Conventional wisdom is that blockbuster innovations are most likely found in new product categories. Business celebrities like Steve Jobs, Bill Gates and Mark Zuckerberg -- three college dropouts who made billions with stunning innovations that ignited whole new industries -- reinforce this perception. This conventional wisdom is even codified in business theory. In the multimillion-copy bestseller, “Blue Ocean Strategy: How to Create Uncontested Market Space and Make Competition Irrelevant,” two business school professors argue that “lasting success comes not from battling competitors but from creating ‘blue oceans’-- untapped new market spaces ripe for growth.” Businesses are encouraged to avoid “bloody ‘red oceans’ of rivals fighting over a shrinking profit pool.” One of the insights from an excellent new book by John Sviokla and Mitch Cohen is that the vast majority of today’s wealthiest persons made their billions by ignoring this notion. The book also offers important guidance on how both entrepreneurs and established companies should innovate. In The Self-Made Billionaire Effect: How Extreme Producers Create Massive Value, Sviokla and Cohen found that 80% of the self-made billionaires that they studied made their fortunes in contested market spaces. Their research sample consisted of 120 self-made billionaires (as opposed to those with inherited wealth) operating in relatively transparent and competitive markets. These 120 were randomly selected from self-made billionaires on Forbes’ Billionaire List, adjusted to mirror the larger list’s geographic and industry distribution. Sir James Dyson, for example, did not stop reimagining the vacuum cleaner just because Hoover got there first and the market was crowded. Instead, Dyson went through 5,127 iterations to develop a production-ready design of his dual cyclone vacuum. Sir James Dyson with his Dyson Vacuum If the term had existed, the board of Dyson’s company at that time might have labeled Dyson’s effort an ill-conceived “red ocean” strategy. It rejected his request for funding to produce the vacuum -- even though Dyson owned a third of the company. Dyson was told:

If there really was a better type of vacuum cleaner, then surely one of the big manufacturers would be making it.

Undeterred, Dyson had to set up a new company to manufacture the G-Force Dual Cyclone vacuum cleaner. It would go on to capture immense market share -- as high as 50% in the UK -- and generate billions in sales. Svioka and Cohen offer numerous other case studies of self-made billionaires who succeeded in markets that “would by any measure be considered ‘red.’” Here is a partial list from their thoroughly researched book.

• John Paul DeJoria, a haircare products salesman, and celebrity stylist Paul Mitchell successfully launchedJohn Paul Mitchell Systems into the populated market of high-end hair care.
• Bharti Enterprises founder Sunil Mittal got his start importing known, legacy technologies such as portable generators and telephone handsets into India.
• Sara Blakely’s Spanx shapewear prospered in a hosiery market dominated by L’eggs and Hanes.
• Eli Broad built affordable starter homes without basements in part because he saw others doing it successfully.
• Glen Talyor grew a mom-and-pop local printing shop into one of the largest custom printing companies in the U.S. by, at first, focusing on the immensely competitive and fragmented industry for wedding stationery and related accessories.

Sviokla and Cohen are not arguing for red oceans over blue ones. Their research shows that self-made billionaires ignore the distinction. To them, all oceans are purple -- a blending of available opportunity within established practice. The vast majority of self-made billionaires operate in markets “that are a blending of new approaches within old modes that reveal ways to re-create the space.” This is an important lesson for both entrepreneurs and innovators in established companies. The opportunities are there -- all the time -- to create a blockbuster product within an existing market. No market is owned solely by a single product or idea. Those who can take advantage of the constant change are the ones most likely to win.

The health insurance market is changing. And the changes are not good. Even before there was Obamacare, most insurers most of the time had perverse incentives to attract the healthy and avoid the sick. Now, the perverse incentives are worse than ever. Writing in the New York Times, Elizabeth Rosenthal gives these examples:

• When Karen Pineman of Manhattan sought treatment for a broken ankle, her insurer told her that the nearest in-network doctor was in Stamford, Connecticut – in another state.
• Alison Chavez, a California breast cancer patient, was almost on the operating table when her surgery had to be canceled because several of her doctors were leaving the insurer’s network.
• When the son of Alexis Gersten, a dentist in East Quogue, NY, needed an ear, nose and throat specialist, the insurer told her the nearest one was in Albany – five hours away.
• When Andrea Greenberg, a New York lawyer, called an insurance company hotline with questions she found herself speaking to someone reading off a script in the Philippines.
• Aviva Starkman Williams, a California computer engineer, tried to determine whether the pediatrician doing her son’s two-year-old checkup was in-network, and the practice’s office manager “said he didn’t know because doctors came in and out of network all the time, likening the situation to players’ switching teams in the National Basketball Association.”

But aren’t these insurers worried that if they mistreat their customers, their enrollees will move to some other plan? Here’s the rarely told secret about health insurance in the Obamacare exchanges: Insurers don’t care if heavy users of medical care go to some other plan. Getting rid of high-cost enrollees is actually good for the bottom line. To appreciate how different health insurance has become, let’s compare it with the kind of casualty insurance people buy for their home or their cars. Dennis Haysbert is the actor I remember best for playing the president of the U.S. in the Jack Bauer series, 24.  You probably know him better as the spokesman for Allstate. In one commercial, he is standing in front of a town that looks like it has been demolished by a tornado. “It took only two minutes for this town to be destroyed,” he says. He ends by asking, “Are you in good hands?” The point of the commercial is self-evident. Casualty insurers know you don’t care about insurance until something bad happens. And the way they are pitching their products is: Once the bad thing happens, we are going to take care of you. Virtually all casualty insurance advertisements carry this message, explicitly or implicitly. Nationwide used to run a commercial in which all kinds of catastrophes were caused by a Dennis-the-Menace type kid. In a State Farm ad, a baseball comes crashing through a living room window. Nationwide’s “Life comes at you fast” series features all kinds of misadventures. And, of course, the Aflac commercials are all about unexpected mishaps. Now let’s compare those messages with what we see in the health insurance exchange. Federal employees have been obtaining insurance in an exchange, similar to the Obamacare exchanges, for several decades. Every fall, during “open enrollment,” they select from among a dozen or so competing heath plans. In Washington, DC, where the market is huge, insurers try to attract customers by running commercials on TV, in print and in other venues. If the health insurers followed the lead of the casualty insurers, their ads would focus on what could go wrong and how good they are at treating the problems. After all, why do you need health insurance? Because you might get cancer, heart disease or some other expensive-to-treat condition. And when that happens, you would like to be in a plan that give you access to the best doctors and the best facilities for your condition. In fact, this is what you never see in a health insurance commercial in Washington, DC. There is never a mention of cancer, heart disease, diabetes, AIDS or any other serious health condition.  Instead, what you see are pictures of young healthy families. The implicit message is: If you look like the people in these photos, we want you. What explains the difference between the health insurance and casualty insurance markets? In the latter, people pay real prices that reflect real risks. In the former, no one is paying a premium that reflects the expected cost of his care. The healthy are being overcharged so that the sick can be undercharged. So, insurers try to attract the healthy and avoid the sick. The perverse incentives don’t end after enrollment. The incentive then is to under-provide to the sick (to encourage their exodus and avoid attracting more of them) and over-provide to the healthy (to keep the ones they have and attract even more). Rosenthal explains what this means for people who need care: “For some, like Ms. Pineman, narrow networks can necessitate footing bills privately. For others, the constant changes in policy guidelines — annual shifts in what’s covered and what’s not, monthly shifts in which doctors are in and out of network — can produce surprise bills for services they assumed would be covered. For still others, the new fees are so confusing and unsupportable that they just avoid seeing doctors.” So what’s the answer? In a previous post, I argued that we can denationalize and deregulate the exchanges. And by instituting “health status insurance,” we can have a market with real prices that gives real protection to people with pre-existing conditions. There is no reason why the health insurance marketplace cannot work just as well as the market for homeowners insurance and auto liability insurance. This article originally appeared at Forbes.

The wellness emphasis in the Affordable Care Act is built around the Centers for Disease Control and Prevention’s (CDC) call to action in 2009 about chronic disease: The Power to Prevent, the Call to Control. On the summary page, we learn some of what the CDC calls “arresting facts”:

•  “Chronic diseases cause seven in 10 deaths each year in the U.S.”
•   “About 133 million Americans -- nearly one in two adults -- live with at least one chronic illness.”
•   “75% of our healthcare spending is on people with chronic conditions.”

Shocking -- that is, in terms of how misleading or even false the claims are and of how they created the wellness legend. Take the statement that “chronic diseases cause seven in 10 deaths.” We have to die of something. Would it be better to die of accidents? Suicides and homicides? Mercury poisoning? Side effects of measles vaccinations gone awry? The second statistic is also a head-scratcher. Only 223 million Americans were old enough to drink in 2009; divide 133 million into that number, and you see that a whopping 60% of adults, not “nearly one in two,” live with at least one chronic illness. Sloppy math and wording is common on the CDC site, as elsewhere it says that almost one in five youths has a BMI in the 95th percentile or above, which, of course, is mathematically impossible, as is the CDC's calculation of our risk of death. More importantly, how is the CDC defining “chronic disease” so broadly that so many of us have at least one? Is the CDC counting back pain? Tooth decay? Dandruff? Ring around the collar? “The facts,” as the CDC calls them, are only slightly less fatuous. For instance, the CDC counts “stroke” as a chronic disease. Although a stroke is likely preceded by chronic disease (such as severe hypertension or diabetes), it is hard to imagine a more acute medical event than one in which every minute of delay in treatment increases your odds of ending up like the Kardashians. The CDC also counts obesity, which was only designated as a chronic disease by the American Medical Association in 2013 -- and even then many people don’t accept that definition. Cancer also receives this designation, even though many diagnosed cancers are anything but chronic -- they either go into remission or cause death.   “Chronic disease” implies a need for continuing therapy and vigilance. If cancer were a chronic disease, instead of sponsoring “races for the cure,” cancer advocacy groups would sponsor “races for the control and management.” And you never hear anybody say, “I have lung cancer, but my doctor says we’re staying on top of it.” That brings us to the last bullet point. Convention typically attributes more than 80% of healthcare costs to fewer than 20% of people, meaning that costly ailments are concentrated in a relatively small group. The implication would be that, if you address that small group, your savings are disproportionate. Instead, the CDC’s data attributes 75% of costs to about 50% of the adult population, implying almost the exact opposite of the 80-20 rule: The cost of chronic disease is widely dispersed. Indeed, if you remove the rare diseases that afflict about 1% of the population but account for about 7-8% of cost, you come very close to parity between the proportion of the population with chronic disease and the proportion of total health spending attributable to chronic disease. So what? This urban legend based on the CDC's call to action, appearing verbatim more than a million times on Google, is among the single biggest causes of uncontrolled healthcare spending…and is responsible for essentially the entire wellness industry. In reality, if you strip away the expenses of those chronically ill people unrelated to their chronic condition (which are included in the CDC’s 75% statistic); prevention and management of those conditions (ditto); those aforementioned rare diseases; and unpredictable or uncontrollable exacerbations: That 75% crumbles to about 4% of expenses that fit the category of wellness-sensitive medical events. Achieving a 10% reduction in those categories -- a feat rarely accomplished, which is why vendors never disclose this figure -- would reduce overall spending by 0.4%, or about $25 a year per employee or spouse. Hence, few employers would ever bother with wellness. Instead, the CDC's  wellness legend, suggesting that 75% of costs can be attacked, encourages employers and health plans to focus on the opposite of what they should focus on. Penn State, citing this 75% statistic as justification for its controversial wellness program, provides a classic example of this wrongheaded focus, with unfortunate consequences for the university’ reputation and employee relations, with no offsetting financial benefit. Typical of the wellness industry’s embrace of this wellness legend is Bravo Wellness -- also the first wellness company to brag about generating savings by punishing employees. The company takes this fallacy a step further. It deftly substitutes the words “lifestyle-related and preventable” conditions for the CDC’s language “chronic conditions”; that implies that everyone with a chronic condition, even a congenital or unavoidable, rare condition, has only his lifestyle to blame. Vendors like Bravo encourage employers to get more employees to view themselves as chronically ill, or about to become chronically ill -- and encourages them to access the system. Encouraging overdiagnosis, overtreatment and overprescribing isn’t just a bad idea on its own. It distracts employers from real issues such as provider pricing disparities, hospital safety, outliers (the small percentage of employees who really do account for half the cost (usually not because of a chronic ailment, though) and pharmacy benefit managers (PBMs), whose per-drug margins are about twice what they would be if anyone spent any time weed-whacking their obfuscations of rebates, implementation fees, etc. and simply negotiated the margin directly. What to do next? It seems like all our posts end the same way: Stop poking your employees with needles. We’ve debunked wellness’s science and math, its outcomes, its philosophy … and now its epidemiological premise. Even as their credibility is shredded, most wellness industry players have steadfastly refused to defend themselves at all. Instead, they avoid all debates on this site, because, although many of the vendors and consultants appear to be incapable of critical thinking, they are smart enough to realize that facts are their worst nightmare.

The Consumer Electronics Show (CES) has been the preeminent show for seeing, hearing and feeling what is emerging and hot in consumer electronics. It is the place to go to see new electronic games, mobile devices, TVs, home appliances and other electronics that will be coming to market to amaze and excite us. Remember Onewheel, a self-balancing, one-wheeled, motorized skateboard? Occulus Rift virtual reality? The curved HDTV? Or the best in laptops, tablets and smartphones? The 2015 show may have been an inflection point, where CES also becomes the leading edge for emerging technology that should be of keen interest for businesses, especially insurance. It is the year where new products will go from science fiction and future thinking to Main Street reality and demand! Move over, George Jetson. For insurers, the future starts right now! Emerging Technologies The proliferation of emerging technologies seen at CES is considered by many to contain some of the greatest change agents since the introduction of the Internet, offering breakthroughs that will challenge businesses in many ways. In our 2014 research report, Emerging Technologies: Reshaping the Next-Gen Insurer, insight into the adoption, investment plans and opportunities for business of nine emerging technologies reveals the vast potential for transforming insurance. The research found that adoption is being led by the Internet of Things (IoT) followed by wearables, artificial intelligence (AI) and drones/aerial imagery, with driverless vehicles coming up quickly behind. In fact, five of the nine technologies are projected to arrive at or go well beyond the tipping point within three years, and all nine to surpass the tipping point within five years. CES has reinforced this view. Insurers that have not accepted as fact the fast-paced adoption and impact of these emerging technologies should take great pause. Here are a few reasons: Autonomous vehicles became one of the hottest items during the show, and even before. Audi drove its autonomous vehicle from Silicon Valley to Las Vegas, generating pre-show buzz. Kicking off the show was Mercedes showing a concept car that looked more like a futuristic living room than a car. These and the other major automotive companies all demonstrated their acceptance, commitment and fast adoption of this new form of transportation introduced by Google just a couple of years ago. At this show, many of these automakers announced their plans to offer autonomous vehicles beginning in 2017! Note they did not make the announcement at the traditional Detroit Auto Show the following week. The future of autonomous vehicles will quickly be a reality, and so much sooner than most thought. So share the road, George J! The Internet of Things (IoT) was everywhere, exemplified in the connected car, connected home and wearables ... highlighting a fast paced market that is reinventing how we work, live and play in a connected world. Wearables with fitness and activity bands were prevalent, along with innovative devices like a pacifier that can monitor a baby’s health. Also included were wearables that were integrated with autos to enable the starting of parked cars. But it was the connected car and connected home that had the highest profiles. The connected car was touted by many major car manufacturers. Ford, Volkswagen, GM, BMW, Toyota, Audi, Mazda, Daimler and others were showcasing their connected car capabilities and the growing array of services that come with them. The media noted that Mark Fields, Ford’s CEO, sees Ford as thinking of itself as a mobility company rather than an automotive company, delivering a wide array of services and experiences via the auto instead of the mobile phone. Added to this are Apple’s CarPlay and Google’s Android Auto systems that mimic and integrate the functions of smartphones on the auto dashboard touchscreen. Quite a reimagination of the automotive business! All the devices and capabilities for the connected home added to the IoT's momentum. Familiar tech companies like Google, Microsoft, Amazon and Apple, along with traditional companies like Cisco, GE, Bosch, Samsung and others, are powering ahead with innovative capabilities that will drive rapid adoption. In fact, Samsung Electronics CEO Boo-Keun Yoon indicated that, by 2017, 90% of all Samsung hardware (TVs, ovens, refrigerators, purifiers and more) will be connected, creating a home personalized to your unique needs. Many of the companies also announced the development of connected home hubs to integrate these wide arrays of devices from various manufacturers and third-party providers. Data from the connected home devices can be used to offer new services. The Jetsons' home is finally here! And drones were flying everywhere to demonstrate the high interest and potential for many businesses – from phone and video purposes to building inspections, surveying, delivery, weather data gathering, traffic and much more. The Federal Aviation Administration (FAA) had a booth at the event, announcing that it expects well over 7,000 drones in use by 2018. All of this indicated that, literally, the sky seems to be the limit for drones! Insurance Implications What does this all mean for insurers? The event emphasized the need for insurers to take these emerging technologies seriously and to quickly explore, experiment and consider their uses in the business. Why? Because traditional competitors like Progressive and USAA made announcements at the event concerning the connected car and connected home and the potential of new competitors that are looking at how they might leverage these new technologies. The SMA 2014 emerging technologies survey indicated that these technologies would reach a tipping point in three to five years -- or from 2017 to 2019. Based on the announcements at the CES about autonomous vehicles by 2017, home hardware being 90% connected by 2017 and large numbers of drones in use by 2018, the estimated arrival time at the tipping point is right on track, or could even come much earlier. The results? New customer demands and expectations. Decreased risk. New insurance product needs. New service revenues. New competitors. Redefined customer relationships. Reimagined businesses and industries. To stay in the game, let alone win it, insurers must aggressively find a way to embrace these technologies and uncover their potential. And, to do so, they must have modern core systems as the foundation to integrate the use of these technologies for innovation, as well as plans to pilot some of these technologies, because the future is coming fast. The Consumer Electronics Show 2015 has foretold that 2015 will be a pivotal year for many businesses and industries, including insurance, for emerging technologies. Adoption of the emerging technologies is on track or accelerating toward the tipping point. It is no longer science fiction. It is science reality. Welcome to the future … today!

Historically, “analytics” has referred to the use of statistical or data mining techniques to analyze data and make inferences. In this context, analytics typically explain what happened (descriptive analytics) and why (diagnostic analytics). If an insurer saw its customers moving to its competition, it would analyze the characteristics of the customers staying or leaving, the prices it and its competitors offer and customer satisfaction. The analysis would help determine what was happening, who was leaving and why. In contrast, predictive analytics focuses on what will happen in the future. “Predictive analytics” has a fairly broad definition in the press but has a specific meaning in academic circles. Classical predictive analytics focuses on building predictive models where a subset of the available data is used to build a model using statistical techniques (usually some form of regression analysis -- linear, logistic regression etc.) that is then tested for its accuracy with the “holdout” sample. Once a model with sufficient accuracy is developed, it can be used to predict future outcomes. More recent predictive analytics techniques use additional machine learning techniques (e.g., neural network analysis or Bayesian probabilistic techniques). Insurers have used predictive analytics for almost two decades, but, despite its usefulness, it has two main drawbacks:

• Focus on decision versus action: Predictive analytics can tell you what is likely to happen but cannot make recommendations and act on your behalf. For example, a predictive model on the spread of flu can determine the prevalence and spread of flu but cannot tell you how to avoid it. Similarly, a predictive model of insurance sales can determine weekly sales numbers but is incapable of suggesting how to increase them.

• Reliance on single future versus multiple alternative futures: While we can learn from the past, we know that it may not be a good predictor of the future. Predictive models make linear predictions based on past data. They also make certain assumptions that may not be viable when extrapolating into the future. For example, regression requires the designation of a dependent variable (e.g., insurance sales), which is then described in terms of other independent variables (e.g., brand loyalty, price etc.). While this method can help predict future insurance sales, the accuracy of the numbers tends to decrease further into the future, where broad macro-economic and behavioral considerations will play a greater role in sales.

Prescriptive Analytics In response, there are a number of firms, authors and articles that propose “prescriptive analytics” as the next stage of the analytics continuum’s evolution. Prescriptive analytics automates the recommendation and action process and generally is based on machine learning techniques that evaluate the impact of future decisions and adjust model parameters based on the difference between predicted and actual outcomes. For example, insurers could use prescriptive analytics for automatically underwriting insurance, where the system improves its conversion ratio by adjusting price and coverage on a continual basis based on predicted take-up and actual deviations from it. However, while prescriptive analytics does address the first of predictive analytics’ drawbacks by making and acting on its recommendations, it usually fails to address the second shortcoming. Prescriptive analytics relies on a single view of the future based on historical data and does not allow for “what if” modeling of multiple future scenarios. The critical assumption is that the variables used to explain the dependent variable are independent of each other, which in most cases is not true. While the analysis can be modified to account for this collinearity, the techniques still fail to use all of the available data from domain experts. In particular, prescriptive analytics does not take into account the rich structure and influences among all the variables being modeled. Complexity Science In addition to prescriptive analytics, we believe that complexity science is a natural extension of predictive analytics. Complexity science is an inter-disciplinary approach to understanding complex systems, including how they form, evolve and cease to exist. Typically, a system that consists of a few well-known parts that consistently interact with each other in a way we can easily understand is a “simple” system. For example, a thermostat that can read (or sense) the temperature and reach a given target temperature is a simple system. At the other end of the spectrum, a system with a very large collection of entities that interact randomly with each other is a “random” system. We often use statistical techniques to understand the behavior of the latter. For example, we can gain an understanding of the properties of a liquid (like its boiling point) by looking at the average properties of the elements and compounds that compose it. The fundamental assumption about such systems is that its parts are independent. In between simple and random systems are “complex” systems that consist of several things that interact with each other in meaningful ways that change their future path. For example, a collection of consumers watching advertisements, talking to others and using products can influence other consumers, companies and the economy as a whole. Complexity science rejects the notion of “independence” and actively models the interactions of entities that make up the system. Complexity science identifies seven core traits of entities and how they relate to each other: 1) information processing, 2) non-linear relationships, 3) emergence, 4) evolution, 5) self-organization, 6) robustness and 7) if they are on the edge of chaos. Unlike a random system, the entities in a complex system process information and make decisions. These information processing units influence each other, which results in positive or negative feedback leading to non-linear relationships. As a result, properties emerge from the interaction of the entities that did not originally characterize the individual entities. For example, when a new product comes on the market, consumers may purchase it not just because of its intrinsic value but also because of its real or perceived influence on others. Moreover, the interactions between entities in a complex system are not static; they evolve over time. They are capable of self-organizing and lack a central controlling entity. These conditions lead to more adaptive behavior. Such systems are often at the edge of chaos but are not quite chaotic or entirely random. Two parallel developments have led to complexity science’s increased use in practical applications in recent years. The first is the availability of large amounts of data (or big data) that allows us to capture the properties of interest within each entity and the interactions between them. Processing the data allows us to model each entity and its interactions with others individually, as opposed to treating them as an aggregate. For example, a social network is a complex system of interacting individuals. We can use complexity science to understand how ideas flow through the social network, how they become amplified and how they fade away. The second development accelerating complexity science’s use is the inadequacy of classical or statistical models to adequately capture complexity in the global economy. Since the financial crisis of 2007/8, a number of industry bodies, academics and regulators have called for alternative ways of looking at the world’s complex social and financial systems. For example, the Society of Actuaries has published a number of studies using complexity science and a specific type of complexity science called agent-based modeling to better understand policyholder behavior. In addition, health insurers are building sophisticated models of human physiology and chemical reactions to test adverse drug interactions. As another example, manufacturers are modeling global supply chains as complex interacting entities to increase their robustness and resiliency. Agent-based modeling is a branch of complexity science where the behavior of a system is analyzed using a collection of interacting, decision-making entities called agents (or software agents). The individual behavior of each agent is modeled based on available data and domain knowledge. The interaction of these agents among themselves and the external environment can lead to market behavior that is more than just the aggregate of all the individual behaviors. This often leads to emergent properties. Such models can be used to evaluate multiple scenarios into the future to understand what will happen or what should happen as a result of a certain action. For example, a large annuity provider has used individual policyholder data to create an agent-based model in which each one of its customers is modeled as an individual software agent. Based on specific policyholder data, external socio-demographic and behavioral data, as well as historical macro-economic data, the annuity provider can evaluate multiple scenarios on how each annuity policyholder will lapse, withdraw or annuitize their policy under different economic conditions. In conclusion, as companies look to capitalize on big data opportunities, we will see more of them adopt prescriptive analytics and complexity science to predict not just what is likely to happen based on past events but also how they can change the future course of events given certain economic, political and competitive constraints.

On the cusp of the 2015 Super Bowl, NFL Commissioner Roger Goodell surprised fans with an unusual focus for his annual state of the league press conference: player safety. He announced that the league would hire a chief medical officer to oversee the league’s health policies. This is good news. But first and foremost, Goodell must firmly plant the goalposts for this new hire. What does the new top doc need to accomplish to win? Here are four goals to start: Goal One: Make Concussions Rare In 2014, there were 202 concussions among players in practice, preseason and regular-season games. With approximately 1,600 players, my back-of-the-envelope math calculates one concussion for every eight players -- in one year alone. The new chief medical officer will have some momentum to build on to address this issue. In recent years, the league has implemented tough restrictions about when and under what conditions players can return to the field after an injury. The league has also improved equipment and changed the rulebook to penalize hits to defenseless players. The number of concussions is down by 25% from 2013, and defenseless hits are down by 68%. The new medical officer needs to accelerate that progress. Goal Two: Research and Enforce Best Practices To make a major impact on players’ health and safety, the new medical officer will need to rigorously examine the protocols in place to protect players. No one can argue with the notion that, at its core, football is a contact sport; injury is inevitable. However, some injuries are entirely preventable, yet they can easily topple the career of a valuable player. In my world, we’d call this kind of injury a “Never Event” -- it should never happen. The new medical officer needs to consider how the team functions as a whole, get solid research on best practices and create enforceable guidelines for prevention. To protect past, current and future players, he or she will have to shake up the entire enterprise and institute a culture in which making the play is balanced with protecting the player. Goal Three: Demand Safety off the Field, Too One in eight is a frightening statistic for concussions, but, surprisingly, players may be safer on the field than in a hospital. Players -- and league employees and their families -- depend on the healthcare system just like the rest of us. True, players often receive treatment at elite centers of care, at the hands of celebrated physicians. But our research finds that even places with big reputations can be equally unsafe. One in six admissions to a hospital results in an adverse event, and as many as 500 people die every day from preventable errors, accidents and injuries in hospitals. Even the most highly regarded institutions struggle to keep patient safety a top priority. But some providers are much safer than others, and the new NFL medical officer has a role to play in helping players and employees pick the winners. He or she can demand data on safety of hospitals and physician practices and use that data in decision-making. The NFL can structure health benefits packages to favor safest providers, encourage performance-based payment models and give employees transparent and candid information on quality and safety to encourage them to select the safest care. Many other employers and unions are successfully deploying these strategies, and they have good tools to help. Goal Four: Be a Champion Championship  isn’t exactly a standard element on boilerplate job descriptions, but it’s critical to this one. The NFL knows how to spot champions, and it should expect no less from this new hire. The new chief medical officer needs to inspire a good number of people: teams, to change the way they function; youth, increasingly wary about the game; retired players, whose health issues cast a shadow over the whole sport; and the millions of fans who love American football. Being a champion is the most important goal, because the NFL has the opportunity to go beyond defending its safety record and start playing offense. As a top-tier brand, the NFL could be a national leader, ensuring that safety comes first in America, on and off the field. By taking the right steps to protect players and the league, the new medical officer can inspire all the fans, not only to embrace the game, but to champion a healthier America. This article was originally posted on Forbes.com.

Most companies that take up risk management start out with subjective frequency-severity assessments of each of their primary risks. These values are then used to construct a heat map, and the risks that are farthest away from the zero point of the plot are judged to be of most concern. This is a good way to jump-start a discussion of risks and to develop an initial process for prioritizing early risk management activities. But it should never be the end point for insurers. Insurers are in the risk business.  The two largest categories of risks for insurers -- insurance and investment -- are always traded directly for money.  Insurers must have a clear view of the dollar value of their risks. And with any reflection, insurance risk managers will identify that there is actually never a single pair of frequency and severity that can accurately represent their risks. Each of the major risks of an insurer has many, many possible pairs of frequency and severity. For example, almost all insurers with exposure to natural catastrophes have access to analysis of their exposure to loss using commercial catastrophe models. These models produce loss amounts at a frequency of 1 in 10, 1 in 20, 1 in 100, 1 in 200, 1 in 500, 1 in 1000 and any frequency in between. There is not a single one of these frequency severity pairs that by itself defines catastrophe risk for that insurer. Once an insurer moves to recognizing that all of its risks have this characteristic, it can now take advantage of one of the most useful tools for portraying the risks of the enterprise, the risk profile. For a risk profile, each risk is portrayed according to the possible loss at a single frequency. One common value is a 1 in 100 frequency. In Europe, all insurers are focused by Solvency II regulations on the 1-in-200 loss. Ultimately, an insurer will want to develop a robust model like the catastrophe model for each of its risks to support the development of the risk profile. But before spending all of that money, there are two possible shortcuts that are available to rated insurers that will cost little to no additional money. SRQ Stress Tests In 2008, AM Best started asking each rated insurer to talk about its top five risks. Then, in 2011, in the new ERM section to the supplemental rating questionnaire, Best asked insurers to identify the potential impact of the largest threat for six risk types. For many years, AM Best has calculated its estimate of the capital needed by insurers for losses in five categories and eventually added an adjustment for a sixth -- natural catastrophe risk. Risk profile is one of the primary areas of focus for good ERM programs and is closely related to these questions and calculations. Risk profile is a view of all the main risks of an insurer that allows management and other audiences the chance to compare the size of the various risks on a relative basis. Often, when insurers view their risk profile for the first time, they find that their profile is not exactly what they expected. As they look at their risk profile in successive periods, they find that changes to their risk profile end up being key strategic discussions. The insurers that have been looking at their risk profile for quite some time find the discussion with AM Best and others about their top risks to be a process of simplifying the detailed conversations that they have had internally instead of stretching to find something to say that plagues other insurers. The difference is usually obvious to the experienced listener from the rating agency. Risk Profile From the SRQ Stress Tests Most insurers will say that insurance (or underwriting) risk is the most important risk of the company. The chart below, showing information about the risk profile averaged for 31 insurers, paints a very different story. On average, underwriting risk was 24% of the risk profile and market risk was 30%. Twenty of the 31 companies had a higher value for market risk than underwriting risk. For those 20 insurers, this exercise in viewing their risk profile shows that management and the board should be giving equal or even higher amounts of attention to their investment risks. Stress tests are a good way for insurers to get started with looking at their risk profile. The six AM Best categories can be used to allow for comparisons with studies, or the company can use its own categories to make the risk profile line up with the main concerns of its strategic planning discussions. Be careful. Make sure that you check the results from the AM Best SRQ stress tests to make sure that you are not ignoring any major risks. To be fully effective, the risk profile needs to include all of the company’s risks. For 20 of these 31 insurers, that may mean acknowledging that they have more equity risk than underwriting risk – and planning accordingly. Risk Profile From the BCAR Formula The chart below portrays the risk profiles of a different group of 12 insurers. These risk profiles were determined using the AM Best BCAR formula without analyst adjustments. For this group of companies on this basis, premium risk is the largest single category. And while there are again six risk categories, they are a somewhat different list. The risk category of underwriting from the SRQ is here split into three categories of premium, reserve and nat cat. Together, those three categories represent more than 60% of the risk profile of this group of insurers. Operational, liquidity and strategic risks that make up 39% of the SRQ average risk profile are missing here. Reinsurer credit risk is shown here to be a major risk category, with 17% of the risk. Combined investment and reinsurer credit is only 7% of total risk in the SRQ risk profile. Why are the two risk profiles so different in their views about insurance and investment risks? This author would guess that insurers are more confident of their ability to manage insurance risks, so their estimate of that risk estimated in the stress tests is for less severe losses than the AM Best view reflected in the BCAR formula. And the opposite is true for investment, particularly equity risk. AM Best's BCAR formula for equity risk is for only a 15% loss, while most insurers who have a stock portfolio had just in 2008 experienced 30% to 40% losses. So insurers are evaluating their investment risk as being much higher than AM Best believes. Neither set seems to be the complete answer. From looking at these two groups, it makes sense to consider using nine or more categories: premiums, reserves, nat cat, reinsurer credit, bond credit, equities, operational, strategic and liquidity risk. Insurers with multiple large insurance lines may want to add several splits to the premium and reserve categories. Using Risk Profile for Strategic Planning and Board Discussions Risk profile can be the focus for bringing enterprise risk into the company’s strategic discussions. The planning process would start with a review of the expected risk profile at the start of the year and look at the impact on risk profile of any major proposed actions as a part of the evaluation of those plans. Each major plan can be discussed regarding whether it increases concentration of risks for the insurer or if it is expected to increase diversification. The risk profile can then be a major communication tool for bringing major management decisions and proposals to the board and to other outside audiences. Each time the risk profile is presented, management can provide explanations of the causes of each significant change in the profile, whether it be from management decisions and actions or because of major changes in the environment. Risk Profile and Risk Appetite Once an insurer has a repeatable process in place for portraying enterprise risk as a risk profile, this risk profile can be linked to the risk appetite. The pie charts above focus attention on the relative size of the main types of risks of the insurer. The bar chart below features the sum of the risks. Here the target line represents the expected sum of all of the risks, while the maximum is an aggregate risk limit based upon the risk appetite. In the example above, the insurer has a target for risk at 90% of a standard (in this case, the standard is for a 400% RBC level; i.e. the target is to have RBC ratio of 440%). The plan is for risk at a level that produces a 480% RBC level, and the maximum tolerance is for risk that would produce a 360% RBC. The 2014 actual risk taking has the insurer at a 420 RBC level, which is above the target but significantly below their maximum. After reviewing the 2014 actual results, management made plans for 2015 that would come in just at the 440% RBC target. That review of the 2014 actual included consideration of the increase in profits associated with the additional risk. When management made the adjustment to reach target for 2015, its first consideration was to reduce less profitable activities. Management was able to make adjustments that significantly improve return for risk taking at a fully utilized level of operation.

It's hard to imagine that Humphrey Bogart became one of the fashion setters of his time by wearing a wristwatch in his films. That made pocket watches a novelty. Since then, wristwatches have been a cool men's accessory. There were glow-in-the dark watches -- until radium was discovered to be dangerous. Other styles have added lunar phases, chronographs, timers and alarms, and don’t forget the trendy but forgotten 1970 Pulsar red LED watch. Now, is the wristwatch at risk of being replaced by new wearables? The real question in my mind from a risk management perspective relates to our personal habits vs. technological advances. Historically, relying on technology alone to change behavior has been more hope than strategy. People like style, convenience, comfort and practicality, and many old habits are hard to change. How many devices do I need to wear? Will a wearable ever truly be a personal protective device (PPD) in the workplace? Gadgets like Fitbit or Nike Fuelband do specific health-monitoring tasks that have a cool factor, joining yoga pants and headbands. Well, maybe not headbands anymore, but I'm an Olivia Newton-John fan. Anyway, for my daily walks, I use an app on my iPhone that seems to do very well in tracking my steps. The real holy grail of wearables would be a simple device that could monitor your blood pressure 24/7 and communicate to you and your medical provider. Now, joining the battle for your wrist, the Apple watch (around $350-plus) is poised for release in April. A companion device with your iPhone, these colorful wrist devices strive to pack all of your wearable potential into one Dick Tracy-like, walkie-talkie-style statement with three colorful base models. Similarly, Android Wear is in the works, with as many as 15 devices packing Google’s wearable tech system anticipated to hit the market by the end of 2015. Apple admits that users are going to wind up charging the watch daily but has declined to go into specifics. A watch runs on a small battery for a year or more. Wearables are about to explode into an array of novel, single-function devices. The big question in my mind is something the designers of wearable tech seem to have forgotten: Does the item in question solve a need or make life easier for its user? The fact is that most wrist devices do nothing more complex than that already done on a smart phone. Look at what happened with Google Glass in 2013 -2015. This $1,500 gizmo fizzled in the social scene although commercial uses, including in medicine, firefighting and manufacturing, seem promising. Besides its nerdiness, Google Glass lost because of legal and privacy issues. The real killer in my mind was when users were dubbed “glassholes.” Google is retooling that invention for another shot at it down the road. Perhaps the biggest obstacle standing in the way of wearables is complexity. There may very well come a day when people are decked out from head to toe in technology, but it’s not going to happen unless it’s nearly invisible technology. Consumers don't buy gadgets, as much as they buy experiences. They buy access to content and services they desire. They buy brands that deliver style and status, social acceptance and recognition. Remember the 2001 invention, codenamed Ginger, that was destined to change the world of transportation? It’s called the Segway. "Disruptive innovation," a term coined by a Harvard University professor, Clayton Christensen, describes a process by which a product or service takes root initially in simple applications at the bottom of the market and then relentlessly moves up-market, eventually displacing established competitors. Wearables could bring dramatic improvement  to health monitoring and safety and assistance, but issues like battery life, transparency and simplicity need to be solved before we can expect real disruptive change like the smart phone brought us. Over half of the world's 7.2 billion people use mobile phones, with smartphone users growing to 2.5 billion in 2015. Besides communication and computing, think of the incredible photo and video capabilities smartphones bring to our planet's inhabitants. What would more wearables give us?

This is Paper 3 of a series of five on risk appetite and associated questions. The author believes that enterprise risk management (ERM) will remain locked in organizational silos until boards comprehend the links between risk and strategy. This is achieved either through painful crises or through the less expensive development of a risk appetite framework (RAF). Understanding of risk appetite is very much a work in progress for many organizations, but RAF development and approval can lead boards to demand action from executives. Paper 1, the shortest paper, makes a number of general observations based on experience with a wide variety of companies. Paper 2 describes the risk landscape, measurable and unmeasurable uncertainties and the evolution of risk management. This paper, Paper 3, answers questions relating to the need for risk appetite frameworks and describes in some detail the relationship between risk appetite frameworks and strategy. Paper 4 answers further questions on risk appetite and goes into some detail on the questions of risk culture and risk maturity. Paper 5 describes the characteristics of a risk appetite statement and provides a detailed summary of how to operationalize the links between risk and strategy. Paper 3: Should all organizations have a risk appetite framework? The relationship between risk and strategy is a function or neither risk management nor strategic management. Rather, it is simply good management in an uncertain world, where business models are:

1. Increasingly driven to be available on a 24/7 global footprint,
2. Online using telecom networks,
3. Becoming more dependent on third-party service providers,
4. Becoming more connected within larger financial, supply chain and energy supply chains.

It is our view that the term "risk management" will, within the 2010 decade, become supplanted by the term "resilience management" and that the latter term will become an integral part of risk culture in organizations that are trading internationally or vulnerable to international supply chains. Maintaining a risk appetite framework will thus, before the end of this decade, be a matter of necessity, and not a matter of choice. The driver in this regard will be the pace of change. Look at the pictures above, both at a papal blessing, and you see what a difference less than a decade years can make. What is leading organizations to put formal risk appetite frameworks in place? Greater investor and regulatory focus, combined with a recognition that risk practices are becoming increasingly professional, has caused organizations to change attitude toward risk from a broadly negative stance to a more positive and engaged approach. We note a global scarcity of skilled chief risk officers and unwillingness by organizations to commit resources in the current economic climate. Nevertheless, enlightened organizations are gaining appreciation of the links between risk and strategy and in turn toward putting in place the necessary resources and supports to provide greater risk professionalism. How are risk appetite and strategy related? The diagram below describes the relationship. Earlier in these papers, we described board risk assurance as assurance that strategy, objectives and execution are aligned. We further explained that alignment is achieved by operationalizing the links between risk and strategy. This is done by integrating each of the seven numbered elements described in the diagram above as follows: 1.     Reaching a determination as to long-term purpose and formulating those strategic initiatives and objectives that are required to achieve it[1], 2.     Understanding obstacles to the achievement of objectives: This needs to be understood practically in terms of a motor journey from say Dublin to Cork or Berlin to Paris. Before the journey, people need to understand, and manage, what can stop them, slow them down or distract them on the journey. Once people understand risk management in these simple and practical terms, they understand that risk management is more about achieving objectives (getting from point A to point B) than compliance with regulations. It is about improving performance on the journey. What people? In the simplest of terms, they are the owners of the car (shareholders represented by the board), the driver (CEO and executives) and passengers (primary stakeholders, i.e. customers, employees, investors, suppliers and secondary stakeholders and others with a legitimate interest in the business). 3. Setting objectives and getting balance and alignment (Note: strategy maps, e.g. Balanced Scorecard): This is done in risk management terms by: a. Strengthening the strategic planning process; for example: i.     Increasing rigor, formality and consistency in the strategic planning office (SPO), which derives its authority from the board and  the CEO's office, ii.     Aligning strategy, risk and audit board subcommittees (through cross-representation) in a manner that largely mirrors the conventional three lines of defense model[2] and reflects the requirement to strengthen board risk oversight, reporting and monitoring[3], iii.     Embedding risk management competence within the SPO[4], iv.     Explicitly articulating corporate and organizational objectives, v.     Testing the alignment of group, corporate and organizational objectives through development and review of risk appetite statements. b. Establishing an effective risk appetite framework, which includes: i.     Statement of purpose and values of the organization, ii.    Explicitly stated board risk assurance requirements; factors to consider would include:

1. Mapping objectives to a risk appetite continuum,
2. Qualitatively expressed risk appetite statements,
3. Quantitatively expressed risk criteria related to both risk tolerance and risk limits.

c. Understanding and improving the organizational level of risk maturity Risk maturity is outside the scope of this paper; however, discussion on the topic would be welcomed by RMI. RMI has developed a five-level RMI Risk Maturity Index, which provides a road map to risk optimization. The index scores risk maturity capability requirements, etc. In summary, it describes:

• Level 5: "Value-Driven" -- Optimizing value through aligning risk and strategy with corporate objectives,
• Level 4: "Managed" -- Gaining value through aligning risk and strategy in pursuit of corporate objectives,
• Level 3: "Insight" -- Gaining insights into how to better align risk and strategy in pursuit of corporate objectives,
• Level 2: "Awareness" -- Developing awareness  into how to align risk and strategy in pursuit of corporate objectives,
• Level 1: "Basic" -- Seeking awareness of the links of risk and strategy in pursuit of corporate objectives.

d.   Building resilience: i.     Ensuring that the SPO engages in systematic risk horizon scanning as well as: 1. Understanding near misses and escalation reports in the organization and externally, 2. Monitoring performance of risk treatments[5], 3. Proofs and tests of the quality of decision making, and decision making processes, through simulated threat and opportunity crisis[6] scenario(s) exercises, ii.     Anticipating Emerging Risks[7]. 4.     Evaluating the amount of risk the organization is prepared to accept in pursuit of the long-term statement of purpose; and then deciding how to treat risks: Just as implementation is critical to performance[8], risk treatment is at the cutting edge of risk management and managing risks! Disappointingly, however, very many organizations commit disproportionate resources to risk assessment with inadequate attention paid to what really matters; that is, treating risks. In essence, very many organizations concentrate on the P in the PDCA (plan, do, check, act) cycle, with not enough attention paid to doing, checking and acting on continuous improvement requirements. This is pretty much in evidence in a review of many of the risk registers we have examined on behalf of clients. The majority of the surface area/content of the report (sadly, and sometimes tragically, an Excel, Word or Power Point document, as distinct from a credible database solution[9]) is given to risk assessment. In our experience, often, precious little detail is given to:

1. Who, specifically is responsible for individual risk treatments,
2. Change management and resource requirements supporting risk treatments,
3. The project/risk treatment key performance indicators (KPIs), milestones and gateways,
4. The expected residual effect of risk treatments on likelihood and impact,
5. The role of management in reviewing performance against KPIs, milestones and gateways. 

Risk treatment reports, which are presented to the level of detail described above and which are evaluated by the SPO in a manner that provides a feedback loop to the performance of objectives, become leading indicators of the future state of health of objectives. 5.       Weighing the odds consistently throughout the organization: This is the function of the chief risk officer (CRO), a most important role within the organization, and risk committee. The ability of the CRO and risk committee to efficiently and effectively perform this function is directly proportional to the efficacy of the assurances delivered as described above. Typical weaknesses and challenges that can occur include: 1. Frequency of changes required to risk criteria (tolerances and limits) in early stage (risk) maturity organizations as a consequence of:

• Pace of change internally and externally in the organization,

Identification of emerging and external risks hitherto not understood. 2. Inability to undertake real time dynamic tests of risk aggregations:

• Around discrete objectives,
• Across risk categories.

The weaknesses and challenges described above often result in: 1. Meetings where questions asked can only be answered in terms of: i.     This is the historic "point in time" information we have prepared. ii.     We will need to revert with answers to your query in X days. 2. Risk aggregation tests not being run and emerging/known unknown risks not being identified until there is an occurrence. 6.     Compliance with laws and regulations: Organizations are established to achieve superior returns, with limited liability to risk takers. However, they are expected to do so having full regard for all legal requirements. Clearly, it is axiomatic to assume the lawful intent of a company’s original promoters, and thereafter its directors and the executive. To this extent, compliance is an operational imperative and a sunken cost. Compliance alone does not drive value, but without it value cannot be created. It would seem inappropriate to place compliance at the center of board agenda, just as it would be a mistake to place compliance at the center of the diagram above, which describes the relationship between risk and strategy. However, compliance is a mission-critical element within the risk/strategy governance framework. 7.    Tough governance, setting policy and monitoring performance: In the context of the relationship between risk and strategy, tough governance means risk culture. "Risk culture" is a term describing the values, belief, knowledge and understanding about risk shared by a group of people with a common purpose, in particular the employees of an organization or of teams or groups within an organization. This applies whether the organizations are private companies, public bodies or not-for profits, wherever they are in the world.[10]. Risk culture, as an aspect of culture, can be practically described thus: Culture: The way we do things around here! Risk culture: The freedom we have to challenge around here! Risk culture is capable of being demonstrably and credibly evidenced by: 1. Board and executive messaging[11] on threats and risks to operations and jobs when people fail to act/report when they: i.     Identify a smarter way of completing a task, achieving an objective, ii.     See a threat or risk to the organization. 2. Escalation reports and their treatment by the executive and management, 3. Near misses reported and averted.