Tag Archives: bcp

How to Assess Costs of Business Interruption

As a professional loss accountant with more than 20 years of experience with business interruption (BI) valuation, I can understand why policyholders struggle with finding a repeatable, efficient system that produces an accurate measurement of their BI exposure. Over the years, some of my clients recognized the issues with the traditional BI values approach, and decided to make a change. Unfortunately, too many companies continue doing what they have always done, even when there is a better way available.

BI

Consider for a moment, just how important BI information is to your underwriter. The numbers you report give the underwriter the basis for writing coverage and calculating premium. Each renewal provides policyholders the opportunity to present their unique BI exposure. Unfortunately, this opportunity is often squandered because of a misunderstanding of business interruption values and the exposures they represent. The point of this article is to share a proven, alternative approach.

Understanding BI Values

First, there’s the ratable value. It is the “big number” that is calculated for the business as a whole, assuming a 12-month, total shutdown of all revenue-generating operations. This worst-case and often unrealistic scenario is the information requested by the insurance company, usually in the form of a one-page worksheet. Without additional information, the underwriter will use this information to set limits and charge premium.

The ratable value calculated is somewhat meaningless, except that it establishes the base assumption that is used as the BI value in all other scenarios, such as unincurred cost categories. The ratable value is seldom a reflection of your exposures. Better ways to assess your exposures are to examine your maximum foreseeable loss (MFL) and probable maximum loss (PML) scenarios.

What Is Maximum Foreseeable Loss?

The MFL, as the name indicates, is the worst-case scenario. This is not as extreme as the ratable value scenario, but pretty close. The assumptions used here include a complete breakdown of protection and loss mitigating factors while you are hit where it hurts at the worst possible time. An example would be the loss of a unique distribution center to a retailer during the holiday shopping season — say the distribution center that handles online orders goes up in smoke on Cyber Monday.

The factors used to measure the ratable value would be used in this scenario to determine the business interruption value. Certain assumptions may change depending on the duration of the loss scenario. For example, labor expense may be considered completely saved in the ratable value scenario because of the assumption that there is nothing left, but only partly saved in an MFL scenario.

What About the Probable Maximum Loss?

The PML is the same as the MFL, except that loss mitigation efforts and protections work properly. The PML also takes into account pure extra expenses used to retain customers. The PML can help with decision making on purchasing extra expense coverage.

What Happens in Underwriting?

Although I’m not an underwriter, I’ve typically seen insurance companies take an engineer’s approach to MFL and PML scenarios that vary only in duration. This singular perspective does not account for the rest of the pieces of the puzzle. The other pieces are the finer details that actually occur during a claim. In a real claim, topics like seasonality, make-up and outsourcing would surely come up, but you won’t see them on any BI worksheet.

The MFL and PML should be based on realistic loss scenarios and measured as if they were a claim. Simply applying the ratable value to loss-period assumptions produces misleading and inflated numbers. This is precisely why it is in your best interest to develop your own valuation method based on real scenarios.

Why Create Exposure Scenarios?

If BI values are based on assumptions, and you are using the worksheet, then the assumption is a 12-month loss scenario. Can you imagine a scenario in which your operations would only be affected for six months? The worksheet makes a blanket assumption of 12 months whether realistic or not. Coming up with various loss scenarios by location would flesh out a more realistic representation of the impact of each particular loss. The scenarios would also highlight high-risk locations along your supply chain, which could improve your business continuity planning.

An exposure analysis project is not only an accounting project; it’s an integrated business exercise offering multiple benefits to an organization. The goal is to identify and examine loss scenarios and the resulting ripple effects.

It isn’t necessary, nor is it practical, to anticipate every possible loss scenario. It’s better to prioritize by perceived risk and probability. Then, develop a good sampling of loss scenarios from which you can determine the impact to operations and the mitigating actions that would be taken. Depending on the exposure, involve the appropriate internal personnel, e.g., operations, sales, business continuity, IT and accounting. The external experts you may involve are your broker, legal counsel and, of course, a forensic accounting firm that specializes in insurance work. Additionally, your company’s business continuity plan (BCP) and incident response plan should be factored in. However your scenarios play out, the loss accountants can calculate the business interruption as though it were an actual claim.

As you can see, this approach would produce a more accurate BI value by location and overall. It’s the right way to look at business interruption, so make it a part of your approach with underwriters.

What Insurers Need to Know About Bitcoin

A bitcoin (lowercase b), as a currency, has several flaws that will continue to limit its ability to replace money, as we know it. There are millions of words published on the subject, so I’ll leave it to the reader to assess arguments on both sides. However, Bitcoin (upper case B) as a protocol for the transfer of value is an extremely important innovation that the insurance industry would be wise not to ignore.

This article looks at the issue from the point of view where the insurance industry meets the engineering profession; this combination could be where some of the most important and valuable new opportunities arise.

The Block Chain Protocol (BCP)

The Block Chain Protocol is a brilliant innovation that cannot be un-invented – it is here to stay, and it will appear in many forms long after it sheds its association with so-called crypto-currencies. Bitcoin was designed to solve an age-old problem: the possibility of spending multiple times a promissory note such as currency. In the case of virtual currency, the problem is especially acute because a currency created on a computer can be easily copied by a computer.

The BCP can be compared to a train leaving the station. When the train arrives, the door opens and everyone piles in. After a predetermined amount of time, the doors close. While the doors are closed – and only while the doors are closed – the people write contracts for each other to agree upon. When the doors open, everyone piles out, but the contracts stay. Soon after, the doors close forever.

After the doors close, absolutely no changes can be made, ever. Any changes must be renegotiated as part of a new “block” in a continuing “chain” of transactions. This prevents someone from printing “money”, i.e., issuing the same contract to many recipients.

Today, this function is performed by a legal system, brokers and intermediaries such as banks and credit agencies – it is easy to see how these institutions would be concerned that an upstart technology that is fully decentralized with no CEO or corporate structure could literally exterminate their brokerage fees. (While I used a mechanical analogy of door and trains, the BCP operates using time stamps and cryptography to manage identities, ownership, vetting, etc.)

The big deal with bitcoin as a currency is that the value of a contract can be cast in time. The “crypto-currency” simply represents that value outside of the block for that exchange inside of the block.

Many people, including the media, get hung up on the idea of currency because that is something that obviously concerns everyone in the age of impending financial doom. However, one must not be fooled by hype nor remain complacent and hope the bitcoin issue it will go away. The BPC is here to stay, and there are thousands of them in existence, not just bitcoin.

Yes, this means threats to the status quo, but there are also great opportunities for those who learn how to use smart contracts to transmit value without institutional friction. The part that the insurance industry should be concerned with is the ability to transmit contracts.

When contracts are executed on a block chain and locked cryptographically, these are called “smart contracts.” The seminal work on smart contracts was written by Nick Szabo and introduced in this 1997 primer: The Idea of Smart Contracts. The remainder of this article will focus on one very important type of smart contract: the adjudicated smart contract partnering the insurance industry and the engineering profession.

The Oracle

Adjudicated contracts are contracts involving three parties: the insurer, the insured and the adjudicator. The insurance adjuster should immediately come to mind, but the work of the adjudicator is much more flexible.

In an insurance claim, there is often a forensic investigation involved. In many cases, the investigation may reveal failures of design, quality, defects and workmanship and moral hazard. When a payout is warranted, claim money is drawn for reconstruction and remediation per a contract.

The insurance industry depends on actuarial statistics and forensics to manage these risks. What if forensics could be performed and actuarial data compiled before the failure occurs?

Adjudication can be integrated directly into the performance contracts as the project is designed and built. Licensed professional engineers can “flip the switch” that releases funding or seal coverage for specific perils as they oversee the design/build contracts during design, construction and service life of a property. This would allow insurance companies the ability to price risk and adjust exposure pools with extreme accuracy.

Assurance by Design

In other words, it is possible to develop Block Chain Smart Contracts. My firm is doing this for the engineering, construction and property management industries. The concept is to codify current standard contract templates, such as AIA contracts, into a series of smart contracts on a cryptographic block chain. Contractual events will correspond to payment milestones underwritten by bank and insurance institutions. As each milestone is reached, the professional engineer will verify the proof of work and flip the switch that released the contract to the next insurable component.

The Insurance Industry Is Threatened

Today, many insurance companies are not too concerned with construction risk as long as it is priced correctly. What the insurance industry may not realize is that if too many good properties are subsidizing too many bad properties, private parties with good properties will use these adjudicated contracts to self-insure. For example, if a 250-unit, high-rise condo spends $4 million on a new potable water system and the insurance premiums are not discounted accordingly, the condo could now easily form its own risk-sharing pool with communities known to have new water systems.

With Block Chain Protocol technology and readily available data, almost anyone can now form an insurance pool.

The challenge then for the insurance industry is to use new technologies to build more and better insurance products using the legacy tools that they are built on and rapidly adopting new technological solutions that are now available to them.

The Block Chain Protocol may be one of the most important innovations of the digital age. Pretty much anyone with the job title of “broker” should be seriously concerned.

History provides countless examples of companies and industries that failed to adapt to new changes. For this reason, insurance should take the Block Chain Protocol very seriously. The technology is simple by design and only requires some creative adjustment and strategic partnerships to assimilate into the business plan.

Nobody will do it for us. We need to do it ourselves.

Telecommuting: The Future Office or an Insurance Nightmare?

Some employers view telecommuting as the cure-all to reduce fixed costs associated with real estate and to lure prospective employees to their workplace. Questions have persisted in the minds of some about the pros and cons of telecommuting. From the risk management standpoint we need to ask: Do we really understand the potential risk ramifications of telecommuting?

Telecommuting can be defined as the practice of employees working out of their private residences on a regular basis (once a week, twice a week, or more). With advances in technology (e-mail, computer networks, fax modems/machines, phone systems, etc.) telecommuting continues to increase at a steady rate. This virtual office atmosphere (being able to be connected essentially anywhere) has significantly increased the number of employees who can perform their jobs effectively from home. Tens of millions of Americans work at home on a regular basis.

The Benefits

  • Millions/billions saved in real estate costs including heating/cooling/electrical, etc.
  • Increased productivity to the company — employees are allowed to work at their own pace/environment with fewer interruptions.
  • Environmental benefits from less fuel consumed and less pollution.
  • Shorter commute times for those who still go to offices as a result of fewer vehicles on the road.
  • “Flex” time for family commitments and increased employee satisfaction.

It is also necessary to provide work-at-home employees with the same safe environment given to office employees. Each employer is required by OSHA to provide employees with a safe work environment regardless where the “work” is located. There was a proposal by OSHA to require home-office inspections but it was quickly dropped.

Challenging Insurance Issues

  • When are (are not) employees working?
  • If an employee slips and falls, was the employee working or taking out the trash?
  • What happens if an employee goes to the grocery store during the workday and becomes involved in an auto accident?
  • What if the employee is attacked in their own home during working hours?
  • Who pays for equipment and furniture?
  • Who pays for equipment and furniture if it is damaged in a fire or stolen?
  • What if a fire is caused by excessive electrical requirements of computers, fax machines, copy machines, and other business equipment?

Many of these issues are handled on a case-by-case basis depending on jurisdiction. While it seems clear that there is liability associated with injuries that occur in the home office, it is less clear how you can prove work-relatedness or non-work-relatedness. When accidents happen there are rarely any witnesses. Case law is being developed to address some of these issues but most cases are still decided based on the individual circumstances.

The property damage/loss issues need to be established as company policy. Most employers do not provide deluxe home offices for their employees. Many do provide an assortment of equipment (computers, phones, fax machines, etc.) to help the employee stay connected with the workplace. These items are business equipment and probably not covered by the employee’s insurance policies.

Employee Perceptions
Some employees are very comfortable telecommuting and being away from their fixed, corporate office. Others are concerned about their ability to work with the constant distractions of their home and family. Still others do not have or want to make room in their homes for a home office environment. There are valid concerns about staying visible to their co-workers and their management. Many employees feel isolated and not “part of the team.”

The flexibility that telecommuting allows is unquestionably of great value to many employees but it is not for everyone. The positive goodwill generated by the telecommuting environment often encourages employees to work longer and have a better opinion of the company.

Ergonomics
A majority of telecommuters are computer users. After all, it is technology that has enabled many employees to become telecommuters. The ergonomic concerns for home office workers must be addressed to minimize this significant risk factor. Employee education and training is the most effective tool. Home office inspections by trained ergonomists are usually not completed due to the cost involved and the perception of invading the privacy of the employee.

Many employees are not inclined to personally spend the money required for the proper equipment. If their employers do not provide the equipment, the employees use whatever equipment they have. This includes working at fixed height tables with non-adjustable chairs …. generally an ergonomic nightmare.

Educational efforts should be focused on the importance of having a good chair and adjusting the chair and workstation surface to minimize awkward postures. Excellent ergonomic training materials are readily available.

The issue of laptop computers must be addressed in your ergonomics program. A laptop is not designed for regular use – the keyboard is too small and either the keyboard or monitor screen will be in a poor position with respect to allowing neutral postures. Laptop uses should be provided docking stations with separate monitors and keyboards. At a minimum, employees should have a separate keyboard and mouse such that the laptop monitor can be raised to an appropriate level to allow for neutral postures.

The importance of exercise and stretching can not be overstated for computer users. The affects of non-occupational activities (such as additional computer use or video game playing) must also be stressed during educational efforts.

Security Issues
From a risk management perspective, another important aspect to consider is network security. Dial-up connections are inherently less secure than the network connections in the office. Remote users often neglect back-up storage of critical information. These issues need to be addressed through your business continuity and information technology plans. Also, business interruption exposures may exist at home and between office networks from undetected viruses or lack of anti-virus protection programs.

Telecommuters can be a significant component of your business continuity plan (BCP) . If your central office location is destroyed it typically does not impact the telecommuters workspace. Alternate computer networking arrangements are still critical. To be truly effective, your BCP must include a risk assessment at each home office location.

Telecommuting Safety Program
No matter how small or large your organization may be, every employer needs to establish a Telecommuting Safety Program. Such a program might include the following:

Objective
To reduce the frequency and severity of work-at-home accidents and incidents by informing telecommuters of their safety and health rights and responsibilities.

Program Elements
A. Employee training
B. On-site hazard assessment
C. Safety and health consultation
D. Accident investigation
E. Provision of appropriate safety and health devices
F. Contract with employees authorizing home visits

Employee Responsibilities
A. Conduct in-home inspections
B. Complete training
C. Report all incidents

Evaluation Mechanisms
A. Incident rates
B. Incident report forms
C. Workers’ compensation claims
D. Employee feedback

Specific Questions to Consider

Home Inspections

  • Is there a functioning smoke detector in the employee’s home?
  • Are there two or more means of exit/egress from the work area?
  • Are aisles/passageways in the work area clear at all times?
  • Are work area properly illuminated?
  • Are electrical cords/wiring adequately loaded/grounded?

Ergonomics

  • Is the workstation properly adjusted?
  • Have employees been trained on ergonomics?

Air Quality

  • Are gas fired appliances provided with exhaust vents?
  • Has indoor air been tested/evaluated for humidity, moisture, radon, carbon monoxide/dioxide, etc.?

Incident/Accident Investigation

  • Have company policies been established and implemented stating who will perform home inspections and incident investigations to address potential “invasion of privacy” issues?

Company Responsibilities

  • Has training been provided in home inspections, ergonomics, fire hazards, trips/falls, etc.?
  • Are computer equipment and office furniture provided and set up to meet employee needs?

Employee Responsibilities

  • Have employees completed all work-at-home training programs?
  • Do employees follow all established policies regarding home inspections and incident/accident reporting?

Evaluation

  • Has an annual evaluation of the Telecommuting Safety Program been performed?
  • Does comparison of telecommuting vs. office incident rates justify continued telecommuting?

Conclusion
Telecommuting is here to stay. There are too many benefits for employers and employees. As risk management and insurance professionals we need to acknowledge the risks presented by telecommuters and identify and implement corrective actions to minimize our exposure.

Authors
Dirk Duchsherer collaborated with Steve NyBlom (CSP, CPEA, ARM, ALCM) in writing this article. Steve is the Assistant Administrator of the Risk Management/Insurance Practice Specialty and is a Vice President with Aon Risk Services in Los Angeles, CA.