The number of foreigners purchasing property in the U.S. surged between March 2016 and March 2017, according to the National Association of Realtors. The association said foreigners bought 284,455 properties, about a third more than a year earlier. And, similar to previous years, a larger percentage of buyers, especially in states like Florida and Arizona, were European citizens. European home buyers who insure their properties through U.S. companies could require those businesses to upgrade their data protection efforts soon.
As of May 25, U.S.-based businesses that have operations in the European Union (EU) or that have customers who are citizens of E.U. nations will have new requirements to meet regarding data protection. This is when the new General Data Protection Regulation (GDPR) takes effect. Any companies not prepared to meet the new regulations that experience a data breach could face massive fines.
GDPR was designed to better protect E.U. citizen data. Standards vary based on where the data originates, but generally any information like name, address, credit card number, etc. is covered. In the domestic U.S., protected data is defined as personally identifying information (PII). As defined by GDPR, for an E.U. citizen it is known as personal data. Failure to protect the PII or personal data to the right standard could bring a hefty bill or, on consistent failure, even an order to cease business in E.U. countries.
Current U.S.-based data privacy regulations require companies to notify customers if a data breach occurs, but in the U.S. there can be a significant time delay between the breach and the notification letter; not so with GDPR. GDPR requires that supervisory authorities be notified within 72 hours, even while a breach is still being investigated. Failure to report within 72 hours could lead to significant fines. Maximum fines could be $26 million, or 4% of global gross revenue, whichever is greater.
Insurance companies selling plans to E.U. citizens purchasing homes, rental properties or commercial properties in the U.S. could be affected by GDPR because they gather personal data on applications and store data on customers. If a hacker is able to breach the insurance company’s systems and gain access to E.U. citizen data, the company would be required to notify GDPR supervisory authorities and prove that it met all GDPR requirements. Failure to cooperate with an investigation or to meet GDPR requirements could lead to fines or worse.
The first step toward compliance for any company is determining the need for and, if necessary, assigning a data protection officer (DPO). A company will be required to have a DPO if it possesses large amounts of data covered by GDPR. The DPO must be available and involved in any events where there is a possibility of a loss of GDPR-covered data. The DPO will be the point person for any GDPR issue with the affected persons and the supervisory authority. Obviously, because the DPO will be instrumental in proving a company’s compliance with GDPR, this individual needs to know the regulations and the company’s security protocols inside and out, backward and forward. If a company is not required to have a DPO, it should still have a plan in place for who it will call if the supervisory authority opens an investigation.
Additionally, any personal data that is lawfully received, stored or processed by a company needs to be encrypted. This means completely encrypted at rest and in transit, complete end-to-end encryption. GDPR does not allow for lenience regarding outdated software or new implementations that are being investigated for deployment.
Companies will also now be required to complete data protection assessments and privacy impact assessments. They will be expected to increase visibility into what level of impact a breach might have for customers and the company, if one occurs. And, all efforts made to comply with GDPR need to be documented so they can be given to a supervisory authority upon request. The best source of information on the regulation requirements is gdpr-info.eu.
Once GDPR takes effect, if a company experiences a breach or is contacted by a GDPR supervisory authority the best course of action is to show an attitude of compliance by offering complete support for the investigation. Then, contact the legal team. It is important to remember that complying with GDPR can be complex. It takes some time to update systems and processes to the level of security required by the new regulations. It can also be costly, and disruptive, but the protection of data is becoming paramount in the new business paradigm. For GDPR, the cost of compliance is geared to be less than the cost of sanctions.
Chances are you have received a letter stating that your personal data may have been compromised. Perhaps you were one of the 80 million people with an Anthem health insurance plan. Maybe you were one of the 21 million current or former employees of the federal government, or you could have been one of the 40 million who shopped at Target. There are countless examples where organizations failed to protect sensitive data and then were required to notify the affected individuals.
These notifications typically reveal how the breach happened, what steps are being taken to prevent another incident and what a company is doing to protect you from identity theft. Most organizations offer some form of credit monitoring and ID theft remediation services. Some states are beginning to mandate at least one year of credit monitoring under certain circumstances.
The Limits of Credit Monitoring
Offering credit monitoring seems to be a necessary post-breach strategy, and the very least a company would do. However, a deeper dive into what it does – and what it does not do – is long overdue.
Credit monitoring immediately notifies an individual that an attempt was made to obtain some form of credit in her name. Credit restoration services are usually offered when identity theft occurs. This is a valuable service that restores a victim’s good credit, saves time and alleviates stress.
Credit monitoring does not prevent identity theft. The only way to prevent an identity thief from accessing a victim’s credit is to either place a 90-day fraud alert on a credit file or freeze credit lines.
Fraud alerts require potential creditors to contact individuals before opening lines of credit. To activate a fraud alert, individuals are required to notify one of the three bureaus (Equifax, Experian or Trans Union) and to repeat the process every 90 days to maintain the fraud alert status.
Freezing credit can be accomplished by contacting all three credit bureaus and requires each one to place a freeze on an individual’s credit file. Each bureau provides a PIN # that can be used to lift the freeze later. There may be a nominal fee based on state of residence, which typically ranges from $5 to $15. Some states may require an additional fee to lift the freeze. A credit freeze may cost less than credit monitoring and identity theft restoration services. In fact, it has been widely reported that the Office of Personnel Management spent $133 million for three years’ credit monitoring for the 21 million individuals affected by their 2015 data breach.
Legal Ramifications of Offering Credit Monitoring
Offering credit monitoring can cost an organization even more than the dollars spent. In Remijas v. Neiman Marcus, the plaintiffs alleged that 350,000 payment cards were affected when hackers gained access to Neiman Marcus networks. Even though a small fraction of the cards were affected by fraudulent activity, the Seventh Circuit Court of Appeals granted the plaintiffs legal standing, allowing the class action to proceed, because card holders had a legitimate fear of future identity theft. Because Neiman Marcus offered credit monitoring to the card holders after the breach, the court concluded that it was conceding that future identity theft was entirely possible.
The state regulatory environment, coupled with recent appellate
court decisions, leaves organizations in a difficult position. States
are beginning to require credit monitoring following a data breach. Organizations that do not offer credit monitoring face scrutiny by attorneys general, potential fines for non-compliance and a public relations fiasco. Yet those that offer credit monitoring will incur significant costs and, as evidenced in Remijas v. Neiman Marcus, may actually hurt their defense in a class action lawsuit.
A Better Way to Protect Your Identity
A more rational approach is needed to identity protection. Organizations and state regulators reacting to data breaches involving sensitive data elements need to address ways to prevent identity theft. As of this writing, organizations cannot legally freeze a consumer’s credit for him, and have little means to prevent identity theft on his behalf. However, with the full support of state officials, a more efficient process to freeze credit can better protect identities and mitigate costs.
Five years ago, a cyber-attack on your organization would likely have been a quick one-two punch to compromise your firewalls and obtain your customers’ personal data. As the risk manager, you would have been informed of the breach by IT staff, determined the severity of the incident and given an account to the company’s compliance staff.
Fast forward to today. An attack takes a subsidiary’s corporate network offline and threatens the entire firm’s email system. Critical product formulas or sales data may have been stolen. You are called to not only provide a report of the incident to the chief information security officer but also to the CFO and CEO. The media and shareholders are clamoring to know how it happened, and the board wants to know how you plan to prevent another one.
Prepared or not, your role has changed as cyber criminals have grown more sophisticated – and more menacing. You can no longer simply react to cyber events. You are a crucial member of cybersecurity task forces and cyber risk strategy teams and are increasingly relied on by the most senior corporate leadership.
You’re probably routinely called to be part of the team that develops best practices for assessing, managing and responding to cyber events, on top of ensuring that effective cyber insurance or other risk transfer mechanisms are in place. As regulators, shareholders, customers and others hold senior corporate leadership accountable for cybersecurity, you have to be diligent in identifying, analyzing and anticipating all of your organization’s risk exposures.
Four Steps to Cyber Risk Management
To help meet the increasingly difficult and complex challenge of cyber risk management, start with these four tactics:
Create an operational risk working group around cyber that includes IT, information security, legal and others. As a risk manager, you’re probably uniquely positioned – for example, through risk committees – to pull together a cross section of key stakeholders around an issue such as cybersecurity.
Quantify, as much as possible, the costs of a cyber event across all business units. Consider using analysis and assessment tools that quantify impacts by business, sector and other areas.
Communicate the potential impact of risks to various stakeholders inside the organization as well as to third-party vendors.
Deliver the cyber risk management strategy to the chief information officer or the C-suite/board in a timely manner – and be accountable for maintaining and amending the plan as required.
Heightened awareness of cyber events has enabled risk executives to play an ever-more critical role in their organization’s cybersecurity strategy, but only with the right risk management tools can you truly succeed.
This article is part of a series that discusses cyber awareness among key stakeholders. For access to the other cyber articles, please click here.
This is the last in a series of three articles. The first is here. The second is here.
From the impact of analytics, digitization and more exacting customer expectations to the disruptive effect of regulation, geopolitical instability and two-speed global economic growth, the insurance marketplace will look very different in 2020. With the industry at a tipping point, the future belongs to businesses that can make sense of the gathering transformation and act strategically rather than simply reacting to events.
While some of the drivers of change in the insurance industry are common to all business lines, we believe that the impact will be seen in different ways and occur at different speeds. So what are the implications for each key insurance segment and how can businesses capitalize on them?
Property and casualty personal lines
A combination of automated underwriting and competition from aggregators and new entrants will drive down prices and accelerate the commoditization of motor, property and other core business lines. At the same time, new opportunities will continue to open up through new information-based models, both within traditional areas of insurance coverage and new fields, such as maintenance and concierge services. This “home intelligence” could pave the way for a broader range of concierge services built around a combination of customer knowledge and sensor technology.
Some customers might go further by giving the insurer – or information company, which might be a better description for this evolving business model – access to much of their personal data, which the company would use to tender for a range of personalized services on customers’ behalf.
Pressure on costs will make agency channels less economically viable and could lead to digital becoming increasingly dominant. But there will continue to be a strong role for agents in helping people to understand and manage what can often be complex protection needs. People may own more but have less time to manage the risks, be this damage, theft or breakdown, making the agent a valuable partner.
Opportunities for partnerships exist with travel companies and motor manufacturers, with insurance forming part of a bundled service. However, such partnerships could limit the insurer’s opportunities to build customer relationships and take advantage of policyholder data.
Data from car and equipment diagnostics, along with user behavior, will be exchanged with manufacturers and repairers, breaking down commercial boundaries and opening up further opportunities in design and maintenance. Further instances of this new ecosystem of information and assets include the integration of home sensor data with utilities’ and emergency services’ systems.
We estimate that the reduction in accident, personal injury and other auto-related claims as advanced driver assistance systems (ADAS) technology becomes more widespread could reduce annual auto insurance losses in a developed market such as the U.S. by at least 10% by 2025. But the risk and claims profile would be more complex as the driver switches between self-driving (and hence driver liability) on the one side and ADAS driving (and hence product liability) on the other. While there are regulatory prohibitions on autonomous driving at present, it may eventually not just be permitted in many countries, but even be obligatory, especially in high-risk situations.
Revenue models will shift from premiums to premiums plus subscriptions in offerings such as maintenance, prevention and vehicle management.
As the risk environment and client demands continue to evolve, commercial lines insurers have considerable growth opportunities in areas such as cyber risk and supply chain risk. Holistic analyses open the way for broader risk prevention and mitigation discussions with both agents and policyholders.
Alternative risk transfer will continue to develop and expand, moving beyond catastrophe into areas such as cyber and supply chain risk.
Advanced analytics that help to quantify exposure change patterns could help to mitigate the frequency of accidents, business interruption and other losses.
Given the potential for sharply rising losses and ever more complex loss drivers, there will be a growing need for coordinated risk management solutions that bring together a range of stakeholders, including corporations, insurance/reinsurance companies, capital markets and policymakers across the globe. For some of these risks, such as cyber risk, some form of risk facilitator, possibly the broker, will be needed to bring the parties together and lead the development of effective solutions.
Life, annuities and pensions
The focus of life coverage will shift from life benefits to promoting well-being and quality of life. This new model will combine digital data and partnerships with gyms, diet and fitness advisers and healthcare providers. Well-being benefits are likely to appeal to typically affluent segments that tend to focus on staying fit and healthy, including both younger and active older customers. For a sector that has had significant challenges attracting young, single, healthy individuals, this represents a great opportunity to expand the life market, as well as attract older customers who normally would think it is too late for them to purchase life products.
Advanced analytics will enhance the precision, customization and flexibility of financial planning and risk protection, paving the way for solutions that easily adapt to life changes and stretch beyond insurance to cover a comprehensive range of financial needs.
Sensor technology will lead to increasing integration between insurers and healthcare providers, marked by information exchange, better understanding of risks and costs and the potential to not only make cover for people with pre-existing conditions more accessible but also improve health and prolong life.
Life coverage will shift to shorter-term contracts. At present, typical life insurance contracts are for the long term. However, this is a deterrent to most customers today. Moreover, behavioral economics shows us that individuals are not particularly good at making long-term saving decisions, especially when there may be a high cost (i.e. surrender charges) to recover from a mistake. Therefore, individuals tend to delay purchasing or rationalize not having life insurance at all. With well-being benefits, contract durations can be much shorter – even only one year.
To help dramatize how the different markets may look, here are three possible scenarios:
Scenario One: Property and Casualty in 2025
All-’round prevention and protection
“I got a text in the morning saying there’s a potential fault with the boiler. But by the time I got home it was fixed,” says Akil Badem from Istanbul. “I don’t worry about breakdowns anymore, because I know that my insurer will have it all sorted out.”
Akil’s boiler, security and other home equipment are all connected to automated sensors that optimize performance and minimize fuel usage. The connected devices can also detect potential faults and, if they can’t be put right automatically, alert the nearest repair and maintenance team. No more breakdowns, no more waiting. The comprehensive coverage provided by market leader, There When You Need It, also takes care of all Akil’s transport requirements, including best-price bus and rail fares, a car when he needs one and insurance that automatically adjusts to how far he travels, his speed, the road type and other risks, and whether he or the automated driving system is in control of the car. “It’s just so easy. A couple of clicks on my mobile, and it’s all up and running. I can’t believe how people got along before,” he says.
Grace Nkomo, CEO of There When You Need It, says, “In 2015, we saw that everything was changing in our marketplace, be this how auto insurance is underwritten or the possibilities opened up by the Internet of Things. We knew that if we use the technology to change how we connect with and serve our customers, we could create an early-mover advantage that we’ve maintained ever since.”
Scenario Two: Life, Annuities and Pensions in 2025
Fit for the future
“I’ve never felt better,” says Karen O’Neil from Seattle. “Every time I go to the gym, the cost of my health insurance and life coverage comes down. My insurance company even got me a great deal on trainers.”
Karen’s lifestyle, health and financial planning coverage is designed to make it easier to stay healthy, manage her finances and plan for the future. A wearable sensor monitors key aspects of her health and alerts her to fitness advice and any medical issues that need following up. The healthcare and life insurance package includes tie-ups with gyms, well-being counselors and sports-wear providers, putting the emphasis on how to stay fit and healthy, as well as medical and life benefits when they’re needed. There is also a savings plan that puts aside any money left over from the rent, food and other spending and automatically adjusts investments to market movements and Karen’s investment goals. “At 29, I thought that these kind of schemes were for people a lot older and wealthier than me,” Karen says. “But my personalized package helps me to feel good now – and I know I can adjust as my needs change.”
Scenario Three: Commercial Insurance in 2025
Advanced risk detection averts cyber attack
Remote monitoring centers operated by a major insurance company have thwarted a coordinated attack on a retail group’s online network. Cyber gangs were planning to bring down the group’s server and then hack into the accounts of its millions of customers. The insurance company’s monitoring centers were able to not only detect the breaches but protect the server from damage and ensure business carried on as usual.
The cyber protection forms part of a comprehensive “business as usual” risk management package, which automatically anticipates and responds to any problems in supply, customer service and reputational integrity. The service is designed to zero in on any threats and take preemptive action. Advanced risk evaluation and pricing analytics enable the insurer to take account of multiple existing and emerging risk factors and determine a dynamic price based on the cost of reducing and mitigating the risks, as well as transferring the risks in alternative markets. Monitors continuously track real-time events (e.g. geo- political, technology, environmental and social events) around the world to build an accurate and evolving qualitative profile of the exposures facing clients and how they can be managed.
How to Design Your Strategy to Face the Future
For many – if not most – insurers, this changing market is likely to require a significant change in products and the redesign of long-established business models. This will not be easy. It’s important to develop a clear vision of where and how the business intends to compete.
For some, it could include a wholly new value proposition. For life insurers, this could include a broader and more compelling offering built around quality of life and well-being on the one hand and the targeting of untapped segments on the other. For P&C companies, this could include assessing opportunities to enhance data and risk monitoring and looking at how this information could apply to a broader range of risk-prevention and protection needs.
Having established strategic intent, it’s important to determine how to target individuals through different messages and channels, simplify product design and re-engineer distribution and product economics. Further considerations include how to reshape the underwriting process to capitalize on new analytics and sensor information, as well as steps to make the sales and policy administration process more straightforward and real-time.
Such is the speed of market developments that it’s virtually impossible to predict what customer demand will look like in a few years’ time. Old approaches to strategic planning and execution may be too slow to keep up with the pace of change. Instead, we propose a four-step LITE (Learn-Insight-Test-Enhance) approach to marketing, distribution, product design, new business, operations and servicing.
Learn your target segments’ needs
Build the models that can provide insight into customer needs
Test innovations with pilots to see whether they resonate with customers and refine the value proposition
Enhance and roll out the new value proposition for specific segments
Using this approach, developments that would have taken years can be brought to market in a matter of months, if not weeks, and then assessed, adapted, and discarded/expanded to meet changing market needs. The result will be a much faster and more responsive business, capable of keeping pace with customer demands and capitalizing on unfolding commercial opportunities.
In conclusion, the future should be bright for insurers. They have opportunities to engage more closely and become a much more valued and intrinsic part of people’s lives, be they individuals, families or businesses. Insurers will have more information upon which to base smart solutions and serve a broader range of needs.
The challenge is how to make sure insurers capitalize, as the marketplace will be much more open and potentially less loyal.
For the full report from which this article is excerpted, click here.
This is the second in a series of three articles. The first is here.
With the entire insurance industry at a tipping point, where many of the winners and losers will be determined in the next five to 10 years, it’s important to think through all the key strategic factors that will determine those outcomes. Those factors are what we call STEEP: social, technological, environmental, economic and political.
In this article, we’ll take a look at all five.
Social: The Power of Connections
The shifts in customer expectations present challenges for life insurers, many of which are caught in a product trap in which excessive complexity reduces transparency and increases the need for advisers. This creates higher distribution costs.
A possible solution lies in models that shift the emphasis from life benefits to promoting health, well-being and quality of life. In a foretaste of developments ahead, a large Asian life insurer has shifted its primary mission from insurance to helping people lead healthier lives. This is transforming the way the company engages with its customers. Crucially, it’s also giving a renewed sense of purpose and value to the group’s employees and distributors.
Further developments that could benefit both insurers and customers include knowledge sharing among policyholders. One insurer enables customers to share their health data online to help bring people with similar conditions together and help the company build services for their needs. Similarly, a DNA analysis company provides insights on individual conditions and creates online communities to pool the personal data of consenting contributors to support genetic studies.
A comparable shift in business models can be seen in the development of pay-as-you-drive coverage within the P&C sector. In South Africa, where this model is well advanced, insurers are realizing higher policyholder retention and lower claims costs.
This kind of monitoring is now expanding to home and commercial equipment. These developments are paving the way for a move beyond warranty or property insurance to an all-’round care, repair and protection service. These offerings move the client engagement from an annual transaction to something that’s embedded in their everyday lives. Agents could play an important role in helping to design aggregate protection and servicing.
In banking, we’ve seen rapid growth in peer-to-peer lending; the equivalent in insurance are the affinity groups that are looking to exercise their buying power, pool resources and even self-insure. While most of the schemes cover property, the growth in carpooling could see them play an increasing role within auto insurance.
Technological: Shaping the Organization Around Information Advantage
More than 70% of insurance participants in our 2014 Data and Analytics Survey say that big data or analytics have changed the way they make decisions. But many insurers still lack the vision and organizational integration to make the most of these capabilities. Nearly 40% of the participants in the survey see “limited direct benefit to my kind of role” from this analysis, and more than 30% believe that senior management lacks the necessary skills to make full use of the information.
The latest generation of models is able to analyze personal, social and behavioral data to gauge immediate demands, risk preferences, the impact of life changes and longer-term aspirations. If we look at pension planning, these capabilities can be part of an interactive offering for customers that would enable them to better understand and balance the financial trade-offs between how much they want to live off now and their desired standard of living when they retire. In turn, the capabilities could eliminate product boundaries as digital insights, along with possible agent input, provide the basis for customized solutions that draw together mortgages, life coverage, investment management, pensions, equity release, tax and inheritance planning. Once the plan is up and running, there could be automatic adjustments to changes in income, etc.
Reactive to preventative
The increasing use of sensors and connected devices as part of the Internet of Things offers ever more real-time and predictive data, which has the potential to move underwriting from “what has happened” to “what could happen” and hence more effective preemption of risks and losses. This in turn could open up opportunities for insurers to gravitate from reactive claims payer to preventative risk adviser.
As in many other industries, the next frontier for insurers is to move from predictive to prescriptive analytics (see Figure 2). Prescriptive analysis would help insurers to anticipate not only what will happen, but also when and why, so they are in a better position to prevent or mitigate adverse events. Insurers could also use prescriptive analytics to improve the sales conversion ratio in automated insurance underwriting by continually adjusting price and coverage based on predicted take-up and actual deviations from it. Extensions of these techniques can be used to model the interaction between different risks to better understand why adverse events can occur, and hence how to develop more effective safeguards.
Environmental: Reshaping Catastrophe Risks and Insured Values
Catastrophe losses have soared since the 1970s. While 2014 had the largest number of events over the course of the past 30 years, losses and fatalities were actually below average. Globally, the use of technology, availability of data and ability to locate and respond to disaster in near real-time is helping to manage losses and save lives, though there are predictions that potential economic losses will be 160% higher in 2030 than they were in 1980.
Shifts in global production and supply are leading to a sharp rise in value at risk (VaR) in under-insured territories; the $12 billion of losses from the Thai floods of 2011 exemplify this. A 2013 report by the UN International Strategy for Disaster Reduction (UNISDR) and PwC concluded that multinationals’ dependencies on unstable international supply chains now pose a systemic risk to “business as usual.”
Environmental measures to mitigate risk
Moves to mitigate catastrophe risks and control losses are increasing. Organizations, governments and UN bodies are working more closely to share information on the impact of disaster risk. Examples include R!SE, a joint UN-PwC initiative, which looks at how to embed disaster risk management into corporate strategy and investment decisions.
Governments also are starting to develop plans and policies for addressing climatic instability, though for the most part policy actions remain unpredictable, inconsistent and reactive.
Developments in risk modeling
A new generation of catastrophe models is ushering in a transformational expansion in both geographical breadth and underwriting applications. Until recently, cat models primarily concentrated on developed market peak zones (such as Florida windstorm). As the unexpectedly high insurance losses from the 2010 Chilean earthquake and the 2011 Thai floods highlight, this narrow focus has failed to take account of the surge in production and asset values in fast-growth SAAAME markets (South America, Africa, Asia and the Middle East). The new models cover many of these previously non-modeled zones.
The other big difference for insurers is their newfound ability to plug different analytics into a single platform. This offers the advantages of being able to understand where there may be pockets of untapped capacity or, conversely, hazardous concentrations. The result is much more closely targeted risk selection and pricing.
The challenge is how to build these models into the running of the business. Cat modeling has traditionally been the preserve of a small, specialized team. The new capabilities are supposed to be easier to use and hence open to a much wider array of business, IT and analytical teams. It’s important to determine the kind of talent needed to make best use of these systems, as well as how they will change the way underwriting decisions are made.
Emerging developments include new monitoring and detection systems, which draw on multiple fixed and drone sensors.
Challenges for evaluating and pricing risk
Beyond catastrophe risks are disruptions to asset/insured values resulting from constraints on water, land and other previously under-evaluated risk factors. There are already examples of industrial plants that have had to close because of limited access to water.
Economic: Adapting to a Multipolar World
Struggling to sustain margins
The challenging economic climate has held back discretionary spending on life, annuities and pensions, with the impact being compounded by low interest rates and the resulting difficulties in sustaining competitive returns for policyholders. The keys to sustaining margins are likely to be simple, low-cost, digitally distributed products for the mass market and use of the latest risk analytics to help offer guarantees at competitive prices.
The challenges facing P&C insurers center on low investment returns and a softening market. Opportunities to seek out new customers and boost revenues include strategic alliances. Examples could include affinity groups, manufacturers or major retailers. A further possibility is that one of the telecoms or Internet giants will want a tie-up with an insurer to help it move into the market.
More than 30% of insurance CEOs now see alliances as an opportunity to strengthen innovation. Examples include the partnership between a leading global reinsurer and software group, which aims to provide more advanced cyber risk protection for corporations.
Surprisingly, only 10% of insurance CEOs are looking to partner with start- ups, even though such alliances could provide valuable access to the new ideas and technologies they need.
Growth in SAAAME insurance markets will continue to vary. Slowing growth in some major markets, notably Brazil, could hold back expansion. In others, notably India, we are actually seeing a decline in life, annuity and pension take-up as a result of the curbs on commissions for unit-linked insurance plans (ULIP). Further development in capital markets will be necessary to encourage savers to switch their deposits to insurance products.
As the reliance on agency channels adds to costs, there are valuable opportunities to offer cost- effective digital distribution. Successful models of inclusion include an Indian national health insurance program, which is aimed at poorer households and operates through a public/private partnership. More than 30 million households have taken up the smart cards that provide them with access to hospital treatment.
The already strong growth (10% a year) in micro-insurance is also set to increase, drawing on models developed within micro-credit. The challenge for insurers is the need to make products that are sufficiently affordable and comprehensible to consumers who have little or no familiarity with the concept of insurance.
Rather than waiting for a market-wide alignment of data and pricing, some insurers have moved people onto the ground to build up the necessary data sets, often working in partnership with governments, regional and local development authorities and banks and local business groups.
The urban/rural divide may actually be more relevant to growth opportunities ahead than the emerging/developed market divide. In 1800, barely one in 50 people lived in cities. By 2009, urban dwellers had become a majority of the global population for the first time. Now, every week, 1.5 million people are added to the urban population, the bulk of them in SAAAME markets.
Cities are the main engines of the global economy, with 50% of global GDP generated in the world’s 300 largest metropolitan areas. The result is more wealth to protect. Infrastructure development alone will generate an estimated $68 billion in premium income between now and 2030. Urban citizens will be more likely to be exposed to insurance products and have access to them. Urbanization is also likely to increase purchases of life, annuities and pensions’ products, as people migrating into cities have to make individual provision for the future rather than relying on extended family support.
Yet as the size and number of mega-metropolises grow, so does the concentration of risk. Key areas of exposure go beyond property and catastrophe coverage to include the impact of air pollution and poor water quality and sanitation on health.
A Lloyd’s report comparing the level of insurance penetration and natural catastrophe losses in countries around the world found that 17 fast-growth markets had an annualized insurance deficit of $168 billion, creating threats to sustained economic growth and the ability to recover from disasters.
Political: Harmonization, Standardization and Globalization of the Insurance Market
Government in the tent
At a time when all financial services businesses face considerable scrutiny, strengthening the social mandate through closer alignment with government goals could give insurers greater freedom. Insurers also could be in a stronger position to attract quality talent at a time when many of the brightest candidates are looking for more meaning from their chosen careers.
Government and insurers can join forces in the development of effective retirement and healthcare solutions (although there are risks). Further opportunities include a risk partnership approach to managing exposures that neither insurers nor governments have either the depth of data or financial resources to cover on their own, notably cyber, terrorism and catastrophe risks.
Impact of regulation
Insurers have never had to deal with an all-encompassing set of global prudential regulations comparable to the Basel Accords governing banks. But this is what the Financial Stability Board (FSB) and its sponsors in the G20 now want to see as the baseline requirements for not just the global insurers designated as systemically risky, but also a tier of internationally active insurance groups.
The G20’s focus on insurance regulation highlights the heightened politicization of financial services. Governments want to make sure that taxpayers no longer have to bail out failing financial institutions. The result is an overhaul of capital requirements in many parts of the world and a new basic capital requirement for G-SIIs. The other game-changing development is the emergence of a new breed of cross-state/cross-border regulator, which has been set up to strengthen co-ordination of supervision, crisis management and other key topics. These include the European Insurance and Occupational Pensions Authority (EIOPA) and the Federal Insurance Office (FIO) in the U.S.
Dealing with these developments requires a mechanism capable of looking beyond basic operational compliance at how new regulation will affect the strategy and structure of the organization and using this assessment to develop a clear and coherent company-wide response.
Technology will allow risk to be analyzed in real time, and predictive models would enable supervisors to identify and home in on areas in need of intervention. Regulators would also be able to tap into the surge in data and analysis within supervised organizations, creating the foundations for machine-to-machine regulation.
A more unstable world
From the crisis in Ukraine to the rise of ISIS, instability is a fact of life. Pressure on land and water, as well as oil and minerals, is intensifying competition for strategic resources and potentially bringing states into conflict. The ways these disputes are playing out is also impinging on corporations to an ever-greater extent, be this trade sanctions or state-directed cyber-attacks.
Businesses, governments and individuals also need to understand the potential causes of conflict and their ramifications and develop appropriate contingency planning and response. At the very least, insurers should seek to model these threats and bring them into their overall risk evaluations. For some, this will be an important element of their growing role as risk advisers and mitigators. Investment firms are beginning to hire ex-intelligence and military figures as advisers or calling in dedicated political consultancies as part of their strategic planning. More insurers are likely to follow suit.
The final article in this series will look at scenarios that could play out for insurers and will lay out a way to formulate an effective strategy. If you want a copy of the report from which these articles are excerpted, click here.