Third-party risks—the notion that a contractor or a supplier could inadvertently expose the first-party organization to a network breach—may not be the sexiest cybersecurity issue out there. But at RSA 2017—the weeklong cybersecurity conference that drew 43,000 attendees to San Francisco’s Moscone Center last month—there was much talk that third-party risks are destined to ascend as a bellwether phenomenon. I mean that in this sense: Actually addressing third-party risks is something companies of all sizes—from enterprise-class first-party organizations to SMB-size third-party suppliers—must come to grips with, probably sooner than later. What’s more, as the journey to mitigate third-party risk unfolds, trustworthiness of internet-centric commerce naturally will rise, perhaps dramatically. New market emerges One marker is that tech research firm Gartner has begun monitoring a dozen or so technology vendors marketing third-party risk solutions to large enterprises. Gartner refers to this fledgling cottage industry as the “IT vendor risk management” market. In a report last fall, Gartner predicted that the IT VRM market would expand 30% by 2019. See also: Ransomware: Growing Threat for SMBs   The main growth driver: regulatory requirements. Case in point: New York state’s freshly minted Cybersecurity Requirements for Financial Services Companies, which took effect March 1, includes provisions that require financial services companies to ensure the security of the systems used by their third-party suppliers. Meanwhile, Europe has begun to roll out a comprehensive set of data-handling rules that also call out the need to address third-party risk. These include the new framework for commercial data exchange between the U.S. and the European Union, referred to as the EU-U.S. Privacy Shield, as well as the new EU privacy rules known as General Data Protection Regulation or GDPR. SMBs in hackers’ cross-hairs To be clear, the burden does not solely rest with large enterprises to mitigate third-party risks. This issue profoundly affects small and medium-size organizations. SMBs no doubt will face increasing requirements to prove their cybersecurity fitness to win contracts from first-party business customers. “Third-party issues are driven by the fact that outsourcing trends are continuing unabated,” says Jonathan Dambrot, CEO and co-founder of Prevalent, one of the leading IT VRM vendors tracked by Gartner. He says third-party suppliers, in fact, are believed to be the source of as much as 70% of the network breaches that occur today, Professional cyber criminals are fully aware of capabilities of the multimillion-dollar security systems that large companies have in place. So they wisely target “the small provider who’s providing some service and who doesn’t have their security controls,” Dambrot says. Vendors lack knowledge Meanwhile, all too many third-party suppliers continue to operate either ignorant of, or in denial of, the exposures they’re creating by failing to adhere to security best practices. “A lot of smaller firms are still struggling with even understanding what they need to do, from a policies standpoint all the way down to the technical controls,” Dambrot says. “Do they have appropriate controls for encryption, identity management and multifactor authentication?” It’s very early in the ballgame. A Ponemon Institute survey conducted last May found that the majority of the 600-plus respondents agreed that third-party risk was both serious and has been significantly growing in their organizations. See also: Cyber Attacks Shift to Small Businesses   However, Ponemon found that only a third of those organizations had formal programs in place to manage third-party risks, and only about a quarter of them purchased cyber insurance to reduce the economic impact of third-party risks. But the potential for elevating internet security, in the longer run, is palpable. This post originally appeared on ThirdCertainty.

DIAmond Award winner Trōv is one of the most widely referred to cases when speaking about disruption in the insurance sector. But what is Trōv exactly about? What is the business model? How successful is it? Trōv’s founder and CEO Scott Walchek will share his vision in a keynote presentation at DIA Amsterdam, this May. To warm up, I interviewed Scott last week. Trōv is the world’s first on-demand insurance platform for single items. It is a mobile app that allows users to insure whatever, whenever. It empowers customers to insure "just the things you care about" for whatever period you prefer. Trōv users simply snap a picture of a receipt or the product code of a product. This creates a personal digital repository for all things tangible. For selected items, Trōv offers a quote to insure each individual item. Customers can then simply "swipe to protect" to purchase the insurance. It is equally simple to "swipe to unprotect." With Trōv, long contracts are not necessary. Even the claims process is automated with the use of chatbots and available on-demand on a smart phone. Trōv is founded by Scott Walchek. Scott is a successful technology entrepreneur. Over the past 25 years, he built companies such as Macromedia, Sanctuary Woods, C2B Technologies and DebtMarket. He was also a co-lead investor and founding director of Baidu, China’s largest search engine. Scott is also one of the 75 thought leaders who contributed to our new book "Reinventing Customer Engagement. The next level of digital transformation for banks and insurers." What inspired you to create Trōv? Scott: “At some point I realized there is an enormous latent value in the information related to the things people own. From obvious things such as receipts and warranties to actually having an overview of what you own and what the current replacement value of each item is. We want to curate ways to turn this into value for consumers. From keeping information on items up to date to, for instance, arranging insurance for these items. We're a technology company, not an insurance company. We’re new in this space. So I started with testing our first ideas about a proposition and the assumptions behind it with several senior executives of large P&C insurers such as AIG and ACE. What I assumed is that at the end of the day the core metric of success is the ratio of insurance to actual value. The better this ratio, the better the balance sheet. Of course, this is an oversimplification, but everyone agreed that in essence this is how over the past 200 years value in insurance is created. Now, what is remarkable is that insurers do not really know what consumers own, and what the exact value of these goods is … What if they did know? This would disrupt markets. It would lead to much better risk assessment driven by real knowledge of the true value of what people really own.” See also: Insurtech: The Approaching Storm   Trōv's main target users are millennials, a target segment that most incumbents find very difficult to reach and engage with. Why does Trōv strike the right chord among this generation? Scott: “We’re in the Australian market for a year now and entered the U.K. market a few months ago. Around 75% of our users are aged between 18 and 24. It appears that we are successful in tapping into the specific needs of this group. We do this by explicitly tapping into four key millennial trends. The first is "on-demand." We can see that from how millennials consume entertainment, shopping etc. Services need to be now, 24 hours a day, on my device. The second trend is, "Don’t lock me into a lengthy contract." We enable micro-duration. Customers can turn their insurance on and off as they see fit. In practice, they hardly do. But it is about the psychological benefit of being able to do so. The third is what we call "unbundled convenience": "Let me choose what to protect, the things I really care about." The fourth is: "people/agent optional." Millennials want to engage with their smartphone without having to talk to an actual person.” Trōv is based in the San Francisco Bay Area. But you decided to launch first in Australia and the U.K. Why there? Scott: “Ha ha – there’s a linear story and a non-linear story to that! The linear story is that microduration is still new to the industry, so our hypothesis requires testing. The regulatory environment is important if you want to get to market fast. Australia and the U.K. have a single regulatory authority versus the 56 bodies in the U.S. But we’re also in the process of filing in the U.S. The non-linear story is that I just happened to meet Kirsten Dunlop, head of strategic innovation at Suncorp Personal Insurance, at a conference in Meribel in France. She immediately understood the strategic impact of Trōv, and that is when it took off.” Because the Trōv concept is so new to consumers, it must be extremely interesting to learn what exactly strikes the right chord … Scott: “Customers just love the experience. Our NPS is +49. However, we’re learning every day. With a completely new concept such as Trōv, it is impossible to know exactly what to expect, honestly. It turns out that Trōv reveals new consumer insights. There is still a significant number of valuables that our audience wants to insure but that we cannot provide a quote for, for instance. Although more than 60% never turn off an insurance, the ability to switch an insurance on and off turns out to be an important psychological benefit. This appears to be category-dependent. Sporting goods are switched on and off more often than smartphones and laptops. We’re constantly measuring and improving every step of the funnel. From leaving Facebook to downloading the app, to registration, to actual swipes. We will share concrete numbers on uptake and conversion rates at DIA Amsterdam. But to already share two big learnings: We designed Trōv for use on smartphones, but, much to our surprise funnel figures multiplied when we decided to add a web interface. And we are actually even attracting better-quality customers.” In Australia, you decided to partner with Suncorp, in the U.K. with AXA and in the U.S. with Munich Re. What are the success factors of a partnership between an insurtech and an incumbent? Scott: “At the end of the day, it is about relationships and people. We understand their internal challenges. Everyone agrees that real knowledge of individual insured goods and the actual value of those goods improves the loss ratio. But we need to figure out how this works exactly through experimentation. This requires internal dedication, throughout the whole organization, starting at the top. It is not about conducting small pilots, but the willingness to experiment while going all the way, invest for several years and learn as we go what insurance will look like in the future and how consumers want to engage.” What are your future plans and ambitions with Trōv? We can imagine that Trōv could also be an interesting partner for retailers and producers of durables. With Trōv, they could seamlessly sell insurance ... Scott: “We have three lines of business. The first is what we call "solid." This is about expanding the Trōv app geographically, covering more categories and continuously developing the technology. Trōv will be launched in Japan, Germany and Canada shortly. Then there is "liquid"; offering white-label solutions to financial institutions, for instance in relation to connected cars and homes. The third line of business is "gas"; basically Trōv technology embedded in other applications; insurance as a service. This could be attractive for all sorts of merchants, telco operators etc.” See also: Understanding Insurtech: the ABCs   This would make Trōv even more part of the context in which consumers makes decisions about the risk they are willing and not willing to incur. And it also taps into the exponential growth of connected devices, similar to how machine-to-machine payments are increasingly taking place … Scott: “Yes. What we’re now doing with Trōv is really the beginning. Trōv is about providing our customers with exactly the protection they want, exactly when they want it. With more and more connected devices and sensors and new data streams everywhere we can make the whole experience so seamless they don’t have to do anything at all.”

Last week's announcement by Next Insurance that it would sell insurance via Facebook Messenger brings chatbots to the fore of the discussion on insurtech—where they belong.

At a time when so many companies are trying to come to grips with all the innovation in the industry, chatbots can provide a relatively easy win. They cut costs for insurance companies while providing better service to customers, who can use their phones (by now an extension of the hand for many people) to text an inquiry rather than have to navigate a phone tree and eventually sit on hold for several minutes while listening to bad music or ads, only to eventually arrive at a customer service rep who doesn't really understand the issue.

At ITL, we became believers in this use of artificial intelligence more than a year ago and, once we saw the great work being done at Pypestream, decided that the technology was mature enough that we would help spread the word about the company and its chatbots, starting last summer. Pypestream initially focused on using chatbots to streamline communication between existing customers and companies, but, as the Next-Facebook announcement shows, the technology has developed enough to be used in almost any sort of interaction. If artificial intelligence can power "robo-advisers" for investment companies, it can handle an introductory sales presentation or answer routine customer inquiries.

That said...it's always important to consider technology developments in the right context. While the Silicon Valley types tend to think in binary ways, and will suggest that chatbots will eliminate agents, call centers and so on, disintermediation rarely follows such a stark script. There are more bank tellers today than there were decades ago when ATMs were going to put them out of business. Realtors are thriving. Even travel agents are still around, albeit about 60% fewer of them than in their heyday. A landmark study by McKinsey found that it's actually right to think about pieces of jobs being automated rather than to assume whole classes of jobs will disappear—only the elevator operator has truly gone away because of automation.

So, it's important to think about integrating chatbots, rather than assume they'll take over the world. Customers will still, in many parts of a process, want to talk with a real, live human being, and insurers need to make sure the right one is available instantly to jump in. The good news is that chatbots will save so much money that insurers can afford to invest in the right processes and expertise.

I live for the day when ITL is so big that we need to invest in chatbots. In the meantime, if you email us with any questions, comments or concerns, you can be sure it's one of us fallible humans responding.

Cheers,

Paul Carroll,
Editor-in-Chief 

Borrowing a line from James Carville’s presidential campaign advice, “It’s the economy, stupid,” we need to grasp the real source of sustained growth and say to ourselves, “It’s the customer experience, stupid.” Can we wake up and focus on the customer experience? Do we truly understand what they want? Do we understand that customer experience isn’t just about technology, transactions and 24/7 availability? Are we prepared to go beyond the processes and needs of the insurance company and look at insurance from the outside in? As you may have noticed, we are increasingly living in an experience-driven culture as opposed to a possessions-focused culture. In May 2016, Groupon launched an ad campaign surrounding the “Haves and Have Dones.” It’s a funny lampoon of those people who seek luxurious things vs. those who are looking for adventures and experiences. This cultural focus on doing more and buying less isn’t new; it’s just gaining traction. The implication for insurance is that customer experience is more relevant than ever because great experiences are highly valued. Insurers need to make their brand experiences into havens of ease, comfort and security that also fit into customers’ desired lifestyles. To dig deeper in understanding, insurers need to create customer personas and develop customer journey maps that will bring empathy into experience design. See also: How the Customer Experience Is Shifting   Personas — Bridges to Empathy Customer personas synthesize real-life examples into one, easy-to-understand picture of a common role or person. For example: Roger Thompson is a veterinarian. He works long hours, and most of them aren’t at a desk with easy access to his laptop. He makes a good income, but he isn’t wealthy. He is forced to fit his paperwork into Sunday afternoons. He cares passionately about animals and is not so passionate about anything that adds administrative time to his already-packed schedule. If faced with a choice between price and convenience, he will almost always pick convenience —though he remains price-conscious. This is just a slice of a persona. It instantly transports us into the shoes of that customer type, so that we can begin to see life from behind his eyes. If we know Roger’s motivations, worries and life pain points, we can better craft his customer journey. Personas simplify business conversations. If we all understand Roger’s needs, we are far more likely to agree about what it will take to make his experiences better. We can replicate this many times over with any type of role that is relevant to the insurance experience. Every time we do, we’ll get beyond our tendency to see customers as giant groups to capture an individual’s feelings during moment-by-moment needs and choices. Once the persona is created, a customer journey map can be developed. It is difficult to create the one without the other. The persona operates as the constant filter of feelings and issues that provide the real empathy while we consider what the journey looks like. Customer Journey Maps — Paths to Understanding Journey mapping is just what it sounds like — walking through the customer experience through the persona’s eyes and in the persona’s shoes. For example, Reema Patel is a sales rep for a shoe manufacturer. She commutes with a company car. Most days, her personal vehicle sits in the garage. She enjoys most of her interactions with her home/auto insurer, but every time she sees the insurance statement she gets a little irritated that she pays to cover something that gets so little use. Slicing the journey into common interaction and reaction points will help insurers see where the journey has hurdles. What aren’t we seeing in customer service surveys? What parts of the journey can we improve? Is there any part of life where the persona is prone to dislike their insurance experience? This is where journey mapping pays off for insurers. Our goal is to give the customer a brand experience that exceeds expectations, even if that experience requires less interaction and even if it changes the nature of our relationship. We simply need to be paying attention to what the experiences are and what they could be. Tesla makes a great example of an organization translating customer personas into customer journeys and then into improvement in customer experience. At some point, Tesla executives must have asked, “How can we improve auto ownership for Tesla customers?” The answer was to bundle the vehicle, its insurance and its maintenance (which it is actually experimenting with in Asia). In one step, Tesla removed hundreds of transactions from the owner over the life of the vehicle, consolidating payments and creating a lower-stress experience. A person like Reema might like the idea that coverage and ownership are all-in-one. How can insurers capitalize on customer journey mapping? Precisely by doing what Tesla did — using the maps to redesign the experience. You may insure small business owners. What does their day look like? What are their common risks? What happens when something goes wrong? Is there a way to move their brand experience from good to great? Redesigned Experiences — “That brand fits me” It’s an experience, not a transaction. If insurers adopt the mindset that we are shifting from core transactional experiences to customer experiences, then they will instantly be able to brainstorm new ways of supporting the customer. These might fall outside of traditional insurance operations. A high-volume motorcycle insurer, for example, might build an online community for cycle enthusiasts. Anyone can join. The company creates an experience that moves from the road into the living room. The insurer may capitalize on promotional opportunities to sell insurance, but is also gaining a deep understanding of the motivations and experiences of those who are insured. The company will understand the many types of motorcycle riders. It won’t be creating products that are one-size fits all. Those who ride will ultimately see that the brand fits them. “This is the insurer that understands riders like me.” See also: How to Bottle Great Customer Experience It’s an experience, not a technology. If sensors in my basement notify my insurer that I have water damage and the company schedules remediation without my making a claim, then my experience has improved and my loyalty has been assured. Likewise, if my auto insurer sends me a message to put my car in the garage because of an approaching hail storm, the company is looking out for my welfare and has improved my experience. These would be benchmark experiences for customers. They use new technology, but they are still focused on the experience. When we focus on the customer experience, we peek into customer minds and feed our own opportunity list with inspirations based on their thoughts, actions and feelings. We introduce a loop of feedback and improvement that will provide sustainable growth. And, we unify our organizations behind a culture of empathy and action. A focus on customer experience will give customers brand love — and that’s about the best result we could ask for.

This is the first part of a two-part series. Abstract Examining the intersection of research on the effects of (re)insurance risk diversification and availability of big insurance data components for competitive underwriting and premium pricing is the purpose for this paper. We study the combination of physical diversification by geography and insured natural peril with the complexity of aggregate structured insurance products, and furthermore how big historical and modeled data components affect product underwriting decisions. Under such market conditions, the availability of big data components facilitates accurate measurement of inter-dependencies among risks, and the definition of optimal and competitive insurance premium at the level of the firm and the policy holders. In the second part of this article, we extend the discourse to a notional micro-economy and examine the impact of diversification and insurance big data components on the potential for developing strategies for sustainable and economical insurance policy underwriting. We review concepts of parallel and distributed algorithmic computing for big data clustering, mapping and resource reducing algorithms. Introduction This working paper will examine how big data and fast compute platforms solve some complex premium pricing and portfolio structuring and accumulation problems in the context of flood insurance markets. Our second objective is to measure the effects of geo-spatial insurance risk diversification through modeling of interdependencies and show that such measures have impact on single risk premium definition and its market cost. The single product case studies examine the pricing of insurance umbrella coverage. They are selected to address scenarios relevant to current (re)insurance market conditions under intense premium competition. Then we extend the discourse to a micro-economy of multiple policy holders and aim to generalize some finding on economies of scale and diversification. The outcomes of all case studies and theoretical analysis depend on the availability of big insurance data components for modeling and pricing workflows. The quality, usability and computational cost of such data components determine their direct impact on the underwriting and pricing process and on definition of the single risk cost of insurance. 1.0 Pricing Aggregate Umbrella Policies Insurers are competing actively for insureds' premiums and looking for economies of scale to offset and balance premium competition and thus develop more sustainable long-term underwriting strategies. While writing competitive premium policies and setting up flexible contract structures, insurers are mindful of risk concentration and the lower bounds of fair technical pricing. Structuring of aggregate umbrella policies lends itself to underwriting practices of larger scales in market share and diversification. Only large insurers have the economies of scale to offer such products to their clients. Premium pricing of umbrella and global policies relies on both market conditions and mathematical modeling arguments. On the market and operational side, the insurer relies on lower cost of umbrella products due to efficiencies of scale in brokerage, claims management, administration and even in the computational scale-up of the modeling and pricing internal functions of its actuarial departments. In our study, we will first focus on the statistical modeling argument, and then we will define big data components, which allow for solving such policy structuring and pricing problems. See also: 3 Reasons Insurance Is Changed Forever   We first set up the case study on a smaller scale in context of two risks -- with insured limits for flood of $90 million and $110 million. These risks are priced for combined river-rain and storm surge flood coverage, first with both single limits separately and independently and then in an aggregate umbrella insurance product with a combined limit of $200 million: (1.0) Umbrella(200M) = Limit 1 (90M) + Limit 2 (110M) The two risks are owned by a single insured and are located in a historical flood zone, less than 1 kilometer from each other. For premium pricing, we assume a traditional approach dependent on modeled expected values of insured loss and standard deviation of loss. To set the statistical mechanics of the case study for both risks, we have a modeled flood insurance loss data samples Q_t and S_t respectively for both risks, from a stochastic simulation - T. Modeled insured losses have an expected value E[.] and a standard deviation σ[.], which define a standard policy premium of π(.) When both policies’ premiums are priced independently, by the standard deviation pricing principle we have: (1.1) π(S_t) = E[S_t] + σ[S_t] π(Q_t) = E[Q_t] + σ[Q_t] With non-negative loadings, it follows that: (2.0) π(S_t) ≥ E[S_t] π(Q_t) ≥ E[Q_t] Because both risks are owned by the same insured, we aggregate the two standard premium equations, using traditional statistical accumulation principles for expected values and standard deviations of loss. (3.0) π(Q_t)+π(S_t)= E[S_t]+σ[S_t]+E[Q_t]+σ[Q_t] π(Q_t)+π(S_t)= E[S_t+Q_t]+σ[S_t]+σ[Q_t] The theoretical joint insured loss distribution function f_S,Q(S_t,Q_t) of the two risks will have an expected value of insured loss: (4.0) E[S_t + Q_t] = E[S_t] + E[Q_t] And a joint theoretical standard deviation of insured loss: (4.1) σ[S_t + Q_t] = √(σ²[S_t] + σ²[Q_t] + 2ρσ[S_t] * σ[Q_t]) We use further these aggregation principles to express the sum of two single risks premiums π(Q_t), π(S_t), as well as to derive a combined premium π(Q_t + S_t) for an umbrella coverage product insuring both risks with equivalency in limits as in (1.0). An expectation for full equivalency in premium definition produces the following equality: (4.2) π(Q_t + S_t) = E[S_t + Q_t] + √(σ²[S_t] + σ²[Q_t] + 2ρσ[S_t] * σ[Q_t]) = π(Q_t) + π(S_t)  The expression introduces a correlation factor ρ between modeled insured losses of the two policies. In our case study, this correlation factor specifically expresses dependencies between historical and modeled losses for the same insured peril due to geo-spatial distances. Such correlation factors are derived by algorithms that measure dependencies of historical and modeled losses on their sensitivities to geo-spatial distances among risks. In this article, we will not delve into the definition of such geo-spatial correlation algorithms. Three general cases of dependence relationships among flood risks due to their geographical situation and distances are examined in our article: full independence, full dependence and partial dependence. 2.0 Sub-Additivity, Dependence and Diversification Scenario 2.1: Two Boundary Cases of Fully Dependent and Fully Independent Risks In the first boundary case, where we study full dependence between risks, expressed with a unit correlation factor, we have from first statistical principles that the theoretical sum of the standard deviations of loss of the fully dependent risks is equivalent to the standard deviation of the joint loss distribution of the two risks combined, as defined in equation (4.1). (4.3) σ[S_t + Q_t] = √(σ²[S_t] + σ²[Q_t] + 2σ[S_t] * σ[Q_t]) = σ[S_t] + σ[Q_t] For expected values of loss, we already have a known theoretical relationship between single risks’ expected insurance loss and umbrella product expected loss in equation (4.0). The logic of summations and equalities for the two components in standard premium definition in (4.0) and (4.3) leads to deriving a relationship of proven full additivity in premiums between the single policies and the aggregate umbrella product, as described in equation (4.2), and shortened as: (4.4) π(Q_t + S_t) = π(Q_t) + π(S_t) Some underwriting conclusions are evident from this analysis. When structuring a combined umbrella product for fully dependent risks, in very close to identical geographical space, same insured peril and line-of-business, the price of the aggregated umbrella product should approach the sum of single risk premiums priced independently. The absence of diversification in geography and insured catastrophe peril prevents any significant opportunities for cost savings or competitiveness in premium pricing. The summation of riskiness form single policies to aggregate forms of products is linear and co-monotonic. Economies of market share scale do not play a role in highly clustered and concentrated pools of risks, where diversification is not achievable, and inter-risk dependencies are close to perfect. In such scenarios, the impact of big data components to underwriting and pricing practices is not as prominent, because formulation of standard premiums for single risks and aggregated products could be achieved by theoretical formulations. See also: #1 Affliction Costing Businesses Billions   In our second boundary case of full and perfect independence, when two or more risks with two separate insurance limits are priced independently and separately, the summation of their premiums is still required for portfolio accumulations by line of business and geographic and administrative region. This premium accumulation task or "roll-up" of fully independent risks is accomplished by practitioners accordingly with the linear principles of equation (3.0). However, if we are to structure an aggregate umbrella cover for these same single risks with an aggregated premium of π(Q_t + S_t) , the effect of statistical independence expressed with a zero correlation factor will reduce equation (3.0) to equation (5.0). (5.0) π(Q_t + S_t) = E[S_t + Q_t] + √(σ²[S_t] + σ²[Q_t]) Full independence among risks more strongly than any other cases supports the premium sub-additivity principle, which is stated in (6.0). (6.0) π(Q_t + St) ≤ π(Q_t) + π(S_t) An expanded expression of the subadditivity principle is easily derived from the linear summation of premiums in (3.0) and the expression of the combined single insurance product premium in (5.0). Some policy and premium underwriting guidelines can be derived from this regime of full statistical independence. Under conditions of full independence, when two risks are priced independently and separately the sum of their premiums will always be larger than the premium of an aggregate umbrella product covering these same two risks. The physical and geographic characteristics of full statistical independence for modeled insurance loss are large geo-spatial distances and independent insured catastrophe perils and business lines. In practice, this is generally defined as insurance risk portfolio diversification by geography, line and peril. In insurance product terms, we proved that diversification by geography, peril and line of business, which are the physical prerequisites for statistical independence, allow us to structure and price an aggregate umbrella product with a premium less than the sum of the independently priced premiums of the underlying insurance risks. In this case, unlike with the case of full dependence, big data components have a computing and accuracy function to play in the underwriting and price definition process. Once the subadditivity of the aggregate umbrella product premium as in (6.0) is established, this premium is then back-allocated to the single component risks covered by the insurance product. This is done to measure the relative riskiness of the assets under the aggregate insurance coverage and each risk individual contribution to the formation of the aggregate premium. The back-allocation procedure is described further in the article in the context of a notional micro economy case. Scenario 2.2: Less Than Fully Dependent Risks In our case study, we have geo-spatial proximity of the two insured risks in a known flood zone with measured and available averaged historical flood intensities, which leads to a measurable statistical dependence of modeled insurance loss. We express this dependence with a computed correlation factor in the interval [0 < ρ' < 1.0]. Partial dependence with a correlation factor 0 < ρ' < 1.0 has immediate impact on the theoretical standard deviation of combined modeled loss, which is a basic quantity in the formulation of risk and loading factors for premium definition. σ[S_t + Q_t] = √(σ²[S_t] + σ²[Qt] + 2ρ'σ[S_t]σ[Q_t]) ≤ σ[S_t] + σ[Q_t] This leads to redefining the equality in (4.3) to an expression of inequality between the premium of the aggregate umbrella product and the independent sum of the single risk premiums, as in the case of complete independence. (7.0) π(Q_t + S_t) = √(E[S_t + Q_t] + σ2[S_t] + σ²[Q_t] + 2ρ'σ[S_t] * σ[Q_t]) ≤ π(Q_t) + π(S_t)  The principle of premium sub-additivity (6.0), as in the case of full independence, again comes into force. The expression of this principle is not as strong with partial dependence as with full statistical independence, but we can clearly observe a theoretical ranking of aggregate umbrella premiums π(Q_t+S_t) in the three cases reviewed so far. (7.1) π^{Full Independence} ≤ π^{Partial Dependence} ≤ π^{Full Dependence} This theoretical ranking is further confirmed in the next section with computed numerical results. Less than full dependencies, i.e. partial dependencies among risks, could still be viewed as a statistical modeling argument for diversification in market share geography, line of business and insured peril. Partial but effective diversification still offers an opportunity for competitive premium pricing. In insurance product and portfolio terms, our study proves that partial or imperfect diversification by geography affects the sensitivity of premium accumulation and allows for cost savings in premium for aggregate umbrella products vs. the summation of multiple single-risk policy premiums. 3.0 Numerical Results of Single-Risk and Aggregate Premium Pricing Cases In our flood risk premium study, we modeled and priced three scenarios, using classical formulas for a single risk premium in equation (1.0) and for umbrella policies in equation (7.0). In our first scenario, we price each risk separately and independently with insured limits of $90 million and $110 million. In the second and third scenarios, we price an umbrella product with a limit of $200 million, in three sub-cases with {1.0, 0.3 and 0.0} correlation factors, respectively to represent full dependence, partial dependence and full independence of modeled insured loss. We use stochastic modeled insurance flood losses computed with high geo-spatial granularity of 30 meters. The numerical results of our experiment fully support the conclusions and guidelines that we earlier derived from theoretical statistical relationships. For fully dependent risks in close proximity, the sum of single-risk premiums approaches the price of an umbrella product, which is priced with 1.0 (100%) correlation factor. This is the stochastic relationship of full premium additivity. For partially dependent risks, the price of a combined product, modeled and priced with a 0.3 (30%) correlation factor, could be less than the sum of single-risk premiums. For fully independent risks, priced with a 0 (0.0%) correlation factor, the price of the combined insurance cover will further decrease to the price of an umbrella on partially dependent risks (30% correlation). Partial dependence and full independence support the stochastic ordering principle of premium sub-additivity. The premium ranking relationship in (7.1) is strongly confirmed by these numerical pricing results. See also: How Quote Data Can Optimize Pricing   Less than full dependence among risks, which is a very likely and practical measurement in real insurance umbrella coverage products, could still be viewed as the statistical modeling argument for diversification in market share geography. Partial and incomplete dependence theoretically and numerically supports the argument that partial but effective diversification offers an opportunity for competitive premium pricing.

As the insurance industry enters a period of profound change, we at Eos use a concept called the 20/20 dynamic to illustrate the point: On a conservative basis, we believe most insurers risk losing at least 20% of their business to disruption. On the flip side, for those that embrace innovation there is an opportunity to grow their business by 20%. Our goal is to ensure our strategic investors are on the right side of this equation. Insurtech represents a unique opportunity for insurers to evolve their business model. Insurtech is not necessarily about disruption, but more an opportunity to take advantage of technology and data to create innovative solutions, reduce costs and capture greater value for customers, brokers and intermediaries, underwriters and service providers. At one level, active participation is required just to meet the basic requirements of playing in the new market. For those committed to a strategic approach, insurtech can help drive true competitive differentiation, while enabling measured bets for the future. See also: Insurtech: Unstoppable Momentum   Underpinning this transformation are 10 key trends that we have identified and believe will be at the heart of the insurtech evolution:

1. Insurance, as we have it known it historically, will be bought, sold, underwritten and serviced in a fundamentally different way within the next three years
2. External data and contextual information will become increasingly more important than historical internal data for predicting risk and pricing
3. A majority of the simple covers will be bought in standard units through a marketplace/ exchange, permitting just-in-time, need and exposure based protection through mobile access
4. Solutions will continue to evolve from protection to behavioral change then to prevention -- even across complex commercial insurance
5. Although proliferation of data and increasing transparency on the buyer and seller will cause disintermediation for simple covers, it will also create opportunities for brokers and intermediaries to innovate solutions and channels for their B2C (non-standard risk pools, retirees/older generation, healthcare gaps) and B2B (emerging and unknown risks, cyber, global supply chains, cross-border liability, terrorism) customers
6. The ability to dynamically innovate (new risk pools, new segments, new channels) and deliver on the customer promise will become the most important competitive advantage (as known risks continue to get commoditized and move to the direct channels)
7. Internal innovation, incubation and maturing of capabilities will no longer be the optimal option; dynamic innovation will require aggressive external partnerships and acquisitions
8. Simple "Grow or Go" decisions of the last decade will be sub-optimal, as the dust settles in insurtech; building in future optionality and degrees of freedom will be the key
9. Consolidation just for economies of scale will provide increasingly less marginal value in non-life as well as life insurance; real value creation will come from "economies of skill" and digital capabilities
10. Deep learning (next generation of AI), blockchain and genomics technologies will improve financial inclusion and better meet the needs of the under-insured and uninsured

We have linked the above trends to analysis of how profit pools will change over time to build an investment strategy that also focuses on platforms or clusters that allow us to build more compelling propositions by connecting related players in adjacent parts of the value chain. Three areas of initial focus are: 1. A digital front office solution that leverages an open architecture platform developed by Convista (OneDigitalOffice), augmented by relevant startups including, for example, on-demand insurance by Oula.la and social media adoption by Digital Fineprint. The ability to drive dynamic innovation is driven by technology stack/system flexibility to respond quickly to customer needs. New risk pools, new products and new ways to reach customers will place massive pressure on traditional systems, making a dynamic digital front office key to execution.

• 360-degree multi-channel (direct, field sales force, internal sales force, independent agents/brokers) connectivity
• Augmented functionality across the value chain from sales/distribution through underwriting, binding and servicing
• Sales funnel optimizer (sales force effectiveness) -- inquiry/quote, quote-to-submission, submission-to-bind ratio
• Sales force/intermediary (broker/agent) segmentation and performance management

As an example, the impact of the sharing economy and need for on-demand insurance will require instant pricing and cover that switches on and off at point of sale to meet the needs of the customer. 2. An end-to-end claims solution developed by RightIndem and supported by additional capability from other technology providers The claims space is an interesting one; it represents the largest individual expense on any P&C insurer's P&L but conversely has seen very little innovation. This is now starting to change. RightIndem has developed a platform that achieves significant improvements in customer satisfaction while significantly reducing the cost of managing the claim. This is a win/win for the customer and the insurer and in our view a classic enabler technology that takes an existing function within the insurance value chain but does it much more effectively and with the interests of the customer at its core. See also: Insurtech Checklist: 10 Differentiators   3. Artificial intelligence (AI) with an initial focus on life and health insurance developed by Gen.Life We are particularly excited about the combination of AI and the latest health technology to transform insurance. Examples include Livingo Health, which combines a blood glucose monitor support and intervention to help coach people through diabetes, and Cycardia Health, which employs machine learning predictive analytics software to categorize abnormal circadian patterns in otherwise healthy breast tissue to provide early detection of breast cancer. These types of technology will allow the early detection of potential diseases so that preventative treatment can be started much earlier, dramatically improving chances of success. Rather than life and health insurance being about prospective payments after an event, they can become the key mechanism for deploying technology to allow people to enjoy healthy lives. The insurance industry will look very different in five years, but more importantly there is an opportunity to drive huge benefits to society through reducing under-insurance and supporting the transition from protection to prevention.

The really bad thing about risks is that they almost never lead to a loss. Why would that be bad? Because risk aversion is responsible for so much lost opportunity. Risk aversion allows us to shoot down ideas faster than we build them up. It is easier to cite a risk that a project or change effort will fail than to undertake it. But getting ahead means change, and change means risk. Those who prosper in business, take risks. The list of leaders who wouldn’t take risks is a very short one.

The biggest risk is not taking any risk… In a world that’s changing really quickly, the only strategy that is guaranteed to fail is not taking risks. – Mark Zuckerberg

In other blogs, we’ve written about the price you pay by not adapting. It’s not a question of whether you should take risks, but how to do it well. Nearly all great advances come through leaders' appreciating an opportunity and understanding how to manage its risks. So often in our discussions with companies, we encounter leaders who acknowledge the opportunity we present, but who are stymied by perceived obstacles to acting on it. The focus turns too heavily to what lies in the way rather than the path. These obstacles become risks – “unknowns” – that inhibit desired transformation. See also: 4 Steps to Integrate Risk Management   Risks are an integral, essential part of improvement. They force us to think, to adapt, to learn. Companies that advance don’t do so by avoiding risk. They don’t do so in spite of risk. They do so in conjunction with risk. The question is not how to avoid risk, but how to embrace it. Leaders love risk as a thing to be conquered, not feared. Here’s how they do this. Define your goals in detail before you define your risks. It’s easy to get sidetracked by anxiety. The mention of a potential goal is more often met by caveats about it than by building out the path to the goal. Leaders focus first on the goal and the value of achieving it. Act on risks constructively. Draw up a list of risks that could materialize on your way to your goal. Define each risk (what it is), what impact the risk can have, the probability that it will occur and what should be done to manage it. Most often, the risk is much smaller than you imagine. For example, if we more aggressively negotiate medical cost reductions, we might generate more litigation. That might cost us $2,500 per case. This might happen on 10% of the cases. Don’t stop there….compare your risks to your upside – Our plan will result in reductions of more than $1,800 on 80% of all cases…..The upside is positive. Keep moving forward. Enlist people in problem solving…not problem identification. When engaging with others on a project or change effort, dwelling on risks leads to managing against a fear of failure. Get people involved in answering this question: “How can we achieve [name the goal]?” – rather than “what do you think of [name the goal]?” For example, how might we successfully achieve medical-cost reductions without generating litigation?” Plan for success and manage your way there. Managing risk doesn’t mean playing defense against potential disaster. On the contrary, it means keeping a clear eye on what you want. When we implement with a client, we have a detailed list of action items to be accomplished by our customers and us. Tedious? Not really. Critical to success? Absolutely. We know the critical success factors and we plan for and execute on them. Use risk to learn. We all know that stuff happens. Recognize it. Learn from it. Move on. Peter Drucker, the famous management guru, said it best…..

“People who don’t take risks generally make about two big mistakes a year. People who do take risks generally make about two big mistakes a year.”

See also: Are Portfolios Taking Too Much Risk?   If you’re feeling hemmed in by risks, take a different approach. Embrace it. It’s the only way to master it.

When I first met Dan Ariely (now chief behavioral officer at Lemonade, among his many other duties) 15-plus years ago, he told a story about how people will, well, cheat on their insurance applications. He said he got a large car insurer to let him experiment with 12,000 applications. For the control group of 6,000, he changed nothing. They filled out the form, including how many miles they drove each year, and signed at the bottom. With the other 6,000, he had people sign at the top, attesting at the beginning of the process that everything they were about to fill in would be true. Dan drily reported that, "It turns out that those who sign at the top of the form drive 3,000 miles a year more than those who sign at the bottom."

Since getting involved in the insurance industry 3 1/2 years ago, as part of my three-decade focus on digital technology and its prospects for innovation, I've learned that lots of people fudge, and not just on how many miles they drive. People will find a homeowners policy a bit too expensive, so they'll fiddle with the facts and report that the home had the roof replaced recently or forget to report that trampoline, or something. What really surprised me is how much people get away with fudging (I'm trying to be kind here) on whether they even have insurance. They'll get a certificate of insurance, so they can show that a policy was in force at a particular moment in time, but then what? How do you know that policy is in force a day later? A week? A month? Six months?

With the advent of Trov, Slice and a few other innovators, it's now possible to turn coverage on and off (for some things) in an instant, but businesses still don't really know whether those they're working with have the requisite insurance at any particular moment. And if they want to find out, businesses have to wade through a sea of paper (or sometimes PDFs) that must total in the tens of millions each year in the U.S. alone.

Well, I'm happy to report that as part of our work at the Innovator's Edge site, which tracks the roughly 800 insurtech startups, we've come across a company that has a solution. That company is GAPro, and you can learn more about it here. In an era where software-as-a-service has become commonplace, GAPro provides what it calls verification-as-a-service. You get a dashboard that tells you in real time the coverage status of your contractors, brokers or whomever -- green signifying that all is in order, yellow highlighting those whose policies are up for renewal soon and red showing those whose policies have lapsed. 

GAPro is still in its early days -- that's what insurtech is all about, right? -- but the idea is spot on, and those running the company are seasoned pros, so I'm confident they're going to get this right. That's why we've begun working with them to provide some counsel and, of course, to help them get the word out. You can read the announcement about our new relationship here. If you have a problem managing certificates of insurance -- and who doesn't? -- I encourage you to contact them. 

Cheers,

Paul Carroll,
Editor-in-Chief

A year ago, as the insurtech movement was starting to take off, a general partner at Andreessen Horowitz made a presentation to our semi-annual gathering of two dozen insurance company CEOs at Google headquarters and began by saying: "Distribution trumps innovation."

In some ways, that's an obvious statement. An innovation can't spread until you find that first customer, and then the second and then the third. But the statement was still startling to hear from a leader at a premier venture capital firm known for celebrating innovation. I jotted down the line, then looked around the room and saw that just about everyone else was, too.

Distribution trumps innovation.

While we have spent years at ITL fostering innovative ideas by curating what is now more than 2,600 articles by more than 800 of the best thinkers in the insurance and risk management industry, we decided to tackle the distribution piece of the puzzle, too. We began by cataloging all the insurtech startups, a list that now exceeds 800, and making it as easy as possible to search the startups based on technology, location, problem being addressed, etc. We gathered that information at a site that I've mentioned several times to you now: the Innovator's Edge. We've found that those looking for innovators need to know more, so we've taken the next step.

We've developed what we call Innovator's Edge Exchange. The foundation of IEx is the Market Maturity Review, which takes startups about a half-hour to fill out and which provides detail on where they stand in five crucial areas: the maturity of their technology, of their experience in the insurance industry, of their work with relevant regulations, of their operations and of their funding. Startups have begun to fill out these surveys to be discovered by potental customers, and I encourage everyone on the list to do so by going to the IE Exchange site. The more complete the list of startups in IEx, the more valuable it'll be to incumbents looking for innovators, and the more likely everyone will benefit. If you're not on the list and should be, please let me know at paul@insurancethoughtleadership.com. If you're an incumbent and want to be notified when you can sign up to get access to all the market maturity information we're gathering -- probably in late February -- you can sign up here. 

Cheers,

Paul Carroll,
Editor-in-Chief

It looks like 2017 is continuing right where 2016 left off—with news of a massive data leak and thousands of passwords being exposed on the internet and cached by search engines. This refers to the gaping security flaw recently discovered in the widely used Cloudflare service. It goes without saying that you should immediately change all your passwords, given how deeply embedded into the internet Cloudflare is. You also should seriously consider using a multifactor step-up capability to access your more sensitive websites and services. Related article: Cloudflare bug spills passwords in plaintext Your identity has become a “currency,” and criminals are able to sell it like other data. Unfortunately, many organizations are dragging their feet in adopting more advanced and secure methods for allowing customers to connect with their services. For the near term at least, passwords are here and will be here for the next few years. See also: The 7 Keys to Strong Passwords   In terms of security and availability, passwords are the lowest common denominator. They are cheap to deploy, users understand how to interact with them, and the risks associated with the username and password paradigm—while not fully understood—are accepted. But, there are three key factors converging that will replace these username and passwords in the future. Many more savvy about security First, policy- and decision-makers are becoming more sophisticated in their understanding of the risks and security profile that simple reliance on passwords presents. Recent announcements from Yahoo CEO Marissa Mayer and General Counsel Ronald Bell should be a bellwether in this regard. Following YAYB (Yet Another Yahoo Breach), Bell resigned without severance pay, and Mayer lost her annual cash bonus and equity award—which some reports estimate to be worth upward of $14 million. Governmental regulations—such as the revised payment services directive (PSD2) in Europe—are requiring more stringent authentication requirements for financial institutions while the National Institute of Standards and Technology in the U.S. no longer recommends one-time passwords (OTPs) being delivered via SMS in its Digital Authentication Guideline. Password reliance and its associated pain is a global problem. Advances in biometrics, other alternatives Second, viable alternatives to the password are gaining widespread acceptance. Since the release of the fingerprint scanner on the Apple iPhone 5S, biometrics have exploded as an alternative to PINs and passwords. Related article: China embraces FIDO Alliance standards The FIDO Alliance has grown as an industrywide organization popularizing a set of specifications that increase privacy, increase security and increase usability while at the same time allowing the multitude of players from the authentication marketplace to ensure interoperability. Adoption of such alternatives is moving along at a solid clip with millions of users worldwide already using this technology. Consumers demand more Finally, users are fed up. They have learned of breach after breach after breach. The added features that complicate a password are not actually making it more secure, but they do make passwords significantly more difficult to input on the small touchscreens that are becoming our primary computing devices. As these three forces continue to converge, passwords will be replaced in greater and greater numbers. As a society, we need to overcome password pain and look to the future. Using a fingerprint or other biometric authentication measure helps users look beyond the failed username and password infrastructure. In time, the public will understand how flawed traditional password usage is. It’s both inconvenient and insecure. See also: How to Make Smart Devices More Secure   In 2017, we will see more companies erring on the side of security, removing passwords and implementing modern authentication strategies that eliminate the opportunity for large-scale password leaks and theft. This post originally appeared on ThirdCertainty. It was written by Phil Dunkelberger.