Tag Archives: lloyds of london

blockchain

Why Insurers Caught the Blockchain Bug

In April 2015, Lloyd’s of London launched the Target Operating Model (TOM) project. TOM is a central body responsible for delivering modernization to the still heavily paper-based wholesale insurance transactions in the London insurance markets.

You can state, “I Support TOM,” on a registration site or you can “like” TOM on social media. The project has had several “innovation” events. It has an orange logo reminiscent of the 1990s, when orange was the new black. The project has even tried to coin yet another tech mashup term for the London insurance markets surrounding Lloyd’s: InsTech.

This is not the first time the London insurance markets have tried to modernize. They are serial reformers, and their attempts have had varying degrees of success (from total failure to middling impact).

Limnet (London Insurance Market Network) made progress with electronic data interchange in the 1980s and early 1990s. Electronic Placement Support (EPS) worked in the late 1990s, but few used it. Kinnect, at a cost conservatively quoted as £70 million, was abandoned in 2006. Project Darwin, which operated from 2011 to 2013, achieved little. The Message Exchange Limited (TMEL) is a messaging hub for ACORD messages that has had modest success, but most people still use email.

Numerous private exchanges or electronic messaging ventures have gained only partial market shares. Xchanging Ins-Sure Services (XIS), a claims and premiums processing joint venture, was formed in 2000 and runs adequately but still has a lot of paper involved.

A swift walk round Lloyd’s, perhaps passing by the famous Lamb Tavern in Leadenhall Market, reveals a lot of heavy bundles of paper, lengthening the arms of long-term insurers.

Does ontogeny recapitulate phylogeny?

Ernst Haeckel (1834–1919) was a German biologist and philosopher who proposed a (now largely discredited) biological hypothesis, the “theory of recapitulation.” He proposed that, in developing from embryo to adult, animals go through stages resembling or representing successive stages in the evolution of their remote ancestors. His catchphrase was “ontogeny recapitulates phylogeny.”

In a similar way, TOM seems to be going through all the previous stages of former wholesale insurance modernization projects, databases, networks and messaging centers, but it may come out at the end to realize the potential of mutual distributed ledgers (aka blockchain technology).

Information technology systems may have now evolved to meet the demanding requirements of wholesale insurance. And wholesale insurance differs from capital market finance in some important ways.

First, insurance is a “promise to pay in future,” not an asset transfer today. Second, while capital markets trade on information asymmetry, insurance is theoretically a market of perfect information and symmetry—you have to reveal everything of possible relevance to your insurer, but each of you has different exposure positions and interpretations of risk. Third, wholesale insurance is “bespoke.” You can’t give your insurance cover to someone else.

These three points lead to a complex set of interactions among numerous parties. Clients, brokers, underwriters, claims assessors, valuation experts, legal firms, actuaries and accountants all have a part in writing a policy, not to mention in handling subsequent claims.

People from the capital markets who believe insurance should become a traded market miss some key points. Let’s examine two: one about market structure, and one about technology.

TIn terms of market structure: People use trusted third parties in many roles—in finance, for settlement, as custodians, as payment providers and as poolers of risk. Trusted third parties perform three roles, to:

  • Validate — confirming the existence of something to be traded and the membership of the trading community
  • Safeguard — preventing duplicate transactions, i.e. someone selling the same thing twice or “double-spending”
  • Preserve — holding the history of transactions to help analysis and oversight and in the event of disputes.

Concerns over centralization

The hundreds of firms in the London markets are rightly concerned about a central third party that might hold their information to ransom. The firms want to avoid natural monopolies, particularly as agreed information is crucial over multi-year contracts. They are also concerned about a central third party that must be used for messaging because, without choice, the natural monopoly rents might become excessive.

Many historic reforms failed to propose technology that recognized this market structure. Mutual distributed ledgers (MDLs), however, provide pervasive, persistent and permanent records. MDL technology securely stores transaction records in multiple locations with no central ownership. MDLs allow groups of people to validate, record and track transactions across a network of decentralized computer systems with varying degrees of control of the ledger. In such a system, everyone shares the ledger. The ledger itself is a distributed data structure, held in part or in its entirety by each participating computer system. Trust in safeguarding and preservation moves from a central third-party to the technology.

Emerging techniques, such as smart contracts and decentralized autonomous organizations, might, in the future, also permit MDLs to act as automated agents.

Beat the TOM-TOM

Because MDLs enable organizations to work together on common data, they exhibit a paradox. MDLs are logically central but are technically distributed. They act as if they are central databases, where everyone shares the same information.

However, the information is distributed across multiple (or multitudinous) sites so that no one person can gain control over the value of the information. Everyone has a copy. Everyone can recreate the entire market from someone else’s copy. However, everyone can only “see” what their cryptographic keys permit.

How do we know this works? We at Z/Yen, a commercial think tank, have built several insurance application prototypes for clients who seek examples, such as motor, small business and insurance deal-rooms. The technical success of blockchain technologies in cryptocurrencies—such as Bitcoin, Ethereum and Ripple—have shown that complex multi-party transactions are possible using MDLs. And, we have built a system that handles ACORD messages with no need for “messaging.”

Z/Yen’s work in this space dates to 1995. Until recently, though, most in financial services dismissed MDLs as too complex and insecure. The recent mania around cryptocurrencies has led to a reappraisal of their potential, as blockchains are just one form of MDL. That said, MDLs are “mutual,” and a number of people need to move ahead together. Further, traditional commercial models of controlling and licensing intellectual property are less likely to be successful at the core of the market. The intellectual property needs to be shared.

A message is getting out on the jungle drums that MDLs, while not easy, do work at a time when people are rethinking the future of wholesale insurance.

If TOM helps push people to work together, perhaps, this time, market reform will embrace a generation of technology that will finally meet the demands of a difficult, yet essential and successful, centuries-old market.

Perhaps TOM should be beating the MDL drums more loudly.

tech

Where Are the InsurTech Start-Ups?

As a technology investor, I spend my days scouring Europe in search of the next big thing.

London’s FinTech scene has been a profitable hunting ground of late. With the U.K. FinTech industry generating $20 billion in revenue annually, it is not surprising that $5.4 billion has been invested in British FinTech companies since 2010.

A daily journey on the Tube is a testament to how rich the FinTech scene has become, with the capital’s underground trains now wallpapered with ads for Crowdcube, Transferwise, Nutmeg and other innovative companies. And London has played host to FinTech Week, celebrating the contribution these firms are making to the capital’s evolving financial services industry.

But where are the insurance tech entrepreneurs?

It is frequently—and accurately—argued that it is London’s birthright to play host to the poster-children of FinTech because of the capital’s impressive legacy and world-leading position in banking.

Read more: London FinTech investment in 2015 has already surpassed last year’s total.

The same can be said of insurance: The concept of modern insurance was solidified in Edward Lloyd’s coffee house in the 1680s. Yet there isn’t a day celebrating InsurTech— let alone a week of conferences, events and after-parties.

This is even though the insurance industry, with trillions of dollars of annual insurance premiums globally, is comparable in size to the rest of the financial services industry put together. Digital insurance should be an obvious target for technological disruption, especially as traditional insurers have struggled to adapt to the digital age en masse.

Recent research by Morgan Stanley found that consumer satisfaction with online experiences in the insurance industry is well below average, with only real estate and telcos finishing lower in the 16-industry league table. The big insurance brands have very little contact with their end consumer because of intermediaries such as offline broker networks, and, as a result, brand advocacy is often low. Put it this way: When was the last time you raved to your neighbor about your insurance provider?

Technology has the potential to drive worthwhile change in insurance. There are already a few success stories, but only a few. Insurance comparison engines such as Moneysupermarket, Compare the Market and Check24 have fundamentally altered how consumers discover their insurance providers. Black Box Insurance, based on telematics data, has become a mainstream product for young drivers, fueling the growth of companies such as InsureTheBox and Marmalade.

Read more:  These are the most influential people in FinTech

These are all fantastic firms, but there is not a long list beyond these examples.

So, why don’t we see more of this type of innovation? Insurance does have far higher barriers to entry than many other industries. To simply get an insurance company off the ground, it requires a colossal amount of cash to cover any potential claims. Additionally, regulation is tough, with good reason. The European Commission’s Solvency II Directive sets a high standard for the capital requirements for insurers to hit to be classed as an eligible provider.

This type of money is hard for a start-up to find. Having said this, very similar challenges are being overcome in retail banking, with challenger banks such as Metro and Atom obtaining banking licenses and putting regulatory capital in place. The successes that many have encountered in FinTech should buoy potential InsurTech entrepreneurs, as should the appetite of venture capitalists to invest in the insurance sector.

I don’t just speak for myself; insurance has excited many colleagues from other funds, especially as the industry is starting to give us some success stories. Slowly but surely, companies such as The Floow, BoughtByMany and QuanTemplate are demonstrating that technology can disrupt the insurance industry. London’s centuries-old legacy in insurance has created a talent pool that is, arguably, the best in the world. Combine this with the strong tech talent in the capital and you can see that the raw ingredients required to build extremely interesting companies are readily available. Additionally, certain large incumbent insurers are beginning to show interest in nurturing the capital’s potential InsurTech community. AXA is a particularly good example, having recently launched Kamet, a €100 million accelerator program aimed specifically at InsurTech entrepreneurs.

The combination of VC appetite, available talent and support from existing players demonstrates that London is a powder keg of untapped potential. The only missing ingredients, at the moment, are the world-beating entrepreneurs willing to put their ideas to the test.

FinTech has shown that London can lead the world in industries that are steeped in tradition and ripe for change. It’s time for InsurTech to step out of the wings.

Grave Threat to the Electric Grid and the Internet

On July 23, 2012, a plasma cloud of gigantic proportions raced toward Earth at nearly 2,000 miles per second, about four times the normal speed for a solar eruption. Had the gigantic cloud hit the Earth – as a similar eruption did in the mid-1800s – it would have devastated much of the world’s power grids and many satellites, taking down much of our telecommunications systems and GPS. The damage would have run into the trillions of dollars and would have taken months or even years to reverse.

The good news: While the cloud passed through the Earth’s orbital path and hit Goddard’s Stereo A satellite, the cloud missed us.

The bad news: Not by much. If the storm had happened just nine days earlier, the Earth would have been directly in its path.

The worse news: We are overdue for a direct hit. Such huge storms are expected to hit the Earth every 150 years, and the last one struck 155 years ago.

“Had [the 2012 magnetic storm] hit Earth, it probably would have been like the big one in 1859, but the effect today, with our modern technologies, would have been tremendous,” UC Berkeley research physicist Janet G. Luhmann said in March, when researchers from UC Berkeley and China reported their analysis.

Daniel Baker, of the Laboratory for Atmospheric and Space Physics at the University of Colorado, said that, if the storm had hit, “we would still be picking up the pieces.”

A severe space weather event that causes major disruption to the U.S. electricity network and to communications would have obvious implications for the insurance industry. If businesses, public services and households are without power and, thus, many forms of communication, for a sustained period, insurers may be exposed to unprecedented claims for business interruption and many other issues.

So, every insurer, broker and business that relies on the power and telecommunications grids – in other words, almost everybody these days – should consider space weather scenarios and start planning for them.

We have some historical record of the devastation that would occur because, for five days beginning on Aug. 28, 1859, astronomers Richard Carrington and Richard Hodgson witnessed sunspots on the sun’s surface. The solar flare caused two major coronal mass ejections, or CMEs, which typically unleash energies equal to that of about a billion hydrogen bombs, according to scientists. One of these CMEs was so much more powerful than the norm that it traveled to Earth in 17.6 hours, while such journeys usually take three to four days.

The huge storm – now known as a Carrington Event – caused major disruptions to the nascent telegraph system, and the effects continued into September. The New York Times reported on Sept. 5 that a telegraph operator by the name of Frederick Royce said, “My forehead grazed a ground-wire which runs down the wall near the sounder. Immediately, I received a very severe electric shock, which stunned me for an instant. An old man who was sitting facing me, and but a few feet distant, said that he saw a spark of fire jump from my forehead to the sounder.”

As late as Sept. 19, the Gettysburg Compiler reported that a telegraph operator “chanced to touch the wire and was thrown in violence of a shock he received across the room.”

Telegraph lines melted or suffered spotty service. “The French telegraph communications at Paris were greatly affected, and on interrupting the circuit of the conducting wire strong sparks were observed. The same thing occurred at the same time at all the telegraphic stations in France,” the Illustrated London News reported.

The Philadelphia North American & United States Gazette noted: “The telegraph operators throughout the East report a very brilliant display of auroral light, which though very fine to look at, has as usual greatly hindered the transmission of messages over the wires.”

If such a storm were to happen today, a study by the National Academy of Sciences calculates, the total economic impact could top $2 trillion. That would be 20 times the costs of a Hurricane Katrina. Huge power transformers, fried by a Carrington Event, would take years to repair. Lloyd’s of London put the figure at as much as $2.6 trillion in a 2013 document called “Solar Storm Risk to the North American Electric Grid.”

The effect of a Carrington Event would be so much greater today than it was in 1859 because we are so much more connected, supported by the electrical grid and satellites. The schematic of the U.S., below, highlights how New England, the Middle Atlantic, the Upper Midwest and the Northwest would feel significant fallout from a direct solar blast. The outlined sections indicate areas of probable power system collapses. Those areas are home to more than 130 million people.

graph3

Our various infrastructures – i.e., electric power, transportation, water and banking – are intimately connected. That means that a serious impact on our power grid would unleash a domino effect on the remaining systems. This, in turn, would have a large effect each one of our daily activities.

The Lloyd’s of London study in 2013 concluded that:

• A Carrington-level geomagnetic storm is practically inevitable. While the odds of an extreme storm is relatively low at any one time, it’s virtually inevitable one will occur eventually. Historical auroral records suggest a return period of 50 years for severe storms and 150 years for very extreme storms, like the Carrington Event.
• The risk of intense geomagnetic storms is greater when we approach the peak of a solar cycle. Solar activity follows an 11-year cycle. For the current cycle, the geomagnetic storm risk is projected to peak in early 2015.
• As the North American power infrastructure ages, the risk of a catastrophic outage grows with each solar cycle peak. The potential exists for long-term, widespread power outages.
• Weighted by population, the highest risk of storm-induced power outages in the U.S. is along the Atlantic corridor between Washington and New York City. This takes into account risk factors such as magnetic latitude, distance to the coast, ground conductivity and transmission grid properties. Other high-risk regions are the Midwest states, such as Michigan and Wisconsin, and regions along the Gulf Coast.
• The total U.S. population at risk of extended power outage from a Carrington-level storm ranges from 20 million to 40 million. The outages could last from 16 days to as long as two years. The duration of outages will depend mainly on the availability of replacement transformers. If new transformers must be ordered, the lead time is likely to be at least five months.
• Storms weaker than Carrington-level could produce a small number of damaged transformers – from 10 to 20 – but the potential damage to densely populated regions along the Atlantic Coast is still significant. The total number of damaged transformers is less relevant for prolonged power outages – their concentration is what matters. The failure of a small number of transformers serving a highly populated area could trigger a prolonged outage.

Insurers may want to consider scenario planning that looks at two issues, in particular, to be ready for a Carrington Event. First, they may want to examine the operational constraints that could occur – insurers, for instance, might be unable to receive premium payments or issue policies and invoices while addressing policyholder claims. Second, insurers may seek to assess their potential overall exposure to claims for business interruption or other losses that a Carrington Event could cause.

Developing contingency plans for the possibility that a disaster will zap plants, buildings and equipment may also prove beneficial. This plan could focus on how companies might continue to operate even during a long-term interruption. This could include involving backup generators for critical systems, redundant computer systems and, for companies that are big enough, locations in areas that are less likely to be affected by a major storm and that can be staffed up in an emergency. It’s worth remembering that other companies will be scrambling to do the same thing – so options for relocating critical functions may be more limited in densely populated areas.

Companies may look to engage their full risk-management expertise, including a discussion about business-interruption insurance. Directors and trustees likely need to devote particular focus, because of their positions of responsibility. And, if you’re in management, you may want to ask yourself: “Is our board informed about the risks of potential exposure to a Carrington Event, or something similar?”

If not, it may be time to act.

The materials referenced herein are prepared by the author and as such do not necessarily represent the views or opinions of OneBeacon Professional Insurance. OneBeacon Professional Insurance makes no claims concerning the completeness or accuracy of these materials and takes no responsibility for supplementing, updating or correcting such materials.

This document is for general informational purposes only and does not constitute and is not intended to take the place of legal or risk management advice. Parties should contact their own personal counsel for any such advice.

How to Focus on Emerging Markets: Operational Excellence

Global economic trends will transform the customer base for most industries across the world. Rising per capita incomes, favorable demographics and continuing economic growth are leading to a massive expansion of the emerging middle class.

The World Bank defines the middle class in two brackets based on earnings per day: US$2–US$9 and US$9–US$13. According to the World Bank, 10 times as many people entered the lower versus the higher income bracket between 1990 and 2005— highlighting the success of countries such as India and China that have invested millions in the middle class over the past two decades. For this report, our focus is on 
those earning US$2–US$9 a day, or the “emerging consumer.” We define the “global middle class” as earning an average of US$10–US$100 a day. This level of consumer has more disposable income to buy consumable goods and to invest.

While the remarkable growth of emerging market economies has brought millions out of poverty, fewer people have moved into the global middle class. Over the next two decades, we estimate that the middle class will expand by three billion people, coming almost exclusively from the current low-income segment. Financial inclusion will be important to aid this expansion. The significance of insurance for this low-income customer segment cannot be overstated, particularly given the lack of social health care in these countries. Life insurance supports a family when the breadwinner dies; in-patient hospitalization costs are generally paid for through out-of-pocket expenses and can deplete existing savings. As climate change and natural disasters such as Cyclone Phailin in the Philippines become more prevalent, the importance of asset-backed insurance (e.g., for weather, cattle and livestock) continues to grow.

The importance of insurance

Insurance has clear social value for the emerging consumer. Low-income consumers need to be insulated from risk because they lack the accumulated capital to withstand adverse events. Apart from its advantages as a risk management tool, insurance enables low-income consumers to take calculated risks to emerge from poverty, make wise investments or ensure their families will be provided for in case of an unforeseen event.

As economists Abhijit Banerjee and Esther Duflo point out in their book, Poor Economics, the poor are not irrational in their spending behavior, but rather hyper-rational, because the value of each money unit is higher than for other consumer segments. Thus, insurers should understand some of the key challenges facing these consumers and align their operating models to service them better:

  • Inconsistent cash flows — These consumers often have irregular pay cycles, making premium payments difficult.
  • Significant dependency on a single source of income — Dependence on one main breadwinner may create a financial burden.
  • A mobile segment — Many jobs require long commutes from rural areas and constant mobility; lack of portability and accessibility may hinder the purchase of insurance.
  • Lack of awareness of the concept of insurance — Risk pooling or premium payment benefits that may not accrue to the customer may be difficult concepts to understand.
  • Lack of trust — For some industries, this may lead to reputational issues; these can be more extreme when purchasing an intangible product like insurance.

Despite these challenges, customers spend sleepless nights worrying about various risks. The vulnerability is much greater for this segment than for others with higher disposable income.

How big is this market?

In 2009, there were approximately 1.5 billion–3 billion people with minimal access to formal insurance services globally, as highlighted by Lloyd’s of London. Today’s audience has not changed significantly, but consumers face different risks — related to life, health and assets. ILO’s Microinsurance Innovation Facility believes that insurance for low-income consumers has evolved differently across geographies — from 200% growth between 2008 and 2012 in Africa to a steady evolution in India and other Asian economies.

India has the largest share of low-income consumers with insurance — the result of strong regulation and government schemes, especially in health insurance. South Africa, Kenya, Ghana and Tanzania have been rapidly increasing coverage and developing microinsurance-focused regulations. Asian economies such as Indonesia, the Philippines, Bangladesh and Pakistan continue to grow in this space, as well.

Emerging markets are unique in terms of demographic and economic segmentation. Countries such as India have a more standard income-based segmentation pyramid, whereas other developing countries such as Ghana and Nigeria have a flatter pyramid, with most potential customers in the low-income segment.

Globally, we observe many insurers and intermediaries expanding their sales focus down the pyramid to reach the emerging consumer. Depending on the specific market, some players are servicing the low-income customer segment through simple insurance offerings and third-party distribution. Nevertheless, the vast majority are conventional insurers targeting the current “top” of the pyramid.

Irrespective of the geography, insurers recognize that today’s low-income customers are tomorrow’s middle class. However, winning this customer segment is not just about creating lower-priced products or selling existing products using a third-party distributor such as a micro-finance institution. Insurers will have to learn from the dynamics of their respective markets and drive innovation by transforming their strategies and operating models to grow with emerging consumers and their developing needs.

But is it profitable?

The foremost challenge for insurers in this market
 is the lack of systems and dedicated performance management tools to track profitability. These are often missing because of a lack of investment or simply lack of focus by senior management. The industry segment is young and lacks tracking tools. Insurers usually do not separate performance reporting between traditional and emerging consumer insurance. Future performance management tools need to capture metrics for both revenue and cost to determine the profitability trends for this segment.

Typically, there is a lack of historical risk data for low-income consumers. Thus, pricing is not very scientific and uses proxies with a constant iterative feedback loop. As historical data quality improves, we expect risk-based pricing for this segment will lead to better-priced products.

Insurers are leveraging various technology-enabled channels, such as mobile phones in Africa, to sell these insurance services, thereby reducing distributor and operating expenses. Insurers are also selling life insurance through retailers reusing rechargeable vouchers, thus eliminating the distributor layer and trimming costs significantly. Various government-sponsored insurance schemes have standardized processes for enrollment of new beneficiaries, post-sale servicing and claims management. However, there are no universal measures to reduce market costs — an important objective because insurers need to demonstrate profitability. Those insurers that can redefine their operating models and generate high operational efficiency will reap the benefits of serving this large, untapped and developing customer segment.

Need for greater investment

Insurance companies in emerging markets have typically found it expensive to cater to the emerging consumer. The high cost of acquisition, lack of trust and inaccessibility make outreach difficult. Moreover, many insurers have failed to develop a sound business case, with a low-cost and differentiated operational strategy, to enter these markets.

Insurance for the emerging consumer is still in a nascent stage. While large insurers may be deploying significant capital to penetrate this market, other initiatives have been part of corporate social responsibility or philanthropic programs. Often these projects target specific concerns related to product development, distribution or customer awareness. Such forms of funding do not appear sustainable or scalable for the long term.

Transformational programs are required to achieve operational excellence. This is where investment from insurers or private equity investors (more specifically, impact investors) can bring true value — not just in 
the form of capital, but also technical knowledge and expertise to develop cost-efficient distribution channels and well-designed products, and to drive organizational change for profitability.

As insurers rapidly expand in emerging markets, we see opportunities to help them with specific geographic issues in impact investing, measurement and value generation. We are working together with LeapFrog Investments to reach this virtually untapped market. Their approach is a compelling complement to our broad service lines and global competence.

Effectively targeting emerging consumers

Many insurers have used existing operating models in innovative ways to reach the low-income consumer.
 A large private sector life insurer in India, for example, created a “top-up” life insurance product in 2008, offering low-income consumers pay-as-you-go options. This eliminated scheduled premiums for consumers who typically do not have a steady stream of income.

In addition to our earlier discussion of issues facing consumers, there are three dominant challenges for insurers to consider in developing the emerging consumer market.

  • Awareness — Building customer trust through educational and marketing initiatives; the most convincing way for insurers to build awareness is to deliver on their claims’ promises
  • Affordability — Providing insurance at an affordable price and benefits that the end customer values; this places high importance on product design
  • Accessibility — Ensuring ease in purchasing insurance, servicing and claims handling

These three challenges can be mapped to the following external and internal success factors that will play an important role in developing this market.

External success factors

Regulatory framework

A strong regulatory framework is required to support the industry, and emerging markets have benefited from the regulatory push. India’s insurance regulator was among the world’s first to have quota-based mandates for licensed insurers (requiring them to source a percentage of their business from rural and unorganized markets) and to develop specific regulations for products and distribution. A more principle-based approach is being taken by The National Insurance Commission in Ghana in drafting microinsurance regulations. These enable insurers to innovate with product definitions and distribution tie-ups as they develop affordable and accessible products for the lower-income segment.

Technical and logistical infrastructure

Insurers in emerging markets also face infrastructure-related challenges, requiring local and highly pragmatic business solutions. Typical issues include a lack of options to communicate or interact with customers, no “know your customer” processes and limited payment infrastructure. Leveraging the high mobile penetration, various technology-based solutions
 have emerged. Insurers need flexibility to ensure that insurance sales, post-sale servicing and claims management are quick and efficient.

Intermediaries and partnerships

Distribution is one of the most important concerns. Last-mile connection with customers is a challenge because of a large segment living in inaccessible areas, their constant mobility or simply a lack of access to the same touch points more affluent segments have (e.g., bank branches, financial advisors). Use of traditional distribution channels, such as agents or advisors, can be an expensive proposition because of high commissions and the need to adapt specific requirements for this segment. Furthermore, existing channels are typically not trained to deal with the lower-income consumer. Along with traditional channels that are managed in a lean and cost-efficient manner, there are other successful distribution alternatives in this market that include partner-agent models (e.g., using business correspondents), as well as those created by piggybacking on existing distribution channels (e.g., mobile network operators, retailers).

Internal success factors

Low-cost and efficient operating model

Insurance for low-income consumers is a low-margin business because of lower average premiums per customer and relatively high fixed costs. This makes it more important to run an efficient operating model with simplicity and innovation and to ensure that internal processes are standardized across the organization. Customer interfaces need to be simplified with each customer touch point for consistent communication. The need to leverage technology to achieve these objectives is a given.

Supporting governance structure and performance management framework

Institutional and infrastructural conditions in emerging markets lead to specific requirements in running 
the business, such as decentralized sales or strong interaction with intermediaries. This requires robust governance and risk management structures, which support management steering and enable operational control in critical areas such as quality issues or fraud. In these situations, a well-functioning performance management framework, with operational KPIs and controls, is important to identify issues and react to deviations. This should be embedded across the organizational structure.

Simple and innovative product design

Simple yet innovative product design is critical to increase penetration. Products need to be easily understood by customers, easy for agents or intermediaries to sell and provide real value for the client. Additionally, standardized products will improve operational quality and efficiency, which is critical to running a profitable business in a low-margin segment.

In the next few years, innovative solutions that provide insurance to emerging consumers will include:

  • Selling insurance through a utility company (e.g., Mapfre and Codensa in Colombia)
  • Reaching small businesses for agriculture insurance via mobile phone technology (e.g., Kilimo Salama in East Africa)
  • Integrating products with a telecom provider; outsourcing customer service and premium collection to intermediaries or facilitators (e.g., Bima in Asia and Africa)

Many of these solutions will be independent or integrated services. But insurance companies will drive these innovations, and only those players that are able to develop profitable operating models will succeed. While leveraging third-party providers for various services will be important, insurers still need to focus on their customer relationships and operations to generate maximum value from these third-party relationships.

Customer-centricity, operational efficiency, risk management and performance management will be crucial but will not ensure sustainable success. The most important aspects are corporate culture (change, individual involvement and leadership) and the mindset of people.

For the full report, see: Operational Excellence For Insurers.

A Look At Cyber Risk Of Financial Institutions

Overview Of The Risk
There were more than 26 million new strains of malware released into circulation in 2011. Such a rate would produce nearly 3,000 new strains of malware an hour! Almost two-thirds of U.S. firms report that they have been the victim of cyber-security incidents or information breaches. The Privacy Rights Clearinghouse reported that since 2005, more than 534 million personal records have been compromised. In 2011, 273 breaches were reported, involving 22 million sensitive personal records. The Ponemon Group, whose Cost of Data Breach Study is widely followed every year, indicated a total cost per record of $214 in 2011, an increase of over 55% ($138) compared to the cost in 2005 when the study began.

Other surveys are consistent. NetDiligence, a company that provides network security services on behalf of insurers, reported in their “2012 Cyber Risk and Privacy Liability Forum” the results of their analysis of 153 data or privacy breach claims paid by insurance companies between 2006 and 2011. On average, the study said, payouts on claims made in the first five years total $3.7 million per breach, compared with an average of $2.4 million for claims made from 2005 through 2010.

And attacks simply don't target large companies. According to Symantec's 2010 SMB Protection report, small busineses:

  • Sustained an average loss of $188,000 per breach
  • Comprised 73% of total cyber-crime targets/victims
  • Lost confidential data in 42% of all breaches
  • Suffered direct financial losses in 40% of all breaches

Indeed, according to the 2011 Verizon Data Breach Report, in 2010, 57% of all data breaches were at companies with 11 to 100 employees. Interestingly, it was the Report's opinion that 96% of such breaches could have been prevented with appropriate controls. Bottom line: cyber attacks are here to stay — and in many ways, they are getting worse.

A Look At The Financial Institution Sector
Willy Sutton once infamously remarked that he robs bank because “that's where the money is.” According to Professor Udo Helmbrecht, the Executive Director of the European Networking and Information Security Agency, if Willy Sutton was alive today, he would rob banks online.

Criminals today can operate miles, or even oceans, away from the target. “The number and sophistication of malicious incidents have increased dramatically over the past five years and is expected to continue to grow,” according to Gordon Snow, Assistant Director of the Cyber Division of the Federal Bureau of Investigation (testifying before the House Financial Services Committee, Subcommittee on Financials Institutions and Consumer Credit). “As businesses and financial institutions continue to adopt Internet-based commerce systems, the opportunity for cybercrime increases at the retail and consumer level.” Indeed, according to Snow, the FBI is investigating 400 reported account takeover cases from bank accounts of US businesses. These cases total $255 million in fraudulent transfers and has resulted in $85 million in actual losses.

According to the FBI, there are eight cyber threats that expose both the finances and reputation of financial institutions: account takeovers, third-party payment process breaches, securities and market trading company breaches, ATM skimming breaches, mobile banking breaches, insider access, supply chain infiltration, and telecommunications network disruption.

It was telecommunications network disruption that dominated the news in 2012.

Otherwise known as a distributed denial of service attack, US banks were attacked repeatedly throughout the year by sophisticated cyber “criminals” whose attacks were eventually sourced to the nation of Iran in what would truly be considered a Cyber War attack against this country's infrastructure.

Among the institutions hit were PNC Bank, Wells Fargo, HSBC, and Citibank, among many others. Big or small, it made no difference. At the end of the day, as many as 30 US banking firms are expected to be targeted in this wave of cyber attacks, according to the security firm RSA. And it is likely that we are not at the end of the day. On January 9, 2013, the computer hacking group that has claimed responsibility for cyber attacks on PNC Bank vowed to continue trying to shut down American banking websites for at least the next six months.

That is not to say that financial situations only had to worry about distributed denial of service attacks launched by hostile nation states in 2012.

On December 13, 2012 the Financial Services Information Sharing and Analysis Center, which shares information throughout the financial sector about terrorist threats, warned the US financial services industry that a Russian cyber-gangster is preparing to rob American banks and their customers of millions of dollars. According to the computer security firm, McAfee, the cyber criminal, who calls himself the “Thief-in-Law,” already has infected hundreds of computers of unwitting American customers in preparation to steal that bank account data.

Of course not all threats look like they come from the latest 007 flick. On October 12, 2012, the Associated Press reported TD Bank had begun notifying approximately 260,000 customers from Maine to Florida that the company may been affected by a data breach. Company spokeswoman Rebecca Acevedo confirmed to the Associated Press that unencrypted data backup tapes were “misplaced in transport” in March 2012. She said the tapes contained personal information, including account information and security numbers. It is unclear why the bank waited until October to notify customers. Over 46 states now have mandatory notification laws that dictate prompt notification to bank customers of missing or stolen “Personally Identifiable Information.” Failure to make timely notification can, and often does, prompt customer lawsuits and regulatory investigations.

The bottom line: you cannot be a financial institution operating in the 21st Century and not have a cyber risk management plan which includes the purchase of cyber insurance.

The Cyber Insurance Market
With these facts, it is not surprising that the cyber insurance market has grown tremendously from its initial beginning in 2000. Starting with what was the brainchild of AIG and Lloyds of London, the market has grown to over 40 insurance providers. A widely accepted statistic is that the market now produces over $1 billion in premium to insurance carriers on a worldwide basis.

Despite the increasing claim activity, informal discussions with the market continue to indicate that cyber risk is a profitable business. Perhaps, it is for this reason, cyber premium rates are flat to down 5% according to industry reports in the market where rates in property-casualty are generally increasing.

Carriers also see this as an area where there are many non-buyers, and statistics seem to back them up. According to the “Chubb 2012 Public Company Risk Survey: Cyber,” 65% of public companies surveyed do not purchase cyber insurance, yet 63% of decision-makers are concerned about this cyber risk. A risk area with a high level of concern but little purchase of insurance is an insurance broker's dream. In a recent Zurich survey of 152 organizations, only 19% of those surveyed have bought cyber insurance despite the fact that 76% of companies surveyed expressed concern about their information security and privacy.

It is unclear why there aren't more buyers but most of the industry believes it's a lack of education. For example, previous surveys indicated that over 33% of companies incorrectly believe that cyber risk is covered under their general corporate liability policy.

It is then perhaps not surprising that the Betterley 2012 market report stated “we think this market has nowhere to go but up” Although, they quickly qualified, “as long as carriers can still write at a profit.”