Internal and external demands have resulted in the clarification and expansion of the role of the chief risk officer and the risk management function. Internally, senior management and the board see the merit of using key risk information. Ensuring the company is managed within its risk appetite enables it to best utilize its resources to take advantage of changing competitive needs and strategic opportunities. Externally, U.S. and global regulators are articulating clear expectations for the role of the CRO and governance of the risk function, as well as the role of the board in risk management and the CRO's and risk function’s relationship with the board. These demands emphasize the need for clear policies and processes with appropriate documentation and governance.

As little as 10 years ago, the risk function was novel at most companies, and there were almost as many models of how to organize and manage the function as there were insurers. This has changed. Leading practice is becoming clearer, and expectations are now more consistent and defined. However, boards and regulators are increasingly inquiring about new "unknowns": data security, cyber terrorism, reputational risk and competitive obsolescence. All of these also fall under the CRO's purview and increase demands on risk resources.

The case for change

The risk function is the newest among the direct stakeholders that insurance modernization directly affects, and there are a number of important implications and outcomes.

• No existing "pipes" - For the majority of North American risk functions, many risk calculations and resulting reports are very recent creations. Very few have a solid network of pipes that transmit data and input through models and calculations onward to result in verifiable and controlled information. Therefore, compared with many other functions that modernization affects, the risk function does not need to dismantle existing pipes. However, it is critically important that, as insurers plan and develop these new pipes, they do so in cooperation with other stakeholders. If they do not, then the risk function may find itself unnecessarily tearing up what should be a common roadway.
• From build to oversee - While internal and external changes affect all stakeholders, the risk function is unique in that its very nature also is changing. When the risk function originally came into being, it was the CRO's and his staff's responsibility to create the models and capability needed to support the function. Now, as risk infrastructure takes shape, management, boards and other stakeholders are asking the CRO and risk function to play a key role in governance and control. This brings into question how best to manage and oversee both the risk and overall corporate infrastructure. Can and should these be responsibilities of the risk function, and, if not, who should be responsible for managing this infrastructure?
• Process and documentation - Much of the newly built infrastructure was constructed quickly and in a "learn by doing" mode. Much of it is parallel to but not coordinated with activity in other areas, especially actuarial. As companies have mapped processes and documented assumptions, models and output, functional overlaps have become clearer. In many cases, clarification and resolution of the overlaps will be necessary to enable rational enterprise level mapping and non-duplicative documentation.
• Demonstrated engagement – The CRO and risk management staff (with input from actuarial, investment, finance and others) support the foundation on which risk information is built Increasingly, the board and regulators are asking for holistic engagement in agreeing on assumptions and methodologies, not just siloed input from subject-matter experts. The risk function increasingly is being asked: Are the business managers – the first line of defense –in agreement? And, is their collective engagement substantive and verifiable?
• Governance - As the board's role in risk management and risk taking becomes clearer, many boards and regulators recognize the need to include major risk and strategic initiatives under the oversight umbrella. They look to the CRO to be the conduit of information between them and the insurer. This strongly suggests that the CRO should have insight into modernization initiatives that go beyond just the risk function.

In a modernized company, a synergy of efficient processes with clearly defined stakeholder expectations exists among risk, actuarial, finance and technology (RAFT). The modernized risk function will share a common foundation of data, methods and assumptions and tools and technology with the other RAFT functions. (Naturally, the risk function will have certain unique processes that build on this foundation.) Finally, enterprise compatible business management, HR, reporting and governance all channel the process to its apex: intelligent decision making.

• Data - The organization, with significant risk input, clearly defines its data strategy via integrated information from commonly recognized sources. The goal of this strategy is information that users can extract and manipulate with minimal manual intervention at a sufficient level of detail to allow for on-demand analysis.
• Methods and analysis - Modern risk organizations emphasize robust methods and analysis, particularly the utilization of different approaches to arrive at insight from more than one perspective. Key to proper utilization of multiple methods is confidence that different outcomes are not the result of inconsistent inputs but rather truly reflect new insight.
• Tools and technology - Up-to-date tools and technology help the risk function gather, analyze and share information faster, more accurately and more transparently than ad hoc end-user computing analysis. With modern tools and technology, risk personnel can devote the majority of their time to understanding and managing risk rather than programming and running risk models.
• Stress testing - Stress testing has become a key weapon in the risk management arsenal. Test results convey risk information to senior management, the board and regulators. Resulting impacts on capital under stress scenarios become key to capital planning and calibrating economic capital (EC) models. Moreover, these tests are fully integrated in financial planning and the finance function's agenda.
• EC/Capital modeling - Economic capital calculations continue to be an important tool for decisions at all levels, from strategic to micro-level asset trading and product design. A modernized organization fully integrates these models with key actuarial activities, and the process and results help the company more effectively plan for and manage risk. Results are available quickly, and efficiency of the process allows for extensive "what if" testing.
• Validation - A comprehensive model risk management structure is in place. The company routinely validates new models and model changes. Assumption consistency is transparent across risk, actuarial and finance. The company verifies data integrity and uses a model inventory to weed out duplication and overlap. Savings more than pay for model risk management (MRM) costs.
• Human capital - Risk functions employ more inquisitive and analytical analysts. The emphasis is on managing risk, not running models. A significant portion of the group devotes its time to understanding emerging trends and investigating potential new threats to the organization. Clear organizational design facilitates working in a collaborative manner with other control functions and business managers.
• Governance - Risk plays a key role in governance and risk appetite is well established. Decision making throughout the organization incorporates risk in a transparent manner. This is in large part because of confidence in risk output because data and input is consistent with finance and actuarial analytics, models are validated and senior management and the board understand key assumptions and limitations.

The benefits

Realizing ERM's promise requires more than just complex economic capital and value at risk (VAR) models. It requires confidence in these models and an understanding of their key assumptions and limitations. This confidence and understanding need to be pervasive - from risk, finance and actuarial personnel themselves, through line of business leadership, up to senior management and the board.

With a modernized platform in place, CROs and risk functions can turn their attention to managing risk, not calculating and reconciling numbers, as well as providing management and board with the best tools for intelligent decision making, confidence in capital deployment and competitive strategies consistent with risk appetite and capacity.

Critical success factors

Plan ahead and in concert with other stakeholders. The risk function is in the unique position of not having to dismantle infrastructure, but it definitely does need to build on it. The function's relative youth and lack of legacy encumbrances mean it is in an ideal position to be a leader in modernization initiatives.

Moreover, the risk function has both an opportunity and an obligation to raise concerns about the risks involved in modernizing in an uncoordinated way or the risk to the insurer's competitiveness from not modernizing at all.

Call to action - Next steps

Look for quick wins, like faster processing, more transparency, deeper insight, but stay true to the long-term plan. Some of these quick wins can be cost savings opportunities. For example, an inventory of documented models can reduce the number of models (and associated maintenance cost) by weeding out redundancies. In addition, the company can streamline internal reports when all areas use the same foundational data and calculations. Moreover, the company may be able to rationalize multi-jurisdictional, external and regulatory reporting.

Business interruption (BI) losses are among the most confusing types of claims in the insurance industry. As claim specialists, we are often asked for a "checklist" filled with action items for when a loss occurs. A "checklist" isn't practical because there are too many variables and "if/then" scenarios to map out. When you have a significant property damage and business interruption claim, only experience can guide the way to a fair recovery.

However, there are actions that can be taken ahead of a loss to ensure you are prepared. The following seven items represent such a "checklist." It will not only help with your next loss but can have an immediate benefit to your risk management program.

1. Prepare accurate ratable business interruption values

The annual ritual of preparing the business interruption worksheet is often treated as an administrative nuisance.  It should be looked at as an opportunity to accurately account for the insurable risk for which you pay your premium and to accumulate annual values for future trending.

The worksheet provided by the insurance company is woefully inadequate to explain the nuances of most businesses. Go beyond the worksheet and explain your business more completely to underwriters. For an effective BI values methodology, solicit help from the specialists, such as an experienced forensic accountant. The results will be appreciated by underwriters and should translate into more appropriate coverage and possibly a more favorable rate. Once a system is in place, accuracy, consistency and efficiency should be improved.

Once the ratable BI values are calculated, policyholders should explore realistic loss scenarios. The BI value is an annual number that does not factor in real-life responses that would generally mitigate a claim. To get to the actual exposure to risk, companies should determine the maximum foreseeable loss (MFL) and probable maximum loss (PML) measurements. The MFL measures a "worst case scenario" in which all of the loss-control protections fail. The PML is the more realistic loss scenario, in which mitigation systems work and contingency plans are executed properly. In both cases, the property damage and business interruption effects would be calculated as if they had occurred.

Loss scenarios should be postulated in detail, e.g. by location and by occurrence, considering all factors. These numbers should not be measured by simply applying a daily "BI rate" to an engineered loss period. It is more realistic to prepare as if presenting a claim, exploring all "what if" possibilities. Insurers may offer some assistance in this process, but remember, their version will be from their perspective. As with any claim, you should always prepare your own scenarios and your own calculations according to your understanding of your operations. An independent forensic accountant will have prepared claims just like your scenarios and would be able to accurately value the losses.

Concurrent with the MFL and PML analysis, you should work to understand contingent risks to your business. Knowing what your suppliers' and customers' exposures are is important. Policyholders should involve leaders in operations, procurement and sales to help identify contingent exposures. If you have a sole supplier, your contingent exposure may be greater than anticipated and should be examined.

It is important to understand how your current policy language would respond to the contingent loss scenarios you've identified. For example, if suppliers in your policy are referred to as direct supplier," make sure you understand how this would be interpreted in a claim. If "direct" means only those suppliers with whom you have a direct contract, and an indirect supplier, i.e. a second-tier supplier, has a loss that affects you, would you be covered? These scenarios should be discussed with your broker and underwriter to ensure your policy will respond as expected.

Once the values and scenarios are updated, you will be better able to make informed decisions about your insurance coverage, limits and terms.

Another common discovery from performing an exposure analysis is which type of time element coverage is the best risk transfer solution. Considering each location, if the risk is a lost of sales, BI would cover the lost earnings. If sales are not the risk or they can be sustained at an extra expense, extra expense coverage would be more appropriate. If sales are at risk but can be mitigated to the degree contingency measures are enacted at an additional expense, it's a combination loss exposure.

It's of value to risk managers to know what the exposure truly is because, if an exposure can be covered by extra expense coverage, it may eliminate or reduce the need for BI insurance. For example, if you are a distributor with multiple warehouses whose inventory is insured at selling price, what's at risk? If you have alternative space or can quickly secure temporary space, the likelihood of experiencing a sales loss that exceeds the sales value of your lost inventory is remote. How much BI coverage should you buy vs. extra expense? Exploring your loss scenarios and subsequent contingency plans would allow you to better quantify your risks and select the option best suited to your needs. Extra expense is a more "tangible" risk than BI, making it easier for underwriters to rate, and it generally will cost less.

The names are different, but the intent is the same - to protect earnings lost because of damage or loss of use of insured property. The history of each of these forms would take a separate paper to detail, but, in a nutshell, gross earnings is a form commonly used in the U.S. with a basis in manufacturing risks, while gross profit is used throughout the world and has its basis in mercantile operations. Business income is the term used for the current ISO forms. Today, all forms have been modified to accommodate almost any business -- however, there are some situations where one form may be preferable. The terminology and the mechanics of calculating business interruption loss varies among the forms, but the answer should be the same, regardless.

The exception to this has to do with the period of indemnity -- the gross profit form is usually limited to a specific time, while gross earnings will continue until repairs are (or should be) completed with "due diligence and dispatch"; there is the ability to add an extended period to recover sales. It is important to make sure the form you have would cover your potential loss period. For example, if you have a manufacturing company with specialized production equipment that have long lead times to replace -- longer than the period that a gross profit form would cover -- you should probably have a gross earnings form. If you do not see a scenario that would exceed the gross profit period and you cannot accurately predict an extended period required to add to gross earnings, the gross profit might be a better option. If there isn't any scenario that would create a loss that exceeds the gross profit period of indemnity and you are comfortable that you can cover that time to recover sales, than either form would work. There are new options that allow you to pick which form you would like to use up until the closure of a claim -- these forms eliminate the need to determine which form is right for your business. Just make sure you have a form that will cover your worst-case scenario.

Most policies now include professional fees coverage. Insurers recognize the need for dedicated claim preparation experts and are willing to pay for it as part of the claim. Often, this coverage is subject to limits that can be negotiated. If you are not familiar with this coverage or do not have it, you should discuss with underwriters. For the most part, this coverage can be included at some level just by asking. The benefits of having specialized claim preparation experts available as a resource for a claim can make the difference between a successful claim and a headache.

In addition to forensic accountants, a claim may include forensic engineers, attorneys and others. It is a good idea to know those you want to use before needing their services. Meet with the various providers beforehand and select those that fit best for your organization. Typically, paperwork associated with hiring someone can be completed before needing their assistance (i.e. non-disclosure, purchasing, W-9, etc.) so that if something happens they can begin work immediately. Additionally, there may be an opportunity for the provider to help with reporting issues on business interruption values.

While no business wants to suffer a loss of earnings, the more prepared you are the better the results will be. The steps shown above may take years to fully develop and should be evaluated annually to account for changes to your business.

If these recommendations are incorporated into your insurance program, there's no need for a claim checklist. Your risk management team will be prepared for any worst-case situations with the best-case solutions.

In any industry, customer loyalty is a precious commodity. That’s no less true in the world of auto insurance. As Bain puts it: "Loyalty improves a carrier's economics and leads to sustained, above-market growth."

But what does it take to make customers stay with an auto insurer for the long term?

Customer retention isn't just customer satisfaction.

When customers choose to stick around because of the benefits an insurer provides, their actions are driven by positive experience. You could say, then, that the key to customer retention is customer satisfaction.

You'd be mistaken. A new survey released by Accenture Global found that while 86% of insureds who filed a claim were satisfied with how it was handled, 41% of those customers are still likely to switch insurers in the next 12 months.

In fact, the data shows that the very act of filing a claim makes a customer more likely to switch insurers, even when they're completely satisfied with how it went.

It’s not to say customer satisfaction in the claims process doesn't matter - speed and transparency being the two most important factors, according to 94% of Accenture survey respondents. Having access to digital channels also ranks high in satisfaction requirements.

However, if having a claim tends to trigger the insurance shopping process, the most important question may be how to prevent the claim altogether.

Use UBI as a tool to prevent claims and build the relationship.

By harnessing usage-based insurance data, insurers can define strategies to help customers manage risks and even reduce the number of claims they file. As a result, insurers not only lower claims costs, but may gain an advantage in customer loyalty, Bain says.

However, usage-based insurance isn't just about data collection. It offers insurers the opportunity to go far beyond information gathering, and to nurture the relationship. UBI provides a chance to communicate with customers every time they drive, in a constructive manner. UBI is the ultimate digital connection - not hinging on potentially negative touch points like claims or billing, but rather facilitating quality, helpful coaching.

And here's the great thing: The relationship-nurturing capabilities start immediately. Insurers can provide helpful driving tips as soon as UBI policyholders install the app and take their first trips. Insurers don't have to wait for data, actuaries and new rating tables. They have an instantaneous ability to provide coaching and thereby start a new kind of insurance relationship.

They say that when you teach a man to fish, you feed him for a lifetime. What happens when you teach a man, or a woman or their teenagers to drive more safely and avoid the pain of accidents? They appreciate it and remember it. And, greater loyalty, retention and referrals just might ensue.

Click here to learn how usage-based insurance works for insurers.

It's hard to imagine how 2014 could be surpassed as the worst year for massive identity theft and data loss exposures.

The news developments of 2014 were relentless and mind-numbing. Heartbleed and Shellshock rose to the fore as two of the nastiest Internet-wide vulnerabilities ever to come to light. Heartbleed exposes the OpenSSL protocols widely used by website shopping carts. And Shellshock enables a hacker to take control of the module used to type text-based commands on Linux, Unix and Mac servers.

"These are problems in the very fabric of what the Internet is built on," says David Holmes, security evangelist at F5 Networks.

Click here to receive fresh analysis of breaking developments from top cybersecurity and privacy experts.

Meanwhile, Target, Nieman Marcus, Dairy Queen, Home Depot, JP Morgan and SonyPictures led a parade of organizations disclosing major data breaches. Indeed, the tally of data breaches made public in the U.S. hit a record 783 in 2014, nearly 30% higher than in 2013, according to the the Identity Theft Resource Center.

"The ubiquitous nature of data breaches has left some consumers and businesses in a state of fatigue and denial about the serious nature of this issue," says Eva Velasquez, chief executive offer of the ITRC.

The scary part

Now here's the scary part: The pace hasn't slowed in the first few weeks of 2015.

Consider that the financial services sector has spent billions over the past decade on the best defensive technologies and systems money can buy. Yet a low-level Morgan Stanley financial adviser was able to exfiltrate account records, including passwords, for six million of the Wall Street giant’s clients.

Meanwhile, forensic analysts at Dell SecureWorks recently uncovered a novel strain of malware circulating deep inside a corporate network. It's being referred to as a "skeleton key." With a skeleton key an intruder can fool the authentication protocols on widely used Microsoft Active Directory systems by typing arbitrary passwords. This enables the attacker to do such things as gain unfettered access to webmail and virtual private networks (VPNs).

"It's much easier to be an attacker than a defender," observes Jeff Williams, director of security strategy for Dell SecureWorks' Counter Threats Unit. "As a defender, you must protect all paths of access, whereas the attacker only needs to find one foothold from which to mount an intrusion."

If nothing else, the headlines of 2014 should grab the attention of company owners, directors and senior executives. No one wants to make it to the ITRC's list of U.S. breaches for 2015.

SMBs exposed

But small and medium-sized businesses (SMBs) should pay heed as well, says William Klusovsky, a security specialist at NTT Com Security. SMBs should grasp that they are part of a wider supply chain and that modern day cybercriminals are intensively hunting for all weak links, he says.

Small business owners should "understand your businesses processes, be aware of your risk profiles and be able to explain that to your partners," Klusovsky advises. "And then within reason implement the protections you can afford."

A good place to start, for companies of any size, is to step into an attacker's shoes, Dell SecureWorks' Williams says. "Identify paths of entry and put mitigations in place, whether that be two-factor authentication, removing unneeded services, implementing, monitoring or training staff," Williams says.

Security consultants can be valuable guides, and third-party managed services can do the day-to-day heavy lifting. But the due diligence must come from the business owner.

The business owner should plan to "remain engaged and active in the conversations with that security service provider," Williams says.

Over time, all business owners need to develop some level of skill about security policies and procedures and look to infuse that knowledge into the company's infrastructure.

See more at Third Certainty

Eric Schmidt, the executive chairman of Google, said this week that the Internet will disappear -- "There will be so many IP addresses, so many devices, sensors, things that you are wearing, things that you are interacting with, that you won’t even sense it," he said. Now, Eric is a very smart fellow; he's worth several billion dollars more than I am (the score is Schmidt, $8.3 billion, me, $0 billion); and he even has a better hairline than I do despite being two years older. He made his comments in Davos at the World Economic Forum, known as the gathering spot for very serious people. So his remarks have been getting quite a bit of attention and consideration. 

But he's wrong.

He's wrong for the same reason that people have been wrong since I started covering technology for the Wall Street Journal going on 30 years ago. That suggests to me that people will keep being wrong for the same reasons for some time to come, including in the world of insurance, where we are all having to try to figure out how the Internet of Things will play out. So let me point out the two issues that mean that even very smart people in very serious settings can't just assume the sort of technological utopia that Schmidt is describing.

They are:

• Decision rights
• Transaction costs

Let's look at those issues in the context of an article in the New York Times many years ago that got me mad enough to start thinking about the blind spot in the first place. A very bright reporter, and something of a friend, began by painting an idyllic vision of an automated future: A person hopping out of bed would step on a sensing device that would let the house know he was up. The house would then turn on CNN in the family room, start the coffee and probably do some other things that I no longer remember at this remove.

Nice image, right?

Decision rights

But what if I don't want to watch CNN? What if I'm more interested in watching ESPN that morning? Or my kids were already awake and watching cartoons -- would my stepping on the pad change the channel despite the screams that would surely result? What if I'm heading off to meet someone for breakfast and will have coffee there, not at home that day?

A key question with any sort of automation is: Who owns the decision rights? In the case of CNN and the coffee, do I want the house to have the decision rights, or do I want to retain them?

Transaction costs

How much effort do I have to put into the automation? Is it really worth it to put a sensor under my carpet or even to lay something on top of the carpet? What does that cost? How long does it take me to configure the TV and other systems in the house so that they react appropriately?

Those transaction costs then have to be compared against the benefits, which, in the case of CNN and the coffee, are trivial. It's just not that hard to pick up the remote and click the TV on or to fix the coffee in the morning (which you would have had to do before going to bed in the automated scenario.)

People tend to get so excited about the George Jetson-like possibilities that they ignore decision rights and transaction costs and paint visions that simply won't occur in any reasonable timeframe.

That's how we ended up with:

-- The talk back in the early '90s about "agents" that would pull together what some called "The Daily Me," a personalized newspaper that would gather all the news that it knew you were interested in and mix it in with your schedule and other things to lay out your day for you. The problem was that these personalized papers took a huge amount of effort and were so inaccurate that no one would turn all the decision rights over to an agent. What if you didn't have time to read the news that day? What if you had become interested in some topic that you'd never read about before -- how would your agent know?

(I took the talk of agents somewhat personally because the three pieces I wrote for the Wall Street Journal that easily got the most response from readers in my 17 years there were about: a time I sailed across the Atlantic in a small boat, having never sailed before, in what turned out to be some monster storms; my two-week career as a professional wrestler; and my mother (a piece written with my younger brother). I guarantee you that no one who picked up the Wall Street Journal the day those pieces appeared was looking for anything about sailing, professional wrestling, my mother or me, so no one would have ever seen them in a world of agents.)

This talk of agents is cropping up again, by the way, and is surely part of the reason that Schmidt wants to talk about having the Internet disappear. Google wants to make search so efficient that its engine knows what you want to find even before you think to look. The company has made impressive strides -- if you type in Elm Street while looking for directions on your Android phone, Google Maps usually guesses quickly and correctly which Elm Street you want -- but that's a long way from the world that Google is describing, and the transaction-cost and decision-rights issues will still get in the way.

-- The fuss over the "Internet refrigerator" that still crops up from time to time. The idea is that your refrigerator would sense when, say, you were low on milk and reorder it for you. But that requires an awful lot of engineering, both in the refrigerator and in whatever system of grocery delivery would be used, and only makes sense if you're turning just about all your shopping over to your refrigerator -- if you have to go to store anyway, it's simple to grab some milk.

And there is always the issue of decision rights. What if a family goes on vacation? How long will the refrigerator keep ordering? I have a friend whose 21-year-old son drinks a gallon of whole milk a day. When the son -- who is 6'5", weighs 285 pounds and looks like he could bench press a cow -- is home, they can't buy milk fast enough, but when he's gone at school they don't need any. Do they have to let a few gallons of milk sour before the refrigerator figures out the son is gone?

-- The excitement about home controls: remote-controlled lighting, the Internet thermostat that will sense who's in a room and adjust lighting levels and temperature to personal preferences and so on. Those are just an awful lot of work for not much benefit -- you can always flip a light switch or adjust a rheostat -- and doesn't resolve the issues that come up when one person likes a room cooler than the other.

Technology will make plenty of tasks disappear, but let's not be too hasty. We need to think through the costs, the benefits and the potential for errors and conflicts in automated systems, to make sure we don't fall victim to the seductive tendency to ignore transaction costs and decision rights.

The Internet won't disappear in my lifetime, which I'm assuming will be at least 30 more years. I won't even have sensors that turn on CNN and start my coffee when I get out of bed.

Eric Schmidt, the executive chairman of Google, said this week that the Internet will disappear -- "There will be so many IP addresses, so many devices, sensors, things that you are wearing, things that you are interacting with, that you won’t even sense it," he said. Now, Eric is a very smart fellow; he's worth several billion dollars more than I am (the score is Schmidt, $8.3 billion, me, $0 billion); and he even has a better hairline than I do despite being two years older. He made his comments in Davos at the World Economic Forum, known as the gathering spot for very serious people. So his remarks have been getting quite a bit of attention and consideration. 

But he's wrong.

He's wrong for the same reason that people have been wrong since I started covering technology for the Wall Street Journal going on 30 years ago. That suggests to me that people will keep being wrong for the same reasons for some time to come, including in the world of insurance, where we are all having to try to figure out how the Internet of Things will play out. So let me point out the two issues that mean that even very smart people in very serious settings can't just assume the sort of technological utopia that Schmidt is describing.

They are:

• Decision rights
• Transaction costs

Let's look at those issues in the context of an article in the New York Times many years ago that got me mad enough to start thinking about the blind spot in the first place. A very bright reporter, and something of a friend, began by painting an idyllic vision of an automated future: A person hopping out of bed would step on a sensing device that would let the house know he was up. The house would then turn on CNN in the family room, start the coffee and probably do some other things that I no longer remember at this remove.

Nice image, right?

Decision rights

But what if I don't want to watch CNN? What if I'm more interested in watching ESPN that morning? Or my kids were already awake and watching cartoons -- would my stepping on the pad change the channel despite the screams that would surely result? What if I'm heading off to meet someone for breakfast and will have coffee there, not at home that day?

A key question with any sort of automation is: Who owns the decision rights? In the case of CNN and the coffee, do I want the house to have the decision rights, or do I want to retain them?

Transaction costs

How much effort do I have to put into the automation? Is it really worth it to put a sensor under my carpet or even to lay something on top of the carpet? What does that cost? How long does it take me to configure the TV and other systems in the house so that they react appropriately?

Those transaction costs then have to be compared against the benefits, which, in the case of CNN and the coffee, are trivial. It's just not that hard to pick up the remote and click the TV on or to fix the coffee in the morning (which you would have had to do before going to bed in the automated scenario.)

People tend to get so excited about the George Jetson-like possibilities that they ignore decision rights and transaction costs and paint visions that simply won't occur in any reasonable timeframe.

That's how we ended up with:

-- The talk back in the early '90s about "agents" that would pull together what some called "The Daily Me," a personalized newspaper that would gather all the news that it knew you were interested in and mix it in with your schedule and other things to lay out your day for you. The problem was that these personalized papers took a huge amount of effort and were so inaccurate that no one would turn all the decision rights over to an agent. What if you didn't have time to read the news that day? What if you had become interested in some topic that you'd never read about before -- how would your agent know?

(I took the talk of agents somewhat personally because the three pieces I wrote for the Wall Street Journal that easily got the most response from readers in my 17 years there were about: a time I sailed across the Atlantic in a small boat, having never sailed before, in what turned out to be some monster storms; my two-week career as a professional wrestler; and my mother (a piece written with my younger brother). I guarantee you that no one who picked up the Wall Street Journal the day those pieces appeared was looking for anything about sailing, professional wrestling, my mother or me, so no one would have ever seen them in a world of agents.)

This talk of agents is cropping up again, by the way, and is surely part of the reason that Schmidt wants to talk about having the Internet disappear. Google wants to make search so efficient that its engine knows what you want to find even before you think to look. The company has made impressive strides -- if you type in Elm Street while looking for directions on your Android phone, Google Maps usually guesses quickly and correctly which Elm Street you want -- but that's a long way from the world that Google is describing, and the transaction-cost and decision-rights issues will still get in the way.

-- The fuss over the "Internet refrigerator" that still crops up from time to time. The idea is that your refrigerator would sense when, say, you were low on milk and reorder it for you. But that requires an awful lot of engineering, both in the refrigerator and in whatever system of grocery delivery would be used, and only makes sense if you're turning just about all your shopping over to your refrigerator -- if you have to go to store anyway, it's simple to grab some milk.

And there is always the issue of decision rights. What if a family goes on vacation? How long will the refrigerator keep ordering? I have a friend whose 21-year-old son drinks a gallon of whole milk a day. When the son -- who is 6'5", weighs 285 pounds and looks like he could bench press a cow -- is home, they can't buy milk fast enough, but when he's gone at school they don't need any. Do they have to let a few gallons of milk sour before the refrigerator figures out the son is gone?

-- The excitement about home controls: remote-controlled lighting, the Internet thermostat that will sense who's in a room and adjust lighting levels and temperature to personal preferences and so on. Those are just an awful lot of work for not much benefit -- you can always flip a light switch or adjust a rheostat -- and doesn't resolve the issues that come up when one person likes a room cooler than the other.

Technology will make plenty of tasks disappear, but let's not be too hasty. We need to think through the costs, the benefits and the potential for errors and conflicts in automated systems, to make sure we don't fall victim to the seductive tendency to ignore transaction costs and decision rights.

The Internet won't disappear in my lifetime, which I'm assuming will be at least 30 more years. I won't even have sensors that turn on CNN and start my coffee when I get out of bed.

We - writers and readers of this site alike - are kindred spirits. We are the "Lighthouse family" because we all want to, or need to, climb to the top of the lighthouse to see what's over the horizon. We know we can't always change what's coming toward us, but we can be ready, perhaps sooner than others, to take action. Every day of my professional career, I have climbed at least some of the spiral steps inside the lighthouse.

When we look over the horizon, we can see all those important issues coming toward us, like digital customers, the impact of regulatory issues, the consequences of the Internet of Things and many others. But these issues don't come to us as a small drips of news, rather as a tsumani of information. Every day - hour - I get new insight and ideas. I have more opinions in one day than I had annually a decade ago.

We shouldn't complain. The alternative to being at the top of the lighthouse is, for me, pretty gloomy. It's about being down at the base of the lighthouse, standing on the rocks, being beaten up by the waves of change. It's like being in the dark when making important decisions, only wetter.

Often coupled with all this text information is the amount of analytics we receive. We are becoming analytics junkies. Perhaps someone should set up "Analytics Anonymous" for those who can't live without their data.

But don't we need to take all this information and the analytics with a pinch of salt? They are only relevant when seen in context. Look at any opinion, set of figures, blog even, at face value, and you are a poorer person. It's only by understanding the context of the information that you gain real insight.

The context might mean understanding how you are doing compared with your nearest competitor. Or even how your insurance customers are behaving at the supermarket checkout - maybe they have less disposable income, and your drop in revenue might be a function of their personal decisions to spend less on insurance so they can feed their families.

So my point is this: Imagine if all the information we received - data, comment, opinion - had an element of context to it. Let's call that prospect "Insight 2.0."

Context is everything. At a personal level, I may not be George Clooney, but at least my wife thinks I'm better looking than the next guy. At least I hope she does...

So, you took my advice and recently hired some 20-something, baby-faced college graduate based on his ambition and determination, hoping he'll turn into one of your key, high potential youths. But you quickly realized he lacks the real-world knowledge many of your other hires bring with them.

Let’s face it, many Millennials lack relevant experience and are missing some of those professional skills that are taught over the course of a career. But don't worry; every great professional was once an amateur.

Think of the group as a bowl of vanilla ice cream. There's a good base, but it's the supervisor's responsibility to add the "toppings."

Here are four ideas on how to engage your Millennials to learn and help speed up that professional development process:

1.     Chocolate Syrup – "Automobile University" (Podcasts)

Unless your employees are working from home, most will face a significant amount of windshield time. Some lucky employees only spend 30-45 minutes commuting to and from work. If they work in sales, they may spend a substantial amount of time in a car. Employers should suggest that ambitious employees use this down time to learn more on the industry. I suggest podcasts.

A podcast is a form of audio broadcasting on the Internet, similar to informative radio talk shows. People can simply download a podcast or series of podcasts onto their phone or iPod and plug it into their stereo using an aux cord for their daily travel (don't worry, your Millennials will know how to do it). Your auditory learners can efficiently gain some industry insight when they're simply doing what they’re going to have to do: drive to work.

These podcast can help your Millennials get some industry insight on current issues from experts for free. If you need a list of podcast series to suggest to your team, Duke Revard wrote a good article: 7 Stitcher Podcast Any Insurance Agent Will Benefit From. As a manager or mentor, you can have follow-up meetings with your subordinates and allow time to answer lingering questions or clarify how something they learned may apply in their positions or your organization.

2.     Whipped Cream - Article of the Day

Reading helps you move up the learning curve but can be time- consuming, and it's hard to filter through all the articles. As a manager, you can simplify this process for your young employees who are looking for some extra help getting up to speed.

Get in a routine where you send your team a daily email with "The Article of the Day," which is simply a short read you found relevant and beneficial. Subscribe to some industry news websites such as Property Casualty 360 or Insurance Thought Leadership for places to start sifting through an abundant amount of topics.

3.     Sprinkles - Junior Management Cabinet

Name it what you want, but the idea is simple. This would be an investment in a group of your younger employees who show high potential for future leadership spots in your organizational. This group would serve many purposes.

First, it could reduce your dysfunctional turnover. Key employees would understand their importance and that they have a place in the future of the organization. Nothing makes me want to work harder and be more dedicated than knowing that I am valued. "You invest in me, I'll invest in you."

Second, this could be used as a tool to train young employees who show the most promise. Organizations could have their "junior management cabinet" meet once a month to discuss a new management problem, then design a solution and present it to a group of managers. Other ideas for the cabinet include participating in top executive mentoring programs, being sent to informative conferences, shadowing board meetings and having more extensive performance appraisals with not only their manager but a development team.

4.     Cherry - Stress the Importance of Professional Development

This is a simple thought but often overlooked. Many supervisors or managers are disappointed in the progression of their employees yet do not stress the importance of development. One way to solve this is by adding "professional development" as a critical criterion on performance reviews. Help Millennials design new ways to progress in their knowledge along with evaluating them on how well they're currently performing.

Another idea is to apply the 80/20 rule: 80% of your time at the office is spent on completing core tasks while the other 20% is spent simulating. Google using this tactic for employees to innovate and design new ideas or concepts. The insurance industry can use the same concept on professional development. During simulation, employees should be encouraged to learn more about parts of the industry that they find fascinating. They could attend workshops, have lunch with an expert from your organization, peruse articles on their favorite website or even be encouraged to write their own thoughts on a topic.

Maybe you don't have 20% of a day to free your employees from, so maybe change it to 30 minutes a day or two flexible hours a week. Who knows what will come of it?

Food for Thought:

"Recently," a manager says, "I was asked if I was going to fire an employee who made a mistake that cost the company $600,000. 'No,' I replied, 'I just spent $600,000 training him. Why would I want somebody to hire his experience?'"

In the past, I've argued that there are legitimate reasons a doctor might dispense medications to a patient and that legislative and regulatory efforts to curb abuses of physician dispensing should be focused on the elimination of the financial incentive to do so while preserving the practice for the limited circumstances in which it might be necessary.

I've changed my mind.

The WCRI report published recently makes it crystal clear that the creativity of physician dispensers will always lead to maximization of revenue (and clearly inappropriate utilization of medications) unless the practice itself is eliminated.

The report shows that, essentially, drug re-packagers in California created novel dosages of certain medications to evade the constraints of the physician dispensing regulations. This allowed them to return to the typical physician-dispensing practice of creating new NDC codes and charging exorbitant amounts of money for drugs that would be have been substantially cheaper had they been secured through a retail pharmacy. Worse, utilization of these medications skyrocketed as a result of the revenue incentive for physicians (my conclusion, not WCRI's).

Physician dispensing doesn't make sense. Not in any circumstances. I could see a potential allowance for a one-time, short-term fill, but the routine dispensing of medications by physicians to patients should be banned. Immediately.

(Disclosure: PRIUM, and our parent company, Ameritox, provide financial support to WCRI).

Demands by the board, senior management and business units for more strategic and forward-looking information, together with competitive and regulatory pressures, have intensified the need to modernize insurance company operations, including the finance function, in particular.

A modernized finance function that provides internal and external stakeholders insightful and actionable information is critical to an insurer's ability to respond to evolving regulatory and reporting requirements and enjoy a competitive advantage in the marketplace.

The case for change

Insurers are reducing costs while managing increasing external and internal requirements for analysis and reporting. To meet these challenges, a common modernization goal - and the core of finance modernization - is the establishment of effective data management and an integrated communication and automation platform. Factors influencing the need to modernize include:

• Margin compression - A soft market and an increase in the severity of catastrophes are affecting insurers' top and bottom lines. As a result, finance and other functions have to reduce expenses while providing effective service. In addition, insurers must address aging infrastructure and build scalable automation solutions that integrate finance, actuarial and risk to facilitate access to data and create an efficient platform for the future.
• Increasing external reporting requirements - Multiple accounting bases have led to a need for additional technical competencies. Regulatory requirements, in particular, have put an added strain on financial organizations; the Insurance Contracts Project, Solvency II, ORSA PBR and real and potential SIFI designations are necessitating expanded access to data and more sophisticated reporting by insurers. These changes may require new measurement models and disclosures, general ledger re-mapping, presentations of financial results and, finally, conversion plans.
• Increasing internal reporting and analytic requirements - Enhanced modeling capabilities have resulted in a need for more robust valuation and asset testing but also have created the potential for product innovation and an overall competitive advantage. At the same time, the demand for better analytics and accelerated reporting is pressuring finance organizations to produce and analyze data at a more granular level in an accelerated timeframe.

In addition to these challenges, life insurance finance teams are contending with complex insurance/investment product offerings with hedging and capital management strategies, vendor extracts and unit value calculations for separate account accounting and reporting. The teams also must deal with insurance asset and liability modeling to calculate reserve valuations and proper asset and capital management, and complex life external treaties and affiliate reinsurance for capital management purposes.

Finance functions that continue to operate in a silo, separate from other related functions and the business, and use disaggregated, manual processes will be unable to be an effective strategic partner for the business. Insurance organizations must revisit their finance service delivery model to better align structure by type of activity and customer and address process, data and technology platform issues to meet growing demands.

Characteristics of a modernized company

A modernized company has efficient processes and clearly defined stakeholder (risk, actuarial, finance and technology (RAFT)) expectations. More specifically, a modernized finance function has the following characteristics:

• Data - Data strategy is consistently defined and "conditioned" to be processed from administrative systems to the ledger and ultimately the reporting environment. There is clear ownership of data. In a modernized company, data flows from commonly recognized sources and is capable of being extracted for analysis with minimal manual intervention.
• Organizational structure - Insurance finance organizations are structured by activity type and customer (transaction processing, specialized services, decision support). Activities are centralized where possible, leveraging shared services, centers of excellence and outsourcing, and decentralized where necessary. More specifically, companies that are able to effectively respond to industry pressures and outperform their peers demonstrate: 1) that finance operations are analyzed objectively as a service provider in terms of scope, cost and performance from their customers' perspective; 2) that, as a strategic business partner, finance's operating model is integrated with related areas (actuarial, risk, investments, reinsurance) and aligns with the business model; and 3) that the finance organization focuses on continuous improvement and seeks out an appropriate sourcing model.
• Tools and technology - Modernized tools and technology help the finance department process transactions in a more integrated environment with automated controls. Integrated platforms enable more flexible reporting that helps finance respond to finance customer and ad-hoc data needs. The general ledger is thin; robust sub-ledgers feature streamlined (hub) accounting rules; and there is a data warehouse structure to store detailed data in commonly recognized sources. Consolidation and business intelligence tools help facilitate streamlined internal reporting.
• Processes - Better data management and integrated automation allow for automated reconciliations and elimination of unnecessary activities. Planning and forecast activities are on a rolling basis with select assumptions. A nimble data environment enables finance to meet changing internal and external reporting requirements. Process owners are accountable for continuous process improvement. Greater than 60% of activity is focused on useful analysis.
• Reporting and governance - Better communication with finance's customers helps the function better manage expectations. Clarified roles and responsibilities and automation allow for more scalable efficient operations. Integrated committees within the RAFT functions and the business provide oversight and facilitate timely decision-making. Controls are well defined, rationalized and automated where possible.
• Business intelligence - Modernized finance functions streamline reporting of financial and operational metrics and align it with the company's strategic objectives. Demand management minimizes unnecessary reporting activities. Business units receive standard reports and provide business user access to data.

The benefits

Finance serves many roles within an organization but essentially strives to balance compliance, efficiency and business insight. A modernized finance function can deliver on all three fronts rather than only one or two of them.

Insurers traditionally have deferred investing time and money to resolve legacy back-office issues. Instead, they have invested in front-office operations and cut spending in other areas. However, as a result of increasing functional interdependencies, modernizing the finance function is now an imperative. Finance must not only ensure compliance with changing reporting requirements but also increase organizational efficiencies and provide valuable analytical insights that help the business quickly make informed decisions to gain a competitive advantage.

Factors for successful modernization/ key considerations

Possibly overhauling entire systems, processes and functional areas may feel daunting to company executives. In most cases, modernization will take several years. Accordingly, it is vitally important to develop a modernization strategy that articulates a path to real change. This will include visualizing a compelling future, clearly communicating expectations, creating a road map with achievable goals and avoiding overreach during implementation - in fact, regardless of the extent of required change, we recommend a staged approach to modernization.

Some high-level recommendations:

• Assess how well your people, process and technology can meet growing demands.
• Create a vision with design criteria/guideposts, a compelling future state and a gap assessment to the future state.
• Create a road map that outlines a staged approach with defined initiatives and clear accountability. This will help you develop a more detailed business case and clearly define implementation plans. Initial steps should address deep dives into bigger issues and potential quick wins.
• Look beyond finance to consider various internal stakeholder perspectives, including actuarial, risk, investment, reinsurance and business leaders, as well as external constituents such as regulators, rating agencies and investors.
• Consider changing organizational models first. Change agents in key decision-making roles should expedite analysis, decisions and change.
• Early wins create momentum and set the stage for behavioral change. Management must set the proper tone to ensure there is no "opt out" potential from the finance team.