% of commercial lines business in 2015, and has been growing at a faster rate than the P&C market as a whole. But life focused MGAs from InsurTech are also emerging rapidly. See also: 10 Trends at Heart of Insurtech Revolution   Other insurers will find it simplest to create a value-added channel that ties in closely with niche markets they may already serve. Majesco executive, Bill Freitag, gives some great examples in his last blog, “It’s the Customer Experience, Stupid”. Some insurers will grow their channel development through M&A activity, acquiring InsurTech startups or those who already have a blueprint for new channels. Utilizing any of these approaches may work, but the foundation of all of them is the same. Innovative channel development begins by understanding insurance need, insurance use and customer experience enhancement. The best new channels will be those that exist at the point of need and fulfill the need without friction. To match those requirements, insurers must have created a flexible system for data acquisition, a scalable real-time solution for policy administration and lightweight approaches to testing and rollout. Cloud solutions and SaaS offerings are well-suited to these needs and can provide the flexibility needed for both new initiatives and low-cost testing methodologies. Collaborations and partnerships will be common in most cases of channel development. A SaaS solution provider such as Majesco can often act as the bridge between the innovative culture of the startup and the deep experience of the traditional insurer. They can also design a framework for adaptability that will accommodate new channels without compromising the capability for managing risk. Just like TV channels shifted, expanded and changed … so too should insurance channels.  If not, insurers risk relevance and growth, two critical factors for a fast paced changing marketplace.

Medical treatment guidelines can be a great benefit to any workers’ compensation system. They can prevent unnecessary medical procedures and the prescribing of potentially harmful medications. However, they are not all the same, nor are they without challenges. Understanding a jurisdiction’s strengths and shortcomings, taking a strategic approach to developing treatment guidelines and following some common-sense tips can lead to better outcomes for injured workers — and, ultimately, lower costs for payers. That’s the view of workers’ compensation experts who spoke during our Out Front Ideas webinar on the subject. The panel included representatives from the regulatory, medical, pharmacy benefit management and third-party administrator communities. They were:

• Amy Lee – special advisor, Texas Department of Insurance, Division of Workers Compensation
• Dr. Douglas Benner, MD – chief medical officer from EK Health and national medical director of Macy’s Inc, Claims Services
• Mark Pew – senior vice president, PRIUM
• Darrell Brown – executive vice president, chief claims officer – Sedgwick.

Dr. Benner brought a unique and important viewpoint to the panel. As a practicing physician for over 30 years, he has firsthand experience practicing medicine under guidelines. He has also been involved in the development of treatment guidelines for both the Official Disability Guidelines (ODG) and the American College of Occupational and Environmental Medicine (ACOEM). A majority of states now have some type of medical treatment or return-to-work guidelines in their workers’ compensation systems, and nearly half either have or are considering drug formularies. But there is some confusion about how they work within various jurisdictions and how effective they are. The speakers gave us great insights to better understand how to develop and implement successful treatment guidelines and how to get the most out of them. Texas’ Example Many in our industry look to Texas as a state with highly effective treatment guidelines. Texas had some of the highest workers’ compensation costs in the nation, along with some of the poorest return-to-work and patient satisfaction outcomes. After implementing treatment guidelines and a drug formulary, the state now boasts some of the best workers’ compensation outcomes in the nation, as well as lower costs. But the Texas story is not quite as simple or transferrable as you may think. As our panel explained, it took a multi-year, painstaking effort by representatives in all facets of the system to develop and implement the model now in place. The change also required a deep understanding of the workers’ compensation system as it existed in Texas for the treatment guidelines to get to the point they did. The changes in Texas began with legislative reforms in 2005. It would be two more years before the treatment guidelines were implemented and three years after that for the drug formulary to begin being phased in — first with new claims, then with legacy claims. One of the keys to Texas’ success was a change to include evidence-based medicine in the guidelines. See also: Texas Work Comp: Rising Above Critics   EBM Evidence-based medicine (EBM) is a term we hear often these days, but there’s disagreement about what it truly means. Texas sought to clarify the issue by including a statutory definition in the treatment guidelines, so it defined EBM as follows: “Evidence-based medicine means the use of current best quality scientific and medical evidence formulated from credible scientific studies, including peer-reviewed medical literature and other current scientifically based texts, and treatment and practice guidelines in making decisions about the care of individual patients.” Texas switched to basing the guidelines on EBM to reform the previous consensus-based model, which was perceived as allowing for too much unnecessary medical care. EBM was chosen as the standard for selecting treatment guidelines, return-to-work guidelines and adjudicating claim level disputes on medical care. It is also the standard expected from healthcare providers, payers and others. The idea of EBM is to provide a systematic approach to treating injured workers based on the best available science. Ideally, medical providers should base their treatment regimens on EBM, although it is also important to consider the specific needs of each individual patient. Unfortunately, some of the most pervasive medical conditions among injured workers have not been as heavily researched as other ailments, such as heart disease or hypertension. This means EBM is not the basis for every single medical condition. The developers of EBM for workers’ compensation consider all available research, ‘weigh it’ in terms of quality then fill in the ‘gaps’ with a consensus of expert panels. That does not mean those particular guidelines are not scientific. For example, there is little research indicating someone with chest pains should undergo an electrocardiogram (EKG), but medical common sense dictates that is the appropriate action to take. Formularies Ensuring injured workers are given the most appropriate medications for their conditions is, or should be, the goal of drug formularies in workers’ compensation, according to the panelists. Not all drug formularies are the same, and it is helpful to understand their differences. As we learned in the webinar, drug formularies started in the group health area and were primarily a way to reduce costs, because out-of-pocket expenses are involved. There are different tiers to guide the best drug for the patients with the aim of finding the one that is the least expensive. Because workers’ compensation does not typically include co-pays, the goal for many jurisdictions is clinical efficacy — finding the medication that will result in the best outcome for the injured worker and get him or her back to function and, ultimately, work. See also: States of Confusion: Workers Comp Extraterritorial Issues States such as Texas have a “closed” drug formulary, although compared to closed formularies in group health, it is not the same. Whereas in the group health context, some medications will be disallowed in terms of reimbursement, formularies in workers’ compensation instead require pre-authorization for certain medications. The term “preferred drug list” is more appropriate for workers’ compensation. Texas uses the Official Disability Guidelines for its list of “Y” and “N” drugs. All FDA-approved drugs are included, but those on the “N” list are not automatically paid for through the workers’ compensation system. Almost immediately after Texas implemented its drug formulary, prescribing patterns changed. Physicians began prescribing more medications on the “Y” list, rather than justifying the use of those on the “N” list. That was among the main goals of the drug formulary — to get prescribers to avoid prescribing opioids and other potentially dangerous drugs right from the start. The formularies in workers’ compensation systems in other states differ. However, the goal is the same: to encourage providers and others to prescribe medications that are the best for the injured worker, considering his or her injury and any comorbid conditions. Patient safety, rather than lower costs, should be the goal. Many in the industry are closely watching California as it faces a summer deadline to finalize its drug formulary. There are estimates that the state could see about 25% of its currently-prescribed medications put on the fast track for approval and thus avoid delays from utilization review once the formulary is implemented. Challenges Having heard about the many potential benefits of treatment guidelines, we then turned to the panelists to discuss some of the obstacles and how to overcome them. Educating all stakeholders was among the most important strategies they mentioned. For example, a claims examiner may not see a recommended treatment in the guidelines for a particular jurisdiction and issue a denial for a requested procedure. But, upon further investigation, the treatment requested by the provider may be the best for all considered. In a California case, a claim was halted for several years — with indemnity expenses continuing to be paid — as the parties awaited the outcome of a dispute over an MRI scan. The case points to the need for those involved in a claim to be flexible. While following the guidelines should be the general rule of thumb, it’s also important that those overseeing a claim take a holistic approach and see what really makes sense for the injured worker. It is also vital to educate physicians on what to do to gain approval for treatments that stray from treatment guidelines. Often, little or no explanation is provided as to why a particular patient needs a certain procedure or medication. Without complete information, the rate of denials increases. Texas took the unique step of implementing Appendix B to provide guidance to physicians on how to document exceptions to its guidelines. The consistency (or lack thereof) of guidelines can be frustrating, especially for organizations that operate in multiple jurisdictions. Again, those involved in the claim need to be informed about the guidelines used in each. It is important that everyone involved in reviewing treatment recommendations — including claims examiners, nurses, physicians and even administrative judges — understand the treatment guidelines and their limits for the jurisdictions in which they operate. The decisions each person makes must be consistent for the guidelines to be most effective. Keeping the guidelines current is another challenge for some jurisdictions. With medical science changing rapidly, it’s best if jurisdictions find a way to get updated information published as soon as possible and make it easily accessible. The Future While a majority of states have medical treatment guidelines in their workers’ compensation systems, 21 did not at the time of the webinar. About 20 states either have or are considering drug formularies. There are additional efforts underway on the state level to address medical care for injured workers. Several Northeastern states, for example, have placed limits on the number of days for which opioids can be prescribed. Some have limited it to seven days, while New Jersey is imposing a five-day limit. That trend is expected to continue. See also: 25 Axioms Of Medical Care In The Workers Compensation System   Other states are looking at helping wean injured workers off opioids. New York recently rolled out a new hearing process to address claims that involve problematic drug taking. Progress is being made to improve injured workers’ outcomes and treatment guidelines, and drug formularies are a big part of these efforts. The goals of better safety and clinical outcomes, quicker return-to-work, shorter treatment periods and better overall outcomes should drive the conversations going forward. To listen to the complete Out Front Ideas with Kimberly and Mark webinar on this subject, please visit Out Front.

Insurance M&A remained very robust in 2016 after record activity in 2015. There were 482 announced transactions in the industry for a total disclosed deal value of $25.5 billion. The primary drivers of deals activity were Asian buyers eager to diversify and enter the U.S. market; divestitures; and insurance companies looking to expand into technology, asset management and ancillary businesses. We expect continued strong interest in M&A, driven primarily by inbound investment. In addition, bond yields have spiked over the last few months and are likely to continue to increase. Combined with expected rate hikes by the Federal Reserve, this should have a positive impact on insurance company earnings and, in turn, will likely encourage sales of legacy and closed blocks. However, a new U.S. president has caused tax and regulatory uncertainty that may temporarily decelerate the pace of deal activity. President Trump is expected to prioritize tax reform and changes to U.S. trade policy, both of which will have potentially significant impacts on the insurance industry. Moreover, the latest Chinese inbound deals have drawn regulatory scrutiny, and there is skepticism in the U.S. stock market about the ability to obtain regulatory approval. See also: Innovation: Solutions From… Elsewhere   Insurance activity remains high While M&A activity declined somewhat in 2016 compared with 2015’s record levels (both in terms of deal volume and announced deal value), activity remained high. In fact, announced deals and deal values exceeded 2014’s levels. Major deal trends included:

• Asian insurers seeking to grow their footprint in the U.S. continued in 2016. Japan’s Sompo Holdings agreed to acquire Endurance Specialty for $6.3 billion, and China's Oceanwide’s announced its acquisition of Genworth Financial for $2.7 billion.
• Domestic companies’ expansion into new lines of business also drove deal activity, as evidenced by Liberty Mutual’s announced acquisition of Ironshore for $3 billion and Fairfax Financial’s announced acquisition of Allied World for $4.9 billion.
• U.S. insurers, including AIG and MetLife, sought to divest noncore legacy businesses. AIG sold its mortgage insurance business, United Guaranty, to Arch Capital for $3.4 billion, and MetLife sold its retail advisor force to MassMutual, and MetLife plans to divest its consumer unit.
• Insurers have been focused on expanding into new technology- enabled markets and products and, in many instances, are seeking to do so via acquisition. Allstate announced its acquisition of SquareTrade, an extended warranty service provider for consumer electronics and appliances, for $1.4 billion. Another example is Intact Financial’s investment in Metromile, a company that offers pay- per-mile insurance.
• Deal volume in the insurance brokerage space continues apace. Brokerage deals, most notably the management-led buyout of Acrisure for $2.9 billion, accounted for 84% of total deal volume.

See also: How to Build ‘Cities of the Future’   Deals market characteristics

• Drivers of consolidation include the difficult growth and premium rate environment. In particular, there has been continuing consolidation among Bermuda insurers, notably the acquisitions of Allied World1, Endurance and Ironshore.
• Asian insurers remain interested in expanding their U.S. footprint and accounted for two of the top-10 transactions.
• There has been expansion in specialty lines of business, as core businesses have become more competitive. This is evidenced by:
  • Arch’s acquisition of mortgage insurer United Guaranty, which becomes its third major business after P&C reinsurance and P&C insurance;
  • Allstate’s acquisition of consumer electronics and appliance protection plan provider SquareTrade, which should enable Allstate to enhance its consumer-focused strategy;
  • Berkshire Hathaway subsidiary National Indemnity’s agreement to acquire Medical Liability Mutual Insurance Company, the largest New York medical professional liability provider (a deal that is expected to close in 2017); and
  • Fairfax Financial’s December 2016 announcement of a $4.9 million acquisition of Allied World, which the Ontario Municipal Employees Retirement System (OMERS), one of Canada’s largest pension funds, is contributing $1 billion in financing toward the acquisition (the deal is expected to close in 2017.)
• The insurance brokerage deals space remains active and saw two of the top-10 deals.
• Many acquirers are scaling up to generate synergies, as evidenced by Assured Guaranty and National General Holdings.
• Insurers continue to grow their asset management capabilities. For example, New York Life Investment Management expanded its alternative offerings by announcing a majority stake in Credit Value Partners LP in January 2017, and MassMutual acquired ACRE Capital Holdings, a specialty nance company engaged in mortgage banking.

Sub-sector highlights Asian buyers diversifying their revenue base has had an impact on the life and annuity sector; regulations including the Fiduciary DOL Rule and the SIFI designation; and divestitures and disposal of underperforming legacy blocks (specifically, variable annuity and long term care). The P&C sector has been experiencing a challenging pricing cycle, which has driven carriers to: 1) focus on specialty lines and specialized niche areas for growth and 2) consolidate. Furthermore, with an abundance of capacity and capital, the dynamics of the reinsurance market has changed. Reinsurers are trying to adjust by turning to M&A and innovating with new products and in new markets. There has been a wave of insurance broker consolidation, largely because of the current low interest rate environment, which translates into cheap debt. The next wave of consolidation is likely to affect managing general agents because they have flexible and innovative foundations that set them apart from traditional 9% underwriting businesses. According to PwC’s 2016 Global FinTech Survey, insurtech companies could grab up to a fifth of the insurance business within the next five years. In response, insurers have set up their own venture capital arms, typically investing at the seed stage, to keep up with new technologies and innovations and find ways to enhance their core businesses. Investments by insurers and their corporate venture rose nearly 20 times from 2013 to 2016. See also: Minding the Gap: Investment Risk Management in a Low-Yield Environment   Implications

• Sale of legacy blocks: There is a continuing focus on exiting legacy risks such as A&E, long-term care, and variable annuities by way of sale or reinsurance. Already this year, there have been two significant transactions announced: AIG is paying $10 billion to Berkshire for long-tail liability exposure, and The Hartford is paying National Indemnity $650 million for adverse development cover for A&E losses.
• Expansion of products: P&C insurers are focusing on expanding into niche areas such as cyber insurance, and life insurers are focusing on direct-issue term products.
• Technology: Emerging technologies — including automation, robo-advisers, data analysis and blockchain — are expected to transform the insurance industry. Incumbents have been responding by directly investing in startups or forming joint ventures to stay competitive, and they will continue to do so.
• Foreign entrants: Chinese and Japanese insurers have a keen interest in expanding to the U.S. market because of limited domestic opportunities and have the desire to diversify products and risk and expand capabilities.
• Private equity/hedge funds/family offices: Non-traditional investors have a strong interest in expanding beyond the brokers and annuities businesses to other areas within insurance (e.g., MGAs).

What seemed like a farfetched scenario out of Hollywood four years ago is now yet another reality that security experts have been warning about. In the screen version, the U.S. vice president is assassinated on the TV show “Homeland” after a hacker takes control of his pacemaker and stops his heart—making it look like a heart attack. In real life, the U.S. Food and Drug Administration recently released a safety warning that St. Jude Medical implantable cardiac devices and their remote transmitters contain security vulnerabilities. An unauthorized party could use the vulnerabilities to “modify programming commands” on the device that could result in rapid battery draining or “administration of inappropriate pacing or shocks.” Coincidentally, the warning came on the heels of an FDA document addressing this very issue: At the end of December, the agency released its guidance for the post-market management of medical device cybersecurity. The guidance is similar to a previously issued one for premarket design and development. Both are nonbinding. The FDA can take action against products that violate the Food, Drug and Cosmetic Act, which could include devices that pose serious risks of injury or death and lack remediation. Outside of that, it’s unclear what, if anything, the FDA would do about lower-level risks that are not being mitigated. See also: Your Social Posts: Hackers Love Them   Enforcement or not, there’s plenty of skepticism about the influence the document will have on device manufacturers. Security experts call it a good first step—emphasis on “first.” But they are not convinced that the guidance will motivate the industry to make medical devices more secure. “Absent of serious crises or patient deaths, I’m not optimistic that this document will get the attention of many companies building medical devices,” says John Dickson, a principal with the security firm Denim Group Ltd., who formerly served at the Air Force Information Warfare Center. The guidance “emphasizes that manufacturers should monitor, identify and address cybersecurity vulnerabilities and exploits as part of their post-market management of medical devices.” Among other things, the FDA recommends that manufacturers:

• Follow the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Security, which is widely used in many industries
• Implement a risk-management program for identifying and assessing vulnerabilities
• Act on information about vulnerabilities and deploy patches quickly.

A big problem to crack Dickson says that the sheer number of devices in circulation—potentially millions, registered to some 6,500 to 7,000 manufacturers—creates a major problem. “Most of the medical device companies are just trying to get the capability to work well—and here comes (a problem) they really didn’t consider before,” he says. The embedded sensors and devices were designed for a long lifespan and, in many cases, not intended to be upgraded. “If those devices cannot receive software updates at some time in their lifespan, they will be vulnerable, so the risk is enormous,” says Hamilton Turner, chief technology officer at mobile-security vendor OptioLabs. The industry has been slow to react. Ashton Mozano, chief technology officer at Circadence, a “next-generation” provider of cybersecurity training, says that some of the device vulnerabilities have been known for as long as a decade. But the response has not been like in airline or automotive safety, where “there’s a whole community that gets up in arms” when there’s a faulty or dangerous product. “We don’t really see that in cyberspace yet. The medical device industry, as well as the IoT realm, have been essentially isolated from that level of widespread global scrutiny,” Mozano says. The FDA began warning about the problem a few years ago. The guidance certainly indicates the agency’s interest in cybersecurity is growing. Unfortunately, the FDA may not be in the best position to address the problem. “They’re not in the best situation to have the knowledge and skill set … to mandate regulations for the cyber industry,” Mozano says. “They don’t want to overregulate.” Plenty of gaps to be filled The FDA defines patient harm as physical injury, damage to health or death. Other types of harm—such as loss of personal health information—is excluded from the FDA’s scope. Turner thinks that’s an oversight. He says that data taken from a device can sometimes include information about the operating environment, including secure Wi-Fi access that could be used to access the network and cause patient harm. “Ignoring loss of data in a security context can lead to some very serious repercussions,” he says. Long-term execution of the guidance also is questionable. Mozano says there needs to be “a clear assignment of roles and responsibilities throughout the entire vertical and horizontal supply chain.” And, there needs to be better leadership and a more systematic, step-by-step implementation, he says. The FDA could take a page from the automotive industry, where rankings by third-party evaluators such as JD Powers influence buying decisions. This would not only motivate manufacturers to protect their reputation but also put some of the power into the hands of the users. See also: When Hackers Take the Wheel   “This could be more effective than having draconian regulations,” Mozano says. The industry sentiment seems to be that scenarios à la TV’s “Homeland” are still far-fetched. Even the Department of Homeland Security said the vulnerability in St. Jude’s devices would have required “an attacker with high skill.” But Dickson emphasizes that what was science fiction as recently as two years ago is now becoming a major problem. After all, not too long ago “people said political campaigns were too sophisticated to hack.” “Given the widespread and ubiquitous nature of medical devices, the fact that a more sophisticated attacker could do this means it will happen at some point,” he says. “As the sophistication goes down the chain, there’ll be more automation to do it. At this point, nobody has figured out how to automatically attack, but that will happen.” This post originally appeared on ThirdCertainty. It was written by Rodika Tollefson.